Privacy Policy

1. COLLECTION AND PROCESSING OF PERSONAL DATA

Generally, we collect and process personal data (e.g. name, address, email address, telephone number, payment information) that you provide as part of placing an order, opening an account or another purpose only if, and to the extent to which, you have consented to processing, or if another permissive circumstance pursuant to Article 6 of the European Union’s General Data Protection Regulation (GDPR).

Furthermore, for technical reasons, the IP address of the user is collected by our website.

We process and use the personal data we collect to provide the services requested by you (Article 6, paragraph 1 (b), of the GDPR), to process your request (Article 6, paragraph 1 (b), of the GDPR), to review your creditworthiness with your express consent if you request that we, for example, make an advance payment when purchasing on account (Article 6, paragraph 1 (a), of the GDPR), to issue invoices (Article 6, paragraph 1 (b), of the GDPR), to ensure compliance with laws and regulations, in particular the retention obligations pursuant to section 257 of the German Commercial Code (HGB) (Article 6, paragraph 1 (c), of the GDPR), and to exercise (legal) claims (Article 6, paragraph 1 (f), of the GDPR).

Subject to your separate consent, we will also use stored personal data to inform you about our products and services in our newsletter. We will only send you our newsletter via email if you have expressly consented to this as part of the ‘double opt-in’ process. You can unsubscribe to our newsletter at any time by clicking on the link at the end of our newsletter.

2. TRANSMISSION OF PERSONAL DATA

For the purposes stated under section 1, we reserve the right to transmit your personal data if necessary to our contractors within the European Union and other countries which are party to the agreement on the European Economic Area. These contractors are obligated to handle your personal data confidentially and to use them only in compliance with the applicable data protection provisions to provide the desired service.     

We work with service providers in the following categories:

  • E-commerce agencies for the development of our website
  • Web hosting companies with regard to the operation of our website and our online shop
  • Fulfilment service providers with regard to shipping processing
  • Hotline service providers with regard to customer service
  • Shipping service providers with regard to the shipment of goods
  • Payment service providers with regard to clearing, factoring and payment processing
  • Credit institutes with regard to payment processing
  • Tax consultants with regard to accounting
  • IT service providers with regard to technical administration of our IT systems
  • Online marketing agencies and newsletter originators with regard to customer communication
  • Online analysis service providers with regard to IP location determination and tracking


If you are not the recipient of the services, you are obligated to obtain the consent of the recipient to the processing of their personal data before you transmit the data to us.

Other than this, we will only disclose the personal data stored by us to third parties if you have expressly authorised us to do so (Article 6, paragraph 1 (a), of the GDPR), if we are legally obligated to do so (Article 6, paragraph 1 (c), of the GDPR), or if this disclosure is necessary to exercise or protect our rights (Article 6, paragraph 1 (f), of the GDPR).



3. DURATION OF STORAGE OF YOUR PERSONAL DATA

The duration for which your personal data is stored depends on the purpose for which we process the data. Generally, the data are stored for as long as necessary for achieving the purpose of processing or for as long as we are obligated to store the data in accordance with statutory provisions.

To fulfil our retention obligations pursuant to section 257 of the German Commercial Code (HGB), we store your personal data collected during the ordering process for a period of ten years, calculated from the date of the last invoice or credit issued to you. If you have not settled all of the payment claims due within this ten-year period, we continue to store your personal data until all of the payment claims outstanding to us have been settled. Data collected as part of other requests are stored by us for six years calculated from the date of our response (section 257, paragraph 4, of the HGB).  

If you have subscribed to our newsletter, we store your personal data until you unsubscribe to our newsletter and/or object to the processing of your personal data for the delivery of the newsletter.



4. YOUR RIGHTS

By sending an email to datenschutz@coeur.de, you can receive information about the personal data which we have stored relating to you as well as request the completion of your personal data and the correction of inaccurate personal data. We will process your request promptly.    

