Privacy policy

Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it has no consequences. This only applies if no other information is given in the subsequent processing operations.
"Personal data" is any information relating to an identified or identifiable natural person.


Server log files
You can visit our websites without to provide information about you.
Every time you access our website, usage data is transmitted to us or our web host / IT service provider by your Internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider. The processing takes place on the basis of Art. 6 Paragraph 1 lit. f GDPR from our overriding legitimate interest in ensuring trouble-free operation of our website and improving our offer.
Your data will be transmitted to Canada, among other places. The EU Commission has issued an adequacy decision for data transfers to Canada.


Contact

Responsible
If you wish, you can contact us. The person responsible for data processing is: Rainer Albrecht, Claus-von-Stauffenberg-Str. 30a, 68163 Mannheim Germany, 0049 621 82848477, info@kultfrau.de




Customer unsolicited contact by email
If you send an email to If you contact us for business, we only collect your personal data (name, e-mail address, text of the message) to the extent that you have made it available. The data processing serves to process and answer your contact request.
If the establishment of contact serves to carry out pre-contractual measures (e.g. advice on purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing takes place on the basis of Art. 6 Paragraph 1 lit. b GDPR.
If contact is made for other reasons, this data processing takes place on the basis of Article 6 Paragraph 1 lit. f GDPR from our overriding legitimate interest in processing and answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data based on Article 6 (1) (f) GDPR.
Your e-mail address we only use it to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, e-mail address, message text) only to the extent provided by you. The data processing serves the purpose of establishing contact.
If the contact serves to carry out pre-contractual measures (e.g. advice on purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR. If contact is made for other reasons, this data processing takes place on the basis of Article 6 (1) (f) GDPR from our overriding legitimate interest in processing and answering your request. In this case, you have the right at any time, for reasons that arise from your particular situation, to Art. 6 para.1 lit f GDPR to object to the processing of personal data concerning you. We only use your e-mail address to process your request. Your data will then be deleted in compliance with legal retention periods, unless you have consented to further processing and use.


Customer account / orders

When you open a customer account, we collect your personal data to the extent specified there. The purpose of data processing is to improve your shopping experience and to simplify order processing. The processing takes place on the basis of Article 6 (1) (a) GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent up to the revocation. Your customer account will then be deleted.


Collection, processing and transfer of personal data when ordering
When you place an order, we only collect and process your personal data to the extent that this is necessary for the fulfillment and processing of your order and for processing of your requests is required. The provision of the data is necessary for the conclusion of the contract. Non-provision means that no contract can be concluded. Processing takes place on the basis of Article 6 (1) (b) GDPR and is required to fulfill a contract with you.
Your data is passed on, for example, to the shipping companies and dropshipping providers, payment service providers, service providers for order processing and IT service providers you have selected. In all cases, we strictly observe the legal requirements. The scope of the data transmission is limited to a minimum.
Your data will be transmitted to Canada, among other places. The EU Commission has issued an adequacy decision for data transfers to Canada.


Advertising

Use of the e-mail address for sending newsletters
Irrespective of contract processing, we use your e-mail address exclusively for our own advertising purposes for sending newsletters, provided you have expressly consented to this. The processing takes place on the basis of Article 6 (1) (a) GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent up to the revocation. You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by notifying us. Your e-mail address will then be removed from the mailing list.

Your data will be passed on to a service provider for e-mail marketing as part of order processing. It will not be passed on to other third parties.

Use of the e-mail address for sending direct mail
We use your e-mail address that we received as part of the sale of goods or services , for the electronic transmission of advertising for our own goods or services that are similar to those that you have already purchased from us, provided that you have not objected to this use. The provision of the e-mail address is required for the conclusion of the contract. Non-provision means that no contract can be concluded. The processing takes place on the basis of Art. 6 Para. 1 lit. f GDPR from our overriding legitimate interest in direct advertising. You can object to this use of your e-mail address at any time by notifying us. The contact details for exercising the objection can be found in the imprint. You can also use the link provided for this purpose in the promotional e-mail.There are no costs for this other than the transmission costs according to the basic tariffs


Shipping service provider / merchandise management

Passing on the e-mail address to shipping companies for information about the shipping statusWe will pass on your e-mail address to the transport company as part of the contract processing, provided that you have expressly consented to this during the ordering process. The purpose of the transfer is to inform you about the shipping status by e-mail. The processing takes place on the basis of Article 6 (1) (a) GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out on the basis of the consent up to the revocation.

