Data protection declaration
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we will inform you about how we handle your personal data when you use our website. Personal data is all data with which you can be personally identified.
1.2 The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Detlef Kretschmann, memorio, Berliner Straße 97, 13189 Berlin, Deutschland, Tel.: 004917663099501, E-Mail: info@memorio.info. The controller in charge of the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
2.1 When using our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to the site server (so-called „server log files“). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.
2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller). You can recognise an encrypted connection by the character string „https://“ and the lock symbol in your browser line.
3.1 For the hosting of our website and the presentation of the page content, we use a provider who provides its services itself or through selected subcontractors exclusively on servers within the European Union.
All data collected on our website is processed on these servers.
We have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.
3.2 Google Cloud CDN
We use a content delivery network of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
This service enables us to deliver large media files such as graphics, page content or scripts faster via a network of regionally distributed servers. The processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website in accordance with Art. 6 para. 1 lit. f GDPR.
Data can also be transferred to: Google LLC, USA
We have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
4) Cookies
In order to make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. Some of these cookies are automatically deleted after closing the browser (so-called „session cookies“), others remain on your end device for longer and enable page settings to be saved (so-called „persistent cookies“). In the latter case, you can find the storage period in the cookie settings overview of your web browser.
If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 Para. 1 lit. b GDPR either for the fulfilment of the contract, in accordance with Art. 6 Para. 1 lit. a GDPR in the case of consent given or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general.
Please note that if you do not accept cookies, the functionality of our website may be limited.
5.1 WhatsApp Business
We offer visitors to our website the opportunity to contact us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called „business version“ of WhatsApp.
If you contact us via WhatsApp regarding a specific transaction (e.g. a completed order), we will store and use the mobile phone number you use on WhatsApp and, if provided, your first and last name in accordance with Art. 6 para. 1 lit. b. GDPR to process your request. GDPR to process and respond to your request. On the same legal basis, we may ask you to provide further data (order number, customer number, address or email address) via WhatsApp in order to be able to assign your enquiry to a specific process.
If you use our WhatsApp contact for general enquiries (e.g. about our range of services, availability or our website), we store and use the mobile phone number you use on WhatsApp and, if provided, your first and last name in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in the efficient and timely provision of the requested information.
Your data will only ever be used to respond to your request via WhatsApp. It will not be passed on to third parties.
Please note that WhatsApp Business receives access to the address book of the mobile device we use for this purpose and automatically transfers telephone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. To operate our WhatsApp Business account, we use a mobile device whose address book only stores the WhatsApp contact data of those users who have also contacted us via WhatsApp.This ensures that every person whose WhatsApp contact details are stored in our address book has already consented to the transmission of their WhatsApp telephone number from the address books of their chat contacts in accordance with Art. 6 para. 1 lit. a GDPR when using the app on their device for the first time by accepting the WhatsApp terms of use. In this respect, the transfer of data of users who do not use WhatsApp and/or have not contacted us via WhatsApp is excluded.
The purpose and scope of the data collection and the further processing and use of the data by WhatsApp as well as your rights and setting options to protect your privacy can be found in WhatsApp's privacy policy: https://www.whatsapp.com
We have concluded an order processing contract with the provider, which protects the data of our site visitors and prohibits disclosure to third parties.
Data may be transferred to Meta Platforms Inc. servers in the USA as part of the above-mentioned processing.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.
5.2 When you contact us (e.g. via contact form or e-mail), personal data will only be processed for the purpose of processing and responding to your request and only to the extent necessary for this purpose.
The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
In the context of the comment function on this website, in addition to your comment, information about the time the comment was created and the commentator name you have chosen will be stored and published on this website. Your IP address will also be logged and stored. This storage of the IP address is done for security reasons and in the event that the person concerned violates the rights of third parties or posts illegal content by posting a comment. We need your email address in order to contact you if a third party should object to your published content as unlawful.
