Data protection declaration
Data protection information of
Baleni, Aram Hambardzumyan,
Status: 02/06/2020
Since May 25, 2018, the uniform requirements of the EU General Data Protection Regulation (GDPR) have applied across Europe in the area of data protection. In the following data protection information, we will inform you about the processing of personal data carried out by Baleni in accordance with the GDPR and the Data Protection Act (DSG).
Please read our data protection information carefully. If you have any questions or comments about our data protection information, please contact us at
1. Name and contact details of the person responsible for processing
This data protection information applies to data processing by the
Baleni
Aram Hambardzumyan
Walter-Juramann-Gasse 2D / 4/7,
1230 Vienna
Tel: 0043 660 851 7766
E-mail: baleni2020@gmail.comWebsite: www.baleni.at
2. Purposes of data processing, legal bases and
legitimate interests, which are of the person responsible or
a third party as well as categories of recipients.
2.1 Accessing our websites / applications
2.1.1. Log files
Each time a website / application is accessed, information is sent to the server of our website / application by the respective internet browser of your respective end device and temporarily stored in log files. The data records saved in this process contain the following data, which are saved until they are automatically deleted: date and time of the call, name of the page called up, IP address of the requesting device, referrer URL (URL of origin from which you accessed our website came), the amount of data transferred, loading time, as well as product and version information of the browser used and the name of your access provider.
The legal basis for processing the IP address is Article 6 Paragraph 1 Letter f) GDPR. Our legitimate interest arises from
Ensuring a smooth connection,
Ensuring comfortable use of our website / application,
Evaluation of system security and stability.
A direct conclusion about your identity is not possible based on the information and we will not draw it either.
The data is saved and automatically deleted after the aforementioned purposes have been achieved. The standard deadlines for deletion are based on the criterion of necessity.
2.1.2. Cookies, tracking, social media plugins
We use so-called cookies, tracking tools, targeting procedures and social media plug-ins for our website / application. The exact procedures involved and how your data is used for this are explained in detail below.
2.1.3. Geo-localization
If you have agreed to the so-called geolocation in your browser or in the operating system or other settings of your respective end device, we use this function in order to be able to offer you individual services related to your current location (e.g. the location of the nearest branch). We process your location data processed in this way exclusively for this function. If you stop using it, the data will be deleted.
2.2 Establishment, implementation and / or termination of a contract
2.2.1. Data processing when concluding a contract
If you register on one of our websites / applications and conclude a contract with us, we will process the data required for concluding, executing or terminating a contract with you. Which includes:
First name Last Name
Billing and delivery address
E-mail address
Billing and payment data
birth date
possibly telephone number
The legal basis for this is Article 6 Paragraph 1 Letter b) GDPR, ie you provide us with the data on the basis of the respective contractual relationship (e.g. maintaining your customer account, processing a sales contract) between you and us. In order to process your e-mail address in the event of a purchase via our websites / applications, we are also obliged to send an electronic order confirmation due to legal requirements in the General Civil Code (ABGB) (Article 6 Paragraph 1 Letter c) GDPR).
If we do not use your data for advertising purposes (see 3.3 below), we will save the data collected for the execution of the contract until the statutory or possible contractual warranty and guarantee rights have expired. After this period has expired, we keep the information of the contractual relationship required under corporate and tax law for the periods specified by law. For this period, the data will only be processed again in the event of a review by the tax authorities.
In order to process a purchase contract via our websites / applications, the following data processing is also required:
In order to process a purchase contract via our websites / applications, the following data processing is also required:
Your payment data will be passed on to payment service providers commissioned by us, who will process the payment (s). We pass on information about your delivery address to logistics companies and shipping partners commissioned by us. In order to ensure that the goods are delivered according to your wishes, we will transmit your email address and, if applicable, the telephone number to the logistics company and / or shipping partner commissioned by us, who will take over the delivery. If necessary, they will contact you in advance of delivery in order to coordinate delivery details with you. The respective data are transmitted solely for the respective purposes and are deleted again after delivery.
2.2.2. Identity, creditworthiness and transmission to credit agencies
2.2.2.1. Identity verification
If necessary, we check your identity with the help of information from service providers. The legal basis for this is Article 6 Paragraph 1 Letter b) and Letter f) GDPR. The authorization to do this arises from the protection of your identity and the avoidance of attempted fraud at our expense. The circumstance and the result of our inquiry will be added to your customer account or your guest account for the duration of the contractual relationship.
