PRIVACY POLICY

Privacy Policy
 

This Privacy Policy gives you an overview of how your personal data is processed when you browse the website available at www.easy-shopper.com . This Privacy Policy also informs you about your rights under the EU General Data Protection Regulation ("GDPR") and the options you have to manage your personal data and protect your privacy.
 

I. Controllers and Contact with Data Protection Supervisors
 

The responsible party for the website and for the services is
 

Pentland Firth Software GmbH

Baierbrunner Strasse 85

81379, Munich, Germany

E-mail: info@pentlandfirth.com

 

Data Protection Supervisor
 

Stefan Pfister

Pentland Firth Software GmbH

Baierbrunner Str. 85

81379, Munich, Germany

Phone: +49 89 – 59 08 37 0
 

You can also reach our data protection supervisor at info@pentlandfirth.com .

II. Processing of Personal Data
 

1. Data That We Process When You Make Use of Our Services:

If you use our services, personal data will be processed for technical reasons each time you access them.

As soon as you use our services, your browser or device sends technical information to our  web server, which is stored in server log files. The following usage and web access data are processed:

  • the date and time of the visit and the duration of use of the website;

  • the IP address of your device;

  • the referral URL (the website from which you may have been redirected);

  • the subpages of the website visited; and

  • more information about your device (device type, browser type and version, settings, installed plug-ins, operating system).
     

This so-called usage data is processed exclusively in pseudonymous form in order to enable you to use the services and to ensure the functionality of the services. In principle, the data will not be used to identify you as a person. In addition, we process the pseudonymous usage data in order to analyze the performance of the website, to continuously improve the website and to correct errors or to personalize the content of the website for you. Finally, we also process the usage data to ensure IT security and the operation of our systems and to prevent or detect misuse, in particular fraud. These server log files are deleted after a maximum of 7 days. The legal basis for the processing of this data is Art. 6 (1) lit. f) GDPR, the protection and functionality of the services are legitimate interests in this sense.
 

2. Data We Process for Communication Purposes
 

Contact

If you contact us with a request via the contact form provided on our site, we need your contact details and information regarding what it is about to be able to answer your request. The data processing for the purpose of contacting us takes place at your request and on the basis of Art. 6 para. 1 sentence 1 lit.b GDPR  for the implementation of pre-contractual measures or to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in being able to respond to inquiries and thus ensure a functioning customer service.
 

3. Data We Process for Other Purposes
 

In individual cases, your data may also be processed for other purposes. This includes, for example, the disclosure of your personal data to third parties if we are legally obliged to do so, but also for the purpose of asserting legal claims on our part or third parties or defending against legal disputes. The legal basis in these cases is either a legal obligation (Art. 6 (1) lit.c) GDPR) or our legitimate interests or legitimate third-party interests (Art. 6 (1) lit. f) GDPR), e.g., if we support users in the enforcement of rights.
 

4. Disclosure of Personal Data / Recipients
 

We treat your personal data carefully and confidentially and only pass it on to third parties in the rarest of cases. 

When our partners or service providers process personal data, they do so solely on the basis of data protection contracts in which they undertake to comply with strict contractual requirements to protect your data (including but not limited to compliance with this Privacy Policy).

The data recipients also include the service providers mentioned in our overview of cookies and analysis tools. Detailed information about this provider can be found in the information about cookies, web analytics and other tracking technologies at the end of this Privacy Policy.
 

Data Transfers Outside the EEA:

We do not transfer your personal data to countries outside the EEA (so-called "third countries") without appropriate protective measures being taken. However, third countries do not offer a level of data protection identical to that in the EU.

We only transfer your personal data if

  • The Commission has taken a so-called adequacy decision for the third country or the beneficiary in that third country,

  • the recipient offers appropriate safeguards in accordance with Article 46 GDPR for the protection of personal data (including any necessary additional measures),

  • you have expressly consented to the transfer after we have informed you about the risks in accordant to Art. 49 (1) lit. a) GDPR,

  • the transfer is necessary for the fulfillment of contractual obligations between you and us

  • or another exception from Art. 49 GDPR applies.
     

Suitable guarantees according to Art. 46 GDPR can be so-called standard data protection clauses, with which the recipient assures that the data is sufficiently protected and thus to ensure a level of protection comparable to the GDPR.
 

Purposes and Recipients

Website Hosting: Wix.com Ltd.

Recipient: Wix.com Ltd., 40 Namal Tel Aviv Street Tel Aviv, 6350671 Israel

Adequacy decision: The State of Israel has an adequate level of protection for the transfer of personal data from the European Union within the meaning of Article 45 GDPR, see decision of the European Commission of 31 January 2011 (OJ No. N. L 27 p. 39, Celex-No. 3 2011 D 0061).  Should the Commission's assessment of the level of data protection under data protection change, we will adapt the processing activities by Wix accordingly.
 

