The web portal www.pelagona.com as well as the integrated online shop are operated by
Elisabeth Steiger, Kurze Gasse 11, 7033 Pöttsching (hereinafter referred to as “Provider”, “we”).
The trust of the customers (hereinafter referred to as “you”) in the protection of business and personal data (data protection) is invaluable. Therefore, we follow all relevant data protection laws and are constantly working on improving data protection.
If this text uses the male form for personal terms, it used because of reasons of ease of reading and also refers to the female form in the same way.
The Provider responsible for the processing of personal data.
§2 What Are Personal Data?
Personal data is information which relate to an identified or identifiable natural person, such as your name, e-mail address, telephone number, mailing address or the IP address of your computer.
§3. Which Data Are Being Processed?
3.1 Data Which You Supplied Deliberately
If you enter into contracts with us, fill in login fields or give your consent, we process the personal data supplied by you, especially data listed in Section 3.2.
3.2 Automatically Collected Data
To be able to supply you with the information which is most adequate and useful for you, we also process the following data:
Automatically collected data: We automatically collect data about you, such as the device from which you access our website. For example, if you visit our website, your IP address, operating system, browser type, the referring website, visited sites and data/time periods of the access of the website. Some information may be collected such as the links on which you clicked. Your data are being anonymized and are only analyzed in an aggregated form.
The website you visited immediately prior to visiting our website (the so-called “referrer”).
Date and time of your visit
Characteristics of the device, especially the operating system, the used browser and the size of the browser window
The IP address of the device online
Identification numbers which we save on your device. These identification numbers allow us to recognize your device again on our website. Technically, these identification numbers are saved in so-called “cookies” or “Etags”.
Device recognition which are made of unique characteristics of your device. This device recognition also allows as to recognize your device again on our website.
The “Ad-ID” of the Apple operating system iOS
The “Ad-ID of the operating system Android
Cookies may also be collected.
Our website makes use of so-called cookies in order to recognize repeat use of our website by the same user/internet connection subscriber. Cookies are small text files that your internet browser downloads and stores on your computer. They are used to improve our website and services. In most cases these are so-called “session cookies” that are deleted once you leave our website.
To an extent, however, these cookies also pass along information used to automatically recognize you. Recognition occurs through an IP address saved to the cookies. The information thereby obtained is used to improve our services and to expedite your access to the website.
You can prevent cookies from being installed by adjusting the settings on your browser software accordingly. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.
§4. When Do We Process Your Data?
4.1 Conclusion of Contracts
We process personal data of you when you set up a personal account, when you order products via our website or when you sign up for our newsletter.
Unless otherwise provided for in these guidelines, the legal basis for the processing of data is Art. 6 Paragraph 1 b) GDPR (performance of contracts).
4.2 Operation of the Website
§5 Purpose of Data Processing
5.1 Pelagona User Account
To shop in our online store, you can set up a personal user account (hereinafter referred to as “User Account”). In this User Account you can save personal information. The User Account facilitates a more convenient way to shop on our store.
We need your name and surname to set up a user account. Furthermore, you have to supply us with an e-mail-address and a password of your choice. The e-mail-address provided also serves as access identification for the user account. After successful registration, the user automatically receives a confirmation via e-mail. This way, the user enters into a contract to supply a user account with us.
Furthermore, you can save your personal information (mailing address and telephone number) and conveniently shop in our online store. The information can be changed at any time in the personal area of your account (“My Account”).
With the feature “stay logged in”, so-called “persistent cookies”(see §6) are saved on your device to enable that you do not have to log in again during future website visits. This feature is not available if you have deactivated the saving of cookies in your browser settings.
You can, of course, terminate the contract of supplying a user account at any time without giving any reasons. The most convenient way is via e-mail to contact[@]pelagona.com.
The legal basis for the related data processing is Art. 6 Paragraph 1 b) GDPR (performance of contracts).
5.2 Oder Processing in Our Online Store
The legal basis for the data processing mentioned above are Art. 6 Paragraph 1 b) GDPR (performance of contracts and implementation and processing of contracts) and Art. 6 Abs. 1 f) GDPR (protection of interests, based on our interest to offer you a safe credit card payment possibility).
