PRIVACY POLICY
1. General
1.1 What is personal data
Personal data is information that discloses or can disclose the user's identity. We adhere to the principle of data avoidance. Therefore, as far as possible, we refrain from collecting personal data.
1.2 Handling of personal data
Personal data is used exclusively to establish the contract, define its content, and implement or process the contractual relationship (Art. 6 (1 b) GDPR).
Beyond that, personal data will only be processed if we have received your consent to do so (Art. 6 (1 a) GDPR) or if it is data whose processing is necessary for our legitimate interests and insofar as the balancing process shows that no overriding interests, fundamental rights or freedoms on your part are opposed (Art. 6 (1 f) GDPR).
We may use order processors to process your personal data, but will not pass on the personal data to third parties beyond this as a matter of principle.
For the processing of payments, the payment data required will be passed on to the credit institution commissioned with the payment and, if applicable, to the commissioned and selected payment service provider.
The processing of your personal data takes place exclusively within the EU, unless otherwise stated below.
1.3 Usage data
When visiting the website, general technical information is collected. This is the IP address used, time, duration of the visit, browser type and, if applicable, the page of origin. This usage data is registered in a log file for technical reasons and can be used and stored for statistical evaluation of this website. This usage data is not linked to your other personal data.
1.4 Duration of storage
We store your personal data after the termination of the purpose for which the data was collected, only as long as this is required by law (especially tax law).
2. Your rights
2.1 Information
You can request information from us about whether we are processing personal data about you. If so, you have a right to be informed about this personal data and receive the further information referred to Art. 15 GDPR.
2.2 Right to rectification
You have the right to rectification of inaccurate personal data concerning you and may request the completion of incomplete personal data in accordance with Art. 16 GDPR.
2.3 Right to erasure
You have the right to demand that we delete the personal data concerning you without undue delay. We are obliged to delete them without delay, in particular, if one of the following reasons applies:
- Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You revoke your consent on which the processing of your data was based and there is no other legal basis for the processing.
- Your data has been processed unlawfully.
The right to erasure does not exist insofar as your personal data is required for the assertion, exercise or defense of our legal claims.
2.4 Right to restriction of processing
You have the right to demand that we restrict the processing of your personal data if
- you dispute the accuracy of the data and we therefore verify the accuracy,
- the processing is unlawful and you refuse the deletion and demand the restriction of use instead
- we no longer need the data, but you need it to assert, exercise or defend legal claims,
- you have objected to the processing of your data and it has not yet been determined whether our legitimate reasons outweigh your reasons.
2.5 Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent or a contract and the processing is carried out by us with the help of automated processes.
2.6 Right of withdrawal
Insofar as the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
2.7 General and right of appeal
The exercise of your above rights is generally free of charge for you. In the event of complaints, you have the right to directly contact the supervisory authority responsible for us, the State Data Protection Officer.
3. Data security
3.1 Data security
Technical and organizational measures secure all data on our website against loss, destruction, access, modification and distribution.
3.2 Sessions and cookies
To operate the website, we use cookies or server-side sessions in which data can be stored. We only use cookies or server-side sessions that are technically necessary for the operation of this website (e.g. spam protection for contact form, shopping cart function) and for which the assessment shows that there are no overriding interests on your part (Art. 6 (1 f) GDPR).
4. Presence on social media platforms
We use the following social media platforms for company presentation and communication (explicit reference is made to the privacy statements and opt-out options linked below).
Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland).
Privacy policy: https://www.facebook.com/about/privacy/
Opt-Out: http://www.youronlinechoices.com
Instagram (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland).
Privacy policy and opt-out: http://instagram.com/about/legal/privacy/
These social media platforms may process personal data outside the EU, we refer in this respect to the above privacy statements of the social media platforms.
The respective social media platforms may create usage profiles from your usage behavior and the resulting interests and actions on your part and store cookies on your computer in which your usage behavior is stored. If you have an account on the respective social media platform and are logged in, your usage behavior may even be stored independently of the device. Your user profile can be used, for example, to place advertisements that presumably correspond to your interests.
We process the personal data exclusively for communicating with you via the social media platform you have chosen and for optimizing our online presence and ensure that no interests on your part are affected here that outweigh this legitimate interest on our part (Art. 6 (1 f ) GDPR). Insofar as you have already given the respective operator of the social media platform effective consent to the corresponding data processing, the processing of your personal data will also be based on this consent (Art. 6 (1 a) GDPR).
5. Social media links
We have our own social media pages on third-party sites that can be reached via links from this website. Using the links will take you to the respective websites of the third-party providers (e.g. Facebook, Twitter, Instagram). To avoid unnecessary data transfer, we recommend that you log out of the respective third-party provider before using a corresponding link, so that usage profiles cannot be created by the third-party provider simply by using the link.
6. Adobe Fonts
We use so-called web fonts (typefaces) from Adobe Fonts (operated by Adobe Inc., 345 Park Avenue, San Jose, California 95110-2704, USA; responsible for the European area is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West Business Campus, Saggart, Dublin 24, Ireland) to be able to display a uniform font on our website. These are automatically stored in your browser cache when you call up one of our pages to enable the desired display. If your browser does not support the web fonts used, a standard font of your computer may be used. In this case, no user interests are affected that outweigh this technical necessity (Art. 6 (1 f) GDPR). You can view the Adobe Fonts privacy policy here: https://www.adobe.com/de/privacy.html
7. Contacting
To contact us regarding data protection, you are welcome to use the following contact options. Responsible party within the meaning of the GDPR:
Olympia Business Center S.à r.l.
Rue Gabriel Lippmann 33
5365 Munsbach
Luxembourg
E-mail: info@obc-muc.de
Phone: +49 89-4142489-0