Entity responsible for data processing
Responsible for the processing of personal data on this website is (see imprint): IDEAL-ALPHA GmbH, Kaiser-Friedrich-Str. 90, 10585 Berlin, Germany
Contact for data protection enquiries:
E-mail: rainbow@ideal-alpha.com
We are delighted that you are visiting our website. The protection of your privacy and the protection of your personal data when using our website is very important to us.
According to Art. 4 No. 1 GDPR, personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your first and last name, your address, your telephone number, your email address, but also your IP address.
Data that cannot be linked to your person, for example through anonymisation, is not personal data. Processing (e.g. collection, storage, retrieval, consultation, use, transmission, erasure or destruction) in accordance with Art. 4 No. 2 GDPR always requires a legal basis or your consent. Processed personal data must be deleted as soon as the purpose of the processing has been achieved and there are no longer any statutory retention obligations to be complied with.
Here you will find information on how we handle your personal data when you visit our website. In order to provide the functions and services of our website, it is necessary for us to collect personal data about you.
We also explain to you the type and scope of the respective data processing, the purpose and the corresponding legal basis and the respective storage period.
|
This privacy policy applies only to this website. It does not apply to other websites to which we merely refer via a hyperlink. We cannot accept any responsibility for the confidential handling of your personal data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please refer directly to these websites for information on how these companies handle your personal data. |
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until it is automatically deleted:
We process the aforementioned data for the following purposes:
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.
2.2. Storage duration
As soon as the aforementioned personal data is no longer required to display the website, it will be deleted. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object to this aspect. Further storage may take place in individual cases if this is required by law.
For the hosting of our website and the presentation of the page content, we use a provider that provides its services itself or through selected subcontractors exclusively on servers within the European Union.
All data collected on our website is processed on these servers.
We have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.
Personal data such as name, address, email address and payment information are processed in order to process your orders and process payments. This processing is necessary for the fulfilment of the contract (Art. 6 para. 1 lit. b GDPR). For payment processing, we pass on your data to the following payment service providers:
We work together with logistics service providers to process the shipment, to whom we transfer the data required to deliver your order (name, address). The data is passed on for the fulfilment of the contract (Art. 6 para. 1 lit. b GDPR).
In order to make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. Some of these cookies are automatically deleted after you close your browser (so-called "session cookies"), while others remain on your device for longer and enable page settings to be saved (so-called "persistent cookies"). In the latter case, you can find the storage period in the cookie settings overview of your web browser.
We use different types of cookies on our website:
If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the execution of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in the case of consent given or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Please note that if you do not accept cookies, the functionality of our website may be restricted.
6.1. Cookie Consent Tool
This website uses a so-called cookie consent tool to obtain user consent for the use of cookies and other tracking technologies. During your visit, you will be shown a user interface that allows you to give your consent for certain cookies and/or applications. Cookies are only set when you confirm your consent by ticking a box.
Legal basis: The processing of personal data, such as the IP address, is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in legally compliant and user-specific consent management. A further legal basis is provided by Art. 6 para. 1 lit. c GDPR, as we as the controller are obliged to make the use of cookies that are not absolutely necessary dependent on the consent of the user.
6.2. Legal basis
Due to the purposes of use described, the legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f) GDPR. If you have given us your consent to the use of cookies on the basis of a notice ("cookie banner") provided by us on the website , the legal basis is additionally Art. 6 para. 1 lit. a) GDPR.
6.3. Storage duration
As soon as the data transmitted to us via the cookies is no longer required for the purposes described above, this information is deleted. Further storage may take place in individual cases if this is required by law.
7.1. Type and scope of data processing
We collect personal data about you in the pre-contractual area and upon conclusion of the contract. This concerns, for example, your first and last name, address, e-mail address, telephone number or bank details.
7.2. Purpose and legal basis of data processing
We collect and process this data exclusively for the purpose of executing the contract or fulfilling pre-contractual obligations.
The legal basis for this is Art. 6 (1) (b) GDPR. If you have also given your consent, the additional legal basis is Art. 6 para. 1 lit. a) GDPR.
