Privacy

Information about collection of personal data

In the following paragraphs, you can find more information about the personal data that is collected when you visit our website. Personal data contains information that is linked to you as a person, e.g. name, address, e-mail address and the way you use our services.

The responsible body according to atricle 4, paragraph 7 EU-Datenschutz-Grundverordnung (DS-GVO) is OXID eSales AG, Roland Fesenmayr, Bertoldstraße 48, 79098 Freiburg, Germany, [email protected] (as stated in the imprint). Our data protection officer can be contacted at [email protected] or by mail to OXID eSales with the remark “Die Datenschutzbeauftragte”.

When contacting us by e-mail or by using a contact form, the submitted data will be stored to answer your questions. This data will be deleted, when it is no longer necessary to save the data. Should we be required by law to keep the data, we will restrict the processing of this data.

If we rely on subcontractors to provide services or we would like to use your data for promotional purposes, we will give you more information below. 

Your rights

You have the following rights regarding your personal data

  • Right of access
  • Right to rectification or erasure (‘right to be forgotten’)
  • Right to restriction of processing
  • Right to object
  • Right to data portability
  • You do also have the right to file a complaint with the supervisory authorities.

Collection of personal data on our Website

General Information

If you access our website without registering or submitting personal data, we will only collect the personal data sent to us by your web browser. These data are based on technical requirements and are needed to show the website and provide stability and security according to Article 6, Paragraph 1, Item f. DS-GVO.

  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the Request (specific page)
  • Access status / HTTP status code
  • Amount of transferred data
  • Referring website
  • Browser
  • Operating system
  • Language and version of your web browser

The data are just processed to improve our services. We cannot identify you based on this infomation.
Your IP address will be stored temporarily to discover and to block attacks.

Personal Data

This information is utilised for the sole purpose of improving our services and does not provide any clues as to who you are. The information you submit to us will be used for processing and fulfilling your order. We may process and save your personal information, if this is necessary for performing the contract of sale, and if legal requirements necessitate that we keep this information. We reserve the right to pass on your personal information to credit reference agencies if this is necessary for the purpose of credit checks, providing that the customer expressly agrees to this in the individual case. We will not pass on other personal customer data to third parties without your express agreement, unless we are required by law to hand over data.

Newsletter

If you sign up for our newsletter, we will use the data you provide us with to send you our newsletter, with your express permission. Your email address is required, but all other information is voluntary. Our newsletters contain topical informative contributions, as well as offers from OXID eSales and third-party providers. We use a double opt-in process to verify your subscription to the newsletter. After signing up, you will receive an email requesting your confirmation. This request will expire after 24 hours. If your subscription has not been confirmed, the data is locked and will be deleted after a month.
In addition to the personal data you have provided, we store your IP address and the time of sign up and confirmation for our records. Additionally, this enables us to identify a possible misuse of your personal data. It is possible to unsubscribe at any time, either by clicking the link included in the email or by sending an email to our data protection officer.

Personal data security during the order process in OXID eXchange

During the order process, your data is transferred over the internet in encoded form using Secure Socket Layer (SSL). Credit card details are not saved. They are directly collected and processed by our payment service provider PayPal. We take technical and organisational steps to protect our website and other systems against loss, destruction, access, alteration or circulation of your data by unauthorised persons. It is only possible to access your customer account by entering your personal password. You should always keep your login details secret and close the browser window when you have finished communicating with us, especially if you are using a shared computer.

Credit checks and scoring

If we supply or act in advance, e.g. in the case of a purchase on account, we will seek creditworthiness information, on the basis of mathematical and statistical processes, from Bürgel Wirtschaftsinformationen GmbH & Co. KG, Gasstraße 18, 22761 Hamburg and Creditreform Freiburg Zimmermann KG Jacob-Burckhardt-Str. 15 - 17, 79098 Freiburg, if necessary, in order to protect our legitimate interests. For this purpose, we will send the personal data required for a credit check to Bürgel Wirtschaftsinformationen GmbH & Co. KG and Creditreform Freiburg Zimmermann KG. We will use the information obtained about the statistical probability of non-payment in order to make a balanced decision about entering into, maintaining, or ending a contractual relationship. The creditworthiness information might contain probability values (score values) that are calculated on the basis of scientifically recognised mathematical and statistical processes. Address information, among other information, is used to calculate these values. Your protection-worthy interests will be given consideration pursuant to the legal requirements.

