Personal data (usually referred to just as “data” below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.
Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the “GDPR”), “processing” refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.
I. Information about us as controllers of your data
II. The rights of users and data subjects
III. Information about the data processing
I. Information about us as controllers of your data
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Petz Plaza eK
Phone +49 (0)5251 542511
II. The rights of users and data subjects
With regard to the data processing to be described in more detail below, users and data subjects have the right
to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).
In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.
Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller’s future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.
III. Information about the data processing
Your data processed when using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.
For technical reasons, the following data sent by your internet browser to us or to our server provider Aditsystems will be collected, especially to ensure a secure and stable website: These server log files record the type and version of your browser, operating system, the website from which you came (referrer URL), the webpages on our site visited, the date and time of your visit, as well as the IP address from which you visited our site.
The data thus collected will be temporarily stored, but not in association with any other of your data.
The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.
The data will be deleted within no more than seven days, unless continued storage is required for evidentiary purposes. In which case, all or part of the data will be excluded from deletion until the investigation of the relevant incident is finally resolved.
a) Session cookies
This processing makes our website more user-friendly, efficient, and secure, allowing us, for example, to display our website in different languages or to offer a shopping cart function.
The legal basis for such processing is Art. 6 Para. 1 lit. b) GDPR, insofar as these cookies are used to collect data to initiate or process contractual relationships.
If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Art. 6 Para. 1 lit. f) GDPR.
When you close your browser, these session cookies are deleted.
b) Third-party cookies
Please refer to the following information for details, in particular for the legal basis and purpose of such third-party collection and processing of data collected through cookies.
c) Disabling cookies
If you prevent or restrict the installation of cookies, not all of the functions on our site may be fully usable.
The data you submit when ordering goods and/or services from us will have to be processed in order to fulfil your order. Please note that orders cannot be processed without providing this data.
The legal basis for this processing is Art. 6 Para. 1 lit. b) GDPR.
After your order has been completed, your personal data will be deleted, but only after the retention periods required by tax and commercial law.
In order to process your order, we will share your data with the shipping company responsible for delivery to the extent required to deliver your order and/or with the payment service provider to the extent required to process your payment.
The legal basis for the transfer of this data is Art. 6 Para. 1 lit. b) GDPR.
If you create a customer account with us via our website, we will use the data you entered during registration (e.g. your name, your address, or your email address) exclusively for services leading up to your potential placement of an order or entering some other contractual relationship with us, to fulfil such orders or contracts, and to provide customer care (e.g. to provide you with an overview of your previous orders or to be able to offer you a wishlist function). We also store your IP address and the date and time of your registration. This data will not be transferred to third parties.
If you give your consent to this processing, Art. 6 Para. 1 lit. a) GDPR is the legal basis for this processing.
If the opening of the customer account is also intended to lead to the initiation of a contractual relationship with us or to fulfil an existing contract with us, the legal basis for this processing is also Art. 6 Para. 1 lit. b) GDPR.
You may revoke your prior consent to the processing of your personal data at any time under Art. 7 Para. 3 GDPR with future effect. All you have to do is inform us that you are revoking your consent.
The data previously collected will then be deleted as soon as processing is no longer necessary. However, we must observe any retention periods required under tax and commercial law.
The legal basis for this is Art. 6 Para. 1 lit. a) GDPR.
You may revoke your prior consent to receive this newsletter under Art. 7 Para. 3 GDPR with future effect. All you have to do is inform us that you are revoking your consent or click on the unsubscribe link contained in each newsletter.
If you contact us via email or the contact form, the data you provide will be used for the purpose of processing your request. We must have this data in order to process and answer your inquiry; otherwise we will not be able to answer it in full or at all.
The legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR.
Your data will be deleted once we have fully answered your inquiry and there is no further legal obligation to store your data, such as if an order or contract resulted therefrom.
Links YouTube videos
We also integrate the following social media site into our website:
The integration takes place via a linked graphic of the social network. The use of these graphics stored on our own servers prevents the automatic connection to the servers of this network for their display. Only by clicking on the corresponding graphic will you be forwarded to the service of the social network.
Once you click, that network may record information about you and your visit to our site. It cannot be ruled out that such data will be processed in the United States. The United States is considered to be a country with an inadequate level of data protection according to EU standards by the European Court of Justice. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without legal remedies.
Initially, this data includes such things as your IP address, the date and time of your visit, and the page visited. If you are logged into your user account on that network, however, the network operator might assign the information collected about your visit to our site to your personal account. If you interact by clicking like, share, etc., this information can be stored in your personal user account and possibly posted on the respective network. To prevent this, you need to log out of your social media account before clicking on the graphic. The social media network also offer settings that you can configure accordingly.
