Privacy policy

General notice and mandatory information

Designation of the responsible body

The responsible party for data processing on this website is:

Roof Space GmbH

JaKob Heider

Quelkhorner Landstraße 89

28870 Ottersberg

 

The controller decides alone or jointly with others on the purposes and means of the processing of personal data (e.g. names, contact details or similar).

Revocation of your consent to data processing *

Some data processing operations are only possible with your express consent. A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to complain to the competent supervisory authority *

As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a data protection violation. The competent supervisory authority regarding data protection issues is the state data protection commissioner of the federal state in which our company's registered office is located. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability *

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The data will be provided in a machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.

Right of access, rectification, blocking, deletion *

Within the scope of the applicable legal provisions, you have the right at any time to free information about your stored personal data, the origin of the data, their recipients and the purpose of data processing and, if applicable, a right to correction, blocking or deletion of this data. In this regard and also for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.

SSL or TLS encryption *

For security reasons and to protect the transmission of confidential content that you send to us as site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the "https://" address line of your browser and the lock symbol in the browser line.

Hosting

Hosted by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of displaying the online store based on processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of Shopify's aforementioned services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on our behalf. In the event that data is transferred to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by adequacy decision of the European Commission. For further information on Shopify's data protection, please visit the following website: https://www.shopify.de/legal/datenschutz

Contact form *

Data transmitted via contact form will be stored, including your contact details, in order to be able to process your request or to be available for follow-up questions. This data will not be passed on without your consent.

The processing of the data entered in the contact form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to store it, or there is no longer any need to store the data. Mandatory legal provisions - in particular retention periods - remain unaffected.

YouTube *

For integration and display of video content, our website uses plugins from YouTube. The provider of the video portal is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

When a page with an integrated YouTube plugin is called up, a connection to the YouTube servers is established. This tells YouTube which of our pages you have accessed.

YouTube can assign your surfing behavior directly to your personal profile if you are logged into your YouTube account. You have the option to prevent this by logging out beforehand.

YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

Details on the handling of user data can be found in YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy.

Cookies *

Our website uses cookies. These are small text files that your web browser stores on your terminal device. Cookies help us to make our offer more user-friendly, effective and secure.

Some cookies are "session cookies." Such cookies are deleted by themselves after the end of your browser session. On the other hand, other cookies remain on your terminal device until you delete them yourself. Such cookies help us to recognize you when you return to our website.

With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured so that cookies are deleted automatically when the program is closed. Disabling cookies may result in limited functionality of our website.

The setting of cookies, which are necessary for the exercise of electronic communication processes or the provision of certain functions desired by you (e.g. shopping cart), is based on Art. 6 para. 1 lit. f DSGVO. As the operator of this website, we have a legitimate interest in storing cookies for the technically error-free and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these are dealt with separately in this privacy policy.


PayPal *

Our website enables payment via PayPal. The provider of the payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

If you pay with PayPal, the payment data you enter will be transmitted to PayPal.

The transfer of your data to PayPal is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing for the performance of a contract). A revocation of your already given consent is possible at any time. Data processing operations in the past remain effective in the event of a revocation.

Klarna *

Our website enables payment via Klarna. The payment service provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden.

When paying with Klarna (Klarna Checkout solution), Klarna collects various personal data from you. Details can be found in Klarna's privacy policy at: https://www.klarna.com/de/datenschutz/.

Klarna uses cookies to optimize the Klarna Checkout solution. This optimization represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. Cookies are small text files that your web browser stores on your terminal device. Cookies from Klarna remain on your end device until you delete them. Details on the use of Klarna cookies can be found at: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

The transfer of your data to Klarna is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing for the performance of a contract). A revocation of your already given consent is possible at any time. Data processing operations in the past remain effective in the event of a revocation.

Shopify Payments

We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered via the payment service provider Shopify Payments, the payment processing is carried out by the technical service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on your information provided during the ordering process together with information about your order (name, address, account number, bank code, credit card number if applicable, invoice amount, currency and transaction number) in accordance with Art. 6 (1) lit. b DSGVO. Your data will only be passed on for the purpose of payment processing with Stripe Payments Europe Ltd. and only insofar as it is necessary for this purpose. You can find more information about the data protection of Shopify Payments at the following internet address: https://www.shopify.com/legal/privacy.

You can find data protection information on Stripe Payments Europe Ltd. here: https://stripe.com/de/privacy

Apple Pay

If you choose the payment method "Apple Pay" of Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing is carried out via the "Apple Pay" function of your terminal device running iOS, watchOS or macOS by charging a payment card deposited with "Apple Pay". Apple Pay uses security functions integrated into the hardware and software of your device to protect your transactions. In order to release a payment, you must enter a code previously defined by you and verify it using the "Face ID" or "Touch ID" function of your end device.

For the purpose of payment processing, the information you provide during the ordering process, together with information about your order, is passed on to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment is made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the success of the payment.

Insofar as personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) lit. b DSGVO.

Apple retains anonymized transaction data, including the approximate amount of the purchase, the approximate date and time, and whether the transaction was completed successfully. The anonymization completely eliminates any reference to individuals. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.

When you use Apple Pay on iPhone or Apple Watch to complete a purchase made through Safari on Mac, the Mac and the authorization device communicate over an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can identify you personally. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to "Wallet & Apple Pay", and uncheck "Allow payments on Mac".

Further information on data protection with Apple Pay can be found at the following Internet address: https://support.apple.com/de-de/HT203027

 

Google Pay

If you choose the payment method "Google Pay" of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), the payment processing is carried out via the "Google Pay" application of your mobile device running at least Android 4.4 ("KitKat") and having an NFC function by charging a payment card deposited with Google Pay or a payment system verified there (e.g. PayPal). For the release of a payment via Google Pay in the amount of more than €25, the prior unlocking of your mobile end device by the respective verification measure set up (such as facial recognition, password, fingerprint or pattern) is required.

For the purpose of payment processing, the information you provide during the ordering process, together with information about your order, will be passed on to Google. Google then transmits your payment information stored in Google Pay in the form of a uniquely assigned transaction number to the source website, which is used to verify a completed payment. This transaction number does not contain any information about the real payment data of your payment means deposited in Google Pay, but is created and transmitted as a one-time valid numeric token. For all transactions via Google Pay, Google only acts as an intermediary to process the payment transaction. The transaction is carried out exclusively in the relationship between the user and the source website by debiting the means of payment deposited with Google Pay.

Insofar as personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) lit. b DSGVO.

Google reserves the right to collect, store and analyze certain transaction-specific information for each transaction made through Google Pay. This includes the date, time and amount of the transaction, merchant location and description, a description provided by the merchant of the goods or services purchased, photos you attached to the transaction, the name and email address of the seller and buyer or sender and recipient, the payment method used, your description for the reason for the transaction, and the offer associated with the transaction, if applicable.

According to Google, this processing is carried out exclusively in accordance with Art. 6 para.1 lit. f DSGVO on the basis of the legitimate interest in proper billing, verification of transaction data and optimization and functional maintenance of the Google Pay service.

Google also reserves the right to merge the processed transaction data with further information that is collected and stored by Google when using other Google services.

The terms of use of Google Pay can be found here:

https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de

You can find further information on data protection with Google Pay at the following Internet address:

https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

 

-------

* Source: Data protection configurator from mein-datenschutzbeauftragter.de