Use of an external merchandise management system
We use a merchandise management system in the as part of order processing. For this purpose, your personal data collected as part of the order will be transmitted to
Buhl Data Service GmbH, Am Siebertsweiher 3/5, 57290 Neunkirchen
.



Cookies

Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic character string that enables the browser to be clearly identified when the website is called up again.

Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide individually whether to accept them and prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to use all the functions of this website to their full extent.

The links below provide information on how to manage (including deactivating) cookies in the most important browsers:

Unless otherwise stated below in the data protection declaration, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after you have changed pages and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change.

The use of cookies or comparable technologies is based on Section 25 (2) TTDSG. The processing of your personal data takes place on the basis of Art. 6 Para. 1 lit.f DSGVO from our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer
You have the right to object to this processing of personal data relating to you at any time for reasons that arise from your particular situation .

Use of Usercentrics

We use the Usercentrics consent management tool from Usercentrics GmbH (Rosenthal 4, 80331, Munich; "Usercentrics") on our website.
The tool enables you to consent to data processing via the website, in particular the setting of cookies, as well as to make use of your right of withdrawal for consents already given. Data processing serves the purpose of obtaining and documenting the necessary consent to data processing and thus complying with legal obligations. Cookies can be used. Among other things, The following information is collected and transmitted to Usercentrics: Date and time of the page view, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data.
Usercentrics uses the Google Cloud Platform of Google Ireland Limited, which means that your data may be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. The data is transmitted, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
The data is processed to fulfill a Legal obligation based on Article 6 (1) (c) GDPR.
The revocation receipt for a previously granted consent will be kept for a period of three years.
More information on data protection at Usercentrics can be found at: https://usercentrics.com/privacy-policy/

Analysis / Communication

Use of Google Analytics

We use the web analysis service Google Analytics from Google Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and of its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. Among other things, the following information can be collected: IP address, date and time of the page view, click path, information about the browser you are using and the device you are using (device), pages visited, referrer URL (website via which you found our website). visited the website), location data, purchase activities. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Google Analytics uses technologies such as cookies, web storage in the browser and tracking pixels, which enable an analysis of your use of the website. The information generated by this about your use of this website is usually transmitted to a Google server in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. The data transmission takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business. safety.google/adsprocessorterms/.Both Google and US government agencies have access to your data. Your data may be combined by Google with other data, such as your search history, your personal accounts, your usage data from other devices and any other data that Google has about you.
IP anonymization is activated on this website. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with Art 6 paragraph 1 lit. a GDPR. Your personal data will be processed with your consent on the basis of Article 6 Paragraph 1 Letter a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent up to the time of revocation.
You can find more information on the terms of use and data protection at https://www.google.com/analytics/ terms/de.html or under https://www.google.de/intl/de/policies/ and under https://policies.google.com/technologies/ cookies?hl=de.


Plug-ins and other


Use of the Google Tag Manager

We use the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags used to implement tracking and analysis tools in particular. The data processing serves the purpose of the needs-based design and optimization of our website.
The Google Tag Manager itself does not store cookies, nor is personal data processed as a result. However, it enables the triggering of additional tags that can collect and process personal data.
More information on terms of use and data protection can be found here https://www.google.com/intl/de/tagmanager/use-policy .html.

