General notice and mandatory Information

Designation of the responsible body

The responsible body for data processing on this website is:

Shan Exotic Store
Kanthni Safan
Karl-Metz-Straße 15
65119 Heidelberg

The responsible body decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

Revocation of your consent to data processing

Some data processing operations are only possible with your express consent. You can revoke your already given consent at any time. An informal e-mail notification is sufficient for the revocation. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority

As a person concerned, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority with regard to data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to Data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. It is provided in a machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done if it is technically feasible.

Right to information, correction, blocking, deletion

You have the right to free information about your stored personal data, the origin of the data, their recipients and the purpose of the data processing and, if necessary, the right to correct, block or delete this data at any time within the framework of the applicable legal provisions. You can contact us at any time using the contact options listed in the legal notice if you have any further questions on the subject of personal data.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses an SSL or. TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the “https: //” address line of your browser and by the lock symbol in the browser line.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in server log files. These are:

  • Visited page on our domain
  • Date and time of the server request
  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • IP-Adresse

There is no merging of this data with other data sources. The basis for data processing is Article 6 (1) (b) GDPR, which allows the processing of data for the fulfillment of a contract or pre-contractual measures.

Data transmission when concluding a contract for the purchase and dispatch of goods

Personal data will only be transmitted to third parties if there is a need to process the contract. Third parties can be payment service providers or logistics companies, for example. A further transmission of the data does not take place or only if you have expressly consented to this.

The basis for data processing is Article 6 (1) (b) GDPR, which allows the processing of data for the fulfillment of a contract or pre-contractual measures.

Contact Form

Data transmitted via the contact form, including your contact details, will be stored in order to be able to process your request or to be available for follow-up questions. This data will not be passed on without your consent.

The processing of the data entered in the contact form takes place exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your already given consent at any time. An informal e-mail notification is sufficient for the revocation. The legality of the data processing operations carried out up to the point of revocation remains unaffected by the revocation.

Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store data. Mandatory statutory provisions – in particular retention periods – remain unaffected.

Storage duration of contributions and comments

Contributions and comments as well as related data, such as IP addresses, are saved. The content remains on our website until it has been completely deleted or had to be deleted for legal reasons.

The contributions and comments are saved on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your already given consent at any time. An informal e-mail notification is sufficient for the revocation. The legality of data processing operations that have already taken place remains unaffected by the revocation.

Cookies

Our website uses cookies. These are small text files that your web browser saves on your device. Cookies help us to make our offer more user-friendly, more effective and safer.

Some cookies are “session cookies.” Such cookies are automatically deleted at the end of your browser session. However, other cookies remain on your device until you delete them yourself. Such cookies help us to recognize you when you return to our website.

With a modern web browser you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured so that cookies are automatically deleted when the program is closed. Deactivating cookies can limit the functionality of our website.

The setting of cookies, which are necessary to carry out electronic communication processes or to provide certain functions you want (e.g. shopping cart), is based on Art. 6 Para. 1 lit.f GDPR. As the operator of this website, we have a legitimate interest in storing cookies for the technically error-free and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these will be treated separately in this data protection declaration.

Google Analytics

Our website uses functions of the web analysis service Google Analytics. The provider of the web analysis service is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

Google Analytics uses “cookies.” These are small text files that your web browser saves on your device and that enable website usage to be analyzed. The information generated by cookies about your use of our website is transmitted to a Google server and stored there. The server location is usually the USA.

Google Analytics cookies are set on the basis of Art. 6 Para. 1 lit.f GDPR. As the operator of this website, we have a legitimate interest in analyzing user behavior in order to optimize our website and, if necessary, advertising.

IP-Anonymization

We use Google Analytics in conjunction with the IP anonymization function. It ensures that Google shortens your IP address within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. There may be exceptional cases in which Google transmits the full IP address to a server in the USA and abbreviates it there. On our behalf, Google will use this information to evaluate your use of the website, to create reports on website activity and to provide us with other services related to website activity and internet usage. The IP address transmitted by Google Analytics is not merged with other Google data.

Browser Plugin

The setting of cookies by your web browser can be prevented. However, this could limit some functions of our website. You can also prevent the collection of data relating to your website usage including your IP address and subsequent processing by Google. You can do this by downloading and installing the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to Data collection

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to our website: Deactivate Google Analytics.

You can find details on how user data is handled by Google Analytics in Google’s data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

In order to fully comply with the statutory data protection requirements, we have concluded an order processing contract with Google.

Demographic characteristics in Google Analytics

Our website uses the “demographic characteristics” function of Google Analytics. It can be used to create reports that contain statements on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third-party providers. It is not possible to assign the data to a specific person. You can deactivate this function at any time. You can do this via the ad settings in your Google account or by generally prohibiting the collection of your data by Google Analytics, as explained in the section “Objection to data collection”.

PayPal

Our website allows payment via PayPal. The payment service provider is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

If you pay with PayPal, the payment data you have entered will be transmitted to PayPal.

The transfer of your data to PayPal takes place on the basis of Art. 6 Paragraph 1 lit. a GDPR (consent) and Art. 6 Paragraph 1 lit. b GDPR (processing to fulfill a contract). You can revoke your already given consent at any time. Data processing operations in the past remain effective in the event of a revocation.

Instant bank transfer

Our website enables payment via “Sofortüberweisung.” The payment service provider is Sofort GmbH, Theresienhöhe 12, 80339 Munich.

With the help of the “Sofortüberweisung” procedure, we receive a real-time payment confirmation from Sofort GmbH and can immediately begin to meet our obligations.

When paying by “Sofortüberweisung”, your PIN and TAN are transmitted to Sofort GmbH. The payment provider logs into your online banking account, automatically check your account balance and make the transfer. Immediate confirmation of the transaction follows. Your sales, the credit line of your overdraft facility and the existence of other accounts as well as their stocks are also automatically checked after logging in.

In addition to PIN and TAN, the transmission to Sofort GmbH also includes payment data and personal data. Your personal data includes your first and last name, address, telephone number (s), email address, IP address and any other data necessary for payment processing. This data transfer is necessary in order to establish your identity beyond any doubt and to prevent attempted fraud.

The transfer of your data to Sofort GmbH takes place on the basis of Art. 6 Paragraph 1 lit. a GDPR (consent) and Art. 6 Paragraph 1 lit. b GDPR (processing to fulfill a contract). You can revoke your already given consent at any time. Data processing operations in the past remain effective in the event of a revocation.

You can find details on payment with immediate transfer at: https://www.sofort.de/datenschutz.html.