Privacy Policy

Privacy policy

 

General information

Your personal data within the meaning of Art. 4 No. 1 of the GDPR (e.g. IP address, name, e-mail address and telephone number, user name, payment information) are only processed by us in accordance with the provisions of German data protection law and in compliance with the European Data Protection Regulation (GDPR). The following provisions provide you with information on the nature, scope and purpose of the collection, processing and use of personal data.

Processing of personal data within the meaning of Art 4 No. 2 GDPR is lawful under Art.  6 GDPR if one of the following conditions is met:

  1. The data subject has given his/her consent to the processing of personal data relating to him/her for one or more specific purposes;
  2. processing is necessary for the performance of a contract to which the data subject is party or in order to implement pre-contractual measures at the request of the data subject
  3. processing is necessary for compliance with a legal obligation to which the controller is subject
  4. processing is necessary to protect the vital interests of the data subject or of another natural person
  5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Processing of special personal data (e.g. health data) within the meaning of Art.  9 para. 1 GDPR is lawful in particular under Art.  9 para. 2 GDPR if one of the following conditions is met:

  • the person’s express consent has been obtained;
  • processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.

No automatic decision-making or profiling is carried out with regard to personal data under Art.  22 GDPR.

The operator shall ensure the security of the data pursuant to Art. 32 GDPR, taking into account the principle of proportionality, by taking appropriate technical measures.

If, against all expectations, a violation of data protection should occur, the competent supervisory authority will be notified in accordance with Art.  33 GDPR, and the data subject will be notified in accordance with Art.  34 GDPR.

 

Scope

This data privacy statement only refers to our websites. Should you be redirected to other pages through links from our website, please obtain information on their respective treatment of your data.

 

Duration of data storage

The duration of the storage of the data transmitted by users is governed by the statutory storage obligations. According to commercial and tax laws, invoices must be stored for a period of 10 years. Data collected as part of registration is stored for the duration of the membership.

 

Transfer of data to third parties

Data transmitted within the scope of the contractual relationship may only be transmitted to third parties (Art.  4 No. 10 GDPR), provided you have expressly declared your consent (Art.  4 No. 11 GDPR) or the transmission is necessary for the fulfilment of the contract.  The consent can be informally revoked at any time. Data collected during visits to the website is only collected from third parties who are expressly mentioned below.

 

Responsible in terms of the GDPR

The responsible person within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws applicable in the European Union and other regulations relating to data protection:

VirtualEconomics GbR

Lehrstraße 46

72411 Bodelshausen

E-Mail: [email protected]

 

Cookies

We use cookies on our website. Small data files are automatically created in your browser and stored on your device (PC, laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your device, do not contain viruses, trojans or other malware. The cookie stores the information that arises from the specific device in use. This does not mean, however, that we obtain direct knowledge of your identity.

Cookies are used to make the use of our offer more pleasant for you. Cookies are used to make the use of our offer more pleasant for you. Thus we use so-called session cookies which enable us to determine whether you have already visited individual pages of our website.  These cookies are automatically deleted after you leave our site.

Furthermore, we also optimize user-friendliness by using temporary cookies that are stored for a certain fixed period of time on your device.

 Whenever you visit our site again and use our services, we automatically detect that you have already been to our site and identify the entries and settings you have made, thereby eliminating the need to enter them again.

These cookies enable us to automatically recognise that you have already visited our website the next time you visit us.  These cookies are automatically deleted after a defined time. The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art.  6 para. 1 sentence 1 letter  f GDPR. The majority of browsers automatically accept cookies.  However, it is possible to configure your browser in such a way that no

cookies are stored on your computer or that a message always appears before a new cookie is created. Disabling cookies completely may, however, mean that you will not be able to use all the functions of our website.

 

Storing access data in log files

You can visit our website without providing any personal information.

The site provider automatically collects and stores information in server log files, which are automatically transmitted to us by your browser. These are:

type/browser version Operating system used Referrer URL

 Host name of the accessing computer Time of the server request

These data cannot be assigned to specific persons This data will not be merged with other data sources.  However, we reserve the right to subsequently review this data should we become aware of any specific indications of unlawful use.

