Data protection

Privacy Policy

1. Notes on data protection

We are pleased that you are visiting our website and thank you for your interest in our company and our products. We would like to inform you about which data we collect, use, and process, and how we handle your personal data.

2. Data collection and data use

Personal data is information that can be used to identify an individual. This includes, for example, your name, address, email address, or telephone number.

(1) Collection of personal data when using the website

If you use the website for informational purposes only, i.e., if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and ensure stability and security:

IP address

Date and time of the request

Time zone difference to Greenwich Mean Time (GMT)

Content of the request (specific page)

Access status/HTTP status code

amount of data transferred

Website from which the request comes

Browser

Operating system and its interface

Language and version of the browser software.
The legal basis for storing the data is Art. 6 (1) (f) GDPR.

(2) Collection of personal data upon registration

We offer you the opportunity to register on our website by providing personal data.
Depending on the type of contract concluded, we store the following data:

Surnames, first names

Address

Billing address

E-mail address

Telephone number

The data is entered into an input mask, transmitted to us, and stored. The data is not shared with third parties. Users can access their user account via the app to order goods.
As part of the registration process, the user's consent to process this data was obtained, Article 6 (1) (a) GDPR. Registration is also required to fulfill a contract for the purchase of goods in our online shop or to carry out pre-contractual measures, Article 6 (1) (b) GDPR. The data collected is used by us to process the purchase of goods in our online shop, in particular to ensure the correct shipping of ordered goods.
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case if the registration on our website is canceled or changed, or if the data is no longer required to perform the contract. Even after a contract has been concluded, it may be necessary to store the contractual partner's personal data in order to fulfill contractual or legal obligations (e.g., for tax reasons).
Users have the option to cancel their registration at any time. You can change the data stored about you at any time, as follows:
To the extent that the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible if contractual or legal obligations do not prevent deletion.

The legal basis for the processing of the data is, in the case of your consent, Art. 6 (1) (a) GDPR and, if the registration serves the fulfilment of a contract or the implementation of pre-contractual measures with you, additionally Art. 6 (1) (b) GDPR.

3. Name and contact details of the person responsible

The person responsible for the management of personal data is

Gwendolin Koch
Zeppelinstrasse 25
81541 Munich

dataprotection@gwinis.com

4. Purposes of processing personal data

We only store your data for the following purposes:
To process orders (including payment processing and, if applicable, credit checks), to send advertising by us and for customer service.

We store and process your personal data at our central headquarters.

Your personal data will only be transferred to third parties if this is necessary for the purpose of contract execution or for billing or collection purposes (e.g. shipping companies or payment service providers) or if you have expressly consented.

The legal basis for the transmission of data to third parties for the purpose of contract execution or for billing purposes is Art. 6 (1) (b) GDPR and for the transfer in the context of legally mandated cases Art. 6 (1) (c) GDPR.

5. Duration of data storage

We store your data for as long as required by the respective purpose, taking into account your legitimate interests. If certain data processed for the execution of purchase contracts is subject to a tax retention period, the data will be stored for 6 or 10 years. During this period, data processing is restricted after 2 years, meaning the data will only be used to comply with legal obligations. The retention period begins at the end of the calendar year in which the order was placed by the customer or the contract was fulfilled.

6. Transfer of personal data to third parties

We may disclose your personal data to the following companies/categories of people in accordance with applicable law:

Tax audit and other authorities
External service providers and professional advisors such as lawyers, auditors, accountants, credit agencies, debt collection agencies,

Postal/shipping service providers, freight forwarders e.g. UPS, DHL, Deutsche Post
Payment providers such as PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg; Klarna AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden, (Amazon Pay) Amazon Payments Europe sca, 5 Rue Plaetis, L-2338 Luxembourg; (Apple Pay) Apple Distribution International, Hollyhill Industrial Estate, Hollyhill Cork, Ireland; Shopify Payments, 126 York Street, Suite 200, Ottawa, ON, Canada, K1N 5T5; Google Pay (Europe), Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Shopify Payments, Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

E-commerce platform Shopify
To operate our online store, we use Shopify, a service provided by Shopify Inc., 126 York Street, Suite 200, Ottawa, ON, Canada, K1N 5T5. This service provides an e-commerce platform through which we offer our products for sale. The data transmitted as part of your order is stored on a Shopify server.

