Data privacy statement
We use cookies to improve the user-friendliness of the website. By visiting our website, you agree to this.
You agree that your data will be used to process your request. Further information and revocation notices can be found in the Privacy Policy. Your data will be deleted after it has been processed, provided that there are no legal retention periods to the contrary. You can object to the data processing at any time.
PRIVACY POLICY
We appreciate your interest in our company. Data protection is of particular importance to the management of Gebel/Hibbs Gbr - Banded Berlin. It is in principle possible to use the webpages of Gebel/Hibbs Gbr - Banded Berlin without providing any personal data. However, if a data subject wishes to make use of the special services offered by our company via our website, we may need to process your personal data. If the processing of personal data is necessary and there is no legal basis for such processing, the subject generally must consent to us processing their data.
The processing of personal data, such as the name, address, email address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to Gebel/Hibbs Gbr - Banded Berlin. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. Furthermore, data subjects will be informed of their rights by means of this data protection declaration.
Gebel/Hibbs Gbr - Banded Berlin has implemented numerous technical and organisational measures as the responsible party for the processing of personal data in order to ensure that all personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, for example by telephone.
Definitions
The data protection declaration of Gebel/Hibbs Gbr - Banded Berlin is based on the terms used by the European guideline and regulation provider when the basic data protection regulation (GDPR) was issued. Our data protection declaration should be easy to read and understand both for the public and for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
In this data protection declaration, we use, among others, the following terms:
a) Personal data
Personal data is all information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). Identifiable refers to a person who can be identified directly or indirectly, in particular through the assignment of an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of said person.
b) Data subject
The data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
c) Processing
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
f) Pseudonymisation
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
'Controller' or the controller responsible for the processing means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or the specific criteria for their appointment may be laid down in accordance with Union law or the law of the Member States.
h) Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
i) Recipient
"Recipient" means a natural or legal person, public authority, agency or other body to which personal data is disclosed, whether or not it is a third party. However, authorities which may be entitled to receive personal data under Union law or the law of the Member States within the framework of a particular investigation mandate shall not be regarded as recipients.
j) Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
k) Consent
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and Address of the Controller
Gebel/Hibbs Gbr - Banded Berlin
Dresdenerstr. 15
10999 Berlin
Managing Director: Heike Gebel
Phone: +49 30 31484861
Email: info[at]banded-berlin.com
Further information can be found in the Imprint
Name and contact of the Data Protection Officer
Ashley Hibbs
ashley@banded-berlin.com
Collection and storage of personal data
1) When you visit this website
When you access the www.banded-berlin.com website (and all sub-pages) your browser (e.g. Microsoft Internet Explorer, Google Chrome, Mozilla Firefox, Opera, Apple Safari etc.) automatically sends information to the server of this website. This information is temporarily stored in a so-called log file. This includes the following information:
- IP address of the requesting device (e.g. desktop PC, laptop, tablet, smartphone etc.) used to visit this website,
- Date and time of the visit,
- Name and URL of the accessed page / file,
- Website from which the visit is made (so-called referrer URL),
- Request status/HTTP status code
- The amount of data transmitted
- browser used, operating system of the end device, if applicable, and name of your access provider.
Type and purpose of use
The above data will be processed for the following purposes:
- Providing a trouble-free connection to the website,
- Comfortable use of the website,
- Evaluation of system security and stability and
- for administrative purposes.
The legal basis for data processing is Art. 6 Para. 1 sentence 1, letter f) GDPR. The legitimate interest results from the listed purposes for data collection. The data will not be used to draw conclusions about your person.
Use of cookies
Cookies are used on this website. Cookies are data created by your browser when you visit a website and stored locally on your terminal device. A cookie stores information that depends on the device you are using. This does not mean that immediate knowledge of your identity is possible.
Cookies do not cause any damage, they do not transmit viruses, do not read hard disk contents or email addresses. Cookies are used to optimize the user experience and thus to make visiting this website more pleasant. Two types of cookies are used, session cookies and temporary cookies. Session cookies are used to recognize which pages of this website you have already visited. These are automatically deleted when you leave the page. These are stored on your mobile device for a specified period of time. If you visit this website again at a later date, your browser (if you have also used it previously) returns the information stored in the cookie to this website. This allows you to display individual and customised information, in particular which entries and settings have been made so that you do not have to enter them again.
Google Web Fonts
On this website we use the "Web Fonts" service provided by Google (Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to make the typeface uniform and visually appealing.
The selected font is loaded and embedded externally from Google servers. The connection between your Internet browser and Google LLC servers automatically collects data about your site visit and forwards it to Google LLC. The information collected is the information listed in Section 1) of this Privacy Policy.
The legal basis for data processing is Art. 6 Para. 1 sentence 1, letter f) GDPR. The legitimate interest results from the listed purposes for data collection.
For more information about Google's data processing and setting options, please refer to Google's privacy policy at http://www.google.com/intl/de/policies/privacy/.
Google LLC is certified for the US-European Privacy Shield. This ensures compliance with the data protection level applicable in the EU. For more information, see: https://www.privacyshield.gov/EU-US-Framework.
Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies, which are text files stored on your computer to enable the analysis of your usage of the website. As a rule, the information regarding your use of this website generated by the cookies will be forwarded to a Google server in the USA and stored there.
We use Google Analytics exclusively with IP anonymisation. If the data collected about you is personally identifiable, it will be blocked immediately and the personal data deleted as soon as possible. Your IP address will be truncated by Google within the Member States of the European Union or in other Parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and internet usage for the website operator.
The IP address transmitted by your browser within Google Analytics is not merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the data generated by cookies concerning your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
We use Google Analytics to analyse and regularly improve the use of our website. We can improve our offer and make it more interesting for you as a user. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework , for exceptional cases in which personal data is transferred to the USA.
The legal basis for the use of Google Analytics is Art. 6 Para. 1 sentence 1, letter f) GDPR.
Third party providers information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: http://www.google.com/analytics/terms/de.html, Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the data protection declaration: http://www.google.de/intl/de/policies/privacy.
YouTube
This website contains YouTube videos (a service of YouTube LLC. subsidiary of Google LLC. 901 Cherry Avenue, San Bruno, CA 94066, USA) so that they can be played directly. All videos are integrated in the "extended data protection mode". Therefore, no data about you as a user will be transmitted to YouTube if you do not play the videos. Data is not transferred until you play the videos. We have no influence on this data transfer.
When you visit our website, YouTube receives the information that you have accessed the corresponding URL of our website using the map function. In addition, the data listed under point 1) of this data protection declaration will be transmitted. The transfer will be made in any case, regardless of whether you have a Google account or are logged in to it. If you are logged in with a YouTube Account, Google may associate it with your account. YouTube processes your data and creates profiles in order to improve maps, but also to offer advertising and conduct market research. You have a right of objection to this type of use of your data, in which case you must contact Google directly.
The legal basis for the use of YouTube is Art. 6 Para. 1 sentence 1, letter f) GDPR.
For more information about YouTube's data processing and setting options, please refer to Google's privacy policy at http://www.google.com/intl/de/policies/privacy/.
Google LLC is certified for the US-European Privacy Shield. This ensures compliance with the data protection level applicable in the EU. For more information, see: https://www.privacyshield.gov/EU-US-Framework.
Facebook & Instagram Plugin Widgets
We embed a Facebook widget to allow you to see information about, and “like”, our Facebook page. This widget may collect your IP address, your web browser User Agent, store and retrieve cookies on your browser, embed additional tracking, and monitor your interaction with the widget, including correlating your Facebook account with whatever action you take within the widget (such as “liking” our Facebook page), if you are logged in to Facebook. For more information about how this data may be used, please see Facebook’s data privacy policy: https://www.facebook.com/about/privacy/update
We use an Instagram Feed plugin to display social media content on our website. As a result, our website makes requests to Instagram’s servers in order to get the data to populate the feed(s) and to display images and videos. These requests make your IP address visible to Instagram, who may use it in accordance with their data privacy policy: https://help.instagram.com/519522125107875
Establishing contact
Contact form
You have the possibility to send a message via a contact form provided on this website. A valid email address is required to enable us to respond to your request. Optionally, you can make further specifications.
We record your first and last name in order to be able to answer you personally. We collect any address and telephone data for registration forms in order to be able to answer your enquiry personally by post.
The transmitted data will be stored and used for the purpose of answering your inquiry or for contacting you and the associated technical administration.
Data processing upon contact shall be carried out in accordance with Art. 6 Para. 1 sentence 1, letter a) GDPR. The basis is your voluntary consent. Another legal basis for the processing of the data is also our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 letter f) GDPR.
If contact is made in order to enter into a contractual relationship with us or to enable us to carry out pre-contractual measures, the legal basis for the processing is also Art. 6 Para. 1 letter b) GDPR.
The personal data collected for the use of the contact form will be deleted after your enquiry has been dealt with, provided that there are no legal storage obligations to the contrary.
By Email
If you send us an email, your email address (possibly with your chosen name as sender information), the subject and the content of your message will be processed. The data processing is necessary in order to be able to answer your enquiry appropriately or to take the measures you require or to fulfil other legal obligations towards you which are the subject of the enquiry. Only data required for the above purposes will be processed.
Another legal basis for the processing of the data is also our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 letter f) GDPR.
If contact is made in order to enter into a contractual relationship with us or to enable us to carry out pre-contractual measures, the legal basis for the processing is also Art. 6 Para. 1 letter b) GDPR.
The personal data collected for the use of the contact form will be deleted after your enquiry has been dealt with, provided that there are no legal storage obligations to the contrary.
By fax or post
If you send us a letter or a fax, your personal data stated therein as well as the facts communicated will be processed. The data processing is necessary in order to be able to answer your enquiry appropriately or to take the measures you require or to fulfil other legal obligations towards you which are the subject of the enquiry. Only data required for the above purposes will be processed.
Another legal basis for the processing of the data is also our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 letter f) GDPR.
