GDPR Compliance - DSGVO - Data Protection

1. Data protection at a glance

General information

The protection of personal data is very important to us. Whether data is collected and for what purpose it is processed is explained in the following data protection declaration. We adhere to all applicable legal provisions on the protection of personal data and data security. Our employees also receive extensive training and are obliged to maintain confidentiality and comply with all data protection regulations.

The legal basis for data processing is Art. 6 Para. 1 a) and Art. 7 EU GDPR for consent, Art. 6 Para. 1 b) EU GDPR for the performance of services and implementation of contractual obligations, Art. 6 Para. 1 c) EU GDPR for the fulfillment of legal obligations and Art. 6 Para. 1 f) EU GDPR for the protection of legitimate interests.

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator:

Ickert & Kinast GbR

Wallbergstr. 36

81539 Munich

service@ninarein.com

How do we collect your data?

On the one hand, your data is collected when you communicate it to us. This may, for example, be data that you enter in a contact form.

Other data is automatically collected by our IT systems when you visit the website:

server log files

When you use the website ninarein.com for information purposes, i.e. even if you do not log in to use the website, register or otherwise provide us with information, we collect data that your browser transmits to enable you to visit the website ("server log files"). These are:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• amount of data transferred
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software.

The legal basis for data processing is Art. 6 Para. 1 lit. f) EU GDPR.

newsletter

We offer a regular newsletter, which requires your email address to be received. Before the newsletter is sent, you must expressly confirm that you would like to receive our newsletter as part of the so-called double opt-in process. You will then receive a confirmation and authorization email with a link. If you click on this link, you confirm that you would like to receive the newsletter. This registration is logged in order to be able to legally prove the registration process.

You can stop receiving the newsletter at any time. The corresponding link is included in every newsletter sent. Alternatively, you can revoke your consent by contacting us at service@ninarein.com .

The legal basis for data processing is Art. 6 Para. 1 lit. a) EU GDPR.

ordering process

During the ordering process we collect your name, address and email address.

The legal basis for data processing is Art. 6 Para. 1 lit. b) EU GDPR.

contact

Processing your email address is essential in order to be able to answer your request. If additional data is processed, such as name, address or similar, the processing serves to individualize the respective user and thus to be able to respond to their request in the best possible way.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior and, among other things, to show you personalized advertising.

What rights do you have regarding your data?

You have the right to obtain information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request that this data be corrected, blocked or deleted. You can also contact us at any time using the address provided in the imprint. You also have the right to lodge a complaint with the responsible supervisory authority.

correction of data

You can use the link below to update your account information if it is incorrect.

data portability

Using the links below you can download all the data we store and use to provide you with a better shopping experience in our store.

access to personal data

You can request a report containing all the personal data we hold about you using the link below.

right to be forgotten

Use this option if you wish to remove your personal and other information from our store. Please note that this will delete your account and you will no longer be able to access or use it.

analysis tools and third-party tools

When you visit our website, your surfing behavior can be statistically evaluated. This is done primarily with cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information about this in the following data protection declaration.

You can object to this analysis. We will inform you about the options for objection in this privacy policy.

2. General information and mandatory information

data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) may have security gaps. Complete protection of data against access by third parties is not possible.

Note on the responsible body

The responsible body for data processing on this website is:

Julia Ickert & Susanne Kinast GbR

Wallbergstr. 36

81539 Munich

mail: Service@ninarein.com

The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. All you need to do is send us an informal email. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.

right to lodge a complaint with the competent supervisory authority

In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the responsible supervisory authority. The responsible supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschrift_Links/anschrift_links-node.html .

right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request that the data be transferred directly to another responsible party, this will only be done if it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.

Encrypted payment transactions on this website

If, after concluding a paid contract, you are obliged to provide us with your payment details (e.g. account number for direct debit authorization), these details will be required to process the payment.

Payment transactions using common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

With encrypted communication, your payment data that you send to us cannot be read by third parties.

information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction, blocking or deletion of this data. You can contact us at any time at the address provided in the imprint if you have any questions about this or other questions on the subject of personal data.

objection to advertising emails

The use of contact data published as part of the imprint obligation to send unsolicited advertising and information materials is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, for example through spam emails.

3. Data collection on our website

cookies

Our website uses cookies. Cookies do not harm your computer and do not contain viruses. Cookies are used to make our service more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are stored on the basis of Art. 6 Paragraph 1 Letter f of GDPR. The website operator has a legitimate interest in storing cookies to ensure technically error-free and optimized provision of its services. If other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this data protection declaration.

Regarding the cookies set by third parties, namely Google Analytics, Facebook Pixel, Pinterest, YouTube Video, Vimeo, Google Adwords and Google Tag Manager, further information can be found under the heading “Third-party services”.

The app used to ensure GDPR/CCPA compliance of this website collects your IP address and email address to process the data. For more information about the app, see the Privacy Policy

server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

browser type and browser version
operating system used
referrer URL
hostname of the accessing computer
time of the server request
IP address

This data will not be merged with other data sources.

The basis for data processing is Art. 6 (1) (f) GDPR, which permits the processing of data to fulfill a contract or for pre-contractual measures.

contact form

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

processing of data (customer and contract data)

We only collect, process and use personal data to the extent that it is necessary for the establishment, content design or modification of the legal relationship (master data). This is done on the basis of Art. 6 Paragraph 1 Letter b of GDPR, which permits the processing of data to fulfill a contract or pre-contractual measures. We only collect, process and use personal data about the use of our websites (usage data) to the extent that this is necessary to enable the user to use the service or to bill them.

The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

Data transfer when concluding a contract for online shops, retailers and shipping of goods

We only transmit personal data to third parties if this is necessary for the performance of the contract, for example to the company entrusted with the delivery of the goods or the credit institution responsible for processing the payment. The data will not be transmitted to any other parties or will only be transmitted if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The basis for data processing is Art. 6 (1) (b) GDPR, which permits the processing of data to fulfill a contract or for pre-contractual measures.

Data transfer when concluding a contract for services and digital content

We only transmit personal data to third parties if this is necessary for the performance of the contract, for example to the credit institution responsible for processing payments.

The data will not be transmitted to any other parties or will only be transmitted if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The basis for data processing is Art. 6 (1) (b) GDPR, which permits the processing of data to fulfill a contract or for pre-contractual measures.

4. Analysis tools and advertising

We use the following third-party services:

Google Inc, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”)
YouTube, LLC, subsidiary of Google Inc., 901 Cherry Avenue, San Bruno, CA 94066, USA (“Youtube”)
Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA (“Facebook”)
Instagram Inc., subsidiary of Facebook Inc., 181 South Park Street, San Fransisco, CA 94107, USA (“Instagram”)
Pinterest, Inc., 808 Brannan Street, San Fransisco, CA 94103-4904, USA (“Pinterest”)
MailChimp (The Rocket Science Group, LLC, 675 Ponce de Leon, Avenue NE, Atlanta, GA 30308, USA (“MailChimp”)
Vimeo (Vimeo Inc, 55 West 18th Street, New York, 10011 New York, USA)

A third-party provider may be based in a third country, i.e. in a country in which the GDPR does not have direct legal effect. In this case, data will only be transferred if you have given your consent, an adequate level of data protection prevails or there is another legal permission .

Google, Facebook/Instagram, Twitter and MailChimp operate under the Privacy Shield Agreement (EU-US Data Protection Shield), which means that the requirements of the Privacy Shield Agreement are equivalent to the data protection level of the European Union and that the data is treated accordingly .

Please contact the companies themselves for further information about the purpose and scope of data processing as well as the setting options for protecting your privacy.

Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google provides further information on data usage by Google at this link: Information about Google's use of data

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. Information such as operating system, browser, IP address, referrer URL is recorded. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area.

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You may prevent cookies from being saved by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: Browser add-on to deactivate Google Analytics.

3. Facebook, Instagram, Twitter, Google+, Pinterest

We have integrated plug-ins from the social networks and services Facebook, Instagram, Twitter, Google+, and Pinterest on our website. The plug-ins are marked with a logo or the “Pin it” button (Pinterest).

In order to guarantee you the greatest possible protection and to comply with the principle of data minimization, we use the Shariff method. This means that direct contact between the social network and you is only established when you actively click on the corresponding button. If the social network button is not clicked, no data is collected, no activities are logged, and no surfing profile is created.

If the button is clicked, the respective service provider receives the information that you have accessed our website. You do not need a user account with the respective service, nor do you need to be logged in if you have a user account. If, however, you have a user account with the service provider and are logged in, this data is assigned directly to the account. This can be prevented by logging out of your user account for the relevant service before clicking the button.

We have no way of influencing whether, to what extent, for what purpose and for how long the service providers and social networks collect personal data.

Further information on how user data is handled can be found here:

Facebook , Instagram , Twitter , Google+, Pinterest

You can opt out of the collection and use of information for targeted online advertising by following this link: https://www.facebook.com/ads/website_custom_audiences .

