Data protection and privacy rights for
Data protection declaration of
Schönstraße 10 | 81543 München
Phone: +49 89 630205300
Contact details of the data protection officer
Phone: +49 89 630205300
Thank you for your interest in our company. Data protection has a very special significance for the management of 4everTREND GmbH. In principle, our Internet pages can be used without providing personal data. If a data subject wishes to make use of certain offers from our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary for us and there is no legal basis for this processing, we will obtain the consent of the data subject.
The processing of personal data, such as a person’s first and last name, home address, e-mail address or telephone number, is always carried out in accordance with the European General Data Potection Regulation and the German BDSG. With this data protection declaration, our company would like to inform about the type, purpose and scope of the personal data collected, used and processed by us. We also inform affected persons in this data protection declaration about their rights.
Explanation of terms
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
The person responsible is the person who processes, collects or transmits the data of the data subject.
Technical aspects (server log files)
Our web space provider collects data about every access to the offer (so-called server log files). These include: Name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (this is the previously visited page), IP address and the requesting provider. We use the log data only for statistical evaluations for the purpose of operation, security and optimisation of the offer. We reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence.
Handling of personal data
Who receives your personal data?
Within our company, those areas receive access to the personal data provided by you, which are necessary for the fulfilment of contractual and legal obligations and which are entitled to process this data.
In fulfilment of the contract concluded with you, we use, for example, shipping service providers, payment service providers, credit card companies and the like. Your data will also be passed on to the authorities that require it for legal reasons, e.g. tax authorities, social insurance carriers, competent authorities and courts.
Within the scope of our services, we commission contractors who contribute to the fulfilment of contractual obligations, e.g. computer centre service providers, EDP partners, document shredders etc.. These contractors are contractually bound by us to comply with the requirements of the GDPR and the BDSG.
Will the data you provide be transferred to third countries or international organisations?
Under no circumstances will the data you provide be transferred to a third country or an international organisation. Should you wish to transfer the data you have provided to a third country or an international organisation in individual cases, we will only do so with your written consent.
Duration of processing (criteria for deletion)
The data provided by you will be processed for as long as it is necessary to achieve the contractually agreed purpose, in principle as long as the contractual relationship with you exists. After termination of the contractual relationship, the data provided by you will be processed to comply with legal storage obligations or on the basis of our legitimate interests. After expiry of the legal retention periods and/or the loss of our legitimate interests, the data provided by you will be deleted.
Expected periods of the storage obligations applicable to us and our legitimate interests:
- Fulfilment of commercial and tax storage obligations. The periods for storage and documentation specified there range from two to ten years.
- Preservation of evidence under the statute of limitations. According to §§ 195 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is three years.
There are two types of cookies: temporary (session cookies) and permanent cookies. Persistent cookies are stored on your computer or mobile device for up to twelve months. Session cookies are only temporarily stored and are automatically deleted when you close your browser session. We use persistent cookies, for example, to save your selection of the start page and your data if you selected the “Save data” option when logging in. We use session cookies to check whether you are logged in or whether you have placed an item in your shopping cart when using the product filter.
We also use third party cookies to collect data using analysis tools such as Google Analytics. These are both permanent and session cookies. Persistent cookies are stored on your computer or mobile device for a maximum of 24 months.
Contact form integration
When contacting us via contact form or e-mail, the user’s details for processing the request and in the event that follow-up questions arise are stored.
Existence of automated decision making
As a responsible company, we do not use automatic decision-making or profiling.
Use of Google Analytics
We use Google Analytics from Google Inc. “(“Google”). Google Analytics uses “cookies”. The information generated by the cookie about the use of this website by users is usually transferred to a Google server in the USA and stored there. However, when IP anonymisation is activated on our website, Google will reduce the IP addresses of users within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this website. On our behalf, Google uses this information to evaluate the use of the website by users, to generate reports on website activity and to provide the website operator with other services relating to website and Internet use.
The IP address transmitted by Google Analytics from your browser is never merged with other Google data. If you wish, you can prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
You can subscribe to our company newsletter on our website. The personal data transmitted when ordering the newsletter can be found in the order form for the newsletter. We inform our customers and business partners at regular intervals by means of a newsletter about offers from our company. For legal reasons, new subscribers to the newsletter will receive a confirmation e-mail in the double opt-in procedure to their registered e-mail address. This confirmation e-mail serves to check whether the owner of the e-mail address really wishes to receive the newsletter.
