Privacy Policy

  • Home
  • Privacy Policy

    Privacy Policy

    §1 Information about the Collection of Personal Data

    1. Below, we provide information about the collection of personal data when using our website. Personal data refers to all data that can be related to you personally, e.g., name, address, email addresses, user behavior. Through this, we wish to inform you about our processing activities and simultaneously fulfill our legal obligations, particularly those arising from the EU General Data Protection Regulation (GDPR).
    2. The party responsible according to Art. 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is KS & BJ Online GbR, located at Im Hoffeld 20, 63654 Büdingen, with the email address hello@xyousive.com (please see our Legal Notice – link).
    3. When you contact us via email or through a contact form, the data you provide (your email address, possibly your name, and phone number) will be stored by us to answer your queries. We will delete the data obtained in this context if the inquiry is associated with a contract based on contract duration periods; otherwise, once storage is no longer necessary, or limit processing if there are statutory retention requirements.
    4. If we rely on commissioned service providers for individual functions of our offer or wish to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail below about the respective processes. We will also specify the set criteria for the storage duration.

    § 2 Your Rights

    1. You have the following rights against the responsible party concerning the personal data related to you:
      1. Right to access,
      2. Right to rectification or deletion,
      3. Right to restrict processing,
      4. Right to object to processing,
      5. Right to data portability.

      2.   Additionally, you have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data.

    § 3 Processing of Personal Data when Visiting our Website

    When you use our website for informational purposes, meaning simply viewing it without registration and without transmitting any other information to us, we process the personal data that your browser sends to our server. The following described data is technically necessary for us to display our website to you and to ensure its stability and security, so it must be processed by us. The legal basis for this is Art. 6 Para. 1 S. 1 lit. f GDPR:

    • IP address
    • Date and time of the request
    • Time zone difference to Greenwich Mean Time (GMT)
    • Content of the request (specific page visited)
    • Access status/HTTP status code
    • Amount of data transferred each time
    • Previously visited page (referrer URL)
    • Browser
    • Operating system
    • Language and version of browser software.

     

    § 4 Additional Features and Offers on our Website

    1. Apart from the purely informational use of our website, we offer various services that you may utilize if interested, and we use other standard features for analysis or marketing of our offerings, which are detailed further below. Generally, you will need to provide additional personal data, or we will process such data, which we use to deliver the respective service. The principles of data processing mentioned previously apply to all the data processing purposes described here.
    2. At times, we might employ external service providers to process your data. These have been carefully selected by us, are bound by our instructions, and are regularly monitored.
    3. Additionally, we may share your personal data with third parties when participation in promotions, contests, contract conclusions, or similar services are offered in conjunction with partners. Depending on the service, your data may also be collected by partners on their own responsibility. More information is provided when you submit your data or in the descriptions of the respective offers below. We offer payment through the following payment service provider:

             PayPal The provider in this case is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).

            The payment data you enter will be transmitted to PayPal if you have selected PayPal for payment.

            All PayPal transactions are subject to the PayPal Privacy Policy, which you can find and review at https://www.paypal.com/de/webapps/mpp/ua/privacy-prev?locale.x=de_DE.

          The legal bases are Art. 6 Para. 1 S. 1 lit. a and b GDPR. For the revocation of your consent to the processing of your data, § 5, paragraph 1 of this privacy policy applies.

    1. Insofar as our service providers or partners are based in a country outside of the European Economic Area (EEA), we will inform you about the implications of this circumstance in the description of the offer.

     

    § 5 Objection or Revocation Against the Processing of Your Data

    1. If you have given your consent to the processing of your data, you can revoke it at any time. Such a revocation affects the permissibility of processing your personal data after you have expressed it to us. The legitimacy of processing your data up until the time of your revocation remains unaffected.
    2. Insofar as we base the processing of your personal data on a balance of interests, you can object to the processing. This is the case, in particular, if the processing is not necessary for the fulfillment of a contract with you, which we describe in each case in the subsequent presentation of functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either cease or adjust the data processing or point out our compelling legitimate reasons on which we continue the processing.
    3. Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can best exercise your advertising objection by using the contact details provided above.

