Project NVMEN GmbH
Managing Director: Nicola Cliemas
PERSONAL DATA DEFINITION
Personal data is defined as any information relating to an identified or identifiable natural person. This includes information such as name, address or other postal address, telephone number and email address as well as any other information that can be attributed to a particular individual.
- the data subject has given consent to the processing of his or her personal data, for example data that you specify in forms etc. with your consent, Article 6, paragraph 1, lit. a (GDPR).
- processing is necessary to perform a contract of which the data subject is the contractual party or in order to take steps at the request of the data subject prior to entering into a contract, Art. 6, paragraph 1, lit. b (GDPR).
- processing is necessary to fulfill a legal requirement that our company is subject to, Article 6, paragraph 1, lit. c (GDPR).
- processing is necessary for the purpose of legitimate interests of our company or of a third party and the interest do not override the interest, fundamental rights and freedoms of the data subject of the first-named interest, Art. 6, paragraph 1, lit. f (GDPR).
We collect and use your personal data only insofar as this is required for the provision of a functional website and of our contents and services as well as for the implementation of our business purpose and only if you have given us your consent, except it was not possible to obtain prior consent and the processing of data is permitted because of statutory requirements.
Some data are collected when you provide it to us. This could be, for example, data you enter on a contact form. Other data are collected automatically when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page.
HOW WE USE YOUR PERSONAL INFORMATION
We use the personal identification information that we collect generally to fulfill any orders placed through our website (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this personal information for the following purposes:
- To run and operate our website. We may need your information display content on the website correctly.
- To improve customer service. Information you provide helps us respond to your customer service requests and support needs more efficiently.
- To personalize user experience. We use aggregated information to understand how our users as a group use the services and resources provided on our website.
- To improve our website. We use feedback you provide to improve our products and services.
- To process payments. We use the information users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
- To send periodic emails. We use the email address to send user information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests.
- We use the non-personal identification information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our website (for example, by generating analytics about how our customers browse and interact with the website, and to assess the success of our marketing and advertising campaigns).
DATA TRANSMISSION TO THIRD COUNTRIES
There is a transfer of data to third countries outside the European Union. This is done on the basis of statutory contractual provisions that are intended to ensure adequate protection of your data and that you can consult upon request.
The personal data of the data subject is deleted or blocked, as soon as the purpose for which it was stored no longer applies. Storage can also be effected if this was required by the European or national legislators in European Union regulations, laws or other stipulations that the person responsible is subject to. The data is also blocked or deleted if a statutory storage period prescribed by the cited standards expires, unless there is a need for continued data storage for the purposes of a conclusion or performance of a contract. When you place an order through our website, we will maintain your order information for our records unless and until you ask us to delete this information.
REVOCATION OF YOUR CONSENT OF PROCESSING YOUR DATA
Many data processing operations are only possible with your consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
ANALYTICS AND THIRD-PARTY TOOLS
When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools.
We do not sell, trade, or rent your personal identification information to others. We share your personal information with third parties to help us use your personal information, as described above. We disclose your personal data to third parties if this is necessary to fulfill the purpose for which you gave us your data. We use external service providers to process your data. We pass on the following customer data to third parties (providers for creating newsletters, mailings on our behalf): first name, last name, date of birth, e-mail address. The service provider are intended to ensure adequate protection of your data and will not share this personal information to third parties. We share your information with these third parties for those limited purposes provided that you have given us your permission.
Finally, we may also share your personal information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Please note that data transmitted via the internet (i.e. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Your personal data is transmitted using SSL encryption via the Internet. An encrypted connection is indicated by the browser's address bar switching from "http: //" to "https//" and the lock icon in your browser bar. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our website.
ENCRYPTED PAYMENTS ON THIS WEBSITE
If you enter into a contract which requires you to send us your payment information (i.e. account number), we will require this data to process your payment.
Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon in your browser line is visible. In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.
DO NOT TRACK
Please note that we do not alter our website’s data collection and use practices when we see a Do Not Track signal from your browser.
You have the right to access stored data we hold about you and to ask that your personal information be corrected, updated, or deleted.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through our website), or otherwise to pursue our legitimate business interests listed below. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
INFORMATION, BLOCKING, DELETION
As permitted by law, you have the right to be provided at any time with information about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. If you would like to exercise this right, please contact us through the contact information below.
RIGHT TO FILE COMPLAINTS
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered.
COLLECTION OF NON-PERSONAL IDENTIFICATION INFORMATION
When visiting the website, we collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. We refer to this collected information as “non-personal identification information.” The legal basis for the temporary storage of the data is Art. 6, paragraph 1, lit. f (GDPR). The temporary data storage of the IP address is necessary to operate our website on your computer. To do this, the IP address is stored only for the duration of the session. Storage in logfiles is necessary in order to assure the functionality of the website. The data also serves in order to optimize the website for you. The collected data is deleted as soon as the purpose for which it was collected has ended.