If contact is made in order to enter into a contractual relationship with us or to enable us to carry out pre-contractual measures, the legal basis for the processing is also Art. 6 Para. 1 letter b) GDPR.
The personal data collected for the use of the contact form will be deleted after your enquiry has been dealt with, provided that there are no legal storage obligations to the contrary.
Newsletter subscription
Mailchimp
If you sign up for our newsletter, which is administered through Mailchimp, or if you register for our site, we will store some of your information, including your email address, IP address and certain information about the links you click within the emails we send you, on a Mailchimp server. Neither we nor Mailchimp will ever sell your email address or share it with any other party, unless we are legally compelled to do so. If you contact Mailchimp directly regarding your subscription to our newsletter, Mailchimp may contact you directly; otherwise, Mailchimp will never contact you. Only authorized Mailchimp employees have access to our subscriber list. You are always free to unsubscribe from our newsletter, but as long as you are registered with Banded Berlin we may use Mailchimp to send you information about your account.
You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time by using the "unsubscribe" link in the newsletter.
For this reason, we ask you to inform yourself about our data protection measures at regular intervals by inspecting our data protection declaration.
You can unsubscribe at any time via a link at the end of each newsletter or simply send us an email to datenschutz@banded-berlin.com with your unsubscription request. You will then no longer receive a newsletter.
Use of our web shop
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
Contractual relationships and fulfilment of other legal claims
If you enter into a contractual relationship with us, a pre-contractual obligation exists (contract initiation) or we have to fulfil other legal claims against you, we collect the following data:
- Title
- First and last name
- Address
- Fixed and/or mobile phone number
- Email address
- In the B2B area, first name and surname of the contact person in the company, if applicable
- Information which is necessary for the initiation of a contract, contract execution or fulfilment of other legal claims against you.
Type and purpose of use
The above data will be processed for the following purposes:
- to be able to identify you when initiating a contract, as a contractual partner or in the case of other legal claims
- in order to be able to fulfil pre-contractual measures, the contractual relationship or other legal claims against you
- to correspond with you
- for invoicing
The legal basis for data processing is Art. 6 Para. 1 p. 1 letter b), c), f) GDPR. The data processing is necessary for the listed purposes for an appropriate execution of the contract and/or for the fulfilment of other legal obligations towards you.
The personal data collected for the use of the contact form will be deleted after your enquiry has been dealt with, provided that there are no legal storage obligations to the contrary.
Sharing of data
Your personal data will only be passed on to third parties if:
- you have granted your express consent in accordance with Art. 6 Para. 1 p. 1 letter a) GDPR,
- the disclosure is necessary in accordance with Art. 6 Para. 1 p. 1 letter f GDPR for asserting, exercising or defending legal claims and it cannot be assumed that you have an overriding interest worthy of protection in not disclosing your data,
- when sharing in accordance with Art. 6 para 1 sentence 1 lit. c) GDPR,
- this is legally permissible and in accordance with Art. 6 Para. 1 p. 1 letter b) GDPR is required for the processing of contractual relationships with you.
In addition, no transfer of data takes place.
Rights of data subjects
You have the following rights:
- to request information as to whether personal data relating to them are processed in accordance with Art. 15 GDPR. If personal data is processed, you have a right to information about this personal data and to the following information:
processing purposes, categories of personal data, recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectify or delete the personal data concerning you or to restrict or object to such processing, the existence of a right of appeal to a supervisory authority, the origin of your data, if not collected by me, and the existence of automated decision-making including profiling and, where applicable, meaningful information on the details; - to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR;
- to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you need this to assert, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;
- to receive your personal data in accordance with Art. 20 GDPR that you have provided to us in a structured, current and machine-readable format or to request its transfer to another responsible person;
- to revoke your consent provided to us at any time pursuant to Art. 7 Para 3 GDPR. As a result, we will no longer be allowed to continue processing data based on this consent in the future and
- to complain to a supervisory authority pursuant to Art. 77 GDPR. To do so, you may contact the supervisory authority of their place of residence or work or the place of suspected infringement.
Right to object
As far as your personal data is based on the legitimate interest according to Art. 6 Para. 1 sentence 1 letter f) GDPR, you have the right in accordance with Art. 21 GDPR to object to the processing of your personal data if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation. If you would like to exercise your right of withdrawal, sending an email to datenschutz@banded-berlin.com is sufficient.
This website uses the SSL procedure in conjunction with the highest level of encryption supported by your browser. Usually, this is a 256-bit encryption. For your security, the web server forces the SSL variant to be called. The SSL certificate will of course be renewed regularly upon expiry of time. You can tell whether a page is transmitted encrypted by the display of a key or lock symbol in the upper or lower bar of your browser. Furthermore, technical and organisational security measures are used to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. These security measures are continuously improved or adapted in line with technical progress.
Current version of the Privacy Policy
The Privacy Policy is valid as of May 2018.
It may be necessary to change the Privacy Policy due to further development of the website, changed offers or legal or official requirements. The current privacy policy can be accessed at any time on this website at https://banded-berlin.com/pages/data-privacy-statement