Privacy policy | Lecksteine Shop

Privacy policy


1. General information and principles of data processing

We are pleased that you are visiting our website. The protection of your privacy and the protection of your personal data, the so-called personal data, when using our website is an important concern for us.

According to Art. 4 No. 1 DS-GVO, personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your first and last name, your address, your telephone number, your e-mail address, but also your IP address.

Data for which no reference to your person can be established, such as through anonymization, is not personal data. Processing (e.g. collecting, storing, reading, querying, using, transmitting, deleting or destroying) according to Art. 4 No. 2 DS-GVO always requires a legal basis or your consent. Processed personal data must be deleted as soon as the purpose of the processing has been achieved and there are no longer any legally required retention obligations to uphold.

Here you will find information on how we handle your personal data when you visit our website. In order to provide the functions and services of our website, it is necessary for us to collect personal data about you.

We also explain to you the type and scope of the respective data processing, the purpose and the corresponding legal basis and the respective storage period.

 

This privacy policy only applies to this website. It does not apply to other websites to which we merely refer by means of a hyperlink. We cannot accept any responsibility for the confidential handling of your personal data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please inform yourself about the handling of your personal data by these companies directly on these websites.

 

2. Responsible body

Responsible for the processing of personal data on this website is (see imprint):

 

3. provision and use of the website/ server log files.

a) Type and scope of data processing   

If you use this website without transmitting data to us in any other way (e.g. by registering or using the contact form), we collect via server log files technically necessary data that is automatically transmitted to our server, including:

  • IP address
  • Date and time of the request
  • Name and URL of the file accessed
  • Website from which the access was made (referrer URL)
  • Access status/HTTP status code
  • Browser type
  • Language and version of browser software
  • Operating system

b) Purpose and legal basis

This processing is technically necessary in order to display our website to you. We also use the data to ensure the security and stability of our website.

The legal basis for this processing is Art. 6 para. 1 lit. f) DS-GVO. The processing of the aforementioned data is necessary for the provision of a website and thus serves to protect a legitimate interest of our company.       

c) Storage period

As soon as the aforementioned personal data is no longer required to display the website, it will be deleted. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user with regard to this aspect. Further storage may take place in individual cases if this is required by law.

 

4. Use of cookies

a) Type, scope and purpose of data processing

We use cookies. Cookies are small files that are sent by us to the browser of your terminal device during your visit to our website and stored there.

Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies, on the other hand, enable us to perform various analyses. For example, some cookies can recognize the browser you are using when you visit our website again and transmit various information to us. We use cookies to facilitate and improve the use of our website. Among other things, cookies enable us to make our website more user-friendly and effective for you by, for example, tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. However, cookies do not cause any damage to your end device. They cannot execute programs or contain viruses. Various types of cookies are used on our website, the type and function of which are explained below.

Temporary cookies/ session cookies

So-called temporary cookies or session cookies are used on our website, which are automatically deleted as soon as you close your browser. This type of cookie makes it possible to record your session ID. This makes it possible to assign various requests from your browser to a common session and to recognize your terminal device during subsequent visits to the website.

Permanent cookies

So-called permanent cookies are used on our website. Permanent cookies are cookies that are stored in your browser for a longer period of time and can transmit information. The respective storage period differs depending on the cookie. You can delete permanent cookies independently via your browser settings.

Third-party cookies

We use analytical cookies to monitor anonymized user behavior on our website.

In addition, we use advertising cookies. These cookies allow us to track user behavior for advertising and targeted marketing purposes.

Social media cookies allow us to connect to your social networks and share content from our website within your networks.

Browser settings configuration

Most web browsers are preset to automatically accept cookies. However, you can configure your respective browser to only accept certain cookies or not to accept cookies at all. However, we would like to point out that you may then no longer be able to use all the functions of our website.

You can also delete cookies already stored in your browser via your browser settings. Furthermore, it is possible to set your browser to notify you before cookies are stored. Since the various browsers can differ in their respective modes of operation, we ask you to use the respective help menu of your browser for the corresponding configuration options.