7.3 Storage duration
The data will be deleted as soon as it is no longer required for the purpose of its processing.
In addition, there may be statutory retention obligations, for example commercial or tax retention obligations under the German Commercial Code (HGB) or the German Fiscal Code (AO). If such retention obligations exist, we will block or delete your data at the end of these retention obligations.
8.1. Type and scope of data processing
You can register on our website. When you register, we collect and store the data you enter in the input mask (e.g. surname, first name, e-mail address). This data is not passed on to third parties.
8.1. Purpose and legal basis of data processing
Your registration is required for the use of certain content and services on our website or for the fulfilment of a contract or for the implementation of pre-contractual measures. After registration, you are free to change the personal data provided during registration at any time or to have it completely deleted from the controller's database.
The legal basis for processing in the case of consent is Art. 6 para. 1 lit. a)
GDPR. If your registration serves to prepare the conclusion of a contract, Art. 6 para. 1 lit. b) GDPR is an additional legal basis.
8.2. Storage duration
The data collected during registration will be stored by us for as long as you are registered on our website and will then be deleted. Statutory retention periods remain unaffected.
We only pass on your personal data to third parties if:
9.1. you have given your express consent to this in accordance with Art. 6 para. 1 lit. a) GDPR.
9.2. this is permitted by law and is necessary for the fulfilment of a contractual relationship with you or the implementation of pre-contractual measures in accordance with Art. 6 para. 1 lit. b) GDPR.
9.3. there is a legal obligation for the transfer in accordance with Art. 6 para. 1 lit. c) GDPR.
9.4. We are legally obliged to transfer data to state authorities, e.g. tax authorities, social insurance institutions, health insurance funds, supervisory authorities and law enforcement agencies.
9.5. the disclosure pursuant to Art. 6 para. 1 lit. f) GDPR is necessary for the protection of legitimate company interests, as well as for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
9.6. in accordance with Art. 28 GDPR, we use external service providers, so-called processors, who have been obliged to handle your data with care.
We use such service providers in the following areas:
When transferring data to external bodies in third countries, i.e. outside the EU or the EEA, we ensure that these bodies treat your personal data with the same care as within the EU or the EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we ensure the careful handling of personal data through contractual agreements or other suitable guarantees.
10.1. Type and scope of data processing
You can comment on posts on our website. If you comment on a post, we collect and store the data you enter in the input mask. In addition to the comments you leave, details of the time you entered the comment and any user name (pseudonym) you have chosen will also be stored and published. The IP address assigned by the data subject's Internet service provider (ISP) is also stored. This information is not passed on to third parties.
10.2. Purpose and legal basis
The data transmitted by you (e.g. the IP address) is used for security reasons and in the event that the person concerned violates the rights of third parties or posts illegal content by posting a comment.
This collected personal data will not be passed on to third parties unless such a transfer is required by law or serves the legal defence of the controller.
The legal basis for the processing of personal data transmitted when using the comment function is, if and insofar as you have given your consent, Art. 6 para. 1 lit. a) GDPR. You can revoke this consent at any time The legality of the data processing operations that have already taken place remains unaffected by the revocation.
Another legal basis is Art. 6 para. 1 lit. f) GDPR.
We have a legitimate interest in processing if the rights of third parties are violated or illegal content is posted. This is for security reasons in the event that someone posts illegal content in comments and posts (insults, prohibited political propaganda, etc.)
10.3. Storage duration
The comments and the associated data (e.g. IP address) are stored and remain on our website until the commented content has been completely deleted or the comments must be deleted for legal reasons.
You can contact us by e-mail on our website.
11.1. Type and scope of data processing
You can contact us by e-mail. Our data collection is limited to the e-mail address of the e-mail account you use to contact us and any personal data you provide when contacting us.
11.2. Purpose and legal basis
The purpose of data processing is to enable us to respond to your enquiry appropriately. The legal basis for this is Art. 6 para. 1 lit. f) GDPR. There is a legitimate interest in the processing of the above-mentioned personal data in order to be able to process your request properly.
