Datenschutzerklärung – Tenuta Cappellina

Data Protection

Data protection
Thank you for your interest in our website and our company.

The protection and security of your data is also of paramount importance to us, which is why we would like to provide you with comprehensive information about how we handle your data. This will inform you about which data we collect during your visit to our website and how we use it in detail.

We use various technologies on our website to improve user-friendliness, effectiveness, and security. In this context, data may be collected by us or by third parties employed and commissioned by us.

Since our website and the underlying technologies are subject to constant change and further development, and legal and regulatory requirements are also subject to regular adjustments, changes to this privacy policy may also become necessary. All future changes to our privacy policy will be announced on this website. You can access and print the current privacy policy at any time on our website.

In accordance with the need for comprehensive protection of your personal data, we adhere to the relevant legal provisions of the German Data Protection Act (BDSG) and, in particular, the General Data Protection Regulation (GDPR). We also comply with any other data protection standards.

Please read this privacy policy carefully before using this website. This policy explains, among other things, how we handle your personal data and how we use cookies. By using this website, you accept these regulations.

Name and contact details of the controller and the company data protection officer

This privacy information applies to data processing by:

Responsible: History & Heraldry GmbH, represented by the Managing Director Ernst Carstens, Speersort 166, 21723 Hollern-Twielenfleth, Email: welcome@hh-germany.de, Telephone: +49 (0) 4141/79 32-10, Fax: +49 (0)4141/79 32-19

Collection, storage and use of personal data

With regard to the extent to which data is collected and stored, a distinction must be made between whether the data is collected solely as a result of your visit to our website or whether you carry out business transactions – in particular a product purchase.

I. Data collected automatically (by technology) through the mere visit to our website

1. When you visit our website purely for informational purposes, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatically deleted:

– Your IP address
– Date and time of your access to our website
– Websites you visit on our site
– The URL of the page you previously visited (=referrer URL)
– Information about the browser you use (type, version, operating system, etc.) and the name of your access provider

2. We process the above data for the following purposes:

– Ensuring a smooth connection to the website,
– Ensuring comfortable use of our website,
– Evaluation of system security and stability as well as
– for further administrative purposes.

The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest arises from the purposes for data collection listed above. Under no circumstances will we use the collected data to draw conclusions about you personally.

We also use cookies and analytics services when you visit our website. Further information about these can also be found in this privacy policy.

II. Directly collected data / Data provided by you

We also collect personal data when you provide it to us directly, i.e., when you disclose it to us knowingly and willingly. This is particularly the case when you enter into a contractual business relationship with us via our website, for example, by making a purchase or using another service we offer. We need this data to enable you to use our services and, in particular, to process purchasing transactions from start to finish. This includes identification data such as your postal address.

The legal basis for data processing is Art. 6 (1) (b) GDPR.

III. When registering for our newsletter

We are naturally interested in regularly informing you about our latest offers and products. Among other things, we use electronic newsletters for this purpose. If you would like to receive a newsletter from us and subscribe to it, we need your email address and, with it, your consent to receive a newsletter. After registration, you will also receive an email with a confirmation link that you must click. This identifies you as the owner of the email address (so-called double opt-in procedure). If this confirmation is not received without a significant delay, the registration process will be canceled and the previously provided email address will be deleted from our server.

Provided you have expressly consented to this in accordance with Art. 6 (1) (a) GDPR, we will use your email address to regularly send you our newsletter. You can unsubscribe at any time, for example, via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request by email to welcome@hh-germany.de.

IV. When using our contact form

If you have any questions, you can contact us using a form provided on our website. You must provide a valid email address so we know who sent the inquiry and can respond to it. You can provide additional information voluntarily.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) (a) GDPR on the basis of your voluntarily given consent.

The personal data we collect when you use the contact form will be automatically deleted after your request has been processed.

Disclosure to third parties

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only share your personal information with third parties if:

– you have given your express consent in accordance with Art. 6 (1) (a) GDPR,
– the transfer is necessary according to Art. 6 (1) (f) GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not transferring your data,
– in the event that there is a legal obligation to transfer data pursuant to Art. 6 (1) (c) GDPR, and
– this is legally permissible and is necessary for the processing of contractual relationships with you according to Art. 6 (1) (b) GDPR.