2.2.2.2. Use of data for fraud prevention purposes
The data you provide in the context of an order can be used to check whether an atypical order process has occurred (e.g. simultaneous ordering of a large number of goods to the same address using different customer accounts). In principle, we have a legitimate interest in carrying out such a check. The legal basis for processing is Art. 6 Paragraph 1 Letter f) GDPR.
2.2.2.3. Transmission of data to transport service providers
For the purpose of delivering ordered goods, we work with logistics service providers / transport companies and / or shipping partners: The following data can be sent to them for the purpose of delivering the ordered goods or to announce them: first name, last name, postal address, telephone number and, if applicable, E. -Mail address.
The legal basis for processing is Art. 6 Paragraph 1 Letter b) GDPR
2.2.2.4. Transmission of data on outstanding receivables to debt collection service providers
If you do not pay open invoices / installments despite repeated reminders, we can transfer the data required to carry out a collection to a collection service provider for the purpose of fiduciary collection. Alternatively, we can sell the outstanding receivables to a debt collection service provider. He then becomes the owner of the claim and asserts the claims in his own name. We work with the following debt collection service provider: Information - Inkasso OKO GmbH & Co KG, Waldeggstraße 16, 4020 Linz. The legal basis for the transmission of data in the context of fiduciary collection is Art. 6 Paragraph 1 Letter b) GDPR; the transmission of the data in the context of the sale of receivables takes place on the basis of Art. 6 Paragraph 1 Letter f) GDPR
2.2.2.5 Transmission of data to processors
What are contract data processors?
We use contract processors to process your data. A processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the person responsible for data processing. Processors do not use the data for their own purposes, but carry out the data processing exclusively for the person responsible. If, for example, you buy an article from us, you transmit your e-mail address to us for the purpose of sending us an order confirmation. We are therefore responsible for this data processing. Your email address will then be sent to a service provider for the purpose of sending an order confirmation. This service provider will then send you the order confirmation for the purchased item. To do this, the service provider processes your email address on our behalf. The legal basis for processing is Art. 6 (1) f. GDPR
2.3. Data processing for advertising purposes
2.3.1. Postal advertising
We basically have a legitimate interest in using your data for marketing purposes. We collect the following data for our own marketing purposes as well as for third-party marketing purposes: first name, last name, postal address, year of birth.
The data mentioned can also be transmitted to third parties for this purpose. We are also entitled to store additional personal data collected about you in compliance with the legal requirements for our own marketing purposes as well as for third-party marketing purposes. The aim is to send you advertising that is solely oriented towards your actual or supposed needs and accordingly not to bother you with useless advertising.
The stored data will not be transmitted to third parties. In addition, the person responsible pseudonymizes personal data collected about you for the purpose of using the pseudonymized data for their own marketing purposes as well as for third-party marketing purposes (advertisers). The pseudonymized data can also be used to advertise you individually online, whereby the advertising can be controlled by a service provider / agency. The legal basis for the use of personal data for marketing purposes is Art. 6 Paragraph 1 Letter f) GDPR.
2.3.2. Newsletter
On our websites / applications we offer you the opportunity to register for our newsletter. In order to be sure that no errors were made when entering the email address, we use the so-called double opt-in procedure (DOI procedure): After you have entered your email address in the registration field, we will send it A confirmation link to the address provided. Only when you click on this confirmation link will your email address be added to our mailing list for sending our newsletters. The legal basis for this data processing is Article 6 Paragraph 1 Letter a) GDPR.
Notice of right of withdrawal
You can give your consent at any time with future effect by sending a message to or revoke the unsubscribe option at the end of each newsletter.
2.3.3. Product recommendations by email
As an existing customer of our online shop, you will regularly receive product recommendations from us by email. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter. We use the e-mail address you provided during the purchase to advertise our own goods and / or services that are similar to those that you have purchased from us on the basis of an order that has already been placed. The legal basis for this data processing is Article 6 Paragraph 1 Letter f) GDPR.
Note right of objection
You can send a message to our product recommendations at any time with future effect or contradict at the end of each product recommendation email without incurring any costs other than the transmission costs according to the basic tariffs.
2.3.4. Sweepstakes
If you register for competitions organized by us, we will use the data you provided when registering for the purpose of executing the participation contract, in particular to notify you of winnings and, if necessary, to advertise our offers and / or offers from our competition partners. You can find detailed information in the respective conditions of participation for the respective competition. The legal basis for this data processing is Article 6 Paragraph 1 Letter a) GDPR, Article 6 Paragraph 1 Letter b) GDPR and Article 6 Paragraph 1 Letter f) GDPR.
