The uniform requirements of the EU’s General Data Protection Regulation (GDPR) have been in effect across Europe since 25 May 2018. In the data protection information below, we will inform you about the processing of personal data carried out by Frankonia Handels GmbH & Co.KG, (“FRANKONIA” and/or “we” and/or “Controller”) in accordance with the GDPR as well as the Bundesdatenschutzgesetz (the Federal Data Protection Act) (BDSG 2018).
1. Controller’s name and contact details
This data protection information governs data processing carried out by
represented by managing director Jeremy Glück
Tel.: +49 9302 / 20-0
2. Data protection officer’s contact details
You can reach the Controller’s internal data protection officer at
Frankonia Handels GmbH & Co. KG
3. Purposes of data processing, legal bases, and legitimate interests pursued by Controller or any third party as well as categories of recipients
3.1 Accessing our websites/applications
3.1.1. Log files
Whenever websites/applications are used, the Internet browser of your respective end device sends information to the server of our website/application, which is then stored temporarily in so-called log files. The data sets stored in such process contain the following data, which is stored until it is automatically erased: date and time of access, name of accessed page, IP address of requesting device, referrer URL (source URL from which you accessed our websites), transmitted data volume, loading time as well as product and version information of the respective browser used and name of your access provider.
The legal basis for the processing of the IP address is point f) of Article 6(1) GDPR. Our legitimate interest arises from the need to
• ensure a smooth connection;
• ensure the user-friendliness of our website/application; and
• evaluate system security and stability.
Your identity cannot be inferred directly from the information, nor will we draw any inference as to your identity.
The data is stored and, once the afore-mentioned purposes have been achieved, automatically erased. The prescribed retention periods until erasure depend on the criterion of necessity.
3.1.2. Cookies, tracking, social media plug-ins
We use so-called cookies, tracking tools, targeting processes as well as social media plug-ins for our website/application. Please see below for details on precisely which processes are involved and how your data is used in that context.
If you have consented to what is known as the geolocalization function in your browser, your operating system or other settings of your end device, we use such function in order to be able to offer you individual services relevant to your current location (e.g., the address of the nearest branch). Your location data processed for this purpose is processed only as part of such function. Once you discontinue your use, the data is deleted.
3.2. Entering into, implementing, and/or terminating a contract
3.2.1. Processing data upon contract execution
If you register with one of our websites/applications and enter into a contract with us, we will process the data needed to enter into, implement, or terminate the contract with you. Such data include:
• first name, last name
• billing and delivery address
• email address
• billing and payment data
• date of birth, if applicable
• telephone number, if applicable
The legal basis for processing of this kind is point b) of Article 6(1) GDPR — i.e., you provide us with the information on the basis of the respective contractual relationship (e.g., keeping your customer account, perform a purchase agreement) between you and us. We are, moreover, obligated to process your email address in the event of a purchase via our websites/applications due to legal requirements in the Bürgerliches Gesetzbuch (the Civil Code, the BGB) that mandate that an electronic order confirmation be sent (point c) of Article 6(1) GDPR).
Unless we use it for marketing purposes (see item 3.3. below), data collected for purposes of performing a contract is stored until the expiration of any right under related statutory and/or contractual warranties or guarantees. Following the lapse of this period, we will retain such information from the contractual relationship required under commercial and tax law for the periods stipulated by applicable law. Throughout this period, the data is processed again only in the event of an audit conducted by the financial authorities.
To execute a purchase agreement via our websites/applications, data must further be processed as follows:
The service provider processing payment(s) on our behalf receives your payment data from us. In addition, we share delivery address details with the logistics companies and shipping partners engaged by us. To ensure that goods are delivered in accordance with your preferences, we also transmit your email address and, if applicable, your telephone number to the logistics company and/or shipping partner engaged by us, which see to delivery. They may contact you ahead of time to coordinate the delivery details with you. The respective data is transmitted solely for the intended purposes; it will be erased again once delivery has been effected.
3.2.2. Identity, credit rating, and sharing information with credit agencies
126.96.36.199. Identity check
To the extent necessary, we verify your identity using information from service providers. The legal bases are point b) of Article 6(1) GDPR and point f) of Article 6(1) GDPR. Our authority to do so arises from the need to protect your identity and prevent cases of attempted fraud to our detriment. The fact as well as the outcome of our inquiry are added to and stored in your customer account or your guest account for the duration of the contractual relationship.
