§ 1 SCOPE OF APPLICABILITY
(1) Data is protected within the scope of the statutory provisions. With this Data Protection Declaration, we would like to inform you of the type, scope and purpose of the collection and use of personal data, as well as about the extent to which third parties have access to this data. In § 2 of this Data Protection Declaration, we have described in closer detail what is meant by personal data. Any and all personal data is handled by us with the utmost care. We have taken every necessary step to ensure the security of this data. This Data Protection Declaration serves as a supplement to our General Terms and Conditions of Business. Should you have any questions regarding this document, please feel free to contact us using the above-mentioned contact information.
(2) The legal basis of data protection can be found in particular in the General Data Protection Regulation (VO (EU) 2016/679; GDPR) and also in the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).
§ 2 PERSONAL DATA
(1) Personal data constitutes, in accordance with Article 4 (1) of the General Data Protection Regulation (EU) 2016/679, all information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); a natural person is considered to be identifiable, directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics expressing the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified.
(2) Personal data will only be processed (collected, used and passed on) by us if this is permitted by law and you have given your consent.
§ 3 ACCESS DATA / SERVER LOG FILES
(1) Whenever a page is accessed on the internet, access data is stored in a server log file. This also applies whenever the website of our online shop is accessed. The data stored in this regard by us includes the following information: your IP address (via which your computer can clearly identified), the name of the remote host (name and IP address of the computer that requests the website), date and time of your visit to our website, the status, the volume of data transmitted, the internet site from which you accessed the requested page (referrer), the product and version information of the browser used (user agent) as well as the name of your operating system.
(2) We use the log files only for statistical evaluations for operational and security-related purposes, as well as for the optimization of our offer. We do, however, reserve the right to check the log data at a later time if, based on specific indications, unlawful use is justifiably suspected.
§ 4 WHEN CONTACTING US
If you contact us via the contact form or e-mail, your data will be stored in order to process the enquiry as well as for the eventuality of any follow-up questions.
§ 5 NEWSLETTER/ REGISTRATION
(1) In order to receive information on our offers, you have the opportunity to subscribe to our e-mail newsletter.
(2) In order that you may receive our newsletter, we require your e-mail address as well as information which allows us to verify that you are the actual owner of the e-mail address provided and/or that the owner of the e-mail address agrees to the receipt of our newsletter. The data collected can be seen in the input mask within the scope of the registration. Additional information will not be collected. This data will, of course, only be used for the dispatch of the newsletter and not be forwarded to third parties.
(3) When you register yourself for the receipt of a newsletter, we also store your IP address and the date of registration. This storage of data solely serves verification purposes in the event that a third party misuses an e-mail address and registers itself for the receipt of the newsletter without the knowledge of the legitimate party.
(4) You may, of course, revoke your consent to the storage of your data, e-mail address as well as the use thereof for the dispatch of our newsletter at any time at www.royalfern.com. The revocation may be effected via a link in the newsletter itself, in your profile area, via e-mail to email@example.com, or via a letter by post to the above-mentioned address.
§ 6 LINKS TO THIRD-PARTY CONTENT
Our website will, on occasion, include links to third-party content. In order for the content of these third-party providers to be fully displayed on your browser, these third-party providers have to send the said content to your IP address. As such, the third-party providers require your IP address in order to allow for the display of the content. We make every effort to include links only to content whose respective providers use the IP address exclusively for the delivery of the content. However, we have no influence on whether the third-party providers store the IP address for statistical purposes, for example. To the extent that we become aware of this, we will inform you accordingly.
§ 7 COOKIES
§ 8 PURPOSE OF DATA STORAGE
The purpose of the collection, storage, processing and use of the data is solely to allow for, maintain and further develop our online shop. Within the scope of further development, anonymous statistics on the utilization of the services in particular will be used. Movement profiles of individual users on the website will not be compiled. The data will not be used for other purposes.
§ 9 NO FORWARDING OF DATA TO THIRD PARTIES
We will not forward your personal data to third parties, unless you have expressly declared your prior consent thereto, or there is a legal obligation to forward the data. In the event of payment processing, the data will be forwarded to the payment-services provider for the execution of the payment transaction to the extent that you do not transmit the data directly to the payment-services provider in question. Should you transmit your payment data directly to a payment-services provider, we will simply be informed as to whether the transaction pertaining to a specific transaction number has been executed. We will not receive your account details in this case. In the event of an infringement of third-party rights (in particular copyrights, trademark rights, name rights and other symbols) by you, your data will be forwarded to the rights holder only if the rights holder conclusively demonstrates his claims to us and the forwarding of the data is legally permissible.
§ 10 DATA SECURITY
We have taken security measures in order to protect your data from loss, alteration or misuse. To this end, we use continuously updated industry-standard firewalls as well as other security systems. At the same time, we would like to take this opportunity to emphasize that, due to the constant emergence of new viruses and other means of attack, complete protection cannot be ensured.
Security is of utmost importance when capturing online payments. Therefore, we collaborate with one of the leading Payment Service Providers in Europe, Sage Pay. Details of your transaction are encrypted with a 128-Bit-SSL-Certificate to provide best protection. Sage Pay’s servers are secured by 256-Bit-Encryption standards. Additionally, Sage Pay holds a Level 1 Certificate that guarantees conformity to PCI DSS data security standard invoked by the payment industry. Additional information can be found on Sage Pay’s website.
§ 11 RIGHT TO INFORMATION, CORRECTION AND DELETION
You have the right to receive, upon request and at no additional charge, information on the personal data stored about you. In addition, you are entitled to the correction of incorrect data, as well as to the blocking and deletion of your personal data to the extent that this is not precluded by legal obligations to preserve such data. Please note that even deleted data may continue to be accessible due to caching systems, search engines, the interconnection of proxy servers and the similar even though the said data is no longer available in our systems.
§ 12 CONTACT
We set great store by your trust in us; as such we would like to answer any questions you may have with respect to the processing of personal data. Should you have any enquiries which this Data Protection Declaration does not answer or if more detailed information is required with respect to a certain point, please feel free to contact us at any time. You can contact us here: