DATA PROTECTION

Privacy policy of Carbox GmbH & Co. KG

 

Thank you for your interest in our company. We take data protection seriously.


As a matter of principle, you can use our website without providing any personal data. If a person concerned wishes to make use of the services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we always obtain the consent of the person concerned.


The processing of personal data (e.g. name, address, e-mail address or telephone number of a person concerned) always takes place in accordance with the Data Protection Basic Regulation (DSGVO) and in accordance with the country-specific data protection regulations applicable to us.


With the following data protection declaration, we would like to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. This data protection declaration also informs data subjects about their rights.


As the data controller, we have implemented numerous technical and organisational measures to ensure the most complete possible protection of the personal data processed via our website. However, data transmissions via the Internet can always contain security gaps. Thus a 100 % protection cannot be guaranteed. Therefore each person concerned can of course also transmit personal data to us alternatively, e.g. by telephone.

 

1. definitions
This privacy statement is based on the definitions used by the European Directive and Regulation Makers in the adoption of the DSGVO (Article 4 DSGVO). This privacy statement should be both easy to read and easy to understand for every person. In order to ensure this, we would first like to explain the terms used. Among other things, these definitions are used in this data protection declaration:
- "personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more specific characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
- "data subject" means any identified or identifiable natural person whose personal data are processed by the controller.

- "processing" means any operation or set of operations which is carried out with or without the aid of automated processes and which is related to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction;
- limitation of processing" means the marking of stored personal data with a view to limiting their further processing;
- "profiling" means any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or movements of that natural person;
- "controller" means the natural or legal person, public authority, agency or body which alone or jointly with others decides on the purposes and means of the processing of personal data; where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or the specific criteria for his designation may be laid down in Union law or in the law of the Member States;
- "recipient" means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the course of a specific investigation task under Union law or the law of the Member States shall not be considered as recipients and the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules and in accordance with the purposes of the processing;
- "third party" means a natural or legal person, public authority, agency or any other body, other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor;
- "consent" means any freely given, informed and unambiguous expression of the data subject's intention in the particular case, in the form of a statement or any other unequivocal confirmatory act by which the data subject indicates that he or she consents to the processing of his or her personal data.


2. the name and contact details of the controller


This privacy policy applies to data processing by:
Responsible person: Carbox GmbH & Co.KG, represented by JV CARBOX Carl Bellinger GmbH, represented by the managing director Mr. Stefan Bellinger, e-mail: info@carbox.de, telephone: +49 4202-96970, fax: +49 4202-969740.

 

3. the collection and storage of personal data and the nature and purpose of their use


a) When visiting the website
In principle, you can use our website without disclosing your identity. When you access our website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access is made (referrer URL),
- the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.


The data mentioned will be processed by us for the following purposes:
- Ensuring a smooth connection of the website,
- To ensure a comfortable use of our website,
- Evaluation of system safety and stability as well as
- for other administrative purposes.


The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f DSGVO. Our legitimate interest follows from the purposes listed above for the collection of data. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.


In addition, we use cookies and analysis services when visiting my website. You will find more detailed information on this under sections 5 and 7 of this data protection declaration.


b) When using our contact form
If you have any questions, we offer you the possibility to contact us via a form provided on our website. A valid e-mail address must be provided so that we know who sent the request and can answer it. Further information can be provided voluntarily. It is up to you to decide whether you wish to enter this data in the contact form.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO on the basis of your voluntary consent.


The personal data collected by us for the use of the contact form will be automatically deleted after you have completed your request.


c) When ordering via our website
You can either place orders as a guest via our website without registering, or register as a customer in our shop for future orders. Registration has the advantage for you that you can log in to our shop directly with your e-mail address and your password in the event of a future order without having to re-enter your contact details.


Your personal data will be entered into an input mask and transmitted to us and stored. If you place an order via our website, we first collect the following data both in the case of a guest order and in the case of registration in the shop:
- Salutation, first name, surname,
- a valid e-mail address,
- Address,
- Telephone number (landline and/or mobile)


These data are collected,
- to identify you as our customer;
- to process, fulfill and process your order;
- to correspond with you;
- for invoicing;
- to process any existing liability claims, as well as the assertion of any claims against you;
- to ensure the technical administration of our website;
- to administer our customer data.


As part of the ordering process, your consent to the processing of this data will be obtained.


The data processing takes place on your order and/or registration and is necessary according to art. 6 para. 1 sentence 1 lit. b DSGVO for the purposes mentioned for the appropriate processing of your order and for the mutual fulfilment of obligations from the purchase contract.


The personal data collected by us for the processing of your order will be stored until the expiry of the statutory storage obligation and deleted thereafter, unless we are obliged to store them for a longer period in accordance with Article 6 para. 1 sentence 1 lit. c DSGVO due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to storage going beyond this in accordance with Article 6 para. 1 sentence 1 lit. a DSGVO.