Shopify has explicitly designed its infrastructure to ensure cross-border data transfer is GDPR-compliant. Personal data from individuals in Europe is initially received and processed in Ireland, Shopify's EU headquarters, and then transferred to its parent company in Canada. Any data forwarded from there to processors based in other countries, such as the USA, is subject to the export requirements of the Canadian data protection law recognized by the European Commission.

In addition, personal data may be transferred within a group of companies (e.g. between Shopify Inc. (Canada) and Shopify in the USA) if these companies have an internal policy for protecting the data (so-called “Binding Corporate Rules, BCR) that is approved by a European data protection authority (based here in Ireland) (Article 47 GDPR).

Finally, data transferred from Shopify Canada to the US is encrypted during transmission and storage. This means it cannot be easily decrypted.

For more information, please visit http://www.shopify.com/legal/privacy.

The legal basis for the transmission of data to third parties for the purpose of contract execution or for billing purposes is Art. 6 (1) (b) GDPR and for the transfer in the context of legally mandated cases Art. 6 (1) (c) GDPR.

DHL

We use the following provider as our transport service provider: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

We will pass on your email address and/or telephone number to the provider in accordance with Art. 6 (1) (a) GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or providing delivery notification, provided you have given your express consent to this during the ordering process. Otherwise, we will only pass on the recipient's name and delivery address to the provider for the purpose of delivery in accordance with Art. 6 (1) (b) GDPR. This information will only be passed on to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the provider or delivery notification is not possible.

The consent can be revoked at any time with future effect by contacting the person responsible named above or the provider.

- DHL Express

We use the following provider as our transport service provider: DHL Express Germany GmbH, Heinrich-Brüning-Str. 5, 53113 Bonn, Germany

The consent can be revoked at any time with future effect by contacting the person responsible named above or the provider.

7. Your rights

To exercise your rights, you can contact us by email at datenschutz@gwinis.de .

You have the following rights:

7.1 Revocation of consent
You can revoke your consent to the processing of personal data at any time with effect for the future.
The following contact option is available for this purpose: datenschutz@gwinis.de

7.2 Further rights
You also have the following rights with regard to your personal data:

Right to information,

Right to rectification,

Right to erasure or restriction of processing,

Right to object to processing,

Right to data portability,

You also have the right to complain to a data protection supervisory authority about our processing of your personal data.
The responsible data protection supervisory authority for Bavaria is:

Bavarian State Office for Data Protection Supervision

PO Box 1349
91504 Ansbach
Email: poststelle@lda.bayern.de
Phone: +49 981 180093-0
Fax: +49 981 180093-800
Website: www.lda.bayern.de

8. Contact form

If you send us inquiries via the contact form, we will use your data exclusively to process your request. This data will not be used for advertising purposes or shared with third parties.

The legal basis for processing data transmitted via the contact form or when sending an email is Art. 6 (1) (f) GDPR. If the contact is also aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

The data you enter in the contact form will be stored by us until you request us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies.

9. Cookies

To make visiting our website more attractive and to enable the use of certain functions, we use cookies. These are small text files that your web browser receives and stores on your computer when you visit our website. Some cookies are deleted immediately after you close your browser. Other cookies remain permanently on your computer and allow us to recognize you or your computer the next time you visit our website.
This site uses the following types of cookies, the scope and functionality of which are explained below:

a) Transient cookies: These are automatically deleted when you close your browser. These include, in particular, session cookies. These store a so-called session ID, which allows the various requests from your browser to be assigned to the shared session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.

b) Persistent cookies: These are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete cookies at any time using your browser's security settings.
You can influence the use of cookies by changing your browser settings. Most browsers have an option that allows you to restrict or prevent cookies from being saved. Each browser is unique in how it manages cookie settings. This is described in your browser's help menu.

