Data protection declaration

Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.

Your data may be transferred to third countries outside the European Union for which an adequacy decision has been made by the EU Commission. In the absence of an adequacy decision by the EU Commission, such as for transfers to the USA, the data transfers will be based on standard contractual clauses as appropriate guarantees for the protection of personal data, among other things, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de

Contact

Responsible person
Contact us at any time. The person responsible for data processing is: Angela Bailey, Eschersheimer Landstr. 224, 60320 Frankfurt Deutschland, +49 (0)69 29721744, angela@elfen-und-helden.de

Customer account      Orders      

Your data may be transferred to third countries outside the European Union for which an adequacy decision has been made by the EU Commission. In the absence of an adequacy decision by the EU Commission, such as for transfers to the USA, the data transfers will be based on standard contractual clauses as appropriate guarantees for the protection of personal data, among other things, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de

Evaluations       Advertising      

Your data will be forwarded to a service provider for email marketing in the course of order processing. It will not be forwarded to other third parties.

Shipping companies       Merchandise management      

Cowis 

Payment service providers      

The use of PayPal Check-Out
We use the PayPal Check-Out payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. With the selection and use of payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to be able to fulfill the contract with you with the selected payment method. This processing is based on Art. 6 para. 1 lit. b DSGVO.

Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal.
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, PayPal reserves the right, if necessary, to obtain credit information on the basis of mathematical-statistical methods using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a weighed decision on the establishment, implementation or termination of the contractual relationship. The credit information may include probability values (score values), which are calculated on the basis of scientifically recognized mathematical-statistical methods and in the calculation of which, among other things, address data are included. Your interests worthy of protection are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit assessment for a contract initiation. The processing is carried out on the basis of Art. 6 (1) lit. f DSGVO for our overriding legitimate interest in protecting against payment default when PayPal makes advance payments.
You have the right to object at any time to this processing of personal data relating to you based on Art. 6 (1) (f) DSGVO for reasons arising from your particular situation by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method requested by you. Failure to provide it will result in the contract not being concluded with the payment method you have chosen.

Local third-party providers
When paying via the payment method of a local third-party provider, the data required for payment processing is transmitted to PayPal. This processing takes place on the basis of Art. 6 para. 1 lit. b DSGVO.  For the execution of this payment method, the data may then be forwarded by PayPal to the respective provider. This processing takes place on the basis of Art. 6 para. 1 lit. b DSGVO. Local third-party providers may be, for example:

– Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany).
– giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main, Germany)

Purchase on account via PayPal
When paying via the payment method purchase on account, the data required to process the payment is first transmitted to PayPal. For the execution of this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you with the selected payment method. This processing is based on Art. 6 para. 1 lit. b DSGVO. Ratepay may conduct a credit check on the basis of mathematical-statistical methods using credit agencies according to the procedure already described above. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 (1) lit. f DSGVO from our overriding legitimate interest in protecting against payment default when Ratepay makes advance payments. For more information on data protection and which credit agencies Ratpay uses, please visit https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.

For more information on data processing when using PayPal, please see the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Use of SOFORT
On our website we use the payment service provider SOFORT GmbH, (Theresienhöhe 12, 80339 Munich, Germany; "SOFORT") for payment processing. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The data processing serves the purpose of allowing us to offer you various payment methods by processing payments via the payment service provider SOFORT. Once you have chosen the payment option, the data required to process the payment will be transmitted to SOFORT. This data processing is carried out on the basis of Article 6 para. 1 lit. b GDPR. For more information on data processing in connection with the use of the payment service provider SOFORT, please visit https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ and https://www.klarna.com/sofort/.

