[EIS GmbH and Triple A Marketing GmbH], (”We”) are committed to protecting and respecting your privacy.
This policy, and any other documents referred to in it, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.satisfyer.com you are accepting and consenting to the practices described in this policy.
1. WHO ARE WE?!
For the purpose of the Data Protection Act 2018 (the Act), the data controller is [EIS GmbH] of [Am Lenkwerk 3, 33609 Bielefeld, Germany.]
2. WHAT INFORMATION DO WE COLLECT FROM YOU?
You can principally visit our website without providing any personal data. However, in several cases we require such data from you, specifically:
- with the order
First name, Last name
Date of birth
- when contacting us
- when using the protected zone "customer account"
- when subscribing to / cancelling the newsletter
- with the member-get-member advertising / partner programme
- when you participate in a competitions, promotions or surveys run by us
With regard to each of your visits to our site we will automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet,your login information, browser type and version, time zone setting, browser plug-in types and versions,operating system and platform, data for analytics and connecting to third party accounts as more particulary described in Sections 13, 14, 15, 16 and 17 of this policy ;
- information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for’, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
3. WHAT DO WE DO WITH YOUR PERSONAL DATA?
Your data helps us to individually design and consistently improve your shopping experience with us. Specifically, we use information held about you in the following ways:
- to identify you, verify that you are an adult and manage any accounts you hold with us;
- to process the orders placed by you;
- to deliver the goods to you which may include sharing your data with third parties (see below for more details);
- for processing payment for goods ordered by you;
- to provide you with the information that you request from us including sending you our newsletter;
- to inform you about orders, products, services and offers;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about – see the “Do We Use Your Data for Marketing” section below;
- if you agree, to let you know about other products or services that may be of interest to you—see the “Do We Use Your Data For Marketing” section below;
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer;
- to prevent improper use of our website and as part of our efforts to keep our site safe and secure;
- to detect and prevent fraud;
- to conduct research, statistical analysis and behavioural analysis;
- to carry out customer profiling and analyse your purchasing preferences;
- to customise our website and its content to your particular preferences;
4. DO WE USE YOUR DATA FOR MARKETING
We do use your data to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail [or SMS]) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.
Our affiliate, Triple A Marketing GmbH of Am Lenkwerk 3, 33609 Bielefeld, carries out maketing services for us and we share your data with them for that purpose. They also process any orders to purchase goods or services which you may place with us.
If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please see the “What Rights Do You Have” section below. Please also see the “How to Contact Us” section below.
We also use your data in anonymised form for marketing and opinion research purposes. Your responses to surveys for marketing and opinion research purposes will not be forwarded to third parties, nor published by us.
We do not store the answers from surveys for marketing and opinion research purposes together with your personal data. Should we commission third parties to carry out surveys for market and opinion research your data will be forwarded to such third parties taking into account the requirements under the Act for sharing of personal data with third parties.
You can object to the use of your data for marketing and opinion research purposes. Please see the section below “What Rights Do You Have?”
After we have fulfilled an order placed by you, you will receive an e-mail from us requesting you to complete a survey of the goods from your last order. We use the information you provide in the completed survey to improve our goods and services.
5. DO WE SHARE YOUR DATA WITH THIRD PARTIES?
We store the personal data primarily for the purposes of processing orders placed by you and this may require us to share your personal data with third parties for the purposes of fulfilling your orders. For example, we may share your name, address and other contact details with a postal or shipment provider or a freight forwarder (such as DHL or Hermes), which will deliver the goods to you, or we may share your data with third parties with whom we partner to provide financial services. For example for processing credit card payments. The card payment processors are data controllers of the data in relation to your credit or debit cards.
Our affiliate, Triple A Marketing GmbH of Am Lenkwerk 3, 33609 Bielefeld, will process any orders to purchase goods or services which you may place with us.
If you have subscribed to our newsletter, we may share your email address with our newsletter service provider (Emarsys eMarketing Systems AG, Märzstrasse 1, A-1150 Vienna) so that they can send the newsletter to you.
Therefore, you agree that we have the right to share your personal information with the selected third parties described above and:
- any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006;
- other business partners, suppliers and sub-contractors for the performance of any contract we enter into with you;
- analytics and search engine providers that assist us in the improvement and optimisation of our site. (You can find out more about these in the section headed “Cookies”.);
- credit card companies and other credit facilities to process payments;
- law enforcement agencies in connection with any investigation to help prevent unlawful activity.
We will disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
- If [EIS GmbH] or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of or terms and conditions of supply and other agreements; or to protect the rights, property, or safety of [EIS GmbH], our customers, or others.
