Thank you for your interest in our company. We take data protection seriously.
You can generally use our website without providing any personal data. However, if a data subject wishes to use our company's services via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we will always obtain the data subject's consent.
The processing of personal data (e.g. name, address, email address or telephone number of a data subject) is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to us.
With the following privacy policy, we would like to inform the public about the type, scope, and purpose of the personal data we collect, use, and process. This privacy policy also informs data subjects about their rights.
As the data controller, we have implemented numerous technical and organizational measures to ensure the most complete possible protection of personal data processed via our website. However, data transmissions over the internet can inherently have security vulnerabilities. Therefore, 100% protection cannot be guaranteed. Consequently, any data subject can, of course, also transmit personal data to us via alternative means, such as by telephone.
This privacy policy is based on the definitions used by the European legislator for the adoption of the GDPR (Article 4 GDPR). This privacy policy is intended to be easily readable and understandable for everyone. To ensure this, we would first like to explain the terminology used. This privacy policy uses, among others, the following definitions:
This privacy policy applies to data processing by:
Responsible party : Galerie Minrath, represented by Mr. Jörg Minrath, Email: info@galerie-minrath.com, Telephone: +49 (0)221 - 29956374
You can generally use our website without disclosing your identity. When you access our website, the browser used on your device automatically sends information to our website's server. This information is temporarily stored in a so-called log file. The following information is collected automatically and stored until it is automatically deleted:
We process the aforementioned data for the following purposes:
The legal basis for data processing is Article 6(1)(f) GDPR. Our legitimate interest arises from the purposes of data collection listed above. Under no circumstances will we use the collected data to draw conclusions about your identity.
Furthermore, we use cookies and analytics services when you visit my website. You can find more detailed explanations in sections 5 and 7 of this privacy policy.
For any questions, you can contact us using the form provided on our website. A valid email address is required so we know who the inquiry is from and can respond. Providing additional information is optional. It is entirely up to you whether you choose to enter this data in the contact form.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your freely given consent.
The personal data we collect when you use the contact form will be automatically deleted after your request has been processed.
Newsletter
(1) With your consent, you can subscribe to our newsletter, which will inform you about our current special offers. The advertised goods and services are listed in the consent form.
(2) We use the so-called double opt-in procedure for newsletter registration. This means that after you register, we will send an email to the email address you provided, asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. We also store your IP address and the date and time of registration and confirmation. The purpose of this procedure is to be able to verify your registration and, if necessary, investigate any potential misuse of your personal data.
(3) The only mandatory information required for sending the newsletter is your email address. After your confirmation, we will store your email address for the purpose of sending the newsletter. The legal basis for this is Article 6(1)(a) GDPR.
(4) You can withdraw your consent to receive the newsletter and unsubscribe at any time. You can do this by clicking on the link provided in every newsletter email or by sending a message to the contact details provided in the legal notice.
(5) Please note that we analyze your user behavior when sending the newsletter. For this analysis, the emails we send contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. For the analysis, we link the data mentioned in Section 3 and the web beacons to your email address and a unique ID. Links in the newsletter also contain this ID.
Using the data collected in this way, we create a user profile to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click on, and infer your personal interests from this. We then link this data with your activity on our website.
You can object to this tracking at any time by clicking the separate link provided in each email or by contacting us through another channel. The information will be stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely for statistical and anonymous purposes. This tracking is also not possible if you have disabled the display of images by default in your email program. In this case, the newsletter will not be displayed in its entirety, and you may not be able to use all of its features. If you manually enable the display of images, the aforementioned tracking will occur.
You can either place orders as a guest on our website without registering, or register as a customer in our shop for future orders. Registering has the advantage that you can log in directly to our shop with your email address and password for future orders without having to re-enter your contact details.
Your personal data will be entered into an input form and transmitted to us, where it will be stored. When you place an order via our website, we collect the following data, whether you are a guest or register in the shop:
This data is collected,
As part of the ordering process, your consent to the processing of this data will be obtained.
The data processing is carried out upon your order and/or registration and is necessary according to Art. 6 para. 1 sentence 1 lit. b GDPR for the aforementioned purposes for the proper processing of your order and for the mutual fulfillment of obligations arising from the purchase contract.
