Privacy and policy
Data Privacy Statement
Thank you for your interest in our services and your visit to our website.
Data Privacy on the Webpages of Scratchy
Personal Data
Personal data is information that may be used to determine personal or factual characteristics about you (e.g., name, address, telephone number, date of birth, or email address). Information with which we cannot create a link (or can only do so with disproportionate effort) to you personally, such as anonymized information, is not personal data.
What Personal Data is Collected and Processed by Us?
You can visit our webpages without informing us about who you are and without providing any corresponding personal data (e.g., name, address, telephone number, or email address), unless you provide them to us voluntarily or the corresponding legal provisions on the protection of your data allow this.
Purpose
We will collect, process, and use the personal data provided by you online only for the purposes stated to you.
Some data that we may collect about you is necessary in order for us to: – Provide you with the services you desire; – Perform our contracts with you; – Comply with legal provisions (e.g., billing).
If we directly collect data from you, we may ask for your permission and clearly label mandatory information (e.g., with a star [*]). Any other details without a star will be provided by you voluntarily.
Legal Basis
The legal basis for the processing of your data may be the following:
– Your consent to data use in accordance with Art. 6(1)(a) GDPR; – The fulfillment of our service obligations resulting from the contracts concluded with you, in order to provide you with the desired services, in accordance with Art. 6(1)(b) GDPR; – Our legitimate interest in accordance with Art. 6(1)(f) GDPR, e.g., (our commercial interests in the improvement of our services, so that we can better understand your needs and expectations and therefore improve our services for you; for the prevention of fraud and to guarantee that the use of our webpages takes place completely and without fraudulent conduct; in order to guarantee the security of our services and ensure that our offering is technically safe and works properly; to secure and implement our contractual entitlements and claims) – Legal bases in accordance with Art. 6(1)(c) GDPR, if the collection, storage, transfer, or other processing of the data is legally prescribed or necessary for the processing, in order to fulfill our statutory obligations.
Forwarding of Data
We will neither sell nor market your personal data to third parties, nor will we pass it on for other reasons, if this is not listed within this Data Privacy Statement. The passing on of your personal data without your explicit prior permission will only take place in the following cases, in addition to the other cases named in this Data Privacy Statement:
– If necessary for the resolution of unlawful use or misuse of our webpages or for prosecution, personal data will be passed on to the criminal prosecution authorities and, if necessary, to third parties who have been harmed. However, this will only take place if there are specific indications of unlawful conduct or misuse. We are also legally obliged to provide information to certain public bodies upon request. These are criminal prosecution authorities, authorities that pursue administrative offenses punishable by a financial penalty, and the financial authorities.
– Forwarding to third parties bound to professional secrecy can only take place if this is necessary for the implementation of the contractual terms and conditions or other agreements, and our claims from contracts that you have concluded with us.
– For the provision of our service, we are occasionally reliant on contractually bound third-party companies and external service providers, e.g., for hosting. In such cases, information will be passed on to these companies or individuals in order to enable further processing. These external service providers are carefully selected by us and checked regularly to ensure that your privacy remains protected, and they may only process the data for the purposes specified by us. They are also contractually obliged by us to only handle your data exclusively in accordance with this Data Privacy Statement and the relevant data privacy laws.
– As part of the further development of our business, the structure of our company may change, in that the legal form is changed, or subsidiary companies, business units, or components are founded, purchased, or sold. In the event of such transactions, the customer information will be passed on, together with the part of the company to be transferred, with your consent. During any transfer of personal data to third parties to the specified extent, we will ensure that the further use takes place in accordance with this Data Privacy Statement and the relevant data protection laws, and we will ask for your permission.
Use of Cookies
We do not create personal user profiles. In connection with the displaying of information requested by you, data is only stored on our servers in anonymized form, for the provision of our various services or for analysis purposes. General information is hereby logged, e.g., which content of our offering is accessed and when, and what pages are visited the most frequently. For these purposes, we use so-called “cookies” (small text files with configuration information). The cookies used serve in particular to determine the frequency of use and the number of users of our websites. This enables us to find out which parts of our websites and which other websites our visitors have visited.
