Privacy policy for www.true-rebel-store.com
1. Collection and Use of Personal Data
1.1. This privacy policy informs you about the collection of personal data when you use our website. Personal data means any information that identifies you or can be used to identify you, e.g. name, address, e-mail addresses, user behaviour.
1.2. The controller pursuant to Article 4 (7) General Data Protection Regulation (GDPR) is
True Rebel GmbH, Bergstraße 193, 22767 Hamburg
Tel.: 0176 / 626 00 196
E-Mail: info@true-rebel-store.com
Website: www.true-rebel-store.com
1.3. If, to provide individual functions of our offer, we make use of any contracted service providers or if we wish to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also specify criteria for how long we store your data.
2. Your rights
2.1. You are entitled to the following rights towards us regarding your personal data:
- Right to information,
- Right to rectification or deletion,
- Right to restriction of processing,
- Right to object to the processing,
- Right to data portability.
2.2. To exercise your rights, you can contact us at datenschutz@true-rebel-store.com or by us-ing the above contact details.
2.3. You also have the right to complain to the data protection supervisory authorities about our processing of your personal data.
3. Objection against the processing of your data or withdrawal of consent
3.1. If you have consented to the processing of your data, you may withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
3.2. Where we base the processing of your personal data on the balancing of interests, you may object to such processing. This is the case if said processing is not required for fulfilling a contract to which you are a party, but for other purposes, details of which we will provide in the description of those processes below. When exercising such an objection, we ask you to give the reasons why we should not process your personal data in the manner we intend. In the event of your justified objection, we will examine the situation and either cease to process your data, or adjust data processing, or point out to you our compelling legitimate grounds for continuing to process your data.
4. Collection of personal data when you visit our website
4.1. When you visit our website for information purposes only, i.e. if you do not register or otherwise provide information to us, we only collect the personal data that your browser transmits to our server. When you visit our website we will collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (the legal basis being Article 6(1) 1 lit. f GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Website transmitting the request
- Websites accessed by the user's system via our website
- Bytes downloaded
- Browser
- Operating system and interface
- Language and version of the browser software.
4.2. The above data will, incl only a shortened version of your IP address, be stored in a socalled log file for the duration of 7 days. We will then limit the processing, and finally delete the data after 4 weeks.
4.3. In addition to the aforementioned data, cookies are stored on your computer when you visit our website. Cookies are small text files that your browser stores on your hard drive which transmit certain information back to the party that has set the cookie (in this case, us). Cookies cannot run programs or transfer viruses to your computer. They are widely used in order to make websites function properly as well as to make them more user-friendly and effective.
4.4. Use of cookies:
4.4.1. Generally there are the following types of cookies, the scope and functionality of which are explained below:
- Transient cookies (see 4.4.2)
- Persistent cookies (see 4.4.3).
4.4.2. Transient cookies are automatically deleted when you close your browser. They include, in particular, session cookies. They store a so-called session ID, which allows separate requests of your browser to be assigned to the same session. This will enable us to recoginse your computer when you return to our website. Session cookies also include the cookies that we use to ensure the correct display of our website on the device used by you. Session cookies will be deleted when you log out or close the browser.
4.4.3. Persistent cookies will automatically be deleted after a specified period of time, which may vary depending on the cookie. You may delete cookies at any time in the security settings of your browser.
4.4.4. This website uses the following cookies:
- „JTLSHOP“. We use this cookie to keep track of your order information (items, quantities, payment method, shipping options, etc.) for the duration of your pur-chase in our online store. The legal basis for this is Article 6 (1) 1 lit. b GDPR, as it serves the processing of your order or the initiation of pre-contractual measures.
4.4.5. You can set your browser to refuse all or some browser cookies, or to alert you when web-sites set or access cookies. However, if you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
5. Use of our web shop
5.1. If you would like to order in our web shop, we will require such personal data as is necessary for the completion of your order and thus the conclusion of our contract with you. Mandatory information required for the execution of this contract is marked separately, any further information may be provided voluntarily. Specifically, we collect the following data:
- Last name
- First name
- Address
- Country
- Invoice data
- Delivery data
- Payment details
- Company name (optional)
- State (optional)
- Password (optional)
5.2. We will process the data provided by you to fulfil your order, the legal basis for this being Article 6 (1) 1 lit. b GDPR.
5.3. We may also process the information you provide to inform you about other interesting products we offer or to send you e-mails containing technical information.
5.4. We are obliged by legal commercial and tax regulations to store your address, payment and order details for a period of ten years. However, after two years we will restrict processing, i.e. your data will only be used to comply with our legal obligations.
