Data Protection

It is very important for us to ensure the protection of your personal information when you use our services. That’s why your privacy connected to the use of our website is processed and stored with utmost care. The following section sets out to explain how we process and use the personal data you leave and/or provide when you visit our website and use our services.

1. THE COLLECTION OF PERSONAL DATA

Your personal data is collected when you:

  •   Use our website or app
  •   Make a purchase in the online store
  •   Create a client account
  •   Sign up for our newsletter
  •   Participate in a competition
  •   Actively engage with the website in another way
  •   Apply for a job

1.1 Website / Online Store / APP

You will transfer certain information (e.g. your IP address) to us when you access our website or applications. We will also receive data about which terminal device (computer, smartphone, tablet, etc.) you are using, which browser (Chrome, Firefox, Safari, etc.) you are using, the time at which you access the website.

When you access our website the aforementioned data will be automatically stored in log files. A log file automatically logs all or defined actions on a computer system. Such log files are important, for example, for process control and automation. In the case of databases a log file tracks changes to the database of correctly executed transactions. In the event of an error (e.g. a system crash), this allows the current dataset to be restored.

This ananymous data is processed for statistical purposes only. Such analyses help us make our services more attractive and, if necessary, to improve our services.

1.1.2 User profile

You can set up an account with our login system. After you have registered, you can use your user account to register for all services.

1.2.1 Login

To create a user account through our login system we need your first and last name, your e-mail address and a password for your security.

1.2.2 Adding information to your user profile

After registering, you can add more information to your profile (e.g. a profile photo or gender). If you do so, you will provide us with personal data.

1.2.3 Enabling access rights to your device

For you to be able to use our application to the full extent, we will need certain access rights to your smartphone. For example, we need access to your camera or your photos if you upload a profile image or want to change a profile picture. We use push messages to send you reminders or to notify you of movements or new followers. When you want to use such a function for the first time, we will ask you whether you grant us such access rights or we will ask you to grant us access by selecting the appropriate settings. Generally, you may revoke such access rights at any time by changing the appropriate settings.

1.3 Newsletter

You can register for our newsletter. This way you will receive regular updates about our services as well as information on topics related to gift giving and environmental protection. All we need is a valid e-mail address. If you are no longer interested in receiving the newsletter, you may unsubscribe at any time using the link that is included in each newsletter.

1.4 Other possible instances of data collection

Collection of data also happens, when you contact us or other users, when you open your user account, sign up for a subscription, upload a profile photo, or use our services to send messages.

1.4 Job Applications

When you apply to a job, the personal data contained in your application will be collected and processed for the purposes of managing our recruitment related activities, which includes setting up and conducting interviews and evaluating and assessing the results. In the event of a rejection, your personal data will be deleted after 12 months.

1.5 Data transfer

When submitting your data on our website, it will always be stated whether the submission is voluntary or necessary for completing the desired action, such as completing a transaction at our online store.


We collect, process and use three types of data:

  •   Data you provide to us voluntarily (e.g. with an order)
  •    Data we receive when you use our services (e.g. the calculated CO2 savings when using our APP), and
  •    Data we receive from third parties (e.g. through a login with Facebook)

2. THE USE OF PERSONAL DATA

We keep statistics about our users’ use of our website and which products our users prefer in order to continually improve the website. This data does not contain personal data. We do not sell or disclose information about how our users navigate and use our website, neither information about your purchase history to third parties.

The term “personal data” is defined by the Federal Data Protection Act (BDSG) and the European General Data Protection Regulation (GDPR). You can think of your personal data as any data that allow you to be identified or that can be correlated to you.

On the other hand, “non-personal” data cannot be correlated to any specific person. By removing identifiable parts from and anonymizing personal data, personal data may be converted into “non-personal data.”


The personal data we collect is used to:

  •   administer, operate, maintain, and improve the website and our applications
  •   customize your experience in relation to our website or our applications (e.g. by tailoring content and offers to your personal preferences)
  •   support the improvement and customization of our services
  •   allow and process orders for services placed by you through the website or applications
  •   assess your right to receive certain types of offers or services
  •   analyze and research customer behavior
  •   collect customer reviews
  •   enable registrations for our newsletter
  •   provide you with information about services that may be of interest to you
  •   communicate with you about certain concerns
  •   manage awards, surveys, winning games, lotteries, or other promotional activities or events
  •   send invitations to events and discount codes
  •   respond to your questions and inquiries
  •   comply with our legal obligations to prevent any unlawful use of the website or applications, to protect the security of our service, to detect and prevent fraud or abuse, to settle disputes, and to enforce our contracts
  •   for any other purposes to which you have consented in a particular case, or otherwise as permitted by applicable law

Please note that we will only use your personal data to send marketing material if you have given your consent.

