In the following paragraphs, we explain which data we - i.e. the Küchenzauber business, owner: by Dina Maier – when and to which end, collect, process and use. We want to explain you how we provide our services and work and how we ensure the protection of your personal data. We collect, process and use personal data only to the extent of your respective consent or permitted by law.
Responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 GDPR is:
Mrs Dina Maier
In case of general questions or suggestions in connection with data protection, you may get in touch with us at any time via phone under +49-711 3002425 or via email to firstname.lastname@example.org.
III. Collection of Data on our Website
1. No Collection of Personal Date
You may visit our website without furnishing any personal data.
We neither collect, record , adapt or alterate, or transmit any personal data on or with our website.
2. Contact Form and Email Contact
You find a contact form on our website which may be used to contact us electronically. The data you fill in this contact form are processed by us. These are the follwing data:
Date and time of your entries
The content of your message to us.
For the processing of the data, your consent is required during the dispatching process, and you are informed about this data protection declaration.
Alternatively, you may use email to get in touch with us. We process your data to deal with your inquiry, and in case, subsequent questions arise.
If the data processing takes place for the execution of pre-contractual measures which take place at your request or, if you are already our customer, for the execution of the contract, the legal basis for this data processing is Art. 6 Para. 1 S. 1 b) GDPR. We will only process further personal data if you give your consent (Art. 6 para. 1 sentence 1 a) GDPR) or if we have a legitimate interest in processing your data (Art. 6 para. 1 sentence 1 f) GDPR). For example, there is a legitimate interest in replying to your e-mail.
3. Collection of Personal Data by our Provider
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage and database services, security services and technical maintenance services that we use to operate the website.
Our hosting provider process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in an efficient and secure provision of our website in accordance with Art. 6 Para. 1 S. 1 f) GDPR in conjunction with. Art. 28 GDPR.
In such case, the following data are collected:
• Name and URL of the retrieved file
• Date and time of retrieval
• transferred data volume
• Message about successful retrieval (HTTP response code)
• Browser type and browser version
• Operating system
• Referrer URL (i.e. the previously visited page)
• Websites accessed by the user's system through our website
• Internet service provider of the user
• IP address and the requesting provider
3. Google Maps
This website uses Google Maps API to visually present geographical information. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When you use Google Maps, information about the use of this website, including your IP address, is transmitted to and stored on a server belonging to Google in the USA. By using this website you confirm that in this regard you are in agreement with the recording, processing and use of your automatically collected data by Google, one of its representatives, or third-party suppliers.
Full details can be found in Google’s data protection centre: Transparency and Choice
Data Protection Policy
4. Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
When you call up a page of our website that contains a social plugin, your browser makes a direct connection with Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
If your browser does not support web fonts, a standard font is used by your computer.
IV. Collection, Processing, and Use of Personal Data in other contexts, in particular upon initiation of a Contract or its Performance
The personal data you leave us are processed by us in accordance with the provisions of the European Union’s General Data Protection Regulation (GDPR) and the German “Bundesdatenschutzgesetz” (BDSG) as described in more detail below:
1. For the Fulfilment of our Contractual Obligations
We process personal data that we need to fulfil our contractual obligations, such as name, address, e-mail address, ordered products, billing and payment data. The collection of this data is necessary for the conclusion of the contract.
The data will be deleted after expiry of the warranty periods and statutory retention periods. Data associated with a user account (see below) will always be retained for the duration of the account.
The legal basis for the processing of this data is Art. 6 Par. 1 S. 1 b) GDPR, because this data is required so that we can fulfil our contractual obligations towards you. These are the following data:
We collect, process, and use such data to get in touch with you and check your inquiry for the acceptance of an order, and, respectively, to execute such order. As a part of precontractual measures (e.g. master data entry) it is necessary to leave us your personal data. Shouldn’t you do this, a contract cannot be concluded.
Beyond this, the collection of data occurs to/for,
Additionally, to perform our obligations, it may be necessary to process personal data, we received lawfully by other companies or businesses or by other third parties, such as financial authorities, your business partner/s , or similar, for the respective purpose.
2. Compliance with a Legal Obligation (Art. 6 Para 1 c) GDPR) or in the public interest (Art. 6 Para 1 e) GDPR)
In such cases, the purposes of the data processing result from legal requirements or lie in the public interest (e.g. Compliance with retention obligations, proof of compliance with reference and information obligations).
3. Consent to the Processing (Art. 6 Para 1 a) GDPR)
In such cases, the purposes of the data processing result from the consent given. Such consent may be revoked at any time with effect for the future. This applies accordingly to consents given before the entry into force of the GDPR (25. May 2018). Processing which occurred before the revocation of the consent, remain unaffected. Examples: Dispatching of Newsletters, disclosure of data to third persons (e.g. your supplier or customer).