 

4. data transfer
A passing on of your personal data from us to third parties takes place exclusively to the service partners involved within the scope of the contract winding up, like e.g. the logistics enterprise assigned with the supply and the credit institute assigned with payment affairs. However, in cases where your personal data is passed on to third parties, the scope of the data transmitted is limited to the necessary minimum.

 

When paying via PayPal, credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal, we pass on your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal"). PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal. PayPal will use the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values (so-called score values). If score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical procedure. Address data, among other things, is included in the calculation of the score values. Further data protection information can be found in the PayPal data protection principles: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

 

Your personal data will not be transferred to third parties for purposes other than those mentioned above.


We will only pass on your personal data to third parties if:
- you have given your express consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO,
- the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- in the event that there is a legal obligation to pass on data pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, and
- this is legally permissible and required for the execution of contractual relationships with you pursuant to Art. 6 para. 1 sentence 1 lit. b DSGVO.


As part of the ordering process, your consent will be obtained for your data to be passed on to third parties.

 

5. use of cookies
We use cookies on our site. These are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans or other malware.


The cookie is used to store information that arises in connection with the specific end device used. This does not, however, mean that we will immediately become aware of your identity.


The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically deleted after leaving our site.


In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your terminal for a specific period of time. If you visit our site again in order to make use of our services, it is automatically recognised that you have already been with us and which entries and settings you have made in order not to have to enter them again.


On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you (see Section 7). These cookies enable us to automatically recognize that you have already visited our site when you visit it again. These cookies are automatically deleted after a defined period of time.


The data processed by cookies are necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO.


Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. The complete deactivation of cookies may, however, result in you not being able to use all the functions of our website.

 

6. links to websites of third parties
The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt the content of these pages as our own. For illegal, incorrect or incomplete contents as well as for damage, which results from the use or disuse of the information, alone the offerer of the Web Site, to which one referred, is responsible. The liability of the person who merely refers to the publication by a link is excluded. We are only responsible for third-party references if we have positive knowledge of them, i.e. also of any illegal or punishable content, and if it is technically possible and reasonable for us to prevent their use.

 

7. analysis and tracking tools
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures used, we would like to ensure that our website is designed to meet requirements and is continually optimised. On the other hand, we use the tracking measures in order to statistically record the use of our website and to evaluate it for you for the purpose of optimising our offer. These interests are to be regarded as justified within the meaning of the aforementioned provision.


The respective data processing purposes and data categories can be found in the corresponding tracking tools.


a) Google Analytics1
We use Google Analytics, a web analysis service provided by Google Inc., for the purpose of tailoring our pages to meet your needs and continuously optimising them. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google"). In this context, pseudonymised user profiles are created and cookies (see section 5) are used. The information generated by the cookie about your use of this website such as
- Browser type/version,
- operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of the server request,
are transferred to a Google server in the USA and stored there. This information is used to evaluate the use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage for market research purposes and to tailor these internet pages to meet requirements. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of third parties. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an allocation is not possible (IP masking).


You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website.


You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).


As an alternative to the browser add-on, in particular for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on the aforementioned link. An opt-out cookie is set to prevent your data from being collected in the future when you visit our website. The opt-out cookie applies only in this browser and only to our website and is placed on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.


Further information on data protection in connection with Google Analytics can be found under the following link in the Google Analytics help: https://support.google.com/analytics/answer/6004245?hl=en

 

b) Google Adwords Conversion Tracking
We also use Google Conversion Tracking to record the use of our website statistically and to evaluate it for the purpose of optimising our website for you. Google Adwords places a cookie (see number 5) on your computer if you have reached our website via a Google advertisement.


These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on the AdWords customer's website and the cookie has not expired, Google and the customer will be able to tell that the user clicked on the ad and was directed to that page.


Each Adwords customer receives a different cookie. Cookies can therefore not be traced via the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers will know the total number of users who clicked on their ad and were directed to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users.


If you do not wish to participate in the tracking process, you can also refuse to set a cookie as required, for example by setting your browser to disable the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com". You will find Google's privacy policy on conversion tracking under the following link: https://services.google.com/sitestats/de.html

 

8. social media plugins
We use social plugins of social networks (e.g. Facebook, Twitter, Google+) on our website on the basis of Art. 6 Para. 1 S. 1 lit. f DSGVO in order to make our company better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for the data protection-compliant operation is to be guaranteed by their respective providers. The integration of these plugins by us takes place by means of the so-called two-click method in order to protect visitors to our website in the best possible way.


a) Facebook
Social media plugins from Facebook are used on our website to make their use more personal. For this we use the "LIKE" or "SHARE" button. This is an offer from Facebook.


