However, we would like to be quite open: The Internet thrives on data exchange and still has many security gaps. Even if your data is encrypted when you visit our website, there is always a residual risk at the latest when exchanging data with external websites. If you visit other websites - for example via a link on our website - please note that this data protection declaration does not apply to this external website.
Responsible for this website is:
Castle Street 10
Phone: +49 69 1337 22-0
You can also reach our data protection officer via these contact details. If you have specific questions about your data, its deletion or your rights, you can contact us directly via the e-mail address firstname.lastname@example.org. If you wish to send a written request by post, it is sufficient to add "data protection".
You can contact us at any time if you have any questions about your data protection rights or wish to exercise any of your rights below:
The Hessian Commissioner for Data Protection and Freedom of Information
You can visit our website without providing any personal information. We only store data that your browser transmits to enable the visit of the website in so-called server log files, such as:
These data are evaluated exclusively to ensure trouble-free operation of the website and to improve our offer and do not allow us to draw any conclusions about your person.
Your IP address is not stored by us. Thus, the other, technical data can no longer be traced back to you and only serve anonymous, statistical purposes for the optimization of our website. The purpose of the temporary storage of the data at the beginning is to ensure the connection as well as accessibility and correct display of our website. The IP address and the technical data already mentioned are necessary to display the website, to prevent display problems for visitors and to correct error messages. The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures as well as in accordance with the European data protection requirements from Art. 6 (1) lit. f DSGVO.
We collect personal data when you voluntarily provide it to us in the course of contacting us (e.g. via contact form or e-mail). Which data is collected can be seen from the respective input forms.
To protect your privacy, the contact is made - as is the visit to the rest of the website - via an encrypted connection.
If you apply for one of the jobs offered or respond to one of our job advertisements, we collect and process the personal applicant data for the purpose of processing the application procedure. Data is processed electronically if an applicant submits corresponding application documents electronically, for example by e-mail or via the form on the website. We use an HR software called JazzHR (operated by Hireku, Inc., 610, Lincoln St #205, Waltham, MA 02451). As the service provider is based in the USA, we place a lot of emphasis on secure data transfer and storage. We have entered into an order processing contract that ensures that the data is only processed according to our specifications. In addition, we have concluded so-called EU standard contractual clauses, which are intended to guarantee a level of data protection that corresponds to that of the EU. If we conclude an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If no employment contract is concluded with the applicant, the application documents will be stored for a maximum of six months after notification of the rejection decision and then deleted. This storage period is primarily due to mutual interests in the context of any claims arising from Section 15 (4) of the General Equal Treatment Act (AGG). The application documents will only be stored for longer if the applicant has given his or her express consent for this.
If you apply via the external platforms LinkedIn, Xing or Indeed, we receive access to your profile with information about you that you yourself have provided on the respective platforms. You will find out exactly what data is involved before you establish the connection with the respective platform. You have the possibility to disconnect from these platforms at any time and to prevent access by us. Further information on this and the data protection of the respective platform can be found at https://privacy.linkedin.com/de-de (when applying via LinkedIn) or https://de.indeed.com/legal#privacy (for an application via Indeed).
The legal basis for the above-mentioned storage and processing of the application documents is Section 26 (1) BDSG-neu, as the purpose of the application procedure is the hiring or rejection of the applicant. The application procedure in this form is thus absolutely necessary in the course of personnel recruitment. The legal basis in the context of the application via the external platforms described above is your consent in accordance with the European data protection provisions pursuant to Art. 6 (1) lit. a DSGVO. You can revoke this at any time by disconnecting from the platform or sending us a corresponding message.
If you use our services as a dealer and enter into a contractual relationship with us, we process the personal data required for this purpose. We process the data of your end customers as a contractor within the scope of a so-called order processing according to Art. 28 DSGVO.
In order to implement this legally permissible, the conclusion of an order processing contract with us is necessary, in accordance with the requirements of Art. 28 DSGVO.
In the context of the execution of the contract and thus on the basis of the legal basis of Art. 6 para. 1 a DSGVO (performance of the contract), we process personal data of you as a dealer or the employees.
For this purpose, we use, among other things, our customer relationship management (CRM) of the provider Pipedrive OÜ, Paldiski mnt 80, Tallinn, 10617, Estonia This is a subsidiary of Pipedrive US, to process our contact requests of all kinds (demo request, product request, price request, booking requests. The following data is automatically transmitted from our servers:
The use of Pipedrive allows us to track and process all types of contact requests (demo requests, product requests, price requests, booking requests, etc.) in detail.)
We have concluded an order processing agreement with Pipedrive that complies with the requirements of Art. 28 DSGVO.
Unless otherwise specified, we delete your data, when a storage period prescribed by law expires, unless there is a need to continue storing the data for the conclusion or performance of a contract. Certain data may have to be stored longer for legal reasons. You can of course request information about the stored data at any time.