Use of the payment service provider Stripe
On our website we use the Stripe payment service of Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland). The data processing serves the purpose of offering you payment via the payment service. By selecting and using Stripe, the data required for payment processing is transmitted to Stripe in order to be able to fulfil the contract with you with of the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If required, Stripe reserves the right to obtain a credit report on the basis of mathematical-statistical procedures using credit rating agencies. For this purpose, Stripe transmits the personal data required for credit assessment to a credit rating agency and uses the obtained information on the statistical probability of payment default in order to reach a reasonable decision on the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical methods and include, among other things, address data. Your legitimate interests will be taken into account in accordance with the legal requirements. The data processing serves the purpose of a credit check for  contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if Stripe pays in advance.
For reasons that arise from your particular situation, you have the right to object to the processing of your personal data carried out on the basis of Art. 6 para. 1 lit. f GDPR at any time by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with the payment method of your choice. Failure to provide such data shall mean that the contract cannot be concluded with the payment method you have selected.
All Stripe transactions are subject to Stripe Privacy Policy. You can find these at https://stripe.com/de/privacy

Cookies 

Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.

Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.

Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:

Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en

Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09

Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

technically necessary cookies
Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.

The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TTDSG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.

Use of Borlabs Cookie
Our website uses the consent management tool Borlabs Cookie from Borlabs – Benjamin A. Bornschein (Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany; “Borlabs”).
The tool enables you to grant consents to data processing via the website, in particular the placing of cookies, and to make use of your right of revocation for consents already granted.
The processing of data serves the purpose of obtaining necessary consents for data processing and to document these, thereby complying with statutory obligations.
Cookies may be deployed for this purpose. The following information, among others, can be collected: Date and time the page was viewed, information about the browser and device you are using, UID (randomly assigned anonymous ID), opt-in and opt-out data. This data will not be passed on to third parties. 
The data processing is carried out on the basis of Article 6(1)(c) GDPR to comply with a legal obligation.
More information on data protection at Borlabs can be found at: https://de.borlabs.io/borlabs-cookie/

Analysis      Advertising tracking       Communication      Partner program      

Use of Facebook Pixel
Our website uses the remarketing function "Custom Audiences" by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland "Facebook").
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transfer of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible in particular for the fulfilment of the information obligations in accordance with Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Art. 33, 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Meta Platforms Ireland is responsible for enabling the rights of the data subject in accordance with articles 15-20 of the GDPR, for complying with the security requirements of article 32 of the GDPR with regard to the security of the service, and for complying with the obligations of articles 33, 34 of the GDPR, insofar as a breach of personal data protection concerns Meta Platforms Ireland's obligations under the joint processing agreement.
This application serves to address the visitor to the website with interest-related advertising on the social network Facebook.
We have implemented Facebook’s remarketing tag on our website for this purpose. This tag sets up a direct connection to Facebook’s servers when you visit our website. This informs the Facebook server which of our web pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit the social network Facebook you will then be shown personalised, interest-related Facebook ads.
Your data may be transmitted to the USA. For the USA, no adequacy decision from the EU Commission is available.The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on Facebook’s collection and use of data and your associated rights and options for protecting your privacy in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

Use of Google Ads conversion tracking
Our website uses the online marketing program "Google Ads", including conversion tracking (evaluation of user actions). Google conversion tracking is a service operated by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
If you click on adverts placed by Google, a cookie is placed on your computer for conversion tracking. These cookies have limited validity, do not contain any personal data and thus cannot be used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognise that you have clicked on the advert and were forwarded to this page. Every Google Ads customer receives a different cookie. It is therefore not possible to track cookies relating to the websites of Ads customers.
The information collected using the conversion cookie serves the purpose of producing conversion statistics. This allows us to find out the total number of users who have clicked on our adverts and were forwarded to a page equipped with a conversion tracking tag. However, they do not receive any information with which could be used to personally identify users.
Your data may be transmitted to the USA. For the USA, no adequacy decision from the EU Commission is available.The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adscontrollerterms/.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You will find more information as well as Google’s data privacy policy at: https://www.google.com/policies/privacy/