Of course, you can also demand the deletion pursuant to Article 17 of the GDPE or the restriction of processing pursuant to Article 18 of the GDPR of the personal data which we have stored relating to you by sending an email to datenschutz@coeur.de. We will then promptly delete or restrict the processing of the stored personal data relating to you. However, in any case, the deletion or restriction of processing will not take place until all existing contracts and other legal relationships with you have been completely resolved. Deletion can only take place once we are no longer legally obligated to retain the data. Please note that, after deletion or restriction of processing, we can no longer access the data previously provided by you and will not be able to process any requests which depend on these data. To the extent that we are legally obligated to retain personal data, we will mark them as blocked and no longer use them for communication.

To the extent that we process your personal data, you are entitled to request a written or electronic copy of these data. We will provide you with the first copy of your personal data free of charge or transmit this copy to the third party specified by you.

To the extent that you have consented to the processing of your personal data and we still have them stored, we will make these data available to you or a third party specified by you upon your request.    

Should you be of the opinion that the processing of your personal data violates the GDPR, you are also entitled to submit a complaint to any supervisory authority pursuant to Article 77 of the GDPR. The supervisory authority responsible for our location is the State Officer of Data Protection and Freedom of Information for Baden-Württemberg, currently Dr Stefan Brink, Königstrasse 10a, 70173 Stuttgart, tel.: +49 (0)711 6155 410, fax: +49 (0)711 6155 4115, email: poststelle@lfdi.bwl.de


To the extent that data is processed on the basis of your consent (in particular to review your creditworthiness and, if applicable, to send you our newsletter), you can revoke this consent at any time.          

Pursuant to Article 21 of the GDPR, you have the right to object to the processing of your personal data for the protection of our legitimate interests or those of a third party in accordance with Article 6, paragraph 1 (f), of the GDPR. Upon receipt of your objection, we will cease the processing of data on the basis of Article 6, paragraph 1 (f), of the GDPR, unless we can demonstrate overriding compelling legitimate grounds for processing, in particular if you have not yet settled all of our outstanding payment claims or if the processing serves to assert, exercise or defend legal rights.

If you have questions regarding data protection and privacy, you can send us an email to datenschutz@coeur.de at any time. We will be happy to answer your questions free of charge. Instead of an email, you can of course also contact the controller via post or fax pursuant to section 18.



5. KLARNA

In order to offer you the payment options provided by Klarna, we will transmit personal data such as contact and order information to Klarna. This allows Klarna to determine whether you are eligible to take advantage of the payment options offered by Klarna and to adapt these options to your needs. You can find general information about Klarna here. Your personal data will be handled in line with the relevant data protection regulations and in accordance with the privacy policy of Klarna



6. INTEGRATION OF THE TRUSTEDBADGE OF TRUSTED SHOPS

The Trusted Shops Trustbadge is integrated on this website to display the Trusted Shops services (e.g. Trustbadge and collected reviews) as well as to offer Trusted Shops products to buyers after an order.

This is necessary to safeguard our legitimate prevailing interests in an optimal marketing by ensuring the safety of your purchase according to Article 6 (1) f GDPR. The Trustbadge and the services advertised with it are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany with whom we are jointly responsible for data protection pursuant to Art. 26 GDPRIn the following, we inform you about the essential contractual contents pursuant to Art. 26 (2) DSGVO within the scope of this data protection notice. 

The Trustbadge is made available by a USA-based CDN provider (Content-Delivery-Network). An adequate level of data protection is ensured by standard data protection clauses and other contractual measures. You can find further information to the data security of Trusted Shops GmbH can be found in their privacy policy: https://www.trustedshops.co.uk/imprint/

When the Trustbadge is called up, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. The IP address is anonymized immediately after collection so that the stored data cannot be assigned to your person. The anonymized data is used in particular for statistical purposes and for error analysis.
After order completion, your email address, which is hashed by cryptological one-way function, is transmitted to Trusted Shops GmbH. The legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO. This serves to check whether you are already registered for services with Trusted Shops GmbH and is therefore necessary for the fulfillment of our and Trusted Shops' overriding legitimate interests in the provision of the Buyer Protection linked to the specific order in each case and the transactional evaluation services pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO.

If this is the case, further processing will be carried out in accordance with the contractual agreement between you and Trusted Shops. If you have not yet registered for the services, you will be given the opportunity to do so for the first time. Further processing after registration also depends on the contractual agreement with Trusted Shops GmbH. If you do not register, all transmitted data will be automatically deleted by Trusted Shops GmbH and a personal reference is then no longer possible.   

Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 (1) lit. f GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel). An adequate level of data protection is ensured in the case of the USA by standard data protection clauses and further contractual measures, and in the case of Israel by an adequacy decision.

Within the framework of the joint responsibility existing between us and Trusted Shops GmbH, if you have any data protection questions and wish to assert your rights, please prefer to contact Trusted Shops GmbH using the contact options provided in the data protection information linked above. Irrespective of this, however, you can always contact the responsible person of your choice. Your inquiry will then, if necessary, be forwarded to the other responsible party for a response.  



7. USE OF COOKIES

We use cookies on various pages in order to make your visit more attractive, to personalise advertising and to enable the use of certain functions, provided that you have given your consent to this or another permission has been granted. Cookies are small text files that are stored on your computer. Most of the cookie we use are deleted from your hard drive after the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognise your computer upon your next visit (so-called permanent cookies). These cookies allow us to welcome you with your username and eliminate the need to re-enter your password or fill out forms again when you place another order. Our partner companies are not permitted – subject to other agreements with you and deviating information in this privacy policy – to collect, process or use personal data via our website using cookies. You can change the settings in your browser to inform you about the setting of cookies, so that you can decide whether to accept or exclude the acceptance of cookies for certain cases or in general. Not accepting cookies may result in the limited functionality of our website. Each browser is different with regard to how it manages the cookies settings. This is described in the help menu of your browser and will explain how you can change your cookies settings.

When you visit our website, you have the option of choosing to consent to the use of all cookies we maintain or to select which cookies you wish to allow under the cookie settings. You can adjust these settings at any time.



8. FUNCTIONS AND DATA COLLECTION OF FACEBOOK

We have integrated components of the Facebook company on our website. Facebook is a social network.

A social network is a social meeting point operated on the internet, an online community that generally enables users to communicate amongst themselves and to interact in the virtual sphere. A social network can serve as a platform for the exchange of opinions and experiences or it can enable the internet community to make personal or company information available. Facebook enables the users of the social network to – among other things – create private profiles, upload photos and network via friend requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside of the United States or Canada, the controller responsible for the processing of personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

For each retrieval of one of the individual pages of this website – which is operated by the controller responsible for processing and on which a Facebook component (Facebook plug-in) has been integrated – the internet browser on the information technology system of the data subject is automatically caused by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook receives information about which specific pages of this website are visited by the data subject.

If the data subject is logged in to Facebook at the same time, with every retrieval of our website by the data subject and for the entire duration of the respective visit to our website, Facebook recognises which specific pages of our website are visited by the data subject. This information is collected by the Facebook component and assigned to the respective Facebook account of the data subject by Facebook. If the data subject clicks on one of the Facebook buttons integrated in our website – for example the ‘Like’ button – or if the data subject enters a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Via the Facebook component, Facebook then always receives information that the data subject has visited our website if the data subject is logged in to Facebook at the same time they retrieve our website; this takes place regardless of whether the data subject clicks on the Facebook component. If the transmission of this information to Facebook is not desired by the data subject, they can prevent the transmission by logging out of their Facebook account before visiting our website.

The data guideline published by Facebook, which can be found at https://de-de.facebook.com/about/privacy/, provides details about the collection, processing and use of personal data by Facebook. Furthermore, details can be found there about which settings Facebook offers to protect the privacy of the data subject. Additionally, there are various applications available that enable you to suppress data transmission to Facebook. Applications of this kind can be used by the data subject to prevent their data being transmitted to Facebook.



9. FUNCTIONS AND DATA COLLECTION OF INSTAGRAM

We have integrated components of the service Instagram on our website. Instagram is a service that qualifies as an audiovisual platform which enables its users to share photos and videos, as well as to share these in other social networks.

The operating company of the Instagram service is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

For each retrieval of one of the individual pages of this website – which is operated by the controller responsible for processing and on which an Instagram component (Instagram plug-in) has been integrated – the internet browser on the information technology system of the data subject is automatically caused by the respective Instagram component to download a representation of the corresponding Instagram component from Instagram. As part of this technical process, Instagram receives information about which specific pages of this website are visited by the data subject.

If the data subject is logged in to Instagram at the same time, with every retrieval of our website by the data subject and for the entire duration of the respective visit to our website, Instagram recognises which specific pages are visited by the data subject. This information is collected by the Instagram component and assigned to the respective Instagram account of the data subject by Instagram. If the data subject clicks on one of the Instagram buttons integrated in our website, the data and information transmitted by this action are assigned to the personal Instagram user account of the data subject and stored and processed by Instagram.

Via the Instagram component, Instagram then always receives information that the data subject has visited our website if the data subject is logged in to Instagram at the same time they retrieve our website; this takes place regardless of whether the data subject clicks on the Instagram component. If the transmission of this information to Instagram is not desired by the data subject, they can prevent the transmission by logging out of their Instagram account before visiting our website.

Additional information and the applicable data protection regulations of Instagram can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.



10. FUNCTIONS AND DATA COLLECTION OF PINTEREST

We have integrated components of the service Pinterest Inc. on our website. Pinterest is a so-called social network. A social network is a social meeting point operated on the internet, an online community that generally enables users to communicate amongst themselves and to interact in the virtual sphere. A social network can serve as a platform for the exchange of opinions and experiences or it can enable the internet community to make personal or company information available. Pinterest enables users of the social network to – among other things – publish photo collections and individual photos, as well as descriptions, on virtual pin boards (‘pinning’), which in turn can be shared (‘repinning’) or commented on by other users.

The operating company of Pinterest is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

For each retrieval of one of the individual pages of this website – which is operated by the controller responsible for processing and on which a Pinterest component (Pinterest plug-in) has been integrated – the internet browser on the information technology system of the data subject is automatically caused by the respective Pinterest component to download a representation of the corresponding Pinterest component from Pinterest. More information on Pinterest can be found at https://pinterest.com/. As part of this technical process, Pinterest receives information about which specific pages of this website are visited by the data subject.

If the data subject is logged in to Pinterest at the same time, with every retrieval of our website by the data subject and for the entire duration of the respective visit to our website, Pinterest recognises which specific pages of our website are visited by the data subject. This information is collected by the Pinterest component and assigned to the respective Pinterest account of the data subject by Pinterest. If the data subject clicks on one of the Pinterest buttons integrated in our website, Pinterest assigns this information to the personal Pinterest user account of the data subject and stores this personal data.

Via the Pinterest component, Pinterest then always receives information that the data subject has visited our website if the data subject is logged in to Pinterest at the same time they retrieve our website; this takes place regardless of whether the data subject clicks on the Pinterest component. If the transmission of this information to Pinterest is not desired by the data subject, they can prevent the transmission by logging out of their Pinterest account before visiting our website.

The data guideline published by Pinterest, which can be found at https://about.pinterest.com/privacy-policy, provides details about the collection, processing and use of personal data by Pinterest.



11. LADENZEILE

On our website, we use a cookie of Visual Meta GmbH (‘VM’, Alexanderstrasse 1–5, 10178 Berlin, Germany), the operating company of the LadenZeile and ShopAlike portals. This cookie is executed on the device of the user upon the conclusion of an order process. As part of this process, anonymous data on the order transaction (e.g. value of the shopping basket) are transmitted to your device and, from there, to VM. For this, VM collects your IP address in a pseudonymised form. This takes places with the legitimate interest of assigning sales, for marketing purposes and for the exercise of civil claims. VM deletes the data as soon as they are no longer necessary for this purpose. We refer to the privacy policy of VM in this regard: hps://www.ladenzeile.de/datenschutzerklaerung.html. If you do not consent to tracking, you can prevent this by using the ‘do not track’ setting in your browser.

 


12. BILLIGER.DE

On its order confirmation page, our website uses a graphic pixel of solute GmbH, Zeppelinstr. 15, 76185 Karlsruhe, Germany, for tracking orders and billing purposes for customers who are made aware of us on the website billiger.de and other partners of solute GmbH.

To this end, solute GmbH stores information in so-called server log files, which your browser automatically transmits to solute GmbH. This information includes browser type and browser version, the operating system used, referrer URL, host name of the accessing computer, time of the server request and the IP address. The server log files are automatically deleted after 30 days.

The graphic pixel generates a so-called referrer URL, which solute GmbH uses to collect and store the shop ID, order number and the total shopping basket value, in particular for the purpose of invoicing and settlement with the partner shop.

The storage and analysis of the data is carried out on the basis of Article 6, paragraph 1 (f), of the GDPR. The shop operator has a legitimate interest in analysing information about the orders placed and to use this data to optimise the offer of goods, and to invoice and settle the services used for this purpose.

You can find the privacy policy at https://www.solute.de/ger/datenschutz/.



13. CRITEO

On our website, we use a cookie of Criteo GmbH (‘Criteo’, Lehel Carré, Gewürzmühlenstrasse 11, 80538 Munich, Germany), the operating company of the Criteo portal. This cookie is executed on the device of the user upon the conclusion of an order process. As part of this process, anonymous data on the order transaction (e.g. value of the shopping basket) are transmitted to your device and, from there, to Idealo. For this, Idealo collects your IP address in a pseudonymised form. This takes places with the legitimate interest of assigning sales, for marketing purposes and for the exercise of civil claims. Criteo deletes the data as soon as they are no longer necessary for this purpose. We refer to the privacy policy of Criteo in this regard: https://www.criteo.com/de/privacy/. If you do not consent to tracking, you can prevent this by using the ‘do not track’ setting in your browser.



14. GOOGLE ANALYTICS

We have integrated the Google Analytics component (with anonymisation function) in our website. Google Analytics is a web analysis service. Web analysis is the collection and evaluation of data with regard to the behaviour of visitors to websites. A web analysis service collects data regarding, among other things, from which website a data subject was directed to the website (so-called referrer), which pages the data subjects accesses and how often and for how long a page is visited. A web analysis is primarily used to optimise a website and to perform a cost–benefit analysis of internet advertising.

The operating company of the Google Analytics component is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

We use the add-on ‘_gat._anonymizeIp’ for web analysis via Google Analytics. Through the use of this add-on, the IP address of the internet connection of the data subject is truncated and anonymised by Google, if our website is accessed from a member state of the European Union or from another country which is party to the agreement on the European Economic Area.

The purpose of the Google Analytics component is the analysis of visitor flows on our website. Google uses the data and information gained for the purpose of, among others, evaluating the use of our website, to put together online reports for us that show the activities on our website and to provide other services associated with the use of our website.

Google Analytics places a cookie on the information technology system of the data subject. It has already been explained above what a cookie is. Placing this cookie enables Google to analyse the use of our website. For each retrieval of one of the individual pages of this website – which is operated by the controller responsible for processing and on which an Google Analytics component has been integrated – the internet browser on the information technology system of the data subject is automatically caused by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google receives knowledge of personal data, such as the IP address of the data subject, which Google uses to, among other things, trace the origin of the visitor and clicks and, as a result, to enable the invoicing of commissions.

Cookies are used to store personal information – for instance access time, the location from which the page was accessed and the frequency of visits to our website by the data subject. For every visit to our website, these personal data – including the IP address of the internet connection used by the data subject – are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. In certain circumstances, Google may transmit the personal data collected via the technical process to third parties.

As already explained above, the data subject can prevent the placement of cookies at any time via the respective settings in their internet browser, thereby permanently objecting to the placement of cookies. These settings in the internet browser would also prevent Google from placing a cookie on the information technology system of the data subject. Additionally, a cookie already placed by Google Analytics can be deleted at any time via the internet browser or another software program.

Furthermore, the data subject has the option of objecting to the collection of data generated by Google Analytics related to their use of this website, as well as the option of objecting to and preventing the processing of this data by Google. To do so, the data subject must download and install a browser add-on found here: https://tools.google.com/dlpage/gaoptout. This browser add-on uses JavaScript to inform Google Analytics that no data and information about the visits to websites can be transmitted to Google Analytics. The installation of the browser add-on is considered an objection by Google. If the information technology system of the data subject is deleted, formatted or reinstalled at a later point in time, the data subject must once again install the browser add-on in order to deactivate Google Analytics. If the data subject, or another person within their control, uninstalls or deactivates the browser add-on, it is possible to reinstall or reactivate the browser add-on.

Additional information and the applicable data protection regulations of Google can be found at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail here: https://www.google.com/intl/de_de/analytics/.



15. GOOGLE ADWORDS REMARKETING

The controller responsible for processing has integrated Google AdWords on this website. Google AdWords is a service for internet advertising that allows advertisers to place their ads both in Google’s search engine results as well as in the Google advertising network. Google AdWords enables an advertiser to determine certain keywords in advance to ensure that their advertisement is only displayed in the Google search engine results if the user enters a keyword-relevant search term into the search engine. In the Google advertising network, the advertisements are distributed to related-topic websites by means of an automatic algorithm and under consideration of the keywords determined in advance.

The operating company of the Google AdWords service is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

The purpose of Google AdWords is advertising of our website through the display of advertisements that are relevant to the interests of visitors to the websites of third-party companies and in the search engine results of Google, and the display of third-party advertising on our website.

If a data subject comes to our website via a Google advertisement, Google places a so-called conversion cookie on the information technology system of the data subject. It has already been explained above what a cookie is. A conversion cookie loses its validity after 30 days, and it does not serve to identify the data subject. Provided that the cookie has not expired, the conversion cookie is used to determine whether certain pages – for example the shopping basket of the online shop system – of our website were accessed. Using the conversion cookie, both we and Google are able to determine whether a data subject who came to our website via an AdWords advertisement generated a sale, that is, concluded or cancelled a purchase of goods.

The data and information collected through the use of the conversion cookie are used by Google to create visit statistics for our website. In turn, these visit statistics are used by us to determine the total number of users referred to us by AdWords, thereby determining the success or lack thereof of the respective AdWords advertisements and to optimise our AdWords advertisements for the future. Neither our company nor other customers of Google AdWords receive information from Google which they could use to identify the data subject.

Personal information such as the websites visited by the data subject are stored by means of a conversion cookie. For every visit to our website, therefore, personal data – including the IP address of the internet connection used by the data subject – are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. In certain circumstances, Google may transmit the personal data collected via the technical process to third parties.

As already explained above, the data subject can prevent the placement of cookies at any time via the respective settings in their internet browser, thereby permanently objecting to the placement of cookies. These settings in the internet browser would also prevent Google from placing a conversion cookie on the information technology system of the data subject. Additionally, a cookie already placed by Google AdWords can be deleted at any time via the internet browser or another software program.

Furthermore, the data subject has the option of objecting to interest-relevant advertisements from Google. To do so, the data subject must go to www.google.de/settings/ads in every browser they use to make the corresponding settings there.

Additional information and the applicable data protection regulations of Google can be found at https://www.google.de/intl/de/policies/privacy/.



16. BINGADS REMARKETING

This website uses Bing Ads conversion tracking technology from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). We use Bing Ads to advertise for this website in the Bing, Yahoo and MSN search engines, as well as on third-party websites. To this end, each visit to our website automatically places a cookie that automatically enables interest-based advertisement by means of a pseudonymous cookie ID and on the basis of the page you visit. This serves to preserve our overriding legitimate interests in the optimum marketing of our website pursuant to Article 6, paragraph 1 (1) (f), of the GDPR. When the purpose has ended and after the end of our use of Bing Ads Remarketing, the data collected in this manner are deleted.

Bing Ads is an offer of Microsoft Corporation (www.microsoft.com). The headquarters of Microsoft Corporation are located in the United States. If you do not wish to take part in tracking, you can object by easily deactivating the Bing Ads conversion tracking cookie via the user settings of your internet browser. You will then not be included in the conversion tracking statistics. Alternatively, you can review on the deactivation page for consumers from the European Union at http://www.youronlinechoices.com/uk/your-ad-choices/ whether advertising cookies are placed in your browser by Microsoft and deactivate them if necessary.
You can find additional information about the privacy policy of Microsoft Bing Ads at the following internet address: https://privacy.microsoft.com/de-de/privacystatement.



17. GOOGLE MAPS

We use Google Maps on our website to display our location as well as to generate a description of how to find us. Google Maps is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as simply ‘Google’.

To enable the display of certain fonts on our website, a connection to the Google server in the United States is established when our website is loaded.

If you make use of the Google Maps component embedded in our website, Google uses your internet browser to store a cookie on your device. Your user settings and data are processed to display our location and to create a description of how to find us. We cannot exclude the possibility of Google using servers in the United States for this purpose.

The legal basis is Article 6, paragraph 1 (f), of the GDPR. Our legitimate interest lies in the optimisation of the functionality of our website.
Google can then use the connection to Google established in this way to determine which website your request is sent from and which IP address the description of how to find us is to be sent to.

If you do not consent to this processing, you have the option of preventing the installation of cookies through the corresponding settings in your internet browser. You can find details in this regard under the section titled ‘Cookies’.
Additionally, the use of Google Maps and the information obtained via Google Maps are subject to the Google terms and conditions of use and the terms and conditions of business for Google Maps.

Furthermore, Google offers more detailed information at https://adssettings.google.com/authenticated and https://policies.google.com/privacy.

 

18. USERLIKE

This website uses Userlike, live chat software produced by the company Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Cologne, Germany. You can use Userlike to chat with our employees in real-time. At the start of the chat, the following personal data is collected:

If provided by you: first name, surname, and e-mail address.

Depending on the course of the conversation with our employees, further personal data may be provided by you in the chat. The nature of this information depends heavily on your request or the problem you are describing.

All our employees have been trained in data protection and in the handling of customer data. All our employees are obliged to maintain confidentiality and have accordingly signed an addendum to their employment contracts which obliges them to maintain confidentiality and observe data protection.

By accessing the www.coeur-de-lion.org web page, the chat widget is loaded as a JavaScript file from AWS Cloudfront. The chat widget technically represents the source code executed on your computer that enables the chat.

In addition, COEUR DE LION stores the history of live chats for 3 months. The purpose of this is to save our customers from having to go through a long history of requests, and for us to constantly monitor the quality of our live chat service. Processing is permitted pursuant to Art. 6 Para. 1 Book f, GDPR. If you do not wish your live chat history to be stored, please do not hesitate to contact us using the contact details listed below. Stored live chats and any other of your data will then be deleted by us immediately.

The storage of chat data also serves the purpose of ensuring the security of our information technology systems. This is also our legitimate interest, which is why processing is permitted under Art. 6 Para. 1 Book f, GDPR. The legal basis for the processing of the data provided in the chat is also Art. 6 Para. 1 Books b and f, GDPR.

Further information can be found in the Data processing terms of Userlike UG (haftungsbeschränkt).

 

19. WHATSAPP

You can contact us via WhatsApp (WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland [hereinafter: ‘WhatsApp’]). To make this possible, we use WhatsApp Business API (also known as the WhatsApp Business Platform). The necessary infrastructure is provided by the German business solutions provider 360dialog. Incoming messages are hosted on servers in Germany and the content of the messages is end-to-end encrypted.

When you contact us via WhatsApp, it is nevertheless possible that WhatsApp may receive so-called metadata (such as your telephone number or IP address). WhatsApp also provides us with aggregate insights into our messaging activities, such as the total number of sent, delivered and read messages. This aggregate data does not contain any personal details.

We only process your personal data in order to respond to you. The legal basis for processing your personal data is Article 6 paragraph 1 (1) (f) GDPR. We store the data you provide until it is no longer needed to achieve the aim of engaging in dialogue with you and your query has been answered in full.

If the aim of your message is to conclude a contract with us, the additional legal basis for processing your personal data is Article 6 paragraph 1 (1) (b) GDPR. This data is stored for as long as is necessary to perform the contract. Apart from that, we only store your data for the purpose of fulfilling contractual or legal obligations, such as tax obligations (legal basis: Article 6 paragraph 1 [1] [c] GDPR).

You can opt out of your personal data being processed at any time by emailing us (see section 1 above) or contacting us via the app. In this case, all of the personal data we have stored relating to the conversation will be deleted and it will not be possible to continue the conversation.

Your personal data is handled by WhatsApp on the basis of a data processing agreement as per Article 28 GDPR which our business solutions provider and processor 360dialog has concluded with WhatsApp. By signing this agreement, WhatsApp has undertaken to process our customers’ data on our behalf and in compliance with the requirements of GDPR. You can find more details about this in the WhatsApp Business Data Processing Terms at https://www.whatsapp.com/legal/business-data-processing-terms and in the WhatsApp Business Data Transfer Addendum at https://www.whatsapp.com/legal/business-data-transfer-addendum.

If you contact us via WhatsApp, we cannot guarantee that your personal data will not be shared with companies in third countries where there is no adequate level of data protection, such as WhatsApp LLC and Meta Platforms Inc. You can find a list of the sub-processors used by WhatsApp here: https://www.whatsapp.com/legal/business-subprocessors. WhatsApp applies standard EU contractual clauses to third-country transfers to unsafe third countries outside the EU. See https://www.whatsapp.com/legal/business-data-transfer-addendum. WhatsApp LLC also remains Privacy Shield-certified. You can find information about this at: https://www.privacyshield.gov/participant?id=a2zt00000011sfnAAA&status=Active.

You can find details of how WhatsApp handles your data as a processor in the WhatsApp terms of use at https://www.whatsapp.com/legal/business-terms and https://www.whatsapp.com/legal/business-data-processing-terms and https://www.whatsapp.com/legal/business-data-transfer-addendum.


20. DATA SECURITY

During the ordering process, your personal data is encrypted via SSL and transmitted over the internet. We use technical and organisational measures to secure our website and other systems against loss, destruction, access, alteration and dissemination of your data by unauthorised persons. Access to your customer account is only possible after entering your personal password. 

You should always handle your access information confidentially and close your browser window once you have finished communicating with us, in particular if you use the computer together with others.



21. AMENDMENTS TO THIS PRIVACY POLICY

Due to the constantly developing nature of electronic data processing, we reserve the right to make amendments to this privacy policy if necessary. We will inform you about amendments to this privacy policy in writing to one of the contact addresses indicated by you.


22. MINIMUM AGE

We offer our services and products only to users who are at least 16 years old.



23. CONTACT PERSON FOR DATA PROTECTION

If you have any questions on the collection, processing or use of your personal data, for information, correction, blocking or deletion of data or to revoke consent issued, please contact our external data protection officer, ER Secure GmbH, via email at datenschutz@coeur.de or via post to our address with the addendum ‘data protection officer’.



24. CONTROLLER

The controller within the meaning of the General Data Protection Regulation is:

COEUR DE LION Schmuckdesign GmbH
Krefelder Str. 32
70376 Stuttgart
Germany

phone: +49 (0)711-55 37 55 0
fax: +49 (0)711-55 37 55 10
e-Mail: datenschutz@coeur.de
website: www.coeur.de

    Our external Data Protection Officer is:

    ER Secure GmbH
    In der Knackenau 4
    82031 Grünwald
    Germany



    Further informations in accordance with the GDPR