The legal basis for the storage of your data is Art. 6 para. 1 lit. b and f GDPR. We reserve the right to delete comments if they are objected to by third parties as unlawful.
In accordance with Art. 6 para. 1 lit. b GDPR, personal data will continue to be collected and processed to the extent necessary if you provide it to us when opening a customer account. The data required to open an account can be found in the input mask of the corresponding form on our website.
Cancellation of your customer account is possible at any time and can be done by sending a message to the above-mentioned address of the controller. After deletion of your customer account, your data will be deleted, provided that all contracts concluded via it have been fully processed, there are no statutory retention periods to the contrary and we have no legitimate interest in further storage.
8) Data processing for order processing
8.1 Insofar as necessary for the execution of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 Para. 1 lit. b GDPR.
If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data (name, address, email address) provided by you when placing the order in order to inform you personally within the scope of our statutory information obligations in accordance with Art. 6 para. 1 lit. c GDPR by suitable means of communication (e.g. by post or e-mail) to inform you personally about upcoming updates within the legally prescribed period. Your contact details will be used strictly for the purpose of notifying you of updates owed by us and will only be processed by us for this purpose to the extent that this is necessary for the respective information.
In order to process your order, we also work together with the following service provider(s), who support us in whole or in part in the fulfilment of concluded contracts. Certain personal data will be transmitted to these service providers after the following information has been provided
8.2 We work together with external shipping partners to fulfil our contractual obligations to our customers. We pass on your name and your delivery address and, if necessary for delivery, your telephone number, exclusively for the purpose of delivering goods in accordance with Art. 6 para. 1 lit. b GDPR to a shipping partner selected by us.
8.3 Post & DHL shipping (official)
We use the services of the following provider to prepare the dispatch: Deutsche Post DHL Research And Innovation GmbH, Kurt-Schumacher-Str. 1, 53113 Bonn
.
In accordance with Art. 6 para. 1 lit. b GDPR, we transmit digital shipping labels with your delivery information exclusively for the purpose of processing your online order from our order processing system to the provider, who then sends them to our local printers to enable printing. The data will only be passed on if this is actually necessary for processing.
8.4 Use of payment service providers (payment services)
- Klarna
One or more online payment methods are available on this website from the following provider: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden
If you select a payment method of the provider for which you make advance payment (such as credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 para. 1 lit. b GDPR. In this case, your data will only be passed on for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose.
When selecting a payment method for which the provider makes an advance payment (such as invoice or instalment purchase or direct debit), you will also be asked to provide certain personal data (first and last name, street, house number, postcode, city, date of birth, e-mail address, telephone number, possibly data on an alternative means of payment) during the order process.
In order to safeguard our legitimate interest in determining our customers' ability to pay, we forward this data to the provider in accordance with Article 6(1)(f) GDPR for the purpose of a credit check. Based on the personal data provided by you and other data (such as shopping basket, invoice amount, order history, payment experience), the provider checks whether the payment option you have selected can be granted with regard to payment and/or bad debt risks.
In addition to internal provider criteria pursuant to Art. 6 (1) (f) GDPR, identity and creditworthiness information from the following credit agencies may also be included in the decision as part of the application process:
https://cdn.klarna.com
The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be authorised to process your personal data if this is necessary for contractual payment processing.
- Paypal
One or more online payment methods of the following provider are available on this website: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg
If you select a payment method of the provider for which you make advance payment, the payment data you provide during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 para. 1 lit. b GDPR. In this case, your data will only be passed on for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose.
If you select a payment method for which we make advance payment, you will also be asked to provide certain personal data (first and last name, street, house number, postcode, city, date of birth, email address, telephone number and, if applicable, data on an alternative means of payment) during the order process.
In order to safeguard our legitimate interest in determining your ability to pay in such cases, this data will be forwarded by us to the provider in accordance with Art. 6 para. 1 lit. f GDPR for the purpose of a credit check. Based on the personal data provided by you and other data (such as shopping basket, invoice amount, order history, payment experience), the provider checks whether the payment option you have selected can be granted with regard to payment and/or bad debt risks.
