Privacy Policy
Privacy Policy
Data protection information (information obligations pursuant to Art. 13 GDPR)
In our view, data protection should be transparent, easy to understand, and above all, fair for all parties. Therefore, in this privacy policy, we would like to inform you about what personal data we collect and use from you, whether and, if so, to which third parties this data may be shared, how long we store the data, and what rights you have should you disagree with our responsible handling of your data. Should you still have any questions after reading this detailed privacy policy, please do not hesitate to contact us using the contact details below.
Name and contact details of the data controller
The controller responsible for data processing is:
Janine Franz
Bändelstockweg 20
88326 Aulendorf
You can reach us by mail, by email at info@janines-fadenzauber.com or by phone at 01520/8210508
Collection of personal data during informational use
Each time you access our website, we collect the following information about your computer: your computer's IP address, your browser's request, and the time of that request. We also record the status and the amount of data transferred during this request. We also collect product and version information about the browser and operating system you are using. Furthermore, we record the website from which you accessed our website. Your computer's IP address is stored only for the duration of your website visit and is then immediately deleted or anonymized by truncation. We use this data to operate our website, in particular to identify and resolve website errors, to determine website usage, and to make adjustments or improvements. The legal basis for this processing is Article 6(1)(f) GDPR.
Cookies & Local Storage
We may also collect information about your use of our website through the use of so-called browser cookies. These are small text files that are stored on your hard drive and save certain settings and data for exchange with our system via your browser. A cookie typically contains the name of the domain from which the cookie data was sent, information about the cookie's age, and an alphanumeric identifier. Cookies enable our systems to recognize the user's device and make any preferences immediately available. As soon as a user accesses the platform, a cookie is transmitted to the hard drive of the user's computer. Cookies help us to improve our website and offer you a better, more personalized service. They allow us to recognize your computer when you return to our website and thereby:
- To store information about your preferred activities on the website and thus tailor our website to your individual interests. This includes, for example, advertising that matches your personal interests.
- to speed up the processing of your requests.
The cookies we use only store the data about your website usage as described above. This is done not by associating the data with you personally, but by assigning an identification number to the cookie ("cookie ID"). The cookie ID is not combined with your name, IP address, or similar data that would allow the cookie to be linked to you.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and persistent cookies, which are stored beyond a single session. Regarding their function, cookies are further categorized as follows:
- Technical cookies: These are strictly necessary to navigate the website, use basic functions and ensure the website's security; they do not collect information about you for marketing purposes nor do they store which websites you have visited;
- Performance cookies: These collect information about how you use our website, which pages you visit, and whether errors occur during website use; they do not collect any information that could identify you – all information collected is anonymous and is only used to improve our website and find out what interests our users;
- Advertising cookies and targeting cookies: These are used to offer website users relevant advertising on the website or offers from third parties and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 13 months;
- Sharing cookies: These are used to improve the interactivity of our website with other services (e.g. social networks); sharing cookies are stored for a maximum of 13 months.
Any use of cookies that is not strictly technically necessary constitutes data processing, which is only permitted with your explicit and active consent in accordance with Section 25 Paragraph 1 of the German Telemedia Act (TMG) and only takes place in compliance with this legal provision. This applies in particular to the use of advertising, targeting, or sharing cookies. Furthermore, we will only disclose your personal data processed by cookies to third parties if you have given your explicit consent in accordance with Section 25 Paragraph 1 of the TDDG.
We use the following cookies on our website:
| name | Purpose | category | Storage duration |
|---|---|---|---|
| _shopify_y | Used for Shopify analytics | Technical Cookie | End of session |
| _shopify_s | Used for Shopify analytics | Performance Cookie | End of session |
| cart | Stores information about the contents of the cart | Technical Cookie | End of session |
| cart_sig | Used to verify the checkout process | Technical Cookie | End of session |
| secure_customer_sig | Used to identify logged-in customers | Technical Cookie | End of session |
| _orig_referrer | Used to track landing pages | Performance Cookie | End of session |
| _shopify_country | Used to save country settings | Technical Cookie | End of session |
| _shopify_tm | Used for managing preferences | Technical Cookie | End of session |
| _shopify_tw | Used for managing preferences | Technical Cookie | End of session |
| _ga | Google Analytics cookies for website usage analysis | Performance Cookie | End of session |
| _gid | Google Analytics cookies for website usage analysis | Performance Cookie | End of session |
| _ga | Throttle request rate in Google Analytics | Performance Cookie | End of session |
| _fbp | Facebook Pixel cookie for tracking conversions and retargeting | Advertising/Targeting Cookie | End of session |
| _gcl_au | Google Ads conversion tracking | Advertising/Targeting Cookie | End of session |
| fr | Facebook advertising cookie | Advertising/Targeting Cookie | End of session |
| locale_bar_accepted | saves language and currency preferences | Technical Cookie | End of session |
| cookieconsent_status | Stores cookie consent preferences of visitors | Technical Cookie | End of session |
You can control whether cookies are set and accessed through your browser settings. For example, you can completely disable cookies, restrict them to specific websites, or configure your browser to automatically notify you whenever a cookie is about to be set and ask for your permission. You can also block or delete individual cookies. However, for technical reasons, this may impair some features of our website and prevent them from functioning correctly.