2.4. Online presence and website optimization
2.4.1. Cookies general information
We use cookies on various pages to make visiting our website attractive and to enable the use of certain functions as well as to statistically record the use of our website. Cookies are small text files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity.
Most of the cookies we use are deleted at the end of the browser session (so-called session cookies). This allows us to offer you the cross-page shopping cart display, for example, in which you can see how many items are currently in your shopping cart and how high your current purchase value is. Other cookies remain on your computer and enable us to recognize your computer the next time you visit (so-called permanent or cross-session cookies). These cookies in particular are used to make our offer more user-friendly, more effective and safer. Thanks to these files, it is possible, for example, to display information on the site that is specifically tailored to your interests.
If you have a customer account and are logged in or activate the “stay logged in” function, the information stored in cookies is assigned pseudonymized under a cookie ID.
Of course, you can set up your browser so that it does not store our cookies on the hard drive. The help function in the menu bar of most web browsers explains how you can prevent your browser from accepting new cookies, how you can have your browser notify you when you receive a new cookie or how you can delete all cookies that have already been received and for can block all others.
To do this, please proceed as follows:
In Internet Explorer
In the "Tools" menu, select "Internet Options".
Click on the "Data Protection" tab.
Now you can make the security settings for the Internet zone. Here you set whether and which cookies should be accepted or rejected.
Confirm your setting with "OK".
In Firefox:
In the "Tools" menu, select Settings.
Click on "Privacy".
In the drop-down menu, select the entry "Create according to user-defined settings".
Now you can set whether cookies should be accepted, how long you want to keep these cookies and add exceptions, which websites you always or never want to allow cookies to be used.
Confirm your setting with "OK".
In Google Chrome:
Click the Chrome menu on the browser toolbar.
Now select "Settings".
Click on "Show advanced settings".
Under "Privacy" click on "Content Settings".
Under "Cookies" you can make the following settings for cookies:
Delete cookies
Block cookies by default
Delete cookies and website data by default after closing the browser
Allow exceptions for cookies from certain websites or domains
You can use this browser to collect and save data at any time with future effect deactivate.
However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
If these cookies and / or the information they contain are personal data, the legal basis for data processing is Art. 6 Paragraph 1 Letter f) GDPR. Our interest in optimizing our website is to be regarded as justified within the meaning of the aforementioned regulation.
2.4.2. Google Analytics
For the purpose of the needs-based design and continuous optimization of our pages, we use Google Analytics, a web analysis service provided by Google Inc. (“Google”), on the basis of Article 6 (1) (f) GDPR. Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable your use of the website to be analyzed. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this website such as
• browser type / version,
• the operating system used,
• Referrer URL (the previously visited page),
• Host name of the accessing computer (IP address),
• Time of the server request
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out, however, that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=de .
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie will be set which prevents the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found on the Google Analytics website.
2.4.3. Targeting
3.4.3.1. On-site targeting
On our website, cookies are used to collect and evaluate information for the optimization of advertisements. This information contains, for example, information about which products you have viewed on our websites / applications. The collection and evaluation takes place exclusively pseudonymously and does not enable us to identify you. In particular, the information will not be merged with your personal data. Based on the information, we can show you offers on our site that are specifically tailored to your interests, as they result from your previous user behavior.
2.4.3.1.1. Facebook pixel (website custom audience pixel)
We use Facebook Custom Audience technology on this website; This is a tool provided by Facebook that enables us to measure and collect data from our users through the use of cookies, web beacons and similar technologies and thus to make our advertising activities on Facebook more effective, for example by only posting for visitors to our website. We do not pass on any personal data to Facebook. The data collected with the help of this technology is only transmitted to Facebook in encrypted form. Personal data of individual users cannot be viewed by us. Further information on this web technology can be found in Facebook's privacy policy at www.facebook.com/about/privacy . You have the option of deactivating data collection using Custom Audience technology.
2.4.3.2. Re-targeting
We also use re-targeting technologies from external service providers. This enables us to tailor our online offer to be more interesting. In this way, we can target those users with online advertising who are already interested in our shop and our products on the websites of our partners. We know from studies that the display of personalized, interest-based advertising is more interesting for Internet users than advertising that has no such personal reference.
For this purpose, a cookie is set with which interest data is collected using pseudonyms. Based on this information, interest-related advertisements for our offers are displayed on the websites of our partners. No directly personal data is stored and no user profiles are merged with personal data about you. The cookie is stored for a period of 90 years and then automatically deleted.
