Mert Kamaz
Dieselstr. 9
59174 Kamen
Germany
Email: info@carbonwerk-germany.de
Thank you for visiting our online shop. Protecting your privacy is very important to us. Below you will find detailed information on how we handle your data.
You can visit our website without providing any personal data. Each time you access the website, the web server automatically stores only a so-called server log file, which may include, for example, the name of the requested file, your IP address, the date and time of the request, the amount of data transferred and the requesting provider (access data), and documents the request.
This access data is evaluated exclusively for the purpose of ensuring the smooth operation of the website and improving our offer. This serves, pursuant to Art. 6(1)(f) GDPR, to safeguard our legitimate interests in the proper presentation of our offer, which prevail within the framework of a balancing of interests. All access data is deleted no later than seven (7) days after the end of your visit to our website.
The services for hosting and displaying the website are partly provided by our service providers on the basis of processing on our behalf. Unless otherwise stated in this privacy policy, all access data and all data collected in forms provided on this website for these purposes are processed on their servers.
If you have questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
For the purpose of contract performance (including inquiries regarding the handling of any warranty and performance defect claims as well as statutory update obligations) pursuant to Art. 6(1)(b) GDPR, we collect personal data if you voluntarily provide it to us in the course of placing an order.
Mandatory fields are marked as such because in these cases we require the data for contract performance and we cannot submit the order without it. Which data is collected can be seen from the respective input forms.
Further information on the processing of your data, in particular on the transfer of data to our service providers for the purpose of ordering, payment and shipping, can be found in the following sections of this privacy policy.
After complete performance of the contract, your data will be blocked for further processing and deleted after expiry of the retention periods under tax and commercial law pursuant to Art. 6(1)(c) GDPR, unless you have expressly consented to further use of your data pursuant to Art. 6(1)(a) GDPR, or we reserve the right to use your data beyond this, which is legally permitted and about which we inform you in this privacy policy.
If you have given your consent pursuant to Art. 6(1)(a) GDPR by choosing to open a customer account, we will use and store your data for the purpose of creating the customer account and for future orders on our website.
You can delete your customer account at any time either by sending a message to the contact option described in this privacy policy or by using the function provided in your customer account. After deletion of your customer account, your data will be deleted unless you have expressly consented to further use of your data pursuant to Art. 6(1)(a) GDPR, or we reserve the right to further use of your data in a manner that is legally permitted and about which we inform you in this privacy policy.
As part of our customer communication, we collect personal data to process your inquiries pursuant to Art. 6(1)(b) GDPR if you voluntarily provide us with this data when contacting us (e.g. via contact form or email).
Mandatory fields are marked as such because in these cases we need the data to process your inquiry. Which data is collected can be seen from the respective input forms.
After your inquiry has been fully processed, your data will be deleted unless you have expressly consented to further use of your data pursuant to Art. 6(1)(a) GDPR, or we reserve the right to use your data beyond this, which is legally permitted and about which we inform you in this privacy policy.
We pass on your data to the shipping company insofar as this is necessary for delivery of the ordered goods, pursuant to Art. 6(1)(b) GDPR.
If you have given us your explicit consent during or after your order, we will forward your email address and telephone number to the selected shipping service provider pursuant to Art. 6(1)(a) GDPR so that the provider can contact you for shipment notification or coordination prior to delivery.
You can revoke this consent at any time by sending a message to the contact details stated in this privacy policy or directly to the shipping service provider using the contact address listed below. After revocation, we will delete the data you provided for this purpose, unless you have expressly consented to further use of your data or we have reserved the right to use your data for other purposes that are legally permitted and about which we inform you in this privacy policy.
Shipping service provider:
General Logistics Systems Deutschland GmbH & Co. OHG
GLS Deutschland-Straße 1–7
DE-36286 Neuenstein
Germany
As part of payment processing in our online shop, we work with the following partners: technical service providers, banks, and payment service providers.
Depending on the selected payment method, we forward the data required to process the payment transaction to our technical service providers who act for us as processors, or to the commissioned banks, or to the selected payment service provider, insofar as this is necessary for payment processing. This serves the performance of the contract pursuant to Art. 6(1)(b) GDPR.
In some cases, payment service providers collect the data required for payment processing themselves, e.g. on their own websites or via a technical solution integrated into the ordering process. In this respect, the privacy policy of the respective payment service provider applies.
If you have questions about our payment processing partners and the basis of our cooperation with them, please use the contact option described in this privacy policy.
We may forward additional data to our service providers, who use it as our processors together with the data required for payment processing for the purpose of fraud prevention and for optimising our payment processes (e.g. invoicing, handling disputed payments, accounting support).
This serves to safeguard our legitimate interests in fraud prevention and efficient payment management pursuant to Art. 6(1)(f) GDPR, which prevail within the framework of a balancing of interests.
If you choose payment services offered by Klarna Bank AB (publ.), Sveavägen 46, 111 34 Stockholm, Sweden (“Klarna”), we request your consent pursuant to Art. 6(1)(a) GDPR for us to transfer to Klarna the data necessary for payment processing and for an identity and credit assessment.
In Germany, the credit agencies listed in Klarna’s privacy policy may be used for identity and credit checks. Klarna will use the information received about the statistical probability of a payment default for a balanced decision regarding the establishment, execution or termination of the contractual relationship.
You may revoke your consent at any time by sending a message to the contact option stated in this privacy policy. This may mean we can no longer offer you certain payment methods. You can also revoke your consent to this use of your personal data at any time directly with Klarna.
If you decide to use payment services from Klarna Bank AB (publ.), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Billpay”), we request your consent pursuant to Art. 6(1)(a) GDPR for the transfer of the data necessary for payment processing and for an identity and credit check.
In Germany, the credit agencies listed in Billpay’s privacy policy may be used. Billpay uses the information received about the statistical probability of a payment default for a balanced decision regarding the establishment, execution or termination of the contractual relationship.
You may revoke your consent at any time by sending a message to the contact option stated in this privacy policy. This may mean we can no longer offer you certain payment methods. You can also revoke your consent directly with Billpay at any time.
If you choose the payment method “purchase on account” offered by PayOne GmbH, Lyoner Str. 9, 60528 Frankfurt am Main, Germany (“PayOne”), we request your consent pursuant to Art. 6(1)(a) GDPR for the transfer of the data necessary for payment processing and for an identity and credit check.
In Germany, the credit agencies named in PayOne’s privacy policy may be used. PayOne will use the information received about the statistical probability of a payment default for a balanced decision regarding the establishment, execution or termination of the contractual relationship.
You may revoke your consent at any time by sending a message to the contact option stated in this privacy policy. This may mean we can no longer offer you certain payment methods.
If you choose the payment method “purchase on account” (offered via Ratepay GmbH, Franklinstraße 28–29, 10587 Berlin, Germany (“Ratepay”) and PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, 2449 Luxembourg (“PayPal”)), we request your consent pursuant to Art. 6(1)(a) GDPR to transfer to Ratepay the data necessary for payment processing and an identity and credit check.
In Germany, the credit agencies named in Ratepay’s privacy policy may be used. Ratepay uses the information received about the statistical probability of a payment default for a balanced decision regarding the establishment, execution or termination of the contractual relationship.
You may revoke your consent at any time by sending a message to the contact option stated in this privacy policy. This may mean we can no longer offer you certain payment options. Further information on PayPal’s data protection can be found in PayPal’s privacy policy.
If you select the “instalment purchase” option and provide the required consent pursuant to Art. 6(1)(a) GDPR, your personal data (first and last name, address, email, telephone number, date of birth, IP address, gender) as well as the required transaction data (purchased item, invoice amount, due dates, total amount, invoice number, taxes, currency, order date and time) will be transferred to our partner Klarna Bank AB (publ), Chausseestraße 117, 10115 Berlin, Germany for the purpose of processing the payment in connection with this method.
For identity and/or credit assessment, our partner obtains and collects information from publicly available databases and credit reference agencies. Details about the service providers who supply information (including, where applicable, creditworthiness information developed using mathematical-statistical methods) as well as further details required for the processing of your data after transfer are contained in Klarna’s privacy policy, available at:
https://www.klarna.com/de/datenschutz/
Klarna uses the information received about the statistical probability of default to make a balanced decision about establishing, executing or terminating the contractual relationship. You may contact Klarna to set out your point of view and contest the decision.
You may revoke any consent given during the ordering process to the transfer of data at any time with effect for the future by notifying us, without giving reasons.
The newsletter is sent to you by our service provider, who processes the data on our behalf and to whom we pass on your email address.
If you have questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
To make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use technologies on various pages, including so-called cookies.
Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted at the end of the browser session, i.e. when you close your browser (session cookies). Other cookies remain on your device and enable us to recognise your browser on your next visit (persistent cookies).
When you use our online services, we use technologies that are strictly necessary to provide the telemedia service you explicitly requested. The storage of information on your device or access to information already stored on your device does not require consent in this respect.
For functions that are not strictly necessary, storing information on your device or accessing information stored on your device requires your consent. Please note that if you do not give your consent, parts of the website may not be fully usable. Any consent you may have given remains valid until you adjust or reset the corresponding settings on your device.
In addition, we use technologies to fulfil legal obligations (e.g. to be able to prove consent to the processing of your personal data), as well as for web analysis and online marketing. Further information on this, including the respective legal basis, can be found in the following sections of this privacy policy.
We may use other technologies on our website that are not listed individually in this privacy policy. Further information about these technologies and their legal basis can be found on the platform of our consent management service provider Usercentrics.
We use such technologies as are strictly necessary for the use of certain functions on our website (e.g. shopping cart function). These technologies are used to collect and process IP addresses, visit time, device and browser information as well as information about your use of our website (e.g. information about your preferences). This serves to safeguard our legitimate interests in an optimised presentation of our offer pursuant to Art. 6(1)(f) GDPR, which prevail within the framework of a balancing of interests.
You can access the platform by clicking the fingerprint button in the lower right or left corner of the page.
You can find the cookie settings for your browser under the following links: Microsoft Edge / Safari / Chrome / Firefox / Opera.
If you have consented to the use of technologies pursuant to Art. 6(1)(a) GDPR, you can withdraw your consent at any time by sending a message to the contact option described in this privacy policy. Alternatively, you can also click the fingerprint button in the lower right or left corner of the page. If cookies are not accepted, the functionality of our website may be limited.
Each browser manages cookie settings differently. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find this information for each browser under the following links: Microsoft Edge / Safari / Chrome / Firefox / Opera.
Functional cookies: used for certain functions of our website, e.g. to improve navigation or to provide tailored and relevant information (e.g. advertising corresponding to your interests).
Targeting cookies: record information about your visit, previously visited pages and clicked links, to tailor our website and displayed ads to your interests.
Marketing cookies: record information about your visit, previously visited pages and clicked links, to tailor our website and ads to your interests.
Analytical / performance cookies: enable the collection of anonymised data about user behaviour. We analyse this, for example, to improve website functionality and recommend products that may be of interest.
Essential cookies: required for you to use our website, e.g. cookies that allow you to log in or place items in the shopping cart.
We use the Usercentrics Consent Management Platform (“Usercentrics”) to inform you about the cookies and technologies used on our website and to obtain, manage and document your consent for the processing of your personal data by these technologies.
This is necessary pursuant to Art. 6(1)(c) GDPR to comply with our legal obligation under Art. 7(1) GDPR to be able to demonstrate your consent.
Usercentrics is provided by Usercentrics GmbH, Sendlinger StraĂźe 7, 80331 Munich, Germany, which processes your data on our behalf. When you visit our website, the Usercentrics web server stores a server log file that also contains your anonymised IP address, the date and time of your visit, device and browser information, and information about your consent behaviour.
Your data is deleted after three (3) years, unless you have expressly consented to further use of your data pursuant to Art. 6(1)(a) GDPR, or we reserve the right to use your data beyond this in a manner permitted by law and about which we inform you in this privacy policy.
Our service providers are located in and/or use servers in countries for which the European Commission has determined an adequate level of data protection by decision: USA.
There is an adequacy decision of the European Commission for the USA as the basis for a third-country transfer, provided that the respective service provider is certified. The certification is available.
We use technologies on our website from service providers whose headquarters and/or server locations may be in third countries outside the EU/EEA. If there is no adequacy decision by the European Commission for the respective country, an adequate level of data protection must be ensured by other appropriate safeguards.
Appropriate safeguards may include the EU Standard Contractual Clauses or Binding Corporate Rules. However, a prior assessment may be required to determine whether an adequate level of protection can be ensured. According to case law of the CJEU, additional protective measures may be necessary.
In principle, we have agreed the EU Standard Contractual Clauses with technology providers who process personal data in a third country. Where possible, we also agree additional safeguards to ensure adequate data protection in third countries without an adequacy decision.
Nevertheless, it may happen that despite all contractual and technical measures, the level of data protection in the third country does not correspond to that within the EU. In such cases, we ask for your consent, where applicable in the context of cookie consent, pursuant to Art. 49(1)(a) GDPR for the transfer of your personal data to a third country.
In particular, there is a risk that local authorities in the third country may have access rights to your personal data that are not sufficiently limited from the perspective of EU data protection, that we as the data exporter or you as the data subject may not be aware of this, and/or that you may not have sufficient legal remedies to prevent or challenge such access.
The following countries are currently among the third countries without an adequacy decision by the European Commission (example list):
China, Russia, Taiwan.
Which third countries we transfer data to can be found in the data protection information of the respective tool and/or service we use for consent management / CMP.
If you have given us your consent pursuant to Art. 6(1)(a) GDPR, we use the following cookies and other third-party technologies on our website. The data collected in this context is deleted after the purpose has been fulfilled and we have ended the use of the respective technology.
You can withdraw your consent at any time with effect for the future. Further information on withdrawal options can be found in the section “Cookies and other technologies”.
We use the following technologies of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The information automatically collected by Google technologies about your use of our website is usually transmitted to and stored on a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Unless otherwise stated for individual technologies, data processing is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR. Further information on data processing by Google can be found in Google’s privacy policy.
Our service providers are located in and/or use servers in countries outside the EU/EEA for which no adequacy decision exists. Our cooperation is based on the EU Standard Contractual Clauses adopted by the European Commission.
For website analysis and event tracking, we use Google Ads Conversion Tracking to measure your subsequent user behaviour if you reached our website via a Google Ads advertisement. Cookies may be used for this purpose and data (IP address, time of visit, device and browser information as well as information about your use of our website based on events defined by us, such as visiting a website or subscribing to a newsletter) may be collected, from which usage profiles are created using pseudonyms.
Provided that you have given your consent pursuant to Art. 6(1)(a) GDPR, Trusted Shops widgets are integrated on this website to display Trusted Shops services (e.g. trustmark, collected reviews) after an order.
The Trustbadge and the services promoted with it are an offer of Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne, Germany (“Trusted Shops”), with whom we are jointly responsible under data protection law pursuant to Art. 26 GDPR. In this privacy notice, we inform you below about the essential contents of the agreement pursuant to Art. 26(2) GDPR.
Within the scope of joint responsibility between us and Trusted Shops AG, please preferably contact Trusted Shops via the contact options provided in their privacy policy if you have data protection questions and wish to assert your rights. However, you may also contact either controller at any time. Your request may then be forwarded to the other controller for response.
The Trustbadge is provided by a US-based CDN provider (Content Delivery Network). An adequate level of data protection is ensured by an adequacy decision of the European Commission for the USA (provided the provider is certified under the EU-U.S. Data Privacy Framework). Where service providers are not certified under the DPF, Standard Contractual Clauses have been concluded as an appropriate safeguard.
Each time the Trustbadge is accessed, the web server automatically stores a server log file containing, among other things, your IP address, date and time of access, the amount of data transferred and the requesting provider (access data), and the access itself. Immediately after collection, the IP address is anonymised so that the stored data cannot be directly attributed to you. The anonymised data is used in particular for statistical purposes and error analysis.
If you have consented, after completion of the order the Trustbadge accesses order information stored on your device (order total, order number, where applicable purchased product) and your email address. Your email address is hashed using a cryptographic one-way function. The hash value is then transmitted together with the order information to Trusted Shops pursuant to Art. 6(1)(a) GDPR.
This is used to verify whether you are already registered for Trusted Shops services. If so, further processing takes place in accordance with the contractual agreement between you and Trusted Shops. If you are not registered or you do not consent to automatic recognition via the Trustbadge, you will subsequently have the opportunity to register manually for the use of the services or to conclude buyer protection within the framework of your existing user agreement.
For this purpose, the Trustbadge accesses the following information stored on your device after you have completed your order: order total, order number and email address. This is necessary so that we can offer you buyer protection. Data is only transmitted to Trusted Shops if you expressly choose buyer protection by clicking the corresponding button in the so-called Trustcard. If you opt to use the services, further processing is based on the contractual agreement with Trusted Shops pursuant to Art. 6(1)(b) GDPR.
Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6(1)(f) GDPR to ensure smooth operation. Processing may take place in third countries (USA and Israel). An adequate level of data protection is ensured by adequacy decisions of the European Commission for the USA and Israel. Where providers are not certified, Standard Contractual Clauses have been concluded.
Our online presence on Facebook (by Meta) and Instagram (by Meta)
If you have given the respective social media provider your consent pursuant to Art. 6(1)(a) GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presence on the above social media platforms, and usage profiles will be created using pseudonyms. These may be used, for example, to display advertising within and outside the platforms that likely corresponds to your interests. Cookies are generally used for this purpose.
Detailed information on the processing and use of data by the respective social media provider, as well as a contact option and your rights and setting options to protect your privacy, can be found in the providers’ privacy policies linked there. If you need further help, please contact us.
Facebook (by Meta) is provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland. The information automatically collected about your use of our Facebook presence is usually transferred to and stored on a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA. Processing related to visiting a Facebook fan page is based on an agreement between joint controllers pursuant to Art. 26 GDPR.
Instagram (by Meta) is also provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland. Data collected about your use of our Instagram presence is usually transferred to and stored on a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA. Processing related to visiting an Instagram fan page is based on an agreement between joint controllers pursuant to Art. 26 GDPR.
For some countries there are adequacy decisions by the European Commission (e.g. USA where certified, Canada, Japan, South Korea, New Zealand, UK, Argentina). For other countries (e.g. Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico) there is no adequacy decision; the cooperation is based on EU Standard Contractual Clauses.
As a data subject, you have the following rights under:
If we process personal data as described above to safeguard our legitimate interests which prevail within the framework of a balancing of interests, you may object to such processing with effect for the future.
If your data is processed for direct marketing purposes, you may exercise this right at any time as described above. If your data is processed for other purposes, you have the right to object only on grounds relating to your particular situation.
After you have exercised your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.
This does not apply to the processing of personal data for direct marketing purposes. In such a case, we will no longer process your personal data for these purposes.
If you have questions about the collection, processing or use of your personal data; want to request information, correction, restriction or deletion; want to withdraw consent given; or want to object to a particular use of data, please contact us directly using the contact details stated in our legal notice (imprint).
Privacy policy created with the Trusted Shops legal text generator.
DE
TR