1. Data protection
§ 1 Information regarding the collection of personal data and supplier identification
(1) Below, we will inform you regarding the collection of personal data during use of this website. Personal data is all data that relates to you personally, e.g. your name, address, e-mail address, usage behaviour, etc.
(2) The controller in accordance with Art. 4, Section 7 of the EU General Data Protection Regulation (GDPR) is Juwel Aquarium AG & Co. KG, Karl-Göx Str. 1, 27356 Rotenburg
(3) You can contact our data protection officer at privacy@juwel-aquarium.de or via our postal address, with the line ‘der Datenschutzbeauftragte’ (the data protection officer).
§ 2 Rights to information and revocation
You have the following rights in relation to us with regard to the data of which you are the subject:
(1) You have a right to information, correction, erasure, restriction of processing, objection against processing and data portability. Insofar as processing is conducted following your consent, you have the right to revoke this consent to us with effect for the future.
(2) In accordance with Article 21, Section 1 of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6, Section 1 e of the GDPR (data processing in the public interest), or based on Article 6, Section 1 f of the GDPR (data processing to preserve a justified interest), including profiling based on those provisions. Should you make an objection, we shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims
(3) You further have the right to submit a complaint to a data protection supervisory authority responsible regarding the processing of your personal data by us.
§ 3 Data security
We currently maintain technical measures to guarantee data security, in particular to protect your personal data against risks arising during data transfer and against your data becoming known to third parties. These are adapted respectively to the current state of technology.
§ 4 Collection of personal data during informatory use
When using the website for purely informatory purposes, i.e. when you do not register or supply us with other information, we only collect the personal data that your browser transfers to our server. If you wish to view our website, we collect the following data technically required by us in order to present our website to you and to guarantee stability and security. The legal basis for this is Article 6, Section 1 f GDPR.
This data is:
- IP address
- Date and time of the query
- Time zone difference in relation to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Data quantity transferred respectively
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software
(2) Additionally, during use of the website, cookies can be stored on your computer. Cookies are small text files on your hard drive that are stored in such a manner that they are assigned to the browser used by you, and through which the entity that sets the cookie (in this case, ourselves) receives certain information. Cookies cannot execute programmes or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall. We also use cookies to be able to identify you for follow-up visits, for example if you have an account with us. Otherwise, you have to log in again each time you visit.
a) This website uses the following types of cookie:
– Transient cookies (temporary use)
– Persistent cookies (time-limited use)
– [Third-party cookies (from third parties)]
– [Flash cookies (permanent use)].
b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These cookies store a so-called ‘session ID’, with which different queries from your browser can be assigned to the collective session. As a result, your computer can be recognised again when you return to the website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specific period, which can differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser settings as required and e.g. accept third-party cookies or reject all cookies. However, we wish to inform you that in such a case, you may not be able to use all functions of this website.
e) The Flash cookies used are not recorded by your browser, but by your Flash plug-in. These store the necessary data, regardless of which browser you use, and have not automatic expiry date. If you do not want Flash cookies to be processed, you must install the relevant add-on, e.g. ‘Better Privacy’ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe-Flash Killer Cookie for Google Chrome.] [
(3) This stored information is stored separately from any other data received by us. In particular, the data from the cookies is not linked to your other data. The legal basis for the use of these cookies are our justified interests as defined in Article 6, Section 1 f GDPR. The justified interest is our object of business.
§ 5 Contact
When you make contact with us via e-mail or via a contact form, the data provided by you (your e-mail address, and if necessary, your name and phone number) is stored by us in order to answer your questions. If we request that you make entries via our contact form that are not required to make contact, these entries are always labelled as being optional. We use this information to specify your enquiry and to improve processing of your request. This information is provided expressly on a voluntary basis and with your consent, according to Article 6, Section 1 a GDPR. If the data relates to information on channels of communication (e.g. e-mail address, phone number), you also agree that we shall contact you, if necessary also via this channel of communication, in order to respond to your enquiry. Naturally, you can revoke this consent at any time in for the future.
We delete the data arising in this connection after storage is no longer required, or we restrict the processing if statutory storage regulations apply.
§ 6 Registration and portal use
You have the option of registering with us and creating a customer account. For registration, we collect and store the following data about you:
- Title
- First name
- Surname
- E-mail address (username)
- Password
- Address
The provision of the above data is mandatory; all other information can be provided voluntarily by you through the use of our portal.
Following registration, you receive personal, password-protected access and can view and manage the data deposited by you. Registration is voluntary, but can be a requirement if you wish to use our services.
When you use our portal, we store the data required for fulfilling the contract, if necessary including information on the method of payment, until you permanently delete your access. We also store the data given by you voluntarily for the period of your use of the portal, unless you do not delete it beforehand. You can manage and change all information in the secure customer area. The legal basis is Article 6, Section 1 a, b and f GDPR.
§ 7 Use of our online shop
(1) If you wish to order an item in our online shop, you must first create a customer account in which your data is stored for later further purchases. Mandatory information required for processing contracts is marked separately, while other information is provided voluntarily. When creating an account under ‘My Account’, the data entered by you there is revocably stored; you can delete the account in the customer area at any time. When you register a customer account, you do not receive advertising e-mails or post from us unless you have subscribed to our newsletter during registration or elsewhere.
(2) The data entered by you is used in order to process your order. For this purpose, we forward your address data to a contracted dispatch company. We delete this data after the contract has been processed, and the statutory regulations relating to storage with regard to tax and commercial activities have expired.
(3) In order to prevent unauthorised access by third parties to your personal data, in particular financial data, the order process is encrypted using SSL technology.
(4) The legal basis is the conclusion and implementation of a contract in accordance with Article 6, Section 1 b GDPR. The data is stored for the duration of the contract and in accordance with the statutory requirements. For payment processing, we use different payment service providers, who are identified as such at all times, and who directly receive your entries and are thus recipients of your personal data collected in connection with the payment procedure. The legal basis for the use of payment service providers is the contractual processing in accordance with Article 6, Section 1 b GDPR. Data is stored for the purpose of payment for the duration of the payment processing.
§ 8 Forwarding of data to third parties
In general, your data is not transferred to third parties, unless we are legally obliged to do so, or when forwarding of data is required to implement the contractual relationship, or you have previously given your express consent to the forwarding of your data.
External service providers and partner companies such as online payment providers, or dispatch companies contracted to conduct the delivery, only receive your data when this is required in order to process your order. In such cases, the scope of the data transmitted is restricted to the necessary minimum, however. Should our service providers come into contact with your personal data, we ensure within the scope of the order processing, and in accordance with Article 28 of the GDPR, that these providers observe the regulations contained in the data protection legislation in the same manner. Please also note the respective data protection information offered by the providers. The respective service provider is responsible for the content of external services, whereby within reason, we conduct a check of the services with regard to the observance of the statutory requirements.
It is important to us that your data is processed within the EU / EEA. However, it may occur that we use service providers who process data outside the EU /EEA. In such cases, we ensure that before your personal data is transferred, an adequate degree of data protection is provided at the recipient. This means that via EU standard contracts or an adequacy ruling, such as the EU Privacy Shield, a data protection level is achieved that is comparable to the standards within the EU.
§ 9 Newsletter
When you provide your consent in accordance with Article 6, Section 1 a GDPR, you can subscribe to our newsletter, through which we inform you about our current offers.
With regard to registration for the newsletter, we use the ‘double opt-out’ procedure. This means that after you register, we send you an e-mail to the address entered by you, in which we request your confirmation that you wish to receive the newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and deleted automatically after one month.
Furthermore, we store respectively your IP addresses used and the points in time of registration and confirmation. The purpose of the procedure is to provide evidence of your registration and if necessary to investigate possible misuse of your personal data.
Mandatory information for the dispatch of the newsletter is your name and your e-mail address. After your confirmation, we store your data for the purpose of sending the newsletter. The legal basis is Article 6, Section 1 a, GDPR.
You can revoke your consent to the dispatch of the newsletter at any time, and unsubscribe from the newsletter. You can revoke consent by clicking on the link provided in every newsletter, or by contacting the data protection officer named above.