In this regard, Universal works with the companies Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA), Facebook (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland), Thor GmbH (Dr. Hinterschweigerstrasse 65, 4600 Wels , Austria) and emetriq GmbH (Vorsetzen 35, 20459 Hamburg) together. If you do not want interest-based advertising from Google Inc. or Facebook to be displayed to you, you can use this function on Google here on Facebook here at THOR here and at emetriq here deactivate.
Please note: The objection (opt-out) is held in the form of a cookie. If you delete all cookies on your computer, this opt-out cookie will also be deleted; If you therefore want to continue to object to the anonymous data collection through web tracking, you must set the opt-out cookie again. The opt-out cookie is set per browser and per computer.
Our website uses cookies to enable retargeting campaigns from The Reach Group GmbH (Am Karlsbad 16, 10785 Berlin, Germany). The stored data within the cookie is only an encrypted, pseudonymized user ID. The ad serving technology used uses a shortened and hashed IP address to evaluate the geographic region, the access speed and the Internet provider. In addition, the time of the visit, the IDs of the products that were viewed, searched for or purchased, the URLs of the pages viewed, possible search terms and / or the IDs of the categories called up are stored in order to deliver more relevant advertising content. The storage of IP or browser data takes place exclusively in Germany and for the anonymized creation of visitor statistics and the assignment of transactions. A conclusion about specific persons, the exact address, the whereabouts or further personal data is not possible at any time. There is no explicit transfer of IP data to third parties. All information also has an expiry date of a maximum of 90 days, after which your browser automatically deletes the stored data. You can prevent the storage of cookies by setting your browser software accordingly. You can also prevent the data generated by the cookie and relating to your use of the website from being recorded by activating the opt-out function under the following link: https://www.reachgroup.com/opt-out/
Further information on data protection at The Reach Group GmbH can be found at https://www.reachgroup.com/datenschutz/
Cookies / advertising IDs are used for advertising purposes on our website and app. This enables us to show our advertising to visitors who are interested in our products on partner websites, apps and emails. Retargeting technologies use cookies or advertising IDs and display advertising based on your previous browsing behavior. To opt out of this interest-based advertising, please visit the following websites:
http://www.networkadvertising.org/choices/
http://www.youronlinechoices.com/
We can exchange information such as technical identifiers from your registration information on our website and app or our CRM system with reliable advertising partners. This allows your devices and / or environments to be linked and to offer you a seamless user experience with the devices and environments you use. For more details on these linking capabilities, please refer to the data protection guideline, which you can find on the aforementioned platforms, or the explanations below.
Criteo's privacy policy: http://www.criteo.com/de/privacy
Consent to the use of Criteo retargeting technology
The retargeting technology of Criteo SA, 32 Rue Blanche, 75009 Paris, is integrated into this website. Using this technology, it is possible to show you advertisements for products that you have viewed on this website on third-party sites (publisher sites). For this purpose, Criteo collects information about your usage behavior on this website by using tracking cookies and similar technologies that are placed in your browser or by using advertising IDs in environments that do not support cookies - for example apps. With the help of these technologies, Criteo can analyze trends and identify the interests of individual users with regard to websites and apps. Criteo uses these technologies to identify visitors to their partners' websites and apps. Users identified by Criteo receive a technical ID. At no point does Criteo collect personal data that could be used for identification, such as names or addresses. Criteo only analyzes the products viewed or the search behavior and the pages visited on the website of the partner for whom Criteo delivers advertising. In order to deliver personalized advertising to you and to offer you a seamless online experience, Criteo may synchronize the IDs of the various browsers you use. ("ID Synchronization") Thanks to its ID synchronization technology, Criteo is able to always offer you the most relevant ads - regardless of your browser or device - without Criteo having to collect and process personal data such as names or addresses For this purpose, Criteo uses exact linking methods based on the technical data collected by means of the Criteo technologies used - such as the IDs of our advertising partners or encrypted e-mail addresses that the partners pass on to Criteo. Further information on data protection at Criteo can You under https://www.criteo.com/de/privacy/ see. The legal basis for this data processing is Article 6 Paragraph 1 Letter a) GDPR (consent).
You can use the consent you have given with regard to the use of Criteo technology here withdraw.
