PRIVACY POLICY

Privacy policy

This Privacy Policy provides you with an overview of how your personal data is processed when you browse the website available at www.easy-shopper.com. This Privacy Policy also informs you about your rights under the EU General Data Protection Regulation ("GDPR") and the choices you have to manage your personal data and protect your privacy.

I. Data controllers and contact to the data protection officers

The data controller for the Website as well as for the Services is.

Pentland Firth Software GmbH

Baierbrunner Street 85

81379, Munich, Germany

E-mail: info@pentlandfirth.com

Data Protection Officer

Stefan Pfister 

Pentland Firth Software GmbH 

Baierbrunner Str. 85 

81379, Munich, Germany 

Phone: +49 89 - 59 08 37 0 

You can also reach our data protection officer at info@pentlandfirth.com .

​

II. Processing of personal data

1. data that we process when you call up our services:

When you use our services, personal data is processed each time you access them for technical reasons.

As soon as you use our services, your browser or end device sends technical information to our web server, which is stored in server log files. In the process, the following usage and web access data is processed:

the date and time of your visit and the duration of your use of the website;

the IP address of your device;

the referral URL (the website from which you may have been redirected);

the sub-pages of the website visited; and

other information about your device (device type, browser type and version, settings, plug-ins installed, operating system).

This so-called usage data is processed exclusively in pseudonymous form to enable you to use the services and to ensure the functionality of the services. The data is generally not used to identify you as a person. In addition, we process the pseudonymous usage data to analyze the performance of the website, to continuously improve the website and to correct errors or to personalize the content of the website for you. Finally, we also process the usage data to ensure IT security and the operation of our systems and to prevent or detect misuse, in particular fraud. These server log files are deleted after a maximum of 7 days. The legal basis for processing this data is Art. 6 (1) lit. f) DSGVO, the protection and functionality of the services are legitimate interests in this sense.

2. data we process for the purpose of communication

Contact form

If you contact us with an inquiry via the contact form provided on our site, we need your contact data and information about what it is about in order to answer your inquiry. Data processing for the purpose of contacting us is carried out in response to your request and on the basis of Art. 6 (1) p. 1 lit. b DSGVO to carry out pre-contractual measures or to protect our legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO. Our legitimate interest is to be able to respond to requests and thus ensure a functioning customer service.

3. data we process for other purposes

In individual cases, your data may also be processed for other purposes. These include, for example, the transfer of your personal data to third parties if we are legally obliged to do so, but also for the purpose of asserting legal claims on our part or on the part of third parties or defending legal disputes. In these cases, the legal basis is either a legal obligation (Art. 6 (1) lit. c) DSGVO) or our legitimate interests or legitimate third-party interests (Art. 6 (1) lit. f) DSGVO), e.g. if we support users in enforcing rights.

4. disclosure of personal data / recipients

We treat your personal data carefully and confidentially and only pass it on to third parties in the rarest of cases.

When our partners or service providers process personal data, they do so only on the basis of data protection contracts in which they undertake to comply with strict contractual obligations to protect your data (including, but not limited to, compliance with this Privacy Policy).

Data recipients also include the service providers mentioned in our overview of cookies and analytics tools. Detailed information about these providers can be found in the information about cookies, web analytics and other tracking technologies at the end of this privacy statement.

​

Data transfers outside the EEA:

We do not transfer your personal data to countries outside the EEA (so-called "third countries") without taking appropriate protective measures. However, third countries do not provide a level of data protection identical to that in the EU.

We will only transfer your personal data if 

The Commission has adopted a so-called adequacy decision for the third country or the recipient in this third country,

appropriate safeguards are provided by the recipient in accordance with Article 46 of the GDPR for the protection of personal data (including any additional measures required), 

you have expressly consented to the transfer, after we have informed you about the risks, in accordance with Art. 49 (1) lit. a) DSGVO, 

the transfer is necessary for the performance of contractual obligations between you and us 

or another exception from Art. 49 DSGVO applies. 

Suitable guarantees according to Art. 46 of the GDPR can be so-called standard data protection clauses, with which the recipient assures to sufficiently protect the data and thus to ensure a level of protection comparable to the GDPR.

Purposes and recipients

Hosting of the website and storage of consent forms: Wix.com Ltd.

Recipient: Wix.com Ltd, 40 Namal Tel Aviv Street Tel Aviv, 6350671 Israel.

Adequacy Decision: the State of Israel has an adequate level of protection for the transfer of personal data from the European Union within the meaning of Article 45 of the GDPR, see Decision of the European Commission dated January 31, 2011 (OJ No. L 27 p. 39, Celex No. 3 2011 D 0061). Should the Commission's assessment of the level of protection under data protection law change, we will adjust the processing activity by Wix accordingly.

​

5. duration of storage:

We process and store your personal data as long as this is necessary to fulfill our contractual or legal obligations. If the data is no longer required for the fulfillment of legal obligations (e.g. tax or commercial law), it will be deleted, unless further processing is necessary for the preservation of evidence or the defense of legal claims against us, unless the processing is based on your consent. In this case, we will store your data until revoked.

