Privacy Policy
Privacy Policy
Data protection information for the website www.pantero-nero.com, the use of cookies, Instagram, newsletter delivery and loyalty program.
The protection of your privacy and your personal rights is an important concern for us. Therefore, we would like to ask you to read the following summary of how our website works carefully.
The following data protection information is intended to inform you about how we use your personal data. In doing so, we adhere to the strict provisions of German data protection law and the requirements of the European General Data Protection Regulation (GDPR).
Table of contents:
A. Controller and contact
B. Scope of personal data processing
C. Purposes of processing and legal bases for processing your personal data
D. Duration of storage and routine deletion of personal data
E. Processing of personal data when contacting us
F. Disclosure of personal data to third parties
G. Your rights
H. Links to other companies' websites
J. Data protection information on cookies
K. Instagram use
L. Newsletter delivery / loyalty program
M. Changes to the privacy policy
Information on “Google Analytics Supplement” and “recaptcha”
A. Responsible and contact
Responsible in the sense of the DS-GVO, other data protection laws in the member states of the EU and other provisions with a data protection character is:
Alexandra Stahn
Neubruchstr. 18 F
85774 Unterföhring
E-Mail: shop@pantero-nero.de
B. Scope of personal data processing
We collect and use personal data from you only to the extent necessary to
provide a functional website and our content and services, e.g. when you order products.
The collection and use of your personal data takes place regularly only with your consent. An exception applies in cases where prior consent is not possible for practical reasons and the processing of the data is permitted by law.
The security of your personal data is a high priority for us. We
therefore protect your stored data using technical and organizational measures to effectively prevent loss or misuse by third parties.
To protect your personal data, it is transmitted in encrypted form. The integration of encryption certificates enables a so-called transport encryption and protects the communication from unauthorized access by third parties. The connection between your browser and the Wix servers is protected via Hyper Text Transfer Protocol (HTTPS) and Transport Layer Security (TLS).
C. Purposes of processing and legal bases for processing your personal
data
We collect, process and use your personal data for the following purposes:
Establishment and execution of contractual relationships
Customer service and customer support.
The processing of your personal data may be based on the following legal bases:
a) Art. 6 para. 1 lit. a DS-GVO serves as the legal basis for processing operations in which we obtain your consent for a specific processing purpose.
b) Art. 6 (1) (b) of the GDPR, insofar as the processing of personal data is necessary for the performance of a contract, e.g. when you purchase a product. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in the case of inquiries regarding our products or services.
c) Art. 6 (1) (c) of the GDPR, insofar as we are subject to a legal obligation that requires the processing of personal data, such as for the fulfillment of tax obligations.
d) Art. 6 (1) (d) of the GDPR in the event that vital interests of you or another natural person require the processing of personal data.
e) Art. 6 para. 1 lit. f DS-GVO applies on the basis of our legitimate interests, e.g. when using service providers in the context of order processing, such as shipping service providers or when conducting statistical surveys and analyses.
We are interested in providing a user-friendly, appealing and secure presentation and optimizing our website, which serves both our business interests and meets your expectations.
D. Duration of storage and routine deletion of personal data
We process and store your personal data only for the period of time necessary to fulfill the purpose of storage or as required by law or regulation. Once the purpose no longer applies or has been fulfilled, your personal data will be deleted or blocked. In the case of blocking, the deletion will take place as soon as legal, statutory or contractual retention periods do not preclude it, there is no reason to assume that deletion will impair your legitimate interests and deletion will not cause a disproportionate amount of effort due to the special nature of the storage.
Collection of general data and information, so-called log files
Our website collects a series of general data and information each time it is accessed on the basis of Art. 6 para. 1 lit. f DS-GVO, which are temporarily stored in log files of a server.
When you visit our website hosted by wix.com, the wix.com servers automatically store the information that the browser sends when this page is visited. The information includes the request, the IP address, browser type and language, and the date and time of the request. The information is used to analyze and maintain the technical operation of the servers and the network, as well as to combat abuse.
The collection and storage of this data is necessary for the operation of the website in order to ensure the functionality of the website and to deliver the contents of our website correctly.