2.4.3.3. Advertising partners / third-party cookies
We work with advertising partners to make the online offer on our site even more interesting for you. For this purpose, cookies are also set by our advertising partners when you visit our site (so-called third-party cookies). In the cookies of our advertising partners, information is also stored using pseudonyms about your user behavior and your interests when you visit our site. In some cases, information is also recorded that arose on other pages before visiting our site. This information is used to display interest-related advertisements from our advertising partners. No personal data is stored and no user profiles with personal data are merged about you.
You can prevent our advertising partners from being shown interest-based advertising by setting the appropriate cookie in your browser.
2.4.3.4. Google Adsense
We use Google AdSense on our website. Google AdSense is a service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, for the integration of advertisements. Google AdSense uses so-called "cookies", text files that are stored on your computer and enable an analysis of the use of our website. Google AdSense also uses so-called web beacons. These web beacons enable Google to evaluate information such as the flow of visitors to our site. In addition to your IP address and the recording of the advertising formats displayed, this information is transmitted to Google in the USA, stored there and can be passed on by Google to contractual partners. However, Google does not merge your IP address with other data stored about you. You can prevent the installation of cookies by setting your browser accordingly; however, we would like to point out that in this case you may not be able to use all functions of our website to their full extent. You can use their information at any time contradict here.
You can find more information at: https://policies.google.com/privacy?hl=de
2.4.3.5. Google Adwords
Our website uses the Google Adwords service. Google AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
On the one hand, we use the remarketing function within the Google AdWords service. With the remarketing function, we can present users of our website with advertisements based on their interests on other websites within the Google Display Network (on Google itself, so-called "Google Ads" or on other websites). For this purpose, the interaction of users on our website is analyzed, e.g. which offers the user was interested in, in order to be able to show users targeted advertising on other pages even after visiting our website. For this purpose, Google stores a number in the browsers of users who visit certain Google services or websites in the Google Display Network. The visits of these users are recorded via this number, known as a “cookie”. This number is used to uniquely identify a web browser on a specific computer and not to identify a person, personal data is not stored. The legal basis for this data processing is Article 6 Paragraph 1 Letter f) GDPR.
You can deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: www.google.com/settings/ads/plugin .
You can find more information on Google Remarketing and Google's data protection declaration at: www.google.com/privacy/ads/ .
2.4.3.6. Affilinet
Affilinet GmbH, Sapporobogen 6-8, 80637 Munich places a cookie on a visitor's device for the correct recording of sales and / or leads. This cookie is used by the domain parners.webmaster-plan.com or. banners.webmasterplan.com set. The cookies used by affilinet are accepted in the standard setting of the Internet browser. If you do not want these cookies to be stored, please deactivate the acceptance of cookies for the relevant domains in your Internet browser. affilinet cookies only save the ID of the intermediary partner and the serial number of the advertising material clicked on by the visitor (banner, text link, etc.), which are required for payment processing. When concluding a transaction, the partner ID is used to be able to assign the commission to be paid to the mediating partner. The legal basis for this data processing is Article 6 Paragraph 1 Letter f) GDPR.
Details on data protection can be found at: https://www.affili.net/de/datenschutz
2.4.3.7. Doubleclick by Google
Doubleclick by Google is a service from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). Doubleclick by Google uses cookies to present you with relevant advertisements. A pseudonymous identification number (ID) is assigned to your browser in order to check which advertisements have been displayed in your browser and which advertisements have been viewed. The cookies do not contain any personal information. The use of the DoubleClick cookies only enables Google and its partner websites to place advertisements on the basis of previous visits to our or other websites on the Internet. The information generated by the cookies is transmitted by Google to a server in the USA for evaluation and stored there. A transfer of the data by Google to third parties only takes place on the basis of legal regulations or in the context of order data processing. Under no circumstances will Google combine your data with other data collected by Google.
You can prevent Google from collecting the data generated by the cookies and relating to your use of the website and from processing this data by Google by doing so under the following link Download and install the browser plug-in available under DoubleClick deactivation extension.
You can also prevent interest-based advertising from our advertising partners by setting the appropriate cookie in your browser.
The legal basis for data processing is Art. 6 Paragraph 1 lit. a) GDPR and lit. f) GDPR.
2.4.3.8. Transmission of data to partner companies
2.4.3.8.1. Trial subscriptions from Sovendus GmbH
In order to select a special offer that is currently of interest to you in the region, your salutation, year of birth, country, zip code, (anonymized) hash value of the e-mail address and your IP address are pseudonymized and encrypted by us to Sovendus GmbH, Moltkestr. 11, 76133 Karlsruhe (Sovendus). The IP address is then used by Sovendus exclusively for data security purposes and is usually anonymized after seven days. By clicking on a special offer from Sovendus on baleni.at Your name, your address data and your e-mail address will also be transmitted to Sovendus in encrypted form in order to prepare the personalized request for the special offer from the product provider.
