Effective Date: October 16, 2017.
This Privacy Statement describes how EIS Inc. and/or EIS GmbH, Am Lenkwerk 3, 33609 Bielefeld, Germany (individually or collectively, “EIS,” “we,” “our,” or “us”) collects, uses, and shares data about you and applies to your use of any online service location that posts a link to this Privacy Statement and all features, content, and other services that we own, control and make available through such online service location (collectively, the “website”). This Privacy Statement does not apply to our data collection activities outside of the website (unless otherwise stated below or at the time of collection).
2. WHEN AND HOW DO WE COLLECT DATA?
We comply with the statutory provisions of the Federal Data Protection Act and the German Telemedia Act when collecting, processing and using data in Germany.
A. Data You Provide.
"Personal data" is data that identifies you personally (whether alone or in combination), such as your first and last name, e-mail address, phone number, and postal address. In order for you to use certain aspects of our website, we may require that you provide certain personal data. For example, we and our Service Providers (defined below) may collect personal data when you:
- place an order with us or make a purchase through the website;
- contact us;
- register or use an account with us;
- subscribe to or cancel your subscription to our newsletter; or
- participate in our referral program
In addition, we will generally request certain types of personal data from you in association with the following types of interactions with us:
- When you place an order with us or make a purchase through the website:
- First name
- Last name
- E-mail address
- Payment data
- Date of birth
- When you contact us:
- E-mail address
- Other personal data to confirm your identity
- When registering or using an account:
- First name
- Last name
- E-mail address
- Date of birth
- When subscribing to/cancelling the newsletter:
- E-mail address
- With the member-get-member advertising/partner program:
- First name
- Last name
- E-mail address
- Bank details
You may choose to voluntarily submit certain other data to us through the website, including personal data, but you are solely responsible for your own personal data in instances where we have not requested that you submit such data to us.
Personal data once “de-identified” is not subject to this Privacy Statement and we and our Service Providers may treat it as non-personal data and use it without obligation to you except as prohibited by applicable law.
B. Data Collected Automatically.
We and our Service Providers may automatically collect certain data about you when you access or use the website (“usage data”). Usage data may include IP address, device identifier, browser type, operating system, data regarding network connected hardware, and data about your use of the website. To the extent that we combine usage data with your personal data, we will treat the combined information as personal data under this Privacy Statement.
The methods that may be used on the website to collect usage data include:
- Log Data: Log data is data about your use of the website, such as IP address, browser type, internet service provider, referring/exit pages, operating system, date/time stamps, and related data, which is stored in log files.
- Information Collected by Tracking Technologies: Cookies, web beacons (also known as "tracking pixels"), embedded scripts, location-identifying technologies, and other tracking technologies now and hereafter developed (“Tracking Technologies”) may be used to collect information about your interactions with the website or e-mails, including information about your browsing and activity behavior.
- Web Beacons (“Tracking Pixels”)
Web beacons are small graphic images, also known as "internet tags" or "clear gifs," embedded in web pages and e-mail messages. Web beacons may be used to count the number of visitors to the website, to monitor how users navigate the website, and to count content views.
- Embedded Scripts
An embedded script is programming code designed to collect information about your interactions with the website. It is temporarily downloaded onto your device from our web server or a third party with whom we work, is active only while you are connected to the website, and deleted or deactivated thereafter.
- Location-identifying Technologies
Location-aware technologies locate (sometimes precisely) you for purposes such as verifying your location and delivering or restricting relevant content based on your location.
Certain data about your use of the website and certain Third Party Services (defined below) may be collected using Tracking Technologies across time and services and used by us and third parties for purposes such as to associate different devices you use, and deliver relevant ads and/or other content to you on the website and certain Third Party Services.
For further information on Tracking Technologies and your choices regarding them, please see “Third Party Services, Features, and Devices” and “Advertising and Anlaytics Opt-Outs” below.
C. Data From Other Sources.
3. HOW DO WE USE AND SHARE YOUR DATA?
Our agents, vendors, consultants, and other service providers (collectively “Service Providers”) may receive, or be given access to your data, including personal data and usage data, in connection with their work on our behalf. These Service Providers are prohibited from using your personal data for any purpose other than to provide this assistance, although we may permit them to use aggregate information which does not identify you or de-identified data for other purposes.
We may use and share data about you, including personal data, for any purposes consistent with our statements under this Privacy Statement or as permitted by applicable law or with your consent, including for the following purposes:
3.1. Purchases and Transactions.
We may use and share your data to process your orders, deliver goods to you, and process your payments. For example, we may forward your data to a freight forwarder (such as DHL or Hermes), which serves the goods to you, or to another Service Provider, which carries out postal shipments for us in individual cases that involve returns. We may also forward your data to our Service Providers, such as PayPal, for purposes of processing and storing your credit card data.
In addition, we may send you confirmation e-mails about your orders as well as follow-up e-mails regarding an assessment of our services. By agreeing to this privacy statement you grant us your consent to send the e-mail with the request to submit an assessment. A response by you is completely voluntary, and therefore you can ignore the request. Your assessment will help us improve our offer of goods and, above all, our service – for the advantage of all customers. You can object to the use of your e-mail address for the purpose of us sending you assessment e-mails at any time without cost by contacting us at the addresses set forth in Section 16 below
If you have subscribed to our newsletter, we reserve the right to share your data with an external newsletter Service Provider for purposes of sending the newsletter. For example, we may use Emarsys eMarketing Systems AG, Märzstrasse 1, A-1150 Vienna for the processing in this respect (hereinafter referred to as “Emarsys”). With the registration for the newsletter you agree that we may evaluate the use of the newsletter and our website in order to make individual topics available to you. The evaluation will only be carried out if you have explicitly agreed hereto or until you have revoked your granted consent. We may use an analysis tool to evaluate your use of the newsletter and website, as well as to measure the success of certain marketing measures and to adjust our offers to your individual interests and needs. You can unsubscribe from our newsletters at any time without cost as set forth in the section entitled “Communications” below.
3.3. Fraud and Abuse.
We may use and share your data to prevent and address fraud, breach of policies or terms, threats or harms, and improper use of our website. We may also use and share your data to protect the rights, property, life, healthy, security and safety of us, the website, and any third party.
3.4. Law Enforcement.
We may use and share your data to comply with the law or other legal process, and where required, in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
3.5. Merger and Acquisition.
We may use and share your data in connection with, or during negotiations of, any proposed or actual merger, purchase, sale or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business.
3.6. Research and Analysis.
We may use and share your data to help us to design and consistently improve the website, including your shopping experience with us. We may also use your data for market and opinion research and analysis. Your answers to surveys for market and opinion research and analysis purposes will neither be forwarded to third parties (other than Service Providers), nor published by us.
We do not store the answers from surveys for market and opinion research purposes together with your other personal data. Should we commission third parties with surveys for market and opinion research and analysis purposes then your data may be forwarded to those third parties, as well.
You can object to the use of your e-mail address for research and analysis purposes at any time without cost by contacting us at the addresses set forth in Section 16 below.
Without limiting the foregoing, in our sole discretion, we may share aggregated data which does not identify you or de-identified data about you with third parties or affiliates for any purpose.
We may use and share your data in order to inform you about our and third party orders, products, services, rewards, events and offers we think you may be interested in. We may also share your data with our affiliates, business partners, and other third parties for their own business purposes, including direct marketing purposes. You can object to the use of your e-mail address for direct advertising purposes by us at any time without cost by contacting us at the addresses set forth in Section 16 below. California residents have additional rights set forth in “Your California Privacy Rights” below.
3.8. Sweepstakes, Contests, and Promotions.
We may offer competitions, including sweepstakes, contests, and promotions. The following data, among others, may be recorded when you participate:
- First name
- Last name
- E-mail address
The data is processed and stored by us using electronic means, and will be deleted after termination of the competition in accordance with our policies. The data may be disclosed to third parties for administrative purposes and as required by law (e.g., on a winners list). By entering, you agree to the official rules that govern the competition, and may, except where prohibited by applicable law, allow the sponsor and/or other parties to use your name, voice and/or likeness in advertising or marketing materials. The data provided by you may also be processed electronically for purposes of sending newsletters to you. You grant your consent for this purpose when you participate in a competition. You can withdraw from a competition at any time without cost by contacting us at the addresses set forth in Section 16 below.
Cookies are text files, which are stored on the user’s device during a visit to our website. Cookies may be in the form of a session ID cookie or tracking cookie. Session cookies make it easier for you to navigate the website and expire when you close your browser. Tracking cookies help in understanding how you use the website, and remain longer. The website may associate some or all of these types of cookies with your devices. Cookies may remain on your device for extended periods of time.
