PRIVACY POLICY
I. General information
1. The following information gives a simple overview of what happens to your personal data when you visit our website. Personal data is any data that allows you to be personally identified, such as your name, address, e-mail addresses, or user behavior. By agreeing to our privacy policy, you agree to the following terms. Detailed information on data protection can be found in our privacy policy, which is enumerated below.
2. The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is FloraPrima GmbH, Didderser Straße 28, 38176 Wendeburg, info@floraprima.de (see our legal notice) (hereinafter: FloraPrima). You can contact our data protection officer at scope & focus Service-Gesellschaft mbH, Leonhardtstraße 2, 30175 Hannover, phone: +49 511 364 221-0, fax: +49 511 364 221-99, e-mail: Datenschutz@floraprima.de
3. When you contact us via e-mail or via the contact form, the data that you provide (your e-mail address or possibly your name and phone number) is stored by us to answer your questions. We delete the data that arises in this context after storage is no longer required, or limit processing if there are statutory retention requirements.
4. If we use contracted service providers for individual features of our offer or if we wish to use your data for advertising purposes, we will inform you in detail below about the processes to do so. When we do this, we also name the specified criteria for the storage duration.
II. Collection of personal data when our website is visited
In the case of merely informative use of the website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data that is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 sentence 1 letter f GDPR):
- IP address
- date and time of the request
- access status/HTTP status code
- amount of data transmitted
- website from which the request comes
- browser
- operating system and its interface
- language and version of the browser software.
The provider of this website automatically collects and stores information in server log files that your browser automatically transmits to us.
This data is not combined with other data sources. The data is automatically deleted after a period of six days. The basis for data processing is Art. 6 para. 1 letter f GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. Temporary storage of IP addresses by the system is necessary to allow delivery of the website to the user's computer. To do this, the user's IP address must remain stored for the duration of the session. Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize our website and to ensure the security of our systems. This purpose also includes our legitimate interest in data processing according to Art. 6 para. 1 letter f GDPR. The data is not evaluated for marketing purposes in this context.
III. Your rights
Withdrawal of your consent to data processing
Many data processing operations are only possible with your express consent. At any time, you can revoke consent that has already been given. An informal message by e-mail to info@floraprima.de is sufficient. The lawfulness of the data processing carried out until the withdrawal remains unaffected by the withdrawal.
Right to object to data collection in special cases and right to object to direct marketing (Art. 21 GDPR) If data processing is carried out on the basis of Art. 6 para. 1 letter e or f GDPR, you have the right at any time to object to the processing of your personal data for reasons that arise from your particular situation; this also applies to profiling based on these provisions. The legal basis of the processing can be found in this privacy policy. If you object, we will cease processing your personal data unless we can provide evidence of compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or processing is for the purpose of enforcing, exercising or defending legal claims (objection according to Art. 21 para. 1 GDPR). If your personal data is processed to carry out direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will then no longer be used for the purpose of direct marketing (objection according to Art. 21 para. 2 GDPR).
Right to lodge a complaint with the competent supervisory authority
In the case of infringements of the GDPR, the persons concerned have a right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.
Right to data portability
You have the right to have data that we automatically process on the basis of your consent or in fulfillment of a contract handed over to yourself or to a third party in a standard, machine-readable format. If you require direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. An encrypted connection is indicated by the browser's address bar changing from "https: //" to "https: //" and the lock icon in your browser bar.
If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.
Encrypted payments on this website
If there is an obligation to send us your payment data (e.g. account number for direct debit authorization) after the conclusion of a fee-based contract, this data is required for payment processing.
Payment via the usual means of payment (Visa, MasterCard or direct debit) is carried out exclusively via an encrypted SSL or TLS connection. An encrypted connection is indicated by the browser's address bar changing from "https://" to "https://" and by the lock icon in your browser bar.
In the case of encrypted communication, your payment details that you send to us cannot be read by third parties.
Information, blocking, erasure and rectification
Within the scope of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to rectify, block or erase this data. Please contact us at any time at the address given in the imprint for further information about this topic or other questions about the topic of personal data.
Right to restriction of processing
You have the right to request restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases:
If you deny the accuracy of your personal data stored with us, we usually need time to verify this. You have the right to request restriction of the processing of your personal data for the duration of the examination.
If the processing of your personal data is unlawful, you may request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it to exercise, defend or enforce legal rights, you have the right to request that processing of your personal information be restricted instead of the personal data being erased.
If you have filed an objection according to Art. 21 para. 1 GDPR, a balance must be made between your interests and ours. As long as it is not clear whose interests prevail, you have the right to request restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may only be processed – except your storage of the data – with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural person or legal entity or for purposes of important public interests of the European Union or a Member State.