Use of social plugins

We use social network plug-ins on our website. The integration of social plug-ins and the data processing that takes place in the process serve the purpose of optimizing advertising for our products.
When integrating social plug-ins, a link is established between your computer and the servers of the social network providers and the plug-in is displayed on the page by a message to your browser, provided you have expressly consented to this. Both your IP address and the information on which of our pages you have visited are transmitted to the provider's server. This applies regardless of whether you are registered or logged in to the social network. A transmission also takes place for users who are not registered or not logged in. If you are connected to one or more of your social network accounts at the same time, the information collected can also be assigned to your corresponding profiles. When using the plug-in functions (e.g. by pressing the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 Para. 1 S 1 TTDSG in conjunction with Article 6 (1) (a) GDPR. Your personal data will be processed with your consent on the basis of Article 6 Paragraph 1 Letter a GDPR.You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent up to the time of revocation
The social networks named below are integrated into our website using social plug-ins. You can find more detailed information on the scope and purpose of the collection and use of the data as well as your rights in this regard and options for protecting your privacy in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data that takes place when the service is integrated and the transmission of this data to Facebook. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum (https://www.facebook.com/legal/controller_addendum). According to this, we are particularly responsible for fulfilling the information obligations in accordance with Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for complying with the obligations in accordance with Art. 33 , 34 GDPR to the extent that a personal data breach affects our obligations under the Joint Processing Agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects in accordance with Art. 15 - 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the service and the obligations under Art. 33, 34 GDPR, insofar as a violation of personal data protection affects Meta Platforms Ireland's obligations under the Joint Processing Agreement.
Your data may be transferred to the United States. There is no adequacy decision by the EU Commission for the USA. The data is transmitted, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
More information on collection and use of the data by Facebook, about your rights in this regard and options for protecting your privacy can be found in Facebook's data protection information at https://www.facebook.com/about/privacy/.


Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be included in the transmitted to the United States. There is no adequacy decision by the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension- data-protection/standard-contractual-clauses-scc_de.

Use of Google invisible reCAPTCHA
We use the invisible reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves to Purpose of distinguishing the input by a human or by automated, machine processing. In the background, Google collects and analyzes usage data that is used by Invisible reCaptcha to distinguish regular users from bots. For this purpose, your input will be transmitted to Google and used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service will be transmitted to Google.
This data is processed by Google within the European Union and possibly also in the USA. There is no adequacy decision by the EU Commission for the USA. The data is transmitted, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
Your personal data is processed on the basis of Article 6 (1) (f) GDPR in our overriding legitimate interest in protecting our website from automated spying, misuse and SPAM. You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data based on Article 6 (1) (f) GDPR See: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Use of GoogleMaps
We use the function for embedding Google Maps maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google") on our website.
The function enables the visual representation of geographic information and interactive maps. In doing so, Google also collects, processes and uses data from website visitors when the pages in which Google Maps are integrated are accessed.
Your data may also be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. The data transmission takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks

Cookies or comparable technologies are used with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with Article 6 (1) (a) GDPR. Your personal data will be processed with your consent on the basis of Article 6 Paragraph 1 Letter a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent up to the time of revocation.
You can find more detailed information on the collection and use of data by Google in Google's data protection information at https:/ /www.google.com/privacypolicy.html. There you can also change your settings in the data protection center so that you can manage and protect your data processed by Google.


Data subject rights and storage period

Storage period
After completion of the contract, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law, and then deleted after the period has expired, unless you have consented to further processing and use.

Rights of Affected person
If the legal requirements are met, you have the following rights under Articles 15 to 20 GDPR: Right to information, to correction, to deletion, to restriction of processing, to data portability.
In addition, according to Art. 21 Para. 1 DSGVO a right of objection against the processing based on Art. 6 Para. 1 f DSGVO, as well as against processing for the purpose of direct marketing.

Right of appeal to the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not appropriate done lawfully.

You can lodge a complaint with the supervisory authority responsible for us, which you can reach under the following contact details:

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Tel: +49 711 6155410
Fax: +49 711 61554115
Email: poststelle@lfdi.bwl.de

Right of objection
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR, you have the right to object to this processing at any time for reasons that arise from your particular situation with effect for the future .
After an objection has been raised, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing of the assertion, exercise or r defense of legal claims.

If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After the objection has been raised, we will stop processing the data concerned for the purpose of direct advertising.

.