5.5. To prevent unauthorized access to your personal data by any third party, especially your financial data, the order process will be encrypted using TLS technology.
6. Recipients of your data / categories of recipients
6.1. In connection with the above processing of your data, we will use service providers for shipment. The data required for the fulfillment of the contract will be passed on to these service pro-viders for this purpose only.
6.2. We use third party payment processors Paypal and Sofort GmbH (Klarna Group). After your order, you will be forwarded to your chosen payment processor so that you may make your payment from there.
6.3. Alternatively, you may choose advance payment, in which case you do not need to enter any further payment data.
6.4. The legal basis for the transferral of your data is Article 6 (1) 1 lit. b GDPR.
7. Creating a customer account
7.1. You may create an optional customer account to allow us to store your data for future pur-chases. To create a customer account, you must choose a password and enter it in addition to your name and e-mail address. We strongly advise you to keep your password safe and protect it against unauthorized access by third parties. Upon creation of an account during your purchase in our web shop, the data provided by you will be revocably stored on our server. You can also view and change your personal data stored in your customer account at any time and use the "Wish list" function to save items for later purchases.
7.2. The legal basis for the processing of your data is Article 6 (1) 1 lit. b GDPR, because you make the data available within the framework of a contractual relationship or for the initiation of such a relationship.
7.3. You may ask us to delete your account at any time by sending us an e-mail to info@true-rebel-store.com. Your data will be stored until the deletion of your user account.
8. Contacting us through the contact form or via e-mail
8.1. When you contact us by e-mail, we will store the data you provide (your e-mail address and - where applicable - your name, telephone number and your message) in order to answer your query. Once storage is no longer necessary, we will delete all data collected with regard to your query or we will restrict its processing if statutory retention obligations exist.
8.2. We process this data to respond to your request. Said processing is based on a contractual basis (Article 6 (1)1 lit. b GDPR) where this relates to questions regarding your purchase of our products. With regards to general customer service and answering your queries, said processing takes place for the purposes of our legitimate interests (Article 6 (1)1 1 lit. f GDPR), as it enables us to provide you with satisfactory customer service.
9. Google Fonts
9.1. This website uses Google Fonts in order to integrate fonts. Google Fonts is a service pro-vided by Google Ireland Limited, Gordon House, Barrow Street, Dublin D04 E5W5, Ireland. To dis-play our site, Google servers are called up, namely fonts.googleapis.com and fonts.gstatic.com. In order to display those fonts on our site as quickly and efficiently as possible, such requests are stored by Google resulting in fonts and preferences being cached by your browser. The use of Google Web Fonts follows from our interest in a uniform and appealing online presentation of our services. This represents a legitimate interest within the scope of Article 6 (1) 1 lit. f GDPR. With regard to the transfer of personal data to the US, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. More information about Google Fonts and privacy can be found here:
https://developers.google.com/fonts/faq#what_does_using_the_google_fonts_api_mean_for_the_privacy_of_my_users.
10. Google ReCaptcha
10.1. We use the Google service ReCaptcha to ensure sufficient data security during the trans-mission of forms. This is mainly to determine whether the entry is made by a natural person. ReCap-tcha is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, IrEland. In this respect, servers are called-up by Google. The use of Google ReCaptcha is in the interest of data security during the transmission of forms. This represents a legitimate interest within the meaning of Article 6 (1) 1 lit. f GDPR. With regard to the transfer of personal data to the USA, Google has sub-mitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. For more information about Google's privacy policy, please visit
http://www.google.de/intl/de/privacy or https://www.google.com/intl/de/policies/privacy/.
Here you will also find further information on your rights in this regard and settings you may make to protect your privacy.
10.2. Instagram is part of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. With regard to the transfer of personal data to the US, Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
11. Social Media Profiles
11.1. We maintain a company profile on the following social networks and platforms: Facebook, Instagram, Twitter, YouTube. We maintain these profiles in order to communicate with our custom-ers, users and interested parties and in order to provide further information about our products and activities. In the case of any messages or contributions we receive on these profiles, we will process your data to enable us to communicate with you. This is a legitimate interest; the legal basis is Arti-cle 6 (1) 1 lit f GDPR. No further storage of this communication takes place outside of these net-works on our part. The terms and conditions of the platform operators apply. Regarding the purpose and scope of said data collection and further processing and use of this data by the operators of these social platforms, as well as your rights and optional settings with regard to the protection of your privacy, please refer to the respective privacy statements:
https://www.facebook.com/about/privacy
https://twitter.com/en/privacy
https://help.instagram.com/519522125107875?helpref=page_content
https://policies.google.com/privacy?hl=en
Hamburg, 16.09.2019