Privacy policy

Privacy policy

In this privacy policy, we would like to explain to you what personal data we collect, process and use at which time and to what purpose. We place great importance on the protection of your privacy and a lawful collection, use and processing of your personal data. We therefore save and process all customer data confidentially by observing the legal data protection regulations as well as this privacy policy.

This privacy policy can be reviewed, saved and printed anytime at the URL https://www.sebson.de/en/shop/privacy-policy/.

1. Responsible body

The responsible body to the purposes of the data protection regulations is as follows:

SEBSON
Walter-Behrendt-Straße 10
44329 Dortmund
Phone: +49 231 2821758
email: support@sebson.de
Proprietor: Dipl.-Inf. Sebastian Sonntag

In the event that you wish to object to the collection, processing or use of your data by SEBSON pursuant to these data protection provisions altogether or for individual measures, you can send your objection by email, fax or letter to the above-mentioned contact.

2. Collection, use and processing of personal data

The use of our website is, as a rule, possible without providing any personal data.

Where personal data (for instance name, address or email addresses) are collected on our sites, this is, where possible, always performed on a voluntary basis. We do not transfer your personal data including your home address and email address to third parties without your express and revocable consent. Excluded are our service partners who require the transfer of data for the order handling (e.g. the shipping company in charge of the delivery and the credit institution responsible for the payment handling). In these cases, however, the scope of the data transferred is limited to the required minimum.

We exclusively use your order data for the handling of your order. Your data are rarely used for a promotional approach, which you may revoke anytime. You have anytime the right to free-of-charge enquiry, reporting, blockage and deletion of your saved data. Please send us an email concerning this issue or send us your request by mail or fax.

2.1. PayPal

For payments via PayPal, credit card via PayPal, direct debiting via PayPal or – if offered - "purchase on account" or „instalments“ via PayPal, we transfer your payment data to the extent of the payment handling to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The transfer is made according to art. 6 para. 1 lit. b GDPR and only to the extent necessary for the payment handling. PayPal reserves the performance of a credit check for the methods of payment credit card via PayPal, direct debiting via PayPal or - if offered - “purchase on account” or “instalments” via PayPal. To this purpose, your payment data are, if applicable, transferred to credit agencies according to art. 6 para. 1 lit. f GDPR on the basis of PayPal’s legitimate interest to determine your solvency. PayPal will use the result from the credit check with regard to the statistical payment default probability to the purpose of making a decision on the provision of the respective method of payment. The credit check may contain probability values (so-called score values). Where score values are integrated in the result of the credit check, they are based upon mathematic and statistical processes that are scientifically recognised. The calculation of the score values includes, but is not restricted to address data.

More information on data protection laws, including the credit agencies assigned, can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You may object to the processing of your data anytime by sending a message to PayPal. PayPal, however, continues to be entitled, if applicable, to process your personal data to the extent necessary for the payment handling according to contract.

3. The use of cookies

Internet sites in some instances use so-called cookies. Cookies do not do any damage on your computer and do not contain any viruses. Cookies serve the purpose of making our offer more user-friendly, effective and safe. Cookies are small text files stored on your computer and saved by your browser.

You can delete individual cookies or the entire cookie inventory. In addition, you will receive information and instructions on how to delete these cookies or block their storage in advance. Depending on the provider of your browser, you will find the necessary information under the following links:

• Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
• Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
• Opera: http://www.opera.com/de/help
• Safari: https://support.apple.com/kb/PH17191?locale=de_DE&viewlocale=de_DE

If you allow us to use cookies through your browser settings or consent, the following cookies may be used on our website:

• Amazon Pay (Runtime: various (up to 1 year))
• Consent (Duration: Session)
• Session (duration: session)
• CSRF (Duration: Session)
• Google Analytics (duration: 2 years)
• reCAPTCHA (Runtime: Session)
• Automatic speech recognition (Runtime: Session)
• PayPal Cookies (Runtime: Session)

3.1. Technically necessary cookies

In this shop, information on the contents of your shopping cart are saved in the cookies, information that you can access during your next visits. If you log in with us or wish to make an order, we require your customer data. If you are already a customer of ours, you can quite easily log in via your email address and your personal password. The data filed in a cookie save you the effort of completing forms.

