Privacy policy


1. General information regarding the collection of personal data

(1) In the following privacy policy we would like to explain how we deal with the personal data that are transmitted to us when using our website or our offers. Personal data are any data that personally relate to you, e.g. name, address, email addresses or user behaviour.

(2) Responsible party pursuant to Article 4 section 7 of the GDPR:

supplies24 GmbH
Biberger Strasse 93
82008 Unterhaching

Tel.: +49 89 24880 9356
Fax: +49 89 24880 9908
Email: mail@supplies24.com

(3) Our company Data protection officer can be reached at datenschutz@supplies24.de or at the abovementioned address with the remark “The data protection officer” / “FAO Brigitte Harz”

2. Rights of data subjects

(1) You have the following rights with respect to the personal data concerning you:

  • Right of information (Article 15 of the GDPR) about your personal data processed by us;
  • Right of rectification (Article 16 of the GDPR) or completion of your personal data processed by us;
  • Right of deletion (Article 17 of the GDPR) of your personal data processed by us, unless the processing is required exceptionally pursuant to Article 17 para. 3 of the GDPR;
  • Right of restriction of processing (Article 18 of the GDPR);
  • Right of information (Article 19 of the GDPR);
  • Right of data portability (Article 20 of the GDPR);
  • Right to revoke consent once granted to us (Article 7 para. 3 of the GDPR).
     

(2) Furthermore, you have the right to file a complaint with a legal data protection authority, if you believe that our processing of your personal data is unlawful. These are the state commissioners for data protection, you can find the contact person responsible for you, for example at the following URL: https://datenschutz.saarland.de/datenschutz/zustaendigkeiten/#c139:

(3) Objection to the processing of your data

Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if, in particular, the processing is not required to fulfil a contract with you, which is displayed by us in the respective description of the functions. In the event of such an objection, we shall ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we shall examine the situation and will either discontinue or adapt the data processing or inform you of our compelling legitimate reasons for which we shall continue the processing.

Of course, you may object to the processing of your personal data for the purpose of advertising and data analysis at any time. You can inform us at the following contact details regarding your objection to advertising: mail@supplies24.com.

3. Data security

As the security of your data is very important to us, your personal data shall be transferred using a secure TLS encryption/connection. TLS (Transport Layer Security) is a protocol for encrypting data transmissions on the Internet. Hereby we protect your personal data against unauthorised access from third parties.  You can see the encryption of the connection in the browser line by the sign "https//:" or the padlock symbol.

In addition, we secure our website and other systems by means of technical and organisational measures against the loss, destruction, access, modification or dissemination of your data by unauthorised persons. However, despite regular checks, it is not possible to protect fully against all dangers.

4. Visit of our website

In the merely informative use of our website, meaning that you do not register or otherwise provide us with data, we shall only collect the personal data that your browser transmits to our server. As soon as you request a file from our website, standard access related data is collected and stored.

This data set is comprised of:

  • the page from where the file was originally requested,
  • the file name,
  • the date and time of the request,
  • the data quantity transmitted,
  • the access status / HTTP status code (i.e., whether the file was transmitted or whether it might not have been found, etc.),
  • a description of the type and version of the web browser used,
  • the operating system installed and the resolution configured.
  • the IP address used.

These data are required for us to display our website to you and to ensure stability and security. Furthermore, these are evaluated for internal statistical purposes as well as for the technical administration of the website . The legal basis is Article 6 para. 1 S.1 lit. f of the GDPR. Our legitimate interest arises from the stated purposes of data collection.

5. Use of our online shop

(1) If you want to place an order in our online shop, you have to submit personal data as part of the ordering process

Name
Address
Email address

The data that are collected for this purpose can be seen in the respective input masks, whereby the necessary obligatory information is specially marked. All other input details are optional. The input of your personal data serves the purpose and is necessary insofar as these are required for the conclusion of the contract and the processing of your order. The legal basis is Article 6 para. 1 S.1 lit. b of the GDPR.

(2) You have the possibility of creating a customer account. For the purpose of using your personal data for further, subsequent orders, the data you provide shall be revocably stored and processed. The legal basis is Article 6 para. 1 S.1 lit. b of the GDPR.

(3) Due to the requirements of commercial and tax law, we are obligated to store your address, payment and order data for a period of ten years. Your data shall therefore not be completely deleted even if the storage for the concluded contract is no longer required. However, the processing shall be limited to the extent required for processing to comply with legal obligations. The legal basis is Article 6 para. 1 S.1 lit. c of the GDPR.

(4) The data that you have sent to us during the course of your order shall be used exclusively for the processing of your order.  For the processing of the order, we use the following external service provider:

(a) The delivery of the goods requires a forwarding of your address data to our parcel service providers. They are obligated to treat your data confidentially and only save and use it for the purposes of the delivery, and also to delete it after a successful delivery. The legal basis for the transfer of data is Article 6 para. 1 lit. b of the GDPR.

(b) For payment processing, your payment details shall be forwarded to the credit institution commissioned or the selected payment service provider. The legal basis for the transfer of data here is Article 6 para. 1 S.1 lit. b of the GDPR.

6. E-mail advertising in the case of existing customer relationships

(1) If you buy goods or services from us and have sent us your e-mail address in this context, we reserve the right in future emails with offers for similar goods or services, like yours already purchased goods (so-called direct mail). According to § 7 Abs. 3 UWG no separate consent is required. The legal basis is our legitimate interest in personalized direct mail in accordance with Art. 6 para. 1 sentence 1 lit. f DS-GMO.