Objection to advertising emails
The use of contact data published in the imprint obligation for the purpose of sending advertising and information materials that were not explicitly requested is hereby objected to. The operators of the website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
IV. Use of cookies
1. Parts of our website use what are called cookies. Cookies do not harm your computer and do not contain viruses. A cookie is a small data file that we transfer to your computer when you browse our site. A cookie can only contain information that we send to your computer – private data cannot be read. If you accept cookies on our site, we do not have access to your personal information, but with the help of cookies we can identify your computer.
We use cookies to make visits to our website attractive and to enable the use of certain functions.
2. This website uses the following types of cookies whose scope and operation are explained below:
- Transient cookies (see a)
- Persistent cookies (see b)
a) Transient cookies are automatically deleted when you close your browser. This especially includes session cookies. Session cookies store what is called a session ID with which various requests from your browser can be assigned to the same session. This allows your computer to be recognized when you return to our website. Session cookies are erased when you log out or close the browser.
b) Persistent cookies are automatically erased after a specified period, which may differ depending on the cookie. You can erase cookies in the security settings of your browser at any time.
3. You can configure your browser settings according to your wishes and for example refuse to accept third-party cookies or all cookies. Please be aware that you may not be able to use all features of this website.
We use cookies to identify you for follow-up visits if you have an account with us. Otherwise you would have to log in again for each visit. The legal basis for the use of cookies is Art. 6 para. 1 letter f GDPR.
V. Newsletter
1. If you wish to receive the newsletter offered on our website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Other data is not collected or is only collected on a voluntary basis. We use this data exclusively for delivering the requested information and do not pass it on to third parties.
2. Processing of the data entered into the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 para. 1 letter a GDPR).
3. You may withdraw your consent at any time to the storage of data, storage of the e-mail address and its use for sending the newsletter, for example via the "unsubscribe" link in the newsletter or by sending an e-mail to info@floraprima.de. The lawfulness of data processing operations that are already completed remains unaffected by the withdrawal.
4. The data that you store with us for the purpose of obtaining the newsletter will be saved by us until you unsubscribe to the newsletter, and it will be erased after the newsletter has been canceled. Data stored for other purposes with us (e.g. e-mail addresses for the members area) remains unaffected by this.
VI. Use of our webshop
1. If you want to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order. Mandatory information required for processing contracts is marked separately; other information is voluntary. We process the data provided by you to handle your order. To do so, we can pass on your payment details to our main bank. The legal basis for this is Art. 6 para. 1 sentence 1 letter b GDPR.
Failure to provide this information may result in the contract being unable to be concluded. If we deliver goods to you, we will pass on your data to the commissioned shipping company, as far as the shipping company is needed for delivery.
You can voluntarily create a customer account by which we can save your data for later purchases. If you create an account under "My Account," the data you provide will be revocably stored. You can always erase all other data in the customer area, including your user account.
In addition, we can process the data you provide to inform you about other interesting products from our portfolio or to send you e-mails with technical information. This is authorized by Art. 6 para. 1 letter f GDPR since we have a legitimate interest in direct marketing. It is also possible to use a reminder service when sending to other persons, such as the name day of the recipient. This is possible for us because of a legitimate interest (Art. 6 para. 1 letter f) GDPR). If you do not want this, you can object to this feature in the ordering process or at any later time. We refer here to the statements in the context of the possibility of objection under your rights for processing based on a legitimate interest. In the event of an objection, the stored data associated with this opposition will be erased unless other legal provisions prevent erasure.
2. Due to commercial and tax regulations, we are obliged to save your address, payment and order data in order to comply with legal obligations. The legal basis for this is Art. 6 para. 1 letter c) GDPR. Insofar as we are not obliged to do so, the data will be erased as soon as it is no longer necessary for the purpose that it was collected for.
3. If you use the payment services of third parties (e.g. PayPal, Sofortüberweisung), the terms and conditions and the privacy policy of the third-party providers apply, which are available on the websites of the third-party providers, e.g. PayPal (https://www.paypal.com/de/webapps/mpp/ inter alia / privacy-full). You can object to data processing at any time by sending a message to the service provider.
4. If there is an obligation to send us your payment details (e.g. account number for a direct debit authorization) after the conclusion of a fee-based contract, this data is required for payment processing. Payment via the usual means of payment (Visa, MasterCard or direct debit) is carried out exclusively via an encrypted SSL or TLS connection. An encrypted connection is indicated by the browser's address bar changing from "https://" to "https://" and by the lock icon in your browser bar. In the case of encrypted communication, your payment details that you send to us cannot be read by third parties.
5.In the event that you are in default of payment, we will sell the claim ("nonrecourse factoring") to uniscore Forderungsmanagement GmbH, Ludwigstr. 85, 67059 Ludwigshafen and/or Intrum Justitia GmbH, Pallaswiesenstrasse 180-182, 64293 Darmstadt. The legal basis for this is Art. 6 para. 1 letter f) GDPR.