Payment

We are using PayPal for payments on our websites. The responsible body is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxemburg. For the processing of payments, the necessary data will be sent to PayPal, according to Article 6, Paragraph 1, items a (consent) and b (necessary for performance of contract) GDPR.

Job applications

Applications for jobs at OXID eSales by email or the job website will only be used for recruitment processes. Applications sent via the job website are encrypted for the transfer. 
The personal data submitted to OXID eSales will continue to be stored for the working relationship. If the application does not lead to a working relationship, the data will be deleted 3 months after the recruitment process has been finished and if OXID is not obliged to store the data due to legal requirements or has a legitimate interest.

Web analysis

Data on this website is captured and stored for marketing and optimisation purposes using technologies from WiredMinds AG (WiredMinds) and Google Inc. This data can be used to create usage profiles under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are saved locally in the cache of the user’s internet browser. Cookies enable the internet browser to be recognised again. IP addresses that are captured are anonymised immediately after capture by deleting the last set of numbers. You can oppose data collection, processing and storage for the purposes of web analysis by Google and/or WiredMinds at any time with effect for the future.

Use of cookies

To make visiting our website attractive and to enable the use of certain functions, we use ‘cookies’ on various pages. Cookies are small text files that are stored on your end device. Most of the cookies we use are deleted again after the end of the browser session (‘session cookies’). Other cookies remain on your end device and enable us to recognise your browser when you next visit (persistent cookies). You can configure your browser to inform you when cookies are stored, to let you decide in each case whether to accept cookies or to block cookies in all cases. Blocking cookies can limit the functions of our website.

Google Analytics

This website uses Google Analytics, a web analysis service from Google Inc. (‘Google’). Google Analytics uses ‘cookies’, i.e. text files that are stored on your computer and enable analysis of your use of the website. The information provided by the cookie about your use of this website is normally sent to a Google server in the USA, where it is saved.

IP anonymisation is activated on this website. This means that Google will abbreviate your IP address first within the member states of the European Union or in other states party to the agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and abbreviated there.

Google has certified that it adheres to the “Privacy Shield” Principles (https://www.privacyshield.gov/EU-US-Framework). We are allowed to use Google Analytics according to Article 6, Paragraph 1, item f DS-GVO.
Google will use this information, on behalf of the operator of this website, to analyse and evaluate your use of the website, to compile reports about website activities and to provide the website operator with other services related to website and internet use. Google will not associate with other data the IP address sent by your browser in the context of Google Analytics.

You can configure your browser to block cookies. However, this may mean that you are not able to make full use of all of the functions of this website. Furthermore, you can prevent the data created by the cookie and relating to your use of the website (incl. your IP address) from being recorded and processed by Google by downloading and installing the browser plugin available at the following link (https://developers.google.com/analytics/devguides/collection/analyticsjs/user-opt-out)

You can prevent recording by Google Analytics by clicking the following link. An opt-out cookie will be stored that will prevent data from being recorded when you visit this website in future: Deactivate Google Analytics 

You can find more detailed information about conditions of use and privacy at www.google.com/analytics/terms/de.html or www.google.de/intl/de/policies/.

Wired Minds

Products and services from WiredMinds GmbH (www.wiredminds.de), Lindenspürstraße 32, 70176 Stuttgart are used on this website for marketing and optimisation purposes. 
We are allowed to use WiredMinds according to Article 6, Paragraph 1, item f GDPR.

Data is collected, processed and storage used to create usage profiles under a pseudonym. Usage profiles are fully anonymised if this is possible and appropriate. Cookies can be used for this purpose. Cookies are small text files that are stored in the visitor’s internet browser and used to recognise the browser. The data gathered, which may include personal data, is sent to WiredMinds or gathered by WiredMinds itself. WiredMinds is allowed to use information that is left behind when somebody visits a website to create anonymised usage profiles. Data collected in this way is not used to personally identify the visitor to this website without the express agreement of the person concerned, and it is not associated with the personal data of the holder of the pseudonym. IP addresses that are captured are anonymised immediately after capture by deleting the last set of numbers. 

You can find WiredMind’s data protection policy here.

You can rescind permission to collect, process and store data at any time, with effect for the future. To do so, please click here.

Smartlook

This website uses services by Smartsupp.com s.r.o., Millay Horakove 13, 602 00 Brno, Czech Republic to track mouse movements and interactions on the website. We are allowed to use getsitecontrol according to Article 6, Paragraph 1, item f DS-GVO.

There is no transfer of personal data, the collected data can not be linked or traced back to individual users. Smartlook will not record personal data, even if personal data is shown on the website. 