The personal data we collect for processing your order will be stored until the expiry of the statutory retention period and then deleted, unless we are obliged to store it for a longer period in accordance with Article 6 Paragraph 1 Sentence 1 Letter c GDPR due to tax and commercial law retention and documentation obligations (from the German Commercial Code, the German Criminal Code or the German Fiscal Code) or you have consented to further storage in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR.
Your personal data will only be shared with third parties involved in processing your order, such as the logistics company responsible for delivery and the bank handling payments. In these cases, the scope of the data transferred is limited to the absolute minimum necessary.
When paying via PayPal, credit card via PayPal, direct debit via PayPal, or "purchase on account" via PayPal, we forward your payment data to PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") for payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal, and "purchase on account" via PayPal. PayPal uses the result of the credit check, specifically the statistical probability of payment default, to decide whether to offer the respective payment method. The credit check may include probability values (so-called score values). If score values are included in the result of the credit check, they are based on a scientifically recognized mathematical-statistical procedure. Address data is among the information used to calculate the score values. Further information regarding data protection can be found in the PayPal Privacy Statement: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Your personal data will not be transmitted to third parties for purposes other than those mentioned above.
We will only share your personal data with third parties if:
As part of the ordering process, your consent will be obtained to the transfer of your data to third parties.
We use cookies on our website. These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not harm your device and do not contain viruses, Trojans, or other malware.
The cookie stores information related to the specific device used. However, this does not mean that we thereby gain direct knowledge of your identity.
The use of cookies serves, among other things, to make your use of our website more convenient. For example, we use so-called session cookies to recognize that you have already visited certain pages of our website. These are automatically deleted when you leave our site.
Furthermore, we also use temporary cookies to optimize user-friendliness. These cookies are stored on your device for a specific, predetermined period. When you revisit our site to use our services, it is automatically recognized that you have already been here and what entries and settings you have made, so you don't have to enter them again.
Secondly, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our services for you (see section 7). These cookies allow us to automatically recognize that you have already visited our site when you return. These cookies are automatically deleted after a defined period of time.
The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
Most browsers accept cookies automatically. However, you can configure your browser to prevent cookies from being stored on your computer or to always display a notification before a new cookie is created. Completely disabling cookies may prevent you from using all the features of our website.
The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt their content as our own. The provider of the website to which the link refers is solely liable for illegal, incorrect, or incomplete content, as well as for damages resulting from the use or non-use of the information. Liability is excluded for those who merely provide a link to the publication. We are only responsible for external links if we have positive knowledge of them, including any potentially illegal or criminal content, and if it is technically possible and reasonable for us to prevent their use.
The tracking measures listed below and used by us are carried out on the basis of Article 6(1)(f) GDPR. We use these tracking measures to ensure the needs-based design and continuous optimization of our website. We also use them to statistically record the use of our website and to evaluate it for the purpose of optimizing our services for you. These interests are considered legitimate within the meaning of the aforementioned provision.
The specific data processing purposes and data categories can be found in the respective tracking tools.
For the purpose of tailoring our website to user needs and continuously optimizing it, we use Google Analytics, a web analytics service provided by Google. Inc. ( https://www.google.de/intl/de/about/ ) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymized user profiles are created and cookies (see section 5) are used. The information generated by the cookie about your use of this website, such as
The information is transmitted to and stored on a Google server in the USA. This information is used to evaluate website usage, compile reports on website activity, and provide other services related to website and internet usage for market research and to tailor these web pages to user needs. This information may also be transferred to third parties if required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be combined with other Google data. IP addresses are anonymized so that they cannot be associated with a specific individual (IP masking).
You can prevent the installation of cookies by adjusting your browser software settings; however, please note that in this case you may not be able to fully utilize all the functions of our website.
Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on ( https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent data collection by Google Analytics by clicking on the aforementioned link. This will set an opt-out cookie that prevents the future collection of your data when you visit our website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found at the following link in the Google Analytics Help Center: https://support.google.com/analytics/answer/6004245?hl=de
To statistically record the use of our website and to evaluate it for the purpose of optimizing our website for you, we also use Google Conversion Tracking. Google AdWords places a cookie (see section 5) on your computer if you have reached our website via a Google ad.
These cookies expire after 30 days and are not used for personal identification. If a user visits certain pages of the AdWords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to that page.
Each AdWords customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of different AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted in to conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can personally identify users.
If you do not wish to participate in the tracking process, you can also refuse the necessary placement of a cookie – for example, via a browser setting that generally deactivates the automatic placement of cookies. You can also deactivate cookies for conversion tracking by configuring your browser to block cookies from the domain "www.googleadservices.com". Google's privacy policy for conversion tracking can be found at the following link: https://services.google.com/sitestats/de.html
On our website, we use social plugins from social networks (e.g., Facebook, Twitter, Google+) based on Article 6 Paragraph 1 Sentence 1 Letter f GDPR. We use these plugins to increase awareness of our company. The underlying advertising purpose is considered a legitimate interest within the meaning of the GDPR. Responsibility for ensuring GDPR-compliant operation lies with the respective providers. We integrate these plugins using the so-called two-click method to provide the best possible protection for visitors to our website.
Our website uses social media plugins from Facebook to personalize your experience. We use the "LIKE" or "SHARE" button for this purpose. This is a service offered by Facebook.
When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Facebook's servers. The plugin's content is transmitted directly from Facebook to your browser and integrated into the website.
By integrating these plugins, Facebook receives information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.
If you are logged into Facebook, Facebook can directly associate your visit to our website with your Facebook account. If you interact with the plugins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. This information is also published on Facebook for everyone to see.
Facebook may use this information for advertising, market research, and to tailor the design of its pages to user needs. For this purpose, Facebook creates usage, interest, and relationship profiles, for example, to evaluate your use of our website in relation to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.
If you do not want Facebook to associate the data collected via our website with your Facebook account, you must log out of Facebook before visiting my website.
For information on the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your related rights and privacy settings, please refer to Facebook's privacy policy, which you can access via the following link: https://www.facebook.com/about/privacy/
Our website integrates features of the Instagram service. These features are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to our pages with your user account. Please note that as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by Instagram.
You can find more information about this in Instagram's privacy policy: https://instagram.com/about/legal/privacy/ .
Our website uses the "+1" button of the Google social network, which is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA. The button is marked with a "+1".
The "+1" button is shorthand for "that's pretty cool" or "check this out". The button is not used to track your web browsing activity.
If a page on our website contains the "+1" button, your internet browser will load and display this button from the Google server. The page you are visiting on our website will be automatically transmitted to the Google server. When a +1 button is displayed, Google does not permanently log your browsing history, but only for a period of up to two weeks.
Google stores this data about your visit for this period for system maintenance and troubleshooting purposes. However, this data is not structured according to individual profiles, usernames, or URLs. This information is also not accessible to website publishers or advertisers. The use of this information is solely for maintenance and troubleshooting of internal Google systems. Your visit to a page with a +1 button is not otherwise evaluated by Google.
No further analysis of your visit to a page on our website with a "+1" button will be carried out.
Giving a +1 is a public action, meaning anyone performing a Google search or viewing web content you've +1'd can potentially see that you've given that content a +1. Therefore, only give a +1 if you're absolutely sure you want to share this recommendation with the world.
A click on this +1 button serves as a recommendation for other users in Google search results. You can publicly indicate that you like our website, approve of our website, or recommend it. If you are registered with Google+ and logged in, the +1 button will turn blue when clicked. The +1 will also be added to the +1 tab in your Google profile. On this tab, you can manage your +1s and decide whether to make the +1 tab public.
To save your +1 recommendation and make it publicly available, Google collects information about the URL you recommended, your IP address, and other browser-related information via your profile. If you remove your +1, this information is deleted. All of your +1 recommendations are listed on the +1 tab in your profile.
Further information and Google's applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/. Further information from Google regarding the Google +1 button can be found at https://developers.google.com/+/web/buttons-policy.
Our online shop is operated by the Shopify platform, provided by Shopify Inc., 150 Elgin Street, Suite 800, Ottawa, ON K2P 1L4, Canada. Further information regarding Shopify's data protection measures can be found here: https://www.shopify.com/legal/privacy
Please note that for the purpose of simplifying the purchasing process and for later contract processing, the webshop operator (Shopify) stores the IP address of the internet connection owner, as well as the buyer's name, address and credit card number, using cookies.