E. Processing of personal data when making contact
a) When you contact us by phone, email or using a contact form, we store the data you provide based on Art. 6 (1) point a GDPR in order to answer your questions. The contact is logged in order to be able to prove that the contact has been made in accordance with the legal requirements. Your consent to the processing of the data is obtained in the context of the contact form and reference is made to this data protection notice. We delete the data collected in this context when the respective conversation with you has ended and the matter in question has been conclusively clarified.
b) Based on Art. 6 (1) lit. c and f GDPR, we use and store your personal data and technical information to the extent necessary to prevent or prosecute abuse or other illegal conduct on our website.
This also occurs to the extent that we are legally obliged to do so, for example due to official or court orders, and for the exercise of our rights and claims as well as for legal defense.
F. Disclosure of personal data to third parties
When disclosing your personal data, we always ensure the highest possible level of security. Therefore, your data will only be passed on to service providers that have been carefully selected in advance and are contractually bound. In addition, we will only forward your data to locations within the European Economic Area that are therefore subject to strict EU data protection laws or that are obliged to maintain an appropriate level of protection.
a) Disclosure to service providers in accordance with Art. 6 (1) lit. b and f DS-GVO
Our website is hosted by wix.com and is subject to the provisions of the EU-DSGVO.
b) In contrast to order processing, we transfer data to third parties in the following cases
for use on their own responsibility for the execution of the contract:
When goods are delivered to logistics companies and to the postal service provider specified when the order is placed, if applicable.
When payment is made, we do not collect or store any payment transaction information such as credit card numbers or bank details. You provide this information directly to the respective payment service provider only.
c) Disclosure to other third parties in accordance with Art. 6 (1) c and f GDPR
Finally, we will pass on your data to third parties or government agencies within the framework of the existing data protection laws if we are legally obliged to do so, for example, due to an official or court order, or if we are entitled to do so, for example, because this is necessary for the prosecution of criminal offenses or for the exercise and enforcement of our rights and claims.
G. Your rights
Of course, you have rights with regard to the collection of your data, which we will explain to you here. If you would like to take advantage of any of the following rights free of charge, simply send us a message. You can use the following contact details without incurring any costs other than the transmission costs at the basic rate:
By email: shop@pantero-nero.de
By post: Alexandra Stahn, Neubruchstr. 18 F in 85774 Unterföhring, Germany
For your own protection, we reserve the right to obtain further information that is necessary to confirm your identity in the event of an inquiry, and to refuse to process the request if identification is not possible.
a) Right to information
You have the right to request information from us about the personal data stored about you.
b) Right to rectification
You have the right to request immediate rectification and/or completion of the personal data concerning you.
c) Right to restriction of processing
You have the right to request the restriction of the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you oppose the erasure of the personal data and we no longer need the data, but you require it for the establishment, exercise or defense of legal claims, or if you have objected to the processing.
d) Right to erasure
You have the right to request the deletion of your personal data stored by us, unless the exercise of the right to freedom of expression and information, the processing for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims is required.
e) Right to information
If you have asserted the right to rectification, erasure or restriction of processing, we will communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
f) Right to data portability
You have the right to have the personal data that you have provided to us delivered to yourself or to a third party in a structured, commonly used and machine-readable format. If you require the direct transfer of data to another controller, this will be done only if it is technically feasible.
g) Right to object
If your personal data are processed on the basis of legitimate interests in accordance with Article 6 (1) (f) of the GDPR, you have the right to object to the processing at any time in accordance with Article 21 of the GDPR.
h) Right to revoke consent
You have the right to revoke your consent to the collection of data at any time with effect for the future. The data collected up to the legal validity of the revocation remains unaffected.
i) Right to complain to a regulatory authority
If the processing of your personal data violates data protection law or if your data protection rights have been violated in any other way, you can complain to the regulatory authority.
Data that we are required to store due to legal, statutory or contractual retention requirements will be blocked instead of deleted to prevent it from being used for other purposes.
H. Links to other companies' websites
Our website contains links to other companies' websites (e.g. Paypal). We are not responsible for the data protection precautions on external websites that you can access via these links. Please inform yourself about the data protection of these external websites.
