Privacy Policy
Privacy Policy
The person responsible for data processing is:
Nicole Klingen
Brunnenstrasse 23
40223
Duesseldorf
Germany
+4921154212590
info@kluba-medical.com
Thanks for your interest in our online shop. Protecting your privacy is very important to us. Below, we inform you about the handling of your data in detail.
- Access Data and Hosting
You can visit our websites without providing any personal information. Each time a website is accessed, the web server only automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access.
This access data is evaluated solely for the purpose of ensuring trouble-free operation of the site and improving our services. In accordance with Section 6 (1) p. 1 lit. f GDPR, this serves to protect our legitimate interests in a correct presentation of our offering, which prevail in the context of interest balancing. All access data is deleted within seven days after the end of your visit to the site.
Hosting Services Provided by a Third Party Provider
As part of processing on our behalf, a third party provider provides hosting and website display services on our behalf. This serves to protect our legitimate interests in a correct presentation of our offering, which prevail in the context of interest balancing. All data collected in the course of using this website or in forms provided for this purpose in the online shop as described below are processed on its servers. Processing on other servers only takes place within the scope explained here.
This service provider is located within a country of the European Union or the European Economic Area.
- Data Collection and Use for Contract Processing, Contacting
We collect personal data if you voluntarily provide it to us as part of your order or when contacting us (e.g. via contact form or email). Mandatory fields are marked as such, as we require this data to process the contract or to process your enquiry and you cannot send the order or enquiry without providing it. Which data is collected is visible in the respective input forms. We use the data provided by you in accordance with Section 6 (1) p. 1 lit. b GDPR for the purpose of contract processing and handling your enquiries. If you have given your consent in accordance with Section 6 (1) p. 1 lit. a GDPR by deciding to open a customer account, we will use your data for the purpose of opening a customer account. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and which we inform you about in this policy. You can delete your customer account at any time by either by sending a message to the contact option described below or via a function provided in the customer account for this purpose.
- Data Transfer
In order to fulfil the contract in accordance with Section 6 (1) p. 1 lit. b GDPR, we transfer your data to the shipping company commissioned with the delivery, as long as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the order process, we will transfer the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you have to log in to the payment service provider with your login data during the ordering process. In this case, the privacy policy of the respective payment service provider shall apply.
We also use an external merchandise management system for order and contract processing. The data transfer or processing that takes place in this respect is based on commissioned processing.
- Email Newsletter
Email Advertising after Newsletter Registration
If you register for our newsletter, we use the data required for this purpose or separately provided by you in order to send our email newsletter to you on a regular basis based on your consent pursuant to Section 6 (1) p. 1 lit. a GDPR.
Unsubscribing from the newsletter is possible at any time and can be done either by sending a message to the contact option described below or via a link provided in the newsletter for this purpose. After unsubscribing, we will delete your email address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and which we inform you about in this policy.
Email Advertising Without Newsletter Registration and Your Right to Object
If we receive your email address in connection with the sale of a product or service and you have not objected to this, based on Section 7 (3) of the German Unfair Competition Act (UWG), we reserve the right, to regularly send you offers for products similar to those you have already purchased from our range via email. This serves to protect our legitimate interests in addressing our customers in an advertising manner, which prevail in the context of interest balancing.
You can object to this use of your email address at any time by sending a message to the contact option described below or via a link provided in the advertising email for this purpose, without incurring any costs other than the transmission costs according to the basic rates.
The newsletter is sent as part of processing on our behalf by a service provider, whom we transfer your email address to for this purpose.
This service provider is located within a country of the European Union or the European Economic Area.
- Integration of the Trusted Shops Trustbadge
The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops quality seal and any ratings collected, as well as to offer Trusted Shops products to buyers after they have placed an order.
This serves to protect our legitimate interests in optimal marketing by enabling secure shopping in accordance with Section 6 (1) p. 1 lit. f GDPR, which prevail in the context of interest balancing. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany. The Trustbadge is provided by a CDN provider (content delivery network) as part of order processing. Trusted Shops GmbH also uses service providers from the USA. An adequate level of data protection is ensured. You can find further information on the data protection of Trusted Shops GmbH here.
When the Trustbadge is accessed, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access. Individual access data is stored in a security database for the analysis of security anomalies. The log files are automatically deleted no later than 90 days after creation.
Further personal data will be transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or have already registered to use them. The contractual agreement between you and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data. Whether you as a buyer are already registered for product use is automatically checked using a neutral parameter, your email address hashed via a cryptological one-way function. Before transmission, the email address is converted into this hash value, which cannot be decrypted by Trusted Shops. After checking for a match, the parameter is automatically deleted.