(2) You can object to this processing at any time. To do this, write an e-mail to mail@supplies24.com or contact the responsible person mentioned above or click on the unsubscribe button in the e-mail you receive. For this purpose, you only have to pay delivery costs according to the basic rates.

For the sending of our newsletter we use the email marketing provider "Active Campaign", 1 N. Dearborn St., 5th Floor, Chicago, IL 60602, USA.

By registering for our newsletter, the data provided at registration shall be transferred to ActiveCampaign and stored there. To prevent abuse, your IP address and the date of registration will be stored by Active Campaign. Further use of your IP address by Active Campaign does not take place.

Active Campaign also offers statistical evaluation options as well as the option of using individual evaluations based on email addresses. This helps us to send you only such offers as are relevant to you.

Please note that the data is usually transmitted to and stored by an Active Campaign server in the United States. This means that data is being passed on to third parties in a third country not classified as secure. In this respect we have concluded an additional agreement with Active Campaign that is in accordance with the standard contractual clauses of the EU.

ActiveCampaign processes your personal information in the United States and has submitted itself to the EU-US Privacy Shield, which ensures compliance with the level of data protection in the EU, https://www.privacyshield.gov/EU-US Framework.

For more information about ActiveCampaign and privacy see: community.activecampaign.com/privacy

 

7. When contacting by email

(1) In the course of contacting us via email on our website  personal data are collected and stored by us: Email address and email text as well as other voluntarily entered data.

(2) We process the data provided by you exclusively for processing your contact request. The legal basis is Article 6 para. 1 S. 1 lit. b of the GDPR or our legitimate interest in answering your request in accordance with Article 6 para. S. 1 lit. f of the GDPR.

(3) If storage is no longer required, we shall delete all personal data collected in this context. Insofar as a statutory retention requirement exists, the processing shall be limited to this purpose. The legal basis is Article 6 para. 1 lit. c of the GDPR.

 

8. Information on creditworthiness

If we provide a service in advance, e.g. a purchase on account, in order to safeguard our justified interests we shall obtain information on creditworthiness based on mathematical and statistical processes used by the corporate law firm First Debit, Am Pulverschopen 17, 59071 Hamm, Germany. In this respect, we shall transmit your name and address and use the information received on the statistical probability of payment not being made to make a balanced decision with regard to the payment option to be permitted. The legal basis is Article 6 para. 1 S. 1 lit. f of the GDPR, whereby our legitimate interest results from the aforementioned purposes.

The information on creditworthiness may contain probability values (score values) calculated on the basis of scientifically recognised mathematical and statistical processes. When this is being calculated, address data, among other information, may be used. Your protectable interests are taken into account in accordance with the relevant statutory provisions. You can refuse this assessment with future effect. As a consequence, this can mean that we are no longer able to offer you specific payment options.

 

9. Cookies

(1) This website uses cookies. Cookies are small text files that your browser stores on your end device (PC, laptop, tablet, smartphone, etc.). They serve to make the use of our offer more pleasant and comfortable for you or for analytical purposes. If you contact the corresponding website again, the cookies allow your device to be recognised once more. This leads among other things to ensure that data entered by you is available when the form is filled in again or the order process can be continued in the shopping cart. Insofar as cookies are used to achieve the conclusion or performance of the contract, the legal basis is Article 6 para. 1 S.1 lit. b of the GDPR. If the cookies are used to guarantee our legitimate interests in the pleasant and comfortable functionality as well as analysis and improvement of our website, the legal basis is Article 6 para. 1 S.1 lit. f of the GDPR.

(2) This website uses the following types of cookies:

  • In most cases, we use cookies that are automatically deleted from your hard drive after the browser has been terminated or when you log out (transient cookies, in particular so called session cookies).
  • Other types of cookies remain on your device and allow us to recognise your device when you next visit our website (so called persistent or permanent cookies). These cookies are deleted automatically from your system after a pre-set period which differs depending on the cookie.

(3) You can change the storage of cookies in your browser settings at any time, e.g. reject the acceptance of or delete cookies as a whole, third party cookies (cookies set by a third party, i.e. not by the current website on which you are currently located) or individual cookies. However, we point out that in this case you may no longer be able to use our website to the full extent. To protect your privacy, we recommend that you delete the cookies on your device and the browsing history at regular intervals.

 

10. Transfer of data in general

In addition, we shall only pass on your personal data to third parties in the following cases:

  • if you have given us an explicit consent for this pursuant to Article 6 para.1 S. 1 lit. a of the GDPR, or
  • if pursuant to Article 6 para. 1 S. 1 lit. c of the GDPR there is a legal obligation for disclosure, e.g. in the context of law enforcement or
  • disclosure pursuant to Article 6 para. 1 S. 1 lit. f is required for the purpose of asserting or defending legal claims or the exercise of rights, and it can not be assumed that the disclosure conflicts with an overriding interest of the data subject that is worthy of protection.

13. Transfer of data in general

In addition, we shall only pass on your personal data to third parties in the following cases:

  • if you have given us an explicit consent for this pursuant to Article 6 para. 1 S. 1 lit. a of the GDPR, or
  • if pursuant to Article 6 para. 1 S. 1 lit. c of the GDPR there is a legal obligation for disclosure, e.g. in the context of law enforcement or
  • disclosure pursuant to Article 6 para. 1 S. 1 lit. f is required for the purpose of asserting or defending legal claims or the exercise of rights, and it can not be assumed that the disclosure conflicts with an overriding interest of the data subject that is worthy of protection.