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change.

The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in a user-friendly design of our website.

3.2. Technically unnecessary cookies

Furthermore, we use cookies to better tailor the offer on our website to the interests of our visitors or to generally improve it on the basis of statistical evaluations.

Please refer to the information below on the display, tracking, remarketing and web analysis technologies used to find out which providers use cookies.

The legal basis for this processing is in each case your consent, Art. 6 para. 1 lit. a GDPR.

Recipients of the data may be technical service providers who act as order processors for the operation and maintenance of our website. For further recipients, please refer to the information below on the display, tracking, remarketing and web analysis technologies used.

Of course, you can also view our website without cookies. Web browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via your browser settings by revoking your consent at any time via our Cookie Consent Tool. Please note that individual functions of our website may not work if you have disabled the use of cookies.

To what extent we analyse the behaviour of website visitors with pseudonymised user profiles, please refer to the information below on the display, tracking, remarketing and web analysis technologies used.

4. Registration on our website

We offer you the storage of your personal data in a password-protected customer account so that you do not have to enter your name and address again for your next purchase. At the time of registration, your address data will be stored. The processing of the data entered during registration is based on the user's consent (Art. 6 para. 1 lit. a GDPR). Recipients of the data may be technical service providers who act as order processors for the operation and maintenance of our website. Data will only be processed in this context as long as the corresponding consent has been given.

The provision of your personal data is voluntary, based solely on your consent. You can delete your customer account at any time. To do so, please contact us using the contact option above.

5. Server log files

The provider of the sites automatically collects and saves information in so-called server log files which your browser automatically transfers to us. This information includes the following:

• Browser type and browser version
• The operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request

These data are not assignable to specific persons. These data will not be regrouped with other data sources. We reserve the right to subsequently verify these data if we become aware of concrete indications of your unlawful use.

6. Product evaluations and comment function

If you evaluate our products in the shop or comment on blog articles, the previously selected user name is also saved apart from the information given by you via the input mask. This serves the security of SEBSON since the provider may be prosecuted for unlawful contents on its website even if these contents come to the site by evaluations/comments made by third parties. We will not transfer these data without your consent.

7. Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. The processing of the data entered in the contact form is based on a legitimate interest (Art. 6 para. 1 lit. f GDPR).

By providing the contact form, we would like to enable you to contact us in an uncomplicated manner. The information you provide will be stored for the purpose of processing the enquiry and for possible follow-up questions. If you contact us to request a quote, the data entered in the contact form will be processed to carry out pre-contractual measures (Art. 6 para. 1 lit. b GDPR). Recipients of the data may be order processors. The data will be deleted no later than 6 months after processing the request.

If a contractual relationship is established, we are subject to the statutory retention periods according to the German Commercial Code (HGB) and delete your data after these periods have expired. The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, e-mail address and the reason for the request.

8. Newsletter data

If you would like to receive the newsletter offered on our website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data will be collected. We use this data exclusively for sending the requested information, based on your consent in accordance with Art. 6 para. 1 p. 1lit. a GDPR, and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter or by sending a message to the contact option above. After unsubscribing, we will delete your email address unless you have expressly consented to further use of your data or we reserve the right to use data in a manner that goes beyond this, which is permitted by law and about which we inform you in this declaration.

9. Integration of the Trusted Shop Trustbadge 

The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops seal of approval and the possibly collected evaluations as well as to offer the Trusted Shops products to buyers after an order.

This serves to protect our legitimate interests in optimal marketing by enabling secure shopping in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR, which prevail in the context of a balancing of interests. The trust badge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany, with whom we are jointly responsible for data protection pursuant to Art. 26 GDPR. Within the framework of this data protection notice, we inform you in the following about the essential contractual contents in accordance with Art. 26 (2) GDPR.

Within the framework of the joint responsibility between us and Trusted Shops, please contact Trusted Shops in the event of data protection questions and to assert your rights, using the contact options specified in the data protection information. Irrespective of this, however, you can always contact the data controller of your choice. Your enquiry will then, if necessary, be passed on to the other responsible party for a response.