Shariff social media buttons
The content on our pages can be shared in accordance with data protection in social networks such as Facebook, Pinterest and Twitter or via email and WhatsApp. We use the Shariff Wrapper plugin.
The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website.
Shariff is an open source program developed by c’t and heise. By integrating this plug-in, linked graphics prevent the social network from automatically establishing a connection to the respective social networks server when you visit website(s) on which the buttons are integrated. Only if you click on one of these linked graphics will you be forwarded to the service of the respective social network. Only then will information about your use of our site be recorded by the respective social network. This information may include your IP address, the date and time you visited our site, as well as the pages you viewed.
If you are logged in to one of the social network services while visiting one of our websites with the integrated social media buttons, the information collected from your specific visit will be recognized by the provider of that social network and assigned to your personal user account there and/or publish information about your interaction with our site there. If, for example, you use the share button for the social network, this information may be stored in your user account there and published on the platform of the respective social network provider. To prevent this, you must either log out of the social network before clicking the graphic or make the appropriate settings in your social network account.
Further information about Shariff is available at http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.
Application and use of Matomo
Our website uses Matomo (formerly: PIWIK). This is open-source software with which we can analyse the use of our site. Data such as your IP address, the pages you visit, the website from which you came (referrer URL), the duration of your visit, and the frequency of your visits is processed.
Matomo stores a cookie on your device via your browser in order to collect this data. This cookie is valid for one week.
The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis and optimization of our website.
We use Matomo with the “Automatically Anonymize Visitor IPs” function. This anonymization function truncates your IP address by two bytes so that it is impossible to assign it to you or to the internet connection you are using.
If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your browser. Further details can be found in the section about cookies above.
Payment Method: Data protection provisions about the use of Mollie B.V. as a payment processor for Apple Pay, Bancontact, Belfius Direct Net, Credit Card (American Express, Cartes Bancaires, MasterCard, Visa), EPS Austria, giropay, iDEAL, ING Home’Pay Belgium, KBC/CBC Payment Button, Przelewy24 and SOFORT Banking
We have integrated Mollie B.V. components. The legal basis for engaging payment service providers is contract processing in accordance with Art. 6 Para. 1 b GDPR. Mollie B.V. is an online payment service provider, which allows purchases with Apple Pay, Bancontact, Belfius Direct Net, Credit Card (American Express, Cartes Bancaires, MasterCard, Visa), EPS Austria, giropay, iDEAL, ING Home’Pay Belgium, KBC/CBC Payment Button, Przelewy24 and SOFORT Banking. Mollie B.V. makes it possible to trigger online payments to third parties or to receive payments.
If you select Apple Pay, Bancontact, Belfius Direct Net, Credit Card (American Express, Cartes Bancaires, MasterCard, Visa), EPS Austria, giropay, iDEAL, ING Home’Pay Belgium, KBC/CBC Payment Button, Przelewy24 or SOFORT Payment during the ordering process in our online shop as a payment option, your data is automatically transmitted to Mollie B.V.. By selecting one of these payment options, you agree to this transmission of personal data required for the processing of the purchase, or identity and creditworthiness checks.
The personal data transmitted to Mollie B.V. is usually first name, surname, address, email address, IP address, as well as other data necessary for the processing of a purchase. The processing of the purchase contract also requires such personal data, which are in connection with the respective order. In particular, the exchange of payment information such as bank details, card number, date of validity and CVC code, cumulative number, item number, data on goods and services, prices and taxes, information on the previous purchase behaviour or other details of your financial situation.
The purpose of the transmission of the data is, in particular, the identification check, payment administration, and fraud prevention. The controller shall provide Mollie B.V. with personal data, in particular, if a legitimate interest in the transmission exists. The personal data exchanged between Mollie B.V. and the data subject for the data processing shall be transmitted by Mollie B.V. to economic agencies. This transmission is intended for identity and creditworthiness checks.
Mollie B.V. shall also pass on the personal data to affiliates and service providers or subcontractors as far as this is necessary to fulfil contractual obligations or to process the data in the order.
Mollie B.V. collects and uses data and information on the previous payment behaviour of the data subject as well as probability values for their behaviour in the future (so-called scoring) in order to decide on the reasoning, implementation or termination of a contractual relationship. The calculation of scoring is carried out on the basis of scientifically-recognized mathematical-statistical methods.
You are able to revoke the consent to the handling of personal data at any time from Mollie B.V.. A revocation shall not have any effect on personal data which must be processed, used or transmitted in accordance with (contractual) payment processing.
