Privacy

Privacy policy

A. Allgemeines

The protection and security of your personal data are important to us. Our website therefore processes data exclusively in accordance with the EU General Data Protection Regulation (DS-GVO). In detail:

B. Name and contact details of the controller and contact details of the data protection officer.

The responsible party within the meaning of the DS-GVO and the respective national data protection laws of the EU member states as well as other data protection regulations is: 


BestEffect GmbH

Wörthstr. 13-15

Deutschland

Tel.: +49 931 80998220

E-Mail: service@besteffect.com 

Website: www.besteffect.com

The data protection officer of the data controller can be reached at:

BestEffect GmbH

“z.H. DSB” oder “to attn. GDPR“

Wörthstr. 13-15

97082 Würzburg

Deutschland 

E-Mail: dsgvo@besteffect.com oder gdpr@besteffect.com 

C. Data processing

1. legal basis for the processing of personal data.

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) a DS-GVO serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b DS-GVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 (1) lit. c DS-GVO serves as the legal basis. 

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) DS-GVO serves as the legal basis. 

If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f DS-GVO serves as the legal basis for the processing. 

2. transfer of data

A transfer of your personal data within the BestEffect GmbH group or to third parties for purposes other than those listed below does not take place.

We only pass on your personal data if:

- you have given your express consent to this in accordance with Art. 6 Para. 1 S. 1 lit. a DS-GVO

- the disclosure is necessary for internal data processing of BestEffect GmbH as well as for advertising or marketing purposes according to Art. 6 para. 1 p. 1 lit. f DS-GVO and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data

- in case there is a legal obligation for the disclosure according to Art. 6 para. 1 p. 1 lit. c DS-GVO, as well as this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DS-GVO for the processing of contractual relationships with you

D. Provision of the website and creation of log files

1. description and scope of data processing

Each time our website is called up, our system automatically collects data and information from the computer system of the calling computer or from the browser of the end device used (log files) and stores them until they are automatically deleted. The following data is collected

1. information about the browser type and version used.

2. screen resolution

3. each page view

4. operating system of the user

5. information about category of terminal device (mobile, desktop, tablet) and terminal device information

6. IP address of the user

7. date and time of access

8. websites from which the user's system accesses our website.

This data is not merged with other data sources; the data is also deleted after a statistical evaluation.

2. legal basis for data processing

The legal basis for data processing is Art. 6 para. 1 lit. f DS-GVO.

3. purpose of data processing

The storage of data in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security and stability of our information technology systems. The data is stored for reactivation of the shopping cart

E. Use of cookies

1. description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on your terminal device. If you call up a website, a cookie may be stored on your browser. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. In the cookie, information is stored that arises in each case in connection with the specific end device used. The following data is stored and transmitted in the cookies:

i. Language settings

ii. Articles in a shopping cart

iii. Log-in information

We also use cookies on our website that enable an analysis of the user's surfing behavior.

When calling up our website, the user is informed about the use of cookies for analysis purposes by means of a so-called cookie banner and his consent to the processing of personal data used in this context is obtained. In this context, there is also a reference to this privacy policy. You can revoke your consent at any time with effect for the future. You also have the option to prevent the storage of cookies on your computer by making the appropriate settings in your browser.

2. legal basis for the data processing

The legal basis for data processing is Art. 6 para. 1 lit.a DSGVO.

3. duration of storage, possibility of objection and removal.

Cookies are stored on the user's terminal device and transmitted by it to our website. Session cookies are stored for 1440 seconds (24 minutes) after the browser is closed; permanent cookies are stored permanently. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your browser, you can disable or restrict the transfer of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all the functions of the website, in particular, no orders can be placed by the user.


F. Google Analytics

Our website uses "Google Analytics", a web analytics service provided by Google Inc. ("Google"). Google Analytics uses cookies that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website, such as browser type/version, operating system used, referrer URL (the previously visited page), IP address, time of server request are usually transmitted to and stored by Google on servers in the United States.

The information is used to perform analyses of Internet and website usage, such as anonymous evaluations and graphs of page views and visits. The data is used exclusively for market research, to optimize the website and to provide other services related to Internet use. This information may also be transferred to third parties if required by law or if third parties process the data on our behalf. In no case will your IP address be merged with other data from Google. The IP addresses are anonymized so that an assignment is not possible (IP masking). 

