Privacy Policy
Data protection
1) Introduction and contact details of the person responsible
1.1 We are pleased that you visit our website and thank you for your interest. In the following we will inform you about dealing with your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2 The responsible person for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Artexio UG (limited liability), Emsdettener Str. 10, 48268 Greven, Germany, Tel.: 01794226249, email: support@artexio.de. The person responsible for processing personal data is the natural or legal person who decides alone or together with others about the purposes and means of processing personal data.
2) Data acquisition when visiting our website
2.1 When using our website, i.e. if you do not register or otherwise convey information, we only collect data that your browser transmits to the side server (so-called "server log files"). When you call up our website, we will collect the following data that is technically necessary for us to display the website:
- Our visited website
- Date and time at the time of access
- Quantity of the data sent in byte
- Source/reference from which they came to the page
- Browser used
- Operating system used
- Used IP address (possibly: in anonymized form)
The processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. There is no transfer or other use of the data. However, we reserve the right to check the server log files retrospectively, should indicate specific indications of illegal use.
2.2 This website uses an SSL and TLS encryption. You can see an encrypted connection to the string "https: //" and the castle symbol in your browser line.
3) Hosting & Content Delivery Network
Shopify
For the hosting of our website and the presentation of the page content, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify")
Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, on K2P 1L4, Canada
All data collected on our website is processed on the provider's servers. We have concluded an order processing contract with the provider, which ensures the protection of the data of our side visitors and prohibits an unauthorized transfer to third parties.
In the event of a data transmission to Canada, an appropriate level of data protection is guaranteed by an adequacy decision by the European Commission.
4) Cookies
In order to make the visit of our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. In some cases, these cookies are automatically deleted after closing the browser (so-called "session cookies"), some of these cookies remain longer on their device and enable the storage of side settings (so-called "persistent cookies"). In the latter case, you can find the memory duration of the overview of the cookie settings of your web browser.
If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 Para. 1 Lit.B GDPR either for the implementation of the contract, in accordance with Art. 6 Para. 1 lit. a GDPR in the event of consent or According to Art. 6 Para. 1 Lit. f GDPR to maintain our legitimate interests in the best possible functionality of the website and a customer -friendly and effective design of the page visit.
You can set your browser so that you are informed about the setting of cookies and decide individually about their acceptance or can rule out the acceptance of cookies for certain cases or in general.
Please note that the functionality of our website may be restricted if you are not accepted.
5) contact
As part of contact with us (e.g. via contact form or email)-only for the purpose of processing and answering your request and only to the extent required-personal data are processed.
The legal basis for the processing of this data is our legitimate interest in answering your concern in accordance with Art. 6 Para. 1 lit. f GDPR. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 Para. 1 lit. b GDPR. Your data will be deleted when it can be seen from the circumstances that the affected fact is finally clarified and if there are no statutory retention obligations.
6) Data processing for order processing
6.1 Insofar as the contractual processing is required for delivery and payment purposes, the personal data we collect will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 Para. 1 Lit.B GDPR.
If we are on the basis of a corresponding contract updates for goods with digital elements or for digital products, we will process the contact details you transmit when you order (name, address, email address) in order to be within the framework of our statutory information obligations in accordance with Art. 6 ABS . 1 lit. c GDPR on a suitable communication path (such as postal or email) about upcoming updates in the legally provided period. Your contact details will be used strictly for communications about updates owed by us and for this purpose by us only processed to the extent that this is necessary for the respective information.
To handle your order, we also work with the subsequent service provider (s), who support us in whole or in part in the implementation. Certain personal data is transmitted to these service providers in accordance with the following information.
6.2 To fulfill our contractual obligations towards our customers, we work with external shipping partners. We give your name as well as your delivery address and, as far as the delivery requires, your telephone number, only for the purposes of the delivery of goods. Art. 6 Para. 1 lit. b GDPR to a shipping partner selected by us.
6.3 Printful
We use the following provider for order processing: Printful, Inc. 11025 Westlake Drive, Charlotte, NC28273, USA
Name, address and, if necessary, further personal data will be passed on in accordance with Art. 6 Para. 1 Lit. B GDPR exclusively for the purpose of processing the online order to the provider. Your data is only passed on if this is actually necessary for the processing of the order.
