Privacy Policy

Thank you for visiting our website. Protection of your privacy is very important to us. Below you will find extensive information about how we handle your data. This privacy policy applies to the present website and as well as to the Facebook fan page, the Twitter channel, the Xing profile, the YouTube channel and the Instagram channel. Information and contact details for the responsible person can be found in the imprint.

1. Communication via Email, Contact Form or Phone

We collect personal data if you voluntarily provide it when contacting us (e.g. via contact form or e-mail). Mandatory fields are marked as such since in these cases we require the data for processing your message or for creating a customer account, and you cannot send the message without this information. The specific data that is collected is listed on the respective contact forms. We use the data provided by you to process your enquiries. The legal basis for the data processing is Art. 6 (1) (b) GDPR, insofar as your message is related to an existing or upcoming contract with you. If this is not the case, the legal basis is Art. 6 (1) (f) GDPR, as the processing is necessary to fulfil our legitimate interest in the proper processing of contact requests. In order to be able to properly allocate enquiries, the provision of personal data is necessary.

We have engaged service providers for the technical processing of your communication with us on our behalf. These service providers are based in the USA. An adequate level of data protection is ensured by an adequacy decision of the EU Commission, which can be accessed here for the USA.

After complete processing of the communication, your data will be restricted for further processing and deleted after expiry of the applicable retention periods under tax and commercial law, unless you have explicitly consented to further use of your data, or we have reserved the right to do so, where permissible by law, in which case we shall inform you thereof in this privacy policy.

2. Access Data and Hosting

You can visit our website without providing any personal information. Every time you visit our website, the web server automatically saves a so-called server logfile which contains data like the name of the requested file, your IP address, date and time of the request, the amount of data transmitted and the requesting provider (all together “access data”), and documents your visit.

The access data is evaluated exclusively for the purpose of ensuring the error-free functioning of the site and of improving our services. This is necessary for the protection of our legitimate interests in the proper presentation of our offer which are overriding in the process of balancing of interests pursuant to Art. 6 (1) (f) GDPR. All access data will be deleted no later than seven days after the end of your visit to the site.

Hosting services through a third party provider

This site is hosted on our behalf by a processor. Insofar as a service provider is based in the USA or is part of a group of companies with headquarters in the USA, we agree on the EU or the EEA as the exclusive server location and processing location. An adequate level of data protection is also ensured by an adequacy decision of the EU Commission, which can be accessed for the USA here.

All data collected via the use of these websites or through the forms provided for the purposes described below is processed on the servers of the respective service provider. Processing on other servers only takes place as described within this privacy policy.

3.Data Collection and Use in the Context of the Trusted ShopsProducts

Registration for Trusted Shops Basic or Plus for buyers

Information on the processing of personal data in the context of the use of our various services is available when you register for the services, for example as an appendix to the terms of use.

Registration for Trusted Shops membership for online shops

Information on the processing of personal data in connection with the Trusted Shops membership for online shops can be found in the data protection information here.

Application for a position with Trusted Shops

Information on the processing of personal data in the context of applying for a job with Trusted Shops is linked in the job advertisement.

4. Third Country Transfer

In this section, we inform you about the processing of personal data related to you in third countries for which there is no adequacy decision adopted by the EU Commission.

Trusted Shops uses a variety of service providers. Many of them use servers in third countries, i.e. outside the EU or the EEA. This also includes the USA. The transfer of personal data associated with this must be carried out in accordance with Art. 44 et seq. GDPR. For the U.S., an adequacy decision applies to all companies registered for the EU-U.S. Data Privacy Framework (DPF). In this case, the transfer of data is possible without further guarantees. If processing takes place in a third country without an adequacy decision or at a U.S. company that is not registered for the DPF, we agree on Standard Contractual Clauses with the data recipient to ensure an appropriate level of data protection. Where possible and necessary, we also agree on additional measures. If the level of data protection is not sufficient despite the agreed Standard Contractual Clauses and any additional measures taken, we will ask for your consent.

By clicking on “Cookie settings” in the footer of this website, you can open the Cookie Manager and find detailed information about all the service providers from third countries that we use, such as the exact countries of residence of the individual service providers, the specific legal basis and the purpose of the data transfer, the duration of the data storage, etc.


5. Cookies and Tracking

In order to make the user experience on our website attractive and to enable the use of certain functions, as well as to display suitable products or for market research, we use so-called cookies and other tools on various pages via which information is stored on, or retrieved from, your terminal device (hereinafter uniformly referred to as "cookies").

Cookies:

Cookies are small text files that are stored on your terminal device. We always use some cookies to be able to guarantee the basic functionality of our pages and the optimal presentation of our offers (essential/necessary cookies). Some of the cookies we use are deleted at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognise your browser on your next visit of our website (persistent cookies). We use both cookies of our own and some by third-party providers (so-called third-party cookies).

Consent Manager:

A detailed overview of the cookies and other tools and service providers we use, their purposes and storage periods, the legal basis for cookie use, and additional information can be found in our Consent Manager which you can also access by clicking on “Cookie settings” in the footer.