Use of Zoom
For the execution of our online seminars/courses (hereinafter referred to as: online seminars) within the framework of an agreement for the processing of orders, we use the video conferencing tool Zoom from Zoom Video Communications, Inc. (55 Almaden Boulevard, San Jose, CA 95113, USA; "Zoom").
You can participate in our online seminars via the Zoom app (after downloading it from the provider's website) or via the browser version on the provider's website. In order to participate in our online seminars, it is therefore necessary to visit the website of the provider Zoom at least once. Zoom is responsible for processing your data there.
We are responsible for the processing of your personal data in connection with our online seminars.
This data processing serves the purposes of conducting our online seminar as well as preparing and following up. For this purpose, we collect and process the following aspects of your personal data: name, e-mail address, password (if no single sign-on was used), IP address, information about the device used, date/time of the online seminar and, in case of telephone dial-up, the incoming and outgoing telephone number and country. The provision of this data is necessary for the fulfilment of the agreement concluded between you and us for the provision of the online seminar. Failure to provide this data means that you cannot participate in our online seminar.
Furthermore, we collect and process text entries made by you during the online seminar as well as video and audio transmissions of your device. You can deactivate your camera and microphone before entering the online seminar and at any time during the online seminar. In this case, no data will be recorded. If you do not want to provide data via the chat, camera or audio function, you will not be able to actively participate in the online seminar or communicate with other participants.
If we record our online seminars for follow-up purposes, in particular for subsequent provision to the respective participants, you will be informed separately before the start of the online seminar. You will also recognise a recording by the identification during the online seminar. During a recording, your name, any text entries made in the chat as well as video/audio transmissions of your device will be saved and, if necessary, subsequently transmitted to the respective participants of the online seminar.
The data collected during the execution of our online seminars are transmitted to Zoom and thus to the USA within the framework of the order processing contract. 
The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you.
Further information on data processing when using Zoom can be found at: https://zoom.us/de-de/privacy.html

Using the Amazon Partner Program
We use the "AmazonPartnerNet" partner program from Amazon EU S.a.r.l. (5 Rue Plaetis, L-2338 Luxembourg; "Amazon").
We have configured advertising on our website as links to offers on various Amazon websites. Amazon uses cookies. These cookies ensure the correct billing for the partner program. By using cookies Amazon can identify when you have clicked on an advertising link and can trace the origin of an order generated via the advertising link.
The data processing, particularly the setting of cookies, is carried out on the basis of Article 6(1)(f) GDPR due to our overriding legitimate interest in measuring the success of partner advertising and thereby the correct billing of commissions as part of the partner program. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out in accordance with Article 6(1)(f) GDPR.
You can prevent the storage of cookies by choosing corresponding technical settings in your internet browser; we would, however, like to point out that this may prevent you from making full use of all the functions of this website. You then won’t be included in the conversion tracking statistics.
The data privacy policy with detailed information on the use of the data by Amazon can be found at https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401



Plug-ins

Use of social plug-ins
Our website uses social network plug-ins. The integration of social plug-ins and the data processing associated with this serves the purpose of optimising the advertising for our products.
The integration of social plug-ins involves a connection between your computer and the servers of the service provider of the social network which then instructs your web browser to display the plug-in on that web page, provided you have expressly consented to this. In this process, both your IP address as well as the information on which web pages you have visited will be transmitted to the provider’s servers. This happens regardless of whether you are registered with or logged into the social network. The information is transferred even if users are not registered or logged in. Should you be connected simultaneously with one or more of your social network accounts, the collected information may also be assigned to your corresponding profiles. When using the plug-in functions (e.g. by pressing the appropriate button), this information will also be assigned to your user account. You can therefore prevent this assignment by logging yourself out before visiting our website and before activating the button for your social media accounts.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
The following social networks are integrated in our website through social plug-ins. You can find more detailed information on the scope and purpose of collection and use of the data and your associated rights and options for protecting your privacy in the provider’s privacy policy via the link.

Facebook by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland).
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transfer of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible in particular for the fulfilment of the information obligations in accordance with Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Art. 33, 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Meta Platforms Ireland is responsible for enabling the rights of the data subject in accordance with articles 15-20 of the GDPR, for complying with the security requirements of article 32 of the GDPR with regard to the security of the service, and for complying with the obligations of articles 33, 34 of the GDPR, insofar as a breach of personal data protection concerns Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transmitted to the USA. There is no adequacy decision of the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, vavailable at: https://www.facebook.com/legal/EU_data_transfer_addendum.
For more information on data protection please visit: https://www.facebook.com/about/privacy/.