If you choose Klarna Invoice and Klarna Installment Purchase from Klarna AB, located at Sveavägen 46, 111 34 Stockholm, Sweden, as your payment option during the ordering process, you will be asked to consent to us collecting and transmitting to Klarna AB the personal data necessary to process the invoice purchase and for an identity and credit check. This includes, in particular, your first and last name, title, address, date of birth, gender, email address, IP address, telephone number, mobile phone number, as well as data necessary to process the invoice purchase and data related to the order, such as the number of items, item number, invoice amount and tax percentage, invoice information, and bank details.

The data is transmitted so that Klarna can create an invoice and conduct an identity and credit check to process your purchase using the invoice processing method you have requested. Klarna has a legitimate interest in transmitting the purchaser's personal data and requires it to obtain information from credit agencies for the purpose of identity and credit checks. In Germany, the aforementioned data may be transferred to the following credit agencies:

•    Arvato Infoscore Consumer Data GmbH and Infoscore Consumer Data GmbH, Rheinstrasse 99, 76532 Baden-Baden
•    Bürgel Wirtschaftsinformationen GmbH & Co. KG, PO Box 5001 66, 22701 Hamburg
•    Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss
•    Deltavista GmbH, Freisinger Landstr. 74 80939 München
•    SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden

When deciding whether to establish, execute, or terminate the contractual relationship, Klarna collects and uses information on the buyer's previous payment behaviour as well as probabilities of this behaviour in the future. Klarna calculates this scoring based on scientifically recognized mathematical and statistical methods.
You have the option to revoke your consent to Klarna's use of your personal data at any time. However, even in this case, Klarna may still be entitled to process, use, and transmit your personal data if this is necessary for the contractual payment processing through Klarna's services, is legally required, or is required by a court or authority.

You can also obtain further information on data protection directly from Klarna:
Klarna AB's privacy policy

You can obtain information about the personal data stored by Klarna at any time by contacting Datenschutz@klarna.de.

Deletion of collected data

We generally store your personal data as long as we have a legitimate interest in doing so (for example, to process orders you have placed) and your interest in not continuing to store it does not outweigh this.

Even without a legitimate interest, we may continue to store the data if we are legally obligated to do so (e.g., to fulfill retention obligations). We will delete your personal data without your intervention as soon as knowledge of it is no longer necessary to fulfill the purpose of processing or if storage is otherwise legally inadmissible. In addition to the legally prescribed retention obligations, the statutory limitation periods, which generally amount to three years (standard limitation period), but can be up to 30 years in individual cases, may also influence the duration of storage of your data.

Cookies

Our website uses so-called cookies. These are small files that your browser stores in a designated directory on your device when you visit our website. Cookies do not cause any damage to your device and do not contain viruses, Trojans, or other malware.

These cookies can, for example, determine whether you have visited a website before. Or information about the contents of the shopping cart may be stored in the cookies. However, this does not mean that we directly know your identity. The use of cookies serves on the one hand to make using our services more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site. In addition, we also use temporary cookies to optimize user-friendliness. These cookies are stored on your device for a specific period of time. If you visit our website again to use our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again.

Most browsers automatically accept cookies. However, you can set your browser to refuse cookies or to require explicit consent before a cookie is saved. You can also delete cookies that have already been set at any time. Please note that disabling cookies may limit your use of our website. http://www.allaboutcookies.org/ können Sie mehr über die Funktionsweise von Cookies erfahren.

The data processed by cookies are necessary for the purposes mentioned to protect our legitimate interests and those of third parties in accordance with Art. 6 (1) (f) GDPR.