     

    § 6 Processing of Data from Your Devices (“Cookie Policy”)

    1. In addition to the data mentioned above, when you use our website, we utilize technical tools for various functions, particularly cookies, which can be stored on your device. Upon accessing our website and at any later time, you can choose whether to allow the setting of cookies in general or select which specific additional functions you want. You can make changes in your browser settings or through our Consent Manager. Firstly, we describe cookies from a technical perspective (2), before delving into your individual selection options by outlining technically necessary cookies (3) and cookies that you can voluntarily select or deselect (4).
    2. Cookies are text files or information in a database stored on your hard drive and associated with the browser you’re using, enabling specific information to flow to the entity that sets the cookie. Cookies cannot run programs or transfer viruses to your computer. They primarily serve to design the internet offering to be faster and more user-friendly. This website uses the following types of cookies, the functionality and legal basis of which we will explain subsequently:
      • Transient Cookies: These, especially session cookies, are automatically deleted when closing the browser or logging out. They contain a so-called session ID, allowing different requests from your browser to be assigned to a shared session. This ensures your computer can be recognized when you return to our website.
      •  Persistent Cookies: These are automatically deleted after a predefined duration, which varies depending on the cookie. You can always view the set cookies and their durations in your browser settings and manually delete the cookies.
    3. Mandatory, technically necessary functions for displaying the website: The technical structure of the website requires us to use techniques, especially cookies. Without these techniques, our website cannot be displayed (fully correctly) or support functions might not be facilitated. These are generally transient cookies that are deleted after the end of your website visit or at the latest when you close your browser. You cannot deselect these cookies if you wish to use our website. The individual cookies are visible in the Consent Manager. The legal basis for this processing is Art. 6 Abs. 1 S. 1 lit. f DS-GVO.
    4. Optional cookies upon granting your consent: We only set various cookies upon your consent, which you can select during your first visit to our website via the so-called Cookie-Consent-Tool. The functions are only activated upon your agreement and can serve purposes like analyzing and improving our website visits, facilitating the operation across various browsers or devices, recognizing you upon a return visit, or placing ads (potentially also to orient ads to interests, measure ad effectiveness, or display interest-based ads). The legal basis for this processing is Art. 6 Abs. 1 S. 1 lit. a DS-GVO. You can revoke your consent at any time without affecting the legitimacy of processing up to the point of revocation. The functions we use, which you can individually select and revoke via the Consent Manager, are described below.

    § 7 Special Forms of Use

    Use of Blog Features

    On our blog, where we post various articles on topics related to our activities, you can leave public comments. Your comment will be published with the username you provide next to the post. We recommend using a pseudonym instead of your real name. Providing a username and email address is mandatory; all other information is voluntary. When you leave a comment, we also save your IP address, which we delete after [one week]. Storing this information is necessary to protect us from potential liability in cases of publishing unlawful content. We need your email address to contact you if a third party challenges your comment as illegal. The legal bases are Art. 6 Abs. 1 S. 1 lit. c and f DS-GVO. Comments are not checked before publication. We reserve the right to delete comments if they are flagged by third parties as illegal.

    Use of Our Webshop

    1. If you want to order from our webshop, you must provide your personal data, which we need to process your order. Mandatory information required for contract processing is specially marked; all other information is voluntary. For payment, you can provide your payment data to our payment service provider, or we will forward your payment details to our primary bank. In these cases, these third parties are solely responsible for payment processing. The legal basis for this is Art. 6 Abs. 1 S. 1 lit. b DS-GVO.
    • You can optionally create a customer account, which allows us to store your data for subsequent purchases. When setting up an account under “[My Account]”, the data you provide is stored and can be revoked. All other data, including your user account, can be deleted in the customer area at any time.
    • We may also process the information you provide to inform you about other interesting products from our portfolio or to send you emails with technical information.

    2. Due to commercial and tax regulations, we are obligated to store your address, payment, and order data for a duration of ten years. However, after [three years], we restrict processing, meaning your data will only be used to comply with legal obligations from that point on.

    3. To prevent unauthorized third-party access to your personal data, the order process is encrypted using TLS technology.