If cookies are only used on our website with your consent, you can also adjust the settings mentioned in section 4.6 in our Cookie Consent Tool. To do this, simply select the "Cookie settings" link.
Data security
All information you submit to us is stored on servers within the European Union and in the USA. Unfortunately, the transmission of information via the internet is not completely secure, which is why we cannot guarantee the security of data transmitted to our website via the internet. However, we protect our website and other systems against loss, destruction, access, alteration, or distribution of your data by unauthorized persons through technical and organizational measures. In particular, your personal data is transmitted to us in encrypted form. We use the SSL (Secure Socket Layer) or TLS (Transport Layer Security) encryption protocol for this purpose.
Use of a consent management tool (CMP)
We have integrated the consent management tool "Cookie First" from Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH Amsterdam, Netherlands, into our website to obtain and document consent for data processing and the use of cookies or similar technologies. The "Cookie First" consent banner allows you to individually grant or refuse your consent for specific functionalities of our website – such as the integration of external elements, streaming content, statistical analyses, audience measurement, or personalized advertising. Using "Cookie First," you can grant or refuse your consent for all functions or grant your consent for individual purposes or functions. Your settings are recorded and can be changed at any time via the tool on our website.
The purpose of integrating "Cookie First" is to allow you to decide on the use of cookies and similar technologies and to document these settings in accordance with legal requirements. When using "Cookie First," personal data such as IP address, timestamp, consent status, user agent, and potentially other device-specific information are processed and stored in encrypted form. Information about your settings is also stored on your device.
The legal basis for processing is Article 6(1)(c) GDPR (legal obligation) as well as Section 25(2)(2) TDDDG and – in the case of legitimate interest – alternatively Article 6(1)(f) GDPR. “Cookie First” supports us in the legally compliant management and documentation of your consent. Our legitimate interests in processing beyond obtaining and documenting the obtained consent lie in particular in the evaluation of consent rates and other functionalities.
Cookie First stores your data for as long as legally or technically required, or until you withdraw your consent or delete the stored information. One year after you configure your user settings, you will be asked for your consent again. The user settings will then be stored again for this period, unless you delete your user settings information yourself beforehand using the designated storage capacity on your device. We have concluded a data processing agreement with Cookie First in accordance with Article 28 of the GDPR.
You can object to the processing of your data if the processing is based on Article 6(1)(f) GDPR. Your right to object exists if there are grounds relating to your particular situation. For data protection inquiries or to exercise your right to object, please contact us via email at support@cookiefirst.com.
Your personal data will not be shared.
We do not share your personal data with third parties unless you have consented to the data transfer or we are authorized or obligated to do so by law and/or by official or court orders. This may include, in particular, providing information for the purposes of law enforcement, public safety, or the enforcement of intellectual property rights.
Data protection and third-party websites
This website may contain hyperlinks to and from third-party websites. If you follow a hyperlink to one of these websites, please note that we cannot assume any responsibility or liability for external content or privacy policies. Please review the applicable privacy policies before submitting any personal data to these websites.
Use of functions on our website
In addition to simply browsing our website, we offer various services that you can use if you are interested. To use these services, you will generally need to provide further personal data, which we will use to provide the respective service. If additional information can be provided voluntarily, this will be clearly indicated.
When you contact us by email or via the contact form, we store your email address and, if you provide it, your name and telephone number in order to answer your questions. (The legal basis for this is Art. 6 para. 1 sentence 1 lit. b GDPR)
Using our online shop
Our online shop is operated on the "Shopify" platform (Shopify Inc., 151 O'Connor Street, Ground floor, Ottawa, ON, K2P 2L8, Canada). When you place an order, your personal data, in particular your name, address, email address, order details, and payment information, is processed directly on Shopify's servers for the purpose of contract fulfillment. Shopify stores and processes this data in Canada and potentially other countries. Canada has an adequate level of data protection recognized by the European Commission. We have a data processing agreement with Shopify in accordance with Article 28 of the GDPR. Further information on Shopify's data protection practices can be found at: https://www.shopify.com/de/legal/datenschutz.