In order to be able to use all functions in on our website, you must allow tracking cookies in your browser. You will find further information in this respect under "FAQ/Technical problems/activate cookies". Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options so you may need to set them separately. If you disable or block cookies you can still visit our website, however, some parts of the website may not work, such as displaying the contents of your shopping basket.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, we do not monitor or take action with respect to “Do Not Track” signals or other mechanisms. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.
5. THIRD PARTY SERVICES, FEATURES, AND DEVICES
Our website contains content from and hyperlinks to websites, locations, platforms, and services operated and owned by third parties (“Third Party Services”). In addition, our website contains features that allow you to interact with, connect to, or access our website through certain Third Party Services and third party devices (“Third Party Features”). For example, you use a Third Party Feature when you log-in to our website through Facebook, Google, Instagram, or Twitter, or “like” or “share” content over social media through our website. Remember that third parties may use Tracking Technologies to independently collect data about you and may solicit personal data from you. Also, if you use a Third Party Feature, both we and the applicable third party may have access to and use data associated with your use of the Third Party Feature. If you publicly reference our website on a Third Party Service (e.g., by using a hashtag associated with us in a tweet or post), we may use your reference on or in connection with our website.
Our website also contains Tracking Technologies operated by third parties. For example, analytics services, such as Google Analytics, may use Tracking Technologies on our website to help us analyze your use of the website, compile statistic reports on the website’s activity, and provide other services relating to website activity and internet usage. Similarly, ad serving services, advertisers, and other third parties may use Tracking Technologies on our website and Third Party Services to track your activities across time and services, and tailor ads to you based on your activities, which may include sending you an ad on a Third Party Service or third party device after you have left the website (“Interest-based Advertising”).
6. ANALYTICS AND ADVERTISING OPT-OUTS
You may exercise choices regarding receipt of Interest-based Advertising by submitting opt outs. Some of the advertisers and Service Providers that perform advertising-related services for us and our partners may participate in the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, visit http://www.aboutads.info/choices. Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt out options for their members, see http://www.networkadvertising.org/choices/. Please be aware that, even if you are able to opt out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain Interest-based Advertising to you, but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). We are not responsible for effectiveness of, or compliance with, any third-parties’ opt out options or programs or the accuracy of their statements regarding their programs.
7. DO WE USE WEB ANALYSIS TOOLS?
Yes. We do this the same as the majority of Internet companies. We will inform you about the used service in detail below.
Use of Google Analytics
We use the web analysis tool Google Analytics for evaluating the visitor numbers to our online shop and the collection of thus resulting statistics.
The following information is provided in this respect:
This website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files, which are stored on your computer and which enable an analysis of the use of the website by you. The information generated by the cookie concerning your use of this website is, as a rule, transmitted to a server of Google in the USA and stored there. In the event of the activation of the IP anonymization on this website your IP address will be previously abbreviated by Google, however, within member states of the European Union or in other contracting states of the Treaty on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a server of Google in the USA and abbreviated there. By order of the operator of this website Google will use this information in order to evaluate your use of the website in order to compile reports about the website activities and in order to provide further services associated with the use of the website and the Internet towards the website operator. The IP address transmitted by your browser within the scope of Google Analytics will not be aggregated with other data of Google. You can prevent the storage of the cookies by a corresponding setting of your browser software. However, we would like to point out to you that in this case you will, if applicable, not be able to use all functions of this website in full. You can in addition prevent the entry of the data generated by the cookie and which refers to your use of the website (incl. your IP address) to Google as well as the processing of these data by Google by downloading and installing the browser plug-in that is available under the following link. In connection with the problem of the use of analysis tools, the collection of the full IP addresses and making these available to the user, we would like to point out that this website uses the analysis tool Google Analytics by using the extension made available by Google "_anonymizeIp()". For this reason the determined IP addresses will only be further processed in an abbreviated form in order to exclude a direct reference to the individual Internet user here.
Extended Google Analytics functions
All remarketing target groups created in Google Analytics are extended so that you will profit from the new cross-device functions available in AdWords and DoubleClick. This way we can reach users irrespective of the device when using Google Analytics Audiences.