If you would like to receive the newsletter for customers and partners and/or other marketing communications offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use this data exclusively for sending the requested information by us or our cooperation partners. We do not pass this data on to third parties.
We use the so-called double opt-in procedure for the provision of our newsletters for customers and partners as well as other marketing communications. This means that we will only send you a newsletter or other marketing communications by e-mail if you confirm that you wish to receive our newsletter and/or other marketing communications by clicking on a link in our notification e-mail. If you confirm your wish to receive the newsletter and/or other marketing communications, we will retain your email address until you unsubscribe from the newsletter and/or other marketing communications. The storage is solely for the purpose of being able to send you the newsletter and/or other marketing communications. The processing of the data entered in the registration form for newsletters or other marketing communications is based solely on your consent (Art. 6 para. 1 lit. a DSGVO).
You can revoke the consent granted for the storage of the data, the e-mail address as well as their use for sending the newsletter and/or other marketing communications at any time, for example via the "unsubscribe" link in the e-mails of the newsletter and marketing communications. Alternatively, you can contact us using the contact details above. Data stored by us for other purposes (e.g. email addresses for customer login) will remain unaffected.. The legality of the data processing operations already carried out remains unaffected by the revocation.
This website currently uses the SendinBlue marketing automation system to send newsletters and other marketing communications. The provider is SendinBlue SAS - Politique de confidentialité 55, rue d'Amsterdam 75008 Paris, France.
SendinBlue is a service with which, among other things, the sending of newsletters and marketing communications can be organised and analysed. The data entered by you for the purpose of receiving newsletters and/or marketing communications are stored on SendinBlue's servers. The hosting servers on which SendinBlue processes and stores the databases are located in Germany. SendinBlue undertakes not to carry out any data transfers outside the European Union.
We have concluded an order processing agreement with this service provider that complies with the requirements of Art. 28 DSGVO.
If you do not want SendinBlue to analyse your data, you must unsubscribe from the newsletter and/or marketing communications. For this purpose, we provide a corresponding link or e-mail contact in each e-mail of the newsletter and/or marketing communication.
With the help of SendinBlue, it is possible for us to analyze our newsletter campaigns and other marketing messages. For example, we can see whether an email has been opened and which links, if any, have been clicked. In this way, we can determine, among other things, which links were clicked on particularly often.
In addition, we can see whether certain previously defined actions have been carried out after opening/clicking (conversion rate). We can thus see, for example, whether you have made a purchase after clicking on the newsletter and/or marketing messages.
SendinBlue also allows us to subdivide ("cluster") the email recipients based on different categories. In this way, the newsletters and/or marketing messages can be better adapted to the respective target groups.
For detailed information about the features of SendinBlue, please refer to the following link: https://de.sendinblue.com/about/
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
Unless otherwise stated, we delete your data when a storage period prescribed by law expires, unless there is a need to continue storing the data for the conclusion or performance of a contract. Certain data may have to be stored longer for legal reasons. You can of course request information about the stored data at any time.
You have the possibility to contact us in different ways on our website. You can contact us by leaving a message for our customer service. In this context, we process data exclusively for the purpose of communication. The legal basis for the data processing is the fulfilment of the contract according to Art. 6 para. 1 p. 1 lit. b DSGVO.
We use the service of the company Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102, USA.
The legal basis for the use of this service is Art. 6 para. 1 lit. f DSGVO - legitimate interest. Our legitimate interest in using this service is to be able to answer user queries quickly and efficiently.
Zendesk only uses your data to forward your requests to us. It will not be passed on to third parties.
The service can also be used pseudonymously. In the course of processing service requests, it may be necessary to collect further data (e.g. first name, last name, address, etc.).
Use of Zendesk is optional. If you do not consent to Zendesk collecting your information, we offer alternative ways to contact us to submit service requests by phone or mail.
If you contact us by phone or mail, your request including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 (1) (a) DSGVO) and/or on our legitimate interests (Art. 6 (1) (f) DSGVO), as we have a legitimate interest in the effective processing of requests addressed to us.
The data you send to us by telephone or postal contact requests remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after processing your request has been completed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
Our website sometimes uses so-called cookies. Cookies are small text files that are usually stored in a folder of your browser. Cookies contain information about the current or last visit to the website:
If cookies do not contain an exact expiration date, they are only temporarily stored and automatically deleted as soon as you close your browser or restart the terminal device. Cookies with an expiration date remain stored even if you close your browser or restart the terminal device. Such cookies are only removed on the specified date or when you delete them manually.
We use the following types of cookies on our website:
You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. Helpful information and instructions for the most common browsers are provided by the Federal Office for Information Security: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html
With the exception of the essential cookies, the other types of cookies are only activated after explicit consent has been given. This consent can be revoked at any time. You will find the revocation option and further information in the Cookie settings.