For the transmission of data to the USA, the provider relies on standard contract clauses of the European Commission, which should ensure compliance with the European data protection level.
6.4 Use of payment service providers (payment services)
- Apple Pay
If you decide on the payment method "Apple Pay" of the Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing is carried out via the "Apple Pay" function of your end device operated with iOS, Watchos or MacOS by loading a payment card stored on "Apple Pay". Apple Pay uses safety functions that are integrated into the hardware and software of your device to protect your transactions. For the release of a payment, the entry of a codes previously defined by it and the verification using the "Face ID" or "Touch ID"- function of your device is required.
For the purpose of the payment processing, your information given as part of the order process and the information about your order is passed on to Apple in encrypted form. Apple then again encrypted this data with a developer -specific key before the data to carry out the payment to the payment service provider of the payment card stored in Apple Pay is transmitted. The encryption ensures that only the website that the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction -specific, dynamic security code to the output website to confirm the payment success.
If personal data is processed in the transmission described, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 Para. 1 lit. b GDPR.
Apple keeps anonymized transaction data, including the approximate purchase amount, the approximate date and the approximate time as well as the information as to whether the transaction was successfully completed. Anonymization fully excludes a personal reference. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.
If you use Apple Pay on the iPhone or Apple Watch to complete a purchase that you made via Safari on the Mac, communicate the Mac and the authorization device via an encrypted channel on the Apple server. Apple processes or stores none of this information in a format with which your person can be identified. You can deactivate the possibility of using Apple Pay on your Mac in the settings of your iPhone. Go to "Wallet & Apple Pay" and deactivate "allow payments on Mac".
Further information on data protection at Apple Pay can be found under the website below: https://support.apple.com/de-de/HT203027
- Google Pay
If you choose Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), the payment processing is carried out via the "Google Pay" application of your with at least Android 4.4 (“Kitkat”) operated mobile devices that have been operated by an NFC function by loading a payment card stored on Google Pay or a payment system verified there (e.g. PayPal). For the release of a payment via Google Pay of more than € 25,- € previously unlocking your mobile device is required by the verification measure (such as face recognition, password, fingerprint or pattern).
For the purpose of the payment processing, your information given as part of the ordering process and the information about your order will be passed on to Google. Google then transmits its payment information stored in Google Pay in the form of a one -off transaction number to the starting website with which a payment is verified. This transaction number contains no information about the real payment data of your payment method stored in Google Pay, but is created and transmitted as a one -off numerical token. In all transactions via Google Pay, Google only appears as an intermediary for processing the payment process. The transaction is carried out exclusively in the ratio between the user and the output website by loading the payment stored on Google Pay.
If personal data is processed in the transmission described, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 Para. 1 lit. b GDPR.
Google reserves the right to collect, save and evaluate certain process -specific information on every transaction made via Google Pay. This includes the date, time and amount of the transaction, dealer location and description, a description of the goods or services provided by the dealer, photos that you have attached to the transaction, the name and email address of the seller and buyer or buyer or of the sender and recipient, the payment method used, your description for the reason of the transaction and, if necessary, the offer associated with the transaction.
According to Google, this processing takes place exclusively in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of the legitimate interest in the proper accounting, the verification of process data and the optimization and function maintenance of the Google Pay service.
Google also reserves the right to bring the processed process data together with further information that is collected and saved by Google when using further Google services.
Google Pay's terms of use can be found here:
https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Further information on data protection on Google Pay can be found at the following Internet address:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
- Klarna
One or more types of online payment from the following provider are available on this website: Klarna Bank, Sveafen 46, 111 34 Stockholm, Sweden
If you choose a payment method of the provider, in which you are in advance (such as credit card payment), your payment data communicated as part of the order process (including name, address, banking and number card information, currency and transaction number) as well as information about the content of your order will passed on in accordance with Art. 6 Para. 1 lit. b GDPR. In this case, your data is passed on exclusively for the purpose of payment processing with the provider and only insofar as it is necessary.
If you choose a payment method in which the provider is in advance (such as accounting or installment purchase or direct debit), you will also be asked in the order process, certain personal data (first and last name, street, house number, postal code, place, date of birth, E -Mail address, telephone number, possibly data on an alternative means of payment).
