PRIVACY-POLICY
The processing of your personal data is an important concern for us, which we fulfill with the great-est possible care and diligence.
In the following, we therefore inform you about the manner and the purposes of the processing of your personal data when using our website
If you have any questions or comments, please do not hesitate to contact us.
CONTENT
I NAME AND ADDRESS OF THE CONTROLERII GENERAL INFORMATION ON DATA PROCESSING
1. SCOPE OF THE PROCESSING OF PERSONAL DATA
2. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
3. DATA DELETION AND STORAGE DURATIONIII DATA PROCESSING
1. PROVISION OF THE WEBSITE
2. NEWSLETTER
3. CONTACT BY E-MAIL
4. YOUTUBE VIDEO INTEGRATION
5. INSTAGRAM PLUGIN
6. STORE WITH SHOPIFY
7. USE OF PAYMENT SERVICE PROVIDERSA) SHOPIFY PAYMENTS
B) CREDIT CARD (VISA, MASTERCARD, AMERICAN EXPRESS)
C) MAESTRO
D) EPS-ÜBERWEISUNG
E) KLARNA
F) SOFORT
G) APPLE PAY
H) GOOGLE PAY
I) IDEAL
J) STORE PAYIV RIGHTS OF THE DATA SUBJECT
1. WHAT RIGHTS DO YOU HAVE AS A DATA SUBJECT VIS-À-VIS THE CONTROLLER
2. INFORMATION ABOUT YOUR RIGHT TO OBJECT UNDER ART. 21 GDPR
I NAME AND ADDRESS OF THE CONTROLER
The controler within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Metzner Engineering GmbH
Meschwitzerstraße 21
01099 Dresden
T: +49-(0)152-06493985
E-mail: metzner-engineering.com
Website: www.metzner-engineering.com
II GENERAL INFORMATION ON DATA PROCESSING
1. SCOPE OF THE PROCESSING OF PERSONAL DATA
We process personal data of our users only insofar as this is necessary for the provision of a func-tional website and our content and services. The processing of personal data of our users is regular-ly only carried out with the consent of the user. An exception applies in those cases where obtain-ing prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.
2. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 (1) lit. d GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
3. DATA DELETION AND STORAGE DURATION
The personal data of the data subject shall be deleted or processing restricted as soon as the pur-pose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the con-troller is subject. Restriction of processing or deletion of data also takes place when a storage peri-od prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
III DATA PROCESSING
1. PROVISION OF THE WEBSITE
Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer.
The following data is collected:
(1) Information about the browser type and version used
(2) The operating system of the user
(3) The Internet service provider of the user
(4) The IP address of the user
(5) Date and time of access
(6) Websites from which the user’s system accesses our website
(7) Websites that are called up by the user’s system via our website
The data is also stored in the log files of our system. A storage of this data together with other per-sonal data of the user does not take place.
For the provision of this website, we use the web hosting service of Host Europe GmbH, Hansestrasse 111, 51149 Köln (hereinafter referred to as web hoster). In connection with the host-ing, the web hoster processes the aforementioned personal data on our behalf, which is generated during the use of the website.
The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f GDPR.
We have concluded a data processing agreement (DPA) with our web hoster. Through this agree-ment, the service provider assures that it processes the data in accordance with the General Data Protection Regulation and ensures the protection of the rights of the data subject. A separate legal basis for the involvement of the web hoster is therefore not required.
The temporary storage of the IP address by the system is necessary to enable delivery of the web-site to the user’s computer. For this purpose, the user’s IP address must remain stored for the du-ration of the session.
The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was col-lected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after seven days at the latest. Storage be-yond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
You can object to the processing, but this is not likely to be successful. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the op-eration of the website. These are compelling legitimate grounds for processing, which generally override their interests, rights and freedoms (Article 21 (1) GDPR).
2. NEWSLETTER
On our website there is the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the input mask is transmitted to us.
• E-mail address
• First name
• Last name
• Country
In addition, the following data is collected during registration:
(1) IP address of the calling computer
(2) Date and time of registration
For the processing of data, your consent is obtained during the registration process and reference is made to this privacy policy.
No data will be passed on to third parties in connection with the data processing for sending news-letters. The data is used exclusively for sending the newsletter.
The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given his consent.
The collection of the user’s e-mail address is used to deliver the newsletter.
The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was col-lected. Accordingly, the user’s e-mail address will be stored as long as the subscription to the news-letter is active.
The other personal data collected during the registration process is usually deleted after a period of seven days.
The subscription to the newsletter can be cancelled by the user concerned at any time. For this purpose, a corresponding link can be found in each newsletter.
This also enables the withdrawal of consent to the storage of personal data collected during the registration process.
3. CONTACT BY E-MAIL
It is possible to contact us via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be stored.
For the provision of this website, we use a web hoster via DPA (see above section Provision of the website). In this context, the web hoster also processes the aforementioned personal data on our behalf.
In this context, the data will not be passed on to third parties. The data is used exclusively for the processing of the conversation.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
The processing of the transmitted personal data from the e-mail serves us solely to process the contact. This also constitutes the necessary legitimate interest in the processing of the data.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was col-lected. For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
The user can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
All personal data stored in the course of contacting us will be deleted in this case.
4. YOUTUBE VIDEO INTEGRATION
In individual cases, Youtube videos are integrated on our website in order to make our website attractive for our users and to improve its content.
Youtube is a service of YouTube, LLC, a subsidiary of Google Inc, USA.
On this website, the extended privacy mode for embedding Youtube videos has been activated, so that no information about the visitors to our website is transmitted or stored if they do not watch the video. No cookies are set on your end device when viewing the video either.
In addition, when you click on the video preview image, you will first be asked to give your consent to the data processing described below and to a data transfer to the USA with the risks described below. The corresponding data processing is based on Art. 6 para. 1 lit. a) GDPR, the transfer to servers in the USA is based on your consent according to Art. 49 para. 1 lit. a GDPR.
Within the framework of the Youtube service, information about your use of this website is trans-mitted to a Youtube server when you view a video and is also shared with the Google advertising network Doubleclick. In this way, the following data may be transmitted (regardless of whether Youtube provides a user account through which you are logged in):
• Browser type/version,
• operating system used,
• Host name of the accessing computer (IP address),
• Time of the server request,
• Entered search terms
• Frequency of page views
• Viewed video
The transmission to Youtube and Doubleclick takes place to servers of Google LLC. in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). The USA is an unsafe third country within the meaning of the GDPR, i.e. a country outside the European Economic Area (EEA) in which the GDPR is not directly applicable. The USA does not provide a level of data protection comparable to that in the EU. When personal data is transferred to the U.S., there is a risk that U.S. authorities may gain access to the personal data on the basis of the PRISM and UPSTREAM surveillance pro-grams based on Section 702 of FISA (Foreign Intelligence Surveillance Act), as well as on the basis of Executive Order 12333 or Presidential Police Directive 28. EU citizens have no effective legal protec-tion against these accesses in the U.S. or the EU.
If you are logged in to Youtube, your data will be directly assigned to your account. If you do not want the assignment with your profile at Youtube, you must log out before activating the button. Youtube stores your data (even for users who are not logged in) as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for non-logged-in users) for the provision of needs-based advertising and to inform other users of the social network about your activities on our web-site.
You have the right to object to the creation of these user profiles, and you must contact Youtube to exercise this right.
For more information on the purpose and scope of data collection and processing, please refer to Google’s privacy policy (Youtube, as part of Google, does not have its own privacy policy). There you will also find further information about your rights in this regard and setting options for protect-ing your privacy.
• Google Terms of Use: https://policies.google.com/terms?hl=de&gl=de
• Google privacy policy (“Google Privacy Policy”): https://www.google.de/intl/de/policies/privacy/
• Terms of use Youtube: https://www.youtube.com/static?gl=DE&template=terms&hl=de
5. INSTAGRAM PLUGIN
Our pages use a plugin of the Instagram service, which is currently embedded in the footer of each page. This service is one of the Facebook products offered by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland as the data controller.
To ensure data protection on our website, we only use this plugin together with the so-called “Shariff” solution. This application prevents the plugin integrated on our website from transmitting data to the provider the first time the user enters the page. In doing so, it is not the user’s browser, but the server on which this online offer is located, that establishes a connection with the server of the respective social media platforms and queries, for example, the number of likes. The user re-mains anonymous. More information about the Shariff project can be found at the developers of the magazine c’t: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html; Service provider: Heise Medien GmbH & Co. KG, Karl-Wiechert-Allee 10, 30625 Han-nover, Germany; website: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html; privacy policy: https://www.heise.de/Datenschutzerklaerung-der-Heise-Medien-GmbH-Co-KG-4860.html.