    § 8 Newsletter

    Newsletter

      1. You can subscribe to our newsletter, through which we inform you about our current exciting offers, by giving your consent. The advertised goods and services are named in the declaration of consent.
      2. For the registration of our newsletter, we use the so-called double opt-in procedure. This means that after your registration, we will send you an email to the provided email address, in which we ask for confirmation that you are the owner of the given email address and wish to receive notifications. If you do not confirm your registration within [24 hours], your information will be locked and automatically deleted after one month. Additionally, we save your IP addresses and the times of registration and confirmation. The purpose of this procedure is to prove your registration and possibly clarify any misuse of your personal data.
      3. The only mandatory requirement for sending the newsletter is your email address. [The provision of additional, separately marked data is voluntary and is used to address you personally.] After your confirmation, we will save your email address for the purpose of sending the newsletter. The legal basis is Art. 6 Abs. 1 S. 1 lit. a DS-GVO.
      4. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can exercise the revocation by clicking on the link provided in every newsletter email, [through this form on the website,] by email to [Newsletter@example.com], or by sending a message to the contact details given in the imprint.
      5. Additionally, you can also consent to allow us to evaluate your user behavior when sending the newsletter. For this evaluation, the sent emails contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. For the evaluations, we link the data mentioned above [in § 3] and the web beacons with your email address and an individual ID.

    You can object to this tracking at any time by clicking on the separate link provided in each email or by informing us through another contact method, as shown above. The information will be stored as long as you have subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.

     

    § 9 External Hosting / Content Delivery Networks (CDN)

    The hosting of this website is carried out by an external service provider:

    HOSTINGER

    On the servers of the external service provider, the personal data collected on this website is stored. For a list of this data, please refer to § 3 (1). Processing of your data by our external service provider only takes place if it is necessary to fulfill its contractual service obligations, and it follows our instructions regarding your data.

    Since the external service provider acts on our behalf regarding the collection, processing, and use of personal data, we have concluded a data processing agreement with the service provider to implement the requirements of Art. 28 DS-GVO.

    The legal basis for the use of the external service provider is Art. 6 Abs. 1 S. 1 lit. b and f DS-GVO.

    § 10 Social Media

    1. Use of Social Media Plug-ins
      1. Currently, we use the following social media plug-ins: Facebook and Instagram, which are only loaded if you have previously activated the function through your consent. Through the plug-ins, we offer you the opportunity to interact with social networks and other users. The legal basis for the use of the plug-ins is Art. 6 Para. 1 S. 1 lit. a DS-GVO, i.e., the integration only takes place after your consent.
      2. The plug-in provider stores the data collected about you as user profiles and uses them for advertising, market research, and/or demand-oriented design of its website. Such an evaluation is particularly made (also for users not logged in) to display demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, for which you must contact the respective plug-in provider. The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged into the plug-in provider, the data we collect is directly assigned to your existing account with the plug-in provider. If you press the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you regularly log out of a social network after using it, especially before activating the button, as this allows you to avoid assigning data to your profile with the plug-in provider.
      3. The collected information is stored on the providers’ servers, and for international providers, also outside of Europe. In these cases, according to the provider’s statements, they have imposed a standard on themselves that corresponds to the former EU-US Privacy Shield and have committed to complying with applicable data protection laws during international data transfer. We have also agreed on so-called standard data protection clauses with the providers, the purpose of which is to ensure an adequate level of data protection in a third country.
      4. You can revoke your consent at any time without affecting the legality of the processing up to the revocation. You can easily perform the revocation via our Consent Manager or through the functions of the social media providers.
      5. For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers provided below. There you will also find further information about your rights in this regard and setting options to protect your privacy. Addresses of the respective plug-in providers and URL of their respective data protection notices: a) Facebook, Meta Platforms Inc., Deborah Crawford 1601 Willow Road Menlo Park, California 94025, USA; Facebook’s Data Policy; further information on data collection: Facebook Help. European office: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. b) Instagram, Meta Platforms Inc., Deborah Crawford 1601 Willow Road Menlo Park, California 94025, USA; Instagram’s Privacy Policy; European office: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. More information on data collection:
    1. Our Social Media Appearances
    1. We maintain profiles on various so-called social media platforms. We operate our profiles with the following providers: a) Facebook, Meta Platforms Inc., Deborah Crawford 1601 Willow Road Menlo Park, California 94025, USA; Facebook’s Data Policy; further information on data collection: Facebook Help. European office: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. b) Instagram, Meta Platforms Inc., Deborah Crawford 1601 Willow Road Menlo Park, California 94025, USA; Instagram’s Privacy Policy; European office: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. More information on data collection:

    2. For these information services, we rely on the technical platform and services of the providers. Please note that you use our social media profiles and their functionalities at your own responsibility. This particularly applies to the use of interactive features (e.g., commenting, sharing, rating). When visiting our social media profiles, the providers collect information such as your IP address and other data stored as cookies on your device. This data is used to provide us, the account operators, with statistical information about user interactions.

    3. The data collected about you in this context is processed by the platforms, possibly transferred to countries outside the European Union, especially to the USA. All aforementioned providers claim to maintain a data protection level corresponding to the former EU-US Privacy Shield, and we have concluded standard data protection clauses with these companies. We are unaware of how these social media platforms use the data from your visit and interactions for their purposes, how long they store this data, and if they share it with third parties. The data processing might vary depending on whether you are registered and logged into the social network or visit as an unregistered and/or non-logged-in user. Accessing a post or account sends the IP address assigned to your device to the social media platform provider. If you’re currently logged in, a cookie on your device can trace your online activity. The platforms can track your visits to other websites and associate them with your profile using embedded buttons on web pages. Based on this data, content or advertising can be tailored to you. If you want to avoid this, you should log out or deactivate the “stay logged in” feature, delete cookies on your device, and restart your browser.

    4. As the information service provider, we also process data from your use of our service that you share with us, which requires interaction. For instance, if you ask a question we can only answer by email, we will save your data based on the general principles of our data processing described in this privacy policy. The legal basis for processing your data on the social media platform is Art. 6 Para. 1 S. 1 lit. f DS-GVO.

    5. To exercise your rights as a data subject, you can contact either us or the social media platform provider. If a party isn’t responsible for answering or needs information from the other party, either we or the provider will forward your request to the respective partner. For questions about profile creation, data processing when using the website, please contact the operator of the social media platform directly. For queries regarding your interaction with us on our page, use the contact details provided by us above.

    6. Information on what data the social media platform collects and how it is used is described by the providers in their privacy policies (links as mentioned above). There, you will also find information about contact options and settings for advertisements. More information on social networks and how you can protect your data can also be found at www.youngdata.de.

    § 11 Data Security

    All information you submit to us is stored on servers within the European Union. Unfortunately, the transmission of information via the internet is not entirely secure, which is why we cannot guarantee the security of data transmitted to our website via the internet. However, we protect our website and other systems with technical and organizational measures against loss, destruction, access, alteration, or dissemination of your data by unauthorized persons. In particular, your personal data is transmitted encrypted. We use the encryption systems SSL (Secure Socket Layer) or TLS (Transport Layer Security).

    § 12 No Transfer of Personal Data

    We do not share your personal data with third parties unless you have consented to the data transfer or we are entitled or obligated to transfer data due to legal regulations and/or official or judicial orders. This may particularly involve providing information for purposes of law enforcement, danger prevention, or the enforcement of intellectual property rights.

    § 13 Data Protection and Third-party Websites

    The website may contain hyperlinks to and from third-party websites. If you follow a hyperlink to one of these websites, please note that we cannot accept responsibility or liability for external content or data protection conditions. Please familiarize yourself with the respective data protection conditions before submitting personal data to these websites.

    § 14 Changes to these Data Protection Provisions

    We reserve the right to change these data protection provisions at any time with effect for the future. The latest version is available on the website. Please visit the website regularly and inform yourself about the current data protection provisions.

    April 2023

     

     

    Your privacy!

    By clicking “Accept all cookies”, you agree to store cookies on your device.

    This will close in 0 seconds