1.Information on the collection of personal data
1.1 Personal data
Here, we inform you about how we process personal data when using our website. Personal data includes information that can be connected to you personally, such as your name, address, email addresses, and user behavior. We want to explain our processing procedures and comply with legal obligations, especially those outlined in the EU General Data Protection Regulation (GDPR).
1.2 Data controller
The entity responsible for processing personal data, as defined in Article 4 (7) GDPR, is boopoon.
2.Processing of personal data when visiting our website
When you visit the website for informational purposes (without registering or providing additional information), we process personal data transmitted by your browser to our server. The data is necessary for displaying our website, ensuring stability, and security. The legal basis is Art. 6 (1) f GDPR and includes:
(A) IP address
(B) Date and time of the request
(C) Content of the request (visited page)
(D) Amount of data transmitted
(E) Browser
3.Further functions and offers of our website
3.1 Overview of various offers
Beyond informational use, our website offers services like account registration, purchasing goods, and additional functions to facilitate sales and analyze/marketing offers (explained in Sections 4 and 5). These may require further personal data or involve processing data for specific services.
3.2 Use of external service providers
We may use external service providers (e.g., payment service providers, shipping companies), selected and monitored by us, to process your data.
3.3 Further third-party involvement
Your data may be shared with third parties for promotions, competitions, or contract conclusion. Details will be provided during data input or in offer descriptions.
3.4 Third parties outside the EEA
If service providers or partners operate outside the EEA, consequences will be detailed in the offer description.
4.Processing of personal data when contacting or registering with us
When you contact us or register a customer account, we collect data you provide, such as:
(A) Name, title, or user name
(B) Login data (email, password)
(C) Contact details (address, phone, email)
(D) Additional information you share about yourself and interests
5.Processing of personal data when making a purchase
5.1 Shopping information
Shopping data collected during online purchases may include:
(A) Purchased item details
(B) Order number
(C) Delivery and billing addresses
(D) Delivery and payment status
(E) Communication related to purchases
(F) Return status
(G) Information on service providers involved
5.2 Payment details
Payment methods involve collecting details like billing addresses, preferred payment method, IBAN, BIC, account/credit card details.
5.3 Transfer of data on outstanding debts to collection service providers
Outstanding debts may lead to data transfer for debt collection purposes, following legal bases in Article 6 (1) b/f GDPR.
6.Cookie
6.1 General information about cookies
Cookies, tags, web pixels, and similar technologies may be used for automatic information collection. The types include Strictly Necessary, Functional, Performance/Analytic, and Advertising/Targeting Cookies.
6.2 Cookies
Cookies are files that sites or providers transfer to your device’s hard drive, allowing system recognition.
6.3 Your Choices
Browser settings can manage cookies. You can disable certain types, but this may impact functionality.
6.4 Web Pixels
Conversion pixels and web pixels are used for campaign and usage analysis.
6.5 Analytics
Third-party services like Google Analytics monitor and analyze site traffic.
6.6 Behavioral Remarketing
Remarketing services may show personalized ads based on your actions on our site.
6.7 Other Tracking Technologies
Tracking Technologies like Java scripts, entity tags, and HTML5 local storage may be used for various purposes.
6.8 Do Not Track
Our site currently does not process or respond to “Do Not Track” signals.
6.9 Location Information
Device settings can prevent sending location information.
7.Transfer of data to third parties
7.1 Transfer only where allowed by law
Data is forwarded based on German or European law, particularly to service providers, group companies, technical service providers, payment service providers, credit agencies, shipping companies, authorities, or third parties as permitted by law.
Retention and erasure of data
We retain personal data as long as necessary for contractual and legal obligations. Closed accounts lead to data deletion, but legal retention obligations may apply.
How is my personal data protected?
Technical and organizational measures, including SSL encryption, secure data transmission.
Your rights
Rights against us include information, rectification, erasure, restriction of processing, objection, and data portability. Withdrawal of consent is possible.
Changes to this Privacy Policy
The privacy notice may change due to website improvements or legal requirements. Regularly review the Privacy Notice.