The legal basis for this data processing is Art. 6 Paragraph 1 Letter b), f) GDPR.
For further information on the processing of your data by Sovendus, please refer to the online data protection information at www.sovendus.de/datenschutz .
Voucher offers from Sovendus GmbH
For the selection of a coupon offer that is currently interesting for you, the hash value of your email address and your IP address are pseudonymized and encrypted to Sovendus GmbH, Moltkestr. 11, 76133 Karlsruhe (Sovendus) (Art. 6 Paragraph 1 Letter f) GDPR). The pseudonymised hash value of the e-mail address is used to take into account any possible objection to advertising by Sovendus (Art. 21 Paragraph 3, Art. 6 Paragraph 1 Letter c) GDPR). The IP address is used by Sovendus exclusively for data security purposes and is usually anonymized after seven days (Art. 6 Paragraph 1 Letter f) GDPR). In addition, we transmit pseudonymized order number, order value with currency, session ID, coupon code and time stamp to Sovendus for billing purposes (Art. 6 Paragraph 1 Letter f) GDPR). If you are interested in a voucher offer from Sovendus, there is no advertising objection to your e-mail address and you click on the coupon banner that is only displayed in this case, we will encrypt your salutation, name and your e-mail address to Sovendus Preparation of the voucher transmitted (Art. 6 Paragraph 1 Letter b), f) GDPR). For further information on the processing of your data by Sovendus, please refer to the online data protection information at
2.4.3.11. Prudsys
Your shopping history is used for personal product recommendations. This includes, in particular, items and product categories that you have already looked at, searched for or bought.
We use cookies and the e-mail address in pseudonymised form to record the shopping history. The data is saved in pseudonymous form and processed by prudsys AG, Zwickauer Straße 16, 09112 Chemnitz. It is not possible to draw any conclusions about you personally. We use this data to send you personal product recommendations and thus improve your shopping experience.
You can object to this analysis of surfing behavior at any time. A cookie is set to exclude the analysis of surfing behavior. This objection applies as long as you do not delete the cookie. The cookie is set per browser and computer. Please note that if you opt out in this browser, we will no longer be able to offer you any recommendations tailored to your needs.
2.4.4. Social media plug-ins
We use social plug-ins from the social networks Facebook, Google+ and Twitter on our website on the basis of Article 6 (1) (f) GDPR to make our company better known. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the data protection-compliant operation is to be guaranteed by the respective provider.
The purpose and scope of the data collection and the further processing and use of the data by the respective provider as well as your related rights and setting options to protect your privacy can be found in the respective data protection information of the provider, which we link below.
By logging out of the social network pages beforehand and deleting the cookies that have been set, you can prevent social networks from assigning the information collected about you to your user account on the respective social network during your visit to Universal. If you do not want social networks to assign the data collected via our website directly to your profile, you must log out of the relevant social networks before visiting our website. You can completely prevent the loading of the plugins with add-ons for your browser, e.g. B. with the script blocker "NoScript", to be found under: http://noscript.net .
2.4.4.1. Facebook, Google+ and YouTube
Social plugins from Facebook and Google (Google+ and YouTube) are used on this website. These are offers from the US company Facebook and Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”)).
When you visit a page that contains such a plugin, your browser connects to Facebook or Google and the content is loaded from these pages. Your visit to this website can possibly be tracked by Facebook and Google, even if you are not actively using the social plugin function. If you have an account on Facebook or Google, you can use such a social plugin and share information with your friends. Universal has no influence on the content of the plugins and the transmission of information.
Facebook and Google provide detailed information on the scope, type, purpose and further processing of your data on their websites. Here you will also find further information on your rights and setting options to protect your privacy.
Data protection information from Facebook: https://www.facebook.com/about/privacy .
Data protection information from Google: http://www.google.com/intl/de/policies/privacy .
2.4.4.2. Pinterest
Plugins from the social network Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”) are integrated on this website. You can recognize the Pinterest plug-in by the “Pin it button” on our website.
If you click the Pinterest "Pin it button" while you are logged into your Pinterest account, you can link the content of our pages to your Pinterest profile. This enables Pinterest to assign your visit to our website to your user account. We would like to point out that we have no knowledge of the content of the transmitted data or their use by Pinterest. Further information can be found in Pinterest's privacy policy: http://about.pinterest.com/de/privacy .