The deactivation of the use of cookies may require the storage of a permanent cookie on your computer. If you subsequently delete this cookie, you will have to deactivate it again.

b) Legal basis

Based on the purposes described, the legal basis for the processing of personal data using cookies is Art. 6 (1) lit. f) DS-GVO. If you have given us your consent to the use of cookies on the basis of a notice ("cookie banner") issued by us on the website, the legal basis is additionally Art. 6 (1) lit. a) DS-GVO.

c) Storage period

As soon as the data transmitted to us via the cookies is no longer required for the purposes described above, this information is deleted. Further storage may take place in individual cases if this is required by law.

 

5. Data collection for the implementation of pre-contractual measures and for contract performance

a) Type and scope of data processing

In the pre-contractual area and upon conclusion of the contract, we collect personal data about you. This concerns, for example, first and last name, address, e-mail address, telephone number or bank details.

b) Purpose and legal basis of data processing

We collect and process this data exclusively for the purpose of executing the contract or fulfilling pre-contractual obligations.

The legal basis for this is Art. 6 para. 1 lit b) DS-GVO. If there is also consent from you, the additional legal basis is Art. 6 para. 1 lit. a) DS-GVO.

c) Storage period

The data is deleted as soon as it is no longer required for the purpose of its processing.

In addition, there may be legal obligations to retain data, for example, obligations to retain data under commercial or tax law in accordance with the German Commercial Code (HGB) or the German Fiscal Code (AO). If such retention obligations exist, we will block or delete your data at the end of these retention obligations.

 

6. Order form

An order form is available on our website, which can be used for electronic pre-orders.

a) Type and scope of data processing

Our data collection is limited to the following data:

  • First and last name
  • Telephone number
  • E-mail address
  • Account data
  • Name of the product

b) Purpose and legal basis

The purpose of data processing is to be able to process your order properly.

The legal basis for this is Art. 6 para. 1 lit. b) DS-GVO. The processing of the data serves the fulfillment of a contract, or is necessary for the implementation of a pre-contractual measure, which has taken place at the request of the data subject.

c) Storage period

The data will be deleted as soon as they are no longer required to achieve the purpose of the processing.

In addition, there may be legal obligations to retain data, for example, obligations to retain data under commercial or tax law in accordance with the German Commercial Code (HGB) or the German Fiscal Code (AO). If such retention obligations exist, we will block or delete your data at the end of these retention obligations.

7. Registration possibility

a) Type and scope of data processing

You can register on our website. If you register, we collect and store the data you enter in the input mask (e.g. last name, first name, e-mail address). Your data will not be passed on to third parties.

b) Purpose and legal basis of data processing

Your registration is required for the use of certain content and services on our website or for the fulfillment of a contract or for the implementation of pre-contractual measures. After registration, you are free to change the personal data provided during registration at any time or to have it completely deleted from the data stock of the controller.

The legal basis for the processing in the case of consent is Art. 6 para. 1 lit. a) 

DS-GVO. If your registration serves the preparation of a contract conclusion, Art. 6 (1) lit. b) DS-GVO is the additional legal basis.         

c) Storage period

The data collected during registration will be stored by us for as long as you are registered on our website and will then be deleted. Legal retention periods remain unaffected.

 

8. Data transfer

We only pass on your personal data to third parties if:

a) you have given your express consent to this in accordance with Art. 6 (1) a) DS-GVO.

b) this is legally permissible and necessary according to Art. 6 para. 1 lit. b) DS-GVO for the fulfillment of a contractual relationship with you or the implementation of pre-contractual measures.

c) there is a legal obligation for the transfer according to Art. 6 para. 1 lit. c) DS-GVO.

We are legally obliged to transfer data to state authorities, e.g. tax authorities, social insurance carriers, health insurance companies, supervisory authorities and law enforcement agencies.

d) the transfer is necessary in accordance with Art. 6 (1) f) DS-GVO for the protection of legitimate business interests, as well as for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.

e) in accordance with Art. 28 DS-GVO, we use external service providers, so-called order processors, who have been obligated to handle your data with care.

We use such service providers in the areas of:

  • IT
  • Logistics
  • Telecommunications

When transferring data to external entities in third countries, i.e. outside the EU or EEA, we ensure that these entities treat your personal data with the same care as within the EU or EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or if we ensure the careful handling of personal data through contractual agreements or other suitable guarantees.

 

9. Application possibility

a) Type and scope of data processing

You can apply on our website or by e-mail. When you apply, we collect and store the data that you enter in the input mask or that you send to us by e-mail.

b) Purpose and legal basis       

We process your data only for the purpose of processing your application.