Insofar as users have agreed that their web and app browser progress is linked with their Google account by Google and information from their Google account is used to personalise advertisements, which they see in the web, Google uses data of these registered users together with Google Analytics data in order to create and define target group lists for cross-device remarketing. Google-authenticated IDs of these users are recorded by Google Analytics in order to support this function. These personal data of Google are temporarily linked with our Google Analytics data in order to form target groups.
8. PUBLIC PROCEDURE INDEX
The BDSG stipulates in Section 4g that the office for data protection has to make the following details available to everyone in a suitable manner in line with Section 4e. Therefore, you can contact our data protection officer by e-mail at firstname.lastname@example.org in this respect and request our procedure index.
9. AM I ENTITLED TO ACCESS MY DATA?
You may access or have your personal data deleted or corrected by sending us an e-mail to email@example.com. We may require additional information from you to allow us to confirm your identity. Please note that we will retain and use your data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
10. RIGHT TO OBJECTION OR REVOCATION
Under certain circumstances and in accordance with applicable law, you may object to the use of your data or revoke your consent for the processing of your personal data for certain purposes. Requests must specify the scope of the objection or revocation of consent. We may require additional information from you to allow us to confirm your identity. For this purpose, please contact us at the addresses set forth in Section 16 below.
11. YOUR CALIFORNIA PRIVACY RIGHTS
California’s “Shine the Light” law permits customers in California to request certain details about how certain types of their data are shared with third parties and, in some cases, affiliates, for those third parties’ and affiliates’ own direct marketing purposes. Under the law, a business should either provide California customers certain information upon request or permit California customers to opt in to, or opt out of, this type of sharing.
Company may share personal information as defined by California’s “Shine the Light” law with third parties and/or affiliates for such third parties’ and affiliates’ own direct marketing purposes. If you are a California resident and wish to obtain information about our compliance with this law, please contact us at the addresses set forth in Section 16 below. Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that we are not required to respond to requests made by means other than through the provided e-mail address or mail address.
12. Your European Privacy Rights
You can opt-out of receiving certain promotional e-mails (including our newsletters) from us at any time by following the instructions as provided in e-mails to click on the unsubscribe link, or contacting us here with the word UNSUBSCRIBE in the subject field of the e-mail. Please note that your opt-out is limited to the e-mail address used and will not affect subsequent subscriptions or non-promotional communications, such as those about your account, transactions, servicing, or our ongoing business relations.
14. HOW DO WE PROTECT YOUR PERSONAL DATA?
We take reasonable measures to help protect data about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of your information collected through our website.
15. WHEN WILL YOUR DATA BE DELETED?
Our policy is to delete data when we have fulfilled the purpose for which it was originally collected or based on the consent you gave us. However, we will retain and use your data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
16. PROCESSING IN GERMANY; DATA TRANSFER; CHANGES TO THIS PRIVACY STATEMENT.
Our databases are located in Germany. This is necessary in order to process the information. If you access our Services from outside Germany, you consent to transfer, processing, and storage of that data in Germany. Information submitted by you may be transferred by us to third parties mentioned in the circumstances described above (see information sharing), which may be situated in the United States or elsewhere outside the EEA and may be processed outside the EEA. The countries concerned may not have similar data protection laws to the EEA. In particular, the law in the United States in respect of law enforcement authority access to data is significantly different from Europe. In these instances, where required by law, we will enter into appropriate Controller to Processor Standard Contractual Clauses for the transfer of personal data outside the EEA to third party processors.
We reserve the right to revise and reissue this Privacy Statement at any time. Any changes will be effective immediately upon posting of the revised Privacy Statement. Your continued use of our website indicates your consent to the Privacy Statement then posted. If the changes are material, we may provide you additional notice to your e-mail address.
The website is intended for a general audience and not directed to children under thirteen (13) years of age. EIS does not knowingly collect personal information as defined by the U.S. Children’s Privacy Protection Act (“COPPA”) in a manner that is not permitted by COPPA. If you are a parent or guardian and believe EIS has collected such information in a manner not permitted by COPPA, please e-mail us at firstname.lastname@example.org or send us a letter to the address identified in Section 18 below, and we will remove such data to the extent required by COPPA.
18. DO YOU HAVE ANY FURTHER QUESTIONS?
If you have any questions or would like to receive further information about our practices or exercise your rights as set forth in this Privacy Statement, please contact our data protection officer by e-mail to: email@example.com
Or contact the responsible body:
- Data protection officer -
110 WALL STREET
NEW YORK NY 10005.
Fax: +49 800 / 4460000