If you wish to place an order in our online shop, you must provide your personal data, which we require to process your order. Mandatory information required for processing the contract is marked accordingly; all other information is voluntary. We process the data you provide to fulfill your order. For this purpose, we may transfer your payment details to our bank. The legal basis for this is Article 6 Paragraph 1 Sentence 1 Letter b GDPR. The legal basis for the mandatory shopping cart cookie and the session cookie used when logging into our shop is Section 25 Paragraph 2 Number 2 TDDDG.
You can voluntarily create a customer account, which allows us to save your data for future purchases. When you create an account under "My Account," the data you provide will be stored until you revoke your consent. You can delete all other data, including your user account, at any time in the customer area.
We may also process the data you provide to inform you about other interesting products from our portfolio or to send you emails with technical information.
Due to commercial and tax regulations, we are obligated to store your address, payment, and order data for ten years. However, after two years, we restrict processing, meaning your data will only be used to comply with legal obligations.
To prevent unauthorized access by third parties to your personal data, especially financial data, the ordering process is encrypted using TLS technology.
When paying via PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal, we forward your payment data to PayPal (Europe) Sarl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") for payment processing. This transfer is carried out in accordance with Art. 6 para. 1 lit. b GDPR and only to the extent necessary for payment processing.
For the payment methods credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal, PayPal reserves the right to conduct a credit check. For this purpose, your payment data may be transferred to credit agencies in accordance with Art. 6 Para. 1 lit. f GDPR based on PayPal's legitimate interest in determining your creditworthiness. PayPal uses the result of the credit check regarding the statistical probability of payment default to decide whether to offer the respective payment method. The credit check may contain probability values (so-called score values). If score values are included in the result of the credit check, they are based on a scientifically recognized mathematical-statistical procedure. Address data is among the data used, but not the only data, in the calculation of the score values. For further information on data protection, including the credit agencies used, please refer to PayPal's Privacy Statement: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.
If you choose a payment method offered by the payment service provider Stripe, payment processing will be handled by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will transfer the information you provided during the ordering process, along with information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency, and transaction number) in accordance with Article 6(1)(b) GDPR. Your data will be transferred exclusively for the purpose of payment processing with the payment service provider Stripe Payments Europe Ltd. and only to the extent necessary for this purpose. Further information on Stripe's data protection practices can be found at https://stripe.com/de/privacy#translation .
Social Media Profile
We maintain a presence on various social media platforms. We manage these profiles with the following providers:
- Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Cala Square, Dublin 2, Ireland, privacy policy at https://www.facebook.com/privacy/center
- Instagram, operated by Meta Platforms Ireland Limited, 4 Grand Cala Square, Dublin 2, Ireland, privacy policy at https://privacycenter.instagram.com/policy
We use the technical platforms and services of the providers for these information services. Please note that you use our presence on social media platforms and their functions at your own risk. This applies in particular to the use of interactive features (e.g., commenting, sharing, rating). When you visit our pages, the social media platform providers collect, among other things, your IP address and other information stored on your device in the form of cookies. This information is used to provide us, as the account operators, with statistical information about your interaction with us. The legal basis for this is your consent: for setting cookies, this is Section 25 Paragraph 1 of the German Telemedia Act (TDDG), and for the subsequent data processing, Article 6 Paragraph 1 Letter a of the GDPR.
The data collected about you in this context is processed by the platforms and may be transferred to countries outside the European Union, particularly the USA. The providers are certified under the EU-US Transatlantic Data Privacy Framework. We have also agreed to so-called standard contractual clauses with these providers, the purpose of which is to ensure an adequate level of data protection in the third country. We do not know how the social media platforms use the data from your visit to our account and your interaction with our posts for their own purposes, how long this data is stored, or whether data is shared with third parties. Data processing may differ depending on whether you are registered and logged in to the social network or are visiting the site as an unregistered and/or logged-out user. When you access a post or the account, the IP address assigned to your device is transmitted to the social media platform provider. If you are currently logged in as a user, a cookie on your device can track your online activity. Through buttons embedded in websites, platforms can track your visits to these websites and associate them with your profile. This data can then be used to tailor content or advertising to you. If you wish to prevent this, you should log out or deactivate the "stay logged in" function, delete the cookies stored on your device, and restart your browser.
As the provider of this information service, we only process data from your use of our service that you provide to us and that requires interaction. For example, if you ask a question that we can only answer by email, we will store your information in accordance with the general principles of our data processing, which we describe in this privacy policy. The legal basis for processing your data on the social media platform is Article 6(1)(f) GDPR.
To exercise your data subject rights, you can contact either us or the provider of the social media platform. If one party is not responsible for responding or needs to obtain the information from the other party, we or the provider will forward your request to the respective partner. For questions about profiling and the processing of your data when using the website, please contact the operator of the social media platform directly. For questions about the processing of your interaction with us on our site, please write to the contact details provided above.