188.8.131.52. Credit checks
If you selected a so-called unsafe form of payment (purchase on account or in installments) as part of a purchase order, the following applies:
In cases in which a customer wants to place a purchase order using an unsafe form of payment, we are entitled to use information received as part of the purchase order to calculate the probability of default (internal scoring). The calculation of the probability of default by means of internal scoring is based on a recognized mathematical statistics method. The data used as part of internal scoring is primarily drawn from a combination of the following data categories: address data, age, terms of payment requested, ordering channel, and product categories. The only information used for purposes of internal scoring is those that the customers themselves provided to us. As part of the verification process to establish whether unsafe forms of payment (purchase on account or in installments) may be granted, we are further entitled to obtain information about your credit rating from an external credit agency. We work with the following credit agency: CRIF Bürgel GmbH, Radlkoferstrasse 2, 81373 Munich, Germany.
For the purpose of obtaining credit information, the following data is transmitted to the external credit agency: first name, last name, postal address, date of birth. Such data may also be transmitted to CRIF Bürgel GmbH for purposes of verifying personal identities and addresses.
As part of the credit check, we may determine with the help of an automated process whether the unsafe form of payment requested (purchase on account or in installments) will be granted to you. For instance, the requested form of payment may be denied automatically in the event that the credit agency provides a negative credit report or the calculated score is inadequate. You are entitled to assert the right that we conduct a manual review of such automated decision. In addition, you have the right to make your own case and challenge the decision.
For purposes of the credit check, your data is processed on the basis of point b) of Article 6(1) GDPR and point f) of Article 6(1) GDPR. As a matter of principle, we have a legitimate interest in conducting a credit check when you select an unsafe form of payment (purchase on account or in installments).
184.108.40.206. Using data for the purpose of fraud prevention
The information you provide as part of a purchase order may be used to determine whether a so-called atypical order process has occurred (e.g., simultaneous order of a multitude of goods to be sent to the same address using various customer accounts). We have a legitimate interest in making such a determination as a rule. The legal basis for processing is point f) of Article 6(1) GDPR.
220.127.116.11. Transmitting information to transport service providers
We work with logistics/transport service providers and/or shipping partners to arrange for the delivery of ordered goods. To them, the following data may be transmitted to allow them to deliver ordered goods and/or to provide delivery notifications: first name, last name, postal address.
The legal basis for processing is point b) of Article 6(1) GDPR.
18.104.22.168. Transmitting data about outstanding claims to collection agencies
In the event that you fail to settle outstanding invoices/installments despite repeated reminders, we may transmit the data needed for debt collection to a collection agency for the purpose of fiduciary collection. Alternatively, we may sell outstanding claims to a collection service provider. The collection service provider will then become the holder of the claims and will assert such in its own name. We work with the following collection service provider: EOS Deutscher Inkasso-Dienst GmbH, Steindamm 71, 20099 Hamburg, Germany. The legal basis for the data’s transmission as part of fiduciary collection is point b) of Article 6(1) GDPR; the data’s transmission as part of the sale of claims is based on point f) of Article 6(1) GDPR.
3.3. Processing data for marketing purposes
3.3.1. Postal advertising
As a matter of principle, we have a legitimate interest in using your data for marketing purposes. We collect the following data for marketing purposes of our own as well as of any third party: first name, last name, postal address, date of birth.
For this purpose, such data may also be transmitted to third parties (advertisers). In addition, we are entitled to add to and store along with the above-mentioned data other personal data collected about you in compliance with legal requirements for marketing purposes of our own as well as of any third party. It is our purpose to show you ads aligned with your actual or presumed needs rather than harassing you with ads that are of no use.
Data added in this fashion is not transmitted to third parties. Moreover, the Controller will pseudonymize/anonymize personal data collected about you for the use thereof for marketing purposes of its own as well as of any third party (advertisers). The pseudonymized/anonymized data may also be used to create individualized online advertising for you, in which case a service provider/agency may see to the delivery of ads. The legal basis for the use of personal data for marketing purposes is point f) of Article 6(1) GDPR.
