Privacy Policy
The protection of your personal data is very important to us. We therefore process your data exclusively on the basis of the statutory provisions (GDPR, TKG 2003). This data protection declaration provides information about the type, scope and purpose of the collection and processing of your data.
We, Vulpine GmbH, are responsible for data processing in terms of data protection law. If you have any questions about the collection, processing or use of your personal data, please contact: Vulpine GmbH, Winzerweg 27 8054 Seiersberg Pirka, [email protected]
Collection and processing of your data as part of your order, your newsletter subscription or your visit on our website, we collect and process certain personal data relating to you. The type, scope and purposes of this data processing are described below.
Order
As part of your order, we process the data you provide: first name, surname, email address, street, postcode, city, telephone number, age, user name and password. Your payment details are encrypted and transmitted over the Internet during the ordering process.
Due to a special integration in the ordering process, we never have access to your payment data and are therefore not processors of this data. These are processed exclusively by these payment service providers:
Apple Pay
If you choose the "Apple Pay" payment method from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment will be processed using the "Apple Pay" function on your iOS, watchOS or macOS device by debiting a payment card stored with "Apple Pay". Apple Pay uses security features built into the hardware and software of your device to protect your transactions. In order to approve a payment, it is necessary to enter a code that you previously specified and to verify using the “Face ID” or “Touch ID” function of your device.
For the purpose of payment processing, the information you provided during the ordering process along with the information about your order will be passed on to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website from which the purchase was made can access the payment details. After the payment has been made, Apple will send your device account number and a transaction-specific, dynamic security code to the original website to confirm the payment has been successful.
If personal data is processed in the described transmissions, the processing takes place exclusively for the purpose of payment processing according to Art. 6 Para. 1 lit. b GDPR.
Apple maintains anonymized transaction information, including the approximate purchase amount, approximate date and time, and whether the transaction was successfully completed. The anonymization completely excludes any personal reference. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.
When you use Apple Pay on the iPhone or Apple Watch to complete a purchase made through Safari on the Mac, the Mac and the authorization device communicate over an encrypted channel on the Apple servers. Apple does not process or store any of this information in a format that can be used to identify you personally. You can turn off the ability to use Apple Pay on your Mac in your iPhone's settings. Go to Wallet & Apple Pay and turn off Allow Payments on Mac.
Further information on data protection at Apple Pay can be found at the following Internet address: https://support.apple.com/de-de/HT203027
Klarna
If a Klarna payment service is selected, the payment will be processed by Klarna Bank AB (publ) [https://www.klarna.com/de], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Klarna”). In order to enable the processing of the payment, your personal data (first and last name, street, house number, zip code, city, gender, email address, telephone number and IP address) as well as data related to the order (e.g. invoice amount, article, type of delivery) passed on to Klarna for the purpose of checking the identity and creditworthiness, provided that you are here in accordance with Art. a DSGVO have expressly consented to the order process. You can see here which credit agencies your data can be forwarded to:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies
The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Klarna uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, implementation or termination of the contractual relationship.
You can revoke your consent at any time by sending a message to the person responsible for data processing or to Klarna. However, Klarna may still be entitled to process your personal data if this is necessary for contractual payment processing.
Your personal details are processed in accordance with the applicable data protection regulations and in accordance with the information in Klarna’s data protection regulations for data subjects based in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy
for data subjects based in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy
treated.
SOFORT
If the payment method "SOFORT" is selected, the payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we will send the information you provided during the ordering process along with the information about your order in accordance with Art. 6 para. 1 lit. b GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will only be passed on for the purpose of processing payments with the payment service provider SOFORT and only insofar as it is necessary for this. You can find more information about SOFORT's data protection provisions at the following Internet address: https://www.klarna.com/sofort/datenschutz.
In the case of a credit card payment, we need the credit card type, yours
Credit card number, credit card expiration date and the check digit on the back of your credit card. Your data is always encrypted using SSL (at least 128 bit) transmitted over the Internet.
Payment service provider & Accounting
Insofar as this is necessary for the fulfillment of the contract, data will also be passed on to service providers for processing and managing payments.
The SevDesk service, a service provided by SEVENIT GmbH, Hauptstrasse 40 in 77652 Offenburg, Germany, is used for invoicing and preparation for bookkeeping. You can find more information on data protection at SevDesk at https://sevdesk.at/sicherheit-datenschutz/.
The service of Stripe Payments Europe, d, Block 4, Harcourt Center, Harcourt Road, Dublin 2, Ireland, is commissioned to process payments. You can find more information about Stripe's data protection at https://stripe.com/de/privacy#translation
After the contract has been fully processed and the purchase price has been paid in full, your data will be archived and deleted after the retention periods under tax and commercial law or the periods under the Product Liability Act, unless you have consented to the further use of your data.
If we disclose data to other persons and companies (contract processors or third parties) within the scope of our processing, transmit them to them or otherwise grant them access to the data, this is only done on the basis of legal permission (e.g. if the data is transmitted to third parties, as is required for payment service providers in accordance with Art. 6 Para. 1 lit. b GDPR), you have consented, a legal obligation provides for this or based on our legitimate interests (e.g. when using agents, web hosts, etc.).
In the event of an order, your data will be processed by payment and shipping service providers, in particular with regard to order processing.
If we commission third parties to process data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.
We would like to point out that user data can be processed outside of the European Union.
As part of order processing, for example, the service providers we use (e.g. shipping companies, logisticians, payment service providers) receive the necessary data for order processing. However, in the event of a statutory provision, an official order or an official investigation, we are legally obliged to make the relevant data available to the authority.