After the choice of your payment provider, you will be asked for the required data for the use of the respective payment provider. This payment information will directly be sent to the payment provider and is not being saved by us.
We save the data supplied by you for the invoice and delivery address (if different) in your user account so that you do not have to re-enter them at your next purchase. You can change these data at any time in the future.
The legal basis for payment process mentioned above is Art. 6 Paragraph 1 f) GDPR (protection of interest based on our interest to prevent payment defaults by you. We delete your personal data which was processed during your order after the expiry of statutory guarantee periods at the latest, unless legal storage periods require otherwise.
We offer a newsletter service. You can sign up with your e-mail-address on our website. Subsequently, you will receive an email with an activation link to the e-mail-address provided to register on the sign-up page which the user has to visit. This way, you agree to the receival of the newsletter (“double-opt-in-process”).
The user can cancel the newsletter subscription without giving any reasons and at any time. The most convenient way is to click on the “unsubscribe” link in every newsletter.
The legal basis for this process is Art 6 Paragraph 1 a) GDPR (consent).
5.4 Contact via E-Mail
If you contact us via e-mail, we process the information in those emails and the contact data supplied by you to process your request. These data are stored in case there are follow-up questions. The legal basis for this process is Art 6 Paragraph 1 b) GDPR (performance of contracts – the processing of user data is required for the fulfillment of the agreement to answer questions or requests) and Art 6 Abs. 1 f) GDPR (protection of interest – based on our interest to process requests of users of our website).
5.5 Tracking-Tools for Website-Analyses
We strive to provide the best website experience for you. Therefore, we use so-called “tracking”-tools to technically improve our web offerings. The tracking tools allow us to measure our web offerings. With the help of “tracking”-tools, we collect the following information in particular:
On which links do online users click on other websites in order to come to www.pelagona.com?
Which of our sites are accessed when, how often and in which order?
Which information do our users look for on our website?
Using this information, we develop statistics which help us understand the following questions:
Which pages are especially appealing to the users of our website?
Which products are of most interest to our users?
Which offerings should we provide our users?
For this, we use the automatically collected data mentioned in Section 3.2 in particular.
The legal basis for this is your consent according to Art. 6 Paragraph 1 a) GDPR as well as Art. 6 Paragraph 1 f) GDPR (protection of interest, based on our interest in adapting the website to the interest and needs of our users in the best possible way).
5.5.2 Google Analytics
This website uses Google Analytics, a web analytics service of Google Inc. (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America. Google Analytics uses so-called “cookies”, text data which are stored on your computer and enable an analysis of your use of the website. In general, the information created by the cookie about your use of this website are transferred to a server of Google in the United States of America and are stored there.
The IP address which is transmitted from your browser will not be linked to other data by Google.
You can prevent the saving of cookies by respective settings in your browser software; however, please note that in this case, some features of our website may not be fully used. Furthermore, you can prevent the collection of data created by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of the data by Google by downloading and installing the browser plug-in of the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
We use Google Analytics to analyze and constantly improve the use of our website. These statistics allow us to improve our offerings and make it more interesting and appealing for our users. Regarding the exceptions when personal data are transmitted to the United States of America, Google has submitted itself to the EU-US Privacy Shield. The processing of your data in the framework of Google Analytics serves the protection of justifiable interest of the Provider.
Information of the Third-Party Provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA, 94043.
Information of the Third-Party Provider in the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Terms of Service: http://www.google.com/analytics/terms/de.html
Privacy Overview: http://google.com/intl/de/analytics/learn/privacy.html
Objection to the Collection of Data:
You can object to the collection and transmission of your personal data relating to the use of the website (including your IP address) to Google as well as the processing of data by Google by downloading and installing the browser plug-in provided through the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
5.6 Use of Facebook-Plug-Ins
We also use features by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States of America. By clicking on the respective Facebook-plug-in, a connection between your browser and the servers of Facebook is being established. This way, the different functionalities of Facebook can be used. The legal basis for this is Art. 6 Abs. 1 b) GDPR (performance of contracts and pre-contractual measures).