6. DO WE TRANSFER YOUR INFORMATION OUT OF THE EEA?
EIS GmbH nor Triple A Marketing GmbH transfer personal data outside the EEA.
All information you provide to us is stored on secure servers. As a company providing services internationally, we may receive and transfer information all over the world. Consequently, your personal information may be used, stored and processed outside of the country where you entered that information or from which we collected it. It may also be processed outside the location from which it was collected by staff operating in different locations who work for us or for one of our suppliers. This includes staff engaged in, among other things, provision of support services.
Where you have agreed that your web and application browser activities on our website can be linked to your Google account and where you connect to Paypal, Facebook and Twitter accounts using the plug-ins on our website or you log into those accounts at the same time as you are connected to our website, your personal data may be transferred to the United States of America for the purposes as more particularly described in the respective third party privacy policies. For more information on how you agree to link and connect to these accounts when using our website, please go to Sections 13,14, 15, 16 and 17 of this policy. Rest assured that we will always ensure any transfer of personal data made by us is subject to appropriate security measures to safeguard your personal data.
7. HOW DO WE PROTECT YOUR PERSONAL DATA?
All information you provide to us is stored on our secure servers which are not accessible to unauthorised persons and are protected against external access by a "Firewall". Any payment transactions will be encrypted using SSL(Secure-Socket-Layer) technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
You will occasionally be requested to provide proof of your identity before we disclose to you, or provide you with access to, the personal data which we hold relating to you. For example access to the customer account is only possible by entering a code and we will only give this to you after you have provided us with proof of your identity.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see the “How to Contact Us” section below).
What can you do to keep your information safe?
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We use the analysis tool Emarsys Predict for the compilation of our individual e-mail newsletter. Emarsys Predict evaluates both your use of the newsletter as well as of our website. When you sign up to receive our newsletter you are asked to expressly agree that we may evaluate your use of the newsletter and our website in this way so that we can ensure that topics of particular interest to you are included in in the newsletter. You may revoke your consent to our evaluation of your preferences by contacting us using the contact information set out in the “How to Contact Us” section below.
You may set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result. In order to use all functions in our on-line shop you must allow permanent cookies in your browser. If the any of the settings for permanent cookies are turned off you can still visit our on-line shop, however some functionality may no longer be available or may be limited. For example, the contents of your shopping basket may no longer be displayed.
You will find all further information in this respect under "FAQ/Technical problems/activate cookies".
We will not link the data stored in the cookies that we use with your personal data (name, address, etc.) without your express consent.
We do use the services of third party providers, which may set cookies. For more information on the analysis tools we use and the cookies of third party service providers please see the sections on “Whether we Use Analytics Tools” below.
9. WHEN WILL YOUR DATA BE DELETED?
All data will be deleted when it is no longer required to fulfil the purpose for which it was provided by you or collected from you.
We use the following criteria to determine whether or not we need to keep your data:
- fulfilment of an order,
- if you or we close your customer account,
- if you unsubscribe from the newsletter,
- after a competition has finished (unless you have subscribed to the newsletter as part of the competition and not yet unsubscribed).
- if we are required to keep a copy of your data by law or statutory regulation.
You also have the ability to request that we delete your personal data at any time.
See the section below on “What Rights do you have”.
10. WHAT RIGHTS DO YOU HAVE?
Right to request a copy of your information
You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or it, please:
- email, call or write to us (see ‘How can you contact us?’ below)
- let us know the information you want a copy of, including any account or reference numbers, if you have them
- We may charge a small fee (£) for this service.
Right to correct any mistakes in your information
You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please:
- email, call or write to us (see ‘How can you contact us?’ below)
- let us have enough information to identify you (eg account number, user name, registration details), and
- let us know the information that is incorrect and what it should be replaced with
Right to ask us to stop contacting you with direct marketing
You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:
- email us (see “How to Contact Us”’ section below). [You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data or, to stop the newsletter, by clicking on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 5 days for this to take place]
- let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone)
Right to request we cease processing your data
You can ask us to stop processing your personal data. If you make such a request, we shall retain only the amount of personal data pertaining to you that is necessary to ensure that no further processing of your personal data takes place.
Right to request deletion of your data
You can ask us to delete your data. If you would like to do this then please email us using the information in the “How to Contact Us” section below.
We shall delete your data following such a request, unless we have reasonable grounds to refuse to erase your personal data. For example because we have a legal requirement to keep it or we need to keep some of it to ensure that we do not contact with with marketing material when you have requested that we stop doing that.
If you have an active customer account and you ask us to delete your data then your customer account will be closed. You will also be unsubscribed from our newsletter and you will no longer have access to the member-get-member advertising / partner programme. We will also not be able to process orders following deletion of your data without you providing your data again.