When registering for the newsletter, we store the IP address of the computer system used by the person concerned at the time of registration and the date and time of registration assigned by the Internet Service Provider (ISP). The storage of this data is necessary in order to be able to trace (possible) misuse of an e-mail address at a later point in time and therefore serves our legal protection. The personal data collected when registering for the newsletter will be used exclusively for sending the newsletter. Of course we do not pass your personal data on to third parties. An exception is the respective newsletter hoster. These can be e.g. CleverReach, Rapidmail and Mailchimp. These have their servers partly in America. The Privacy Shield ensures a level of data protection equivalent to that of the EU. We have concluded employment processing contracts with the providers to ensure that their personal data is handled in accordance with the regulations of the DSGVO.
You can cancel your subscription to our newsletter at any time. Your consent to the storage of your personal data for the newsletter dispatch can be revoked at any time. Each newsletter contains a link to revoke your consent. It is also possible to unsubscribe directly from the newsletter at any time by notifying us.
We have integrated components from PayPal, Startec and Heidelpay on this website. PayPal and Heidelpay are payment service providers. PayPal’s European operating company is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
heidelpay GmbH is an international payment institution within the meaning of the Payment Services Supervision Act (ZAG), approved and supervised by the Federal Financial Supervisory Authority (Register No. 122914). StarTec Payment & Service GmbH Gotenstraße 10, 20097 Hamburg is a service provider in the field of cashless payment.
If the person concerned selects “PayPal”, Startec or Heidelpay as a payment option in our online shop during the order process, the necessary data of the person concerned are automatically transmitted to PayPal, Startec or Heidelpay. By selecting this payment option, the person concerned consents to the transfer of personal data required for payment processing.
The personal data transmitted to PayPal, Startec or Heidelpay is generally first name, last name, address, e-mail address, IP address, telephone number, mobile phone number or other data required for payment processing. Personal data in connection with the respective order are also necessary for the processing of the purchase contract.
This data is transmitted for payment processing and fraud prevention purposes. We transmit personal data to PayPal, Startec or Heidelpay in particular if there is a legitimate interest in the transmission. Personal information exchanged between us and PayPal, Startec or Heidelpay may be transferred by PayPal or Heidelpay to credit agencies. The purpose of this transmission is to verify identity and creditworthiness.
PayPal, Startec or Heidelpay may pass on personal data to affiliated companies and service providers or subcontractors to the extent necessary to fulfil the contract. You can revoke your consent to the handling of personal data at any time to PayPal, Startec or Heidelpay. However, a revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.
The valid data security regulations of heidelpay can be called up under https://www.heidelpay.com/de/datenschutz/.
Information about your right
– Right to rectification according to Art. 16 GDPR:
You have the right to request the person responsible to correct your incorrect personal data without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.
– Right to erasure (“right to be forgotten”) according to Art. 17 GDPR:
You have the right to demand that the person responsible delete your data immediately. The person responsible is obliged to delete personal data immediately if one of the following reasons applies:
- a) purposes for which the personal data was collected no longer apply
- b) You revoke your consent to the processing. There is no other legal basis for the processing.
- c) you object to the processing. There is no other legal basis for the processing.
- d) The personal data have been processed unlawfully.
- e) The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject.
- f) the personal data have been collected in relation to information society services provided in accordance with Article 8(1).
– Right to restriction of processing in accordance with Art. 18 GDPR&. § 35 BDSG:
You have the right to request a limitation of the processing if one of the following conditions is met:
- a) You doubt the accuracy of the personal data.
- b) the processing is unlawful, but you refuse to delete it.
- c) Personal data is no longer required for the purposes of processing; however, you will need the data to assert, exercise or defend legal claims.
- d) You have filed an objection against the processing pursuant to Art. 21 para. 1 GDPR. As long as it has not yet been determined whether the legitimate reasons of the responsible person outweigh you, the processing will be restricted.
– Right to data portability in accordance with Art. 20 GDPR:
You have the right to receive the data provided by you in a structured, common and machine-readable format from the person responsible. A forwarding to another responsible person may not be hindered by us.
– Right to object according to Art. 21 GDPR:
To do this, please contact the person responsible for processing (see above)
– Right of appeal to the supervisory authority pursuant to Art. 13 para. 2 lit. d, 77 GDPR V. m § 19 BDSG:
If you believe that the processing of your data violates the DS GMO, you have the right to lodge a complaint with the regulatory authority. For this purpose, please contact the responsible supervisory authority.
– Withdrawal of consent pursuant to Art. 7 para. 3 GDPR:
If the processing is based on your consent in accordance with Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a (processing of special categories of personal data), you are entitled to withdraw the appropriately bound consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
For further information, please contact
Your trust is important to us. Therefore, we would like to be available to answer your questions regarding the dissemination of your personal data at any time. If you have any questions that this data protection declaration could not answer, or if you would like more detailed information on any point, please contact email@example.com.
Data protection declaration of
Status: May 2018