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on https://tools.google.com/dlpage/gaoptout?hl=de. 

Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics help https://support.google.com/analytics/answer/ 6004245?hl=en.

The legal basis for the use of Google Analytics is Art. 6 para. 1 lit. a DSGVO.

G. Third-party cookie

1. google tag manager

On our website, we use the "Google Tag Manager" from Google. Through this service, website tags can be managed via an interface. Tags are small code elements on a website that are used, among other things, to measure traffic and visitor behavior, to record the impact of online advertising and social channels, to use remarketing and targeting, and to test and optimize the website. Google Tag Manager only implements tags. Google Tag Manager tracks a set of trigger rules that determine when these tags should be deployed on a website. According to the configuration, when a user visits the website, the tags are triggered and the corresponding cookies are loaded into their browser It contains instructions on which tags should be triggered. However, Google Tag Manager does not access this data. Using Google Tag Manager will make your use of our website more efficient and faster, as managing the correct tags will speed up our website. If a deactivation of Google Tag Manager has been made at domain or cookie level, it will remain in place for all tracking tags insofar as they are implemented with Google Tag Manager.

The legal basis for the data processing is Art. 6 para. 1 lit. f DS-GVO.

The data collection and storage can be objected to at any time with effect for the future.2. Google Adwords Conversion Tracking

We use the online advertising program "Google AdWords" by Google and as part of it the conversion tracking offered by Google. A cookie for conversion tracking is stored on your computer when you click on an ad placed by us in the Google search or advertising network. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages of our website while the cookie is valid, both we and Google can recognize that you clicked on an ad and were redirected to that page.

Each Google AdWords customer receives a different cookie. Cookies can therefore not be tracked across AdWords customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for us as an AdWords customer. We learn the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that personally identifies you as a user.

If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this - for example, via a browser setting that generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the "www.googleadservices.com" domain. Google's privacy policy on conversion tracking can be found here https://services.google.com/sitestats/de.html.

The legal basis for data processing is Art. 6 para. 1 lit.a DS-GVO.

3. google remarketing

In addition, we use the remarketing technology of Google. Via this technology, users who have already visited our website and shown interest are approached again by targeted advertising on the pages of the Google Partner Network. The advertising is displayed through the use of cookies. With the help of the text files, user behavior when visiting the website can be analyzed and subsequently used for advertising according to your interests.

When you perform search queries, visit other websites or use other mobile apps, the use of Google Remarketing enables us to offer you targeted advertising that is tailored to your interests and needs. As a user, you benefit from personalized advertising on other websites. This is the only way we can continuously optimize our offer to you.

Further information on Google Remarketing and Google's privacy policy can be found at: http://www.google.com/privacy/ads/.

The legal basis for the data processing is Art. 6 para. 1 lit. f DS-GVO.

4. Facebook Conversion Pixels

By using the service of Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA) Facebook Conversion Pixels, statistical data is collected, which can be used to measure the success of a Facebook ad. In addition, anonymous data about your usage behavior is collected on the website in order to create usage-based online advertising for you. As a user, you benefit from personalized advertising on other websites. This is the only way we can continuously optimize our offer to you. Here you can access the data protection conditions of Facebook Inc: www.facebook.com/about/privacy.

If you are logged in to Facebook, you can object to the use of the conversion pixel under the following link: https://www.facebook.com/settings?tab=ads

The legal basis for the data processing is Art. 6 para. 1 lit. a DS-GVO. 

The data collection and storage can be objected to at any time with effect for the future.

5 Microsoft Bing Ads

Our website uses Microsoft Bing Ads, an analysis tool of Microsoft Corporation (One Microsoft Way, Redmond, USA 98052-6399, USA). Like Google Analytics, Microsoft Bing Ads works by setting cookies that enable us to track your visit to our website and use it for advertising purposes (remarketing). 

This allows us to deliver interest-based advertising to our customers by using Universal Event Tracking (UET) to recognize end users' visits and activity on our website after they click on one of our ads and store them in remarketing lists. The creation of these remarketing lists is carried out in compliance with legal regulations. In particular, no sensitive data is stored or other additional personal data is linked to our remarketing lists or made available to Microsoft. 

If you are on a remarketing list, you may be offered interest-based advertising from us the next time you search on Bing or Yahoo. However, you can disable this behavioral targeting by changing your browser settings so that cookies are no longer stored. In addition, you can deactivate Microsoft's tracking behavior via the following link: http://choice.microsoft.com/de-DE/opt-out.

For more information about Microsoft Bing Ads' use of cookies, you can visit the Bing Ads website at the link https://help.bingads.microsoft.com/#apex/3/de/53056/2 and Microsoft's website at the following link: https://privacy.microsoft.com/de-de/privacystatement.

When you perform search queries, the use of Microsoft Bing Ads enables us to offer you targeted advertising that is tailored to your interests and needs. As a user, you thus benefit from personalized advertising on other websites. This is the only way we can continuously optimize our offer to you.

The legal basis for data processing is Art. 6 para. 1 lit. f DS-GVO.

6. YouTube

Our website uses plugins from the YouTube website, which is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA ("YouTube").

On our website, we show videos from the YouTube channel of BestEffect.com. These are displayed in the YouTube video player. BestEffect GmbH has no access or control over these cookies or the data processed by YouTube. Additional cookies may be set by YouTube to enable the use of YouTube features on our website. For more information about these cookies, please visit YouTube's website https://support.google.com/ads/answer/2662922?hl=en-GB.

The legal basis for the data processing is Art. 6 para. 1 lit. f DS-GVO.

7. google reCaptcha

In order to ensure sufficient data security when submitting forms, we use in certain cases the service reCAPTCHA of the company Google Inc. This serves primarily to distinguish whether the input is made by a natural person or abusively by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google Inc. The data protection provisions of Google Inc. apply here; information on the data protection provisions of Google Inc. can be found atwww.google.de/intl/de/privacy/ or www.google.com/intl/de/policies/privacy/.

The legal basis for the data processing is Art. 6 para. 1 lit. f DS-GVO.

The collection and storage of data can be objected to at any time with effect for the future.

H. Newsletter by e-mail

1. description and scope of data processing

If you have ordered our newsletter, we will use your e-mail address for our own advertising purposes as long as you have not revoked your consent to receive the newsletter. The dispatch of our newsletter is carried out by us. 

You can unsubscribe from our newsletter at any time by contacting us by e-mail dsgvo@besteffect.com and requesting the deletion of your data or by clicking on the link to unsubscribe from the newsletter, which you will find at the end of each newsletter. However, a revocation does not affect the lawfulness of the data processing carried out on the basis of the consent until the revocation. We will store your data until the revocation takes place.

2. legal basis for data processing

The legal basis for the processing of data after the user has subscribed to the newsletter is, if the user has given his consent in accordance with Art. 6 (1) lit. a DS-GVO.

Repetition of declarations of consent

You may have expressly given us the consent below and we have recorded your consent. According to the DS-GVO, we are obliged to keep the content of consents available for retrieval at any time. You can revoke your consent at any time with effect for the future.

Consent to newsletter dispatch

I consent to my personal data being processed by BestEffect GmbH - as described in the privacy policy - for sending the newsletter by e-mail. I can revoke this consent at any time. 

I. Newsletter tracking

1. Scope of the processing of personal dataWith the dispatch of the newsletter, your user behavior is evaluated. The evaluation is carried out by a tracking pixel from us. These are one-pixel image files that link to our website. Web beacons are collected, which are assigned to your e-mail address and linked to a separate ID. In this way, links received in the newsletter can also be clearly assigned. We thereby collect when you read our newsletter and which link you click on. We create a user profile to identify your interests. We use this data exclusively in anonymized form.

2. legal basis for the processing of personal data

The legal basis for the processing of data after the user has subscribed to the newsletter is Art. 6 (1) lit. a DS-GVO if the user has given his consent.

3 Purpose of the data processing

With the collected data, we create a user profile in order to provide you with a newsletter tailored to your interests. Only in this way is it possible for us to offer you a newsletter tailored to your interests.

4. duration of storage, possibility of objection and elimination

If you do not wish to receive personalized advertising, you can object at any time. A message in text form to the contact details mentioned at the end is sufficient for this. Alternatively, you can unsubscribe via the unsubscribe link at the end of each newsletter. We will store your data until the revocation is made. 

J. Registration and use of the customer account

1. description and scope of data processing

On our website, we offer users the opportunity to register in our customer account by providing personal data, both as part of the order and without ordering products. The data is entered in an input mask and transmitted to us and stored. The data will not be passed on to third parties. The following data is collected during the registration process: Salutation, first name, last name, e-mail address, street, house number, postal code, city and country, date of birth and telephone number. At the time of registration, the user's IP address, date and time of registration are also collected. 

As part of the registration process, the user's consent to the processing of this data is obtained.

2. legal basis for data processing

The legal basis for the processing of the data is Art. 6 (1) lit. a DS-GVO if the user has given his consent. If the registration serves the fulfillment of a contract to which the user is a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 (1) lit. b DSGVO.

Registration

I agree that inventory data (name, address, e-mail) and usage data (e-mail address, password) are stored in a customer database when opening a user account. In this way, I can log in and order with my e-mail address and password for future purchases without having to enter my data again. I can revoke this consent at any time with effect for the future by contacting the store operator by e-mail dsgvo@besteffect.com and requesting the deletion of my user account. In my user account I can view my completed orders at any time for the duration of the existence of my user account.

3. purpose of data processing

Registration of the user is necessary for the provision of certain content and services on our website. A registration of the user is necessary for the fulfillment of a contract with the user or for the implementation of pre-contractual measures.

4. possibility of objection and elimination

As a user, you have the option to cancel the registration at any time. You can have the data stored about you changed at any time. If the data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.

K. Order process

1. description and scope of data processing

Within the framework of the ordering process, the processing of personal data is necessary in order to order the products you have placed in the shopping cart. If you are already registered, the data from your customer account will be processed. The same applies if you register as part of the ordering process. Furthermore, you can also order as a guest on our website. For this purpose, your title, first and last name, address, date of birth and e-mail address are collected. In addition, the IP address of the calling end device, country, date and time of registration and the source of registration are collected.

Furthermore, orders can be placed via our order hotline. For this purpose, the title, first and last name, address, date of birth and e-mail address are collected by your call.

For the order, the collection of the payment method is required.

In this context, there is an intra-group transfer as well as a transfer of data to our logistics service providers to fulfill our contractual obligations arising from the order and a transfer.

2 Legal basis for data processing, purpose of data processing

The ordering process aims to conclude a contract, so the legal basis for processing is Art. 6 (1) lit. b DS-GVO. The processing of personal data is necessary for the processing of the user's order.

3. duration of storage

The user's personal data will be used for the period of processing the order and then archived in blocked form, in particular for the fulfillment of legal retention periods, e.g. according to the Federal Fiscal Code (BAO) and Commercial Code (UGB), or for the fulfillment of legal warranty claims. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.

L. Contact form and e-mail contact

1. description and scope of data processing

When using the online contact forms, we collect personal data (such as your name and e-mail address) only to the extent provided by you. We only use your e-mail address to process your request. Your data will then be deleted unless you have consented to further processing and use.

2. legal basis for data processing

The legal basis for the processing of data transmitted in the course of the contact form or the sending of an e-mail is Article 6 (1) sentence 1 lit. b) DS-GVO. 

M. Transfer of personal data to service providers

1. description and scope of data processing

In the context of an order, personal data is often passed on to service providers (e.g. suppliers). However, service providers may also act on their own in the interest of the website operator (e.g. technical service).

We use "Look-Alike-Audiences" from Facebook Inc. For this purpose, we transmit your e-mail address to Facebook Inc. The latter evaluates your e-mail address in order to display personalized advertising on your Facebook account.

2. legal basis for data processing

The legal basis for the processing of data in the course of the order is Art. 6 (1) lit. b DS-GVO. For the transmission of the data, Art. 6 para. 1 lit. f DS-GVO is the legal basis. 

3. purpose of data processing

The data processing is necessary for the fulfillment of the contractual obligation arising from the order. Through your evaluation, we obtain feedback on our products and our services. We try to use this knowledge to constantly improve and optimize our products and services. As a user, you benefit from this. Through Look-Alike-Audiences you are offered targeted, interest- and needs-based advertising. As a user, you benefit from personalized advertising on your Facebook account.

N. Payment method: Privacy policy on Klarna as a payment method.

The use of the payment methods invoice, installment purchase and direct debit requires a positive credit check. In this respect, we forward your data to Klarna for the purpose of address and credit checks as part of the purchase initiation and processing of the purchase contract. Please understand that we can only offer you those payment methods that are permitted based on the results of the credit check. Further information and Klarna's terms of use can be found here. General information about Klarna can be found here. Your personal information will be treated by Klarna in accordance with the applicable data protection regulations and as specified in Klarna's Privacy Policy. 

O. Payment method: Privacy policy on Sofortüberweisung as a payment method.

The controller has integrated components of Sofortüberweisung on this website. Sofortüberweisung is a payment service that enables cashless payment of products and services on the Internet. Sofortüberweisung depicts a technical procedure by which the online merchant immediately receives a payment confirmation. This enables a merchant to deliver goods, services or downloads to the customer immediately after the order is placed.

The operating company of Sofortüberweisung is SOFORT GmbH, Fußbergstraße 1, 82131 Gauting, Germany.

If the data subject selects "Sofortüberweisung" as a payment option during the ordering process in our online store, data of the data subject will be automatically transmitted to Sofortüberweisung. By selecting this payment option, the data subject consents to the transmission of personal data required for payment processing.

During the purchase transaction via Sofortüberweisung, the buyer transmits the PIN and the TAN to Sofort GmbH. Sofortüberweisung then carries out a transfer to the online merchant after a technical check of the account balance and retrieval of further data to check the account coverage. The online merchant is then automatically notified of the execution of the financial transaction.

The personal data exchanged with Sofortüberweisung are first name, last name, address, email address, IP address, phone number, cell phone number or other data necessary for payment processing. The purpose of transmitting the data is payment processing and fraud prevention. The controller will also transmit other personal data to Sofortüberweisung if there is a legitimate interest for the transmission. The personal data exchanged between Sofortüberweisung and the controller may be transmitted by Sofortüberweisung to credit reporting agencies. The purpose of this transmission is to check identity and creditworthiness.

Sofortüberweisung may pass on the personal data to affiliated companies and service providers or subcontractors, insofar as this is necessary for the fulfillment of contractual obligations or the data is to be processed on behalf.

The data subject has the option to revoke the consent to the handling of personal data at any time vis-à-vis Sofortüberweisung. A revocation does not affect personal data that must necessarily be processed, used or transmitted for (contractual) payment processing.

The applicable data protection provisions of Sofortüberweisung can be found at https://www.sofort.com/ger-DE/datenschutzerklaerung-sofort-gmbh/.

P. Credit card payment method:

If payment is made by credit card, the payment will be processed by the payment service provider VR Payment GmbH, Saonestraße 3a, 60528 Frankfurt am Main, Germany. In this process your invoice number, the invoice amount, the item information as well as the contract language and currency will be transmitted to VR Payment GmbH. Reference is made to the information provided by VR Payment GmbH in accordance with DSGVO in the context of processing credit card payments at https://www.vr-payment.de/datenschutz-haftung.

Q. Rights of the data subject

Under the application of the DS-GVO, you are entitled to the following statutory data subject rights, provided that their conditions are met:

- Right to information about your data stored by us in accordance with Art. 15 DS-GVO.

- Right to correction of inaccurate data in accordance with Art. 16 DS-GVO

- Right to delete the data stored by us in accordance with Art. 17 DS-GVO

- Right to restrict the processing of data stored by us in accordance with Art. 18 DS-GVO

- Right to revoke at any time, pursuant to Art. 7 (3) DS-GVO, any consent that may have been given to us; the consequence of this is that we may no longer continue the data processing that was based on this consent for the future.

- Right to data portability pursuant to Art. 20 DS-GVO.

- Right to lodge a complaint with a competent supervisory authority pursuant to Art. 77 DS-GVO if you believe that the processing of personal data concerning you violates provisions of the DS-GVO.

Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation.

If you wish to exercise your right to object, it is sufficient to send an e-mail to dsgvo@besteffect.com.

R. Data security

Your personal data is transferred on our website via the Internet using the so-called SSL security system (Secure Socket Layer). This technology offers a high level of security and is therefore also used, for example, by banks for data protection in online banking. We secure our website and other systems by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons.

S. Up-to-dateness and changes of this privacy policy

This data protection declaration is currently valid and has the status August 2020. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://shop.besteffect.com/datenschutz.

This letter has been machine translated from German. In case of any errors in the translation, the text of the original German version applies.