We may ask for proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill) in order to verify your identity before carrying out your requests.
12. HOW TO CONTACT US
Would you like to receive further information about data protection?
If you have any complaints about the way in which we collect, store and use your information, and these have not been addressed by contacting us first, you can contact the supervisory authority in the United Kingdom, the Information Commissioner’s Office: https://ico.org.uk/concerns/
14. LINKS TO OTHER WEBSITES
15. INFORMATION ON THE DATA TRANSMISSION WITH THE "LOGIN VIA THE PAYPAL" BUTTON
You can login to Paypal when you are in the shopping basket area in our online shop by clicking on the "Login via PayPal" button in the checkout area.
The following data held by PayPal relating to you which is necessary for us to conclude the purchase transaction will then be transmitted to us via the PayPal-API interface:
- E-mail address
- First name
- Last name
- Postal Code
- Private or corporate account at Paypal
If you have already created a customer account with us using the e-mail address also stored by PayPal you will be logged-in after entering your user name and password in your customer account on our site. If you have not yet set up a customer account the fields required for setting up a customer account will be automatically populated to enable you to set up a customer account on our site.
You can find further information regarding the protection of your personal data by Paypal in the Paypal privacy statement found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
16. INFORMATION ON DATA TRANSFER AT STRIPE
On our website, we offer payment via Stripe and associated payment methods. This payment service is provided by Stripe Payments Europe Ltd, The One Building, 1 Grand Canal Street Lower, Dublin, Ireland.
When you select payment via Stripe, the payment data you enter (name, address, account number, routing number, credit card number if applicable, invoice total, currency and transaction number) will be transferred to Stripe.
Your data is transferred to Stripe based on article 6 paragraph 1 a of the GDPR (consent) and article 6 paragraph 1 b of the GDPR (processing to fulfil a contract). You have the opportunity to revoke your consent to data processing at any time. All data required to process the payment will be transferred solely for the purpose of carrying out the payment and will be sent to the payment provider using encryption. Stripe Payments Europe Ltd is certified in accordance with the Industry Data Security Standard (PCI DSS) and is subject to the Privacy Shield agreement. Stripe transfers, processes and saves personal data required to process the payment outside the EU if necessary. Stripe upholds the Schrems II ruling. The basis for security is EU standard contracts. Find out more about data protection at Stripe here: https://stripe.com/de/privacy
17. DO WE USE WEB ANALYSIS TOOLS?
Yes. We use the following web analysis tools.
Use of Google Analytics
We use Google Analytics for evaluating the visitor numbers to our online shop and for further statistical analysis.
Extended Google Analytics functions
Starting 15 May 2017 all remarketing target groups created in Google Analytics are extended so that you will profit from the new cross-device functions available in AdWords and DoubleClick. This way we can reach users irrespective of the device when using Google Analytics Audiences.
Insofar as users have agreed that their web and app browser progress is linked with their Google account by Google and information from their Google account is used to personalise advertisements, which they see in the web, Google uses data of these registered users together with Google Analytics data in order to create and define target group lists for cross-device remarketing. Google-authenticated IDs of these users are recorded by Google Analytics in order to support this function. These personal data of Google are temporarily linked with our Google Analytics data in order to form target groups.
Read Google's overview of privacy and safeguarding data: https://support.google.com/analytics/answer/6004245
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout
or alternatively opt out of Google Analytics, especially for mobile usage, by setting an Opt-Out-Cookie.
For this to work you must allow cookies: Click here to opt-out of Google Analytics
If you clear your cache or delete your browsing history you will have to click the above link again in order to opt-out of Google Analytics.
Use of Google reCaptcha V3
We use Google reCAPTCHA in our Internet presence in order to check and avoid interactions on our Internet site by automated access, for example by so-called bots. This is a service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to simply as “Google”. By means of certification under the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google guarantees that the data protection regulations of the EU will also be complied with during the processing of data in the USA. By means of this service, Google can determine from which website a query was sent and from what IP address you are using the so-called reCAPTCHA entry box. Alongside your IP address, where possible further information will be recorded by Google which is necessary for the service and in order to guarantee this facility. The legal basis is Article 6 Paragraph 1 letter f) GDPR. Our legitimate interest is represented by the security of our Internet presence and defending against unwanted, automated access in the form of spam or similar. Further information concerning the general handling of your user data by Google can be found via the following link: https://policies.google.com/privacy.
Use of Hotjar
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
18. DO WE USE SHOP-OWN WEB-ANALYSIS TOOLS?
We use a tool that tracks and analyses the movement of a user on the website. The system features the following properties:
- No additional data are collected, but already available data are evaluated.
