3. 3. Purposes of data processing, legal bases and legitimate interests pursued by the responsible person or a third party as well as categories of recipients
3.1. Visiting our websites /applications
With every access to websites /applications, information is sent to the server of our website /application via the respective Internet browser of the respective terminal device and temporarily stored in log files, the so-called log-files. The records stored in this case contain the following data, which are stored until automatic deletion: Date and time of retrieval, name of the page requested, IP address of the requesting device, referrer URL (origin URL from which you came to our web pages), the amount of data transferred, loading time, as well as product and version information of the respectively used browser as well as the name of their access provider.
The legal basis for the processing of the IP address is Article 6 Para 1 letter f) GDPR. Our legitimate interest arises from
• ensuring a smooth connection setup,
• ensuring comfortable use of our website /application,
• evaluation of system security and stability.
A direct inference to your identity is not possible on the basis of the information and will not be drawn by us.
The data will be stored and automatically deleted after the above mentioned purposes. The deletion period depends on the requirement of necessity.
3.1.2. Cookies, Tracking
We use so-called cookies, tracking tools and targeting methods for our website /application. On which procedures it applies exactly and how their data is used for this purpose is explained in detail below.
If you have consented to the so-called geo-localisation in your browser or in the operating system or other settings of your respective device, we use this function to offer you individualised services (for example, the location of the nearest branch) related to your current location. We process your processed location data exclusively for this function. If you stop using it, the data will be deleted.
3.2. Justification, Implementation and /or Termination of a Contract
3.2.1. Data Processing at the conclusion of the Contract
When you register on one of our websites /applications and enter into a contract with us, we process the data required to complete, execute or terminate a contract with you. Which includes:
• first name and last name
• billing and delivery address
• e-mail address
• billing and payment data
• date of birth, if applicable
• telephone number, if applicable
The legal basis for this is Article 6 Para 1) letter b) GDPR, i.e. You provide us with the data on the basis of the respective contractual relationship (for example, keeping your customer account, processing a sales contract) between you and us. To process your e-mail address in the event of purchase via our websites /applications, we are also required by law in the Civil Code (BGB) to send an electronic order confirmation (Article 6 Para 1 letter c) GDPR).
Insofar as we do not use your data for advertising purposes (see below 3.3.), we store the data collected for the execution of the contract until the end of the statutory or potential contractual warranty and guarantee rights. After expiry of this period, we retain the information required by commercial and tax law of the contractual relationship for the statutory periods. For this period, data will be reprocessed solely in the case of a review by the financial administration.
To process a purchase contract via our websites /applications, the following additional data processing is required:
Your payment data will be passed on to our payment service providers who process the payment (s). We will pass on the information on your delivery address to our contracted logistics companies and shipping partners. To ensure that the delivery of goods is carried out according to your wishes, we will forward your e-mail address and, if applicable, the telephone number to the logistics company and /or shipping partner commissioned by us to handle the delivery. They may contact you prior to delivery to arrange delivery details. The respective data are transmitted solely for the respective purposes and deleted after delivery.
3.2.2. Identity, creditworthiness and transmission to credit bureaus
If necessary, we verify your identity by using information from service providers. The legal basis for this is Article 6 Para 1 letter b) and also letter f) GDPR. The authorisation for this results from the protection of your identity and the avoidance of attempted fraud at our expense. The circumstance and the result of our inquiry will be added to your customer account or your guest account for the duration of the contractual relationship.
126.96.36.199. Credit checks
If you have selected a so-called unsafe payment method (invoice purchase) within the scope of an order, the following applies:
In cases where a customer wishes to order an insecure payment method, we are entitled to use information obtained in the order to calculate a default probability (internal scoring). The calculation of the default probability using internal scoring is based on a recognised mathematical statistical procedure. The data used in the internal scoring result in particular from a combination of the following data categories: Address data, age, desired terms of payment, order method and assortment groups. As part of the internal scoring, only such data are used, which the customer has indicated to us. Within the framework of the examination whether an insecure payment method (invoice purchase) can be granted, we are also entitled to obtain credit information about you from an external credit reference agency. We cooperate with the following credit agency: CRIF Bürgel GmbH, Radlkoferstrasse 2, 81373 Munich
For the purpose of soliciting credit information, the following data is transmitted to the external credit reporting agency: First name, last name, postal address, date of birth. The above-mentioned data may also be transmitted to CRIF Bürgel GmbH for the purpose of personal and address validation.
