The latest safety measures are implemented on our websites in order to avoid misuse of information. Moreover, Lassig enables you to make your transactions safely and comfortably when buying online. Our employees are bound to privacy and nondisclosure.
1.1 Data Processing Controller
Data Processing Controller as defined in Art. 4(7) GDPR is:
Im Riemen 32
Tel.: +49 (0)6073 - 744 890
Fax: +49 (0)6073 - 744 8929
Management Board: Claudia Lässig, Karin Heinrich, Stefan Lässig
1.2 Data Protection Officer
Data Protection Officer for Lässig GmbH is
c/o data screen consult GmbH
61348 Bad Homburg
E-mail: firstname.lastname@example.org or email@example.com
1.3. Collecting Anonymous Information
Principally, you can visit the web pages of the Lassig without telling us who you are. We only learn the name of your internet service provider, the website from which you are visiting us and the web pages you are viewing. This information is analyzed for statistic purposes. In this context, you as an individual user remain anonymous.
1.4 Using Cookies
We would like to inform you that the use of the buying and ordering features is only possible when cookies are activated. On our website we use so-called cookies. Cookies are small files that are saved on your computer's hard drive which save certain settings and information for the exchange with our system by means of your browser.
On the one hand, cookies are saved that are generated to compile visitor statistics. On the other hand, cookies are used that are important for buying or ordering. The cookies used here are automatically deleted from your hard drive once the browser session has been ended (therefore “session cookies“). Some cookies are permanently saved to avoid having to ask whether cookies are allowed in your system every time. Please note that if you do not accept cookies, the functionality of our website may be limited.
Internet Explorer: windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
1.5 SSL encryption
For reasons of security, this website uses SSL or TLS encryption to protect the transmission of confidential content, such as orders or inquiries, that you send to us in our capacity as operators of the website. You can see that a connection is encrypted by checking the URL in your browser, which switches from “http://” to “https://” and by making sure there is a padlock icon in your browser line.
When SSL or TLS encryption is active, third parties cannot access the data you send us.
2. COLLECTION OF PERSONALLY IDENTIFIABLE INFORMATION
We only collect personally identifiable information that you voluntarily provide to us, for example for orders or for performance of a contract (Article 6(b) GDPR), for a survey or when you subscribe to services that require registration with personally identifiable information (“personalized services”). We collect the following data:
• your name,
• your address,
• your telephone number, and
• your e-mail.
If you order a product or register for a personalized service, we also capture the data requested in the course of ordering or registering, in addition to the aforementioned information. Information about ordered products is also included (Article 6(b) GDPR).
In the context of the order fulfillment your personal data acc. the statutory retention periods and deleted after 6 years at the latest.
Personal data processed in the context of consent will be deleted as soon as possible, but no later than two weeks after receipt of the objection.
Data on the visit to the website will be deleted after 3 working days at the latest. For the storage periods of our social media partners, please read the u.a. Privacy policies.
The information collected within the framework of the ordering procedure in the fan shop is transferred in coded form (SSL technology) in order to counteract misuse of the information by third parties. Your information is processed within the Federal Republic of Germany.
The personally identifiable information recorded when you visit LÄSSIG GmbH websites will only be used to process orders and for performance of the ensuing contracts, and to respond to your inquiries without specifically obtaining your consent (Article 6(b) GDPR). If it is necessary to forward the information to third parties for this purpose, for example for collecting the purchase price via cash on delivery, credit card or Paypal, your information will be forwarded to these parties.
We will only process or use the information we have collected regarding your person for promotions, market research and designing the electronic services of the Lässig GmbH(Article 6(f) GDPR). in line with demand if you have given us your consent beforehand (Artikel 6(a) DS-GVO). Likewise, we will only construct a user profile from the information you have accessed when visiting websites owned by the Lässig GmbH with your consent in order to offer you customized advertising. Personal information is only shared with third parties as described in the paragraphs above. Beyond this, no information is forwarded.
If the data is to be processed for other purposes, your express consent must be obtained in each individual instance.
You are entitled to request information about the personally identifiable information we have about you on file (Article 15 GDPR). Lässig GmbH may charge a reasonable fee for all additional copies requested by the data subject in order to cover its administrative costs. If data subjects submit applications electronically, the information must be provided in a standard electronic format unless otherwise indicated.
Moreover, you are entitled to demand the rectification of incorrect data (Article 16 GDPR) and – subject to legal permissibility – the erasure (Article 17 GDPR) or restriction of processing (Article 18 GDPR) of your data.
You have a right to data portability (Article 20 GDPR).