You can find these for the respective browsers under the following links:

Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Safari: https://support.apple.com/kb/ph21411?locale=de_DE

Please note, however, that deactivating cookies may result in only limited functionality of the website being available to you.
The legal basis for the use of cookies is Art. 6 (1) (f) GDPR.
When using cookies, a distinction must be made between strictly necessary cookies and those used for additional purposes (measuring traffic, advertising). You generally have the choice to accept or reject all or some of the non-essential cookies via our consent manager. If you choose the latter option, you may not be able to fully use our services. You can control and revoke this consent via our consent management (also known as "cookie banner" or "cookie settings").

10. Analysis tools

10.1 Use of Google Analytics
Our website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of the website is usually transferred to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google.

You can prevent cookies from being saved by selecting the appropriate settings on your browser; however, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses Google Analytics with the extension "_anonymizeIp()." This means that IP addresses are shortened and processed, thus preventing any personal reference. If the data collected about you is personally identifiable, this will be immediately excluded and the personal data will be deleted immediately.

We use Google Analytics to analyze and regularly improve the use of our website. The statistics collected allow us to improve our offering and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Information from the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, and the data protection declaration: http://www.google.de/intl/de/policies/privacy.

10.2 Use of Hotjar

Our website uses Hotjar, an analytics software provided by Hotjar Ltd., 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta (http://www.hotjar.com), which enables us to analyze how you use our website. Hotjar uses cookies and a tracking code through which the collected data is transmitted to the Hotjar servers. This data mainly includes device-related information such as your IP address, screen size, device type, and browser information (type and version), as well as your geographic location and language settings. Additionally, your email address and your first and last name may be transmitted if you have provided us with this information.

User interactions, such as mouse movements, visited web pages, and the date and time of access, are also regularly transmitted to Hotjar. Your IP address is automatically anonymized by Hotjar and stored exclusively in this anonymized form. Furthermore, each user is assigned a “unique user identifier (UUID)” which allows Hotjar to track returning visitors to our website—without linking this to any personally identifiable information.

You can prevent Hotjar from collecting and using your data at any time by visiting the following link: https://www.hotjar.com/opt-out.

Right of objection

You can object to the collection and storage of data for the purpose of usage analysis at any time with effect for the future by informing us of your objection to info@gwinis.de

The legal basis for the use of analysis tools is Art. 6 (1) (f) GDPR.

11. Social Media Links

We link to the social media platforms Facebook and Instagram on our website using the respective icons. These are hyperlinks through which no data is transmitted. If you click on the link, you will be redirected directly to our respective social media presence. Your data will only be transmitted to the respective social media service if you are logged into your respective user account. In this case, the respective social media platform may obtain information about which content you have viewed on our site.

The following are solely responsible for the social media services we link to:

for Facebook and its website, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;

for Instagram and its website, Instagram, LLC, 1601 Willow Rd. Menlo Park, CA 94025, USA;

For further information about the purpose and scope of data collection and the further processing and use of your data by the respective social media service, please refer to the data protection guidelines of the respective platform.

12. Google Tag Manager

We use the Google Tag Manager service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA on our website. With Google Tag Manager, marketers can manage website tags via an interface. A tag is a marking or labeling of a database. The Tag Manager itself, which uses the tags, works without cookies and does not collect any personal data. The tags set up via Google Tag Manager merely collect data that is then passed on to the target system. Because the data is only passed on, the system does not collect or store the data itself. The Tag Manager therefore merely triggers other tags, which in turn may collect data. Corresponding explanations for these third-party providers can be found in this privacy policy. However, Google Tag Manager does not use this data. If you have set or otherwise deactivated cookies, this will be observed for all tracking tags used with Google Tag Manager; the tool does not change your cookie settings.