The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be authorised to process your personal data if this is necessary for contractual payment processing.
- Stripe
One or more online payment methods are available on this website from the following provider: Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland
If you select a payment method of the provider for which you make advance payment (such as credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 para. 1 lit. b GDPR. In this case, your data will only be passed on for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose.
If you select a payment method for which the provider makes an advance payment (such as invoice or instalment purchase or direct debit), you will also be asked to provide certain personal data (first and last name, street, house number, postcode, city, date of birth, e-mail address, telephone number, data on an alternative means of payment, if applicable) during the order process.
In order to safeguard our legitimate interest in determining our customers' ability to pay, we forward this data to the provider in accordance with Art. 6 para. 1 lit. f GDPR for the purpose of a credit check. Based on the personal data provided by you and other data (such as shopping basket, invoice amount, order history, payment experience), the provider checks whether the payment option you have selected can be granted with regard to payment and/or bad debt risks.
The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be authorised to process your personal data if this is necessary for contractual payment processing.
9.1 Matomo
This website uses a web analysis service of the following provider: InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, („Matomo“)
This data can be used to create and analyse pseudonymised user profiles for the same purpose. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of the website visitor's Internet browser. Among other things, cookies make it possible to recognise the Internet browser.
The pseudonymised information generated by the cookie is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. If data is also transferred to the provider's server and the web analysis service is not installed locally on our server, we have concluded an order processing contract with the provider that ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
All processing described above, in particular the setting of cookies for the reading of information on the terminal device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, Matomo will not be used during your visit to our website.
You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the „cookie consent tool“ provided on the website.
Data is only transmitted to the provider if the service is not hosted on our servers. In the case of self-hosting, data collected via the service will not be transmitted to the provider.
If the service is not hosted on our servers ourselves, we have concluded an order processing contract with the provider that ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
In this case, data transfers to New Zealand are subject to an adequacy decision by the EU Commission, which certifies compliance with European data protection standards for international data transfers.
9.2 Matomo
This website uses a web analysis service of the following provider: InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, („Matomo“)
To protect site visitors, Matomo uses a so-called "config_id" to enable various analyses of site usage within a short time window of up to 24 hours. The "config_id" of the site is a randomly set, time-limited hash of a limited set of the visitor's settings and attributes. The config_id or config hash is a string that is calculated for a visitor based on their operating system, browser, browser plugins, IP address and browser language. Matomo does not use device fingerprinting and uses an anonymised IP address of the site visitor to create the "config_id".
If the information processed in this way includes personal user data, the processing is carried out in accordance with Article 6(1)(f) GDPR on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes. To object to the future processing of your visitor data, we provide you with a separate opt-out option on our website.
Data is only transmitted to the provider if the service is not hosted on our servers. In the case of self-hosting, data collected via the service will not be transmitted to the provider.
If the service is not hosted on our servers ourselves, we have concluded an order processing contract with the provider that ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
In this case, data transfers to New Zealand are subject to an adequacy decision by the EU Commission, which certifies compliance with European data protection standards for international data transfers.
10.1 Youtube
This website uses plugins to display and play videos from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Data can also be transmitted to: Google LLC, USA
When you access a page on our website that contains such a plugin, your browser establishes a direct connection to the provider's servers in order to load the plugin. Certain information, including your IP address, is transmitted to the provider.
If the playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behaviour, create playback statistics and prevent abusive behaviour.
If you are logged into a user account with the provider during your visit to the site, your data will be assigned directly to your account when you click on a video. If you do not wish to be associated with your account, you must log out before activating the playback buttons.
All of the aforementioned processing, in particular the setting of cookies for the reading of information on the terminal device used, will only take place if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service via the „Cookie-Consent-Tool“ provided on the website.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
10.2 OpenStreetMap
This website uses an online map service from the following provider: OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, UK
The online map service is a tool for displaying interactive (land) maps to visualise geographical information. By using this service, our location is displayed to you and any geolocalisation is facilitated.