Right to object:
If you do object, your data will no longer be available for processing for marketing purposes. Please note that, in some exceptional cases, advertising materials may be dispatched temporarily even after your objection was received. This is due to the lead time needed as part of the selection process and does not mean that we will not implement your objection.
As part of our websites/applications, we give you the option of registering for our newsletter. To ensure that no errors occur when an email address is entered, we use what is known as the double-opt-in (DOI) process: After you entered your email address into the registration field, we will send a confirmation link to the email address provided. Your email address is not added to the list of recipients for our newsletter until you click on this confirmation link. The legal basis for data processing of such kind is point a) of Article 6(1) GDPR.
Right to withdrawal
You can withdraw your consent at any time with effect for the future by using the unsubscribe option at the end of each newsletter.
3.3.3. Product recommendations by email
As an existing customer, you will receive our product recommendations by email on a regular basis. You will get such product recommendations from us regardless of whether you subscribed to a newsletter. For this purpose, we use the email address you provided as part of the purchase transaction to promote those of our own goods and/or services that resemble the ones you purchased as part of a past order. The legal basis for data processing of such kind is point f) of Article 6(1) GDPR.
Right to object
You can object to our product recommendations at any time with effect for the future by sending a message to firstname.lastname@example.org.
If you register for the sweepstakes we organize, we will use the data you provided during the respective registration process to perform the participation contract including, but not limited to, notifications for winning entries and, where applicable, promotions related to our offers and/or those of our sweepstakes partners. For more details, please see the respective terms of participation for the respective sweepstakes. The legal bases for data processing of such kind are point a) of Article 6(1) GDPR, point b) of Article 6(1) GDPR, and point f) of Article 6(1) GDPR.
3.4. Online profile and website optimization
As the operator of the platforms frankonia.de, frankonia.com, and frankonia.at, FRANKONIA collects data about the behavior of users on these platforms (tracking data). Such includes, but is not limited to, any secondary page (article detail page) viewed. For this purpose, FRANKONIA and/or FRANKONIA’s partners may set cookies in the browser used by the respective user. As a rule, tracking data may be collected only with your prior consent. You may grant such consent, for example, by clicking the “OK” button when the cookie banner is displayed on frankonia.de, frankonia.com, or frankonia.at. However, no such consent is required for the processing of the tracking data needed for the offerings of the websites frankonia.de, frankonia.com, or frankonia.at. Such includes the setting of cookies for the purpose of displaying a shopping cart, among other things. FRANKONIA may use the information about your user behavior to show you interesting offers on frankonia.de, frankonia.com, or frankonia.at, for instance, or otherwise market products and services to you on other websites through personalized content (e.g., retargeting). To the extent that personal data about your user behavior on frankonia.de, frankonia.com, or frankonia.at can be used by other providers (e.g., for purposes of “refining their own information”), such use, too, is subject to your prior consent. Such tracking data as FRANKONIA itself collects and stores is processed by FRANKONIA only in pseudonymized form. This approach prevents data from being matched to your person. In case you would like to delete individual cookies set in your browser, or if you want to know which service providers/providers set cookies in your browser, you can do so — and find out — by using a “preference manager.” Such a preference manager may be found at www.youronlinechoices.com, for example. You can also change your browser settings to prevent the setting of cookies, or to allow only certain types of cookies. Please see item 4.2 of this data protection policy for details about possible changes to the settings of the most common browsers (including Google Chrome, Firefox, etc.).
3.4.1. Cookies — general information and need for consent
Based on statutory requirements, storing information on end devices (desktops, mobile phones, tablets, etc.) — e.g., by setting cookies — as well as retrieving information from end devices (tracking) is permitted as a rule only with your prior consent. However, no such consent is needed if such storage or retrieval is required for a website’s offerings. This is the case, for instance, with regard to ensuring the availability of the following functionalities and/or achieving the following purposes:
- displaying shopping cart;
- displaying wish list;
- allowing users to log in and remain logged in; and
- ensuring system security.
With respect to any processing of data needed for the operation of the website, you do not have a right to object.