Lässig GmbH will ensure that your rights are also protected by any contract processors acting on behalf of Lässig GmbH (Article 19 GDPR).
3. RIGHT TO OBJECT
You have the right to file objections with the supervisory authority responsible for data protection. The supervisory authority responsible for Lässig GmbH is
Data Protection Officer for the State of Hessen
P.O. Box 3163
Telephone: +49 611 140 80
Fax: +49 611 140 870 611
Pursuant to Article 23 GDPR, the aforementioned rights can be restricted in certain circumstances.
4. COLLABORATION WITH CONTRACT PROCESSORS AND THIRD PARTIES
If, as part of our processing operations, we disclose, transfer or otherwise grant access to data to other people and companies (contract processors or third parties), this only occurs if we are legally permitted to do so (e.g. if data disclosure to third parties, such as payment agents, is necessary for performance of a contract as specified in Art. 6 (1) (b) GDPR), if you have consented, or such disclosure constitutes a legal obligation or is in our legitimate interest (e.g. when engaging agents, web hosts, etc.).
If we engage third parties to process data under a “Contract Data Processing Agreement”, the engagement is governed by Art. 28 GDPR.
4.1 SERVER LOG DATA
The provider of this website, automatically collects and saves information – that is automatically transmitted by your browser when you visit our website – in server log files. The information concerned is:
• IP address
• Time stamp (date and time of visit)
• Nature of visit
• Client information (client type/version)
• User’s operating system (hardware, OS version)
This data is not collated with other data sources. The log files only go as far back as one day maximum. We have entered into a Contract Data Processing Agreement with Hostnet GmbH. The legal basis for this data processing is established in Art. 6 (1) (b) GDPR, which permits data to be processed in performance, or preparation for performance, of a contract.
If you subscribe to our newsletter, we will use the information required or separately provided by you to send you regular e-mail newsletters. Your consent pursuant to Article 6(a) GDPR is required before we can send you our newsletter. You may revoke this consent at any time.
Newsletter data: If you would like to subscribe to the newsletter advertised on our website, we will require an e-mail address and information that we can use to verify that you are the owner of said e-mail and that you consent to our sending you the newsletter. We do not collect any other information, or only collect data that you voluntarily provide. We use the data for the sole purpose of sending you the requested information, and will not provide your details to any third parties.
We save the data you provide for the purpose of subscribing to our newsletter for as long as you continue to subscribe, and delete the information if you unsubscribe. The aforementioned does not apply to data that we have saved for other purposes (e.g. e-mail addresses for the members’ area).
Double opt-in and log procedures: Subscribing to our newsletter is a double opt-in procedure. Once you have registered, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary to ensure that nobody can register using other people’s e-mail addresses.
Newsletter subscriptions are logged to enable validation of the registration process as required by law. To this end, the timing of the subscription and confirmation are recorded, as is the IP address.
Registration data: To subscribe to our newsletter, you only need to give us your e-mail address. Providing your first and surnames is optional. We only ask for this information so that we can personalize your newsletter.
Collection and analysis for statistical purposes: Our newsletters contain a “web beacon”, which is a pixel-sized file retrieved by Lässig’s server when the newsletter is opened. As part of this retrieval process, information of an initially technical nature is collected, such as details of your browser and system, followed by your IP address and the time of retrieval. This information is used for technical improvement of the service based on the technical data or target groups and their reading habits derived from where they are at the time of access (which can be determined with the aid of the IP address) or the time at which they access.
Data collected for statistical purposes also includes determining whether a newsletter is opened, when it is opened, and which links are clicked. Although this information can be assigned to individual newsletter readers for technical reasons, we are not attempting to observe individual users. On the contrary, we analyze the data to understand more about our users’ reading habits and to enable us to adapt our content to them, or to selectively provide content to match the interests of our users.
Termination/Revocation: You can unsubscribe from our newsletter, i.e. revoke your consent, at any time. In doing so, you automatically revoke your consent to the dispatch of the same and to the statistical analysis. Separate revocation of consent to dispatch or to statistical analysis is unfortunately not possible.
You will find the unsubscribe link at the bottom of each newsletter. If you would like to unsubscribe from the newsletter you can also do so at any time by e-mail to firstname.lastname@example.org.
Legal basis: Processing of the data entered in the newsletter subscription form is subject to your consent (Art. 6 (1) (a) GDPR).
You may revoke your consent to our saving your data and e-mail and to our using the same to send you our newsletter at any time, for example using the “Unsubscribe” link in the newsletter. The lawfulness of the data processing operations that have already been completed is not affected by any such revocation.
