Privacy Policy of Mister Sandman GmbH

1. Name and contact details of the data controller and the company data protection officer

 

This data protection information applies to the data processing by

(Responsible): Ahmed Kilany

Mister Sandman GmbH
Ball width 30
33154 Salzkotten
Email: info@mister-sandman.de
Phone: +4952589259000

The company data protection officer of Mister Sandman GmbH can be reached at the above address or at ahmed@mister-sandman.de.

 

2. Collection and storage of personal data as well as the type and purpose of their use

2.a) When visiting the website

When accessing our website www.mister-sandman.de, information is automatically sent to the server of our website by the browser used on your device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

• IP address of the requesting computer,
• date and time of access,
• name and URL of the retrieved file,
• Website from which access is made (referrer URL),
• browser used and possibly the operating system of your computer as well as the name of your access provider.

The mentioned data will be processed by us for the following purposes:

• ensuring a smooth connection establishment of the website,
• ensuring a comfortable use of our website,
• Evaluation of system security and stability as well as
• for further administrative purposes.

The legal basis for data processing is Art. 6 paragraph 1 sentence 1 lit. f) GDPR. Our legitimate interest arises from the purposes listed above for data collection. In no case do we use the collected data to draw conclusions about your person.

All stored data will be deleted a maximum of 7 days after collection.

In addition, we use cookies and analytics services when visiting our website. You can find further explanations in sections 4 and 5 of this privacy policy.

 

2.b) When ordering via guest access

If you would like to order our products through our website, we collect the following information:

• Salutation,
• first name, last name,
• a valid email address as well as
• the address

The collection and further processing of this data is carried out,

• to be able to identify you as our contractual partner;
• to check the entered data for plausibility;
• for the processing of your order.

The data processing is carried out at your request and is necessary according to Art. 6 paragraph 1 sentence 1 lit. b) GDPR for the mentioned purposes for the fulfillment of your order with us and for pre-contractual measures.

In addition, you may voluntarily provide additional data. This data processing is carried out based on our legitimate economic interest according to Art. 6 paragraph 1 sentence 1 lit. f) GDPR for the purpose of ensuring a smooth and easy processing of your order and the efficient handling of any inquiries.

• Company,
• Title,
• Phone number,
• Fax number and
• an alternative delivery address.

The personal data collected by us for the order will be stored until the expiration of the statutory warranty period and then automatically deleted, unless we are obliged to store it longer due to tax and commercial law retention and documentation obligations (from HGB, StGB or AO) according to Article 6 paragraph 1 sentence 1 lit. c) GDPR or you have consented to a longer storage according to Art. 6 paragraph 1 sentence 1 lit. a) GDPR.

 

2.c) When setting up a user account

You have the option to set up a password-protected user account with us, in which we store your personal data. This is intended to provide you with the greatest possible comfort in processing your orders through easier, faster, and more personalized purchasing. We only store your personal data in a user account if you have voluntarily given us your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

Creating a user account is not required for using our site or for orders you wish to place with us. We offer you the option to place your order as a guest (see item 2.b) above). In this case, however, you must re-enter your data completely for each order.

If you would like to set up a password-protected user account with us, we need the following information from you:

• first name, last name,
• address as well as
• a valid email address.

Additionally, you must provide a self-chosen password for the creation of a user account. Together with your email address, this allows access to your user account. In your user account, you can view and change the data stored about you at any time.

For quicker clarification of any questions, you can voluntarily provide your phone or fax number.

If you have expressly consented to the dispatch of our newsletter, we will use this data to tailor the newsletter to your interests.

After deleting your user account, your data will be automatically deleted for further use, unless we are obliged to store it longer due to tax and commercial law retention and documentation obligations (from HGB, StGB or AO) according to Article 6 paragraph 1 sentence 1 lit. c) GDPR or you have consented to further storage in accordance with Art. 6 paragraph 1 sentence 1 lit. a) GDPR.

 

2.d) 0When signing up for our newsletter

If you have expressly consented in accordance with Art. 6 paragraph 1 sentence 1 lit. a) GDPR, we will use your email address to regularly send you our personalized newsletter. Providing an email address is sufficient for receiving the newsletter, along with information that allows us to verify that you are the owner of the provided email address or that the owner agrees to receive the newsletter. No further data will be collected.

Unsubscribing is possible at any time, e.g. via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request at any time to info@mister-sandman.de send by email.

The email address along with the identifying information will be stored until you unsubscribe.

 

2.e) When using our contact form

If you have any questions, we offer you the opportunity to contact us via a form provided on the website. In this case, providing your name and a valid email address is required so that we know who the request is from and can respond to it. Further information can be provided voluntarily.

The data processing for the purpose of contacting us is carried out in accordance with Art. 6 paragraph 1 sentence 1 lit. a) GDPR based on your voluntarily given consent.

The personal data collected by us for the use of the contact form will be automatically deleted after the request you made has been completed.

 

3. Data Sharing

Under no circumstances will the collected data be sold or – except in cases where you have expressly given us consent – shared with third parties for other reasons.

If we transmit the collected data to third parties based on your consent, this also occurs for the purpose of carrying out pre-contractual measures and for contract fulfillment (e.g. for shipping, invoicing, or customer service) in accordance with Art. 6 paragraph 1 sentence 1 lit. b) GDPR or when this is necessary to fulfill a legal obligation in accordance with Art. 6 paragraph 1 sentence 1 lit. c) GDPR. Finally, we will process this data – within the limits of what is legally permissible – possibly also for the purpose of enforcing claims in accordance with Art. 6 paragraph 1 sentence 1 lit. b) and/or f) GDPR to third parties (e.g. collection agencies).

 

4. Cookies

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any harm to your device, do not contain viruses, trojans, or other malware.

The cookie stores information that arises in connection with the specific device used. However, this does not mean that we gain direct knowledge of your identity.

The use of cookies serves to make the use of our services more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages of our website, that you have already logged into your user account, or for the display of the shopping cart. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a specific defined period. When you visit our site again to use our services, it is automatically recognized that you have already been with us and which inputs and settings you have made, so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offerings for you (see section 5 below). These cookies allow us to automatically recognize during a subsequent visit to our site that you have already been with us. These cookies are automatically deleted after a defined period of time.

The data processed by cookies are necessary for the aforementioned purposes to safeguard our legitimate interests as well as those of third parties according to Art. 6 paragraph 1 sentence 1 lit. f) GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or that a notice always appears before a new cookie is created. However, completely disabling cookies may result in you being unable to use all the features of our website.

 

5. Analysis tools and tracking tools

The tracking measures listed below and employed by us are carried out on the basis of Art. 6 paragraph 1 sentence 1 lit. f) GDPR. With the tracking measures used, we aim to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offerings for you. These interests are to be regarded as legitimate in the sense of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

 

5.a) Google Analytics

For the purpose of tailored design and continuous optimization of our pages, we use Google Analytics, a web analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymized usage profiles are created and cookies (see section 4 above) are used. The information generated by the cookie about your use of this website such as

• browser type/version,
• operating system used,
• referrer URL (the previously visited page),
• hostname of the accessing computer (IP address),
• time of the server request,

are transmitted to a server of Google in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activities, and to provide further services related to website usage and internet usage for the purposes of market research and tailored design of these internet pages. These information may also be transmitted to third parties, provided this is legally required or to the extent that third parties process this data on our behalf. In no case will your IP address be combined with other data from Google. The IP addresses are anonymized, so that assignment is not possible (IP masking).

You can prevent the installation of cookies by adjusting the settings of your browser software; however, we point out that in this case not all functions of this website may be fully utilized.

In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on.

Alternatively to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set that prevents the future collection of your data when visiting this website. The opt-out cookie is valid only in this browser and only for our website and will be stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help.

 

5.b) Google Adsense

Our websites use Google AdSense, a service for embedding advertisements from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google AdSense uses so-called "cookies", i.e., text files that are stored on the users' computers and allow an analysis of the use of the website. Google AdSense also uses so-called web beacons (invisible graphics). Through these web beacons, information such as visitor traffic (clicks) on the pages of this offer can be evaluated.

The information generated by cookies and web beacons about the use of this website (including the users' IP address) and the delivery of advertising formats is transmitted to a server of Google in the USA and stored there. This information may be passed on by Google to Google partners. However, Google will never combine your IP address with other data stored by you.

As a user, you can prevent the mentioned cookies from being stored on their computer by preventing the installation of cookies through a corresponding setting of your browser software; however, we would like to point out that in this case you may not be able to use all features of this offer to their full extent. In no case will your IP address be combined with other data from Google. The IP addresses are anonymized, so that an assignment is not possible (IP masking).

 

5.c) Mouseflow

To continuously make our pages more user-friendly, we use the service mouseflow from Mouseflow ApS (Flaesketorvet 68, 1711 Copenhagen, Denmark / Mouseflow Germany: Neuer Wall 63, 20354 Hamburg, Germany) for random recordings of mouse movements and the creation of heatmaps on product and category pages. The recording is done anonymously, and all pages that request personal data, such as the checkout, are excluded from the analysis. Click on the following link to disable mouseflow for your browser by setting a cookie: Disable Mouseflow.

6. Social Media Plug-ins

We use social plugins from the social networks Facebook, Twitter, and Instagram on our websites to make our company better known. The integration of these plugins by us is done via a hyperlink presented as a button, to best protect visitors to our website.

In this solution, no direct contact is established from the user's browser to the servers of the providers via the plugins. By clicking on the respective plugin, the user is redirected to the provider's website. We have no influence on the processing of personal data on third-party websites.

 

6.a) Facebook

Our website uses social media plugins from Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, Europe (hereinafter: "Facebook") to make their use more personal. For this purpose, we use a share button.

When you access a page of our website, no connection is established with Facebook's servers. If you click on the corresponding button, you will be redirected to a Facebook website. There, you can share our content by clicking again. We have no influence on the processing of personal data on third-party websites.

By accessing the Facebook website, Facebook receives the information that your browser has accessed the corresponding page, even if you do not have a Facebook account or are not currently logged into Facebook. This information (including your IP address) is transmitted directly from your browser to a server of Facebook in the USA and stored there. Facebook observes the privacy regulations of the "US-Privacy-Shield" and is registered in the "US-Privacy Shield" program of the US Department of Commerce.

If you are logged into Facebook and interact with the plugins on the Facebook website, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a server of Facebook and stored there. The information is also published on Facebook and displayed to your Facebook friends.

Facebook may use this information for advertising purposes, market research, and tailored design of Facebook pages. For this purpose, Facebook creates usage, interest, and relationship profiles, e.g., to evaluate your use of our website in relation to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website, and to provide further services related to the use of Facebook.

Please refer to the privacy policy of Facebook for the purpose and scope of data collection and the further processing and use of the data by Facebook, as well as your related rights and options for protecting your privacy.

 

6.b) Twitter

On our websites, plugins from the short message network of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter: "Twitter") are integrated. You can recognize the Twitter plugins (Tweet button) by the Twitter logo on our page (white bird on light blue background).

When you access a page of our website, no connection is established with Twitter's servers. If you click the corresponding button, you will be redirected to a Twitter website. There, you can share our content by clicking again. We have no influence on the processing of personal data on third-party websites.

By visiting the Twitter website, Twitter receives the information that you have visited their page with your IP address and additional log data. This log data includes browser type, operating system, information about the previously visited website and the pages you accessed, location, your mobile provider, device information (including device ID and application ID), search terms, and cookie information.

This information is transmitted directly from your browser to a server of Twitter in the USA and stored there. Twitter adheres to the privacy regulations of the "US Privacy Shield" and is registered with the "US Privacy Shield" program of the US Department of Commerce.

Twitter uses the collected personal data to serve you personalized advertising and measure its success. Twitter employs a method called cross-device tracking for this purpose. With this, Twitter can personalize content across devices. You can adjust settings for your currently used device while it is logged out of Twitter here.

If you click the Twitter "Tweet Button" while logged into your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to associate the content of our pages with your user account.
You can find more information about this in the privacy policy of Twitter.

 

6.c) Instagram

Within our online offering, functions and content from the service of Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, (hereinafter: "Instagram") may be integrated. This may include, for example, content such as images, videos, or texts and buttons with which users can express their liking regarding the content, subscribe to the authors of the content, or our posts. If the users are members of the Instagram platform, Instagram can assign the access to the aforementioned content and functions to the users' profiles there.

Further information can be found in Instagram's privacy policy: http://instagram.com/about/legal/privacy/.

 

7. Rights of the data subjects

You have the right:

• to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned storage duration, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if it was not collected from you, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
• to request the immediate correction of inaccurate or completion of your personal data stored with us in accordance with Art. 16 GDPR;
• to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the assertion, exercise, or defense of legal claims;
• according to Art. 18 GDPR to request the restriction of the processing of your personal data, as far as the accuracy of the data is contested by you, the processing is unlawful, but you refuse its deletion and we no longer need the data, but you need it for the assertion, exercise, or defense of legal claims, or you have lodged an objection to the processing according to Art. 21 GDPR;
• according to Art. 20 GDPR to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transfer to another controller;
• according to Art. 7 para. 3 GDPR to revoke your consent given to us at any time. This means that we may no longer continue the data processing based on this consent in the future and
• according to Art. 77 GDPR to lodge a complaint with a supervisory authority. In general, you can contact the supervisory authority of your usual place of residence or workplace or our company's registered office for this purpose:

 

8. Right of objection

If your personal data is processed based on legitimate interests according to Art. 6 paragraph 1 sentence 1 lit. f) GDPR, you have the right to object to the processing of your personal data according to Art. 21 paragraph 2 GDPR, provided there are reasons arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without the need to specify a particular situation.

If you wish to exercise your right of withdrawal or objection, an email to info@mister-sandman.de

 

9. Data security

We use the common SSL procedure (Secure Socket Layer) during your visit to the website in conjunction with the highest level of encryption supported by your browser. Typically, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will instead use 128-bit v3 technology. You can recognize whether a specific page of our website is transmitted encrypted by the closed representation of the key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in accordance with technological developments.

 

10. Currentness and amendment of this privacy policy

This privacy policy is currently valid and has the status of May 2018.

Due to the further development of our website and offers or due to changed legal or regulatory requirements, it may be necessary to change this privacy policy. The current privacy policy can be accessed at any time on the website under https://www.mister-sandman.de/pages/datenschutzbestimmungen-der-mister-sandman-gmbh retrieved and printed by you.