The purpose of the processing results from our legitimate interest as defined in Art.  6 para. 1 sentence 1 letter  f) GDPR.

An agreement for processing orders was concluded between us and our hoster.

 

Registration

Registration is not required to use our offered services, but the range of functions may be limited. The data you enter in the input mask will be collected and stored. The data will not be transferred to third parties, unless this is necessary for the execution of the contractual relationship.  The data can be changed or deleted by you at any time. The data can be changed or deleted by you at any time. Once the data has been deleted, the service can no longer be provided until you register again.

 In addition to the data which you have entered, the IP address, as well as date and time details of the registration are also stored. The storage of IP data is used to prevent any misuse and to clarify criminal offences.

 

Google Analytics

 This website uses Google Analytics, a web analysis service provided by Google Inc.  (“Google”). Google Analytics uses “Cookies”, text files which are stored on your computer and which make it possible to analyse the way in which you use the website.  The information generated by the cookie relating to your use of this website is usually transferred and stored on a Google server in the USA.  However, your IP address will be shortened by Google prior to such transfer either in member states of the European Union or in other signatory states to the Treaty on the European Economic Area.  Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened on that server.  At the request of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.  You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that by doing so you may not be able to access all the features of this website. Furthermore, you may prevent the collection of any data generated by the cookie relating to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and http://tools.google.com/dlpage/gaoptout?hl=de installing the browser plugin available under the link

The IP anonymisation function is used.

You can find further information on this at

http://tools.google.com/dlpage/gaoptout?hl=de

or at

http://www.google.com/intl/de/analytics/privacyoverview.html

(general information about Google Analytics and data privacy).

 

Paypal

When paying via PayPal, using a credit card via PayPal, direct debit via PayPal or “Purchase on account” as well as payment by instalments via PayPal, we transmit your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg as part of the payment processing. (hereinafter “PayPal”).  PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or “purchase on account” via PayPal as well as the instalment payment via PayPal. PayPal shall conduct a credit assessment based on the statistical probability of non-payment in order to determine whether to provide the payment method in question. The credit report can contain probability values (so-called score values). Where score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values.

For further information on data protection, including the credit agencies used, please refer to PayPal’s privacy policy:  https://www.paypal.com/de/webapps/mpp/ua/privacy-full

 

Skrill

When paying via Skrill, processing is carried out by the payment service provider Skrill Ltd., Floor 27, 25 Canada Square, London, E14 5LQ, U.K.  As part of the ordering process, the information you provide will be passed on together with the information about the order (name, address, account number, bank code, credit card number, invoice amount, currency and transaction number).  Your data will only be transferred for the purpose of payment processing with payment service provider Skrill Ltd.

Further information on data protection at Skrill Ltd.  you can find here https://www.skrill.com/de/seiteninformation/datenschutzerklaerung/

 

Klarna

If you select a Klarna payment service, the payment will be processed by Klarna Bank AB (publ) [https://www.klarna.com/de], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter referred to as

“Klarna”).  To enable payment to be processed, your personal data (first name and surname, street, house number, postcode, city, gender, e-mail address, telephone number and IP address) as well as data related to the order (e.g. invoice amount, item, type of delivery) will be passed on to Klarna for purposes of identification and credit checks, provided that you have expressly  consented thereto during the ordering process  as required by Art.6 para. 1 letter a  Here you can see to which credit agencies your data can be forwarded:

The credit report can contain probability values (so-called score values). Where score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data Klarna uses the information obtained on the statistical probability of payment default to make a balanced decision on the establishment, execution or termination of the contractual relationship.

You may withdraw your consent at any time by sending a message to the data controller or to Klarna.  However, Klarna may still process your personal data if this is necessary to process your payment in accordance with the contract.

For more information about Klarna’s data protection policy, please click here:

 

Paysafecard

On our website we offer the online payment method Paysafecard. This payment service is provided by Paysafe Holdings UK Limited, 27-25 Canada Square, 27th Floor, London, E14 5LQ, United Kingdom, and its affiliated group companies

For further information, please refer to the Paysafecard Privacy Policy:

 

Payment by credit card

On our website we offer, among other things, payment by “credit card”. If you choose to pay by credit card, the payment details you enter will be transmitted to the credit card company.