This is required for the fulfilment of our and Trusted Shops’ overriding legitimate interests in the provision of the buyer protection linked to the specific order in each case and the transactional evaluation services pursuant to Section 6 (1) p. 1 lit. f GDPR. Further details, including on objection, can be found in the Trusted Shops privacy policy linked above and in the Trustbadge.
- Cookies and Web Analytics
In order to make your visit to our website more attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages, as long as you have given your consent to this in accordance with Section 6 (1) p. 1 lit. a GDPR.
Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognise your browser on your next visit (persistent cookies). You can find the duration of storage in the overview in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for certain cases or in general. If you do not accept cookies, the functionality of our website may be limited. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these under the following links for the respective browsers:
Microsoft Edge™: https://support.microsoft.com/de-de/help/4027947/microsoft-edge-delete-cookies
Safari™ https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14
Chrome™ https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Firefox™ https://support.mozilla.org/de/products/firefox/protect-your-privacy/cookies
Opera™ https://help.opera.com/de/latest/web-preferences/#cookies
Furthermore, you can withdraw your consent at any time by sending a message to the contact option described in this privacy policy.
Usercentrics Consent Management Platform
On our website, we use the Usercentrics Consent Management Platform (“Usercentrics”) to inform you about technologies used on our website and to obtain, manage and document your consent to the processing of your personal data by these technologies. This is required pursuant to Section 6 (1) p. 1 lit. c GDPR to fulfil our legal obligation pursuant to Section 7 (1) GDPR to be able to prove your consent to the processing of your personal data to which we are subject. The consent management service Usercentrics is a service offered by Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, which processes your data on our behalf. When you visit our website, Usersentrics’ web server stores a so-called server log file, which also contains your anonymised IP address, date and time of visit, device and browser information, as well as information about your consent behaviour. Your data will be deleted after three years, unless you have expressly consented to further use of your data in accordance with Section 6 (1) p. 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and which we inform you about in this policy.
Use of Google (Universal) Analytics for Web Analytics
This website uses Google (Universal) Analytics for website analytics. The web analytics service is provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de). This serves to protect our legitimate interests in an optimised presentation of our offering, which prevail in the context of interest balancing pursuant to Section 6 (1) p. 1 lit. f GDPR. Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website is usually transferred to a Google server in the USA and stored there. By activating IP anonymisation on this website, the IP address is shortened before transmission within the Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transferred to a Google server in the USA and shortened there in exceptional cases. The anonymised IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. After the end of the purpose and the end of the use of Google Analytics by us, the data collected in this context will be deleted.
If information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.
You can prevent the collection of data generated by the cookie and related to your use of the website (incl. your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the browser plugin, you can click on this link to prevent Google Analytics from collecting data on this website in the future. In the process, an opt-out cookie is placed on your device. If you delete your cookies, you have to click on the link again.
Google Maps
This website uses Google Maps to visually display geographical information. Google Maps is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de). This serves to protect our legitimate interests in an optimised presentation of our offer and easy accessibility of our locations, which prevail our interests in the context of interest balancing pursuant to Section 6 (1) lit. f GDPR.
When using Google Maps, Google transmits or processes data about the use of the Maps functions by website visitors, which may include in particular the IP address and location data. We have no influence on this data processing.
If information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.
To deactivate the Google Maps service and thus prevent data transmission to Google, you have to deactivate the Java Script function in your browser. In this case, Google Maps cannot be used or can only be used to a limited extent.
For more information about data processing by Google, you can check the Google Privacy Policy. The terms of use for Google Maps contain detailed information about the map service.
The data processing is carried out on the basis of an agreement between jointly responsible persons pursuant to Section 26 GDPR, which you can view here.
Google Fonts
The script code “Google Fonts” is integrated on this website. Google Fonts is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. (www.google.de). This serves to protect our legitimate interests in a uniform presentation of the content on our website, which prevail our interests in the context of interest balancing pursuant to Section 6 (1) lit. f GDPR.
In this context, a connection is established between the browser you are using and Google’s servers. This enables Google to know that our website has been accessed via your IP address.
If information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.
For more information about data processing by Google, you can check the Google Privacy Policy.
- Social Media Plugins
Use of Social Plugins from Facebook, Instagram Using the “2-click Solution”
So-called social plugins (“plugins”) from social networks are used on our website. In order to increase the protection of your data when visiting our website, the plugins are integrated into the page by means of a so-called “2-click solution”. This integration ensures that when a page of our website containing such plugins is called up, no connection is established with the servers of the respective social network yet. The browser only establishes a direct connection to the servers of the respective social network when you activate these plugins.