As part of the credit check, we can decide by means of an automated process whether you are granted the desired insecure payment method (invoice purchase). Thus, e.g. in the case of the transmission of a negative credit rating by an information agency or in the calculation of an insufficient score within the scope of the internal scoring, a rejection of the desired payment method is automatically carried out. You can assert the right for us to make a manual review of the automated decision. In addition, you have the right to make your own views and to challenge the decision.
The processing of your data as part of the credit check is carried out on the basis of Article 6 Para 1 letter b) GDPR and Article 6 Para 1) letter f) GDPR. In principle, we have a legitimate interest in the execution of a credit check when selecting an insecure payment method (invoice purchase) by you.
You would like to know why you cannot use all the payment methods? Do not hesitate to contact us at email@example.com.
188.8.131.52. Use of data for fraud prevention purposes<
The data you provide in the context of an order can be used to verify that there is an atypical ordering process (for example simultaneous ordering of a large number of goods to the same address using different customer accounts). In principle, there is a legitimate interest in the performance of such a review. The legal basis of the processing is Art. 6 Para 1 letter f) GDPR.
184.108.40.206. Transmission of data to transport service providers
For the purpose of delivering ordered goods, we cooperate with logistics service providers /transport companies and /or shipping partners: The following data may be transmitted to them for the purpose of delivering the ordered goods or for their announcement: First name, last name, postal address
The legal basis of the processing is Art. 6 Para 1 letter b) GDPR.
220.127.116.11. Submission of data on outstanding debts to collection service providers
If you fail to settle outstanding invoices /instalments despite a repeated reminder, we may forward the data required for the performance of collection to a debt collection agency for the purpose of fiduciary (trustee to another) collection. Alternatively, we can sell the outstanding claims to a debt collection agency. He then becomes the debtor and claims in his own name. We work together with the following collection service provider: EOS Deutscher Inkasso-Dienst GmbH, Steindamm 71, 20099 Hamburg. The legal basis for the transfer of data in connection with the fiduciary collection is Art. 6 Para 1) letter b) GDPR; the transmission of data in connection with the sale of receivables is based on Art. 6 Para 1) letter f) GDPR.
3.3. Data processing for advertising purposes
3.3.1. Postal advertising
We have a legitimate interest in using your data for marketing purposes. We collect the following data for our own marketing and third party marketing purposes: First name, last name, postal address, year of birth.
The data mentioned can also be transmitted to third parties (advertisers). In addition, we are entitled to store additional personal data about you in compliance with legal requirements for your own marketing purposes as well as for the marketing purposes of third parties. The aim is to provide you with advertisements oriented solely to your actual or perceived needs, and not to bother you with useless advertising.
A transmission of the added data to third parties does not take place. In addition, the responsible person pseudonymises /anonymises personal data collected about you for the purpose of using the pseudonymised /anonymised data for its own marketing purposes as well as for third-party marketing purposes (advertisers). The pseudonymised /anonymised data can also be used to advertise individualised online, wherein the advertising can be controlled by a service provider/agency. The legal basis for the use of personal data for marketing purposes is Article 6 Para 1) letter f) GDPR.
Reference to the right of objection
You can object to the use of your personal data for the aforementioned advertising purposes at any time free of charge with effect for the future at firstname.lastname@example.org
Insofar as you object, your data will be blocked for further processing. We point out that in exceptional cases, even after receipt of your objection, there may be a temporary shipment of advertising material. This is technically due to the necessary lead time in the selection process and does not mean that we have not implemented your objection.
n our websites /applications we offer you the opportunity to subscribe to our newsletter. In order to be sure that no errors have occurred when entering the email address, we use the so-called double-opt-in procedure (DOI method): After you have entered your email address in the registration field, we will send you a confirmation link to the given address. Only when you click this confirmation link, your email address will be included in our mailing list to send our newsletter. The legal basis for this data processing is Article 6 Para 1) letter a) GDPR.
Notice of right to revoke
You can revoke your consent at any time with effect for the future by opting out at the end of each newsletter.
3.3.3. Product recommendations by eMail
As an existing customer of our online shop, you will receive regular product recommendations from us by e-mail. These product recommendations are provided by us, regardless of whether you have subscribed to a newsletter. In doing so, we will use the e-mail address you provided in the purchase to promote your own goods and /or services that are similar to those you have purchased from us on the basis of an order already placed. The legal basis for this data processing is Article 6 Para 1) letter f) GDPR.
Notice of right of objection
You can object to our product recommendations at any time with a future message by sending a message to email@example.com
If you register for raffles organised by us, we use your data provided during the respective registration for the purpose of carrying out the participation contract, in particular for the notification of winnings and possibly the advertisement for our offers and /or offers from our raffle partners. Detailed information can be found in the respective terms and conditions for the respective competition. The legal basis for this data processing are Article 6 Para 1) letter a) GDPR, Article 6 Para 1) letter b) GDPR and Article 6 Para 1) letter f) GDPR.
3.4. Online presence and website optimisation
3.4.1 Cookies – General Information
Most of the cookies we use are deleted after the end of the browser session (so-called session or session cookies). Through this we can, for example, offer the Cross-Sideline Shopping Ad, where you can see how many items are in your shopping cart and what your current purchase value is. Other cookies remain on your computer and allow us to recognise your computer the next time you visit (so-called permanent or cross-session cookies). In particular, these cookies serve to make our offer user-friendly, effective and secure. For example, these files may allow you to see information that is specifically tailored to your interests on the page.
If you have a customer account and are logged in or activate the "keep logged in" function, the information stored in cookies is pseudonymised under a cookie ID.
Of course, you can set up your browser in a way that it does not store our cookies on the hard disk. The Help menu on the menu bar of most web browsers tells you how to prevent your browser from accepting new cookies, how to let your browser know when you receive a new cookie, or how to delete all cookies you have already received and for all others can lock them.
Please proceed as follows:
In Internet Explorer
Select "Internet Options" in the "Tools" menu,. Click on the "Privacy" tab. Now you can set the security settings for the Internet zone. Here you can set whether and which cookies should be accepted or rejected. With "OK" you confirm your setting.
In the menu "Tools", select Settings. Click on "Privacy". In the drop-down menu, select "Create custom settings". Now you can set whether to accept cookies, how long you want to keep these cookies and add exceptions to which sites you always or never want to allow cookies to use. With "OK" you confirm your setting.
In Google Chrome:
Click the Chrome menu in the browser toolbar. Now select "Settings". Click on "Show advanced settings". Under Privacy, click “Content Settings”. Under "Cookies" you can make the following settings for cookies: Deleting cookies By default, cookies are blocked by deleting cookies and website data after the browser has ended. Allow exceptions to cookies from certain websites or domains
We point out, however, that in this case you may not be able to use all the functions of this website in full.
Insofar as these cookies and /or information contained therein are personal data, the legal basis of data processing is Article 6 Par 1) letter f) GDPR. Our interest in optimising our website is considered to be justified in the sense of the provision mentioned above.
3.4.2. Google Analytics
For the purpose of the needs-based design and continuous optimisation of our pages, we use Google Analytics, a web analysis service of Google Inc. ("Google"), based on Article 6 Para 1 letter f) of the GDPR. Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of the use of the website by you. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this website such as
• browser type /version,
• used operating system,
• referrer URL (the previously visited page),
• host name of the accessing computer (IP address),
• time of the server request
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=en
As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set which prevents the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. For more information about privacy in connection with Google Analytics, visit the website of Google Analytics.