In addition, the following data is stored by us for the purpose of contract processing: name, address, and order details. The data you provide is necessary for fulfilling the contract (e.g., invoicing) or for carrying out pre-contractual measures. Without this data, we cannot conclude the contract with you. Credit card data or other data relating to payment transactions are processed exclusively by Shopify. Data is not transferred to third parties, with the exception of the transfer to transport/shipping companies commissioned by us for the delivery of the goods and to our tax advisor for the fulfillment of our tax obligations.
After cancellation of the purchase process, the data stored by us will be deleted. In the event of a contract being concluded, all data from the contractual relationship will be stored until the expiry of the statutory retention period for tax purposes (10 years). Data processing is carried out on the basis of the legal provisions of Section 96 Paragraph 3 of the German Telecommunications Act (TKG) and Article 6 Paragraph 1 Letter a (consent) and/or Letter b (necessary for the performance of a contract) of the GDPR.
By using our chat service, you automatically agree to the privacy policy of Chatra, Roger Wilco LLC, 2200 Clarendon Blvd., Suite 1400A, Arlington, VA 22201, USA, Tel. 1-703-232-1443, chatra.io. All information and data are processed by Chatra and stored on servers in the USA. If you do not agree to this procedure, please use email or telephone communication instead.
1. f) Payment providers
Amazon payments
When you select "Amazon Pay" as your payment method, payment processing is handled by the payment service provider Amazon Payments Europe sca, 5 Rue Plaetis, L-2338 Luxembourg (hereinafter: "Amazon Payments"), to whom we transfer the information you provided during the ordering process, along with information about your order, in accordance with Article 6(1)(b) GDPR. Your data is transferred exclusively for the purpose of payment processing with the payment service provider Amazon Payments and only to the extent necessary for this purpose. You can find further information about Amazon Payments' privacy policy at the following web address: https://pay.amazon.com/de/help/201751600
PayPal
On our website, we offer payment via PayPal, among other options. The provider of this payment service is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).
If you select payment via PayPal, the payment details you enter will be transmitted to PayPal.
Your data is transferred to PayPal on the basis of Article 6(1)(a) GDPR (consent) and Article 6(1)(b) GDPR (processing necessary for the performance of a contract). You have the right to withdraw your consent to data processing at any time. Such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
Stripe
We offer credit card payment on our website. The provider of this payment service is Stripe, Inc., 85 Berry Street, Suite 550, San Francisco, CA 94107 (hereinafter “Stripe”).
If you select credit card payment via Stripe, the payment details you enter will be transmitted to Stripe.
Your data is transferred to Stripe on the basis of Article 6(1)(a) GDPR (consent) and Article 6(1)(b) GDPR (processing necessary for the performance of a contract). You have the right to withdraw your consent to data processing at any time. Such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
For more information, please see Stripe's privacy policy: https://stripe.com/de/privacy
You have the right:
If your personal data is processed on the basis of legitimate interests pursuant to Article 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Article 21 GDPR, provided there are grounds relating to your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without requiring you to specify a particular situation.
If you wish to exercise your right of withdrawal or objection, simply send an email to: info@galerie-minrath.com
During your visit to our website, we use the widely used SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser. This is typically 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can recognize whether an individual page of our website is transmitted in encrypted form by the closed padlock symbol in the lower status bar of your browser.
We also employ appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
This privacy policy is currently valid and was last updated in March 2018.
Due to the ongoing development of our website and related services, or due to changes in legal or regulatory requirements, it may become necessary to amend this privacy policy. The current privacy policy can be accessed and printed at any time on our website via the following link:
https://atelier-jorg-minrath.myshopify.com/pages/datenschutz
___________________________________________________________________________
1. Data protection authorities require a data processing agreement for the permissible use of Google Analytics. A corresponding template is provided by Google at http://www.google.com/analytics/terms/de.pdf .
Source : Sample privacy policy created by lawyer Andreas Gerstel ( http://www.anwaltblog24.de/ )
