Responsible for data processing is:
HIGHDERM GmbH
Max-Ernst-Str. 13
50354 Hürth
Germany

hallo@highderm.de

Thank you for your interest in our online shop. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.

1. access data and hosting

You can visit our websites without providing any personal information. Each time a website is accessed, the web server only automatically saves a so-called server log file, which contains the name of the requested file, your IP address, date and time of access, transferred data volume and the requesting provider (access data) and documents the access.

This access data is evaluated exclusively for the purpose of ensuring trouble-free operation of the site and improving our services. Pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, this serves to safeguard our predominantly legitimate interests in a correct presentation of our offer as part of a balancing of interests. All access data will be deleted at the latest seven days after the end of your page visit.

Hosting Services by a Third Party Provider
As part of processing on our behalf, a third party provider provides us with the hosting and display services for the Website. All data collected in the course of using this website or in forms provided for this purpose in the online shop as described below are processed on its servers. Processing on other servers only takes place within the framework described here.

This service provider is located within a country of the European Union or the European Economic Area.

2. collection and use of data for the purpose of processing contracts, establishing contact and opening a customer account

We collect personal data when you voluntarily provide us with it in connection with your order or when contacting us (e.g. via contact form or e-mail). Mandatory fields are marked as such, because in these cases we need the data to process the contract or to process your contact and you cannot send the order or contact without their information. Which data is collected can be seen from the respective input forms. We use the data provided by you pursuant to Art. 6 Para. 1 S. 1 lit. b DSGVO to process contracts and your enquiries.
If you have given your consent to this in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO by deciding to open a customer account, we will use your data for the purpose of opening a customer account.
After complete completion of the contract or deletion of your customer account, your data will be restricted for further processing and deleted at the end of the tax and commercial retention periods, unless you have expressly consented to further use of your data or we reserve the right to use more data, which is permitted by law and about which we inform you in this statement. The deletion of your customer account is possible at any time and can take place either by a message to the contact possibility described below or over a function intended for it in the customer account.

3. data transfer

In order to fulfil the contract pursuant to Art. 6 Para. 1 S. 1 lit. b DSGVO, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we will pass on the payment data collected for this purpose to the credit institution and payment service provider commissioned by us or to the selected payment service in order to process payments. In some cases, the selected payment service providers also collect this data themselves if you create an account there. In this case, you must register with the payment service provider using your access data during the ordering process. In this respect, the data protection declaration of the respective payment service provider shall apply.

We also use an external merchandise management system for order and contract processing. The data transfer or processing taking place in this respect is based on order processing.

4. e-mail newsletter and postal advertising


If you subscribe to our newsletter, we will use the data required for this purpose or provided separately by you in order to send you our e-mail newsletter regularly on the basis of your consent pursuant to Art. 6 Para. 1 S. 1 lit. a DSGVO.

You can unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or by using a link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address from the list of recipients, unless you have expressly consented to further use of your data or we reserve the right to use your data for other purposes that are permitted by law and about which we inform you in this declaration.

The newsletter is sent as part of a processing on our behalf by a service provider to whom we forward your e-mail address for this purpose.

This service provider is based in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

In
addition, we reserve the right to use your first and last name as well as your postal address for our own advertising purposes, e.g. to send you interesting offers and information about our products by post. This serves to safeguard our predominantly legitimate interests in advertising to our customers in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO within the scope of a weighing of interests.

5. integration of the Trusted Shop Trustbadge

The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops seal of approval and the possibly collected evaluations as well as to offer the Trusted Shops products to buyers after an order.

This serves to safeguard our predominantly legitimate interests in optimal marketing within the framework of a balancing of interests by enabling secure purchasing in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO. The Trustbadge and the services applied for thereby are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne. The trust badge is provided by a CDN provider (Content-Delivery-Network) as part of order processing. Trusted Shops GmbH also uses service providers from the USA. An adequate level of data protection is ensured. You can find further information on data protection at Trusted Shops GmbH here.

When the trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data is stored in a security database for the analysis of security vulnerabilities. The log files are automatically deleted 90 days after creation at the latest.

Further personal data are transferred to the Trusted Shops GmbH if you decide after conclusion of an order for the use of Trusted Shops products or have already registered for the use. The contractual agreement between you and Trusted Shops applies. For this an automatic collection of personal data from the order data takes place. Whether you as a buyer are already registered for a product use is automatically checked using a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted to this hash value, which cannot be decrypted for Trusted Shops, before transmission. After checking for a match, the parameter is automatically deleted.

This is necessary for the fulfilment of our and Trusted Shops' predominantly legitimate interests in the provision of the buyer protection linked to the specific order and the transactional valuation services in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO. Further details, including objections, can be found in the Trusted Shops data protection declaration linked above and in the Trustbadge.

6. cookies and web analysis

In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages, provided that you have given your consent to do so in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO.

Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser the next time you visit us (persistent cookies). You can see the duration of storage in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. If cookies are not accepted, the functionality of our website may be limited. Every browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for each browser under the following links:

Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

Furthermore, you can revoke your consent at any time by sending a message to the contact option described in the data protection declaration.

DoubleClick cookie
If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO, this website also uses the so-called DoubleClick cookie for advertising purposes within the scope of the application of Google Analytics (see below), which enables your browser to be recognised when visiting other websites. The information automatically generated by the cookie about your visit to this website is usually transferred to a Google server in the USA and stored there. The IP address is shortened by activating IP anonymisation on this website before transmission within the member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The anonymised IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google. Google will use this information to compile reports on website activity and to provide other services associated with website use. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. The data collected in this context will be deleted after the end of the purpose and use of Google DoubleClick by us.

Google Double Click is an offer by Google Ireland Limited, a company registered and regulated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. (www.google.de). Insofar as information is transferred to and stored on Google servers in the USA, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. On the basis of this agreement between the USA and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield.

You can revoke your consent at any time with effect for the future by deactivating the DoubleClick cookie via this link. You can also contact the Digital Advertising Alliance to learn more about the use of cookies and to adjust your settings. Finally, you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or generally. If cookies are not accepted, the functionality of our website may be limited.

Use of Google (Universal) Analytics for web analysis
Insofar as you have given your consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO, this website uses Google (Universal) Analytics for the purpose of website analysis. The web analysis service is an offer of Google Ireland Limited, a company registered and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. (www.google.de). Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website is usually transferred to a Google server in the USA and stored there. By activating IP anonymisation on this website, the IP address is shortened before transmission within the member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The anonymised IP address transmitted by your browser within the framework of Google Analytics is not combined with other Google data. The data collected in this context will be deleted after the end of the purpose and use of Google Analytics by us.

Where information is transmitted to and stored by Google on servers located in the United States, the U.S. company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

You can revoke your consent at any time with effect for the future by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de. This prevents the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google.

As an alternative to the browser plugin, you can click <a href=““javascript:gaOptout()““>this link</a> to prevent Google Analytics from recording data on this website in the future. In doing so, an opt-out cookie will be stored on your end device. If you delete your cookies, you will be asked again to give your consent.

Insofar as you have given your consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO, this website also uses Google Signals. This is an extension function of Google Analytics, which enables so-called "cross-device tracking". This means that if your Internet-enabled devices are linked to your Google account, Google can generate reports on usage behaviour (in particular the number of users across devices), even if you change your device. Google uses data for this purpose, provided that you have activated the "personalised advertising" setting in your Google Account.
We do not process personal data in this respect, we only receive statistics based on Google Signals.
You can revoke your consent at any time with effect for the future by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de . This prevents the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google. Furthermore, you can deactivate the setting "personalized advertising" in your Google account. Details can be found here.

7. online marketing

Google Ads Remarketing
Through Google Ads we promote this website in Google search results and on third party websites. If you have given us your consent in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO, the so-called remarketing cookie is set by Google when you visit our website, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you have visited. After the discontinuation of the purpose and the end of the use of Google Ads Remarketing by us, the data collected in this context will be deleted.
Any further data processing will only take place if you have agreed with Google that your web and app browsing history will be linked by Google to your Google account and information from your Google account will be used to personalize ads you see on the web. In this case, if you are logged in to Google while visiting our website, Google will use your information along with Google Analytics data to create and define target audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to form target groups.
Google Ads is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, with registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de). Insofar as information is transferred to and stored on Google servers in the USA, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. On the basis of this agreement between the USA and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield.
You can revoke your consent at any time with effect for the future by deactivating the remarketing cookie via this link. In addition, you can obtain information from the Digital Advertising Alliance about the setting of cookies and make settings for this.

Google reCAPTCHA
To protect against misuse of our web forms and spam, we use the Google reCAPTCHA service on some forms on this website. Google reCAPTCHA is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. (www.google.de). By verifying a manual entry, this service prevents automated software (so-called bots) from carrying out abusive activities on the website. In accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO, this serves to protect our legitimate interests in protecting our website from misuse and in ensuring that our online presence is displayed without disruption.

Google reCAPTCHA uses a code embedded in the website, a so-called JavaScript, to check methods that enable an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website including your IP address is usually transferred to a Google server in the USA and stored there. In addition, other cookies stored by Google services in your browser are evaluated by Google reCAPTCHA.
A readout or storage of personal data from the input fields of the respective form does not take place.

Where information is transmitted to and stored by Google on servers located in the United States, the U.S. company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

You can prevent the collection of data generated by the JavaScript or the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by preventing the execution of JavaScript or the setting of cookies in your browser settings. Please note that this may limit the functionality of our website for your use.

More information about Google's privacy policy can be found here.

Google Fonts
On this website the script code "Google Fonts" is integrated. Google Fonts is an offer of Google Ireland Limited, a company incorporated and operated under the laws of Ireland with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. (www.google.de). This serves to safeguard our legitimate interests, which outweigh our own in the context of a balancing of interests, in a uniform presentation of the content on our website in accordance with Art. 6 para. 1 lit. f) DSGVO. Within this framework, a connection is established between the browser you use and the Google servers. This enables Google to know that our website has been accessed via your IP address.
Insofar as information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. On the basis of this agreement between the USA and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield. Further information about data processing by Google can be found in Google's privacy policy.

8. social media

Our online presence on Facebook, Instagram

Our presence on social networks and platforms serves to improve active communication with our customers and interested parties. There we inform about our products and current special offers.
When you visit our online presence in social media, your data may be automatically collected and stored for market research and advertising purposes. So-called user profiles are created from this data using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. For this purpose, cookies are usually used on your end device. The visitor behaviour and interests of the users are stored in these cookies. This serves according to Art. 6 Para. 1 lit. f. DSGVO, this serves to safeguard our legitimate interests, which predominate in the context of weighing up interests, in an optimised presentation of our offer and effective communication with customers and interested parties. If you are asked by the respective social media platform operators for consent (permission) to data processing, e.g. with the help of a checkbox, the legal basis for data processing is Art. 6 para. 1 lit. a DSGVO.
As far as the aforementioned social media platforms have their headquarters in the USA, the following applies: The European Commission has issued an adequacy finding for the USA. This goes back to the EU-US Privacy Shield. A current certificate for the respective company can be viewed here.
For detailed information on the processing and use of data by the providers on their websites, as well as a contact option and your rights and settings options for the protection of your privacy, in particular the option to object (opt-out), please refer to the providers' data protection notices linked below. Should you nevertheless require assistance in this regard, you can contact us.

Facebook:
https://www.facebook.com/about/privacy/ Data processing is based on an agreement between jointly responsible persons pursuant to Art. 26 DSGVO, which you can view here.
Further information on data processing in the context of visiting a Facebook fan page (information on Insights data) can be found here.

Instagram: https://help.instagram.com/519522125107875

Possibility of objection (opt-out):

Facebook: https://www.facebook.com/settings?tab=ads

Instagram: https://help.instagram.com/519522125107875

9. sending of reminders via e-mail


If you have given us your express consent to this during or after your order in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO, we will send your e-mail address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Köln (www.trustedshops.de), so that they can send you a reminder by e-mail.

This consent can be revoked at any time by sending a message to the contact option described below or directly to Trusted Shops.

10. contact possibilities and your rights

As a data subject, you have the following rights:

  • in accordance with Art. 15 DSGVO, the right to request information about your personal data processed by us to the extent described therein;
  • in accordance with Art. 16 DSGVO, the right to demand the immediate correction of incorrect or incomplete personal data stored by us;
  • according to Art. 17 DSGVO the right to demand the deletion of your personal data stored with us, as far as further processing is not
    • on the exercise of the right to freedom of expression and information;
    • to fulfil a legal obligation;
    • for reasons of public interest, or
    • is necessary for the assertion, exercise or defence of legal claims;
  • in accordance with Art. 18 DSGVO, the right to demand the restriction of the processing of your personal data, provided that
    • the correctness of the data is disputed by you;
    • the processing is unlawful, but you refuse to delete it
    • we no longer need the data, but you need it to assert, exercise or defend legal claims or
    • you have lodged an objection to the processing pursuant to Art. 21 DSGVO;
  • in accordance with Art. 20 DSGVO, the right to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party;
  • pursuant to Art. 77 DSGVO the right to complain to a supervisory authority. As a rule, you can turn to the supervisory authority of your usual place of residence or workplace or to the supervisory authority of our company headquarters for this purpose.

If you have any questions regarding the collection, processing or use of your personal data, for information, correction, restriction or deletion of data as well as revocation of consents given or objection to a specific use of data, please contact us directly via the contact data in our imprint.

Data protection officer:
Franziska Ulmer
Max-Ernst-Straße 13
50354 Hürth

ulmer@highderm.de

Right of objection
Insofar as we process personal data as explained above in order to safeguard our legitimate interests which are predominant in the context of weighing up interests, you can object to this processing with effect for the future. If the processing is for direct marketing purposes, you may exercise this right at any time as described above. If processing is carried out for other purposes, you only have the right to object if there are reasons arising from your particular situation.

After exercising your right of objection, we will not process your personal data further for these purposes unless we can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

This does not apply if the processing is carried out for the purposes of direct marketing. Then we will not further process your personal data for this purpose.


Privacy policy created with the Trusted Shops legal texter in cooperation with FÖHLISCH Rechtsanwälte.