Pinterest tag conversion tracking

This website uses the conversion tracking technology “Pinterest Tag” of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (“Pinterest”).
If you have accessed our website from a pin on Pinterest, we will place a cookie on your computer that interacts with a "tag" in the form of a JavaScript code from Pinterest. Cookies are small text files that are stored on your device. These cookies are not used for personal identification and expire after 180 days.

If the user is redirected from a pin on Pinterest to pages on this website and the cookie has not yet expired, the tag records certain user actions predefined by us and can track them (e.g. completed transactions, leads, search queries on the website, visits to product pages). When such an action is carried out, your browser sends an HTTP request from the cookie to the Pinterest server via the Pinterest tag, with which certain information about the action (including type of action, time, browser type of the end device) is transmitted.
This transmission allows Pinterest to create statistics about usage behavior on our website after forwarding from a Pinterest pin, which help us to optimize our offering.
If personal user data is processed, this is done in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in the statistical evaluation of the success of product advertisements on Pinterest and the purchasing behavior of users and thus serves to optimize our online offering.
However, we do not receive any information that can be used to personally identify users.
If you do not wish to participate in tracking, you can object to this by deactivating the Pinterest tag conversion tracking cookie in your internet browser under user settings. You will then not be included in the conversion tracking statistics. Alternatively, you can use the deactivation page for consumers from the EU http://www.youronlinechoices.com/de/praferenzmanagement/
Check whether Microsoft advertising cookies are set in your browser and disable them.
You can find further information about Pinterest’s privacy policy at this internet address: https://policy.pinterest.com/de/privacy-policy.
To the extent legally required, we have obtained your consent in accordance with Art. 6 (1) (a) GDPR to process your data as described above. You can revoke your consent at any time with effect for the future.

4. YouTube

If necessary, we use the YouTube service to embed videos on the website. We have no influence on the data processing operations that may be triggered by clicking on the video on YouTube. To provide you with the greatest possible protection, the videos have been embedded in the extended data protection mode. This means that data is only transferred when you actually use the functions of the embedded content. YouTube uses cookies to collect information about visitors. Further information on how YouTube handles user data can be found in the " YouTube privacy policy ".

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

5. MailChimp

Our email newsletter is sent via the service provider MailChimp. MailChimp offers statistical evaluation options for usage data, although the evaluation is always group-related and not individual. The usage data generated by MailChimp is generally not evaluated individually. As far as possible, any tracking offered by MailChimp is turned off. However, if you call up a newsletter in a browser for correct display using the link provided in the email, the analysis tool Google Analytics is used on the website that is then displayed. Only MailChimp has access to the data generated with it. However, you can prevent tracking by Google Analytics by using certain browser plug-ins.

The data protection regulations can here can be viewed.

6. Facebook Pixel / Retargeting, Remarketing

We use the “Facebook Pixel” from Facebook Inc. on our website. This allows the behavior of users to be tracked after they have seen or clicked on a Facebook ad. This process is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and can help to optimize advertising measures.

The data collected is anonymous to us and does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. You can allow Facebook and its partners to place advertisements on and outside of Facebook. A cookie may also be stored on your computer for these purposes.

To generally object to the use of cookies on your computer, you can set your Internet browser so that no more cookies can be stored on your computer in the future or cookies that have already been stored are deleted. However, deactivating all cookies may mean that some functions on our website can no longer be carried out. You can also prevent the use of cookies by third parties such as Facebook on the website of Digital Advertising Alliance deactivate.

7. Google AdWords Conversion Tracking

This website uses the online advertising program “Google AdWords” and, as part of Google AdWords, conversion tracking. The cookie for conversion tracking is set when a user clicks on an advert placed by Google. Cookies are small text files that are stored on your computer system. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the advert and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked across the websites of AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their advert and were redirected to a page with a conversion tracking tag. However, you will not receive any information that can be used to personally identify users. If you would like to participate in tracking, you can object to this use by simply deactivating the Google Conversion Tracking cookie in your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

browser plugin

You can prevent cookies from being saved by selecting the appropriate settings on your browser software; however, please note that if you do this, you may not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de .

objection to data collection

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to this website:

https://tools.google.com/dlpage/gaoptout/

For more information on how Google Analytics handles user data, see the privacy policy from Google

Demographic characteristics in Google Analytics

This website uses the "demographic characteristics" function of Google Analytics. This enables reports to be created that contain information about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third parties. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the "Objection to data collection" section.

5. Plugins and tools

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you visit a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google's servers. This tells Google that our website was accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

If your browser does not support web fonts, a standard font from your computer will be used.

For more information about Google Web Fonts, see https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/ .