Privacy policy

Your data security is very important to us

Responsible

straightvisions GmbH
Managing Directors: Matthias Bathke, Dennis Heiden
info@straightvisions.com
Ballindamm 39
DE-20095 Hamburg,
Phone: ++49 (0)40 / 99999 – 3020

BUSINESS-RELATED PROCESSING

In addition, we process contract data (e.g., subject matter of contract, term, customer category). – Payment data (e.g., bank details, payment history) of our customers, prospects and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.

Hosting

The hosting services we use are used to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical Maintenance services that we use for the purpose of operating this online offer.

In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in efficient and secure provision of this online offer in accordance with Art. 1 lit. f GDPR in art. 28 GDPR (conclusion of order processing contract).

COLLECTION OF ACCESS DATA AND LOGFILES

We, or our hosting provider, collect on the basis of our legitimate interests within the meaning of Art. 1 lit. f. GDPR data on each access to the server on which this service is located (so-called server log files). The access data includes the name of the retrieved website, file, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting providers. Logfile information is stored for security reasons (e.g. to investigate abuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidence purposes shall be excluded from deletion until the relevant incident has been finally clarified.

ORDER PROCESSING IN THE ONLINE SHOP AND CUSTOMER ACCOUNT

We process the data of our customers in the course of the ordering processes in our online shop in order to enable them to select and order the selected products and services, as well as to pay for and deliver them, respectively to execute them.

The processed data includes inventory data, communication data, contract data, payment data and the data subjects affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services in the context of the operation of an online shop, billing, delivery and customer service. We use session cookies for the storage of the shopping cart content and permanent cookies for the storage of the login status.

The processing shall be carried out on the basis of Article 6(6) of the 1 lit. b (Execution of ordering operations) and c (Legally required archiving) GDPR. The information marked as necessary is necessary for the establishment and fulfilment of the contract. We disclose the data to third parties only in the context of delivery, payment or within the scope of legal authorisations and obligations towards legal advisors and authorities. The data will only be processed in third countries if this is necessary for the fulfilment of the contract (e.g. at the customer’s request upon delivery or payment).

Users can optionally create a user account by viewing their orders in particular. As part of the registration process, the required mandatory information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have cancelled their user account, their data will be deleted with regard to the user account, subject to their retention is due for commercial or tax reasons. Art. 1 lit. c GDPR is necessary. Information in the customer’s account remains until its deletion, followed by archiving in the event of a legal obligation. It is the responsibility of users to secure their data before the end of the contract if they have been terminated.

As part of the registration and re-registration stake as well as use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with the Art. 1 lit. c GDPR.

The deletion takes place after the expiry of statutory warranty and comparable obligations, the necessity of the retention of the data is checked every three years; in the case of the statutory archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).

ADMINISTRATION, FINANCIAL ACCOUNTING, OFFICE ORGANIZATION, CONTACT MANAGEMENT

We process data within the scope of administrative tasks as well as the organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the context of the provision of our contractual services. The basis for processing is Article 6(4) of the 1 lit. c. GDPR, Art. 1 lit. f. GDPR. The processing affects customers, prospects, business partners and website visitors. The purpose and our interest in processing lies in administration, financial accounting, office organization, archiving of data, i.e. tasks related to the maintenance of our business activities, the performance of our tasks and the provision of our services. The erasure of the data with regard to contractual services and contractual communication corresponds to the information provided in these processing activities. We disclose or transmit data to the tax administration, consultants, such as tax consultants or auditors as well as other fee agencies and payment service providers. Furthermore, based on our business interests, we store information about suppliers, organizers and other business partners, e.g. for later contact. In principle, we store this majority of company-related data permanently.

REGISTRAR FUNCTION

Users can optionally create a user account. As part of the registration process, the required mandatory information will be communicated to the users. The data entered during the registration process will be used for the purposes of using the offer. Users may be informed by e-mail about information relevant to the offer or registration, such as changes in the scope of the offer or technical circumstances. If users have cancelled their user account, their data will be deleted with regard to the user account, subject to their retention is due for commercial or tax reasons. Art. 1 lit. c GDPR is necessary. It is the responsibility of users to secure their data before the end of the contract if they have been terminated. We are entitled to irretrievably delete all data of the user stored during the term of the contract.

In the context of the use of our registration and registration functions as well as the use of the user account, the IP address and the time of the respective user action will be stored. The storage is based on our legitimate interests, as well as the user in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties, unless it is necessary for the prosecution of our claims or there is a legal obligation to do so in accordance with the Art. 1 lit. c GDPR. The IP addresses will be anonymized or deleted after 7 days at the latest.

Contact

When contacting us (e.g. via contact form, e-mail, telephone or via social media), the user’s details are processed in accordance with the Art. 1 lit. b) GDPR processed. Users’ information can be stored in a customer relationship management system (“CRM system”) or similar request organization. We will delete the requests if they are no longer required. We check the necessity every two years; In addition, the statutory archiving obligations apply.

COMMENTS AND POSTS

If users leave comments or other contributions, their IP addresses may be based on our legitimate interests within the meaning of Art. 1 lit. f. GDPR for 7 days. This is for our safety in case someone leaves illegal content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we can be prosecuted for the comment or contribution ourselves and are therefore interested in the identity of the author. Furthermore, we reserve the right to be based on our legitimate interests in accordance with the Art. 1 lit. f. GDPR to process users’ information for spam detection.