This payment method allows you to pay for your order by VISA or Mastercard credit card. After completion of the transaction the invoice amount will be conveniently and securely debited from your account.

The transmission of your data takes place in accordance with Art. consented thereto during the ordering process  a GDPR (consent) and Art. consented thereto during the ordering process  b GDPR (processing for the fulfilment of a contract).

You have the possibility to withdraw your consent to data processing at any time. Withdrawal does not affect the effectiveness of data processing operations carried out in the past.

 

Contributions, comments and ratings in the shop and in the forum

Whenever users post ratings, comments in the shop or in the forum or other contributions, their IP addresses are stored. This is carried out for the security of the provider in case someone writes illegal content (including insults, pornographic or protected material). In this case, the provider himself may be held liable for the comment or contribution and is therefore interested in the identity of the author. The collection of this data is justified by art.  6 para. 1 sentence 1 letter  f) GDPR.

 

Request by e-mail or telephone

If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. consented thereto during the ordering process  b GDPR, provided that your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. All other cases of processing are subject to your consent (Art. consented thereto during the ordering process  a GDPR) and / or our legitimate interests (Art. consented thereto during the ordering process  f GDPR), as we have a legitimate interest in the effective processing of the requests addressed to us.

The data sent to us by you via contact requests will be kept by us until you request us to delete it, withdraw your consent for storage or the purpose for which the data was stored no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

 

Live-Chat

You may communicate with us via the live chat which is integrated on the website. When posts are sent, their IP addresses are stored. This is carried out for the security of the provider in case someone writes illegal content (including insults, pornographic or protected material). In this case, the provider himself may be held liable for the comment or contribution and is therefore interested in the identity of the author. The collection of this data is justified by art.  6 para. 1 sentence 1 letter  f) GDPR.

 

Security of your data / SSL encryption

In accordance with the legal regulation under § 13 paragraph 7 TMG, this site uses SSL encryption, which can be recognized by a lock symbol in the address bar of your browser.

Transmitted data cannot be read by third parties when SSL encryption is activated.

Usually this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in an encrypted format from the display of the key or lock symbol in the lower status bar of your browser.

Furthermore, we use appropriate technical and organizational security measures (TOM) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

 

Rights of the user

You can request information about the personal data stored about you at any time and free of charge. Your rights also include confirmation, correction, restriction, blocking and deletion of such data and the provision of a copy of the data, in a form suitable for transmission, as well as the withdrawal of consent and opposition. This does not affect statutory storage obligations.

Your rights arise in particular from the following standards of the GDPR:

  • Article 7(3) – Right to withdraw data protection consent
  • Article 12 – Transparent information, communication and modalities for the exercise of the rights of the data subjec
  • Article 13 – Information to be provided when personal data are collected from the data subject
  • Article 14 – Information to be provided where personal data have not been obtained from the data subject
  • Article 15 – Data subject’s right of access, confirmation and the right to receive a copy of the personal data
  • Article 16 – Right of rectification
  • Article 17 – Right of cancellation (“right to be forgotten”)
  • Article 18 – Right to restrict processing
  • Article 19 – Notification obligation regarding the rectification or erasure of personal data or the limitation of processing
  • Article 20 – Right to data transferability Article 21 – Right of objection
  • Article 22 – Right not to be subject to a decision based solely on automated processing, including profiling
  • Article 77 – Right of appeal to a supervisory authority

To exercise your rights (with the exception of Art. 77 GDPR), please contact the office mentioned under the point “Responsible person in terms of GDPR” (e.g. by e-mail).

Competent supervisory authority:

The State Commissioner for Data Protection and Freedom of Information

Königstrasse 10 a

70173 Stuttgart

Tel.: 0711/615541-0

Fax: 0711/615541-15

E-Mail: mailto:[email protected]

Website: www.lfdi.bwl.de

(Please check before contacting the above mentioned  website that the contact details are still up to date)