Sending of newsletters: We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. Rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter. A passing on or a sale of your data is not allowed to rapidmail GmbH. rapidmail is a German, certified newsletter software provider, which was carefully selected
6. COMMENTS FUNCTION
If you use the Comments function on this website, information about the timing of your comment and the commentator’s name you have given yourself (real names are not necessary!) will be saved, together with your comment, and published on the website.
We require your e-mail to contact you if a third party complains that your published content is illegal. We also reserve the right to delete comments if a third party claims they are illegal.
If you comment, we will neither log nor save your IP address.
Comments and the associated data (e.g. IP address) will be saved and remain on our website until the commented content has been completely deleted or the comments have to be deleted for legal reasons (e.g. insulting comments).
The legal basis for saving your data is established in Article 6 (1) (b) and Article 6 (1) (f) GDPR.
7. INCLUSION OF THIRD-PARTY PROVIDERS AND THIRD-PARTY CONTENT
7.1 Google Analytics
Google Analytics keeps user and event data for 36 months. http://tools.google.com/dlpage/gaoptout?hl=de
We have entered into a Contract Data Processing Agreement with Google and fully comply with all the strict specifications of German data protection authorities when using Google Analytics.
The basis for saving Google Analytics cookies is established in Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its web content and its advertising.
7.2 Google Re-/Marketing Services
Because we have a legitimate interest (in the analysis, optimization and cost-efficient operation of our websites), we use the marketing and remarketing services (“Google Marketing Services”) offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Google Marketing Services enables us to customize advertisements for and on our website more specifically so that users are only shown adverts that potentially correspond to their interests. Showing users adverts for products in which they have shown interest on other websites, is called remarketing. To do this, Google executes a code as soon as our or other websites running Google Marketing Services are loaded and incorporates (re)marketing tags (invisible graphics or code, also known as web beacons) into the website. They help to save an individual cookie, i.e. a small file, on the user’s hardware (comparable technologies can be used instead of cookies). These cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. The file records the websites visited by users, the content they have shown interest in, and the offers they have clicked on, together with technical information about the browser and operating system, referring websites, the time spent on the site and other details about the use of the website. Users’ IP addresses are also recorded, albeit as far as Google Analytics is concerned IP addresses within member states of the European Union or the European Economic Area are abbreviated and only transmitted in their entirety in exceptional cases to a Google server, where they are then abbreviated. IP addresses are not collated with user data relating to other Google products. Google can also link the aforementioned information to such data from other sources. If users switch to other websites, they can then be shown adverts that are tailored to their interests.
Google Marketing Services uses pseudonyms when processing users’ details. This means that Google saves and processes the relevant cookie-related data within pseudonymized user profiles rather than filing a user’s name and e-mail. This means, from Google’s perspective, that the adverts are managed and displayed for a cookie owner rather than a specifically identifiable person, regardless of who the cookie owner is. This does not apply if a user has expressly permitted Google to process their data without pseudonymization. The information about users that Google Marketing Services collects is transmitted to Google and saved on Google servers in the US.
The Google Marketing Services we use include the online advertising program “Google AdWords”. In the case of Google AdWords, every AdWords customer is given a different conversion cookie. As such, cookies cannot be tracked from one AdWords customer’s website to another. The information collected with the aid of the cookie is used to compile conversion statistics for those AdWords customers who have opted for conversion tracking. AdWords customers are notified of the total number of users who clicked on their advert and were taken to a page with a conversion tracking tag. They do not receive any details that would enable personal identification of a user.
We can also use the “Google Tag Manager” to incorporate and manage Google analytics and marketing services on our website.
For more details of how Google uses data for marketing purposes, please refer to: https://www.google.com/policies/technologies/ads. Google’s privacy statement can be found at https://www.google.com/policies/privacy
If you wish to object to advertising that is tailored to your interests by Google Marketing Services, you can amend the settings and opt-out options offered by Google: http://www.google.com/ads/preferences.
7.3 Facebook Pixel and Facebook Remarketing
Because of our legitimate interest in the analysis, optimization and cost-efficient operation of our website, we use Facebook Pixel operated by social network Facebook, which is run by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or – if you are resident in the EU – by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
Facebook Pixel enables Facebook to classify our website visitors into target groups for what are known as Facebook Ads. Accordingly, we use Facebook Pixel to only show our Facebook Ads to those Facebook users who have also shown an interest in our website offerings or who exhibit specific characteristics (also known as Pixel Events and which may include a user’s e-mail, for example). In other words, we use Facebook Pixel to ensure that our Facebook Ads are tailored to the potential interests of users and are not perceived as annoying. With the aid of Facebook Pixel we can, moreover, measure how effective our Facebook advertising is for statistical and market research purposes by tracking whether users who clicked on a Facebook Ad were then taken to our website.