You can use the websites frankonia.de, frankonia.com, and frankonia.at without data being retrieved from your end device for such purposes, or stored on the same, to the extent that such data is not needed for the offerings of the websites frankonia.de, frankonia.com, and frankonia.at. For this reason, only “basic tracking” is activated for any use of the websites frankonia.de, frankonia.com, and frankonia.at, as far as no further consent has been granted by you.
3.4.2 Options to intervene/browser settings
Naturally, you can configure your browser in such a way that it will not set certain cookies in your end device. The Help function in the menu bar of most web browsers will explain how to stop your browser from accepting new cookies, how to tell your browser to alert you when new cookies are set and how to delete cookies that have already been set while blocking new ones.
For this purpose, please follow the instructions below.
In case you would like to delete individual cookies set in your browser, or if you want to know which service providers/providers set cookies in your browser, you can also do so — and find out — by using a preference manager. A preference manager may be found at www.youronlinechoices.com, for example.
3.4.3 Consenting to use of individual online services/collecting tracking data
On this website, our service provider Weikatec Software GmbH, 22391 Hamburg, Germany, collects data about your surfing behavior at our behest. Upon collection, an independent data custodian anonymizes such data. And the anonymized data may be combined with other anonymized data and used for marketing purposes of our own as well as of any third party. Ads based on such anonymized data may then be displayed on this website as well as partner sites. Anonymized data is available for use by us and/or any third party (e.g., online advertising marketers). You may object here to the collection of data about your surfing behavior for the purposes stated above.
22.214.171.124. Consent for Nitro
With your consent, information is collected about your surfing behavior on this website. Such information may be combined with information about your surfing behavior on other websites (tracking data). In addition, data is collected about you on this website when you open a customer account and/or purchase goods through this website. Similarly, data is collected in the course of the agreements executed via this website (customer account, contractual and transaction data). Such data may be combined with the tracking data and other customer account, contractual and transaction data. The tracking data as well as the customer account, contractual and transaction data is stored with an independent data custodian in anonymized form. Data that is personal per se, such as your name, your email address, your date of birth, etc., is not transmitted at all. The data custodian generates information about your preferences on the basis of the anonymized data received (e.g., fashion-lover). Where especially sensitive data (e.g., political views, health condition) is concerned, no such information is created, and sensitive data of such kind is not used as part of the generation of preferences. Such information about your preferences may be used by the following companies:
OS Data Solutions GmbH & Co KG,
Otto Group Media GmbH,
Ströer SSP GmbH,
to allow third parties (advertisers) to show you individualized ads on third-party websites (so-called publishers). For this purpose, the data is not shared with advertisers or website operators (publishers) in the process. To the extent that the information about your preferences is stored by OS Data Solutions GmbH & Co KG, Otto Group Media GmbH, and/or Ströer SSP GmbH in technical infrastructures, the information in question lies exclusively within the purview of the companies named. Information about your preferences is not shared with any third party. Neither the companies named nor the operators of the technical infrastructures are able to assign certain preferences directly to your person. In addition, a minimum number of persons (20 persons) for whom information about preferences is stored by the companies named must have the same preferences (K-anonymity). The legal basis for the data processing described above is point a) of Article 6(1) GDPR (consent). If you no longer want tracking data to be collected across websites for the afore-mentioned purpose, you may withdraw your respective consent. If you do not want information about your preferences that was previously collected in the context described above to be used for the marketing purposes identified, we kindly ask that you click this and select the service provider “The Adex.”
126.96.36.199. Consent for Google Adwords/remarketing
Our website uses the service Google Adwords. Google Adwords is a digital marketing program offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
We use the remarketing function within the Google Adwords service. The remarketing function allows us to show users of our website ads based on their interests on other websites within the Google Display Network (on Google itself — so-called “Google Ads” — or on other websites). For this purpose, the users’ interactions with our website — e.g., offers in which a given user takes an interest — are analyzed, in order to be able to show users targeted ads on other websites after they visited ours. To do so, Google stores a number in the browsers of users who visit certain Google services or websites within the Google Display Network. This number, which is referred to as a “cookie,” is how the visits of these users are recorded. Such number facilitates the clear identification of a web browser on a certain computer, but not of a person, and no personal data is stored in the process. The legal basis for data processing of such kind is point f) of Article 6(1) GDPR.
188.8.131.52. Withdrawing all forms of consent
You may fully withdraw your consent to the types of data processing described above.
3.4.4. Ongoing processing of tracking data in pursuit of legitimate interests
184.108.40.206 FRANKONIA’s legitimate interests/weighing of interests
FRANKONIA is entitled to continue processing tracking data collected with a user’s consent on the basis of legitimate interests. Such ongoing processing proceeds on the legal basis of point f) of Article 6(1) GDPR (weighing of interests). To the extent that FRANKONIA continues processing tracking data on the legal basis provided by point f) of Article 6(1) GDPR, it does so exclusively for purposes in the pursuit of which FRANKONIA has a legitimate interest. Such legitimate interests include, but are not limited to, the processing of tracking data for purposes of showing individualized ads on third-party websites as well as generating product recommendations on frankonia.de, frankonia.com, and frankonia.at. With its ongoing processing of tracking data, FRANKONIA does not process such data which applicable law, Article 9 GDPR specifically, deems especially sensitive — e.g., health-related data. FRANKONIA also does not use the tracking data to create analytical results that could be attributed to the special categories protected by Article 9 GDPR. Likewise, FRANKONIA does not use the tracking data to make automated decisions with a legal effect on the relationship with you as a user of the websites frankonia.de, frankonia.com, or frankonia.at, or which might otherwise adversely affect you to a considerable extent (e.g., individualized price adjustments based on your user behavior). Depending on the scope of tracking data and the risks associated with processing such with respect to your rights which are to be safeguarded, moreover, FRANKONIA pseudonymizes the tracking data to prevent it from being matched to your person.
220.127.116.11 Google Analytics “standard version”
For purposes of needs-based design and the ongoing optimization of frankonia.de, frankonia.com, and frankonia.at, data collected on the basis of a user’s consent is further processed using the standard version of Google Analytics on the legal basis provided by point f) of Article 6(1) GDPR (legitimate interest). The standard version of Google Analytics is a web analysis service of Google Inc. (“Google”). Google Analytics uses so-called cookies (text files) that are stored on your computer and allow your use of the website to be analyzed. Acting on behalf of FRANKONIA, Google uses such information to evaluate your use of the website and compile reports about website activities. Google processes the data collected through the use of the “standard version” of Google Analytics exclusively at the direction and for purposes of FRANKONIA.
For purposes of needs-based design and the ongoing optimization of this website, anonymized data is collected and stored using solutions and technologies provided by econda GmbH, and such data is used to create pseudonymized user profiles. For this purpose, cookies may be deployed to allow Internet browsers to be recognized. Existing user profiles enable FRANKONIA to analyze visitor streams and click paths, for instance, without being able to match such data to specific users without their express consent. Specifically, IP addresses are obscured immediately upon receipt to prevent user profiles from being matched to IP addresses. Visitors to this website may object to such data collection and storage at any time with effect for the future at .
18.104.22.168 Advertising partners/third-party cookies
We work with advertising partners in order to make the online offerings on our site more relevant to you. For this purpose, our advertising partners will set cookies when our site is visited (so-called third-party cookies). Pseudonymized information about your user behavior and your interests during your visit to our site are likewise stored in our advertising partners’ cookies. In some instances, the information collected may include data generated prior to the visit to our site on other sites. You are shown interest-related ads of our advertising partners based on such data. No personal data is stored, nor are user profiles combined with personal data about you.
You may prevent interest-based ads from our advertising partners by changing your browser’s settings for cookies.
To correctly assess sales and/or leads, AWIN AG, Eichhornstrasse 3, 10785 Berlin, Germany, sets a cookie on the end device of any visitor. Such setting of cookies is executed by the domain partners.webmaster-plan.com or banners.webmasterplan.com. The cookies used by AWIN are accepted when the Internet browser’s default settings are chosen. If you would prefer not to have these cookies set, please deactivate acceptance of cookies for the domains in question in your Internet browser. AWIN cookies merely store the ID of the referring partner as well as the ID number of the advertising media clicked on by the user (banner, text link, etc.), which are needed to process payment. When a transaction is executed, the Partner ID serves the purpose of correctly attributing the commission payable to the referring partner. The legal basis for data processing of such kind is point f) of Article 6(1) GDPR.
