Data protectionPrivacy policy
Data Controller:Yelyzaveta Ponomarenko
Sodentalstrasse 45
63834 Sulzbach am Main (Soden)
Germany
Email:
infomindlyclass@gmail.comThank you for visiting our online shop and website. We take your privacy seriously and are committed to protecting your personal information. Below, we provide detailed information on how we manage and process your data.
1. Access Data and HostingYou can browse our website without providing any personal information. Each visit to the site results in the web server automatically storing a server log file, which includes details such as the requested file name, your IP address, the date and time of the request, the amount of data transferred, and the requesting provider (access data). This data is collected solely to ensure the website operates smoothly and to enhance our services. This processing is based on Art. 6 (1) (f) GDPR, which protects our legitimate interest in presenting our services effectively. All access data is deleted no later than seven days after your visit to our website.
2. Data Collection and Use for Contract Processing and Customer Account Creation2.1 Use of Data for Contract ExecutionTo process your contract in accordance with Art. 6 (1) (b) GDPR, we collect personal data that you voluntarily provide during your order. Mandatory fields are clearly marked, as we need this information to complete your order. Without these details, we cannot fulfill your order. The specific data collected can be seen on the relevant input forms.
Further information regarding how your data is processed, including its transfer to our service providers for order, payment, and delivery processing, is detailed in other sections of this privacy policy. Once the contract is fully processed, your data will be restricted from further processing and deleted after the statutory retention periods under tax and commercial law, in accordance with Art. 6 (1) (c) GDPR. If you have expressly consented to further use of your data as per Art. 6 (1) (a) GDPR, or if we are legally permitted to retain your data beyond this, we will inform you accordingly in this declaration.
Inventory Management SoftwareWe utilize inventory management software from external service providers to handle orders and contracts. These providers operate on our behalf as part of our order processing framework. If you have questions about our service providers and our cooperation with them, please use the contact options provided in this privacy policy.
Our service providers may be located in or use servers in countries outside the EU and EEA. Since there is no European Commission adequacy decision for these countries, our cooperation is governed by standard data protection clauses adopted by the European Commission.
2.2 Customer AccountIf you consent to this in accordance with Art. 6 (1) (a) GDPR by choosing to open a customer account, we will use your data to create and manage your account and to store your information for future orders on our website. You can delete your customer account at any time by either sending a request to the contact options provided in this privacy policy or using the deletion feature available in your account settings. Once your customer account is deleted, your data will be removed unless you have given explicit consent for further use under Art. 6 (1) (a) GDPR, or if we retain the data in accordance with applicable laws, as outlined in this declaration.
2.3 Contacting Yelyzaveta PonomarenkoWhen you contact us, such as through a contact form or email, we collect personal data to handle your inquiries as per Art. 6 (1) (b) GDPR, provided you voluntarily give us this information. Mandatory fields are marked because we need this data to process your contact. The specific data collected can be seen on the respective forms. After your inquiry has been fully addressed, your data will be deleted unless you have given explicit consent for further use under Art. 6 (1) (a) GDPR, or if we are permitted by law to retain and use your data beyond this, as described in this privacy policy.
3. Use of Data for Processing ShipmentsTo fulfill the contract in accordance with Art. 6 (1) (b) GDPR, we share your data with the shipping service provider responsible for delivering the ordered goods, as necessary for the delivery process.
Data Transfer for Shipping NotificationsIf you have given explicit consent during or after your order in accordance with Art. 6 (1) (a) GDPR, we will provide your email address and phone number to the selected shipping service provider. This allows them to contact you for delivery notifications or coordination before the delivery. You can withdraw your consent at any time by contacting us through the options provided in this privacy policy or by reaching out directly to the shipping service provider using the contact details below. Upon revocation, we will delete the data provided for this purpose, unless you have given explicit consent for further use or we are legally permitted to retain and use your data beyond this, as outlined in this declaration.
DHL Paket GmbH
Sträßchensweg 10
53113 Bonn
Germany
4. Use of Data for Processing PaymentsWe collaborate with various partners for payment processing in our online shop, including technical service providers, credit institutions, and payment service providers.
4.1 Data Use for Processing TransactionsDepending on the payment method you choose, we share the necessary data with our technical service providers, credit institutions, or the selected payment service provider to process the payment transaction. This is in accordance with Art. 6 (1) (b) GDPR to fulfill the contract. In some cases, payment service providers collect the required data themselves, either on their own website or through technical integration into the ordering process. The privacy policy of the respective payment service provider will apply in these cases. For any questions about our payment processing partners and our collaboration with them, please use the contact options provided in this privacy policy.