4. For the Purposes of Legitimate Interests (Art. 6 Para 1 f) GDPR)
In such cases, the purposes of the data processing result from our legitimate interests. It may be necessary to process the data disclosed to us longer than is necessary for the fulfilment of contractual obligations. Our legitimate interests may be used to justify the further processing of data disclosed to us, unless not outweighed by your interests, fundamental rights or fundamental freedoms. Our legitimate interests may be, in a specific case: assertion of claims, defence against claims, prevention of crimes
V. No Automated Decision Finding
We do not apply an automated decision making based on the collected personal data (Art. 22 GDPR), when establishing or during the business relationship with a customer or supplier. Should we ever apply such a process, we will inform you separately about and about your respective rights, as required by law.
VI. Disclosure of Data to Third Parties
In principle, we only use your personal data within our business.
If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers, financial authorities, social insurance carriers), these personal data are only received to the extent to which the transfer is necessary for the corresponding service.
In the event that we outsource certain parts of data processing ("order processing"), we contractually oblige contractors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
VII. Storage Time (Deletion Criteria)
Unless specifically stated, we only store personal data for as long as is necessary to fulfil the purposes pursued.
In some cases, the legislator provides for the storage of personal data, for example in tax or commercial law. In these cases, the data will only be stored by us for these legal purposes, but will not be processed in any other way and deleted after expiry of the legal retention period
The prospective periods of our retention obligations and rightful interests:
VIII. Your Rights as a Data Subject
According to the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please send your request by e-mail or by post to the address specified in section 1, clearly identifying yourself. Below you will find an overview of your rights.
1. Right to Confirmation and Information
You have the right to clear information about the processing of your personal data.
You have the right to receive confirmation from us at any time as to whether personal data relating to you will be processed. If this is the case, you have the right to request from us free of charge information about the personal data stored about you together with a copy of this data. Furthermore, there is a right to the following information:
If personal data are transferred to a third country or an international organisation, you have the right to be informed of the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.
2. Right to Correction
You have the right to ask us to correct and, if necessary, complete any personal data concerning you.
You have the right to request us to correct any inaccurate personal data concerning you without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.
3. Right to Cancellation ("Right to Oblivion")
In a number of cases we are obliged to delete personal data concerning you.
Pursuant to Art. 17 para. 1 GDPR, you have the right to demand that we delete personal data concerning you without delay, and we are obliged to delete personal data without delay if one of the following reasons applies:
If we have made the personal data public and we are obliged to delete them pursuant to Art. 17 para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform those responsible for data processing who process the personal data that you have requested them to delete all links to this personal data or copies or replications of this personal data.
4. Right to Limitation of Processing
In a number of cases you are entitled to request us to restrict the processing of your personal data.
You have the right to request us to restrict processing if one of the following conditions is met:
5. Right to Data Transferability
You have the right to receive, transmit or have us transmit personal data concerning you in machine-readable form.
You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person in charge without our interference, provided that
When exercising your right to data transferability in accordance with paragraph 1, you have the right to request that the personal data be transferred directly by us to another person responsible, insofar as this is technically feasible.
6. Right of Objection
You have the right to object to the lawful processing of your personal data by us if this is justified by your particular situation and if our interests in the processing do not outweigh ours.
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you on the basis of Art. 6 para. 1 sentence 1 e) or f) GDPR; this also applies to profiling based on these provisions. We no longer process personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.
You have the right to object to the processing of personal data concerning you, for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 GDPR, for reasons arising from your particular situation, unless the processing is necessary to fulfil a task in the public interest.
7. Automated Decisions including Profiling
You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect against you or significantly impairs you in a similar manner.
An automated decision making based on the collected personal data does not take place.
8. Right to Revoke Consent under Data Protection Law
You have the right to revoke your consent to the processing of personal data at any time.
9. Right of Appeal to a Supervisory Authority
You have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of having infringed the law, if you believe that the processing of personal data concerning you is unlawful.
IX. Information on Transmission of Data via Internet
We would like to explicitely state that the transmission of data via internet (e.g. communication via email) may have security vulneraibilty and a gapless protection against unjustified access through third parties is impossible. Our website actually is not SSL secured.
X. Person in Charge of Data Protection
In case of any questions concerning the collection, processing, or use of your personal data, in case of exercising your right to information, rectification, restriction of processing, deletion and other rights with respect to your personal data, please turn to our data protection officer: