A. Name and contact details of the person responsible for processing and of the company data protection officer
This data protection information applies to data processing by:
Person responsible: Thunderbike e.K., Andreas Bergerforth, Güterstr. 5, D-46499 Hamminkeln, Germany, Telephone 02852-6777-55 – Fax 02852-677759
The company data protection officer is Solicitor Helmut Bärsch, Königsallee 60F, 40212 Dusseldorf, Telephone 0211-86399390, Fax: 030-5200-45087, Email: email@example.com
B. Collection and storage of personal data and type of use
1) When visiting the website
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:
- IP address of the requesting computer
- The date and time of access
- Name and URL of the downloaded file,
- Website from which access is made (referrer URL),
- the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The data listed will be processed by us for the following purposes:
- ensuring a smooth connection to the website;
- ensuring comfortable use of our website;
- evaluation of system security and stability as well as
- for other administrative purposes.
The legal basis for data processing is Art. 6 para. 1 Page. 1 lit. f GDPR. Our legitimate interest arises from the purposes listed above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.
2) When registering for our newsletter
provided that, in accordance with Art. 6 para. 1 page 1 lit. a of the GDPR, you have expressly consented we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter, all you need to do is provide your email address.
You can unsubscribe at any time, for example via a link at the end of each newsletter.
3) Use of our contact form
If you have any questions, you can use the contact form. A valid e-mail address is required so that we know who sent the request and can respond to it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 page 1 lit. a GDPR on the basis of your voluntary consent.
The personal data collected by us for the use of the contact form will automatically be deleted after your request has been processed.
4) Processing your personal data in the ordering process of the shop
In the order process, you must specify your name, address, telephone, fax, date of birth, email address, preferred language, the country you are ordering it to, currency and payment method and VAT ID, if applicable.
This personal data and information is used for order processing, goods delivery as well as for payment processing. The legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR and the express consent you have given us pursuant to Art. 6 para. 1 page 1 lit. a of the GDPR.
We collect, store and process your data for the entire processing of your purchase, including possible later guarantees. Your personal data is stored in our IS system for optimal order processing and customer care. You must expressly agree to this when purchasing, as you must also agree to the general terms and conditions and the cancellation policy.
Inventory data, such as previous purchase orders and payment experiences, is included in the selection of possible payment methods made available to you.
We will save the contractual text and send you the order particulars by email. Your past orders can be viewed in our customer login area. You can have your data cancelled and deleted in accordance with points G. and H. of this data protection declaration.
For each customer who registers accordingly, we set up password-protected direct access to said customer’s inventory data (customer account) that is stored with us. Here you can view data about your completed, open and recently shipped orders and view and manage your personal data stored by us. You agree to treat the personal access information confidentially and to not make it available to any unauthorised third parties. We can accept no liability for the misuse of passwords, unless we are responsible for said misuse. Once you have finished communicating with us, you should close the browser window or mobile applications, especially if you share your computer or mobile devices with others.
C. Data transfer
Your personal data will not be transmitted to third parties for reasons other than those listed below.
We will only disclose your personal data to third parties if:
- you have expressly consented to this under Art. 6 para. 1 page 1 lit. a GDPR,
- the disclosure in accordance with Art. 6 Para 1 page 1 (f) DGPR to assert, exercise or defend legal claims and there is no reason to believe that you have an overriding interest in not disclosing your data,
- in the event that disclosure in accordance with Art. 6 para. 1 page 1 (c) GDPR is a statutory obligation, provided
- it is legally permissible and in accordance with Art. 6 Para. 1 page 1 (b) GDPR is required for the processing of contractual relationships with you.
- When goods are delivered to logistics companies and the postal service provider specified in the order.
- When paying for goods to the payment service provider specified in the order.
- During payment, we may collect and store payment transaction information such as credit card numbers or bank details, for which you expressly give your consent when logging into your customer account or during the order process. This personal data will also be deleted at your request in accordance with points G and H of this data protection declaration.
- In some cases, you only disclose these directly to the respective payment service provider (e.g. PayPal), where you must already be a member/customer. Please observe the data protection regulations there, e.g. https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
- External links: If our website links to websites of other providers via hyperlink, the person responsible for data protection is the operator of this other website. Please observe the data protection regulations there.
Information is stored in the cookie that results in each case in connection with the specifically used terminal device. However, this does not mean that we immediately become aware of your identity.
In addition, we also use temporary cookies that are stored on your end device for a specified period of time to optimize user-friendliness. If you visit our site again to use our services, it will automatically recognise that you have already been with us and what entries and settings you have made so that you do not have to enter them again.
The data processed by cookies are required for the purposes mentioned for the protection of our legitimate interests as well as of third parties according to Art. 6 para. 1 page 1 lit. f GDPR.
Most internet browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer, or a message always appears before a new cookie is created. Deactivating cookies, however, may result in your being unable to use all the functions in our portal.
E. Analytical Tools
1) Tracking tools
The tracking measures listed below and used by us are based on Art. 6 para. 1 page 1 lit. f GDPR. With the tracking measures used, we want to ensure that our website is designed to meet requirements and is continually optimised. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer. These interests are to be regarded as legitimate under of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
2) Google Analytics
We use Google Analytics, a web analysis service of Google Inc for the purpose of demand-oriented design and continuous optimisation of our pages. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymised user profiles are created and cookies (see under section 4) is used. The information generated by the cookie about the use of this website such as the
- browser type/version,
- operating system used,
- referrer URL (the previously visited website),
- host name of the accessing computer (IP address),
- time of the server request,
will be sent to a server hosted by Google Inc. in the United States. The information is used to evaluate the use of the website, to compile reports on advertising activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties, provided this is legally required, or to the extent that such third parties process the information. Under no circumstances will your IP address be merged with other data from Google. The IP address is rendered anonymous so that an assignment is not possible (so-called IP masking).
You can adjust the settings of your browser to prevent the installation of cookies; however, we would like to point out that you may then not be able to use all the functions of this website.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking this link . This sets an opt-out cookie, which prevents any future collection of your data when visiting this website. The opt-out cookie applies only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).
3) Data privacy statement for the use of Google AdSense
This website uses Google AdSense, a service for including advertisements from Google Inc. (“Google”). Google AdSense uses “cookies”, which are text files stored in your computer that enable an analysis of the way you use the website. Google AdSense also uses “web beacons” (invisible graphics). Through these web beacons, information such as the visitor traffic on these pages can be evaluated.
The information generated by cookies and web beacons relating to your use of this website (including your IP address), and delivery of advertising formats, is transmitted to a Google server in the US and stored there. This information can be passed on from Google to contractual partners of Google. However, Google will not merge your IP address with other data which you have stored.
You can prevent the installation of cookies by setting your browser software accordingly; we wish to point out that in this case you may not be able to make full use of all the functions of this website. By using this website, you agree that the data that Google collects about you may be processed as described above and for the purpose described above.
This website uses the web analysis service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”) based on our legitimate interest in statistical analysis user behavior for optimization and marketing purposes in accordance with Art. 6 Para. 1 lit. f GDPR data collected and stored. From this data, pseudonymised usage profiles can be created and evaluated for the same purpose.
When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
- Our website visited
- Date and time at the time of access
- Amount of data sent in bytes
- Source / reference from which you came to the page
- Browser used
- Operating system used
- IP address used (if necessary: in anonymized form)
Processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are specific indications of illegal use.
F. Social media plug-ins
1) Social Media Buttons
2) Social Media Plug-ins
We use social plug-ins of the social networks Facebook, Twitter and Instagram on our website on the basis of Art. 6 Para. 1 S. 1 lit. f DSGVO in order to make our company better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for the data protection-compliant operation is to be guaranteed by their respective providers. The integration of these plug-ins by us takes place by means of the so-called two-click method in order to protect visitors to our website in the best possible way.
Social media plugins from Facebook are used on our website to make their use more personal. We use the “Share” button for this purpose. This is an offer from Facebook.
If you call up a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website.
By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not logged on to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugin and click the “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research and tailoring Facebook Pages to your needs. To this end, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
If you do not want Facebook to associate the information collected through our website with your Facebook account, you must log out of Facebook before visiting our website.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your related rights and setting options for the protection of your privacy can be found in Facebook’s data protection information (https://www.facebook.com/about/privacy/).
Our website contains integrated plug-ins from the short message network, Twitter Inc. You can recognise the Twitter plug-ins (tweet button) by the Twitter logo on our site. An overview of the tweet buttons can be found here (https://about.twitter.com/resources/buttons).
When you access a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. This enables Twitter to receive information that you have visited our site with your IP address. If you click the Twitter “tweet button” while logged into your Twitter account, you can link the contents of our pages on your Twitter profile. This means that Twitter can associate visits to our pages with your user account. We would like to point out that, as the provider of these web pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter.
If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.
Our website uses social plug-ins by Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).
The plug-ins are marked with an Instagram logo, for example, in the form of an “Instagram camera”.
When you visit a page of our website containing a social plugin, your browser establishes a direct connection to Instagram’s servers. The content of the plugin is transferred from Instagram directly to your browser, which then embeds it into the page. By integrating the plugin, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram account or are not currently logged in to Instagram.
This information (including your IP address) is transmitted from your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can link your visit to our site to your Instagram account directly. If you interact with the plug-ins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there.
The information is also published on your Instagram account and displayed to your contacts there.
If you do not want Instagram to link the data collected on our website to your Instagram account, you must log out of Instagram before visiting our website.
This website includes plug-ins from the social network Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). You can recognise the Pinterest plugin by the “Pin it button” on our site.
G. Rights of the data subject
You have the right:
- to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if this has not been collected by us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about its detail;
- to immediately request the completion of or the correction of incorrect personal data stored by us in accordance with Art. 16 GDPR;
- to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- pursuant to Art. 18 GDPR to demand the restriction of processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you need this to assert, exercise or for the defence of legal claims or you have objected to processing in accordance with Art. 21 GDPR;
- pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another responsible person;
- pursuant to Art. 7 para 3 GDPR to revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future and
- to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you may contact the supervisory authority of your usual place of residence or workplace or our headquarters.
H. Right of objection
If your personal data is processed based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 (f) GDPR, you have the right in accordance with Art. 21 GDPR to object to the processing of your personal data if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If you wish to exercise your right of revocation or objection, simply send an email to firstname.lastname@example.org.
I. Data security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously updated according to technological developments.