Hosted by Shopify
We use the platform of the service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”) to operate our online shop and we have a corresponding contract with the provider for order data processing completed. Shopify provides an e-commerce platform through which we offer our goods for sale.
All data collected on our website is processed on Shopify's servers. As part of Shopify's services, data can also be processed on behalf of Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. or Shopify (USA) Inc. In the event that data is transmitted to Shopify Inc. in Canada, the European Commission's adequacy decision guarantees the appropriate level of data protection. Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. and Shopify (USA) Inc. in the USA are certified for the US-European data protection agreement “Privacy Shield”, which ensures compliance with the data protection level applicable in the EU guaranteed.
Further information on data protection from Shopify can be found on the following website: https://www.shopify.de/legal/datenschutz
Newsletter
If you sign up for our newsletter and thereby give us your consent (Art 6 Paragraph 1 lit a GDPR), we will process your name and your email address for the purpose of sending our newsletter. Your personal data will be stored until you unsubscribe from the newsletter or until you withdraw your consent.
You can revoke your consent or unsubscribe from the newsletter at any time by sending a message to the e-mail address [email protected] or by clicking on the unsubscribe link at the end of each newsletter or by notifying us in another form.
Use of the Email Marketing provider "Klaviyo"
The newsletter is sent via "Klaviyo", 225 Franklin St, Boston, MA 02110, USA.
The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on Klaviyo's servers in the USA. Klaviyo uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to its own information, Klaviyo can use this data to optimize or improve its own services, e.g. for the technical optimization of the dispatch and the presentation of the newsletter or for economic purposes in order to determine from which countries the recipients come. However, Klaviyo does not use the data of our newsletter recipients to write them down or to pass them on to third parties.
We trust in the reliability and IT and data security of Klaviyo. Klaviyo is certified under the US-EU data protection agreement “Privacy Shield” and thus undertakes to comply with EU data protection regulations. We have also concluded a "Data Processing Agreement" with Klaviyo. This is a contract in which Klaviyo undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection regulations and, in particular, not to pass it on to third parties. Here you can find Klaviyo's privacy policy in English: https://www.shopify.com/legal/privacy
Use of cookies
Cookies are small files or other types of information storage that are transferred from our web server or third-party web servers to the user's web browser and stored there for later retrieval.
As a rule, user data is processed for market research and advertising purposes. In this way, user profiles can be created from the usage behavior and the interests of the users resulting from this. The usage profiles can in turn be used to e.g. To place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user's computer, in which the usage behavior and the interests of the user are stored. Furthermore, data can be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
We also use cookies for statistical analysis of the use of our website as part of the web analysis service Google Analytics (see below). This data is collected on the basis of Art 6 Paragraph 1 lit f GDPR.
If you have previously consented to this in accordance with Article 6 (1) (a) GDPR, cookies from third-party providers will be used when you visit our website for the purpose of collecting and evaluating your usage behavior. You consent to this use of cookies by displaying a banner on which the type and scope of the use of these cookies is explained and you can agree to the use of cookies or reject them. In any case, no such cookies will be used until you have given your consent. If you do not accept cookies, the functionality of our website may be restricted.
Use of Google Analytics
We use Google Analytics, a web analysis service from Google LLC (“Google”), 1600 Amphitheater Parkway Mountain View, CA 94043, USA. As part of “Google Analytics”, cookies are placed on your computer in order to statistically evaluate your use of our website. We have concluded a corresponding contract data processing agreement with Google.
The information generated by these cookies about your use of this website (including your IP address) is anonymized before it is stored on the Google server so that it can no longer be assigned to a computer. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. Google uses this information to evaluate your use of the website, to compile reports on website activity for the website operator and to provide other services relating to website activity and internet usage.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can find more information on how Google Analytics handles user data in the Google Privacy Policy:
https://support.google.com/analytics/answer/6004245?hl=de.
You can prevent the collection of the data generated by the cookies and related to your use of the website and the processing of the anonymized data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google. com / dlpage / gaoptout? hl = de. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Use of social media plugins
We use plugins from the following social networks:
Facebook
(Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland)
Data protection declaration: https://www.facebook.com/about/privacy/
Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Google / YouTube
(Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA)
Data protection declaration: https://policies.google.com/privacy
Opt-Out: https://adssettings.google.com/authenticated
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
Instagram
(Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) Privacy Policy / Opt-Out: http://instagram.com/about/legal/privacy/
Twitter
(Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA) Data protection declaration: https://twitter.com/de/privacy
For this purpose, we use a two-stage process, within the framework of which you can give your consent to the processing of data by the operator of the social network in accordance with Article 6 (1) (a) GDPR. Data is only transmitted to the operator of the social network when users click on one of the icons displayed and thus consent to the transmission of the data to the operator of the social network. A connection from your browser to the respective social network will only be established after such consent.
The social network receives information about your visit to our website via the plugin. If you are logged in to the social networks mentioned above, your visit can be assigned to the account of your social network. Any interactions with the plug-in can be saved by the operator of the network.
Data security
Your contract data is encrypted and transmitted over the Internet using SSL. This information is encrypted before it is transmitted to us. We use technical and organizational measures to secure our website and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons.
Rights as a data subject
You have the right to information about your personal data, as well as the right to correct or delete or restrict processing. You can also object to the processing and have the right to transfer your personal data in a structured, machine-readable form. For all rights mentioned, please contact the person responsible.
Right of appeal
You also have the right to lodge a complaint with a supervisory authority. For Austria this is the Austrian data protection authority, Barichgasse 40-42, 1030 Vienna, phone: +43 1 52 152-0, e-mail: [email protected], web: https: //www.dsb.gv. at/.