The applicable data protection provisions of Mollie B.V. may be retrieved under https://www.mollie.com/en/privacy.
a) Mollie integration Apple Pay
In order to be able to offer Apple Pay from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment processing is carried out via the Apple Pay function of a device operated with iOS, watchOS or macOS by debiting a deposit with Apple Pay payment card. Apple Pay uses security features that are integrated into the hardware and software of your device to protect the transactions. To release a payment, a code previously specified by the you and verification using the face ID or touch ID function of the end device are required.
Personal data and order data communicated as part of the ordering process are passed on to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is sent to the payment service provider of the payment card stored in Apple Pay to carry out the payment. Encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the outgoing website to confirm the payment.
Apple retains anonymized transaction information, including the approximate purchase amount, approximate date and time, and whether the transaction was completed successfully. Anonymization completely excludes personal references. Apple uses the anonymized data to improve Apple Pay and other Apple products and services.
By choosing Apple as a payment service provider, you also consent to Art. 49 para. 1 sentence 1 lit. a GDPR that your data will be processed in the USA. The United States is considered to be a country with an inadequate level of data protection according to EU standards by the European Court of Justice. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without legal remedies.
If you use Apple Pay on the iPhone or Apple Watch to complete a purchase, the Mac and the authorization device communicate over an encrypted channel on the Apple servers. Apple does not process or store any of this information in a format that can identify you. You can deactivate the option to use Apple Pay on your Mac in the settings of your iPhone. Further information on data protection at Apple Pay: https://support.apple.com/en-euro/HT203027.
b) Mollie integration giropay
c) Mollie integration Klarna SOFORT Banking
In order to be able to offer Klarna’s payment option, certain aspects of personal information, such as contact and order details, will be passed to Klarna in order for Klarna to assess whether you qualify for their payment option SOFORT Banking and to tailor the payment options.
General information on Klarna can be found here: https://www.klarna.com/. Personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s privacy statement: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/en_de/privacy.
Payment Method: Data protection provisions about the use of PayPal as a payment processor
On this website we have integrated components of PayPal. PayPal is an online payment service provider. The legal basis for engaging payment service providers is contract processing in accordance with Art. 6 Para. 1 b GDPR.
Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. PayPal is also able to process virtual payments through credit cards when a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there are no classic account numbers. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also accepts trustee functions and offers buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If you choose “PayPal” as the payment option in the online shop during the ordering process, we automatically transmit your data to PayPal. By selecting this payment option, you agree to the transfer of personal data required for payment processing.
The personal data transmitted to PayPal is usually first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. The processing of the purchase contract also requires such personal data, which are in connection with the respective order.
The transmission of the data is aimed at payment processing and fraud prevention. We will transfer personal data to PayPal, in particular, if a legitimate interest in the transmission is given. The personal data exchanged between PayPal and us for the processing of the data will be transmitted by PayPal to economic credit agencies. This transmission is intended for identity and creditworthiness checks.
PayPal will, if necessary, pass on personal data to affiliates and service providers or subcontractors to the extent that this is necessary to fulfil contractual obligations or for data to be processed in the order.
By choosing PayPal as a payment service provider, you also consent to Art. 49 para. 1 sentence 1 lit. a GDPR that your data will be processed in the USA. The United States is considered to be a country with an inadequate level of data protection according to EU standards by the European Court of Justice. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without legal remedies.
You have the possibility to revoke consent for the handling of personal data at any time from PayPal. A revocation shall not have any effect on personal data which must be processed, used or transmitted in accordance with (contractual) payment processing.
The applicable data protection provisions of PayPal may be retrieved under https://www.paypal.com/us/webapps/mpp/ua/privacy-full.
Omlet Ltd. affiliate program
The controller takes part in the Omlet Ltd. affiliate program. The operating company is Omlet Ltd., Tuthill Park, Wardington, OX17 1RR, England.
On the knowledge base page Omlet Eglu – the perfect chicken coop are links integrated to the website of Omlet Ltd., when used by a data subject the controller may generate advertising revenue. By clicking on affiliate links from Omlet Ltd. the internet browser on the data subject’s information technology system is automatically prompted to send data to Omlet Ltd. for the purpose of online advertising and the settlement of commissions. As part of this technical process, Omlet Ltd. will be aware of personally identifiable information that Omlet Ltd. uses to track the origin of orders received and subsequently allow commission settlement. Among other things, Omlet Ltd. understands that the person has clicked on a partner link on our website.
If the data subject is on the Omlet website, the the terms and conditions and guidelines for data processing of Omlet Ltd. apply. Further information and Omlet Ltd.’s applicable data protection regulations can be found at: https://www.omlet.co.uk/misc/gdpr
Existence of automated decision-making
As a responsible company, we do not use automatic decision-making.