Moreover, our webpages do not store cookies that do not have only technically necessary functions and do not only enable the proper functioning of our webpages if you have not accepted them beforehand. For this purpose, you must agree before the storage of cookies by selecting the types of cookies you desire or accept and clicking on “Accept” on the banner that contains the notice on the storage of cookies. Further detailed information about the types of cookies we use and how to configure the use of individual types of cookies, and agree and object to their use, can be found in our cookie settings.
The legal bases for this data processing are Art. 6(1)(f) GDPR (which permits the processing of data for the protection of legitimate interests of the data controller) and Art. 6(1)(a) GDPR (which permits data processing based on your consent).
Most browsers are configured so that they automatically accept cookies. However, you can deactivate the storage of cookies or set your browser so that it notifies you before cookies are stored. Users who do not accept cookies may not be able to access certain parts of our website.
Google Analytics
If you have agreed to the use of corresponding cookies, our website may use Google Analytics, a website analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses so-called “cookies”, which are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website will generally be sent to a Google server in the USA, where it will be stored.
Google will use this information on our behalf to analyze your use of our website, compile reports on the website activities, and provide the website operator with services associated with the website use and internet use. Google may also pass on this information to third parties if this is legally required or if third parties process this data on behalf of Google.
The legal basis for this data processing is Art. 6(1)(f) GDPR, which allows the processing of data to protect legitimate interests of the data controller.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out to you that in this case, you may not be able to use all functions of this website to their full extent.
You can also prevent the logging of the data generated by the cookie and related to your use of the website by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to this browser plugin or within browsers on mobile devices, you can prevent the logging by Google Analytics by deactivating the functionality option in the cookie settings. An opt-out cookie will then be placed, preventing the future logging of your data when visiting this website.
Further information about this can be found at http://tools.google.com/dlpage/gaoptout?hl=de or http://www.google.com/intl/de/analytics/learn/privacy.html (general information about Google Analytics and data privacy).
Vimeo
Within our app, we may use plugins of video portal Vimeo. The operator of this site is Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA. If you visit a site equipped with a Vimeo plugin, a connection to the Vimeo servers will be established. The Vimeo server will thereby be informed which of our sites you have visited. If you are logged into your Vimeo account, you enable Vimeo to directly match your surfing behavior with your personal profile. You can prevent this by logging out of your Vimeo account. The use of Vimeo takes place in the interest of an appealing presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. You can find further information about the handling of user data in the Vimeo data privacy declaration at https://vimeo.com/privacy.
YouTube
Within our sites, we may use plugins of video portal YouTube. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit a site equipped with a YouTube plugin, a connection to the YouTube servers will be established. The YouTube server will thereby be informed which of our sites you have visited. If you are logged into your YouTube account, you enable YouTube to directly match your surfing behavior with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube takes place in the interest of an appealing presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. You can find further information about the handling of user data in the YouTube data privacy declaration at https://www.google.de/intl/de/policies/privacy
Server Log Files
Your visit to our websites will be automatically logged by our web servers.
In connection with the information requested by you from our websites, data is logged for the provision of our various services or for analysis and security purposes and may be stored in anonymous form (non-personalized). The web server used by us automatically stores data about the displaying of our webpages in so-called server log files. This data is as follows: – IP address – Referrer URL (the site from which you visit us) – Time of server request – Host name of the accessing end device (the name of your internet service provider) – Browser type and browser version – Operating system used and its settings
The processing of the above-named data takes place for security purposes, for general fraud prevention, and as a precaution against attacks on our websites. An automated amalgamation of this data with data from other data sources does not take place.
If your IP address is automatically logged, it will be automatically deleted after 30 days at the latest.
Otherwise, only general information is logged, e.g., when which content of our offering is accessed and what pages are visited the most frequently, the names of the requested files, and their dates and times of access. This data is used to improve our services and does not enable matches to be made with you personally. We will not use this information for any other purposes.
The legal basis for the data processing is Art. 6(1)(f) GDPR, which allows the processing of data to protect legitimate interests of the data controller.
Data Storage
We only store personal data that you send to us for as long as we require it, in order to fulfill the purposes for which this data has been sent, or as long as this is stipulated by law: – If you conclude contracts with us, we will store and process your personal data for the duration of the contract and beyond for the fulfillment of your post-contractual obligations and matters, and for the duration of the statutory retention periods (maximum 10 years). – If you have agreed to the use of your email address for marketing purposes, we will store your email address within our mailing database until you de-register or request that we erase the data. – If you send us a query, we will process your personal data for the duration of the processing of your query.
When we no longer require your personal data, we will erase it from our systems and records or anonymize it so that it can no longer be identified. We can retain certain personal data in order to comply with our statutory and regulatory obligations, and to enable us to manage our rights (e.g., the assertion of our rights in court), or for statistical purposes (in anonymized form).
Data Security
For the secure transmission of your personal data, we use so-called SSL encryption. This form of transfer is recognized as a secure form of data transfer based on our current knowledge. We endeavor to take technical and organizational security measures to protect your personal data against unintentional or unlawful erasure, changes, or loss, and against unauthorized forwarding or unauthorized access. Our employees are accordingly obliged to maintain secrecy and data privacy.
In order to prevent the loss or misuse of the data stored by us, we take comprehensive technical and organizational safety precautions, which are regularly reviewed and adjusted to meet technological advances. If it is within our sphere of influence, we use in particular modern encryption techniques as well as a variety of other measures to prevent third parties from obtaining unauthorized information. You will recognize an encrypted connection when the address bar of the browser changes from “http://” to “https://” and you will see a lock symbol in your browser bar. If there is an SSL or TLS encryption, the data you exchange with us cannot be seen by third parties.
However, we would like to point out to you that due to the structure of the internet, it is possible that the data protection regulations and the above-named security measures of other persons or institutions not within our area of responsibility cannot be observed. In particular, data passed on in a non-encrypted form can be read by third parties, even if it is sent via email. We have no technical influence on this occurrence. In these cases, it is the responsibility of the user to protect the data it provides against misuse, by encryption or other methods.
Contact
Should you have any questions or comments about the handling or use of your personal data, or should you require information about the personal data stored about you, or should you wish to exercise your other rights named below, please contact us at:
Email: oreisen.store@gmail.com
You can also use the contact details for other general queries and contact requests. Your contact details will be collected and processed by us. You can generally decide yourself which data you provide to us when contacting us. In this case, we will only use your data to respond to your query.
Your Rights as a Data Subject
As a data subject in the data processing, you have the following rights listed in this section. If you would like to exercise one of your rights named below, please contact us using the contact details named in the following “Contact” section. Please note that we may request proof of your identity and extensive information about your query before we can process it.
Information, Restriction of Processing, and Erasure
Within the framework of the applicable statutory provisions, you have the right at any time to obtain free information about the data stored about you personally, its origin and recipients, and the purpose of the data processing. On presentation of the respective prerequisites, you may also have the right to the rectification of incorrect data, the restriction of the processing, and the erasure of data.
Withdrawal of Your Consent to Data Processing
Some forms of data processing are only possible on the basis of your explicit consent. You can withdraw consent already given at any time. The legitimacy of the data processing carried out until the withdrawal will remain unaffected by the withdrawal.
Right to Data Portability
Regarding the data that we process automatically on the basis of your consent or in the performance of a contract, you generally have the right to access it yourself or have it provided to a third party in a customary, machine-readable format. If you require the direct transfer of this data to a third party, this will only take place if this is technically possible with reasonable effort.
Right to Lodge a Complaint with the Competent Supervisory Authority
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority.
Hyperlinks to Other Websites
Our website contains so-called hyperlinks to websites of other providers. When activating these hyperlinks, you will be forwarded directly from our website to the websites of the other providers. Regarding these links to external companies and other third parties, we are not responsible for the data privacy requirements or the content of these websites.