11.3. Storage duration
The duration of the storage of the above-mentioned data depends on the background of your contact. Your personal data will be deleted regularly if the purpose of the communication no longer applies and storage is no longer necessary. This may result, for example, from the processing of your request.
12.1. Subscribe to our e-mail newsletter
If you subscribe to our e-mail newsletter, we will send you regular information about our offers. The only mandatory information for sending the newsletter is your e-mail address. The provision of further data is voluntary and is used to address you personally. We use the so-called double opt-in procedure for sending the newsletter, which ensures that you only receive newsletters if you have expressly confirmed your consent to receive the newsletter by clicking on a verification link sent to the email address provided.
By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 para. 1 lit. a GDPR. We store your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data we collect when you register for the newsletter is used strictly for the intended purpose.
You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the controller named at the beginning. Once you have cancelled your subscription, your e-mail address will be deleted from our newsletter mailing list immediately, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.
12.2. Shopping basket reminders by e-mail
If you cancel your purchase with us before completing the order, you have the option of receiving a one-off e-mail reminder of the contents of your virtual shopping basket.
The only mandatory information for sending this reminder is your e-mail address. The provision of further data is voluntary and may be used to address you personally. We use the so-called double opt-in procedure for sending emails, which ensures that you only receive a notification if you have expressly confirmed your consent to this by clicking on a verification link sent to the email address provided.
By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 para. 1 lit. a GDPR for sending a shopping basket reminder. We store your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data we collect when you register for our e-mail notification service is used strictly for the intended purpose.
You can unsubscribe from the shopping basket reminders at any time by sending a corresponding message to the controller named at the beginning. After cancellation, your e-mail address will be deleted immediately from our mailing list set up for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.
We use tracking and analysis tools to ensure the continuous optimisation and needs-based design of our website. The use of tracking and analysis measures also enables us to statistically record the use of our website by visitors and to further develop our online presence for you based on the knowledge gained.
We have a legitimate interest in this, which justifies the use of the tracking and analysis tools described below in accordance with Art. 6 para. 1 lit. f) GDPR.
If you have given us your consent to the use of cookies on the basis of a notice ("cookie banner") provided by us on the website, the legality of the use is additionally governed by Art. 6 para. 1 lit. a) GDPR.
The type, scope and respective processing purposes can be found in the following description of the tracking and analysis tools.
Google Services
Meta Services (Facebook & Instagram)
Other Services
We are committed to protecting your privacy and treating your personal data confidentially. To this end, we take extensive technical and organisational security precautions, which are regularly reviewed and adapted to technological progress.
This includes the use of recognised encryption methods (SSL or TLS). However, data disclosed in unencrypted form, for example by unencrypted e-mail, may be read by third parties. We have no influence over this. It is the responsibility of the respective user to protect the data provided by them against misuse through encryption or in any other way.
The data collected will only be stored for as long as is necessary to fulfil the processing purposes. Statutory retention periods are observed.
We reserve the right to update this declaration at any time if necessary
Your rights under the GDPR
You have the following rights in relation to your personal data. You can contact us at any time to exercise these rights:
17.1. Right to withdraw consent (Art. 7 (3) GDPR)
You can withdraw your consent at any time with effect for the future.
17.2. Right to information (Art. 15 GDPR):
You have the right to obtain information about your personal data processed by us.
17.3. Right to rectification (Art. 16 GDPR):
You may request the rectification of inaccurate data or the completion of incomplete data.
17.4. Right to erasure (Art. 17 GDPR)
You have the right to request the erasure of your personal data, provided there are no legal obligations or other legitimate grounds to the contrary.
17.5. Right to restriction of processing (Art. 18 GDPR):
Under certain conditions, you can request the restriction of the processing of your data.
17.6. Right to data portability (Art. 20 GDPR)
You have the right to receive your data in a structured, commonly used and machine-readable format or to request its transmission to another controller.
17.7. Right to object (Art. 21 GDPR)
You can object to the processing of your data at any time, in particular if it is based on a legitimate interest or is used for direct advertising.
17.8. Right to lodge a complaint (Art. 77 GDPR):
You can lodge a complaint with a data protection supervisory authority if you believe that the processing of your data is unlawful.