3. TRANSFERRING DATA TO OTHER CONTROLLERS

In general, we do not transfer your personal data to third parties without your consent. However, information used for delivery of goods will be transferred to the shipping company we use.

Under specific circumstances and with reference to legislation, it might be necessary to transfer information to public authorities or the police. For example, information may be disclosed to the police in case of suspicion of credit card fraud.

In the case of a re-organization, full or partial sale of the company, any disclosure in such connection will be in accordance with current legislation for the processing of personal data.

4. DISCLOSING DATA TO DATA PROCESSORS

Your personal data is disclosed to our partners who deliver services on behalf of us, for example in relation to sending out newsletters. These partners only process the personal data on behalf of us and in accordance with our high security standards.

5. DATA PROCESSING – third-party services and partners

To be able to offer you all functions and services of our applications in the most convenient way possible and to be able to continuously improve our services, we use third-party services and partners. Please also read the data privacy policies of such third-party providers.

Your personal data will be transferred to third parties only if the data transfer is necessary for performance of the contract, if you have consented to the transfer of your data or if we have a legal obligation to do so. In such cases, the extent to which data are transferred will however be kept to the absolute minimum.

Below is the description of the third-party services we use and for what purposes:

5.1 Google

We use a number of different Google services (Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043, U.S.A. – hereinafter “Google”) for analysis and marketing purposes. These tools collect and statistically analyze data about your use of our services in different ways. We also use your data to show you personalized ads with the help of Google services.

Information generated by Google tools is generally transferred to a server of Google in the United States and stored there. Google and its subsidiaries are EU-US Privacy-Shield certified.

Additional information about how Google handles data transmitted by us is available here.

Additional information about how Google uses cookies is available in the privacy policy of Google.

By using our website or services, you consent that we may use your data for these purposes.

5.1.1 Google Analytics

Our applications and our website use Google Analytics, a web analysis program of Google. Google Analytics uses cookies that are stored on your terminal device and allows an analysis of your use. We activate IP address anonymization so that IP addresses will first be truncated by Google within the European Union. On our behalf Google uses such information to analyze your use of our services as well as the use of our services by other users, and provides us with reports and other services. The IP address transmitted from your terminal device to Google Analytics will not be merged with any other data of Google. Google will transfer your data to third parties only if permitted by applicable law or in accordance with outsourced data processing agreements.

You can prevent the collection and processing of information generated by the Google cookie by placing an opt-out cookie or deactivating Google Analytics in the menu of your terminal device. In the alternative, you can also install a browser plug-in, which you will find here.

5.1 Social Plug-ins

We use the following social plug-ins for our website:

  • Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, U.S.A.)
  • Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, U.S.A.)

These plug-ins routinely collect data from you and transfer such data to servers of the provider. Once activated, social plug-ins will place a cookie with a clear ID when the relevant website is accessed. This also allows providers to create profiles of your user behavior. Such a cookie is placed whether or not you are a member of the social network. If you are a member of a social network and are logged in when you visit our website or when you use our applications, data and information about your visit to our website or your use of an application may be linked to your profile on the social network.

Please note that we have no control over the exact extent to which your data will be collected by social network providers. For more information about the extent, type, and purpose of data processing and about rights and settings to protect your privacy, please refer to the data privacy policy of the relevant social network provider. These are available at the following addresses:

https://www.facebook.com/policy.php
https://de.about.pinterest.com/privacy/

5.1.1 Facebook Connect

We use Facebook Connect, so that you can register and log in with us using your Facebook account super easy and fast.

If you use Facebook Connect, Facebook profile data and public data from your Facebook profile will be transferred to us. Conversely, data may be transferred from us to your Facebook profile. Such data is used by us to register you on our website or for our applications or to allow you to log in. For this purpose we also store and process such data.

By registering on our website or for an application with the help of Facebook Connect you consent that your profile data from your Facebook profile may be transferred to us and, conversely, that we may transfer data to Facebook.

Please also note that Facebook receives information through Facebook Connect about how you use our applications and our website. For information about the purpose and extent of data processing, the further processing and use of data by Facebook, and your rights and setting options to protect your privacy, please refer to the privacy policy of Facebook.