GOOGLE ANALYTICS

Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 sec. 1 lit. f. GDPR) we use Google Analytics, a web analysis service of Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the users is usually transmitted to a Google server in the USA and stored there. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to compile further information, with the use of this online offer and the services related to internet use to provide us. Pseudonymous user profiles can be created from the processed data. We only use Google Analytics with IP anonymization enabled. This means that the IP address of the users is truncated by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by the user’s browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; Users can also prevent the collection of data generated by the cookie and related to their use of the online offer to Google and the processing of this data by Google by using the browser plug-in available at the following link. download and install: http://tools.google.com/dlpage/gaoptout?hl=de. For more information about Google’s data usage, settings and opposition options, please see Google’s privacy policy (https://policies.google.com/technologies/ads)and Google’s privacy policy (https://adssettings.google.com/authenticated). The personal data of the users will be deleted or anonymized after 14 months.

FACEBOOK PIXEL, CUSTOM AUDIENCES AND FACEBOOK CONVERSION

Within our online offer, due to our legitimate interests in the analysis, optimization and economic operation of our online offer and for these purposes, the so-called “Facebook pixel” of the social network Facebook, which is developed by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). Facebook is certified under the Privacy Shield Agreement and thereby provides a guarantee that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). With the help of the Facebook pixel, Facebook is able to identify the visitors of our online offer as the target group for the presentation of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads posted by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined by the websites visited) that we submit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to make sure that our Facebook ads correspond to the potential interest of the users and do not seem annoying. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes, in which we can see whether users have been redirected to our website after clicking on a Facebook ad (so-called ” conversion”). The processing of the data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general information on the presentation of Facebook ads, in the data usage policy of Facebook: https://www.facebook.com/policy.php. For specific information and details about the Facebook pixel and how it works, see the Facebook Help section: https://www.facebook.com/business/help/651294705016616. You may object to the collection by the Facebook pixel and the use of your data to display Facebook ads. To set what types of ads you see within Facebook, you can go to the page facebook-set up and follow the usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices. You may also object to the use of cookies for the purpose of measuring reach and advertising purposes via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

INTEGRATION OF THIRD-PARTY SERVICES AND CONTENT

Within our online offer, we place content or service offers based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 sec. 1 lit. f. GDPR). third parties to include their content and services, such as videos or fonts (hereinafter referred to as “Content”). This always presupposes that the third-party providers of this content perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers use the IP address only for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” allow information on how to evaluate visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and, among other things, technical information about the browser and operating system, referring websites, visit time as well as further information on the use of our online offer as well as such information from other sources.

Vimeo

We can include the videos of the platform “Vimeo” of the provider Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy Policy: https://vimeo.com/privacy. WIr point out that Vimeo can use Google Analytics and refer to the data protection declaration (https://www.google.com/policies/privacy) as well as opt-out possibilities for Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de) or Google’s settings for data usage for marketing purposes (https://adssettings.google.com/.).

Youtube

We include the videos of the platform “YouTube” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

GOOGLE FONTS

We include the fonts (“Google Fonts”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

GOOGLE MAPS

We include the maps of the service “Google Maps” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include in particular IP addresses and location data of the users, which are not collected without their consent (usually carried out within the framework of the settings of their mobile devices). The data can be processed in the United States. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

USE OF FACEBOOK SOCIAL PLUGINS

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 sec. 1 lit. f. GDPR) we use social plugins (“plugins”) of the social network facebook.com, which is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display interaction elements or content (e.g. videos, graphics or text posts) and are recognizable by one of the Facebook logos (white “f” on blue tile, the terms “Like”, “Like” or a “thumbs up” sign) or are marked with the addition of “Facebook Social Plugin”. The list and appearance of the Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). When a user calls up a feature of this online offer that contains such a plugin, his device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated by the user into the online offer. User profiles can be created from the processed data. We therefore have no influence on the extent of the data that Facebook collects with the help of this plugin and therefore informs the users according to our level of knowledge. By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, for example by pressing the Like button or making a comment, the corresponding information is transmitted from your device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and store his IP address. According to Facebook, only an anonymized IP address is stored in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the rights in this regard and setting options for the protection of the privacy of the users can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/. If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and to link it to his or her member data stored on Facebook, he must log out of Facebook before using our online offer and Delete cookies. Further settings and contradictions on the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

Twitter

Within our online offer, functions and contents of the service Twitter, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may be integrated. This may include, for example, content such as images, videos or texts and buttons that allow users to express their favor stake in the content, subscribe to the authors of the content or our contributions. If the users are members of the Twitter platform, Twitter can assign the call to the above-listed content and functions to the profiles of the users there. Twitter is certified under the Privacy Shield Agreement and thus provides a guarantee that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.

Instagram

Within our online offer, functions and contents of the service Instagram, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated. This may include, for example, content such as images, videos or texts and buttons that allow users to express their favor sinualism regarding the content, subscribe to the authors of the content or our contributions. If the users are members of the platform Instagram, Instagram can assign the call of the above-listed content and functions to the profiles of the users there. Instagram Privacy Policy: http://instagram.com/about/legal/privacy/.

Pinterest

Within our online offer, functions and contents of the service Pinterest offered by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA, may be integrated. This may include, for example, content such as images, videos or texts and buttons that allow users to express their favor sinualism regarding the content, subscribe to the authors of the content or our contributions. If the users are members of the Platform Pinterest, Pinterest can assign the call to the above-listed content and functions to the profiles of the users there. Pinterest Privacy Policy: https://about.pinterest.com/de/privacy-policy.