free shipping from € 59,--
within Germany
Personal Data Protection Declaration
1. General information
The protection of your personal data when it is collected, processed and used when you visit our website is very important to us. Your data is protected in accordance with the legal regulations. Below you will find information about which data is collected during your visit to the website and how it is used.
The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
lavendels GbR
Authorized representatives: Moritz Wessel and Petra Werner
Kreuzstraße 13
80331 Munich
Germany,
Tel.: 0049-(0) 89 89 311 788
E-Mail: info@lavendels.de
This website uses SSL encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders). If the page is accessed with www ( http://www.lavendels.de or .com) is accessed on https://www.lavendels.com If the website is accessed without www ( http://lavendels.de or .com), it will also be https://lavendels.com forwarded.
In addition, we use technical and organizational measures to protect our website and other systems against loss, destruction, access, alteration or distribution of your data by unauthorized persons. Despite regular checks, complete protection against all risks is not possible.
2. Collection and storage of personal data and type and purpose of use
Every access to our homepage and every retrieval of a file stored on the homepage is logged. The storage serves internal system-related and statistical purposes. The following are logged: referrer, requested website or file, browser type and version, operating system used, device type used, time of access and IP address in anonymized form (only used to determine the location of access). The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.
Further personal data will only be collected if you provide this information voluntarily, for example as part of an order or inquiry.
2.2. Contact
When you contact us by email or telephone, personal data is collected. This data is stored and used solely for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted after your request has been finally processed. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention periods to the contrary.
2.3. Data processing in the context of order processing
To process your order, we work with the following service providers who support us in whole or in part in the implementation of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
The personal data we collect will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing, insofar as this is necessary for the payment processing.
2.3.1. Transfer of personal data to shipping service providers:
DHL Paket GmH and Deutsche Post AG
If the goods are delivered by the transport service provider DHL (DHL Paket GmbH, Sträßchenweg 10, 53113 Bonn) or Deutsche Post AG (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn), we will only pass on the name of the recipient and the delivery address to DHL or Deutsche Post AG for the purpose of delivery in accordance with Art. 6 Paragraph 1 Letter b of GDPR. The information will only be passed on if this is necessary for the delivery of the goods.
2.3.2. Transfer of personal data to payment service providers:
Paypal
When paying via PayPal, we pass on your payment data to PayPal (Europe) Sarl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The data is passed on in accordance with Art. 6 Paragraph 1 Letter b of GDPR and only to the extent that this is necessary for the payment processing. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
3. Google Analytics
This website uses Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transferred to a Google server in the USA and stored there. This website only uses Google Analytics with the extension that ensures that the IP address is anonymized by shortening it and excludes direct personal reference. Due to the extension, your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In these exceptional cases, this processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent cookies from being saved by selecting the appropriate settings on your browser software; however, please note that if you do this, you may not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Google LLC, based in the USA, is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. You can find more information on how Google Analytics handles user data in Google's privacy policy. -sigel.de/datenschutz.
4. Rights of the data subject
The applicable data protection law grants you comprehensive rights as a data subject (rights to information and intervention) vis-à-vis the controller with regard to the processing of your personal data, about which we will inform you below:
4.1. Right to information according to Art. 15 GDPR
In particular, you have the right to information about your personal data processed by us, the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected from you by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing concerning you, as well as your right to be informed of the guarantees in accordance with Art. 46 GDPR when your data is forwarded to third countries.
4.2. Right to rectification pursuant to Art. 16 GDPR
You have the right to have any incorrect data concerning you corrected immediately and/or any incomplete data stored by us completed.
4.3. Right to erasure pursuant to Art. 17 GDPR
You have the right to request the erasure of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not apply if the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
4.4. Right to restriction of processing pursuant to Art. 18 GDPR
You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you contest, is being verified, if you refuse to delete your data due to unlawful data processing and instead request the restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved, or if you have lodged an objection for reasons related to your particular situation, as long as it has not yet been determined whether our legitimate reasons outweigh yours.
4.5. Right to information according to Art. 19 GDPR
If you have asserted your right to rectification, erasure or restriction of processing vis-à-vis the responsible party, this party is obliged to inform all recipients to whom the personal data concerning you was disclosed of said rectification, erasure or restriction of processing, unless doing so should prove impossible or involve disproportionate expenditure. You have the right to be informed of these recipients.
4.6. Right to data portability according to Art. 20 GDPR
You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another responsible party, as far as this is technically feasible.
4.7. Right to revoke consent granted in accordance with Art. 7 Para. 3 GDPR
You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
4.8. Right to lodge a complaint pursuant to Art. 77 GDPR
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
5. Right of objection
If we process your personal data based on our overriding legitimate interest as part of a balancing of interests, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation. If you exercise your right of objection, we will stop processing the data in question. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, fundamental rights and freedoms or if the processing serves to assert, exercise or defend legal claims.
If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such advertising. You can exercise your objection as described above. If you exercise your right of objection, we will stop the processing of your data for direct marketing purposes.
6. Duration of storage of personal data
The duration of storage of personal data is determined based on the respective statutory retention period (e.g. retention periods under commercial and tax law). After expiry of the period, the corresponding data is routinely deleted unless it is no longer required to fulfill or initiate a contract and/or we no longer have a legitimate interest in continuing to store it.
7. Current status and changes to this privacy policy
This privacy policy is currently valid and is dated May 2018. Due to changes in legal or official requirements, it may be necessary to change this privacy policy. You can access the current privacy policy at any time on our website under the "Data Protection" section.
- Choosing a selection results in a full page refresh.