9.1. Data processing when integrating the trust badge / other widgets

The trust badge is provided within the scope of joint responsibility by a US-American CDN provider (content delivery network). 

An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which can be accessed for the USA here. Service providers from the USA are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information is available here. Where service providers are not certified under the DPF, standard contractual clauses have been concluded as a suitable guarantee.

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. The IP address is anonymised immediately after collection so that the stored data cannot be assigned to you personally. The anonymised data is used for statistical purposes and for error analysis.

9.2. Data processing after order completion

After the order has been completed, your email address, which has been hashed using a cryptological one-way function, is transmitted to Trusted Shops GmbH. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR. This serves to check whether you are already registered for services with Trusted Shops GmbH and is therefore necessary for the fulfilment of our and Trusted Shops' overriding legitimate interests in the provision of the buyer protection linked to the specific order in each case and the transactional evaluation services in accordance with Art. 6 (1) sentence 1 lit. f GDPR. If this is the case, further processing will be carried out in accordance with the contractual agreement between you and Trusted Shops. If you have not yet registered for the services, you will subsequently be given the opportunity to do so for the first time. Further processing after registration also depends on the contractual agreement with Trusted Shops GmbH. If you do not register, all transmitted data will be automatically deleted by Trusted Shops GmbH and a personal reference is then no longer possible.

Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 para. 1 lit. f GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel). 

An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which can be accessed here for the USA and here for Israel. Service providers from the USA are generally certified under the EU-U.S. Data Privacy Framework. Further information is available here. Where service providers are not certified under the DPF, standard contractual clauses have been concluded as a suitable guarantee. 

10. Google Analytics

If you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is generally transferred to a Google server in the USA and stored there.

In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be truncated by Google within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, your user behavior is recorded in the form of "events". Events can be:

• Page views
• First visit to the website
• Start of session
• Your "click path", interaction with the website
• Scrolls (whenever a user scrolls to the bottom of the page (90%))
• clicks on external links
• internal search queries
• interaction with videos
• file downloads
• seen / clicked ads
• language settings

Also recorded:

• Your approximate location (region)
• your IP address (in shortened form)
• technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
• your internet service provider
• the referrer URL (via which website/advertising medium you came to this website)

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your pseudonymous use of the website and compiling reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website.

Recipients of the data are/may be

• Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 GDPR)
• Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
• Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be ruled out that US authorities access the data stored by Google.

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. If applicable, you are not entitled to any legal remedies against access by authorities.

The data sent by us and linked to cookies are automatically deleted after 2 months. The deletion of data whose retention period has been reached takes place automatically once a month.

The legal basis for this data processing is your consent pursuant to Art.6 para.1 p.1 lit.a GDPR.

You can revoke your consent at any time with effect for the future by calling the cookie settings deactivateGoogle Analytics and change your selection there. The legitimacy of the processing carried out on the basis of the consent until the revocation remains unaffected.

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser in such a way that all cookies are rejected, functionalities on this and other websites may be restricted. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by

a. Not giving your consent to the setting of the cookie or

b. downloading and installing the browser add-on to disable Google Analytics here.

For more information on Google Analytics terms of use and data protection at Google, please see https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

11. Use of Google Remarketing

This website uses the remarketing function of Google Inc. The function serves the purpose of presenting visitors to the website with interest-related ads within the Google advertising network. A so-called “cookie” is saved in the browser of the visitor to the website that facilitates the recognition of the visitor when he or she accesses these websites belonging to Google’s advertising network. The visitor may be shown ads on these sites that relate to contents that the visitor previously accessed on websites using Google’s remarketing function.

By its own account, Google does not collect any personal data during this process. If you nevertheless do not wish to use Google’s remarketing function, you can basically deactivate this function by making appropriate settings at http://www.google.com/settings/ads. As an alternative, you can deactivate the use of cookies for interest-related advertisement via the network advertising initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.