Google may ask for your permission to share some product data (such as your account information) with other Google products to enable certain features, such as facilitating the addition of new AdWords conversion tracking tags. Google developers also occasionally review product usage information to further improve the product. However, Google will not share this type of data with other Google products without your consent.

For more information, see the Google Terms of Use and the Google Privacy Notice for this product.

13. Newsletter

(1) With your consent, you can subscribe to our newsletter, which will inform you about our current, interesting offers. The advertised goods and services are listed in the consent form.

(2) We use the so-called double opt-in procedure to register for our newsletter. This means that after your registration, we will send you an email to the specified email address asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the times of registration and confirmation. The purpose of this procedure is to verify your registration and, if necessary, to clarify any possible misuse of your personal data.

(3) The only mandatory information required to receive the newsletter is your email address. Providing additional, separately marked data is voluntary and will be used to address you personally. After your confirmation, we will save your email address for the purpose of sending you the newsletter. The legal basis is Art. 6 (1) (a) GDPR.

(4) You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in each newsletter email, by email to info@gwinis.de, or by sending a message to the contact details provided in the imprint.

To send our newsletter, we use the Klaviyo service provided by Klaviyo Inc., 225 Franklin St, Floor 10, Boston, MA 02110, USA. The processing of your data stored during newsletter registration (email address, possibly name, IP address, date and time of your registration) may also take place in the USA. According to the European Court of Justice, an adequate level of data protection cannot currently be assumed in the USA.

Klaviyo uses so-called standard contractual clauses pursuant to Art. 46 (2) and (3) GDPR ( https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de ) as the basis for processing or transferring data to countries outside the EU. Through these clauses, Klaviyo undertakes to comply with EU data protection standards when processing your data, even if the data is transferred to third countries such as the USA, where it is processed and stored. You can find out more on Klaviyo's websites at https://www.klaviyo.com/legal/data-processing-agreement and https://www.klaviyo.com/legal/privacy/privacy-notice

(5) We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. For the evaluation, we link the data mentioned in Section 3 and the web beacons with your email address and a unique ID. We use the data obtained in this way to create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters, which links you click on in them, and use this to infer your personal interests.
Right of objection

You can object to this tracking at any time by clicking on the separate link provided in every email or by informing us via another contact method, e.g., via info@gwinis.de. The information will be stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously. Such tracking is also not possible if you have deactivated the display of images by default in your email program. In this case, the newsletter will not be displayed in full, and you may not be able to use all of its functions. If you display the images manually, the above-mentioned tracking will occur.

14. Use of social media plug-ins

We use so-called social plugins (“plugins”) from Instagram on our website, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).

We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to Instagram. The plug-in, in the form of images, is captioned "Follow us on Instagram." We offer you the option of communicating directly with Instagram via the button. Only when you click on the marked field and thereby activate it, will Instagram receive the information that you have accessed our website. In addition, the data listed in Section 1 of this declaration will be transmitted. By activating the plug-in, your personal data will be transmitted to Instagram and stored there (in the case of US providers in the USA).
We have no influence on the data collected and data processing procedures, nor are we aware of the full extent of data collection, the purposes of processing, or the retention periods. We also have no information about the deletion of the collected data by Instagram.

If you interact with the plug-in, in particular if you click on the plug-in image, your browser establishes a direct connection to the Instagram servers. The content of the plug-in is transmitted directly from Instagram to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted from your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly associate your visit to our website with your Instagram account. The information is also published on your Instagram account and displayed to your contacts there. We recommend that you log out regularly after using a social network, especially before activating the button, as this will prevent your visit from being associated with your Instagram profile.