[borlabs-cookie type="btn-cookie-preference" title="MANAGING COOKIES"/]
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our website. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
The purpose of reCAPTCHA is to check whether the data input on our website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not notified that an analysis is taking place.
The data processing is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting his web offers from abusive automated spying and from SPAM.
This website uses the Google Tag Manager. Through this service, website tags can be managed via an interface. The Google Tool Manager only implements tags. This means: No cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager.
Google Fonts (https://fonts.google.com) from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, a font collection from Google, are used to visually improve the typeface. These fonts are transferred to your browser's memory folder and activated when you call up this website or other websites. If this is not supported, the text on the website will only be displayed in a standard font. To enable this, a request is sent to domains such as fonts.googleapis.com or fonts.gstatic.com, which for technical reasons contains your IP address. However, your data will not be merged with other data or traced back to your person.
Purpose of the data transmission is the correct display of the fonts in the form set by us. The IP address is required to establish a connection with Google's servers in order to download the font collection if it is not already stored on the end device. Legal basis is the so-called legitimate interest, which has been examined in order to pursue the purpose and within the framework of the aforementioned protective measures, as well as in accordance with the European data protection requirements from Art. 6 (1) lit. f DSGVO.
We use Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses the advertising and analysis cookies described above to analyse our website with regard to usage behaviour. The information generated by cookies about the use of this website is transferred to a Google server in the USA and stored there. However, your IP address will be shortened before the usage statistics are evaluated, so that no conclusions can be drawn about your person. For this purpose, Google Analytics on our website has been extended by the code "anonymizeIp" to ensure anonymized collection of IP addresses. Google will use the anonymised information obtained through the cookies to evaluate your use of the website, to compile reports on website activities for the website operators and to provide other services associated with website and internet use. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.
Purpose of the use of Google Analytics is the anonymised analysis of your usage behaviour on our websites. The knowledge gained from this helps to improve our offer. Legal basis for the use is your consent in accordance with Art. 6 para. 1 lit. a DSGVO, which can be declared in the context of our cookie banner. The consent can be revoked at any time via the cookie administration.
[borlabs-cookie type="btn-cookie-preference" title="MANAGING COOKIES"/]
We use Google Conversion Tracking of Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: "Google") on our website to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. In doing so, Google Ads will set a cookie on your computer if you have accessed our website via a Google ad.
If the user visits certain pages of the Ads client's website and the cookie has not yet expired, Google and the client will be able to recognise that the user has clicked on the ad and been redirected to that page.
Each Ads customer receives a different cookie. Cookies can therefore not be tracked across Ads customers' websites. The information collected using the conversion cookie is used to create conversion statistics for Ads customers who have opted in to conversion tracking. We learn the total number of users who clicked on an ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that personally identifies users.
Legal basis for the use is your consent in accordance with Art. 6 para. 1 lit. a DSGVO, which can be declared in the context of our cookie banner. The consent can be revoked at any time via the cookie management.
We use the remarketing functions of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") on the website. By means of this function, the provider can target visitors to the website with advertising by serving personalized, interest-based Facebook ads to visitors to the website when they visit the Facebook social network. To perform the function, the remarketing tag of Facebook is implemented on our website.
To protect your privacy you can choose yourself whether the collected information is directly assigned to your Facebook user account by deactivating the "Custom Audiences" remarketing function here. To do this, you must be logged in to Facebook. The purpose of using this service is to view anonymous usage statistics about our users and to display personalized advertisements tailored to users' interests. Legal basis for the use is your consent pursuant to Art. 6 para. 1 lit. a DSGVO, which can be declared in the context of our cookie banner. The consent can be revoked at any time via the cookie management.
[borlabs-cookie type="btn-cookie-preference" title="MANAGING COOKIES"/]
We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.
Social networks such as Facebook, Instagram, LinkedIn, etc. can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous processing operations relevant to data protection. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.
Our social media presences are intended to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. The analysis processes initiated by the social networks may be based on deviating legal bases, which are to be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a DSGVO).
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook).
Please note that despite the joint responsibility with the operators of the social media portals, we have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected.
This Fanpage uses the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland for the information service offered here.
Personal data and website/usage data are collected by Facebook via this fan page. However, we, Shopgate GmbH, use this data exclusively on an anonymous and statistical basis.
Joint processing of personal data:
Data processing on our Facebook pages takes place on the basis of an agreement on joint processing of personal data. Further
Purpose of processing:
User data is processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and resulting interests of the users. The usage profiles can be used, for example, to place advertisements within and outside the platforms that may correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behaviour and the interests of the users are stored.
Legal basis for processing:
The processing of the personal data of the users is based on our legitimate interests in effective information of the users and communication with the users pursuant to Art. 6 para. 1 lit. f. DSGVO. If the data processing is to be objected to, the user has an option to object or the use can be terminated. Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com.
Lawyer | Data Privacy
+49 151 23335289
Status of the data protection declaration: 25 January 2021