The following data are evaluated:
- IP address (only temporarily; this was deleted immediately after the evaluation)
- URL (what have you just clicked)
- Referrer (from which website do you come to our website)
- Partner-ID (if available)
- Customer number (if available)
- and in the event of a purchase: Articles, total amounts, payment method.
The following data are explicitly not collected:
- Last name, first name
- Account number, bank sorting code, credit card data, PayPal-ID
- Codes, user code.
The raw data are compacted in the analysis step and evaluated for statistical purposes. The following evaluations are created:
Where do the visitors come from (search engine, affiliates etc.)
Through which search terms /Adwords did the visitor access the website
- Number of clicks, paths, etc. in the website
- Funnel analysis (how many visitors have entered the shop, moved in the shop, used the box, started the order process)
- What was purchased (articles, total amounts, etc.)
- Meta evaluations (purchase-click-instalments, contribution margins, etc.)
The collected data will, however, not be used to personally identify you as a visitor of our online offer. The data collected by us will merely be used to improve our online offer and our services towards you.We do not share this information with third parties.
19. OUR CONNECTION TO SOCIAL NETWORKS
I. Connection to Google
In order to facilitate comprehensive networking we have implemented plug-ins of the social network Google+ on our website. This social network Google+ is operated by the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. These plug-ins can be identified on our website by a button with the sign "+1" on a white or brightly coloured background. If you visit our website, and activate the plug-in then your Internet browser will establish a connection with the servers of the social network Google+. Through this connection the contents of the plug-in will be transmitted to Google+via the Internet browser used by you . Via this mechanism Google+ receives the information that you have visited our website. We have no influence on which data are collected by Google+.
Should you be logged into the Google+ website by using the personal user account allocated to you at the same time as visiting our website there will be a simultaneous direct connection to Google+ If you click on the "+1" button or use your account in order to write a comment the information will be transmitted to Google+ and stored there for further use. If you do not want this information to be transmitted to Google+ then you must close your personal account in Google+ before accessing our website.
You can find out more about the data collected by Google + and how it is used and how you can change the Google+ settings by reading the Google+ privacy notices: https://developers.google.com/+/web/buttons-policy
II. Connection to Facebook
In order facilitate comprehensive networking we have implemented plugins of the social network Facebook on our website.
All correspondingly marked plugins are only operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (Facebook).
The Facebook plug-ins on our website are marked by the protected logo of Facebook or by the "Like-Button" button.
If you visit our website, and activate the Facebook plug-in then your Internet browser will establish a connection with the Facebook servers. Through this connection the contents of the plugin are transmitted to Facebook via the Internet browser used by you . In this way Facebook receives the information that you have visited our website.
We have no influence on which data are collected.
Should you log into Facebook by using the personal user account allocated to you at the same time as visiting our website there will be a simultaneous direct connection to Facebook.
If you click e.g. on the "Like-Button" button or use your Facebook account in order to write a comment the information will be transmitted to Facebook and stored there for further use.
If you do not want your data to be transmitted to Facebook in this way then you must close your personal account in Facebook by pressing the word "log-out" under the menu item "account" before connecting to our website. You can find outmore about the data collected by Facebook and how it is used and how you can change the Facebook settings by reading the Facebook privacy notices: (http://www.facebook.com/privacy/explanation.php)
III. Connection to Twitter
In order facilitate comprehensive networking for you we have implemented plugins of the short message service Twitter on our website.
This service is operated by the company Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
The Twitter plug-ins on our website are identified by the Twitter logo that we have affixed in a visible position on our website.
The Twitter plugin creates a direct connection between the servers of Twitter and the Internet browser used by you at the time you call up our website and Twitter receives the information that you have visited our website together with the IP address allocated at the time when the Internet browser was used.
If you click on the Twitter plug-in button on our website and you are also logged- nto your Twitter account at the same time you can inform third parties of the contents of our website via your Twitter account.
An allocation of the visit to our website is carried out to your user account with the short message service Twitter.
We have no knowledge of the contents of the data transmitted to Twitter and the processing and/or use made by Twitter of that data. If you do not want your data to be transmitted to Twitter in this way then you must not login to yoru Twitter account before or during your visit to our website.
You can find more about the data collected by Twitter and how it is used and how you can change the Twitter settings by reading the Twitter privacy notices http://twitter.com/privacy
IV. Connection to Instagram
We have inserted plugins and API interfaces for the social network Instagram on our website. The Instagram plugin is marked »Instagram-Button« in our online shop. If you have clicked the Instagram button and are logged into your Instagram account at the same time, contents of our online shop can be linked onto your own Instagram profile. This way Instagram can allocate the visit to our online shops to your user account. We, as operator of the online shop, do not receive any knowledge of the contents of the data transmitted to, nor their use by, Instagram.