In order to protect our legitimate interest in determining the solvency of our customers, we are forwarded to the provider for the purpose of a credit check to the provider in accordance with Art. 6 Para. 1 lit. f GDPR. The provider checks on the basis of the personal data you specified and other data (such as shopping cart, invoice amount, order history, payment experience) whether the payment option you have selected with regard to payment and/or claim loss risks can be granted.
In addition to the provider-internal criteria in accordance with Art. 6 Para. 1 Lit. f GDPR, identity and credit information from the following information can also be included in the decision as part of the application test:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies
The credit information can contain probability values (so-called score values). Insofar as score values flow into the result of the credit information, you have your basis in a scientifically recognized mathematical-statistical process. The calculation of the score values flow, among other things, but not exclusively, address data.
You can object to this processing of your data at any time by a message to us or to the provider. However, the provider may remain entitled to process your personal data, provided that this is necessary for contractual payment processing.
- PayPal
One or more types of online payment from the following provider are available on this website: PayPal (Europe) S.A.R.L. et cie, s.c.a., 22-24 Boulevard Royal, L-2449 Luxembourg
If you choose a payment method of the provider, in which you are in advance, your payment data communicated as part of the order process (including name, address, banking and number card information, currency and transaction number) as well as information about the content of your order in accordance with Art. 6 Paragraph 1 lit. b GDPR passed on. In this case, your data is passed on exclusively for the purpose of payment processing with the provider and only insofar as it is necessary.
When selecting a payment method in which we are in advance, you will also be asked in the order sequence, certain personal data (first and last name, street, house number, postcode, location, date of birth, email address, telephone number, an alternative means of payment).
In order to protect our legitimate interest in determining your solvency in such cases, this data is forwarded by us in accordance with Art. 6 Para. 1 Lit. f GDPR for the purpose of a credit check to the provider. The provider checks on the basis of the personal data you specified and other data (such as shopping cart, invoice amount, order history, payment experience) whether the payment option you have selected with regard to payment and/or claim loss risks can be granted.
The credit information can contain probability values (so-called score values). Insofar as score values flow into the result of the credit information, you have your basis in a scientifically recognized mathematical-statistical process. The calculation of the score values flow, among other things, but not exclusively, address data.
You can object to this processing of your data at any time by a message to us or to the provider. However, the provider may remain entitled to process your personal data, provided that this is necessary for contractual payment processing.
- Shopify Payments
One or more types of online payment from the following provider are available on this website: Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
If you choose a payment method of the provider, in which you are in advance (such as credit card payment), your payment data communicated as part of the order process (including name, address, banking and number card information, currency and transaction number) as well as information about the content of your order will passed on in accordance with Art. 6 Para. 1 lit. b GDPR. In this case, your data is passed on exclusively for the purpose of payment processing with the provider and only insofar as it is necessary.
7) Web analysis services
Google (Universal) Analytics
This website uses Google (Universal) Analytics, a web analysis service from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables an analysis of your use of our website.
Google (Universal) Analytics is only used on this website without the use of cookies, which means that the service never sets cookies on your end device.
Instead, the local memory of your browser is used to store an individual ID assigned by Google (Universal) analytics, which enables an analysis of your use of the website. For this purpose, certain user information is processed via the ID. The scope of this information also includes your IP address, which Google cuts around the finishing digits in order to rule out direct personal relationship.
The information is transferred to Google server and processed there. Transmitters to Google LLC based in the USA are also possible.
Google uses the information collected on our behalf to evaluate your use of the website, to compile reports on website activities for us and to provide other services associated with website usage and internet use. The IP address transmitted and reduced by your browser as part of Google Analytics is not merged with other Google data. The data collected as part of the use of Google (Universal) Analytics are saved for a period of two months and then deleted.
All processing described above, including the storage of information on the end device used in the form of the ID, only take place if you have given us your express consent in accordance with Art. 6 Para. 1 lit. a GDPR.
Without your consent, the use of Google (Universal) Analytics is omitted during your page visit. You can revoke your consent granted at any time with effect for the future.
To exercise your revocation, you can download and install the browser plugin available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the browser plugin or within browsers on mobile devices, you can revoke your consent by clicking on the following link to set an opt-out cookie that prevents Google Analytics in the future (this opt -Out cookie only works in this browser and only for this domain.