Facebook incorporates Facebook Pixel as soon as our website is loaded, and may save a cookie – a small file – on your hardware. If you then login to Facebook or visit Facebook while logged in, your visit to our website is recorded in your profile. The data collected about you is anonymized, which means we cannot draw any conclusions as to the identity of users. Since Facebook does, however, save and process the data, linking to the relevant user profile is possible. If we are required to provide Facebook with data for cross checking, the information is first encrypted locally and then sent to Facebook via secure https connection. The sole purpose of this operation is to cross check the data that is equally encrypted by Facebook.
If we are required to provide Facebook with data for cross checking, the information is first encrypted locally and then sent to Facebook via secure https connection. The sole purpose of this operation is to cross check the data that is equally encrypted by Facebook.
Facebook processes data in line with its Data Policy. Accordingly, general information about Facebook Ads can be found in Facebook’s Data Policy at: https://www.facebook.com/policy.php. Specific information and details about Facebook Pixel and how it works can be found in Facebook’s Help section: https://www.facebook.com/business/help/651294705016616.
You may object to your data being recorded by Facebook Pixel and used to show Facebook Ads. To do so, load the appropriate Facebook page and follow the instructions for adjusting the settings for user-based advertising: https://www.facebook.com/settings?tab=ads or voice your objection on the US website http://www.aboutads.info/choices/ or its EU counterpart http://www.youronlinechoices.com/. The settings are not platform-specific and will be adopted for all hardware – desktops and mobile appliances alike.
Because we have a legitimate interest (in the analysis, optimization and cost-efficient operation of our websites), we use third-party content and service offerings to incorporate their content and services – such as videos or fonts (“Content”) on our website. This can only happen if the third-party providers of this Content can register users’ IP addresses as they cannot send Content to a browser without an IP address. As such, the IP address is needed to enable visualization of this Content. We strive to only use Content from providers who only use the IP address for providing the Content. Third-party providers can, moreover, use pixel tags (invisible graphics, also known as web beacons) for statistical or marketing purposes. Pixel tags enable analysis of information such as hits and traffic on the pages of this website. The pseudonymized information can, moreover, be saved in cookies on users’ hardware, and can include technical information about the browser and operating system, referring websites, the time spent on the site and other details about the use of the website, and can also be combined with such information from other sources.
Below is a summary list of third-party providers and their Content, together with links to their privacy statements containing further information about data processing and, in some cases, how to opt out:
– Maps provided by the “Google Maps” service offered by third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://www.google.com/settings/ads/.
– External code used by Google search interface (Google AJAX Search API), offered by third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://www.google.com/settings/ads/.
8. SOCIAL MEDIA
Our web pages contain plug ins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. You can identify the Facebook plug ins by means of the Facebook logo or the “Like Button“ on our page. You will find a list of the Facebook plug ins here: http://developers.facebook.com/doc/plugins/
If you visit our web pages the plug in constructs a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our website with your IP address. If you click on the Facebook “Like Button“ while being logged into your Facebook account, you can link the contents of our pages to your Facebook profile. Thereby, Facebook can assign your visit of our website to your user account. We would like to point out that we as the provider of these pages have no knowledge of the contents of the information transferred or how Facebook uses it.
If you do not wish that Facebook assigns your visit of our website to your Facebook user account, please log out from your Facebook account beforehand or use this http://webgraph.com/resources/facebookblocker/.
On our websites functions of the service Google +1 are integrated. These functions are provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Collection and forwarding of information: By using the Google +1 button you may publish information worldwide. Via the Google +1 button you and other users receive person-related contents from Google and our partners. Google stores the information that you have rated certain contents +1 as well as information about the website that you visited the moment you clicked the +1 button. Your +1 preferences may be published or displayed together with your profile name and your picture at Google services, such as search results, your Google profile or in other places on certain websites. Google records information about your +1 activities in order to improve Google services for you and other users. To be able to use the Google +1 button you need a globally visible, public Google profile which must contain at least the user name chosen for this profile. This name will be used for all Google services. In some cases this name may be replaced by another name you used already when sharing contents via your Google account. The ID of your Google account can be displayed to users who know your e-mail address or are in possess of any other information identifying you. Use of collected information: Besides the above mentioned purposes, the personal details provided are treated according to the current Google data protection regulations. Google may publish summarized statistics about +1 activities of users or pass those statistics on to other users and contractual partners like publishers, advertisers or linked websites.