Instagram stores the data collected about you as user profiles and uses them for advertising, market research, and/or tailoring its website to meet your needs. Such evaluation is carried out in particular (even for users who are not logged in) to display tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; to exercise this right, you must contact Instagram.

For further information on the purpose and scope of data collection and the further processing and use of the data by Instagram as well as your rights and setting options to protect your privacy, please refer to Instagram's privacy policy: https://help.instagram.com/155833707900388/.
If you do not want Instagram to directly associate the data collected through our website with your Instagram account, you must log out of Instagram before visiting our website. You can also completely block the loading of Instagram plugins using add-ons for your browser, such as the script blocker "NoScript" (http://noscript.net/).
The legal basis for the use of plug-ins is Art. 6 (1) (f) GDPR.

15. Remarketing/Retargeting

(1) On our websites, we use "Custom Audiences" from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") for retargeting and remarketing purposes. This service uses so-called tracking or remarketing pixels. These are pixel image files that enable log file analysis. By using the pixels, the service provider can see when and how many users have accessed the pixel, or whether and when an email was opened or a website was visited.

(2) With the help of this service, website users can be shown interest-based advertisements ("Facebook Ads") when they visit the social network Facebook or other websites that also use the process. Our interest in doing so is to show you advertising that is of interest to you in order to make our website more interesting for you. When you visit our website, a direct connection to the Facebook servers is established via the pixel. This enables Facebook to identify you using the browser ID, as this can be linked to your user account. We have no influence on the extent and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our current state of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding web page on our website or clicked on an ad from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that the provider will find out and store your IP address and other identification features.

(3) Logged-in users can deactivate the “Facebook Custom Audiences” function at https://www.facebook.com/settings/?tab=ads#_.

(4) The legal basis for the processing of your data is Art. 6 (1) (f) GDPR. Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy/.
Right of objection
If you do not want to see advertising generated by the respective targeting service, you can object to the use of retargeting technology on our websites by sending us a message to info@gwinis.de .

16. Emails

We use the service provider Klaviyo Inc., 225 Franklin St, Floor 10, Boston, MA 02110, USA, to send emails. This applies to transactional emails such as order confirmations, shipping confirmations, emails with promotional content, and newsletters.

Klaviyo has access to your data. Data processing may also take place in the USA. According to the European Court of Justice, an adequate level of data protection cannot currently be assumed in the USA.

Klaviyo uses so-called standard contractual clauses pursuant to Art. 46 (2) and (3) GDPR ( https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de ) as the basis for processing or transferring data to countries outside the EU. Through these clauses, Klaviyo undertakes to comply with EU data protection standards when processing your data, even if the data is transferred to third countries such as the USA, where it is processed and stored. You can find out more on the Klaviyo website at https://www.klaviyo.com/legal/data-processing-agreement and https://www.klaviyo.com/legal/privacy/privacy-notice .

17. Use of payment service providers (payment services)
- Apple Pay

If you choose to use the "Apple Pay" payment method from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment will be processed using the "Apple Pay" function on your iOS, watchOS, or macOS device by charging a payment card stored with "Apple Pay." Apple Pay uses security features integrated into your device's hardware and software to protect your transactions. To authorize a payment, you will need to enter a previously specified code and verify your payment using your device's "Face ID" or "Touch ID" function.

For payment processing, the information you provide during the ordering process, along with information about your order, is transmitted to Apple in encrypted form. Apple then re-encrypts this data with a developer-specific key before transmitting the data to the payment service provider of the payment card stored in Apple Pay to process the payment. This encryption ensures that only the website through which the purchase was made can access the payment data. After the payment is made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the payment.

If personal data is processed during the transmissions described, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) (b) GDPR.

Apple retains anonymized transaction data, including the approximate purchase amount, the approximate date and time, and whether the transaction was successful. This anonymization completely eliminates any personal identification. Apple uses the anonymized data to improve Apple Pay and other Apple products and services.