J. Privacy Policy for Cookies
We want to provide you with a pleasant online experience on our website and, to this end, we use cookies in accordance with Art. 6 (1) point f GDPR.
For this purpose, we use different cookies and services to ensure the functionality of our website and to make the website as user-friendly as possible for you. It is important to us that you can surf our website comfortably and for this reason, the continuous optimization of our website is of great importance to us.
Below you will find detailed information about the cookies and services we use on this website. Of course, you have the option to disable all cookies and services. You can do this by blocking or deleting cookies via your internet browser or by separately disabling them by setting an opt-out cookie or following a link provided. Please note that you will need to disable cookies for each browser that you use. If you delete all cookies in your browser, the corresponding opt-out cookie will also be affected.
Functional cookies
Cookies are small text files that are placed in your browser history and that are used to reconstruct settings and other changes you have made on your next visit.
These functional cookies ensure that our website works properly. These cookies are stored for up to two years – after which they are automatically deleted. For example, the following functions are possible with these cookies:
- Storing products that you have placed in the shopping cart
- Storing the information you entered during checkout or during an order so that you do not have to re-enter this data
- Storing settings for optimal video display, e.g. the desired buffer size and the resolution data of your screen,
- Recording your browser settings to display our website optimally on your screen.
You have the option to block the setting of these cookies and to delete cookies that have already been set. You can find more information about this from the manufacturer or in the help function of your internet browser. However, we must point out that certain functionalities on our website will no longer be available or will only be available to a limited extent if you do not allow these functional cookies.
Analysis services for statistical purposes
In order to determine which contents of our website are most interesting for you, we continuously measure the number of visitors and the most viewed contents. We use the data collected for statistical purposes, for example
- to record the number of visitors to our websites
- to optimize our websites
K. Use of Instagram
Pantero-nero.de is active and present within social networks and platforms in order to be able to inform you about offers from pantero-nero.de. In order to comply with the required duty of transparency, pantero-nero.de provides information here about the processing and use of your personal data, insofar as we are aware of it and can influence it.
Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland (“Facebook”) is responsible for processing the personal data provided by visitors when they visit the Instagram website.
I. Principles
We collect, process and use your personal data exclusively in compliance with the applicable data protection regulations.
Personal data is any information concerning the personal or material circumstances of an identified or identifiable natural person (hereinafter referred to as “data”). This includes, in particular, so-called inventory data such as your name, postal address, email address and telephone number, but also usage data, such as information about the time of your visit to the Instagram profile pantero-nero.de, the browser you used and other data generated when you visited this Instagram profile.
II. Scope of data collection, processing and use
We collect, process and use the personal data you provide to us from Instagram LLC, 1601 Willow Rd, Menlo Park CA, 94025 USA (a subsidiary of Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304, USA) only for the purposes of optimizing our services.
The processing of your personal data is carried out exclusively on the basis of the applicable data protection provisions of pantero-nero.de, i.e. depending on the case - specifically on the basis of your prior consent granted to us, a legal obligation, the conclusion of a contract with you or after weighing up legitimate interests in individual cases.
Insofar as we process personal data on the basis of consent, we only do so as long as you do not object or revoke your consent.
This Instagram profile is not intended for persons under the age of 16. We request that persons under the age of 16 do not provide us with any personal data. If we learn that we have collected personal data from persons under the age of 16, we will take steps to delete the data as soon as possible.
We would like to inform you in the following data protection notices about exactly which data we collect and process about you.
(1) Instagram
Instagram collects personal data to evaluate user behavior. Instagram provides a certain amount of this data to the operators of Instagram profiles in anonymized form. This is demographic data such as age, gender, city of residence, country or native language, without any reference to identifiable persons. Pantero-nero.de cannot therefore identify any visitor to the Instagram profile.