Deactivate Google Analytics
With Google we have concluded an order processing contract that ensures the protection of the data of our side visitors and prohibits an unauthorized transfer to third parties.
Further legal information on Google (Universal) Analytics can be found at https://policies.google.com/privacy?hl=de&gl=de and under https://policies.google.com/technologies/partner-sites
Demographic characteristics
Google (Universal) Analytics uses the special function "demographic features" and can create statistics that make statements about the age, gender and interests of side visitors. This is done by analyzing advertising and information from third -party providers. This allows target groups for marketing activities. However, the collected data cannot be assigned to a specific person and will be deleted for a period of two months after storing.
Google Signals
Google Signals can be used on this website as an extension to Google (Universal) Analytics to have cross -device reports created. If you have activated personalized advertisements and have linked your devices with your Google account, Google, subject to your consent to use Google Analytics in accordance with Art. 6 Para. 1 lit. a GDPR, can analyze your usage behavior across devices and, among other things, to cross-equipment Conversions. We do not receive any personal data from Google, but only statistics. If you want to stop the cross-device analysis, you can deactivate the "Personalized Advertising" function in the settings of your Google account. To do this, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de Further information on Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de
Userids
As an extension to Google (Universal) Analytics, the "Userids" function can be used on this website. If you consented to Google (Universal) Analytics in accordance with Art. 6 Para. 1 Lit. a GDPR, set up an account on this website and register with this account on various devices, your activities, including conversions, can can be analyzed across devices.
For data transmission to the USA, the provider has joined the EU-US-data protection framework (EU-US-EU Privacy Framework), which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.
8) Page functionalities
Shopsync for Shopify
This website uses the Shopify app "ShopSync" of the ShopSync LLC, PO Box 252, Jefferson City, TN 37760, USA.
With the help of Shopsync, the newsletter service "Mailchimp" is synchronized with our Shopify account so that on the one hand updates in email lists from MailChimp (such as a opt-out of a newsletter recipient) are also automatically stored on Shopify and on the other hand. New contact details generated by contracts to Shopify are automatically transferred to MailChimp's email lists.
In the former case, data processing is carried out in accordance with Art. 6 Para. 1 Lit. f GDPR on the basis of our legitimate interest in the effective and cross -system -wide care of the files of advertising addressees and the efficient attention of legally significant status changes.
In the second case, exclusively on the basis of an express consent of the user in accordance with Art. 6 Para. 1 Lit. a GDPR after a conclusion of the contract on Shopify to include the MailChimp list, the address and cash on delivery, address and the email address together with transaction-related information (Purchase amount, time and date of purchase) transfer by ShopSync to Mailchimp.
Data transmitted in this way is not saved or kept by ShopSync after synchronization. All information synchronized between Shopify and MailChimp is transmitted via SSL technology (Secure Socket Layer), and all the information transmitted remains encrypted during the synchronization process.
The synchronization process requires the transmission of information about a secure connection to servers hosted by Amazon Web Services in the USA.
Further data protection law information on Shopsync can be found here: https://www.shop-sync.com/privacy-policy
9) Tools and other
9.1 - LexOffice
To complete the accounting, we use the service of the cloud-based accounting software of the following provider: Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg, Germany
The provider processes input and output bills as well as the bank movements of our company to automatically record invoices, to match the transactions and to create the financial accounting in a partially automated process.
If personal data is also processed, the processing is carried out in accordance with Art. 6 Para. 1 Lit. f GDPR on the basis of our legitimate interest in an efficient organization and documentation of our business processes.
9.2 Cookie Consent tool
This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications. The "cookie consent tool" is displayed in the form of an interactive user interface when calling for a checkout, on which consent for certain cookies and/or cookie-based applications can be issued. The use of the tool only invites all cookies/services subject to consent if the respective user grants the corresponding consent by ticking. This ensures that such cookies are only placed on the user's respective end device in the event of a granted consent.
The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed here.
If it comes to the processing of personal data (such as the IP address) in individual cases for the purpose of storing, assigning or logging in cookie settings, this takes place in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest Legal, user -specific and user -friendly consent management for cookies and therefore in a legally compliant design of our website.
The further legal basis for processing is also Art. 6 Para. 1 lit. c GDPR. As the person responsible, we are subject to the legal obligation to make the use of technically not necessary cookies dependent on the respective user consent.