The following non-personal identification information is collected:
- Browser type and version used
- Operating system and the interface of the user
- Internet server provider
- IP address
- Access status/http status code
- Date and time of the visit
- Time zone difference to Greenwich Mean Time
- Content of the request (concrete internet page)
- Quantity of data transmitted
- Websites, from which the system of the user accessed our internet site
- Websites that are visited by the system of the user via our website
- Mobile end devices: Manufacturer and type designation of the smartphone, tablet or other mobile end devices
Log files track actions occurring on the website, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, host name of the accessing computer, and date/time stamps. These data can not be assigned to a specific person. The website provider automatically collects and stores information that your browser automatically transmits to us. Storage of this data together with other personal data of the user does not take place. The basis for data processing is Art. 6, paragraph 1, lit. b (GDPR), which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
We use "cookies" to enhance our web presence and to optimize use for you, but also for advertising purposes. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser. Cookies store information, such as, for example, your language setting, the length of visit to our website or the entries you made there.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
COLLECTION OF PERSONAL IDENTIFICATION INFORMATION
DATA TRANSFERRED WHEN SIGNING UP FOR SERVICES OR ENTERING INTO A CONTRACT
We forward personal data to third parties only to the extent required to fulfill the terms of your contract with us. External service providers, such as, for example, online payment providers or the shipping company tasked with the delivery, only receive your data insofar as it is necessary for the execution of your order. In these cases the extent of the transmitted data is restricted to the minimum required. Please also observe the data protection notices of the individual providers. The individual service provider is responsible for the contents of third party services, whereby we verify as far as can be reasonably expected that the services observe statutory requirements.
Your data will not be forwarded for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your consent.
The basis for data processing is Art. 6, paragraph 1, lit. b (GDPR), which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
If the user decides to opt-in to our mailing list, they will receive emails that include company news, updates, related product or service information, etc. For the registration to our newsletter, we use the so-called double opt-in-procedure. This means that once you have supplied us with your email address we send an email confirmation to this email address asking you to confirm that you wish to have the newsletter sent to you. If we do not receive acknowledgement of this email within 72 hours, the data you have given will be automatically deleted.
If you confirm that you wish to receive the newsletter, we will store your email address until you decide to unsubscribe to the newsletter. The only reason we store the data is so that we can send you the newsletter. In addition, we always store the IP address you use and times during subscribing and acknowledging. The purpose of the procedure is to prove that you have subscribed and, if applicable, to be able to resolve any misuse of your personal data. After receipt of your acknowledgement we store your subscription data for the purposes of sending the newsletter. Legal basis is Art. 6 paragraph 1, lit. a (GDPR). The providing of any other, specifically marked, details is on voluntary basis and is used to personalize the newsletter.
In order to send our newsletter, we use the services of the Rocket Science Group, LLC d/b/a MailChimp 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308. Their servers are located in the United States, where there is no privacy level comparable with the European standard. We are nevertheless convinced that MailChimp is dealing very conscientiously with personal data. With your registration for our newsletter, you agree that your email address will be processed for the purpose of sending the newsletter on our behalf. You can obtain more information about data protection through MailChimp: http://mailchimp.com/legal/privacy/.
If at any time you would like to unsubscribe from receiving future emails without the need to give any reasons, the unsubscribe link can be found in every newsletter sent by us under "Unsubscribe" or you may contact us via email to firstname.lastname@example.org or by sending a message to the contact data specified below.
YOUR ORDER IN OUR ONLINE SHOP
You want to make a purchase in our Online-Shop, you have to provide the necessary details for carrying out the contracts. This mandatory information is marked separately. Further details are voluntary. We will store data as necessary for the fulfillment of an order, in particular your shipping addresses. We will forward your payment details directly to our billing service provider; this does not remain in our systems. Additionally we forward your address details to the shipping logistics service provider. The legal basis is Art. 6, paragraph 1, lit. b (GDPR).
We will process the data provided during registration only based on your consent per Art. 6 paragraph 1, lit. a (GDPR). You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Commercial and fiscal stipulations require us to store your address, payment and order details for the period of ten years. Nevertheless, we restrict processing after two years; this means your data is only used to observe the statutory requirement.
You can object to the use of your data for advertising and data analysis purposes at any time. Please send your objection to email@example.com.
If you would like to take advantage of the functions of our user account, you can create a user account on voluntary basis by registering yourself with your name, your email address, and a password of your choice. We use your voluntary data for additional purchases at a later date. We can also use the data to notify you about additional products that may fit your interests.