By clicking on the Facebook plug-in, data are sent from your browser to Facebook in the United States of America. Currently, there is no decision by the EU-Commission that the United States of America offer an adequate level of data protection. Facebook, however, committed itself to comply with the Privacy-Shield-Agreement between the EU and the United States of America about the collection, use and storage of personal data from the member states of the EU published by the US Trade Department. For further information about this topic, please follow the link: https://de-de.facebook.com/about/privacyshield.
If you have a Facebook account, your data transmitted by your browser may be connected to your Facebook account. If you want to prevent a link of these data to your Facebook account, please log out of your Facebook account before clicking on the Facebook plug-in. Interactions, in particular the use of the comment function or the clicking of the “like”- or “share”-buttons are sent to Facebook as well. You can learn more about this via: https://de-de.facebook.com/about/privacy.
We use Instagram on our website. Instagram is a service by Instagram Inc.,181 South Park Street, Suite 2, San Francisco, CA 94107, United States of America. Instagram receives information that you have accessed the respective site of our website via the integrated “Instagram”-button on our site. If you are logged in to your Instagram account, Instagram can link your visit of our site to your Instagram account and, therefore, link your data. The data transmitted by clicking the “Instagram”-button are being stored by Instagram. To learn more about the scope of data collection, their processing and the protection of your privacy, please refer to the Instagram data protection guidelines via: https://help.instagram.com/155833707900388.
Please log out of your Instagram account before you visit our site to prevent that Instagram can link your visit to your Instagram account.
5.8 Use of reCAPTCHA
In order to protect input forms on our site, we use the “reCAPTCHA” service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, hereinafter “Google.” By means of this service it can be distinguished whether the corresponding input is of human origin or is created improperly by automated machine processing.
To our knowledge, the referrer URL, the IP address, the behaviour of the website visitors, information about the operating system, browser and length of stay, cookies, display instructions and scripts, user input behaviour and mouse movements in the “reCAPTCHA” checkbox are conveyed to “Google.”
Google uses the information obtained, among other things, to digitize books and other printed matter as well as to optimize services such as Google Street View and Google Maps (e.g. house number and street name recognition).
5.9 Use of Third-Party Providers
We use external Third-Party Providers with the data processing to operate our website (e.g. order shipment, newsletter software, data centres). If necessary, these providers also process personal data.
Our online store is operated via Shopify. Shopify is a service by Shopify Inc., 150 Elgin Street, 8th Floor, Ottawa, Ontario, Canada K2P 1L4. It enables us to sell our products and services. Your data are being stored by Shopify on their servers, data bases and via their general Shopify functions. Your data are being stored by Shopify on a safe server which is protected by a firewall.
Your data are being processed and stored as part of the Shopify-services. Furthermore, Shopify uses algorithms which make automated decisions. Most of them need human interaction and only one concerns our customers: Shopify uses fully automated decision rules to assess and prevent the risk of fraud. (This means that your information are checked against fraud blacklists.)
5.9.2 Mailchimp Newsletter Service
We use PayPal as our payment provider. This service is provided by PayPal Holdings, Inc., 2211 North First Street, San Jose, CA, 95131.
§6 Storage Period
Personal data are only stored as long as it is necessary to achieve the mentioned purposes or as long as the storage periods determined by the legislator. Personal data supplied by you according to Section 3.1 are deleted after the expiry of potential commercial or fiscal storage periods. Automatically collected data according to Section 3.2 are therefore deleted and anonymized after the expiry of 14 months.
§7 Disclosure Required by Law or if You Breach Our General Terms & Conditions
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
§9 Your Rights
You have the following rights relating to your personal data:
Right of information,
Right of correction or deletion,
Right of limitation of the processing,
Right of data transmission.
Furthermore, you have the right to complain about our processing of your personal data at a data protection authority.
If you have general questions or remarks regarding data protection, please send us an email to: contact [at] pelagona.com.
As of December 2018