In addition, statistics are provided to us about the source of the access to the Instagram profile, the type of device used to access it, or the page views. As the operator of this profile, we also receive anonymized statistical data (so-called insights) from Instagram. No conclusions can be drawn about the respective visitor based on this data. Furthermore, this statistical data cannot be linked to our customers' profile data. We can only specify the categories of data and visitors according to which Instagram evaluates its data collection and makes it available in the form of anonymized statistics. These data are used by pantero-nero.de exclusively for the analysis of user behavior, so that we can better align our Instagram profile and our offer with the needs and interests of our visitors.
We only use the data provided to us by Instagram that is necessary for the purposes mentioned here. If further data is provided, it will not be retrieved and therefore will not be processed by us.
We only receive anonymized information and statistics if the visitor to our Instagram profile is registered with Instagram. However, we would like to point out that as a result of Instagram itself directly accessing our Instagram profile, for example by reading log files (e.g. IP address) or setting cookies, a note of this data is possible.
The use of your data transmitted to us by Instagram is based on Art. 6 para. 1 sentence 1 lit. f DSGVO.
We have no influence on the collection of data by Instagram, nor on the data processing operations existing at Instagram. Nor are we aware of the extent of the data collection, the purposes of the processing or the stored storage periods. A forwarding of the data in anonymized statistics can not be excluded.
When a visitor subscribes to our Instagram profile, Instagram adds their profile to the list of all subscribers to that profile. This list is left to us. However, this list only contains public data, i.e. information that the visitor voluntarily provides via their Instagram settings. The respective visitor decides for themselves which data this is in their Instagram settings. In addition, each visitor has the option of individually setting their privacy in their Instagram settings (https://www.instagram.com/accounts/privacy_and_security/).
We can also assign comments on our Instagram posts to individual users.
The processing of this data serves the above-mentioned purpose and is carried out in accordance with Art. 6 (1) 1 lit. a GDPR on the basis of your voluntarily granted consent through registering and logging in to Instagram.
We do not know the full extent of the data collected, i.e. what data about a visitor Instagram collects in total and for what purposes it is processed by Instagram. Please understand that we can only provide you with information to the extent of our knowledge and influence over the data processing.
Furthermore, we would like to point out that the operators of the platform, which can be accessed on different end devices, are mostly US companies and thus their data can also be processed outside the European Union and the European Economic Area. This may result in risks because, for example, it could make it more difficult to enforce users' rights. US providers that are certified under the Privacy Shield are thereby committed to complying with EU data protection standards. Further details are set out in the data protection declarations of the individual providers.
You can contact Facebook's data protection officer via the following link.
Facebook:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland
Further information on data processing by Instagram can be found at the following links:
Privacy Policy: https://help.instagram.com/519522125107875
Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
Interests in advertising: https://www.instagram.com/accounts/access_tool/ads_interests
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC
III. Right of access, right to object and right of withdrawal
According to the General Data Protection Regulation, you have the right to request information about the personal data stored about you free of charge. In addition, you can object to the creation of pseudonymized user profiles for the purposes of advertising, market research or optimizing our website. You can revoke your consent to the collection, processing or use of your personal data at any time with effect for the future.
You have the right to
receive information about the data stored about you – including information about the origin or recipients of this data – and the purpose of storing this data. Under the Instagram settings, you have the option to download a copy of the information stored under Instagram;
have your data corrected if it is wrong. Under your Instagram settings, you have the option to correct the information stored under Instagram;
have your data deleted or blocked if the data storage was not permitted or is no longer necessary for our further performance of tasks. Via the Instagram settings, you have the option of having your data stored under Instagram or your account deleted;
have your data transferred. Instagram offers you the option under the Instagram settings to have your data stored under Instagram transferred;
to object to or restrict the use of your data or to revoke consent granted. To do so, please use the opt-out links mentioned above, the account deletion link in the Instagram settings or contact the Facebook data protection officer. Please note that, for organizational reasons, there may be an overlap between your revocation and the use of your data in the context of an already ongoing request;
complain to a regulatory authority if you believe that the processing of your personal data is unlawful. To do so, please contact the data protection authority responsible for your place of residence or federal state.