4.2 Data Use for Fraud Prevention and Payment Process OptimizationIf applicable, we provide additional data to our service providers, which they use along with the data necessary for payment processing to prevent fraud and optimize our payment processes (e.g., invoicing, handling disputed payments, and accounting support). According to Art. 6 (1) (f) GDPR, this processing protects our legitimate interests in preventing fraud and managing payments efficiently, which outweighs our interests in balancing the process.
5. Email and Messenger Advertising5.1 Email Newsletter SubscriptionWhen you subscribe to our newsletter, we will use the data you provide to send you regular updates via email, based on your consent as per Art. 6 (1) (a) GDPR. You can unsubscribe at any time by either contacting us through the details provided below or using the unsubscribe link in the newsletter. Once you unsubscribe, we will remove your email address from our list, unless you have consented to further use of your data under Art. 6 (1) (a) GDPR or if we retain it in accordance with applicable laws, as explained in this privacy policy.
5.2 Email Offers Without Subscription and Your Right to ObjectIf we have your email address from a purchase you made and you have not opted out, we may, in accordance with Section 7 (3) of the German Unfair Competition Act (UWG), send you email offers for similar products to those you have purchased. This is based on our legitimate interest in marketing our products to customers, which we believe outweighs any privacy concerns.
You can opt out of receiving these offers at any time by contacting us using the details provided in this privacy policy or by using the opt-out link in the promotional emails. This will not incur any costs other than the standard transmission costs.
5.3 Newsletter DistributionOur newsletter may be sent by third-party service providers acting on our behalf. If you have questions about these service providers and our collaboration with them, please use the contact details provided in this privacy policy.
Some of our service providers may be located in or use servers in the USA. Since there is no European Commission adequacy decision for the USA, our collaboration with these providers is based on standard data protection clauses adopted by the European Commission.
5.4 Sending Rating Requests via EmailIf you have given us explicit consent to do so during or after your order, as per Art. 6 (1) sentence 1 lit. a GDPR, we will use your email address to request a rating for your order through our rating system. You can withdraw this consent at any time by contacting us through the details provided in this data protection notice or by using the unsubscribe link included in the rating request.
Rating requests may also be sent through our service provider, Trusted Shops GmbH, located at Subbelrather Str. 15C, 50823 Cologne (Trusted Shops).
We receive information about the status of your rating from Trusted Shops, such as whether the rating request was sent and received. This is done in accordance with Art. 6 (1) sentence 1 lit. f GDPR, to fulfill our legitimate interest in monitoring the status of rating invitations for potential improvements and to support Trusted Shops' legitimate interest in providing their service.
We share responsibility with Trusted Shops for sending rating requests and handling rating or status information.
For any inquiries related to this joint responsibility, please contact Trusted Shops GmbH using their contact details provided
here. Additional information about data protection can be found at the following
link. You may also reach out to us directly using the contact information provided in this data protection notice. If needed, your inquiry will be forwarded to the relevant party for a response.
5.5. Using Messenger Telegram.On our website we use integration with the messaging service Telegram. Link to its data protection policy - https://telegram.org/privacy/de?setln=en.
To its terms of use - https://telegram.org/tos/de
Nutzerleitlinie for the EU-Gesetz on digital technologies - https://telegram.org/tos/eu-dsa
6. Cookies and Other TechnologiesGeneral InformationTo enhance your experience on our website and enable certain features, we use technologies such as cookies on various pages. Cookies are small text files stored on your device. Some cookies are deleted when you close your browser (session cookies), while others remain on your device to recognize your browser on future visits (persistent cookies).
We use essential technologies for specific website functions (e.g., shopping cart). These cookies collect data like IP address, visit time, device and browser details, and usage information (e.g., shopping basket contents). This processing is justified by our legitimate interest in optimizing our services per Art. 6 para. 1 p. 1 lit. f GDPR.
Additionally, we use technologies to meet legal obligations (e.g., verifying consent to process personal data) and for web analytics and online marketing. Details on the legal basis for this data processing are in other sections of this privacy policy.
You can manage your cookie settings using these links:
Microsoft Edge™ /
Safari™ /
Chrome™ /
Firefox™ /
Opera™.
If you have consented to these technologies under Art. 6 para. 1 p. 1 lit. a GDPR, you can withdraw your consent anytime by contacting us via the details provided in the privacy policy.
7. Use of Cookies and Other Technologies for Web Analysis and AdvertisingIf you have consented in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, we utilize cookies and other technologies from third-party providers on our website for web analysis and advertising. Data collected through these technologies will be deleted once the purpose has been fulfilled and the technology is no longer in use. You can withdraw your consent at any time with future effect. Details on how to revoke your consent are provided in the "Cookies and other technologies" section. For more information about our partnerships with individual providers, please refer to the specific technologies mentioned below. If you have questions regarding these providers or our agreements with them, please use the contact information provided in this privacy policy.