You can deactivate tracking by using this opt-out link.

Marketo

Marketo, a web analysis and marketing service of Marketo EMEA Ltd. in Dublin, Ireland (‘Marketo’) is used on this website. The information provided by the cookie about the use of this website by the users is normally sent to a Marketo server. Marketo operates servers in Ireland, but information may also be sent to servers hosted in the USA. We are allowed to use Marketo according to Article 6, Paragraph 1, item f GDPR.

Marketo has certified that it adheres to the “Privacy Shield” Principles (https://www.privacyshield.gov/EU-US-Framework). 

Marketo is used to analyse and evaluate the use of the website by users and to compile reports about the activities. Marketo also gathers other information relating to website and internet use, in order to collect marketing information on behalf of OXID. Form data entered on this website is also stored in cookies.

You can find Marketo’s privacy information here

There are various ways to block cookies. You can block cookies by configuring your browser settings, but this can result in limited functionality. You can also prevent data collected by Marketo cookies from being processed by setting an opt-out cookie using the button below. This also means that a user profile will not be created. Once the opt-out cookie has been successfully set, ‘Opt-in’ will appear on the button. This button can then be used to remove the opt-out cookie. If you delete the cookies, the information about your opt-out will also be lost.

getsitecontrol

Getsitecontrol, a service by GetWebCraft Limited, Klimentos 41-43, Klimentos Tower, Flat/Office 25, 1061, Nicosia, Cyprus is used on this website to collect user feedback and support users by live chat. We are allowed to use getsitecontrol according to Article 6, Paragraph 1, item f DS-GVO.

You can find the privacy policy here

The information entered is sent to the USA, as the getsitecontrol services are hosted there. GetWebCraft Limited has certified that it adheres to the “Privacy Shield” Principles (https://www.privacyshield.gov/EU-US-Framework). 

Eventbrite

This website uses services by Eventbrite Inc., 155 5th Street, Floor 7, San Francisco, CA 94103, Reg. No. 4742147, USA for ticketing. We are allowed to use Eventbrite according to Article 6, Paragraph 1, item b DS-GVO.

You can find the privacy policy here

The information entered is sent to the Eventbrite servers hosted in the USA. Eventbrite Inc. has certified that it adheres to the “Privacy Shield” Principles (https://www.privacyshield.gov/EU-US-Framework). 

Social Media Plugins

We use the following social media plugins and have implemented a 2-click option. At first, no data will be sent to the plugin providers when you visit our site. Only after clicking the plugin provider’s icon, the information that you have visited our website will be sent along with the data specified under §3. According to Facebook and XING, they anonymize the IP address immediately after its collection.

By clicking the provider’s icon, your personal data will be transmitted to the plugin’s provider and stored there. If the plugin provider resides in the USA, the data will be transmitted there. The plugin providers usually collect personal data using cookies, so we would recommend that you delete the cookies stored in your browser if you do no want to provide more information than necessary.

We cannot influence and do not know what personal data is collected by the plugin providers, how the data is processed and how long the data is stored. We cannot provide information on how the data collected by the plugin provider can be deleted.

The plugin provider stores the personal data it has collected about you, creates user profiles and uses the data for advertising purposes, market research and customization of the website, even if you are not logged in – e.g. to show adverts that are tailored to fit your interests. The data is also used to inform other users of the social network about your activity on our website. To object to the creation of user profiles, please contact the plugin provider.

We provide links to the social media plugins for you to conveniently interact with social networks and other users, to improve our services and to make them more interesting for you. We are allowed to use the plugins according to Article 6, Paragraph 1, item f DS-GVO.

Your personal data will be transmitted to the plugin provider, even if you do not have an account with the plugin provider or if you are not logged into your account. If you are logged in, the information transmitted to the plugin provider will be linked to your account. If you interact with plugins, for example by clicking the ‘Like’ button or leaving a comment, this information is also sent straight to a server operated by the plugin provider, where it is saved. The information is also published on your profile and is visible to your friends.

To avoid data collection and linking of the data to your account, we recommend logging out after using social networks. 

Additional Information about purpose and extent of data collection and processing by the plugin provider can be found in the following privacy policies. You can also find information about your rights and settings to protect your privacy:

Plugin providers and their privacy policies:

Wir verwenden Cookies, um Ihnen den bestmöglichen Service zu gewährleisten. Wenn Sie auf dieser Seite weitersurfen, stimmen Sie der Cookie-Nutzung zu. Ich stimme zu!