The BayLAD Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach is responsible for data protection issues that affect us. For data protection issues concerning Facebook Ireland Ltd., please contact Data Protection Commission Canal House, Station Road Portarlington R32 AP23 Co. Laois, Tel: +353 57 8684800 or +353 (0)761 104 800, Fax: +353 57 868 4757 or by email: info@dataprotection.ie
This data protection notice can be accessed and printed at any time at https://www.pantero-nero.de/j/privacy. As changes in legislation or changes to our internal company processes may make it necessary to amend this data protection notice, we reserve the right to do so, and we therefore request that you regularly access this data protection notice.
We will be happy to answer any questions you may have about data protection. Please use the contact details provided here:
By email: shop@pantero-nero.de
By post: Alexandra Stahn, Neubruchstr. 18 F in 85774 Unterföhring, Germany
We use Google Analytics for these statistical purposes. Information about this service and how you can disable this service by setting an opt-out cookie or following a link can be found below in the text in the “Google Analytics Supplement” section.
L. Newsletter delivery / loyalty program
I. Purposes of data processing/legal basis:
On our website, we offer you the opportunity to sign up for our newsletter or to participate in the loyalty program. If you have consented to receive our newsletter and/or are a participant in the loyalty program, we use your e-mail address and, if applicable, your name to send you (where possible, personalized) information about products, promotions, points balances, and news regarding real and fashion jewelry, accessories, hair accessories, decorative objects, and DIY products. We store and process this data for the purpose of sending the newsletter and assigning your points balance to your customer account.
II. The legal basis for the above-mentioned data processing is your consent in accordance with Article 6 (1) (a) GDPR.
In order to ensure that no mistakes have been made when entering the e-mail address, we use the so-called double opt-in procedure: after you have entered your e-mail address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your e-mail address be added to our mailing list.
You can revoke your consent to receive the newsletter at any time with effect for the future by sending an e-mail to shop(at)pantero-nero.de or at the end of each newsletter. When you unsubscribe, we consider your consent to send and receive the newsletter to be revoked. We will delete your usage data. The conditions under point 5 of the General Terms of Use apply to the loyalty program.
III. Recipients/categories of recipients:
Insofar as external processors are used to send the newsletter, they are contractually bound by Article 28 of the GDPR.
IV. Storage period/criteria for determining the storage period:
If you revoke your consent to receive the newsletter, your e-mail address will be blocked from receiving the newsletter. Your data will then be deleted from the corresponding e-mail distribution lists after one month.
M. Changes to the data protection notice
In order to ensure that our data protection notice always complies with current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection notice has to be adapted due to new or revised offers or services.
As of: April 2023
Information on data processing in connection with Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Ireland Limited. If the data controller for this website is located outside the European Economic Area or Switzerland, Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as “Google”.
Google Analytics uses so-called “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your abbreviated IP address) will generally be transmitted to and stored by Google on servers in the United States.
Google Analytics is used exclusively with the extension “_anonymizeIp()” on this website. This extension ensures anonymization of the IP address by shortening it and excludes direct personal references. The extension shortens Google's IP address within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.
On behalf of the site operator, Google will use the information collected to evaluate the use of the website, to compile reports on website activity and to provide the site operator with further services relating to website and internet use (Art. 6 para. 1 lit. f DSGVO). The legitimate interest in data processing lies in optimizing this website, analyzing how it is used and customizing its content. Pseudonymization adequately safeguards the interests of users.
Google LLC. offers a guarantee based on the standard contractual clauses to comply with an adequate level of data protection. The data sent and linked to cookies, user IDs (e.g. user ID) or advertising IDs will be automatically deleted after 50 months. The deletion of data whose retention period has been reached is carried out automatically once a month.
The collection of data by Google Analytics can be prevented by the site visitor adjusting the cookie settings for this website. The collection and storage of the IP address and the data generated by cookies can also be objected to at any time with effect for the future. The corresponding browser plug-in can be downloaded and installed from the following link: https://tools.google.com/dlpage/gaoptout.
Visitors to the site can prevent Google Analytics from collecting data on this website by clicking on the following link. This sets an opt-out cookie that prevents the future collection of data when visiting this website.
Further information about data usage by Google, settings and objection options, can be found in Google's privacy policy (https://policies.google.com/privacy) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).