5. Duration of Storage:
 

We process and store your personal data to the extent necessary to fulfill our contractual or legal obligations. If the data is no longer required to fulfill legal obligations (e.g., tax or commercial law), it will be deleted, unless further processing is necessary to preserve evidence or to defend legal claims against us, unless the processing is based on your consent. In this case, we store your data until revoked.
 

6. Your Legal Rights Under the GDPR:
 

You have the following rights concerning us / our website:
 

Your right to revoke your consent in accordance with Art. 7 (3) GDPR. Once you have given your consent, you can revoke your consent at any time, without giving reasons, with effect for the future.
 

Your right to information pursuant to Article 15 GDPR, in particular you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data,  if these have not been collected by us, as well as on the existence of automated decision-making, including profiling and, if applicable, meaningful information on their details.
 

Your right to rectification pursuant to Art. 16 GDPR, e.g., if your data is incomplete or incorrect, you can ask us to correct this.
 

Your right to deletion in accordance with Article 17 GDPR if these are no longer necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims. 
 

Your right to restriction of processing  pursuant to Article 18 GDPR. You can request that your data be blocked, e.g., because you believe that the data is incorrect, or the processing is unlawful, but you reject its deletion because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Article 21 GDPR.
 

Your right to data portability  pursuant to Article 20 GDPR. You can request that we hand over data to you that you have provided to us in a structured, commonly used, and machine-readable format or transmit it to another controller.
 

Finally, you also have the right to lodge a complaint with the competent data protection supervisory authority (Art. 77 GDPR). You can file this complaint both at your place of residence, at the place of your workplace or at the place of the data protection violation you are complaining about. You can also lodge a complaint with the supervisory authority at our places of business.
 

If you wish to exercise your rights as a data subject, you can also do so by contacting us: info@pentlandfirth.com

 

Information About Your Right to Object According to Art. 21 GDPR
 

In addition to the rights already mentioned, for reasons arising from your particular situation, you have the right to object to the processing of your personal data at any time, provided that this processing is carried out on the basis of Art. 6 (1) lit. f) GDPR (data processing on the basis of a balancing of interests). If you object, we will no longer process your personal data unless we can set out circumstances that outweigh your interests, rights and freedoms and therefore justify the processing.
 

You also have the right at any time to object to the processing of your personal data for the purpose of direct marketing (including subscribing to our newsletter) without incurring any costs other than the transmission costs according to the basic tariffs; this also applies to the creation of a user profile (so-called "profiling"), insofar as this is associated with direct marketing. If you object, we will no longer process your personal data in the future.
 

Please note that you may not be able to use the Website or Services or only to a limited extent if you do not provide us with certain data or if you object to the use of this data. The objection can be filed informally at info@pentlandfirth.com
 

Use of Cookies
 

When using our website, usage data is collected. For this purpose, we use cookies. These  are necessary to ensure the functionality of our website.
 

What are cookies?
Cookies are small text files containing information that is stored on your access device. They are usually used to assign a specific action or preference to a user on a website, but without identifying the user as a person or revealing their identity.

Cookies are not automatically good or bad, but it is worth understanding what you can do about them and making your own decision about your data.

We use the following types of cookies, the scope and functionality of which are explained below: session cookies and persistent cookies.
 

Session cookies  are automatically deleted when you close your browser. This applies in particular to session cookies. They store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.
 

Persistent cookies are also first stored when you close your browser and then automatically deleted after a certain period of time, which may vary depending on the cookie. You can also delete the cookies in the security settings of your browser at any time.

You can reset your browser before or after your visit to our website so that all cookies are rejected or to indicate when a cookie is sent. By default, the setting of cookies can be managed by the browser program of your browser, also in such a way that no cookies can be set at all or that cookies are deleted as soon as you close your browser. Your browser may also have an anonymous browsing feature. You can use these functions of your browser yourself at any time. However, if you have disabled the setting of cookies in your browser by default, it may happen that our website or our services do not function properly.

 

Purposes and Legal Bases
 

The use of these technologies serves exclusively to make the use of our offer more pleasant for you and to ensure the security of our services. This is how we set e.g., session cookies to recognize that you have already visited individual pages of our services.  These are automatically deleted after leaving our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a certain specified period of time. If you visit our site again to use our services, it will automatically be recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again. The data processed by these cookies are required for the aforementioned purposes to safeguard our legitimate interests and those of third parties in accordance with Article 6 (1) lit. (f) GDPR.