2.4.4.3.WhatsApp
A WhatsApp button (WhatsApp share button) is also used on this website. With this button you can share content from Universal via the WhatsApp application on your mobile phone. The button is a hyperlink. When the button appears on this website, no personal data is yet transmitted to the WhatsApp operator or other third parties. As soon as you use the WhatsApp button, the WhatsApp operator learns what content is being shared and that the button has been used on this website. You can find more information on the handling of personal data by the WhatsApp operator in the operator's privacy policy: https://www.whatsapp.com/legal/#Privacy .
2.4.4.4. Instagram
This website also includes plugins from the social network Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA (“Instagram”). You can recognize the Instagram plugin by the “Instagram button” on our website.
If you click the "Instagram button" while you are logged into your Instagram account, you can link the content of our pages to your Instagram profile. This enables Instagram to assign your visit to our website to your user account. We would like to point out that we have no knowledge of the content of the data transmitted or its use by Instagram. Further information can be found in Instagram's privacy policy: http://instagram.com/about/legal/privacy/ .
2.4.5 AKAMAI Analytic Tools
This website uses web analysis techniques from Akamai Technologies, Inc. ("Akamai"). These techniques use "cookies", text files and "beacons", graphic files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookies or beacons about your use of this website, including the IP address and other data from the log files, is transmitted to and stored by Akamai on servers in the United States. Akamai will use this information to evaluate your use of this website, to compile reports on website activity, to provide the website operator with other services relating to website activity and internet usage, including protecting this website from unauthorized access, such as DDoS attacks. Akamai may also pass this data on to third parties if Akamai is obliged to do so for legal reasons or if these third parties process this data on Akamai's behalf. Akamai will not use the data to identify individuals. You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out, however, that in this case you may not be able to use all functions of this website to their full extent. For more information on the terms of use of the log files and Akamai's privacy policy, see https://www.akamai.com/de/de/privacy-policies/ .
2.4.6 Criteo Sponsored Products
Criteo Brand Solutions enables brand manufacturers to bid on product placements in the form of product advertisements at selected positions within the website while a user is visiting the website. Criteo Brand Solutions uses cookies IDs to collect surfing behavior data (e.g. which product categories and product pages are viewed), as well as data relating to the effectiveness of the product advertisements (e.g. which advertisements are viewed and clicked on and which lead to a product purchase). You can object to the data storage and collection of your recorded visitor data at any time. An opt-out cookie is set to exclude advertisements from Criteo Brand Solutions. This objection applies as long as you do not delete the cookie. If you delete your cookies when you use a different web browser or device, you will have to object again. To object, please click here (link to https://www.criteo.com/privacy/)
2.5. Customer account / user account
In order to provide you with the greatest possible comfort, we offer you the permanent storage of your personal data in a password-protected customer account / user account.
The creation of the customer account is basically voluntary and takes place on the basis of your consent within the meaning of Article 6 Paragraph 1 Letter a) GDPR. No further data entry is required after setting up a customer account. In addition, you can view and partially change the data stored about you in your customer account at any time.
It is only necessary to open a customer account to process the contract if you want to place orders via our website / application. In this case, the legal basis for data processing is (additionally) Article 6 Paragraph 1 Letter a) GDPR.
In addition to the data requested when placing an order, you must enter a password of your choice to set up a customer account. This, together with your email address, is used to access your customer account. Please treat your personal access data confidentially and, in particular, do not make them accessible to unauthorized third parties. Please note that you will automatically remain logged in after leaving our website, unless you actively log out. You have the option of having your customer account deleted at any time. Please note, however, that the data that can be viewed in the customer account will not be deleted at the same time once you have ordered from us. The deletion of your data takes place automatically after expiry of the commercial and tax retention obligations applicable to us. The legal basis for this data processing is Art. 6 Paragraph 1 Letter c) GDPR and Art. 6 Paragraph 1 Letter f) GDPR.
2.6. contact
You have the option of contacting us in several ways. By e-mail, by phone, or by post. If you contact us, we will use the personal data that you voluntarily provide to us in this context for the sole purpose of being able to contact you and process your request.
The legal basis for this data processing is Art. 6 Paragraph 1 Letter a), Art. 6 Paragraph 1 Letter b), Art. 6 Paragraph 1 Letter c) GDPR and Art. 6 Paragraph 1 Letter f) GDPR.
2.7. Customer ratings / comments
If users post comments or other contributions balend.at Your IP addresses are left on the basis of our legitimate interests within the meaning of Art. 6 Paragraph. 1 letter f). GDPR saved for 7 days. This is done for our safety if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.).
Users can subscribe to comments with their consent in accordance with Article 6 (1) (a) GDPR and unsubscribe from ongoing comment subscriptions at any time. For the purpose of proving the consent of the user, we save the time of registration along with the IP address of the user. and delete this information when users unsubscribe from the subscription.
2.8. Other user content
You have the option of adding your own content at various points balend.at to publish (e.g. product reviews, comments, etc.). If you submit a comment, a recommendation or a rating on products, brands and styles, we process the personal data that you voluntarily enter as part of the comment or rating. You can post content at balend.at generally publish under a pseudonym and / or your first name and an abbreviated surname.
The legal basis for this data processing (s) is Art. 6 Paragraph 1 Letter a), Art. 6 Paragraph 1 Letter b) and Art. 6 Paragraph 1 Letter f) GDPR.
2.9. Payments
We process your payment information for the purpose of payment processing, e.g. if you have a product and / or a service balend.at acquire or use. Depending on the payment method, we will forward your payment information to third parties (e.g. to your credit card provider for credit card payments).
The legal basis for this data processing is Art. 6 Paragraph 1 Letter a), Art. 6 Paragraph 1 Letter b), GDPR and Art. 6 Paragraph 1 Letter f) GDPR.
2.9.1.Paypal
When paying via PayPal, your payment data will be forwarded to PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" via PayPal. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding whether to provide the respective payment method. The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Address data is included in the calculation of the score values.
For more information on data protection, including the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
2.9.2. Computop
If you decide to pay by credit card, the technical processing is carried out by Computop Wirtschaftsinformatik GmbH, Schwarzenbergstr. 4, 96050 Bamberg. Computop is a PCI DSS certified PSP and a leading service provider for secure payment transactions. Computop meets the PCI security standard: http://de.computop.com/pci-zertifikat.html . The corresponding credit card information is stored and processed exclusively by Computop Wirtschaftsinformatik GmbH.
3. Recipients outside the EU
Your data will only be stored in Germany. With the exception of the processing shown, we do not pass on your data to recipients based outside the European Union or the European Economic Area. The processing mentioned under Universal causes data to be transmitted to the servers of the providers of tracking and targeting technologies commissioned by us. These servers are located in the USA. The data is transmitted on the basis of so-called Standard Contractual Clauses of the EU Commission as well as according to the principles of the so-called Privacy Shield.
4. Your rights
4.1. Rights of those affected, right of appeal
In addition to the right to revoke your consent given to us, you have the following further rights if the respective legal requirements are met:
the right to information about your personal data stored by us (Art. 15 GDPR), in particular you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, request the origin of their data, unless they were collected directly from you;
the right to correct incorrect data or to complete correct data (Art. 16 GDPR),
the right to delete your data stored by us (Art. 17 GDPR), provided that we do not have to comply with any statutory or contractual retention periods or other statutory obligations or rights for further storage,
the right to restrict the processing of your data (Art. 18 GDPR), insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it; the person responsible no longer needs the data, but you need them to assert, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR,
the right to data portability according to Art
the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
Should data subjects suspect that their personal data has been processed by us
violates data protection law or your data protection claims in any other way
have been injured in one way, they have the right to file a complaint with the Austrian
Data protection authority, Barichgasse 40-42, 1030 Vienna, phone: +43 1 521 52-0, email:
dsb@dsb.gv.at , Web: https://www.dsb.gv.at to submit.
You can access the aforementioned rights to which you are entitled vis-à-vis us at www.baleni.at/datenschutz assert. You can exercise the right to data portability under www.baleni.at/datenschutz assert.
4.2. Right to object
Under the conditions of Art. 21 Paragraph 1 GDPR, data processing can be objected to for reasons arising from the particular situation of the person concerned.
The above general right of objection applies to all processing purposes described in this data protection information, which are processed on the basis of Article 6 Paragraph 1 Letter f) GDPR. In contrast to the special right to object to data processing for advertising purposes, according to the GDPR we are only obliged to implement such a general objection if you give us reasons of overriding importance (e.g. a possible danger to life or health).
4.3. Right of withdrawal
If we process data on the basis of your consent, you have the right to revoke your consent at any time. The revocation of the consent does not result in the up to the time of the revocation on the basis of the
Consent given data processing becomes ineffective.