If necessary, we have concluded an order processing contract with the provider that ensures the protection of the data of our side visitors and prohibits an unauthorized transfer to third parties.
Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.
9.3 Cloudflare
For security purposes, this website uses the service of the following provider: Cloudflare, Inc., 101 Townsend St. San Francisco, CA 94107, USA
The provider protects the website and the associated IT infrastructure from unauthorized third-party access, cyber attacks and viruses and malware. The provider collects the IP addresses of users as well as further data on your behavior on our website (especially called URLs and header information) in order to identify and ward off illegitimate side access and dangers. The recorded IP address is compared with a list of well-known attackers. If the IP address recorded is recognized as a security risk, the provider can automatically block it for page access. The information raised in this way is transferred to a server of the provider and saved there.
The data processing described is carried out in accordance with Art. 6 Para. 1 Lit. f GDPR on the basis of our legitimate interests in protecting the website against harmful cyber attacks and the maintenance of structure and data integrity and security.
We have concluded an order processing contract with the provider, which ensures the protection of the data of our side visitors and prohibits an unauthorized transfer to third parties.
For data transmission to the USA, the provider has joined the EU-US-data protection framework (EU-US-EU Privacy Framework), which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.
9.4 Stupid
This website uses the search technology service of the following provider: Doofinder S.L., Madrid 28037, Rufino González 23 to, 1º 1, Spain
For the provision of the search function for articles about the search field and for navigation and filters, the provider collects and saves certain user information (such as the user or session ID) in anonymized form.
If personal data is also processed, the processing in accordance with Art. 6 Para. 1 Lit. f GDPR is based on our legitimate interest in the provision of an error -tolerant search for articles and therefore optimal marketing of our offer.
10) Rights of the person concerned
10.1 The applicable data protection law grants you the following rights (rights of information and intervention) with regard to the processing of your personal data, whereby refer to the led legal basis for the respective exercise requirements:
- Right of information in accordance with Art. 15 GDPR;
- Right to correction according to Art. 16 GDPR;
- Right to deletion according to Art. 17 GDPR;
- Right to restrict the processing in accordance with Art. 18 GDPR;
- Right to information in accordance with Art. 19 GDPR;
- Right to data portability in accordance with Art. 20 GDPR;
- Right to revocation granted consent in accordance with Art. 7 Para. 3 GDPR;
- Right to complaint according to Art. 77 GDPR.
10.2 RIGHT TO OBJECT
If we process your personal data on the basis of our predominant interest in the context of a balancing of interests, you have the right to object to this processing with effect for the future for reasons that arise from your special situation.
If you make use of your right to object, we end the processing of the data concerned. However, further processing is reserved if we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, fundamental rights and fundamental freedoms, or if the processing of assertion, exercise or defend legal claims serves.
If we are processed your personal data to operate direct mail, you have the right to object at any time to the processing of personal data relating to the purpose of such advertising. You can exercise the objection as described above.
If you make use of your right of objection, we end the processing of the data concerned for directives.
11) Duration of the storage of personal data
The duration of the storage of personal data is measured on the basis of the respective legal basis, in the processing purpose and- if relevant- also based on the respective statutory retention period (e.g. commercial and tax law retention periods).
When processing personal data on the basis of express consent in accordance with Art. 6 Para. 1 lit. a GDPR, the data concerned will be stored until you cancel your consent.
If there are legal retention periods for data that are processed in the context of legal transactions or legal transactions on the basis of Art. 6 Para. 1 lit. b GDPR, this data is routinely deleted after the retention periods, provided that it is no longer necessary for the fulfillment of the contract or contract are and/or on our part there is no legitimate interest in the further storage.
When processing personal data on the basis of Art. 6 Para. 1 lit. f GDPR, this data is saved until you exercise your right of objection in accordance with Art. 21 Para. 1 GDPR, unless we can compelling legitimate grounds for The processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct advertising on the basis of Art. 6 Para. 1 lit. f GDPR, this data is saved until you exercise your right to object in accordance with Art. 21 Para. 2 GDPR.
Unless otherwise aroused from the other information of this explanation about specific processing situations, stored personal data will also be deleted if they are no longer necessary for the purposes for which they were collected or processed in any other way.