22.214.171.124 Transmitting data to partner enterprises
Trial subscriptions of userwerk GmbH
For purposes of selecting an advantageous local offer currently of interest to you, we transmit title, year of birth, country, postal code, (anonymized) hash code of email address and your IP address to userwerk GmbH, Ehinger Strasse 19, 89077 Ulm, Germany, (userwerk) in pseudonymized and encrypted form. userwerk uses the IP address exclusively for purposes of data security and typically anonymizes it after seven days. If you are interested in an offer and click the order button, it is you transmitting your personal data relevant to order processing to userwerk by clicking the order button in compliance with applicable law (point a) of Article 6(1) GDPR) in a secure manner (SSL encryption). As part of this process, userwerk GmbH also records with which affiliate (e.g., order confirmation or newsletter registration pages) your order was placed, so that it can later be clearly attributed to the affiliate in question (billing).
126.96.36.199 Option to object/opt out
Aside from the deactivation methods described, you may put a stop to the targeting technologies discussed simply by changing the cookie settings in your browser (also cf. item 3.4.1). In addition, you have the option of deactivating preference-based advertising with the help of this .
188.8.131.52 Social media plug-ins
On our website, we use social plug-ins for the social networks Facebook, Google+, and Twitter on the basis of point f) of Article 6(1) GDPR in order to make our enterprise more widely known through these channels. The marketing purpose inherent therein is to be deemed a legitimate interest within the meaning of the GDPR. It is the operator of such social network that is responsible for ensuring compliance with data protection law.
For information about the purpose and scope of data collection, any further processing, and the use of the data by the respective provider as well as your related rights and settings designed to protect your privacy, please see the provider’s data protection policies, links for which are provided below.
You can prevent social networks from matching the information collected about you on the occasion of your visit to FRANKONIA to your user accounts on such social networks by logging out of their sites and deleting cookies on your device. If you do not want social networks to match the data collected via our pages directly to your profile, you must log out from the social networks in question prior to visiting our website. You can prevent plug-ins from being activated altogether through the use of add-ons for your browser – e.g., with the script blocker “NoScript,” which can be found at https://noscript.net.
184.108.40.206.1. Facebook, Google+, and YouTube
This website uses social plug-ins from Facebook and Google (Google+ and YouTube). These are offers of the U.S. companies Facebook and Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”)).
When you visit a page containing such a plug-in, your browser establishes a link to Facebook or Google, and the contents are loaded by those sites. As a result, your visit to this website may be tracked by Facebook and Google even if you do not make active use of the social plug-in. If you have an account with Facebook or Google, you can use such a social plug-in to share information with your friends. FRANKONIA exerts no influence over the content of the plug-ins and the transmission of information.
Facebook and Google provide detailed information about the scope, nature, and purpose of any processing, as well as ongoing processing, of your data on their websites. This is where you will also find in-depth information about your rights and available settings for the protection of your private sphere.
This website integrates plug-ins from the social network Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). The Pinterest plug-in is evident in the “Pin It” button on our site.
This website further integrates functions of the service Twitter. These functions are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (“Twitter”). Through the use of Twitter and the “retweet” function, the FRANKONIA websites you visit are linked to your Twitter account and disclosed to other users. In the process, data is also transmitted to Twitter. Your Internet browser establishes a direct link to the servers of Twitter and transmits data to Twitter.
This site uses the analytical tool Hotjar. The provider of this web analysis tool is Hotjar Ltd., a company with registered offices at Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta. We use this tool to track interactions and mouse movements of randomly selected visitors in anonymized form. Such collection of data serves the purpose of improving this site as well as the usability of the individual functions.
3.5. Customer account/user account
In order to provide you with the greatest-possible degree of comfort, we give you the option of storing your personal data permanently in a password-protected customer account/user account.
Customer accounts are created on a voluntary basis as a rule and require your consent within the meaning of point b) of Article 6(1) GDPR. Once a customer account has been set up, no further data need to be input. In addition, you can view and change the data stored about you in your customer account at any time.
Only if you wish to place purchase orders via our website/applications is it a requirement that a customer account be opened to perform the contract. In this case, the (supplemental) legal basis for data processing is point b) of Article 6(1) GDPR.
In addition to the data requested for purposes of the purchase order, you must provide a password of your choice to set up a customer account. Along with your email address, this password serves as your means of access to your customer account. Please keep your personal access data confidential and, in particular, do not share it with unauthorized third parties. Please note that you remain logged in even after leaving our website unless you actively log out. You can delete your customer account at any time. Please note, however, that the data you can view in your customer account is not deleted along with the account once you have placed an order with us. Your data is deleted automatically once the retention periods to which we are subject under commercial and tax law have expired. The legal bases for data processing of such kind are point c) of Article 6(1) GDPR and point f) of Article 6(1) GDPR.
There are several means by which you can contact us: via email, telephone, or mail. Whenever you do get in touch, we will use any related personal data that you provide voluntarily solely for the purpose of contacting you in order to process your request.
The legal bases for data processing of such kind are point a) of Article 6(1) GDPR, point b) of Article 6(1) GDPR, point c) of Article 6(1) GDPR, and point f) of Article 6(1) GDPR.
3.7. Customer reviews/comments
When users leave comments or other posts on frankonia.de, frankonia.com, or frankonia.at, their IP addresses are stored on the basis of our legitimate interests within the meaning of point f) of Article 6(1) GDPR for seven days. This is done for our own security in the event that someone includes unlawful content with comments and/or posts (insults, prohibited political propaganda, etc.).
3.8. Other user contents
In various places, you have the option of publishing own contents on frankonia.de, frankonia.com, or frankonia.at (e.g., product reviews, comments, etc.). If you leave a comment, post a recommendation, or rate a product, brand, or style, we process the personal data that you voluntarily provide as part of such comment or review. You may publish contents on frankonia.de, frankonia.com, or frankonia.at using your first name and a shortened version of your last name.
We process your payment information for the purpose of transacting payment — e.g., when you purchase or use a product and/or service. Depending on the method of payment, we forward your payment information to third parties (e.g., to your credit card provider in cases of credit card payments).
The legal bases for data processing of such kind are point a) of Article 6(1) GDPR, point b) of Article 6(1) GDPR, and point f) of Article 6(1) GDPR.
4. Your rights
Aside from the right to withdraw any consent you granted us, you have the following additional rights subject to applicable statutory requirements:
• the right to obtain from us access to information about your personal data stored with us (Article 15 GDPR); specifically, you can demand information about the purposes of processing, the categories of personal data concerned, the categories of recipient to whom the personal data has been or will be disclosed, the envisaged storage period, and the origin of your data, to the extent that it was not collected directly from you;
• the right to have inaccurate personal data rectified and accurate personal data completed (Article 16 GDPR);
• the right to have data stored with us erased (Article 17 GDPR), provided that we are not subject to statutory or contractual retention periods or other legal obligations – or rights – regarding continued storage;
• the right to restrict processing of your data (Article 18 GDPR), to the extent that the accuracy of the data is contested by you, the processing is unlawful, but you oppose the data’s erasure, the controller no longer needs the data, but it is required by you for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Article 21 GDPR;
• the right to data portability pursuant to Article 20 GDPR — i.e., the right to receive selected personal data stored with us about you in a commonly used and machine-readable format, or to demand the transmission thereof to another controller; and
• the right to lodge a complaint with a supervisory authority. As a rule, you can turn to the supervisory authority at your habitual residence or place of work or at our registered office.
You can exercise the afore-mentioned rights to which you are entitled in relation to us at email@example.com. The right to data portability may be exercised at firstname.lastname@example.org.
4.2 Right to object
Subject to the conditions of Article 21(1) GDPR, data processing may be objected to on grounds relating to the particular situation of the data subject.
The above general right to object applies to all purposes of processing described in this data protection policy, which are carried out on the basis of point f) of Article 6(1) GDPR. In contrast to the specific right to object to data processing for marketing purposes (), we are obligated to implement such general objection under the GDPR only if you state reasons of overarching significance (e.g., a possible risk to human life or health).
4.3 Right to withdrawal
To the extent that we process data on the basis of your consent, you are entitled to withdraw your consent granted at any time. Withdrawing your consent does not have the effect of rendering ineffective such data processing as may have been undertaken on the basis of your consent until such withdrawal.