Privacy policy

Data protection

Our contact data

We are pleased that you visit our shop and thank you for your interest in our company, our products and our website. Protecting your privacy when using our website is important to us. Therefore, please take note of the following information. If you have any questions or concerns about the processing of your personal data, please simply contact us:

Wishproject Deubner & Deubner GbR
Central market 6
99867 Gotha
Germany

Phone: + 49 (0) 3621 - 7333488
E-mail: info@wishproject.de

Establishment of contact

When contacting us (e.g. by contact form or e-mail), personal data is collected by you. The data collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting and the associated technical administration. The legal basis for the processing of the data is our legitimate interest in answering your request pursuant to Art. 6 para. 1 lit. and the following DSGVO. If your contact is aimed at the conclusion of a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. B DSGVO. Your data will be deleted after final processing of your enquiry, this is the case if it can be inferred from the circumstances that the relevant facts have been finally clarified and if no legal retention obligations preclude.

SSL encoding

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as a site operator. An encrypted connection can be recognized by the fact that the address line of the browser changes from "http ://" to" https ://" and by the lock icon in your browser line.

With this SSL encryption used, the data you transmit to us cannot be read by third parties.

Data collection when visiting our shop

When accessing our offer, connection data is stored. If you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data that is technically required for us to display the website to you:

- Our visited website
- Date and time at time of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is not passed on or otherwise used. However, we reserve the right to review the server log files retrospectively should specific indications of unlawful use be provided.

The above data for the provision of our website will be kept for three days and then deleted. The collection of the above data for the provision of our website and the storage of this data in log files is absolutely necessary for the operation of our website.

Based on this, this offer uses the tool "Webalizer," a web analysis software for statistical evaluation of users' access to the offer. "Webalizer" creates overviews on the basis of the data of the server log files, for example on the number of hits, file/page requests, visits, etc. Here, too, the processing takes place in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of this website.

These evaluations are not combined with other data sources, in particular with personal data. The generated information will be stored at the Provider-Factory in Strasbourg/France. A transfer to third parties does not take place.

Data collection for order and customer account

We process the data of our customers as part of the ordering processes in our online shop in order to enable them to select and order the selected products and services, as well as their payment and delivery or execution.

The processed data includes inventory data, communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing takes place for the purpose of providing contractual services in the context of the operation of an online shop, billing, delivery and customer services. We use session cookies for storing the shopping cart content and permanent cookies for storing the login status.

Processing takes place on the basis of Art. 6 para. 1 lit. b (Execution of order processes) and c (Legally required archiving) GDPR. The information marked as necessary is required to justify and fulfil the contract. We disclose the data to third parties only within the scope of delivery, payment or within the scope of legal permissions and obligations to legal advisers and authorities. The data will only be processed in third countries if this is necessary for the fulfilment of the contract (e.g. upon customer request upon delivery or payment).

Users can optionally create a user account by viewing their orders in particular. As part of the registration, the required mandatory information is communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention is due to commercial or tax law reasons. Article 6 (1) lit. c GDPR necessary. Information in the customer account remains in the case of a legal obligation until its deletion and subsequent archiving. It is the responsibility of the users to secure their data before the end of the contract.

As part of the registration and renewed registration as well as the use of our online services, we store the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the user's protection against abuse and other unauthorized use. In principle, this data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Art. 6 para. 1 lit. C DSGVO.

The deletion takes place after expiry of legal warranty and comparable obligations, the necessity of the storage of the data is checked every three years; in the case of legal archiving obligations, the deletion takes place after its expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).

Created with Datenschutz-Generator.de by RA Dr Thomas Schwenke

External payment service providers

We use external payment service providers through whose platforms users and we can make payment transactions (Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full), Klarna (https://www.klarna.com/de/datenschutz/)).

As part of the performance of contracts, we set the payment service providers on the basis of Art. 6 para. 1 lit. b. DSGVO one. Otherwise, we set external payment service providers on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f. GDPR to offer our users an effective and secure payment option.

The data processed by the payment service providers include stock data, such as, for example, the name and address, bank data, such as, for example, account numbers or credit card numbers, passwords, TANs and checksums, as well as the contract, sums and recipient-related information. The information is required to carry out the transactions. However, the entered data is processed and stored by the payment service providers only. This means that we do not receive account-related or credit card-related information, but only information with confirmation or negative information of the payment. The purpose of this transfer is to verify identity and creditworthiness. For this purpose, we refer to the terms and conditions and data protection instructions of the payment service providers.

The terms and conditions and data protection instructions of the respective payment service providers, which can be accessed within the respective websites or transaction applications, apply to the payment transactions. We also refer to these for further information and assertion of rights of withdrawal, information and other data subjects.


Created with Datenschutz-Generator.de by RA Dr Thomas Schwenke

Sharing your personal data

The personal data collected by us will be passed on to the transport company commissioned with the delivery within the scope of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the contracted credit institution or the contracted payment provider as part of the processing of payments. Payment transactions via common payment methods (Paypal, Sofortüberweisung with Klarna) take place exclusively via an encrypted SSL connection. In the case of encrypted communication, your payment data which you transmit to us cannot be read by third parties. Further transmission of your data for advertising purposes, for example, does not take place. You can object to the use of the e-mail address stored in the context of the order at any time free of charge. The legal basis for this processing of third parties for the execution of the contract is also Article 6 (1) lit. B DSGVO

For more information on the privacy of our payment providers, click here:
PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE
Immediate transfer: https://www.klarna.com/sofort/datenschutz/

Registration/Customer Account

Users can create a user account. As part of the registration, the required mandatory information is communicated to the users and based on Art. 6 para. 1 lit. b GDPR for the purpose of providing the user account. The processed data include in particular the login information (name, password as well as an e-mail address). The data entered as part of the registration will be used for the purpose of using the user account and its purpose.

Users can be informed by e-mail about information relevant to their user account, such as technical changes. If users have terminated their user account, their data will be deleted with regard to the user account, subject to a statutory retention obligation. It is the responsibility of the users to secure their data before the end of the contract. We are entitled to irretrievably delete all data stored by the user during the duration of the contract.

As part of the use of our registration and registration functions as well as the use of the user account, the IP address and the time of the respective user act will be stored. The storage takes place on the basis of our legitimate interests, as well as the user's protection against abuse and other unauthorized use. In principle, this data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Art. 6 para. 1 lit. c. DSGVO. The IP addresses will be anonymised or deleted after 7 days at the latest.


Created with Datenschutz-Generator.de by RA Dr Thomas Schwenke

Facebook, Custom Audiences and Facebook Marketing Services

Within our wish shop, due to our legitimate interests in the analysis, optimization and economic operation of our online shop and for these purposes, the so-calledFacebook pixels of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Facebook is certified under the Privacy Shield Agreement and thereby offers a guarantee to comply with European data protection law.

With the help of the Facebook pixel, Facebook is on the one hand able to designate visitors to our online offer as a target group for the presentation of ads (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to display the Facebook ads that we have connected only to Facebook users who have also shown an interest in our Wish products or who have certain characteristics (e.g. interests in certain topics or products that are determined on the basis of the websites visited) that we transmit to Facebook (so-called "custom"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have an annoying effect. With the help of the Facebook pixel, we can also understand the effectiveness of Facebook advertisements for statistical and market research purposes, in which we can see whether users have been forwarded to our website after clicking on a Facebook advertisement (so-called "conversion").

The Facebook pixel is directly integrated by Facebook when you access our websites and can store a so-called cookie on your device. If you then log in to Facebook or visit Facebook in the logged-in state, the visit to our online offer will be noted in your profile. The data collected about you are anonymous to us, so do not offer us any conclusions about the identity of the users. However, Facebook stores and processes the data so that a connection to the respective user profile is possible and can be used by Facebook as well as for its own market research and advertising purposes. If we should transmit data to Facebook for comparison purposes, these are encrypted locally in the browser and only then sent to Facebook via a secure https connection. This is done solely with the purpose of establishing a comparison with the data encrypted equally by Facebook.

Furthermore, when using the Facebook pixel, we use the additional function "extended matching" here, data for forming target groups ("custom audiences" or "look alike audiences") are transmitted to Facebook in encrypted form. Oher one Tips.

We also use the "Custom Audiences from File" process of the social network Facebook, Inc. In this case, the email addresses of the newsletter recipients are uploaded to Facebook. The upload process is encrypted. The upload serves alone to determine recipients of our Facebook ads. We want to ensure that the ads are only displayed to users who are interested in our information and services.

The processing of the data by Facebook takes place within the framework of Facebook's data use policy. You can find special information and details about the Facebook pixel and how it works in the help area of Facebook.

You can object to the collection by the Facebook pixel and use of your data to display Facebook ads. To adjust which types of advertisements are displayed to you within Facebook, you can access the page set up by Facebook and follow the instructions regarding the settings of usage-based advertisements. The settings are platform-independent (desktop or mobile).

You may also object to the use of cookies for range measurement and advertising purposes via the deactivation page of the network advertising initiative and additionally the US website or the European website.

Direct advertising/newsletter

In addition, personal data is collected when you subscribe to our e-mail newsletter. This data is used by us for our own advertising purposes in the form of our e-mail newsletter, provided that you have expressly consented to this via "Subscribe to Newsletter."

We regularly send you information about our offers. Mandatory information for sending the newsletter is only your e-mail address. Providing additional data may be voluntary and will be used to address you personally. For sending the newsletter we use the so-called double opt-in procedure. This means that we will not send you an e-mail newsletter until you have expressly confirmed to us that you consent to the sending of newsletters. We will then send you a confirmation email asking you to confirm by clicking on a corresponding link that you want to receive newsletters in the future.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 para. 1 lit. a DSGVO. When registering for the newsletter, we store your e-mail address as well as the date and time of registration in order to be able to understand a possible misuse of your e-mail address at a later time. The data collected by us when registering for the newsletter will be used exclusively for the purposes of the advertising address by means of the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending us a corresponding message. After unsubscribing, your e-mail address will be deleted after 30 days in our system, unless you have expressly consented to further use of your data or we reserve the right to further use data that is permitted by law and about which we inform you in this declaration.

We use some service providers for the statutory processing of data. The newsletter is sent via CleverReach GmbH & Co. KG. The full responsibility for data processing remains with us.

Cookies

In order to make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser the next time you visit it (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a predetermined duration, which may differ depending on the cookie.

Some of the cookies serve to simplify the ordering process by storing settings (e.g. remember the contents of your shopping cart for a later visit to the shop). If individual cookies implemented by us also process personal data, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

We may work with advertising partners to help us make our website more interesting to you. For this purpose, when you visit our website, cookies are also stored on your hard drive by partner companies (third-party cookies). If we cooperate with aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the respective information collected within the following paragraphs.

Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:

Internet Explorer: http ://windows.microsoft.com/en/windows-vista/block-or-allow-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
To chrome: http://support.google.com/chrome/bin/answer.py? hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com / KB / ph21411? locale=de_DE
Opuses: http://help.opera.com / Windows / 10.20 / de/cookies.html

Please note that if cookies are not accepted, the functionality of our website may be restricted.

Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses so-called "cookies," text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including the abbreviated IP address and the URLs of the accessed websites) is usually transmitted to a Google server in the USA and stored there. We ourselves do not store any of your data collected in connection with Google Analytics. The ones we send and use cookies, user identifications (e.g. user ID) or advertising IDs linked data will be deleted automatically after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month. The legal basis for the use of Google Analytics is § 15 para. 3 TMG or Art. 6 para. 1 lit. and the following DSGVO.

This website uses Google Analytics exclusively with the extension "_anonymizeIp ()," which ensures anonymization of the IP address by shortening and excludes direct personal reference. By expanding your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in statistical analysis of user behaviour for optimisation and marketing purposes. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide us with other services related to website use and Internet use. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the storage of cookies by setting your browser software accordingly; However, we would like to point out that in this case you may not be able to use all functions of this website in full. You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link:http://tools.google.com/dlpage/gaoptout?hl=de

Alternatively to the browser plugin or within browsers on mobile devices, please click on the following link to set an opt-out cookie, which prevents the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain, if you delete Disable Google Analytics

Google LLC, based in the USA, is certified for the US-European Privacy Shield Agreement, which ensures compliance with the level of data protection applicable in the EU.

For more information on Terms of Use and Privacy, see http://www.google.com/analytics/terms/de.html
or under https://www.google.de/intl/de/policies/.
Information on how to handle user data: https://support.google.com/analytics/answer/6004245?hl=de

Use of Facebook plugins

We have integrated so-called plugins of the social network facebook.com (hereinafter "Facebook") into our website. Facebook is a company of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. A list and the appearance of these plugins from Facebook can be viewed at the following internet address: Http://developers.facebook.com/plugins

Whenever you visit a website of our website which is provided with such a plugin, the plugin causes the browser you use to load and display the visual representation of the plugin from the Facebook server. By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook user account or are not currently logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook profile. If you interact with the plugins, for example the "Like" button or leave a comment, this information is also transmitted directly to a Facebook server and stored there. The information will also be posted to your Facebook profile and displayed to your Facebook friends.

The data processing processes described are carried out in accordance with Art. 6 para. 1 lit. f GDPR based on Facebook's legitimate interests in the insertion of personalized advertising in order to inform other users of the social network about your activities on our website and to design the service in accordance with requirements.

If you do not want Facebook to assign the data collected through our website directly to your Facebook profile, you must log out of Facebook before visiting our website. You can also object to loading the Facebook plugins and thus the data processing processes described above with add-ons for your browser for the future, e.g. with the script blocker "NoScript" (http://noscript.net/) or http://webgraph.com/resources/facebookblocker/.

Facebook Inc. based in the USA is certified for the US-European data protection convention "Privacy Shield," which ensures compliance with the data protection level applicable in the EU.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights and settings for the protection of your privacy, can be found in Facebook's Privacy Policy: http://www.facebook.com/policy.php

Google Web Fonts

This page uses so-called web fonts provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") to uniformly display fonts. When you access a page, your browser loads the required web fonts into your browser cache to display text and fonts correctly.

For this purpose, the browser you are using must connect to Google's servers. As a result, Google becomes aware that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If your browser does not support Web Fonts, a default font will be used by your computer.

Google LLC, based in the USA, is certified for the US-European Privacy Shield Agreement, which ensures compliance with the level of data protection applicable in the EU.

For more information about Google Web Fonts, see https://developers.google.com/fonts/faq
and in Google's privacy policy: https://www.google.com/policies/privacy/
Opt-out option: https://adssettings.google.com/authenticated.

Your rights

The applicable data protection law grants you with respect to the data controller with regard to the processing of your personal data comprehensive data subject rights (information and intervention rights), about which we now inform you below:

Right of access according to Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients; to which your data has been or will be disclosed, the planned storage time or the criteria for determining the storage time, the existence of a right to rectification, deletion, restriction of processing, objection to the processing, complaint to a supervisory authority, the origin of your data, if these have not been collected by us from you, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the scope and the intended effects of such processing, as well as your right to be informed of the guarantees in accordance with Art. 46 GDPR when forwarding your data to third countries.

Right to rectification pursuant to Art. 16 GDPR: You have the right to promptly correct incorrect data concerning you and/or complete your incomplete data stored with us.

Right to erasure pursuant to Art. 17 GDPR: You have the right to request the deletion of your personal data if the requirements of Art. 17 para. 1 GDPR exist. However, this right does not exist in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

Right to restriction of processing pursuant to Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data, as long as the accuracy of your data is checked by you, if you refuse to delete your data due to inadmissible data processing and instead request the restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims, after we no longer need this data after achieving the purpose or if you have filed an objection for reasons of your particular situation, as long as it is not yet established whether our legitimate reasons outweigh.

Right to information pursuant to Art. 19 GDPR: If you have asserted the right to rectification, deletion or restriction of processing vis-à-vis the controller, the controller is obliged to inform all recipients to whom the personal data concerning you has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or is incompatible with: You have the right to be informed of these recipients.

Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data, which you have provided to us, in a structured, common and machine-readable format or to request transmission to another controller, insofar as this is technically feasible.

Right to revoke consent granted pursuant to Art. 7 para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of consent until revocation.

Right to appeal pursuant to Art. 77 GDPR: If you consider that the processing of the personal data concerning you violates the GDPR, you have the right - without prejudice to any other administrative or judicial remedy - to complain to a supervisory authority, in particular in the Member State of your place of residence, your place of work or

CONTRADICTION RIGHT

IF WE PROCESS YOUR PERSONAL DATA IN THE CONTEXT OF A BALANCE OF INTERESTS BASED ON OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE TERMINATE THE PROCESSING OF THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING IS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FUNDAMENTAL FREEDOMS, OR IF THE PROCESSING OF THE ASSERTION, EXERCISE

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU AT ANY TIME FOR THE PURPOSE OF SUCH ADVERTISING YOU CAN EXERCISE THE CONTRADICTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE TERMINATE THE PROCESSING OF THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.