1. Purpose of and legal grounds for the processing of personal data
Your personal data is processed based on the following purposes and legal grounds:
1.1 Contractual relationship pursuant to Art. 6(1) lit b DS-GVO
We use the personal data you have voluntarily provided (name, address, date of birth, e-mail address) in accordance with Section 6, para. 1 lit. b DS-GVO to process contractual orders, to open a customer account or as part of pre-contractual measures.
1.2 Legitimate interest pursuant to Art. 6(1) lit. f DS-GVO
Based on legitimate interest pursuant to Art. 6(1) lit. f DS-GVO, we process the required data for the following purposes:
- In order to process orders and promotions, when necessary we will forward the required data to specialized service providers (IT, payment and logistics service providers, suppliers, call centers, parcel delivery services, letter shops) and to 21sportsgroup GmbH, 21run GmbH and mysportgroup GmbH. The data may only be stored and used by these service providers in order to perform their tasks. In the case of order processing, this processing is carried out in compliance with the regulations for order processing pursuant to Art. 28 DS-GVO.
- We process address and order data for our own advertising purposes, market and opinion research purposes, competitions, as well as for the promotional offers of our partner companies from various industries (charities, financial service providers, etc.) and carry out advertising scoring for interest-based advertising. Of course, you have the right to object at any time to the use of the data for advertising purposes / scoring or for market and opinion research purposes. Notification to this effect in written form sent to the contact information under point 6 (e. g. e-mail, fax, letter) is sufficient.
- Your e-mail address and telephone number are used for communication as part of order processing (confirmation of order and shipment, queries, notification of delivery, processing of supplier complaints). When goods are delivered by our shipping service providers (in particular DHL), we will forward your e-mail address to the shipping service provider for communication during the delivery process. You may object to the use of your e-mail address at any time. Notification to this effect in written form sent to the contact information under point 6 (e. g. e-mail, fax, letter) is sufficient.
1.3 Consent pursuant to Art. 6(1) lit. a DS-GVO
However, Klarna will continue to be entitled to process, use and transmit this personal data in the event that it is necessary for contractual payment processing by Klarna’s services.
2. Use of data for advertising purposes
When you subscribe to our newsletter, you receive regular information on current offers, competitions, coupon promotions and partner offers from the companies in our group of companies (Planet Sports GmbH). You must be over the age of 16 to register for the newsletter. We use the so-called double-opt-in method, i. e. we will only send you a newsletter if you confirm our notification e-mail by clicking the link provided to confirm that we should activate the newsletter service. The personal data collected during registration for the newsletter along with your consent pursuant to Art. 6(1) lit. a DS-GVO will be used for the distribution of newsletters, to process your queries and for specific product recommendations based on legitimate interest pursuant to Art. 6(1) lit. f DS-GVO. For statistical purposes, we evaluate in anonymous form which links were clicked in the newsletter. This e-mail address is not passed on to third parties, but is only used to send our own newsletter.
You can revoke your consent to receiving the newsletter and to the processing of your personal data at any time via the Unsubscribe link in the newsletter or via email@example.com.
2.2 Individual advertising tailored to your interests
The information you provide helps us to improve and tailor your shopping experience. We use existing information, such as receipt and read confirmations, order history, service history, date and time visiting the homepage, and products viewed. We use this information exclusively in pseudonymous form. The legal basis for this is Art. 6(1) lit f DS-GVO. Analyzing and evaluating this information enables us to improve our websites and our internet offering and to send you advertisement that could in fact be of interest to you. In this context, we will send you product recommendations via e-mail.
2.2.1 Product recommendations via e-mail
If we receive your e-mail address in connection with an order and if you have not objected to this, we reserve the right to regularly send you offers from our range of products and services in accordance with Sect. 7(3) UWG.
You will receive these product recommendations regardless of whether you have subscribed to a newsletter. In this way, we would like to inform you about the products we offer that may be of interest to you based on your recent purchases. If you do not wish to receive any product recommendations or any further advertising from us, you can object to this at any time. Notification in written form sent to the contact details provided under point 6 (e. g. e-mail, fax, letter) is sufficient. Of course, you will also find an Unsubscribe link in every e-mail.
2.2.2 Facebook Custom Audiences via customer lists
FTo continually enhance your shopping experience, we use the retargeting-tag Website Custom Audiences of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. In general, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which can be transmitted to Facebook for marketing and analysis purposes. Any transmission of customer lists will only be carried out using the hash method; the legal basis for this is Art. 6(1) lit f DS-GVO.
3. Duration of data storage
We store data as long as it is being used for the respective processing purposes (e. g. contract execution, warranty, advertising purposes) and for the fulfillment of commercial and tax-related retention provisions pursuant to Art. 6(1) lit. c DS-GVO and Section 257(1) HGB and Section 147(2) AO.
4. Data transfer outside of the EU
Data processing is primarily carried out in Germany or in states of the European Union. If processing is planned in certain instances in third countries, this processing will only be carried out if the level of adequacy of data protection in the third country has been established by the EU Commission according to Art. 45 DS-GVO or based on EU standard contractual clauses.
5. Entity responsible for processing personal data
The entity responsible for processing personal data in accordance with the General Data Protection Regulation is Planet Sports GmbH, Flößergasse 4, 81369 Munich, e-mail address: firstname.lastname@example.org, represented by the Managing Director Haiko Stüting.
6. Rights of disclosure and to lodge complaints
According to the General Data Protection Regulation, you have the right to receive free of charge any information pertaining to your stored data as well as the right to correction, deletion, limitation of processing, data portability and to lodge a complaint regarding your stored data. Please contact Planet Sports GmbH, Flößergasse 4, 81369 Munich or send an e-mail to email@example.com.
Moreover, you have the right to lodge a complaint with our supervisory authority concerning data privacy.
7. Information on your right to object pursuant to Art. 21 DS-GVO
For reasons arising out of your particular situation, you have the right at any time to object to the processing of any personal data relating to you, according to Art. 6(1) lit. f DS-GVO.
Moreover, you have the right to object to the processing of personal data for direct marketing purposes.
Notification to this effect in written form sent to the contact information under point 6 (e. g. e-mail, fax, letter) is sufficient.
8. Data security
We take technical and organizational measures to protect the privacy of the users of our website and the connected systems. To ensure the secure transmission of personal data, we use the SSL 3.0 encryption protocol (RSA-2048 is used as the underlying encryption method for the public key infrastructure). This method is used successfully throughout the entire World Wide Web. All personal data (name, address, payment information, etc.) is encrypted and thus transmitted securely on the internet. You will recognize it by a symbol (closed padlock) in the window bar of your browser, indicating that you are currently located in a secure area.