Your data will not be passed on to third parties. The legal basis for the processing is Art. 88 (1) DS-GVO in conjunction with. § 26 BDSG and additionally Art. 6 para. 1 lit. b) DS-GVO.

If you give us consent to include you in our applicant pool, the legal basis is Art. 6 (1) a) DS-GVO.

c) Storage period

If we are unable to offer you a position, we will store your data for a maximum of six months after the end of the application process, taking into account Section 61b (1) ArbGG in conjunction with. § 15 AGG. The start of the period is the receipt of the rejection letter.

If you have given us permission to include you in our applicant pool, we will store your data for a maximum of two years.

d) Data transfer

Your data will only be disclosed to the departments involved in the decision-making process (responsible personnel or specialist departments, management, works council).

In addition, we are obliged to disclose your data to public bodies and institutions (e.g. public prosecutor's office, police, supervisory authorities, tax office, social insurance institutions, etc.).

Other data recipients may be those bodies for which you have given us your consent to the transfer of data.

 

10. Comment function     

a) Type and scope of data processing

On our website you can comment on contributions. When you comment on a post, we collect and store the data you enter in the input mask. In addition to the comments you leave, we also store and publish information about the time you entered your comments and possibly the user name (pseudonym) you chose. Furthermore, the IP address assigned by the Internet service provider (ISP) of the person concerned is stored. A transfer to third parties does not take place.

b) Purpose and legal basis

The data transmitted by you (e.g. the IP address) is used for security reasons and in the event that the data subject violates the rights of third parties by posting a comment or posts illegal content.

There is no disclosure of this collected personal data to third parties, unless such disclosure is required by law or serves the legal defense of the controller.

The legal basis for the processing of personal data transmitted when using the comment function is, if and insofar as your consent is given, Art. 6 para. 1 lit. a) DS-GVO. You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

Further legal basis is Art. 6 para. 1 lit. f) DS-GVO.

We have a legitimate interest in processing in case third party rights are violated or illegal content is posted. This is for security purposes in case someone writes illegal content in comments and posts (insults, prohibited political propaganda, etc.).

 

c) Storage period

The comments and the associated data (e.g. IP address) are stored and remain on our website until the commented content has been completely deleted or the comments have to be deleted for legal reasons.

 

11. Contact form

a) Type and scope of data processing

On our website, we offer you the opportunity to contact us via a provided form. As part of the process of sending your request via the contact form, reference is made to this data protection declaration in order to obtain your consent.

If you make use of the contact form, the following personal data will be processed:

  • Salutation
  • First name
  • Surname
  • Title
  • Company name
  • Line of business
  • Function
  • Street name
  • Street number
  • Postal code
  • City
  • Country
  • E-mail address
  • Phone number
  • Message subject
  • Message content

b) Purpose and legal basis

The purpose of providing your e-mail address is to send you a reply to your inquiry by e-mail. When using the contact form, your personal data will not be passed on to third parties.

The legal basis for the processing is consent in accordance with Art. 6 (1) a) DS-GVO on the declaration of consent given voluntarily by you in the following and revocable at any time for the future:

c) Storage period

The data you entered in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request).

Mandatory legal provisions - in particular retention periods according to the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected by this.

 

12. Contact options by e-mail

On our website, a contact option by e-mail is available to them.

a) Type and scope of data processing   

You can contact us by e-mail. Our data collection is limited to the e-mail address of the e-mail account you use to contact us as well as the personal data you provide as you wish when contacting us.

b) Purpose and legal basis       

The purpose of the data processing is to be able to answer your request appropriately. The legal basis for this is Art. 6 para. 1 lit. f) DS-GVO. There is a legitimate interest in processing the above-mentioned personal data in order to be able to deal with your request appropriately.

c) Storage period       

The duration of the storage of the above-mentioned data depends on the background of your contact. Your personal data will be deleted regularly if the purpose of the communication no longer applies and storage is no longer necessary. This may result, for example, from the processing of your request.

13. Newsletter         

a) Type and scope of data processing

On our website, there is the possibility to subscribe to a free regular e-mail newsletter In order to send you the newsletter regularly, we need your e-mail address.

For the newsletter dispatch, we use the so-called double opt-in procedure.

This means that we will only send you an e-mail newsletter after you have expressly confirmed that you consent to the sending of the newsletter. We will then send you a confirmation e-mail asking you to confirm that you wish to receive future newsletters from us by clicking on an appropriate link.

This is to ensure that only you, as the owner of the e-mail address provided, can subscribe to the newsletter. Your confirmation must be made promptly after receipt of the confirmation e-mail, otherwise your newsletter subscription will be automatically deleted from our database.

When you subscribe to the newsletter, we collect and store the data you enter in the input mask (e.g. last name, first name, e-mail address).

When you subscribe to the newsletter, we also store your IP address entered by your Internet service provider (ISP) as well as the date and time of subscription in order to be able to trace any possible misuse of your e-mail address at a later date. For the confirmation e-mail sent out for control purposes (double opt in the

e-mail), we also store the date and time of the click on the confirmation link and the IP address entered by the Internet service provider (ISP).

b) Purpose and legal basis       

The data collected by us when you register for the newsletter is used exclusively for the purpose of addressing you in an advertising manner by way of the newsletter.

The processing of your e-mail address for the newsletter dispatch is based, in accordance with Art. 6 para. 1 lit. a) DS-GVO and § 7 para. 2 No. 3 UWG, on the declaration of consent voluntarily given by you in the following and revocable at any time for the future.

In addition, the processing is based Art. 6 para. 1 lit f) DS-GVO due to legitimate interests of us to document the proof of the required consent.

c) Storage period

Your e-mail address will be stored as long as you have subscribed to the newsletter. After unsubscribing from the newsletter, your e-mail address will be deleted unless you have expressly consented to further use of your data.

 

14. Tracking and analysis tools

An exact overview of the web analytics and social media tools we use can be found here.

 

15. Data security and security measures

We are committed to protecting your privacy and keeping your personal data confidential. To this end, we take extensive technical and organizational security precautions, which are regularly reviewed and adapted to technological progress. 

This includes, among other things, the use of recognized encryption methods (SSL or TLS). However, data disclosed in unencrypted form, for example by unencrypted e-mail, may be read by third parties. We have no influence on this. It is the responsibility of the respective user to protect the data provided by him through encryption or otherwise against misuse.

 

16. Changes to the data protection declaration

We reserve the right to update this statement at any time if necessary.

 

17. Your rights

Here you will find your rights in relation to your personal data. Details of these are set out in Articles 7, 15-22 and 77 German Data Protection Regulation (DS-GVO). You can contact the controller in this regard (item 2).

Right to revoke your consent under data protection act pursuant to Art. 7 (3) p. 1 DS-GVO.

You may revoke your consent to the processing of your personal data at any time with effect for the future. However, the lawfulness of the processing carried out until the revocation is not affected by this.

  1. Right to information according to Art. 15 DS-GVO

You have the right to request confirmation as to whether we are processing personal data relating to you. If this is the case, you have the right to obtain information about this personal data as well as further information, e.g. the purposes of processing, the categories of personal data processed, the recipients and the planned duration of storage or the criteria for determining the duration.

 

  1. Right to rectification and completion according to Art. 16 DS-GVO

You have the right to request the correction of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.

 

  1. Right to erasure ("right to be forgotten") according to Art. 17 DS-GVO

You have a right to erasure insofar as the processing is not necessary.

This is the case, for example, if your data is no longer necessary for the original purposes, you have revoked your declaration of consent under data protection law or the data was processed unlawfully.     

 

  1. Right to restriction of processing according to Art. 18 DS-GVO

You have a right to restriction of processing, e.g. if you believe that the personal data is incorrect.

 

  1. Right to data portability according to Art. 20 DS-GVO

You have the right to receive the personal data concerning you in a structured, common and machine-readable format.

 

  1. Right of objection according to Art. 21 DS-GVO 

You have the right to object at any time, on grounds relating to your particular situation, to the processing of certain personal data concerning you.   

 

In the event of direct marketing, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

 

  1. Automated decision in individual cases including profiling according to Art. 22 DS-GVO

You have the right not to be subject to a decision based solely on automated processing - including profiling - except in the exceptional circumstances mentioned in Art. 22 DS-GVO.

 

Decision-making based exclusively on automated processing - including profiling - does not take place.

 

  1. Complaint to a data protection supervisory authority pursuant to Art. 77 DS-GVO

You can also lodge a complaint with a data protection supervisory authority at any time, for example if you believe that the data processing is not in compliance with data protection regulations.