Only when you activate the plugin by clicking the corresponding button, a direct connection to the provider’s server is established. The respective provider then receives the information that you have visited our site with your IP address. If you are logged into your Instagram account at the same time, Instagram can assign the visit to our pages to your user account, regardless of whether you click on the Instagram component or not.
You can then, after clicking on the social media button, “Share” the document (so-called “Sharing”) or leave a comment, etc.. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.
Activating the plugin constitutes consent within the meaning of Art. 6 (1) lit. a GDPR. You can with-draw this consent at any time with effect for the future.
The purpose of the integration is to increase our visibility on the social network Instagram.
The data collected directly by us via the Instagram presence is deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, withdraw your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your termi-nal device until you delete them. Mandatory legal provisions – in particular retention periods – re-main unaffected.
We have no influence on the storage period of your data that is stored by Instagram for its own purposes. For details, please contact Instagram directly (e.g. in their privacy policy at https://help.instagram.com/519522125107875/?helpref=hc_fnav).
If you visit our social media presence on Instagram, we are jointly responsible with Instagram for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Instagram).
Please note that despite the joint responsibility with Instagram, we do not have full influence on the data processing operations of Instagram. Our options are largely determined by the corporate policy of the respective provider.
6. STORE WITH SHOPIFY
Our objective as data controller is the distance selling of goods and services. In this context, we process the data required for the conclusion, performance or termination of a contract. This inclu-des in particular:
• First name, last name,
• Billing and delivery address,
• E-mail address,
• Billing and payment information,
• Date of birth,
• Phone number (optional).
In this context, they may open a customer account. We store and use the data provided by you for contract processing.
Within the scope of the above-mentioned data processing, your data will be processed by data processors under DPA on our behalf. These are carefully selected in each case and, if legally re-quired, contractually obligated in accordance with Article 28 GDPR.
We use the store system of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”), for the purpose of hosting and displaying the online store on the basis of processing on our behalf. All data collected on our website is processed on Shopify’s servers. As part of Shopify’s aforementioned services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Pro-cessing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on our behalf. In the event that data is transferred to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by adequacy decision of the European Commission. The same applies to the involvement of sub-processors based in the USA. These transfers are subject to Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”), which has been deemed adequate by the European Commission (European Commission adequacy decision 2002/2EG). For more information about Shopify’s privacy practices, please visit the following web-site: https://www.shopify.de/legal/datenschutz.
We pass on details of your delivery address to a logistics company commissioned by us for the pur-pose of processing the purchase contract. Only in cases of bulky goods or comparable circumstanc-es we transmit your e-mail address and, if necessary, your telephone number to the logistics com-pany commissioned by us to ensure that the delivery or return of goods can take place as planned. The logistics company will contact you in advance of the delivery or return to coordinate details of the processing with you. The data will be transmitted to the contracted logistics company solely for this purpose and processed by the company for a purely specific purpose.
If you have selected the payment method credit card or an online payment method, we will for-ward you to the integrated website of the corresponding payment/financing service provider after completion of the order (see section Payment service provider).
The legal basis for this is Article 6(1)(b) GDPR, i.e. you provide us with the data on the basis of the contractual relationship between you and us.
The purpose of our data processing is conclusion, execution or termination of a purchase contract for our products.
We store the data collected for the processing of the contract until the expiry of the statutory or possible contractual warranty and guarantee rights. After expiration of this period or deletion of your customer account, we retain the information of the contractual relationship required by com-mercial and tax law for the periods determined by law. For this period (regularly ten years from the conclusion of the contract), the data is processed again solely in the event of an audit by the tax authorities and in the event of customer inquiries.
A deletion of your customer account is possible at any time and can be done by sending a message to the above address of the responsible person. There is no further possibility of objection or revo-cation.
7. USE OF PAYMENT SERVICE PROVIDERS
We provide you the choice of one of the following payment service providers:
a) Shopify payments
We use the payment service provider “Shopify Payments”, 3rd Floor, Europa House, Harcourt Build-ing, Harcourt Street, Dublin 2. If you choose a payment method offered via the payment service provider Shopify Payments, the payment processing is carried out by the technical service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on the information you provided during the ordering process, together with infor-mation about your order (name, address, account number, bank code, any credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 (1) lit. b GDPR. Your data will only be passed on for the purpose of payment processing with Stripe Payments Europe Ltd. and only insofar as it is necessary for this purpose. You can find more information about the data protection of Shopify Payments at the following internet address: https://www.shopify.com/legal/privacy.
You can find data protection information on Stripe Payments Europe Ltd. here: https://stripe.com/de/privacy
b) Credit card (Visa, Mastercard, American Express)
On our website we offer, among other things, payment by “credit card”. The provider of this pay-ment service is Adyen N.V., Simon Carmiggeltstraat 6-50, 1011 DJ. Information about the data pro-cessing by Adyen N.V. and their contact information can be found here.
If you select payment via credit card, the payment data you enter will be transmitted to Adyen N.V..
With this payment method you have the possibility to pay your order by VISA or Mastercard credit card or by American Express.
Payment processing is handled securely through an external site of Adyen N.V. to fully protect your data.
After the transaction is completed, your account will be conveniently and securely debited with the invoice amount.
c) Maestro
Maestro is an international debit card from Mastercard. The transactions are directly linked to the customer’s account.
d) eps-Überweisung
The eps-Überweisung (Electronic Payment Standard) is an online payment procedure developed by many Austrian banks for purchases on the Internet as well as for the payment of fees and charges to authorities and public institutions in Austria.
If you decide to use the eps-Überweisung payment system, you will be redirected to a central bank selection list. After selecting your bank, you will be connected to the corresponding online banking. After successful login and approval via TAN or electronic signature, the amount due is transferred from your account to the merchant’s account.
e
) Klarna
If you choose a Klarna payment service, the payment will be processed by Klarna Bank AB (publ) [https://www.klarna.com/de], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Klarna”). In order to enable the processing of the payment, your personal data (first and last name, street, house number, postal code, city, gender, e-mail address, telephone number and IP address) as well as data related to the order (e.g. invoice amount, article, delivery type) will be forwarded to Klarna for the purpose of identity and credit checks, provided that you have expressly consented to this in accordance with Art. 6 para. 1 lit. a GDPR during the ordering process. You can see which credit agencies your data may be forwarded to here:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies
The credit report may contain probability values (score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Klarna uses the information obtained about the statistical probability of a payment default for a weighed decision about the establishment, implementation or termination of the contractual relationship.
You can revoke your consent at any time by sending a message to the data controller or to Klarna. However, Klarna may still be entitled to process your personal data if this is necessary for the pro-cessing of payments in accordance with the contract.
Your personal data will be handled in accordance with the applicable data protection regulations and as specified in Klarna’s Privacy Policy for data subjects located in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy or for data subjects lo-cated in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy.
f) SOFORT
If you select the payment method “SOFORT”, the payment will be processed by the payment ser-vice provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter “SOFORT”), to whom we will pass on your information provided during the ordering process, together with information about your order, in accordance with Art. 6 (1) lit. b GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will only be passed on for the purpose of payment processing with the payment service provider SOFORT and only insofar as it is necessary for this purpose. You can obtain more information about SO-FORT’s privacy policy at the following Internet address: https://www.klarna.com/sofort/datenschutz.
g) Apple Pay
If you choose the payment method “Apple Pay” of Apple Distribution International (Apple), Hol-lyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing is carried out via the “Apple Pay” function of your terminal device running iOS, watchOS or macOS by charging a payment card deposited with “Apple Pay”. Apple Pay uses security functions integrated into the hardware and software of your device to protect your transactions. To release a payment, you must enter a code that you have previously defined and verify it using the “Face ID” or “Touch ID” function of your end device.
For the purpose of payment processing, the information you provide during the ordering process, together with information about your order, is passed on to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the pay-ment service provider of the payment card stored in Apple Pay to carry out the payment. The en-cryption ensures that only the website through which the purchase was made can access the pay-ment data. After the payment is made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the success of the payment.
Insofar as personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) lit. b GDPR.
Apple retains anonymized transaction data, including the approximate amount of the purchase, the approximate date and time, and whether the transaction was completed successfully. The anony-mization completely eliminates any reference to individuals. Apple uses the anonymized data to improve “Apple Pay” and other Apple products and services.
When you use Apple Pay on iPhone or Apple Watch to complete a purchase made through Safari on Mac, the Mac and the authorization device communicate over an encrypted channel on Apple’s servers. Apple does not process or store any of this information in a format that can identify you personally. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to “Wallet & Apple Pay”, and uncheck “Allow payments on Mac”.