The content of the respective plugin is then transmitted directly to your browser by the associated provider and integrated into the page. By integrating the plugins, the providers receive the information that your browser has accessed the corresponding page of our website, even if you do not have a profile with the corresponding provider or are not currently logged in. This information (including your IP address) is transmitted directly to a server of the respective provider (possibly to the USA) by your browser and stored there. If you interact with these plugins, for example by clicking the “Like” or “Share” button, the corresponding information is also transmitted directly to a server of the respective provider and stored there. The information will also be published on the social network and displayed to your contacts there. This serves to protect our legitimate interests in an optimal marketing of our offering, which prevail in the context of interest balancing pursuant to Section 6 (1) p. 1 lit. f GDPR.
For the purpose and scope of the data collection and the further processing and use of the data by the providers, as well as a contact option and your rights and setting options in this regard to protect your privacy, please refer to the data protection information of the providers:
https://www.facebook.com/policy.php
https://help.instagram.com/155833707900388
Our Online Presence on Facebook, Google, Twitter, Instagram
Our presence on social networks and platforms serves to improve active communication with our customers and interested parties. We provide information about our products and ongoing special promotions there.
When visiting our online presences in social media, your data may be automatically collected and stored for market research and advertising purposes. So-called usage profiles are created from this data using pseudonyms. These profiles can be used, for example, to display advertisements within and outside the platforms that presumably correspond to your interests. Usually, for this purpose, cookies are used on your device. These cookies store visitor behaviour and user interests. This serves according to Section 6 (1) lit. f GDPR to protect our legitimate interests in an optimised presentation of our offer and effective communication with customers and interested parties, which prevail in the context of interest balancing. If you are asked for consent (agreement) to data processing by the respective social media platform operators, e.g. by means of a checkbox, the legal basis for data processing is Section 6 (1) lit. a GDPR.
As long as the aforementioned social media platforms have their headquarters in the USA, the following applies: For the USA, there is an adequacy decision by the European Commission. This is based on the EU-US Privacy Shield. A current certificate for the respective company can be viewed here.
For detailed information on the processing and use of data by the providers on their websites, as well as a contact option and your rights and setting options in this regard to protect your privacy, in particular opt-out options, please refer to the privacy policies of the providers linked below. If you still need help in this regard, you can contact us.
Facebook: https://www.facebook.com/about/privacy/
The data processing is carried out on the basis of an agreement between jointly responsible persons in accordance with Section 26 GDPR, which you can view here:
https://www.facebook.com/legal/terms/page_controller_addendum
- Sending Rating Reminders via Email
Rating Reminder by Trusted Shops
If you have given us your express consent to this during or after your order in accordance with Section 6 (1) p. 1 lit. a GDPR, we will transmit your email address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany (www.trustedshops.de) so that they can send you a rating reminder via email.
This consent can be revoked at any time by sending a message to the contact option described below or directly to Trusted Shops.
- Contact Options and Your Rights
As a data subject, you have the following rights:
according to Section 15 GDPR, you have the right to request information about your personal data processed by us to the extent specified therein;
according to Section 16 GDPR, you have the right to request the correction of incorrect or incomplete personal data stored by us without delay;
according to Section 17 GDPR, the right to request the deletion of your personal data stored by us, unless further processing is required
– to exercise the right to freedom of expression and information;
– to comply with a legal obligation;
– for reasons of public interest; or
– to assert, exercise or defend legal claims;
according to Section 18 GDPR, the right to demand the restriction of the processing of your personal data, insofar as
– the accuracy of the data is disputed by you;
– the processing is unlawful, but you object to its erasure;
– we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or
– you have objected to the processing in accordance with Section 21 GDPR;
in accordance with Section 20 GDPR, the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
In accordance with Section 77 GDPR, the right to complain to a supervisory authority. Usually, for this purpose, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
If you have any questions regarding the collection, processing or use of your personal data, for information, correction, restriction or deletion of data as well as revocation of consent given or objection to a specific use of data, please contact us directly using the contact details in our imprint.
********************************************************************
Right of Objection
If we process personal data as explained above in order to protect our legitimate interests, which prevail in the context of a balancing of interests, you can object to this processing with effect for the future. If the processing is for direct marketing purposes, you can exercise this right at any time as described above. If processing is carried out for other purposes, you only have the right to object on grounds relating to your particular situation.
After exercising your right of objection, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms, or if the processing is for the establishment, exercise or defence of legal claims.
This does not apply if the processing is carried out for direct marketing purposes. We will then no longer process your personal data for this purpose. *******************************************************************