7.1 Use of Google Services for Web Analysis and AdvertisingWe use Google technologies provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Data collected automatically by Google about your use of our website is typically sent to and stored on servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. There is no adequacy decision by the European Commission for the USA. Our collaboration with Google is based on standard data protection clauses approved by the European Commission. If your IP address is collected, it will be anonymized before storage on Google’s servers. In exceptional cases, the full IP address may be sent to Google’s servers and then anonymized. Unless specified otherwise for individual technologies, data processing is governed by an agreement between jointly responsible parties under Art. 26 GDPR. For further details on Google’s data processing, refer to
Google’s privacy policy.
Google AnalyticsTo analyze website usage, Google Analytics collects and stores data automatically (e.g., IP address, visit time, device and browser information, and usage details). This data is used to create pseudonymized usage profiles and may involve cookies. Generally, your IP address is not merged with other Google data. Data processing is conducted under an order processing agreement with Google.
To enhance marketing effectiveness, we have enabled data sharing with "Google products and services." This allows Google to access data collected by Google Analytics and use it to improve Google services. Data sharing under this setting is governed by an additional agreement between data controllers, and we do not control subsequent data processing by Google.
We also use the user ID function to assign a unique, permanent ID to your interaction data across one or more sessions on our online sites, enabling us to analyze your behavior across different devices and sessions.
For web analysis and advertising, the DoubleClick cookie, a Google Analytics extension, allows us to recognize your browser when you visit other websites. Google uses this information to generate reports on website activity and provide related services.
Google AdsTo serve targeted ads in Google search results and on third-party websites, we use the Google Remarketing Cookie when you visit our site. This cookie collects data (IP address, visit time, device and browser details, and website usage) to enable interest-based advertising through a pseudonymous CookieID based on the pages you visit. Further data processing occurs only if you have enabled "personalized advertising" in your Google account. If you’re logged into Google while visiting our site, Google may combine your data with Google Analytics information to create cross-device remarketing lists.
For analyzing website performance and tracking events, we use Google Ads Conversion Tracking to measure your behavior after visiting our site via a Google ad. This involves using cookies and collecting data (IP address, visit time, device and browser information, and interactions with specified events like website visits or newsletter subscriptions) to create pseudonymous usage profiles.
Google MapsGoogle Maps collects data, including IP address and location details, to display geographical information. This data is transmitted to and processed by Google. We do not control this data processing.
Google reCAPTCHATo prevent misuse of our web forms by automated software (bots), Google reCAPTCHA gathers data (IP address, visit time, browser information, and website usage) through JavaScript and cookies. It also evaluates cookies set by other Google services. Personal data from form input fields is not accessed or stored.
Google FontsTo ensure consistent content presentation on our website, Google Fonts collects data (IP address, visit time, device and browser details) via script code, which is then processed by Google. We have no control over this subsequent data processing.
YouTube Video PluginWhen integrating YouTube content, data (IP address, visit time, device and browser information) is collected via the YouTube video plugin in extended data protection mode. This data is transmitted to Google and processed by Google only if you play a video.
7.2 Use of Facebook Services for Web Analysis and AdvertisingUse of Facebook PixelWe utilize the Facebook Pixel technology from
Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland ("Facebook"). The Facebook Pixel automatically collects and stores data, including your IP address, visit time, device and browser information, and details about your interactions with our website (such as page visits or newsletter subscriptions). This data is used to create pseudonymous usage profiles. Additionally, through extended data matching, Facebook collects and stores hashed personal identifiers (like names, email addresses, and phone numbers) for matching purposes.
When you visit our site, the Facebook Pixel sets a cookie that assigns a pseudonymous CookieID to recognize your browser on other websites. Facebook then combines this information with data from your Facebook account to generate reports on website activity and to provide related services, particularly for personalized and targeted advertising.
Data collected by Facebook is typically transmitted to and stored on servers of Facebook, Inc., 1601 Willow Road, Menlo Park, California 94025, USA. Since there is no European Commission adequacy decision for the USA, our cooperation with Facebook is based on standard data protection clauses approved by the European Commission. For more details on how Facebook processes data, refer to
Facebook's privacy policy.Facebook AnalyticsUsing Facebook Analytics, we generate statistics about visitor activity on our website based on data collected by the Facebook Pixel. This data processing is done under an order processing agreement with Facebook and helps us optimize the presentation and marketing of our site.
