Privacy Policy
We attach the utmost importance to the protection of the personal data of our customers and visitors to our website www.amata-lana.de (hereinafter "Website").
This privacy notice describes what personal data we collect, store and use when you use the Website, for what purposes, on what legal basis and for how long.
We will update these privacy provisions from time to time. We will inform you of any changes on the Website.
By using our Website, you consent to the processing of your personal data in accordance with the following provisions.
(1) Controller
The controller for the collection, processing and use of personal data on this website is
amata lana
Julia Siegmann (hereinafter "amata lana").
Meerfeldstraße 67
68163 Mannheim
Tel.: +49 62143 749595
E-Mail: juliasiegmann@gmail.com
(2) Legal basis for processing
We process personal data exclusively for the fulfillment of contracts concluded with us, as well as for processing your inquiries prior to the conclusion of a contract (Art. 6 (1) (b) GDPR), for the fulfillment of legal obligations (Art. 6 (1) (c) GDPR) or if this is suitable, necessary and appropriate to safeguard our legitimate interests (Art. 6 (1) (f) GDPR). Furthermore, we only process your personal data on the basis of your explicit consent to processing (Art. 6 (1) (a) GDPR).
After complete execution of the contract, your data will be blocked with regard to tax and commercial retention periods and deleted after expiry of these periods.
(3) Collection, processing and use of personal data
(3.1) Visiting the website www.amata-lana.de
You can visit our site without providing any personal information. We only store access data without personal reference, namely: the name of your Internet service provider, the page from which you visit us or the name of the requested file. In addition, for security reasons, the IP address used for access is stored in order to detect fraud and attack scenarios and, if necessary, to exclude them from our shop. This data is evaluated exclusively for statistical purposes and to improve our offer and will be deleted after 30 days.
The legal basis for data processing is Art. 6 (1) (1) (f) GDPR. Our legitimate interest follows from the data collection purposes listed above. This does not allow us to draw conclusions about your person.
(3.2) Use of the online shop on the website www.amata-lana.de
Personal data is only collected if you voluntarily provide it to us as part of your order. In this case, we store at least the following data (mandatory fields):
- Salutation
- First and last name
- Company (if applicable)
- Billing and shipping address
- Phone number
- Email address
In addition, we store the following further information - if provided -:
- VAT ID
- Address supplements
If you do not order as a guest and set up a customer account, access to your customer account will be protected by a password you choose individually. It is essential that the password is confidential and sufficiently protected from unauthorized access by third parties.
When using the PayPal payment method, we collect, if stored there accordingly, the email address, the billing address and other bank details of the respective linked PayPal account.
We use the email service info@amata-lana.de for sending automated electronic order confirmations in the online shop, for sending electronic order confirmations and for sending electronic invoices.
We use the data you provide exclusively for the fulfillment of contracts concluded with us and for processing your inquiries prior to the conclusion of a contract, including the necessary communication for this purpose, as well as for processing your inquiries prior to the conclusion of a contract, or if this is suitable, necessary and appropriate to safeguard our legitimate interests, without your separate consent.
We store the personal data collected by us in connection with the use of our online shop for a period of 6 months after completion of the order, unless you have registered for a customer account with us. In this case, we store your data as long as you maintain the customer account with us. In addition, we store your data in connection with the fulfillment of legal retention and verification obligations for the respective duration of these legal obligations.
(4) Use of Cookies
This website uses so-called 'cookies', which serve to make our internet presence more user-friendly, effective and secure overall – for example, when it comes to speeding up navigation on our website. In addition, cookies enable us to measure the frequency of page views and general navigation.
Cookies are small text files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device, do not contain viruses, Trojans or other malware.
Information is stored in the cookie that arises in connection with the specifically used device. However, this does not mean that we immediately gain knowledge of your identity.
We point out that some of these cookies are transferred from our server to your computer system, most of which are so-called 'session cookies'. 'Session cookies' are characterized by the fact that they are automatically deleted from your hard drive after the end of the browser session.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a specific, defined period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you (see section 5). These cookies enable us to automatically recognize, when you revisit our site, that you have already been with us. These cookies are automatically deleted after a defined period.
The data processed by cookies are necessary for the aforementioned purposes to safeguard our legitimate interests as well as those of third parties according to Art. 6 (1) (1) (f) GDPR.
Most browsers accept cookies automatically. Of course, you can refuse cookies at any time if your browser allows this. Please note that certain functions of this website may not be usable or may only be used to a limited extent if your browser is set not to accept cookies (from our website).