§10 YouTube
Our website uses plugins from the Google-powered YouTube page. Site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our YouTube plug-in-enabled sites, you will be connected to the servers of YouTube. It tells the YouTube server which of our pages you've visited. If you're logged into your YouTube account, YouTube will allow you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. For more information on how to handle user data, please refer to the YouTube Privacy Policy at: https://www.google.com/intl/en/policies/privacy.
§ 11 Use of Google Analytics
This website uses Google Analytics, a web analysis service offered by Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Usage comprises the Universal Analytics operating mode. As a result, it is possible to assign data, sessions and interactions over several devices to a pseudonym user ID and thus to analyse the activities of a user across different devices.
Google Analytics uses cookies, which enable an analysis of the website by you. The information about your use of this website generated by the cookie is generally transmitted to a Google server in the United States and stored there. However, if IP anonymisation has been activated at this website, your IP address will be truncated by Google within member states of the European Union or in other states that are party to the Agreement on the European Economic Area beforehand. The entire IP address will be transmitted to a Google server in the United States and truncated there in exceptional cases only. The IP address conveyed by your browser within the scope of Google Analytics will not be associated with other Google data. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on the website activities and providing additional services relating to the website use and the Internet use for the website operator. These purposes also include our justified interest in data processing. The legal basis for the use of Google Analytics is § 15, Section 3 Telemedia Act (TMG) resp. Article 6, Section 1 a, GDPR. The data sent by us and which is linked to cookies, user recognition (e.g. user ID) or advertising IDs is automatically deleted after 26 months. The erasure of data for which the period of storage has come to an end is conducted automatically once a month. For more detailed information on conditions of use and data protection, see https://www.google.com/analytics/terms/de.html or https://policies.google.com/?hl=de
You may prevent storing the cookies via an appropriate setting of your browser software; however, please note that this might result in you being unable to use all functions of this website in their entirety. You may also prevent the data generated by the cookie and related to your use of the website (incl. your IP address) from being transmitted to Google or being processed by Google by downloading and installing the https://tools.google.com/dlpage/gaoptout?hl=de. Opt-out cookies prevent the future recording of your data when you visit this website. In order to prevent recording by Universal Analytics across different devices, you must complete the opt-out on all systems used. When you click here, the opt-out cookie is set: Set Google Analytics inactive
§ 12 My Fonts Counter
On this website, the Script Code MyFonts Counter from MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA (below: MyFonts) is loaded. When you activate JavaScript in your browser and have not installed a JavaScript blocker, your browser may transfer personal data to MyFonts. In order to prevent JavaScript code from being implemented by MyFonts overall, you can install a JavaScript blocker (e.g. www.noscript.net). The legal basis for this are our justified interests in accordance with Article 6, Section 1 f GDPR. For more information on data protection at MyFonts, go to: https://www.myfonts.com/info/terms-and-conditions.
§ 13 Sites on social media platforms (e.g. fan pages)
In order to provide social media services such as the Facebook fan page, Instagram fan page or our YouTube channel, the platform operators usually store cookies on the end device of the user. These include session cookies, which are deleted when the browser is closed, and permanent cookies which remain on the end device until they expire or are deleted by the user. As a user, you can decide yourself via your browser settings whether and which cookies you wish to allow, block or delete. You will find instructions for your browser here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can install “ad blockers” such as Ghostery.
According to the information provided by Facebook, the cookies used by Facebook are used for authentication, security, website and product integrity, advertising and measurements, website functions and service, performance and analysis and research. You will find details on the cookies used by Facebook (e.g. names of the cookies, duration of function, content recorded and purpose) here: https://www.facebook.com/policies/cookies/, by following the links provided.
Google (as the operator of YouTube) uses cookies to store settings, for security purposes, for process and system functions, advertising purposes, recording and optimising the session status and website analysis. You will find the relevant details here: https://policies.google.com/technologies/types?hl=en&gl=de. For the guideline on data protection in YouTube, see: https://policies.google.com/technologies/product-privacy?hl=en&gl=de.
Forwarding and using personal data
Platform operators
If you interact on the social media platform, the respective platform operator naturally also has access to your data. This operator may be located in a third country in which the level of data protection is lower. Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA, is subject to the EU-US Privacy Shield. The same applies to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4.