When you access the subpages in which the provider's map is integrated, information about your use of our website (such as your IP address) is transmitted to the provider's server and stored there.
The processing of your personal data is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in the needs-based design of our website. If you do not agree to the future transmission of your data to the provider, you have the option of completely deactivating the provider's online map service by switching off the JavaScript application in your browser. The online map service on this website can then no longer be used.
To the extent required by law, we have obtained your consent to the processing of your data as described above in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please follow the option described above for making an objection.
In the case of data transfer to the provider location, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.
10.3 Google reCAPTCHA
On this website we use the CAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Data can also be transmitted to: Google LLC, USA. For the visual design of the captcha window, the provider uses „Google Fonts", i.e. fonts downloaded from the Internet by Google. This does not result in the processing of any information other than that already transmitted to Google via the functionality of ReCaptcha.
The service checks whether an input is made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks and similar automated malicious access. To ensure that an action is carried out by a human and not by an automated bot, the provider collects the IP address of the end device used, identification data of the browser and operating system type used as well as the date and duration of the visit and transmits these to the provider's servers for evaluation.
The legal basis is our legitimate interest in determining individual responsibility on the Internet and the prevention of abuse and spam in accordance with Art. 6 para. 1 lit. f GDPR.
We have concluded an order processing contract with the provider that ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
Further information on Google's privacy policy can be found here: https://business.safety.google
Cookie consent tool
This website uses a so-called „cookie consent tool“ to obtain effective user consent for cookies and cookie-based applications that require consent. The „Cookie Consent Tool“ is displayed to users when they access the website in the form of an interactive user interface on which consent for certain cookies and/or cookie-based applications can be given by ticking a box. By using the tool, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by ticking the box. This ensures that such cookies are only set on the user's end device if consent has been granted.
The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed in the process.
If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Another legal basis for the processing is Art. 6 para. 1 lit. c GDPR. As the controller, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.
If necessary, we have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.
Further information about the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.
12.1 The applicable data protection law grants you the following data subject rights (rights of access and intervention) vis- -vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective conditions for exercising these rights:
12.2 RIGHT OF OBJECTION
if we process your personal data on the basis of our legitimate interest in the context of a solicitation of interest, you have the right to object to this processing at any time on grounds relating to your particular situation.for reasons arising from your particular situation, to object to this processing with effect for the future.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL TERMINATE THE PROCESSING OF THE DATA CONCERNED. FURTHER PROCESSING WILL BE RESERVED IF WE CAN PROVE COMPULSORY PROTECTIVE REASONS FOR THE PROCESSING;NOBODY WHO HAS THEIR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS DEDICATED TO THE ENFORCEMENT, EXPLOITATION OR DEFENCE OF LEGAL CLAIMS.
If your personal data is processed by us for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing. YOU MAY EXPRESS YOUR OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL TERMINATE THE PROCESSING OF THE DATA CONCERNED FOR DIRECT ADVERTISING PURPOSES.
The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and, if relevant, also by the respective statutory retention period (e.g. retention periods under commercial and tax law).
Where personal data is processed on the basis of express consent pursuant to Art. 6(1)(a) GDPR, the data concerned will be stored until you withdraw your consent.
If there are statutory retention periods for data that is processed within the scope of legal or commercial obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data is routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfilment of the contract or the initiation of a contract and/or we no longer have a legitimate interest in its continued storage.
Where personal data is processed on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object in accordance with Art. 21(1) GDPR. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.
Where personal data is processed for the purpose of direct marketing on the basis of Art. 6(1)(f) GDPR, this data will be stored until you exercise your right to object in accordance with Art. 21(2) GDPR.
Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted if they are no longer necessary for the purposes for which they were collected or otherwise processed.