(5) Use of Tracking Tools
The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) (1) (f) GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate in the sense of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"), to safeguard its own legitimate interests under Art. 6 (1) (1) (f) GDPR. Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; however, we point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de. You can also prevent collection by Google Analytics by clicking on the following link. An opt-out cookie will be set that prevents the future collection of your data when visiting this website: Disable Google Analytics
(6) Use of Social Media Plugins
Social media plugins from the providers listed in detail below are used on our websites. We have marked the social media plugins with the well-known logos at the bottom of the page. Information, which may also include personal data, may be sent to and used by the respective social media provider via the social media plugins. We prevent the unconscious and unwanted collection and transfer of data to the social media provider by means of a 2-click solution. To activate a desired social plug-in, it must first be activated by clicking on the corresponding button. Only by activating this plug-in will the collection of information and its transfer to the social media provider be triggered.
We have no influence on what data an activated plug-in collects and how this data is used by the service provider. It must be assumed that a direct connection to the services of the social media provider is established and at least the IP address and device-related information are collected and used. In addition, there is a possibility that the social media providers try to store cookies on the computer used. Please refer to the data protection notices of the respective social media provider for information on what specific data is collected and how it is used. If you are logged in to Facebook at the same time, Facebook can identify you as a visitor to a specific page.
The legal basis for the integration of the social media plugins and the associated data transfer to the respective social media provider is your consent by clicking on the corresponding button (Art. 6 (1) (1) (a) GDPR).
Activating a social media plugin automatically establishes a connection to the respective service provider.
We do not collect and store any personal data ourselves using social media plugins or through their use.
Facebook, Twitter and Instagram process your data in the USA. We point out that the USA is not a safe third country within the meaning of EU data protection law. US companies may be obliged to disclose personal data to US security authorities (e.g. intelligence agencies). We have no influence on this.
We have integrated the social media plugins of the following companies on our websites:
Facebook: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland; data protection information and contact options can be found at https://www.facebook.com/privacy/explanation.
Twitter: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland; data protection information and contact options can be found at https://twitter.com/de/privacy.
Instagram: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland; data protection information and contact options can be found at https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect.
(7) Disclosure of personal data
Your personal data will generally not be passed on to third parties by us. A transfer will only take place if and to the extent that it is absolutely necessary for the processing of your order:
a) Shipping company
Your data will be passed on to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of the goods.
b) Payment provider
For payment processing, we pass on your payment data to the credit institution commissioned with the payment.
The transfer takes place on the basis of Art. 6 (1) sentence 1 (b) and (f) GDPR. Your data will be stored for the duration of the processing and beyond within the scope of any legal retention obligations (Art. 17 (3) (e) GDPR) and deleted in accordance with Art. 17 (1) (a) when these reasons cease to apply.
(8) Security and encryption
We protect the collected customer data by storing the data on password-protected and firewall-secured servers and protecting it from unauthorized access through encryption technologies. Data transmitted to us during the use of the website is transmitted using SSL encryption technology. Internally, we have established further technical and organizational measures to protect your data with regard to the storage and processing of your data.
Even if we try to provide you with a secure environment for your data with these precautions, absolute security of your data cannot be guaranteed on the Internet. We therefore recommend that you take every possible precaution to protect your personal data while connected to the Internet. Please pay particular attention to the use of strong passwords, adequate and up-to-date virus scanners and a secure browser.
(9) Your rights regarding your data
You have the right:
- pursuant to Art. 15 GDPR to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if not collected from us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- pursuant to Art. 16 GDPR to demand the immediate rectification of incorrect or completion of your personal data stored by us;
- pursuant to Art. 17 GDPR to demand the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
- pursuant to Art. 18 GDPR to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse their erasure and we no longer need the data, but you need them for the establishment, exercise or defense of legal claims or you have lodged an objection to the processing pursuant to Art. 21 GDPR;
- pursuant to Art. 20 GDPR to receive your personal data, which you have provided to us, in a structured, common and machine-readable format or to request the transfer to another controller;
- pursuant to Art. 7 (3) GDPR to withdraw your once given consent at any time to us. This means that we may no longer continue the data processing based on this consent in the future and
(10) Right to object
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
If you wish to exercise your right of withdrawal or objection, an email to juliasiegmann@gmail.de is sufficient
(11) Right to complain
You have the right to lodge a complaint with the data protection supervisory authority.