Facebook AdsWe use Facebook Ads to promote our website both on Facebook and across other platforms. While we set the parameters for each advertising campaign, Facebook handles the precise implementation, including the placement of ads to individual users. Unless specified otherwise for individual technologies, data processing is conducted based on an agreement between joint controllers under Art. 26 GDPR. Our joint responsibility with Facebook is limited to data collection and transmission to Facebook Ireland; subsequent data processing by Facebook Ireland is not included.
Based on visitor statistics generated by the Facebook Pixel, we run group-based advertising on Facebook through Facebook
Custom Audiences, defining target groups based on their characteristics. Facebook acts as our processor for extended data matching in this context.
Using the pseudonymous CookieID set by the Facebook Pixel, we also engage in personalized advertising through Facebook Pixel
Remarketing.With Facebook Pixel Conversions, we track your behavior after you reach our site via a Facebook ad for web analytics and event tracking. This data processing is carried out under an order processing agreement with Facebook.
7.3. Use of TikTok Services for Web Analysis and AdvertisingWe use the TikTok Pixel on our website, a tool provided by:
- TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and
- TikTok Information Technologies UK Limited, WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom (collectively referred to as “TikTok”).
The TikTok Pixel is a JavaScript code snippet that helps us track and analyze visitor activity on our site. It collects and processes information about user interactions with our website and the devices used (referred to as event data).
The data gathered by the TikTok Pixel is utilized to optimize our ad targeting, enhance ad delivery, and deliver personalized advertising. This event data is transmitted to TikTok to improve the relevance of the ads you see.
The TikTok Pixel uses cookies to store information on your device. The storage or retrieval of this information only occurs with your consent. The legal basis for collecting and transmitting personal data to TikTok is Article 6 (1) (a) GDPR. You can withdraw your consent at any time through our consent management tool.
Our collaboration with TikTok in managing this event data is governed by a joint processing agreement. This agreement outlines our respective data protection responsibilities, including:
- Our Responsibility: To provide you with information as required under Articles 13 and 14 GDPR regarding the joint processing of personal data.
- TikTok’s Responsibility: To facilitate the exercise of data subject rights under Articles 15 to 20 GDPR concerning the personal data TikTok handles after transmission.
You can review the agreement between us and TikTok
here.
TikTok is solely responsible for the processing of event data after it is transmitted. For detailed information on how TikTok processes personal data, including their legal basis for processing and how you can exercise your rights against TikTok, please refer to TikTok’s
data policy.
8. Integration of Trusted Shops Trustbadge and Other WidgetsWe integrate Trusted Shops widgets (e.g., the Trusted Shops Trustbadge) on our website to showcase Trusted Shops services (like the seal of approval and collected ratings) and to offer Trusted Shops products to customers post-purchase.
This integration supports our legitimate interests in optimal marketing and secure shopping, in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. The Trustbadge and associated services are provided by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne (Trusted Shops), with whom we share joint data protection responsibilities under Art. 26 GDPR. Details of our joint responsibilities are outlined below in compliance with Art. 26 (2) GDPR.
The Trustbadge is served by a US CDN provider (content delivery network). Data protection is ensured through standard data protection clauses and additional contractual measures. For more information on Trusted Shops GmbH’s data protection practices, see their
privacy policy.
When the Trustbadge is accessed, a server log file is created, which includes your IP address, date and time of access, data transferred, and the requesting provider (access data). Your IP address is anonymized immediately after collection to prevent personal identification. The server log file is stored securely and is either deleted or anonymized within 90 days. This helps us and Trusted Shops prevent abuse and fraud, optimize services, and ensure the smooth operation of the website and Trusted Shops widgets, as per Art. 6 para. 1 p. 1 lit. f GDPR.
If you use Trusted Shops products after placing an order or if you’re already registered, additional personal data is sent to Trusted Shops GmbH. Order data is automatically collected for this purpose. A neutral parameter, the email address hashed by a cryptographic one-way function, is used to check your registration status. The hashed email address is transmitted and then deleted after the check.
This process determines if you are registered with Trusted Shops GmbH and is necessary for fulfilling our and Trusted Shops' legitimate interests in providing buyer protection and transactional evaluation services, in line with Art. 6 (1) sentence 1 lit. f GDPR. If you are registered, further processing will follow the agreement between you and Trusted Shops. If not registered, you will be given the chance to register. Any non-registrant data is automatically deleted by Trusted Shops, making personal identification impossible.
For data protection queries or to exercise your rights under our joint responsibility, please contact Trusted Shops GmbH using their contact details
here. Additional data protection information can be found in the
link provided. Alternatively, you can contact us using the information in this privacy notice; we will forward your query to the relevant party if necessary.