Privacy Policy

Personal data (usually referred to just as "data" below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the "GDPR"), "processing" refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control.

Our privacy policy is structured as follows:

I. Information about us as controllers of your data
II. The rights of users and data subjects
III. Information about the data processing

I. Information about us as controllers of your data

The party responsible for this website (the "controller") for purposes of data protection law is:

Dr. Michael Kirste
Siebengebirgsblick 3b
53844 Troisdorf
Germany

Phone: +49 (0) 1590 5462156
Email: info [at] io200 [dot] com

The controller's data protection officer is: Dr. Michael Kirste

II. The rights of users and data subjects

With regard to the data processing to be described in more detail below, users and data subjects have the right

  • to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
  • to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
  • to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
  • to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
  • to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).

In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller's future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.

III. Information about the data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.

Server data

For technical reasons, the following data sent by your internet browser to us or to our server provider will be collected, especially to ensure a secure and stable website: These server log files record the type and version of your browser, operating system, the website from which you came (referrer URL), the webpages on our site visited, the date and time of your visit, as well as the IP address from which you visited our site.

The data thus collected will be temporarily stored, but not in association with any other of your data.

The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.

The data will be deleted within no more than seven days, unless continued storage is required for evidentiary purposes. In which case, all or part of the data will be excluded from deletion until the investigation of the relevant incident is finally resolved.

Cookies

Cookies are small text files that are stored by your web browser when you access the website and save certain settings and data for exchange with our web server. Basically, there are two types of cookies: session cookies, which are deleted as soon as you close your browser, and temporary/permanent cookies, which are stored for a longer period of time. This storage helps us to design the website appropriately for you and makes it easier for you to use, for example by storing certain entries you make so that you do not have to keep repeating them. Most browsers are set to accept cookies by default. However, you can adjust your browser settings so that cookies are rejected or only stored after prior consent.

We use cookies for disabling website analytics. The cookie is set when users explicitly open a URL with a specific paramter as described in the analytics section. The legal basis is Art. 6 Para. 1 lit. f) GDPR.

Order processing

The data you submit when ordering goods and/or services from us will have to be processed in order to fulfill your order. Please note that orders cannot be processed without providing this data.

The legal basis for this processing is Art. 6 Para. 1 lit. b) GDPR.

After your order has been completed, your personal data will be deleted, but only after the retention periods required by tax and commercial law.

In order to process your order, we will share your data with the shipping company responsible for delivery to the extent required to deliver your order and/or with the payment service provider to the extent required to process your payment.

The legal basis for the transfer of this data is Art. 6 Para. 1 lit. b) GDPR.

Stripe Payments

To process orders through our online shop, we use the payment service of Stripe Inc, 510 Townsend Street, San Francisco, CA 94103, USA, hereinafter referred to as "Stripe", on our website. For this purpose, we have integrated Stripe’s checkout into the final order page of our online shop. The legal basis is the fulfilment of the contract according to Art. 6 Para. 1 lit. b.) EU General Data Protection Regulation (GDPR). In addition, we have a legitimate interest in offering effective and secure payment options, so that another legal basis ensues from Art. 6 para. 1 lit f.) GDPR.

By integrating Stripe, your internet browser loads the checkout page from a Stripe server. This means that the operating system you are using, type and version of your Internet browser, website from which the check-out has been requested, date and time of the call and the IP address are sent to Stripe - even without your interaction with the checkout page. As soon as you complete the order in our online shop, the data you have entered in the input fields of the checkout page will be processed by Stripe at your own responsibility in order to process the payment.

With the offered payment methods the following personal data is processed by Stripe for the purpose of payment processing and for identity and credit checking:

  • Contact information such as names, addresses, date of birth, gender, email address, telephone number, mobile phone number, IP address, etc.
  • Information on the processing of the order, such as product type, product number, price, etc.
  • Payment information, such as debit and credit card data (card number, expiry date and CCV code), invoice data, account number, etc.

At https://stripe.com/privacy Stripe provides further information on the processing described above as well as the applicable data protection regulations.

Panelbear analytics

We use Panelbear on our website. This is a web analytics service provided by Cronitor Inc., 1214 Parker Street, Berkeley, CA, 94702, United States, hereinafter referred to as "Panelbear".

Panelbear is used to analyze how our website is used. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our site.

Panelbear allows us to monitor your usage behaviour on our website, such as logging and evaluating your mouse movements or mouse clicks. However, your visit to our website will be anonymized. In addition, information about your operating system, your internet browser, incoming or outgoing links, the geographical origin of your access, and the type and resolution of the device you are using are evaluated by Panelbear and processed for statistical purposes. Panelbear offers further information about its data protection practices at https://panelbear.com/privacy.

In addition, you have the option of terminating the analysis of your usage behavior by opting out. By confirming the link https://www.io200.com?panelbear_disable

Contact

If you contact us via email or the contact form, the data you provide will be used for the purpose of processing your request. We must have this data in order to process and answer your inquiry; otherwise we will not be able to answer it in full or at all.

The legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR.

Your data will be deleted once we have fully answered your inquiry and there is no further legal obligation to store your data, such as if an order or contract resulted therefrom.


Created with Model Data Protection Statement of Anwaltskanzlei Weiß & Partner