When you use Apple Pay on your iPhone or Apple Watch to complete a purchase made through Safari on your Mac, your Mac and the authorization device communicate over an encrypted channel on Apple servers. Apple does not process or store any of this information in a format that can identify you personally. You can turn off the ability to use Apple Pay on your Mac in your iPhone's settings. Go to "Wallet & Apple Pay" and turn off "Allow Payments on Mac."

Further information on data protection with Apple Pay can be found at the following internet address: https://support.apple.com/de-de/HT203027
- Klarna

One or more online payment methods from the following provider are available on this website: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden

If you select a payment method from the provider that requires you to make an advance payment (e.g., credit card payment), the payment details you provided during the ordering process (including your name, address, bank and payment card information, currency, and transaction number), as well as information about the content of your order, will be passed on to the provider in accordance with Art. 6 (1) (b) GDPR. In this case, your data will be passed on exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

If you select a payment method that requires the provider to pay in advance (e.g. purchase on account, installment purchase or direct debit), you will also be asked to provide certain personal information (first and last name, street, house number, postal code, town, date of birth, email address, telephone number, and, if applicable, details of an alternative payment method) during the ordering process.

In order to protect our legitimate interest in determining our customers' solvency, we will forward this data to the provider for the purpose of a credit check in accordance with Art. 6 (1) (f) GDPR. Based on the personal data you provide and other data (such as shopping cart, invoice amount, order history, and payment experience), the provider will check whether the payment option you have selected can be granted in light of payment and/or default risks.

In addition to provider-internal criteria pursuant to Art. 6 (1) (f) GDPR, identity and creditworthiness information from the following credit agencies may also be taken into account when making a decision during the application review process:

https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

The credit report may contain probability values (so-called score values). To the extent that score values are included in the credit report results, they are based on a scientifically recognized mathematical-statistical procedure. Address data, among other things, is used in the calculation of the score values.

You can object to this processing of your data at any time by sending us a message or contacting the provider. However, the provider may still be entitled to process your personal data if this is necessary for contractual payment processing.
- Paypal

This website offers one or more online payment methods from the following provider: PayPal (Europe) Sarl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg

If you select a payment method from the provider that requires you to make an advance payment, the payment details you provided during the ordering process (including your name, address, bank and payment card information, currency, and transaction number), as well as information about the content of your order, will be passed on to the provider in accordance with Art. 6 (1) (b) GDPR. In this case, your data will be passed on exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

If you select a payment method for which we make advance payments, you will also be asked to provide certain personal information (first and last name, street, house number, postal code, city, date of birth, email address, telephone number, and, if applicable, details of an alternative payment method) during the ordering process.

In such cases, in order to protect our legitimate interest in determining your ability to pay, we will forward this data to the provider for the purpose of a credit check in accordance with Art. 6 (1) (f) GDPR. The provider will check, based on the personal data you provide and other data (such as shopping cart, invoice amount, order history, payment experience), whether the payment option you have selected can be granted in light of payment and/or default risks.

This website offers one or more online payment methods from the following provider: Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

18. Data security

We have implemented a variety of security measures to protect your personal data. Our servers and databases are protected by physical and technical measures, among others.

We use standardized SSL encryption technology when collecting and transmitting data via our website. Personal data is transmitted during the ordering process using SSL encryption, which can be identified by the lock symbol in the browser and the "https://" suffix in the address bar.

With encrypted communication, your payment information cannot be read by third parties. When communicating via email, 100% data security cannot be guaranteed.

19. Changes to this Privacy Policy

We may change this privacy policy at any time. All changes to this privacy policy will be posted on this website and will automatically take effect 30 days after their posting. We will notify you of any material changes to this privacy policy via email.

Shopping cart 0

Sorry, looks like we don't have enough of this product.

Privacy Policy

Gwinis
hey@gwinis.com
www.gwinis.com

Language

Language

Language

Shopping cart 0

Sorry, looks like we don't have enough of this product.

Privacy Policy