Further information on data protection with Apple Pay can be found at the following Internet ad-dress: https://support.apple.com/de-de/HT203027
h) Google Pay
If you choose the payment method “Google Pay” of Google Ireland Limited, Gordon House, 4 Bar-row St, Dublin, D04 E5W5, Ireland (“Google”), the payment processing is carried out via the “Google Pay” application of your mobile device running at least Android 4.4 (“KitKat”) and having an NFC function by charging a payment card deposited with Google Pay or a payment system verified there (e.g. PayPal). For the release of a payment via Google Pay in the amount of more than €25, the prior unlocking of your mobile end device by the respective verification measure set up (such as facial recognition, password, fingerprint or pattern) is required.
For the purpose of payment processing, the information you provide during the ordering process, together with information about your order, will be passed on to Google. Google then transmits your payment information stored in Google Pay in the form of a uniquely assigned transaction number to the source website, which is used to verify a completed payment. This transaction num-ber does not contain any information about the real payment data of your payment means depos-ited in Google Pay, but is created and transmitted as a one-time valid numeric token. For all transac-tions via Google Pay, Google only acts as an intermediary to process the payment transaction. The transaction is carried out exclusively in the relationship between the user and the source website by debiting the means of payment deposited with Google Pay.
Insofar as personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) lit. b GDPR.
Google reserves the right to collect, store and analyze certain transaction-specific information for each transaction made through Google Pay. This includes the date, time and amount of the transac-tion, merchant location and description, a description provided by the merchant of the goods or services purchased, photos you attached to the transaction, the name and email address of the seller and buyer or sender and recipient, the payment method used, your description for the rea-son for the transaction, and the offer associated with the transaction, if applicable.
According to Google, this processing is carried out exclusively in accordance with Art. 6 para.1 lit. f GDPR on the basis of the legitimate interest in proper billing, verification of transaction data and optimization and functional maintenance of the Google Pay service.
Google also reserves the right to merge the processed transaction data with further information that is collected and stored by Google when using other Google services.
The terms of use of Google Pay can be found here:
https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
You can find further information on data protection with Google Pay at the following Internet ad-dress:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
i) iDEAL
iDEAL is an online payment system from the Netherlands. The method allows customers to pay with direct transfer from their bank account. It is based on online banking and works like giropay, paydirekt and Sofortüberweisung.
j) Store Pay
Store Pay is powered by Shopify and speeds up the checkout process by securely storing your ship-ping and payment details.
Customers can save their email address, credit card information, and shipping and billing infor-mation. This can save customers time when completing the checkout process, especially if they have already signed up for Shop Pay at a Shopify store. If the store offers local pickup or delivery, customers can select that option when checking out with Shop Pay.
Customers must provide an email address at checkout to store their payment information. Cus-tomers who only provide a phone number in the contact field will not receive the Save for Later prompt to save their information. For more information on expedited checkout, visit https://help.shopify.com/de/manual/payments/accelerated-checkouts.
Customers’ shipping and billing information is stored securely on Shopify’s PCI-compliant servers (see https://www.shopify.com/security) and is only shared with us after an order is placed. If you have any questions about Shop Pay or how your information is stored, please visit the Shop Pay Help Center at https://shop.app/help/shop-pay for more information.
For orders placed via Shop Pay, delivery emissions are offset (for more information, please visit https://shop.app/carbon-offsetting).
IV RIGHTS OF THE DATA SUBJECT
1. WHAT RIGHTS DO YOU HAVE AS A DATA SUBJECT VIS-À-VIS THE CONTROLLER
When we process your personal data, you have the following rights with respect to the personal data concerning you:
► Right of access, Art. 15 GDPR;
► Right to rectification or deletion, Art. 16 and 17 GDPR;
► Right to restriction of processing, Art. 18 GDPR;
► Right to object to processing, Art. 21 GDPR;
► Right to data portability, Art. 20 GDPR.
For this purpose, as well as for further questions regarding the protection of your personal data, you can contact us at any time using the contact details provided in Section I.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us, Art. 77 GDPR.
You can withdraw your consent to the processing of personal data at any time for the future. The legality of the data processing carried out on the basis of the consent until the withdrawal is not affected by the withdrawal.
We do not use automated decision making including profiling.
2. INFORMATION ABOUT YOUR RIGHT TO OBJECT UNDER ART. 21 GDPR
Of course, you can object to the processing of your personal data if we base the processing on our legitimate interest (Art. 6 Abs. 1 lit. f GDPR), especially for advertising purposes at any time. You can declare the objection to us via the contact data listed under section I.
———————————————————————————————————————————-
The contents of this legal text are protected by copyright. Anyone who infringes copyright (e.g. copies texts without permission) is exposed to claims for injunctive relief, reimbursement of legal fees and damages.