Webtracking

The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) (f) GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. We also use tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offering for you. These interests are considered legitimate within the meaning of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

I. Google Analytics

For the purpose of tailoring our website to meet your needs and continuously optimising it, we use Google Analytics, a web analysis service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google"). In this context, pseudonymized user profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this website, such as

–    Browser-Typ/-Version,
–    operating system used,
–    Referrer URL (the previously visited page),
–    Hostname of the accessing computer (IP address),
–    Time of the server request,

are transmitted to a Google server in the USA and stored there. This information is used to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and the needs-based design of these websites. This information may also be transferred to third parties if required to do so by law or if third parties process this data on Google's behalf. Under no circumstances will your IP address be merged with other data held by Google. IP addresses are anonymized so that assignment is not possible (IP masking).
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking this link: Google Analytics deaktivierenAn opt-out cookie will be set that prevents your data from being collected when you visit this website in the future. The opt-out cookie is valid only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
For more information about data protection in connection with Google Analytics, please see the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=de).

Google reCAPTCHA

We use Google reCAPTCHA on our website to verify and prevent interactions on our website through automated access, e.g., by so-called bots. This is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google."

Through certification under the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that EU data protection regulations will also be complied with when processing data in the USA.

This service allows Google to determine which website a request is sent from and the IP address from which you use the so-called reCAPTCHA input box. In addition to your IP address, Google may also collect other information necessary to provide and guarantee this service.

The legal basis is Art. 6 (1) (f) GDPR. Our legitimate interest lies in the security of our website and in preventing unwanted, automated access in the form of spam or similar.

Google offers

https://policies.google.com/privacy

further information on the general handling of your user data.

Social Media Plug-ins

Based on Art. 6 (1) (f) GDPR, we use social plug-ins from the social networks Facebook, Twitter, and Instagram on our website to raise awareness of our firm. The underlying advertising purpose is considered a legitimate interest within the meaning of the GDPR. Responsibility for ensuring compliance with data protection regulations rests with the respective providers. We integrate these plug-ins using the so-called two-click method to best protect visitors to our website.

I. Facebook

Our website uses social media plugins from Facebook to personalize its use. For this purpose, we use the "LIKE" or "SHARE" button. This is a service provided by Facebook.
When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which then integrates it into the website.
By integrating the plug-in, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you don't have a Facebook account or are not currently logged into Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook account. If you interact with the plug-ins, for example, by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research, and tailoring Facebook pages to meet your needs. For this purpose, Facebook creates usage, interest, and relationship profiles, e.g., to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.
The purpose and scope of data collection and the further processing and use of the data by Facebook as well as your rights and setting options for protecting your privacy can be found in the data protection information (Facebook's privacy policy) from Facebook.

II. Instagram

Our website also uses so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).

The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”.

When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Instagram's servers. The content of the plugin is transmitted directly from Instagram to your browser and embedded into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you don't have an Instagram profile or are not currently logged into Instagram.

This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly associate your visit to our website with your Instagram account. If you interact with the plug-ins, for example, by clicking the "Instagram" button, this information is also transmitted directly to an Instagram server and stored there.

The information will also be published on your Instagram account and displayed to your contacts there.

If you do not want Instagram to directly assign the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website.

For further information, please see the privacy policy (https://help.instagram.com/155833707900388) von Instagram.

Rights of those affected

You have the right:

–    to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if not collected from us, and the existence of automated decision-making, including profiling, and, where applicable, meaningful information on its details;
–    in accordance with Art. 16 GDPR, to immediately request the rectification of inaccurate or incomplete personal data stored by us;
–    to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
–    to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you contest the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
–    in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller;
–    in accordance with Art. 7 (3) GDPR, to revoke your previously granted consent at any time. This means that we may no longer continue the data processing based on this consent in the future and
–    to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work, or of our office.

Right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided there are reasons for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

If you wish to exercise your right of withdrawal or objection, simply send an email to welcome@hh-germany.de.

Securing your data through encryption

To ensure the highest possible level of protection for your data on our website, all data you provide is transmitted over the internet using SSL (Secure Socket Layer) encryption at the highest level supported by your browser. You can recognize this protection by the padlock symbol in your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Right to information

Upon request, we will be happy to provide you with information about the personal data we have stored about you free of charge at any time. You can also request that we block, correct, or delete the data we have collected about you at any time. Please contact us by phone or send us your request by mail, fax, or email.

We are also happy to answer any further questions you may have about data protection in our company.

Your team at History & Heraldry GmbH.