Data Protection Officer
Contact our data protection officer at boopoon.com
7.2 Payment service providers and credit agencies
We offer different payment options, such as advance payment, payment by credit card, payment by PayPal and payment on invoice. For this purpose, payment data can be transferred to payment service providers with whom we work with. You can find more details about processing of personal data by payment service providers in their privacy policies:
(A) [Please fill in the partner payment service provider and attach a link to its privacy policy]
The service provider we use for credit checks is [Please fill in the name of the cooperative credit reporting agency, if not, delete this paragraph.] Its privacy policy can be found here [The link to the privacy policy of the credit reporting agency, if not, this paragraph will be deleted].
7.3 Shipping companies
(A) We work with external shipping companies (e.g. [Please enter the cooperative logistics service provider and attach a link to its privacy policy] to deliver orders. These shipping companies receive the following data to execute the relevant order:
(B) Your name
(C) Your delivery address
(D) Your post number if applicable
(E) Your email address if applicable (if the shipping company wishes to inform you of the provisional delivery date by email)
7.4 Authorities and other third parties
If we are obliged by an official or court decision or it is for prosecution purposes, we will if necessary forward your data to prosecution authorities or other third parties.
- Retention and erasure of data
We will store your personal data as long as is necessary for the purposes named in this Privacy Notice, especially for the fulfilment of our contractual and legal obligations. We may also store your personal data for other purposes if or as long as the law allows us store it for particular purposes, including for defence against legal claims.
If you close your customer account, we will delete all the data we have stored regarding you. If it is not possible or necessary to completely delete your data for legal reasons, the relevant data will be blocked for further processing. If data is blocked, technical and organisational measures are used to ensure that only a few employees can access the relevant data, based on need to know and only for select purposes (e.g. in the event of a tax audit).Blocking will occur, for example, in the following cases:
(A) Your order and payment details and perhaps other details are generally subject to various legal retention obligations, such as those in the Handelsgesetzbuch (HGB – Commercial Code) and the Abgabenordnung (AO – Tax Code). The law obliges us to retain this data for tax audits and financial audits for up to ten years. Only then can we finally delete the relevant data.
(B) Even if your data is not subject to any legal retention obligation, we may refrain in the cases allowed by the law from immediate deletion and instead carry out initial blocking. This applies especially in cases where we may need the relevant data for further contractual processing or prosecution or legal defence (e.g. in the event of complaints). The decisive criterion for the duration of the blocking is then the legal limitation periods. After the relevant limitation periods expire, the relevant data will finally be deleted.
Deletion may be waived in the cases allowed by law if the data is anonymous or pseudonymous and deletion would rule out or seriously hinder processing for scientific research or statistical purposes.
- How is my personal data protected?
We use technical and organisational measures to secure our systems. With regard to your order and your customer login, we transmit your personal data securely using SSL encryption (Secure Socket Layer).
- Your rights
10.1 Your rights against us as data controller
You have the following rights against us as a data controller in respect of personal data relating to you:
(A) right to information,
(B) right of rectification or erasure,
(C) right to restriction of processing,
(D) right to object to processing,
(E) right to data portability.
(F) right to withdraw consent (in case consent is the basis for data processing).
10.2 Information requests
In order to ensure that your data is not disclosed to third parties in the course of requests for information, please attach sufficient proof of identity to your request.
10.3 Withdrawal of consent.
If you have given your consent to the processing of your data, you may revoke this consent at any time. Such revocation affects the permissibility of the processing of your personal data after you have expressed it to us. The permissibility of the processing of your data up to the time of your revocation remains unaffected.
10.4 Objection in case of processing on the basis of balancing of interests
(A) Insofar as we base the processing of your personal data on a balancing of interests, you may object to the processing. This is the case if the processing is not necessary, in particular, for the fulfilment of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data in the way we have done. In the event of your objection, we will review the situation and either cease or adjust the data processing or show you our compelling legitimate grounds for continuing the processing.
(B) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. The best way to exercise your advertising objection is to contact us using the contact details provided above.
You also have the right to complain to a data protection supervisory authority about our processing of your personal data. The competencies of the supervisory authorities depend on the seat of the data controller. You may, however, contact any data protection authority in any member state of the European Union, in particular at your place of residence, which will forward your complaint to the competent authority.
- Changes to this Privacy Policy
Further improvements to our website or changes in legal or regulatory requirements may require changes to this privacy notice. Thus, we encourage you to re-read this Privacy Notice from time to time.
- Data Protection Officer
You can reach our data protection officer at boopoon.com with the addition “data protection officer”.