6. your legal rights according to the DSGVO:

You have the following rights vis-à-vis us:

​

Your right to withdraw consent given in accordance with Art. 7 (3) DSGVO. You can revoke a once granted consent at any time, without giving reasons with effect for the future.

Your right to information and disclosure in accordance with Art. 15 DSGVO, in particular you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data, if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details.

Your right to rectification in accordance with Art. 16 DSGVO, e.g. if your data is incomplete or incorrect, you can request us to correct it.

Your right to erasure pursuant to Art. 17 DSGVO, if this is not (any longer) necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims.

Your right to restriction of processing pursuant to Art. 18 DSGVO. You may request that your data be blocked, e.g. because you believe the data is inaccurate or the processing is unlawful, but you object to its erasure because you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 DSGVO.

Your right to data portability pursuant to Art. 20 DSGVO. You may request that we hand over data that you have provided to us in a structured, common and machine-readable format or transfer it to another controller.

Finally, you also have the right to lodge a complaint with the competent data protection supervisory authority (Article 77 GDPR). You can file this complaint both at your place of residence, at your place of work or at the place of the data protection breach you are complaining about. You can also file a complaint with the supervisory authority at our registered offices.

 If you wish to exercise your rights as a data subject, you can also do so by contacting: info@pentlandfirth.com

​

​

Information about your right to object according to Art. 21 DSGVO

In addition to the rights already mentioned, you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation, provided that such processing is carried out on the basis of Art. 6 (1) lit. f) DSGVO (data processing on the basis of a balance of interests). If you object, we will no longer process your personal data unless we can demonstrate circumstances that override your interests, rights and freedoms and therefore justify the processing.

You also have the right to object at any time to the processing of your personal data for the purpose of direct marketing (including subscription to our newsletter), without incurring any costs other than the transmission costs according to the prime rates; this also applies to the creation of a user profile (so-called "profiling"), insofar as this is associated with direct marketing. If you object, we will no longer process your personal data in the future.

Please note that you may not be able to use the website or services, or only to a limited extent, if you do not provide us with certain data or if you object to the use of this data. The objection can be submitted informally to info@pentlandfirth.com.

Use of cookies

When using our website, usage data is generated. In particular, we use cookies for this purpose. These are necessary to ensure the functionality of our website.

​

What are cookies?

Cookies are small text files containing information that are stored on your access device. They are usually used to assign a specific action or preference on a website to a user, but without identifying the user as a person or revealing their identity.

Cookies are not automatically good or bad, but it is worth understanding what you can do about them and making your own decisions about your data.

We use the following types of cookies, the scope and functionality of which are explained below: Session cookies and persistent cookies.

​

Session cookies are automatically deleted when you close your browser. This applies in particular to session cookies. They store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.

​

Persistent cookies are also initially stored when you close your browser and then automatically deleted after a certain period of time, which may vary depending on the cookie. You can also delete the cookies at any time in the security settings of your browser. 

You can reset your browser before or after your visit to our website so that all cookies are rejected or to indicate when a cookie is sent. By default, the setting of cookies can be managed by the browser program of your browser, including so that no cookies can be set at all or that cookies are deleted again as soon as you close your browser. Your browser may also have an anonymous browsing feature. You can use these functions of your browser yourself at any time. However, if you have disabled the setting of cookies in your browser by default, our website or services may not function properly.

Purposes and legal basis

The use of these technologies is solely for the purpose of making the use of our offer more pleasant for you and to ensure the security of our services. For example, we use session cookies to recognize that you have already visited individual pages of our services. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again. The data processed by these cookies are necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties in accordance with Art. 6 (1) lit. f) DSGVO.

​

Finally, we use - subject to your consent - cookies and other technologies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer, as well as to provide you with advertising on third-party sites.  

The prerequisite for this is that you have given us prior consent in accordance with Art. 6 (1) lit. a DSGVO via our cookie management tool. You can revoke your consent for the future at any time via the cookie management tool. You can access the tool again at any time via the "Cookie Settings" button at the bottom of the website to check and adjust your consent settings.

Google Analytics

We use Google Analytics on our website, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: "Google").

Google processes the information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing us with other services relating to website activity and internet usage for the purposes of market research and tailoring this website to your needs.

​

The information generated by Analytics cookies about the use of our website (e.g. IP address of the accessing computer, time of access, referrer URL and information about the browser and operating system used) is transmitted to Google servers in the USA and processed there.

We use Google Analytics only with activated IP anonymization. This means that the IP address of the user is shortened by Google.

The user data collected via cookies is automatically deleted after 30 days.

The information generated by the cookies set by Google Analytics about the use of our website is transmitted to Google servers in the USA and processed there. The transmitted data are only pseudonyms, a conclusion to your name is not possible. We have concluded a contract with Google incorporating the EU standard contractual clauses. This ensures that a level of protection comparable to that in the EU exists.

We only transfer your data to Google if you expressly consent to the processing by Google. In this case, you also consent to the transfer of your data to the USA in accordance with Art. 49 (1) a DSGVO, knowing the risks described in section 3b.

You can revoke your consent for the future at any time via our Consent Management Tool. You can access the tool via the link at the end of the website.

Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics Help.  Information on Google's use of data can be found in their privacy policy.