Data protection

Data protection
We are pleased about your interest in our online shop. Protecting your privacy is very important to us at Golden Heart. Below we will inform you in detail about how your data is handled.

1. Access data and hosting
You can visit our websites without providing any personal information. Every time a website is accessed, the web server automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, date and time of retrieval, amount of data transferred and the requesting provider (access data) and documents the retrieval.

This access data is evaluated exclusively for the purpose of ensuring trouble-free operation of the site and improving our offering. In accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR, this serves to protect our legitimate interests, which predominate in the context of a balancing of interests, in a correct presentation of our offer. All access data will be deleted no later than seven days after the end of your visit to the site.

Hosting services provided by a third party
As part of processing on our behalf, a third-party provider provides us with the services of hosting and displaying the website. This serves to protect our legitimate interests, which predominate in the context of a balancing of interests, in a correct presentation of our offer. All data collected as part of the use of this website or in the forms provided in the online shop as described below are processed on its servers. Processing on other servers only takes place within the framework explained here.

This service provider is based in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.

2. Data collection and use for contract processing and when opening a customer account
We collect personal data if you voluntarily provide it to us as part of your order, when contacting us (e.g. via contact form or email) or when opening a customer account. Mandatory fields are marked as such because in these cases we absolutely need the data to process the contract or to process your contact or open a customer account and without providing them you will not be able to complete the order and/or open the account or send the contact message . Which data is collected can be seen from the respective input forms. We use the data you provide in accordance with Article 6 Paragraph 1 Sentence 1 Letter b GDPR to process the contract and process your inquiries. After the contract has been fully processed or your customer account has been deleted, your data will be restricted for further processing and deleted after the tax and commercial law retention periods have expired, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this is permitted by law and about which we inform you in this statement. Your customer account can be deleted at any time and can be done either by sending a message to the contact option described below or using a function provided for this purpose in the customer account.

3. Data sharing
In order to fulfill the contract in accordance with Article 6 Paragraph 1 Sentence 1 Letter b GDPR, we pass on your data to the shipping company commissioned with the delivery, to the extent that this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we pass on the payment data collected for this purpose to the credit institution responsible for the payment and, if applicable, the payment service provider commissioned by us, or to the selected payment service, in order to process payments. In some cases, the selected payment service providers also collect this data themselves if you create an account there. In this case, you must log in to the payment service provider with your access data during the ordering process. The data protection declaration of the respective payment service provider applies.

We use payment service providers and shipping service providers who are based in a country outside the European Union. Personal data is only transmitted to these companies if necessary to fulfill the contract.

Data transfer to shipping service providers
If you have given us your express consent to this during or after your order, we will pass on your telephone number to the selected shipping service provider in accordance with Art .-voting can contact you.

Consent can be revoked at any time by sending a message to the contact option described below or directly to the shipping service provider at the contact address listed below. After revocation, we will delete the data you provided for this purpose unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this declaration.

United Parcel Service Deutschland S.à.rl & Co. OHG
Görlitzer Str 1
41460
Neuss

4. Cookies
In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages. This serves to protect our legitimate interests, which predominate in the context of a balancing of interests, in an optimized presentation of our offer in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognize your browser the next time you visit (persistent cookies). The duration of storage can be found in the overview in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:
Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Safari™: https://support.apple.com/kb/ph21411?locale=de_DE
Chrome™: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Firefox™ https://support.mozilla.org/de/kb/cookies-allow-und-reject
Opera™: http://help.opera.com/Windows/10.20/de/cookies.html

If you do not accept cookies, the functionality of our website may be restricted.

5. Contact options and your rights
As a data subject, you have the following rights:

in accordance with Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein;
in accordance with Art. 16 GDPR, you have the right to immediately request the correction of incorrect or complete personal data stored by us;
In accordance with Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless further processing is required
- to exercise the right to freedom of expression and information;
- to fulfill a legal obligation;
- for reasons of public interest or
- to assert, exercise or defend legal claims
is required;
in accordance with Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data, to the extent that
- you dispute the accuracy of the data;
- the processing is unlawful but you object to its deletion;
- we no longer need the data, but you need it to assert, exercise or defend legal claims or
- you have objected to the processing in accordance with Art. 21 GDPR;
in accordance with Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible;
in accordance with Art. 77 GDPR you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or work or at our company headquarters.

If you have any questions about the collection, processing or use of your personal data, information, correction, blocking or deletion of data as well as revocation of consent given or objection to a specific use of data, please contact us directly using the contact details in our legal notice.
**************************************************** *****************
Right to object
To the extent that we process personal data as explained above to protect our legitimate interests, which predominate in the context of a balancing of interests, you can object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. If processing is carried out for other purposes, you only have the right to object if there are reasons that arise from your particular situation.

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing is necessary for the establishment, exercise or defense of serves legal claims.

This does not apply if the processing is carried out for direct marketing purposes. We will then no longer process your personal data for this purpose. **************************************************** *****************