3.4.3. Webtrends Analytics
This website collects and stores anonymised data through Webtrends Analytics, a web analytics service provided by Webtrends EMEA Acquisition Ltd., Mallard Court, Market Square Staines, Middlesex, TW18 4RH England ("Webtrends"). This data is used to analyse visitor behaviour. Cookies can be used. These are small text files that are stored locally on the site visitor's computer, allowing them to be recognised when revisiting our website. The IP address of the site visitors is shortened by Webtrends before storage and thus anonymised. You can object to the collection and storage of data by means of Webtrends at any time with future effect at the following link: Click to disable web trend tracking in this browser.
For the needs-oriented design as well as for the optimisation of this website, anonymous data are collected and stored by solutions and technologies of econda GmbH and usage profiles are created from these data using pseudonyms. For this purpose, cookies can be used to enable the recognition of an Internet browser. The resulting usage profiles enable FRANKONIA to analyse, for example, visitor flows and click paths, but without being able to assign them to a specific user without his explicit consent. In particular, IP addresses are rendered unrecognisable immediately after receipt, so that an assignment of usage profiles to IP addresses is not possible. Visitors to this website may at any time, for the future, enter this data collection and storage here https://www.econda.de/widerruf-zur-datenspeicherung/.
3.4.5. Opposition /opt-out option
In addition to the deactivation methods described above, you can generally prevent the explained targeting technologies by setting a corresponding cookie in your browser (see also 3.4.1). In addition, you have the option of deactivating preference-based advertising with the help of the preference manager available here.
3.5. Customer account /user account
UIn order to offer you the greatest possible comfort, we offer you the permanent storage of your personal data in a password-protected customer account /user account.
The investment of the customer account is at present voluntary and on the basis of your consent within the meaning of Article 6 Para 1) letter b) GDPR. After setting up a customer account, no re-entry is required. In addition, you can view and change the data stored in your customer account at any time.
Only if you want to place orders via our website /application, the opening of a customer account for the execution of the contract is required. The legal basis for data processing in this case is (additionally) Art. 6 Para 1 letter b) GDPR.
In addition to the data requested during an order, you must provide a self-selected password to set up a customer account. This serves together with your e-mail address for access to your customer account. Please treat your personal access data confidentially and in particular do not make it accessible to unauthorised third parties. Please note that even after leaving our website, you will automatically be logged in, unless you actively log out. You have the option to delete your customer account at any time. Please note, however, that this does not mean that the data in the customer account can be deleted once you have ordered one from us. The deletion of your data takes place automatically after the expiry of the commercial and tax-related retention obligations. The legal basis for this data processing is Article 6 Para 1) letter c) GDPR and Article 6 Para 1) letter f) GDPR.
3.6. Contact admission
You have the opportunity to contact us in several ways. By e-mail, by phone or by mail. When you contact us, we will use the personal information you provide us with voluntarily for the sole purpose of contacting you and processing your request. The legal basis for this data processing is Article 6 Para 1) letter a), Article 6 Para 1) letter b), Article 6 Para 1) letter c) GDPR and Article 6 Para 1) letter f) GDPR.
3.7. Customer reviews /comments
If users leave comments or other contributions on www.frankonia-b2b.de or www.frankonia-b2b.com, their IP addresses will be based on our legitimate interests within the meaning of Art. 6, Para. 1 letter f). GDPR stored for 7 days. This is for our own safety, if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.).
We process your payment information for the purpose of payment processing, e.g. if you purchase or use a product and /or service through www.frankonia-b2b.de or www.frankonia-b2b.com. Depending on the method of payment, we will forward your payment information to third parties (for example, when paying by credit card to your credit card provider).
The legal basis for this data processing is Article 6 Para 1) letter a), Article 6 Para 1) letter b), GDPR and Article 6 Para 1) letter f) GDPR.