5.1.2 Pinterest

On our website we use the “Pin it” button plug-in of Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, U.S.A.). When you visit our website this plug-in establishes a direct connection between your browser and the Pinterest server. This tells Pinterest that you have visited our website with your IP address. If you are logged into Pinterest during your visit, you can share content on Pinterest by clicking on the “Pin it” button. This way, Pinterest can also correlate your visit to our website to your Pinterest user account.

Again, please note that as a website provider, we do not know the content of transferred data or how such data is used by Pinterest, nor do we have any control over this process. You will find the privacy policy of Pinterest here.

You can change the settings for the storage of your data here You can do so whether or not you are a Pinterest user.

As we use the services of the Canadian platform Shopify when you shop at our website, your personal data is transferred to Canada. As a Canadian organization, Shopify handles your personal data according to the Personal Information Protection and Electronic Documents Act (PIPEDA), which means they handle your personal data according to the highest security standards.

We use the services of MailChimp, located in the USA. As an American organization, MailChimp handles your personal data according to the EU-U.S Privacy Shield Framework, which means they also handle your data according to the highest international standards. The Commission has decided that the level of protection is sufficient in both countries.

You can read more about secure third countries here.

6. THE USE OF COOKIES

We use cookies on our website. You can read more about the use of cookies in our Cookie Policy.

7. LINKS TO OTHER WEBSITES

Our website may contain links to other websites or to integrated sites. We are not responsible for the content of the websites of other companies or for the practices of such companies regarding the collection of personal data. When you visit other websites, you should read the owners’ policies on the protection of personal data and other relevant policies.

8. YOUR SECURITY

We strive to protect your information the best way possible, which is why we have implemented security measures to ensure that our internal procedures meet our high security policy standards – for instance by using Secure Socket Layers (SSL), TLS encryption, HTTPS and PSD2. Accordingly, we strive to protect the quality and integrity of your personal data.

Please make sure not to provide your login details to third parties.

9. DELETING YOUR PERSONAL DATA

We will delete your personal data when we no longer need to process them in relation to one or more of the purposes set out in section 2. However, the data may be processed and stored for a longer period in anonymized form.

10. YOUR RIGHTS

You are entitled to be informed of the personal data we process about you at any time. You also have the right to object to the collection and further processing of your personal data including profiling/automated decision-making. Furthermore, you have the right to have your personal data rectified, erased or blocked. Moreover, you have the right to receive information about you that you have provided to us, and the right to have this information transmitted to another data controller (data portability).

Overview of the rights according to the GDPR

According to the guidelines of the GDPR, you have the right to:

  •   request information on personal data processed by us about you as provided (§ 15 DSGVO)
  •   immediately demand the correction of incorrect data or completion of incomplete personal data stored with us (§ 16 DSGVO)
  •   request deletion of your personal data stored by us, unless the processing of the data is required for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims (§ 17 DSGVO)
  •   request the restriction of the processing of your personal data as far as the accuracy of the data is disputed by you or the processing is unlawful (§ 18 DSGVO)
  •   receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another controller (§ 20 DSGVO)
  •   revoke at any time your consent previously granted to us. As a result, we will be no longer able to continue the data processing based on this consent for the future(§ 7 (3) DSGVO)
  •   lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters for this purpose (§ 77 DSGVO)
  •   also, if your personal data is processed based on legitimate interests in accordance with Art. 6 (1) (f) GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons based on your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which shall be implemented by us without you specifying any particular situation.

11. THE AMENDMENT OR DELETION OF DATA

If you want us to update, amend or delete the personal data that we have recorded about you, wish to get access to the data being processed about you, or if you have any questions concerning the above guidelines, please contact us at .

12. WITHDRAWAL OF CONSENT

You may, at any time, withdraw any consent you have given and we will delete your personal data, unless we can continue the processing based on another purpose. If you wish to withdraw your consent, please contact us at .

13. Changes to this Privacy Policy

We may need to make changes to this Privacy Policy, for example if we add new functions or services to the application. We will however notify you of any changes and ask that you read and accept such changes before they are implemented by us.

14. CONCLUSION

By using any of our services, you hereby warrant and represent that (i) you have read, understand and agree to this Privacy Policy, (ii) that you are over 16 years of age (or are a parent or guardian with such authority to agree to this Privacy Policy for the benefit of an individual who is under 16 years of age). If you do not accept the terms set forth in this Privacy Policy and the consents associated therewith, please do not use our services.


Status of the data protection declaration: January 2023