Data protection

1. Data protection

The operators of these sites take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. This data protection declaration explains what data we collect and what we use it for. Sie erlIt also explains how and for what purpose this happens.

We would like to point out that data transmission over the Internet (e.g. when communicating via email) can have security gaps. Complete protection of data from access by third parties is not possible.

Note on the responsible company
The responsible company for data processing on this website is:

RLT Trade GmbH
Rippoldsauer Strasse 16
70372 Stuttgart
Germany
Phone: +49 (0)711 490 948 99
E-Mail: customer@my-gloss.com
Managing Director: Randolf Lehmann-Tolkmitt

The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. All you need to do is send us an informal email. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the responsible supervisory authority
In the event of data protection violations, the person affected has the right to lodge a complaint with the responsible supervisory authority. The responsible supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability
You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the data to be transferred directly to another person responsible, this will only be done if it is technically feasible.

SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses an SSL or. TLS encryption. You can recognize an encrypted connection by the browser address line changing from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right to free information at any time about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correct, block or delete this data. You can contact us at any time at the address given in the legal notice for this purpose or for further questions on the subject of personal data.

Objection to advertising emails
The use of contact details published as part of the imprint obligation to send unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, such as spam emails.

2. Data collection on our website

Cookies
Some of the websites use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and that your browser saves.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are necessary to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies in order to provide its services in a technically error-free and optimized manner. If other cookies (e.g. cookies to analyze your surfing behavior) are stored, these will be used
treated separately in this data protection declaration.

External hosting
This website is hosted by an external service provider (hoster).
The personal data collected on this website is stored on the host’s servers. This can be include IP addresses, contact requests, meta and communication data, contact details, names, website access and other data generated via a website.

The host is used for the purpose of fulfilling the contract with our potential and existing members (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offering by a professional provider (Art. 6 Para . 1 lit. f GDPR).

Our hoster will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data.

We use the following host:
Host Europe GmbH
Friesenplatz 4
50672 Köln
Germany

Conclusion of a contract for order processing
In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our host.

Access data/server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Name of the page accessed
  • Browser type and browser version
  • operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Date and time of the server request
  • IP address
  • Name of the file retrieved and amount of data transferred

This data will not be merged with other data sources.

The basis for data processing is Article 6 Paragraph 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.

Contact
When contacting the provider (e.g. via contact form or email), the user’s information is stored for the purpose of processing the request and in the event that follow-up questions arise. This data will not be passed on without your consent.

The processing of your data that you transmit when you contact us is based on your consent (Art. 6 Para. 1 lit. a GDPR). Your consent can be revoked at any time. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.

As long as there is no request to delete data, consent to storage is revoked or the purpose for data storage no longer applies, the data transmitted when contacting us will remain with us. Statutory retention periods remain unaffected.

Purpose, legal basis and duration of processing personal data
When processing orders, we collect the following data in addition to the server log files: first and last name, address, email address, ordered products, payment details. The legal basis for processing is Art. 6 (1) b) GDPR in order to fulfill the purchase of goods to be concluded with you. If the data is used for accounting purposes, it will be deleted after 10 years or 6 years (Section 147 of the Tax Code, Section 257 of the Commercial Code). When you log in to your customer account, we also collect: customer name, email. As part of processing the order, we collect the following data: billing and delivery information, i.e. first and last name, billing address, delivery address, email, payment information. You have the option to choose between different payment methods:

a. It is possible to process the payment process using the Paypal payment service. PayPal allows you to make online payments to third parties. The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg. If you choose PayPal as your payment method, your data required for the payment process will be automatically transmitted to PayPal. In addition to the server log files, this regularly included the following data: first and last name, email, payment amount, payment recipient. The purpose of this transmission is to pay for the shopping cart and to check identity and creditworthiness. PayPal may also pass on your data to third parties if this is necessary to fulfill its contractual obligations. For this purpose, Paypal has taken specific measures to ensure the protection of your personal data. In particular, when transferring your personal data within companies affiliated with PayPal, the binding corporate rules approved by the relevant supervisory authorities apply. You can view PayPal’s data protection regulations at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full/ . he legal basis for data processing is Art. 6 Para. 1 b) GDPR.

b. It is possible to process the payment process using a credit card. Processing is carried out via the payment service provider Stripe Payments, to whom we pass on the information you provided during the ordering process, along with the information about your order (first and last name, address, credit card number, verification number, invoice amount, currency and, if applicable, transaction number). Your data will be passed on to pay the purchase price and for the purpose of processing payments with Stripe Payments. Further information about Stripe’s data protection can be found at the URL https://stripe.com/de/privacy#translation. he legal basis for data processing is Art. 6 Para. 1 b) GDPR.

When you use the protected customer area, we process the following data in addition to the server log files: Email address. If product purchases are made, in addition to the data in server log files, we also process the following data: pre- and cash-on-delivery, delivery and billing address, email address, ordered products including purchase prices, payment data including the payment method used. The legal basis for this processing is the user relationship concluded with you in accordance with Art. 6 (1) b) GDPR. We process your personal data from the protected customer area for as long as you have a customer profile with us. You can unsubscribe by sending us an email to info@my-gloss.com. From the receipt of the email, we will delete your personal data relating to your user profile within fourteen (14) days. The data from product purchases, to the extent that they are used for accounting purposes, will be deleted after 10 years or 6 years (Section 147 of the Tax Code, Section 257 of the Commercial Code).

3. Plugins and tools

Googlefonts
This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.

For more information about Google Web Fonts, see
https://developers.google.com/fonts/faq
and in Google’s privacy policy:
https://policies.google.com/privacy?hl=de.