This website contains social plugins of the social network YouTube, operated by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
By visiting one of our websites that contain such a plugin, your browser will set up a direct connection with the YouTube servers. By linking the plugin, YouTube receives the information that you have visited the corresponding page of our website. If you are logged in to your YouTube account, YouTube can associate your visit to your personal account. You can prevent this by logging out of your YouTube account. Please find more detailed information on YouTube data sharing and data privacy at http://www.google.de/intl/de/policies/privacy
8.6 Social Media Plugins
The operator uses so-called social media plugins (social network interfaces) on the website. When a user visits our website, the system automatically connects to the respective social network through integration of the plugins, and forwards personal details (IP address, website visit, etc.).
The data transfer takes place without any involvement of the operator and is outside of the responsibility of the operator. The user can prevent this kind of data transfer by logging out of the respective social network before visiting our website. Social networks can only assign specific data to the user's activities profile through automatic data transfer when the user is logged in.
Automatically transferred data is used exclusively by the social network providers, not by the operator himself. Further information, including information on the content of data collected by social networks, can be found on the website of the respective social network, where the privacy settings can be changed and adjusted.
The following social networks are integrated into our website:
Facebook Inc., 1601 S California Ave, Palo Alto, CA, 94304, USA
More details at https://www.facebook.com/policy.php
Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA
More details at https://twitter.com/privacy?lang=en
Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA
More details at http://www.google.com/intl/en_ALL/policies/terms/
Instagram, LLC Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA
More details at https://help.instagram.com/155833707900388
On our website, we use a reference (link) to the WhatsApp news service operated exclusively by WhatsApp Inc., 1601 Willow Road, Menlo Park, California 94025, USA. The reference is indicated by the WhatsApp logo and allows sharing a blog article as a personal message via WhatsApp using a mobile phone. When the WhatsApp logo is clicked, the browser connects directly to the WhatsApp servers.
If you use the WhatsApp button, the operator of WhatsApp will know what content is being shared and that the Share button has been used on our website.
9. General information
Please feel free to write us an e-mail or letter if you have any other queries about data protection at LÄSSIG, if you have any suggestions, which we would welcome, or if you require information about your data, or the rectification or erasure of the same:
Data Protection Officer for LÄSSIG GmbH
Im Riemen 32
9.1 . California Online Privacy Protection Act
According to CalOPPA we agree to the following:
Users can visit our site anonymously
Users are able to change their personal information:
• By logging in to their account
• By chatting with us or sending us a ticket
On May 12, 1998 the Regional Court Hamburg held that by establishing a link the contents of the linked website may possibly be regarded as a shared responsibility. This may – according to the Regional Court – only be averted by an explicit dissociation of these contents.
The available links on this website leading to other hosts were established to the best of our knowledge and belief. In the process, close attention was paid to the trustworthiness of the respective hosts. A case-by-case review of all of the contents is not carried out. Lässig GmbH therefore explicitly dissociates itself from the entire contents of all linked websites and does not adopt the contents of others. Lässig GmbH asks all users to immediately inform the company about any illegal contents on the linked websites.
You are downloading any programs at your own risk. Lässig GmbH assumes no liability for any damages that might be caused by downloading or installing files (including files from external sites). By saving files you yourself become solely responsible for the correct handling of these files. Lässig GmbH points out that although it scans for viruses, the occurrence of computer viruses cannot be fully excluded. Lässig GmbH does not assume any liability for misperformances of the internet, damage by third parties, imported data of all sorts (viruses, worms, makroviruses, Trojan horses) as well as links from and to other websites. Lässig GmbH recommends the use of the latest software to all users.
On no account is Lässig GmbH liable towards you for any direct, indirect, specific or other consequential damages resulting from the use of this website or one of the sites linked to it, including the download of files. Any liability for lost profits, interruption of business operations, loss of programs or other data in your information systems is also excluded.
Lässig GmbH as operator of the website assumes no liability for that the information provided is up to date, correct and/or complete or has a certain quality. Any claims for liability towards Lässig GmbH pertaining to material and non-material damages resulting from the use or non-use of the information provided or caused by the use of incorrect or incomplete information are strictly excluded.
All offers are subject to alteration and non-binding. Lässig GmbH explicitly reserves the right to change, amend, delete or to temporarily or permanently terminate parts of the website or the entire offer without prior notice.
All of the exclusions of liability above do not apply, if and as far as (a) we acted intentionally or with gross negligence , (b) the liability is based on a breach of a duty, whose compliance is essential for the use of the website and whose compliance the user may regularly confide in, (c) there is a damage in body, life or health, (d) the liability results out of the German Product Liability Act (ProdHG), or (d) we accepted a guarantee.
We hope that this information is of service to you. If you have any questions, please send us an email to email@example.com