12. Google AdWords

Our website uses the Google Conversion Tracking. If you gained access to our website via an ad placed by Google, a cookie is set on your computer by Google Adworks. The cookie for conversion tracking is set if a user clicks an ad placed by Google. These cookies will lose their validity after 30 days and do not serve the purpose of personal identification. If the user accesses certain pages of our website and the cookie has not yet expired, we and Google are able to recognise that the user clicked the ad and was forwarded to this site. Each Google AdWords customer receives a different cookie. Cookies can thus not be kept track of via the websites of AdWords customers. The information obtained by means of the conversion cookies serves the purpose of preparing conversion statistics for AdWords customers who decided for conversion tracking. The customers will learn of the total number of users who clicked their ad and were forwarded to a site with a conversion tracking tag. They do however not contain any information by which users may be personally identified.

If you do not wish to participate in tracking, you may refuse the required setting of a cookie - for instance by setting your browser so that the automatic placing of cookies is generally deactivated, or change the settings of your browser so that cookies from the domain „googleleadservices.com“ are blocked.

Please note that you cannot delete the opt-out cookies as long as you do not wish measuring data to be recorded. If all your cookies in the browser are deleted, you must again set the relevant opt-out cookie.

13. Google Recaptcha

Our website uses Google "reCAPTCHA". This service is used to be able to recognise whether entries (e.g. in online forms) are made by humans and not by automatically acting machines (so-called "bots"). The data processed may include IP addresses, information on operating systems, devices or browsers used, language settings, location, mouse movements, keystrokes, time spent on websites, previously visited websites, interactions with ReCaptcha on other websites, possibly cookies and results of manual recognition processes (e.g. answering questions asked or selecting objects in images).

You can prevent the collection of your data by clicking on the following link. An opt-out cookie will be set which will prevent the collection of your data on future visits to this website: Deactivate Google Analytics

For more information on how Google reCAPTCHA handles user data, please see Google's privacy policy: https://policies.google.com/privacy?hl=de

In addition, you can prevent the collection of your data by Google Analytics by rejecting cookies via our cookie settings dialogue.

14. Social networks

14.1. Use of Facebook plugins

Our internet sites use plugins by the social network facebook.com operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").

When you access our Internet sites, a connection is made between your browser and the Facebook server. Facebook thus obtains the information that you visited our site with your IP address. If you are logged in as a member with Facebook, Facebook assigns this information to your personal Facebook user account. When using the plugin functions (e.g. clicking the “like” buttons, posting a comment), this information is also assigned to your Facebook account. We note that we as a provider are not aware of the contents of the data transferred nor their use by Facebook.

You’ll find detailed information on the collection and use of the data by Facebook, on your rights to this effect and possibilities to protect your privacy in Facebook’s privacy notices at https://www.facebook.com/policy.php  (prepared by Annegret Mayer, attorney, LL.M., version: 02 February 2011) © Händlerbund e.V.

If you do not wish that Facebook is able to assign the visit to our sites to your Facebook user account, please log out of your Facebook user account.

15. SSL encryption

We apply technical and organizational security measures to protect your data managed by us against random or wilful manipulation, loss, destruction or against the access by unauthorised persons. Payment data are communicated in encrypted form (128-Bit SSL).

16. Right of information, deletion, blockage

As a data subject, you have the following rights:

• Pursuant to Art. 15 of the GDPR, the right to request information about your personal data processed by us to the extent specified therein;
• Pursuant to Art. 16 GDPR, the right to demand the correction of inaccurate or incomplete personal data stored by us without undue delay;
• In accordance with Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary
  • to exercise the right to freedom of expression and information;
  • to comply with a legal obligation;
  • for reasons of public interest; or
  • necessary for the assertion, exercise or defence of legal claims;
• In accordance with Art. 18 GDPR, the right to request the restriction of the processing of your personal data, insofar as
  • the accuracy of the data is disputed by you;
  • the processing is unlawful, but you object to its erasure;
  • we no longer require the data, but you need it to assert, exercise or defend legal claims; or
  • you have objected to the processing in accordance with Art. 21 GDPR;
• Pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller;
• Pursuant to Art. 77 GDPR, the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.

17. Amendment of our data protection regulations

We reserve the right to adapt these data protection regulations from time to time in order for them to always comply with current legal requirements or in order to implement changes in our services in the privacy policy, e. g. when introducing new services. The new privacy policy will then apply if you visit again.

Source: https://www.e-recht24.de/

Excerpts from this privacy policy were prepared by the privacy policy generator of activeMind AG