If you call up a page on our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website.


By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not logged on to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.


If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by pressing the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook so that it is visible to everyone.


Facebook may use this information for the purpose of advertising, market research and tailoring Facebook pages to meet needs. To this end, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
If you do not want Facebook to associate the information collected through our website with your Facebook account, you must log out of Facebook before visiting my website.


The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in the data protection information, in particular in Facebook's data policy, which you can view under the following link: https://www.facebook.com/about/privacy/


b) Twitter
On our website you will find plugins of the Twitter Inc. (Twitter) are integrated. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our website. You can find an overview of tweet buttons under this link on Twitter: https://dev.twitter.com/web/tweet-button


When you access a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our site with your IP address. If you click the Twitter "tweet" button while logged into your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to assign the visit to our pages to your user account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the data transmitted or its use by Twitter.


If you do not want Twitter to be able to assign visits to our pages, please log out of your Twitter user account.


Further information on this can be found in Twitter's privacy policy, which you can view here: https://twitter.com/de/privacy

 

(c) Google "+1" button
Our website uses the "+1" button of the social network Google, which is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA. The button is marked with a "+1".


The "+1" button is an abbreviation for "this is pretty cool" or "look at this". The button is not used to record your visits to the web.


If a web page on our site contains the "+1" button, your Internet browser will download and display that button from the Google server. The Google server will automatically be informed of the website you have visited on our website. When displaying a +1 button, Google does not permanently log your browser history, but only for a period of up to two weeks.


Google stores this data about your visit for this period for system maintenance and troubleshooting purposes. However, this data is not structured according to individual profiles, user names or URLs. This information is also not accessible to website publishers or advertisers. Use of this information is for maintenance and troubleshooting purposes only in Google's internal systems. Your visit to a +1 button page will not be otherwise evaluated by Google.


A further evaluation of your visit to a website of our Internet presence with a "+1" button does not take place.


The assignment of +1 itself is a public process, i.e. anyone who performs a Google search or calls up content on the web to which you assign +1 can potentially see that you have assigned a +1 to the content in question. So don't give +1 unless you're sure you want to share this recommendation with the world.


A click on this +1 button serves as a recommendation for other users in Google's search results. You can publicly state that you like our website, that you agree with our website, or that you can recommend our website. If you have registered for Google+ and are logged in, the +1 button will turn blue when you click on it. In addition, +1 will be added to the +1 tab in your Google profile. On this tab you can manage your +1 and decide if you want to make the +1 tab public.


To store your +1 recommendation and make it publicly available, Google collects information about your recommended URL, IP address, and other browser-related information from your profile. If you withdraw your +1, this information will be deleted. All of your +1 recommendations are listed on the +1 tab in your profile.


For more information and to review Google's current privacy policy, please visit https://www.google.de/intl/de/policies/privacy/ You can find more information from Google about the Google+1 button under the link https://developers.google.com/+/web/buttons-policy.

 

9. rights of data subjects
You have the right:
- to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you may request information on the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right of rectification, deletion, restriction of processing or objection, the existence of a right of complaint, the origin of your data, unless it has been collected from me, as well as the existence of an automated decision-making process including profiling and, if applicable, meaningful information on its details;
- in accordance with Art. 16 DSGVO, to immediately request the correction of incorrect or incomplete personal data stored by us;
- to demand the deletion of your personal data stored by us in accordance with Art. 17 DSGVO, unless processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- to demand the restriction of the processing of your personal data in accordance with Art. 18 DSGVO if the correctness of the data is disputed by you, the processing is unlawful but you refuse its deletion and we no longer need the data but you need it to assert, exercise or defend legal claims or you have lodged an objection against the processing in accordance with Art. 21 DSGVO;
- in accordance with Art. 20 DSGVO, to receive your personal data which you have provided to us in a structured, common and machine-readable format or to request the transfer to another responsible person;
- in accordance with Art. 7 para. 3 DSGVO, to revoke your consent once given to us at any time. The consequence of this is that we may no longer continue the data processing based on this consent in the future, and
- to complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters.

 

10. right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right, pursuant to Art. 21 DSGVO, to object to the processing of your personal data if there are reasons for doing so which arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without stating a particular situation.


If you would like to make use of your right of revocation or objection, simply send an e-mail to: info@carbox.de.

 

11. data security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.


We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.


12. topicality and change of this data security explanation
This privacy policy is currently valid and as of March 2018.


Due to the further development of our website and offers about it or due to changed legal or official requirements, it may be necessary to change this privacy policy. The current data protection declaration can be called up and printed at any time on our website under the following link: https://carbox.de/de/datenschutz/