1. Privacy at a glance
Data collection on our website
Who is responsible for the data collection on this website?
The data processing on this website is carried out by the website operator. Its contact details can be found at the imprint of this website.
How do we collect your data?
Your data will be collected either, that you tell us. This may be e.g. to type data that you enter into our contact form. Other data is collected automatically when visiting the website through IT systems-technology. These are above all technical data (for example Internet browser, operating system or time of the page request). The collection of this data works automatically as soon as you visit our website.
How do we use your data?
Part of the data collected is to ensure a correct function of our website. Other data can be used to analyse your user behaviour.
What rights do you have regarding your data?
At any time you have the right to obtain free information about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction, blocking or deletion of this data. For this purpose and for further questions about data protection, you can contact us at any time at the address given at the imprint. Furthermore, you have a right of appeal to the competent supervisory authority.
2. General and Mandatory Information
Note to the responsible body
The responsible data processing unit on this website is: bikeBox24 GmbH Am Giener 33 55268 Nieder-Olm Telephone: +49 (0) 61 36 – 91 68 22 E-Mail: info@bikeBox24.eu Responsible entity is the natural or legal person who, alone or in cooperation with others, decides about the purposes and means of processing personal data (such as names, e-mail addresses, etc.).
Revocation of your agreement to data processing
Many data processing operations are only possible with your expressed agreementl You can revoke an existing agreement at any time. An informal message by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of appeal to the competent supervisory authority
In the case of violations of data protection law, the person concerned has the right of appeal to the competent supervisory authority. The competent supervisory authority in matters of data protection law is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found on the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that we process on the basis of your approval or in fulfillment of a contract, in itself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another person in charge, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses, for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as a site operator, an SSL or TLS encryption. You can recognize an encrypted connection by changing the address line of the browser from “http: //” to “https: //” and the lock symbol in your browser line. If SSL or TLS encryption is enabled, the data you submit to us, may not be read by third parties.
Information, blocking, deletion
You have the right to free information on your stored personal data, their origin and recipient and the purpose of the data processing and, if necessary, a right to rectification, blocking or deletion of this data. For further information on personal data you can contact us at any time at the address given in the imprint.
Contradiction against advertising mails
The use of published in the context of the imprint obligation contact information for sending unsolicited advertising and information materials is hereby rejected. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.
3. Data collection on our website
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to check whether data is entered on this website (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the website visitor spends on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.
The storage and analysis of the data takes place on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM. If a corresponding consent is requested
processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and Section 25 Para. fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
We offer the option of processing the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.rl. et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 Para. 1 lit. f GDPR). In this context, we pass on the following data to PayPal, insofar as this is necessary for the fulfillment of the contract (Art. 6 Para. 1 lit b. DSGVO).
The processing of the data specified under this section is not required by law or contract. Without the transmission of your personal data, we cannot carry out a payment via PayPal. [You have the option to choose another payment method.]
PayPal carries out a credit check for various services such as payment by direct debit in order to ensure your willingness and ability to pay. This corresponds to PayPal’s legitimate interest (according to Art. 6 Para. 1 lit. f GDPR) and serves to execute the contract (according to Art. 6 Para. 1 lit. b GDPR). Your data (name, address and date of birth, bank account details) will be passed on to credit agencies for this purpose. We have no influence on this process and only receive the result of whether the payment was made, rejected or pending verification.
You can find more information on how to object to and remove PayPal from: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Your data will be stored until the payment has been processed. This includes the time it takes to process refunds, claims management and fraud prevention.
No order processing according to Art. 28 GDPR
PayPal is not a processor within the meaning of Art. 4 No. 8 GDPR. There is a separate responsibility. (https://www.lda.bayern.de/media/FAQ_Abdefinition_Auftragsverarbeitung.pdf)
Special features apply when using instant payment notifications (https://developer.paypal.com/docs/api-basics/notifications/ipn/IPNIntro/)
Use of Google Analytics
We use Google Analytics to analyze website usage. The data obtained from this is used to optimize our website and advertising measures.
Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the website usage data on our behalf and contractually undertakes to take measures to ensure the security and confidentiality of the processed data.
During your visit to the website, the following data, among others, is recorded:
Orders including the turnover and the ordered products
The achievement of “website goals” (e.g. contact requests and newsletter registrations)
Your behavior on the pages (e.g. length of stay, clicks, scrolling behavior)
Your approximate location (country and city)
Your IP address (in abbreviated form so that no clear assignment is possible)
Technical information such as browser, Internet provider, end device and screen resolution
Source of your visit (i.e. via which website or via which advertising medium you came to us)
Personal data such as name, address or contact details are never transmitted to Google Analytics.
This data is transmitted to Google servers in the USA. We would like to point out that the same level of protection as within the EU cannot be guaranteed in the USA under data protection law.
Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognized on future website visits.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remain stored in aggregate form indefinitely.
If you do not agree to the collection, you can prevent it by installing the browser add-on to deactivate Google Analytics once or by rejecting the cookies via our cookie settings dialog.
We host the content of our website with the following provider:
The provider is ALL-INKL.COM – Neue Medien Münnich, owner René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter All-Incl). Details can be found in the data protection declaration of All-Inkl: https://all-inkl.com/datenschutzinformation/.
The use of all-inclusive is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in our website being displayed as reliably as possible. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: • Browser type and browser version • used operating system • Referrer URL • Host name of the accessing computer • Time of the server request • IP address A merge of this data with other data sources will not be done. The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which allows the processing of data to fulfill a contract or pre-contractual measures.
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your approval. The processing of the data entered into the contact form is therefore exclusively based on your agreement (Art. 6 (1) lit. DSGVO). You can revoke this agreement at any time. An informal message by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. The information you provide in the contact form will remain with us until you ask us to delete it, revoke your agreement to storage or delete the purpose for data storage (for example, after your request has been processed). Mandatory statutory provisions – especially retention periods – remain unaffected.
Nieder-Olm, Juli 2019