We will store your data including the IP address, date and time of the registration, customer number, Entity-ID and Email hash for the duration of use of your user account insofar as you not delete this beforehand. You can manage and change any information in the protected user account area. Or you can send us a mail to hellonvmen.com requesting the deletion or modification of your user account at any time. Your personal data is stored as a measure to prevent fraud. The deadline for the purpose of fraud is 6 months. If the data is required for the performance of a contract or to take steps prior to entering into a contract, a premature deletion of the data is only possible insofar as no contractual or statutory obligations contradict this. The legal basis is Art. 6, paragraph 1, lit. a (GDPR) and Art. 6, paragraph 1, lit. b (GDPR).
Our website includes plugins for the social network Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and is available at www.facebook.com. The Facebook plugins can be recognised by the Facebook logo. For an overview of Facebook plugins, see https://developers.facebook.com/docs/plugins/.
If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account before visiting our website.
Our website includes plugins for the social network Instagram, Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"), and is available at www.instagram.com. The Instagram plugins can be recognized by the Instagram logo.
If you do not want Instagram to associate your visit to our site with your Instagram account, please log out of your Instagram account before visiting our website.
PLUGIN & TOOLS
GOOGLE WEB FONTS
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6, paragraph 1, lit. f (GDPR). If your browser does not support web fonts, a standard font is used by your computer.
Our website includes "+1" plug-in of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, recognizable by the "+1" sign.
When you visit a page on our website that contains this plugin, your browser establishes a direct connection to Google's servers. We have no control over the extent or content of data collected by Google through this plugin. According to Google information, no personal information is collected without a click on the plugin. Only with logged in Google+ members such data should be collected and processed. If you are logged in to Google+ or Google via your personal user account while visiting our website, Google records information about your +1 activities to improve Google services for you and others. To use the Google+ button, you need a globally visible, public Google profile that must contain at least the name chosen for the profile. This name is used by all Google services. In some cases, this name may also replace a different name that you have used to share content via your Google account. The identity of your Google profile can be shown to users who know your email address or other information that can identify you.
Use of collected data: In addition to the uses mentioned above, the information you provide is used in accordance with the applicable Google data protection policies. Google may publish summary statistics about users’ +1 activity or share it with users and partners, such as publishers, advertisers, or affiliate websites. If you want to prevent such data transmission, you need to log out of your Google+ or Google account before visiting our website.
Further information about handling user data and the purpose of the data collection can be found at https://developers.google.com/+/web/buttons-policy.
Our website uses Google Analytics, a web analysis service. It is operated by Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (further called “Google”). Google Analytics uses so-called “cookies”, these are text files that are stored on your computer to help analyze how you use the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the United States and stored there.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports about website activities and to provide further services related to website usage and Internet usage for website operators. This website uses Google Analytics with the extension “_anonymizeIp()”. In this way, IP addresses are further processed in an abbreviated form, a direct reference to a person can thereby be excluded. The IP anonymization is carried out by Google within the Member States of the European Union or in other contracting States party to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to a Google server in the USA and shortened there. The IP address sent as part of Google Analytics from your browser will not be brought together with any other data held by Google.
GOOGLE ANALYTICS REMARKETING
Our website uses the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified based on your previous usage and surfing behavior on one device (i.e. your mobile phone), on other devices (such as a tablet or computer).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalised promotional messaging.
To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion. You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google per Art. 6, paragraph 1, lit. a (GDPR). For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6, paragraph 1, lit. f (GDPR).
GOOGLE ADWORDS AND GOOGLE CONVERSION TRACKING
Our website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.
Conversion cookies are stored based on Art. 6, paragraph 1, lit. f (DGDPR). We have a legitimate interest in analyzing user behavior to optimize both our website and advertising.
PAYMENT SERVICE PROVIDER
Your data will be transmitted to Stripe based on Art. 6, paragraph 1, lit. a and Art. 6, paragraph 1, lit. b (GDPR). By selecting this payment option, you automatically consent to the transfer of your personal data necessary for payment processing. You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
Your data will be transmitted to Klarna based on Art. 6, paragraph 1, lit. a and Art. 6, paragraph 1, lit. b (GDPR). By selecting this payment option, you automatically consent to the transfer of your personal data necessary for payment processing. You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
THIRD PARTY WEBSITES
You may find advertising or other content on our website pages that link to other providers. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our website. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website's own terms and policies.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at firstname.lastname@example.org or by mail using the details provided below:
Project NVMEN GmbH
YOUR ACCEPTANCE OF THESE TERMS
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
This document was last updated on August, 2018