You can separately accept or reject individual or all cookies with the Consent Manager during your first visit to our website and at any time thereafter by placing a green check mark / cross next to the respective cookie, or respectively by removing it and saving the settings. These settings are saved in the local storage of your computer or mobile device. Therefore, settings must be made and saved anew in case the local storage of your device is deleted, or if you use a different device or browser. Please note that you may have to manually delete cookies that have already been set if you revoke your consent. Rejecting cookies might limit the functionality of our website.

Other Cookie Setting Options:

Alternatively, you can set your browser to inform you about the use of cookies on websites and let you accept them individually or refuse them for certain cases or in general. Each browser manages cookie settings differently. This is described in more detail in the help menu of each browser which also explains how you can change your cookie settings. You can find this menu for each browser at the following links:

In addition to deselecting cookies in the Cookie Manager, you can revoke any consent which you have given us to the use of cookies in accordance with Art. 6 (1) (a) GDPR at any time by sending a message to the contact indicated in our privacy policy.

Please note that disabling cookies may limit your access to some features of our website.


6. Our Presence on Social Media Platforms

Our presence on social networks and platforms serves to improve active communication with our customers and other interested parties. There we provide information on our products and ongoing special promotions.

When visiting our social media channels, your data may be automatically collected and stored for market research and advertising purposes. By using pseudonyms, so-called usage profiles are created from this data. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Generally, cookies on your end device are used for this purpose. Visitor behaviour and user interests are stored in these cookies. This serves the protection of our legitimate interest in the optimal presentation of our offers and the communication with customers and other interested parties which is overriding in the process of balancing of interests pursuant to Art. 6 (1) (f) GDPR. If you are asked for your consent (to agree) to data processing, for example via a checkbox, on the respective social media platform for consent, the legal basis for the data processing is Art. 6 (1) (a) GDPR.

In terms of certain data processing activities on our social media profiles on Facebook, we act as joint controllers alongside the platform operator in the sense of Art. 26 GDPR. The essential information on the agreement concluded between us and Facebook, and your associated rights can be found here.

In the case where certain social media platforms are headquartered in the U.S., an adequate level of data protection is ensured by an adequacy decision of the EU Commission, which can be accessed here for the USA.

Please refer to the privacy policies of the individual social media providers linked below for detailed information on the processing and use of data by these providers on their pages, as well as on contact options, your rights as a data subject, and privacy settings or options, in particular opt-out options. Should you still require assistance in this regard, feel free to contact us.

Facebook

Google/Youtube

Twitter

Instagram

Pinterest

LinkedIn

Xing

Objection (Opt-Out) Settings:

Opt-Out Facebook

Opt-Out Google/Youtube

Opt-Out Twitter

Opt-Out Instagram

Opt-Out Pinterest

Opt-Out LinkedIn

Opt-Out Xing


7. Contact possibilities and your rights

As a data subject, you have the following rights:

  • pursuant to Art. 15 GDPR, you have the right to request information about your personal data processed by us to the extent described therein;
  • pursuant to Art. 16 GDPR, you have the right to demand the immediate rectification of inaccurate or incomplete personal data stored by us;
  • pursuant to Art. 17 GDPR, the right to request the erasure of your personal data stored with us, unless further processing is necessary:
    - in order to exercise the right of freedom of expression and information;
    - for the compliance with a legal obligation;
    - for reasons of public interest, or
    - for the establishment, exercise or defence of legal claims;
  • pursuant to Art. 18 GDPR, the right to request the restriction of the processing of your personal data, insofar as:
    - you are contesting the accuracy of the data;
    - the processing is unlawful, but you oppose the erasure of the data;
    - we no longer need the data for the purposes of processing, but you require it for the establishment, exercise or defence of legal claims, or
    - you have objected to the processing pursuant to Art. 21 GDPR;
  • pursuant to Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format, or to request its transfer to another controller;
  • pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority . You can also contact the supervisory authority at your habitual residence or place of work, or at the place of our company headquarters.

If you have any questions regarding the collection, processing or use of your personal data, information, correction, restriction of processing or deletion of data as well as revocation of any consent given or objection to a specific use of data, please contact our data protection team at privacy@trustedshops.com.

You can contact our company data protection officer as follows:

Data Protection Officer
Subbelrather Str. 15c
50823 Cologne
dpo@trustedshops.com


Right of objection

Insofar as we process personal data in any of the above described manners in order to protect our legitimate interests that are overriding in the process of balancing of interests, you can object to this processing with effect for the future. If the data is processed for direct marketing purposes, you can exercise this right at any time as described above. If the processing takes place for other purposes, you are only entitled to a right of objection as far as it is justified for reasons arising from your particular situation.

After exercising your right of objection, we will not process your personal data for these purposes anymore, unless we can provide and prove compelling legitimate reasons that the processing must proceed, which outweigh your interests, rights and freedoms, or if the processing serves to establish, exercise or defend legal claims.This does not apply if the processing has taken place for direct marketing purposes. In this case, we will cease to process your personal data for this purpose.