The providers describe what information the social media platform receives and how it is used in their privacy policies (see link in the table above). There you will also find information about how to contact them and how to adjust your ad settings. Further information about social networks and how to protect your data can also be found at www.youngdata.de.
Third-party tools
Use of Google Analytics
This website uses Google Analytics, a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The purpose of using this tool is to analyze your user interactions on websites and in apps and to improve our services and make them more interesting for you as a user through the statistics and reports obtained.
We primarily track interactions between you as a website user and our website using cookies, device/browser data, IP addresses, and website or app activity. Google Analytics also collects your IP addresses to ensure service security and to provide us, as website operators, with information about the country, region, or location of each user (so-called "IP geolocation"). However, for your protection, we naturally use the anonymization function ("IP masking"), meaning that Google truncates IP addresses within the EU/EEA by removing the last octet.
Google acts as a data processor, and we have concluded a corresponding agreement with Google. The information generated by the cookie and the (usually truncated) IP addresses relating to your use of this website are generally transmitted to and processed on a Google server in the USA. The provider is certified under the EU-US Transatlantic Data Privacy Framework. We have also agreed to so-called standard contractual clauses with this provider, the purpose of which is to ensure an adequate level of data protection in the third country.
The legal basis for collecting and further processing this information (which is carried out for a maximum of 14 months) is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). Any necessary cookies will also only be set with your consent in accordance with Section 25 para. 1 TDDDG. You can withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal. In apps, you can reset the advertising ID in the Android or iOS settings. The easiest way to withdraw your consent is via our Consent Manager or by installing the Google browser add-on, which is available via the following link: tools.google.com/dlpage/gaoptout?hl=de/.
Further information on the scope of services offered by Google Analytics can be found at marketingplatform.google.com/about/analytics/terms/de/. Information on data processing when using Google Analytics is provided by Google at the following link: support.google.com/analytics/answer/6004245?hl=de/. General information on data processing, which according to Google also applies to Google Analytics, can be found in Google's privacy policy at www.google.de/intl/de/policies/privacy/ .
Google Conversion Tracking
We use Google Ads with the additional application "Google Conversion Tracking." This is a process that allows us to measure the success of our advertising campaigns. The ads are tagged with a technical feature, such as an ID, which enables us to determine how a user interacts after clicking on the ad and whether one of our services is actually used. This provides us with statistical information about the total number of people who see our ads, which ads are particularly popular, and potentially other information about the results of the ad campaign.
The legal basis for processing your data is also Article 6(1)(a) GDPR, meaning that integration only occurs with your consent. You can prevent or disable the conversion tracking function in the same way as described previously for Google Ads. If a cookie is required for this subsequent data processing, it will be set in accordance with Section 25(1) of the German Telemedia Act (TMG). You can withdraw your consent at any time with effect for the future. To do so, simply select the "Cookie settings" link and adjust the settings accordingly.
Integration of the Trusted Shops Trustbadge
To display our Trusted Shops seal of approval and any collected reviews, as well as to offer Trusted Shops products to buyers after an order, the Trusted Shops Trustbadge is integrated on this website.
This serves to protect our overriding legitimate interests in the optimal marketing of our products and services, as determined by a balancing of interests. The Trustbadge and the services advertised with it are offered by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.
When the Trustbadge is accessed, the web server automatically saves a server log file containing information such as your IP address, the date and time of access, the amount of data transferred, and the requesting provider (access data), thus documenting the access. This access data is not analyzed and is automatically overwritten no later than seven days after your visit to the website.
Further personal data will only be transferred to Trusted Shops if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. In this case, the contractual agreement between you and Trusted Shops applies.
Advertising with Facebook (Pixel and Conversion Tracking)
Furthermore, this website uses advertising measures from Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04X2K5, Ireland ("Facebook"). By integrating the so-called "Facebook Pixel" on our website, we can display our advertising measures ("Facebook Ads") to users of our website and the Facebook social network, and measure and evaluate their success ("conversion tracking"). This connection between Facebook and our website is technically established via the "Facebook Pixel." The legal basis for processing your data is Article 6 Paragraph 1 Sentence 1 Letter a GDPR, meaning that integration only occurs with your consent. If a cookie is required for this subsequent data processing, it will be set in accordance with Section 25 Paragraph 1 of the German Telemedia Act (TMG). You can revoke your consent at any time with effect for the future. To do so, simply select the "Cookie Settings" link and adjust the settings accordingly.
Due to the marketing tools we use, your browser automatically establishes a direct connection to Facebook's server when you visit our website. We have no control over the scope and further use of the data collected by Facebook through this tool and therefore describe the processes we are aware of: By integrating the Facebook Pixel, Facebook receives the information that you have accessed the corresponding page of our website or clicked on one of our ads. If you are registered with a Facebook service, Facebook can associate your visit with your account. Even if you are not registered with Facebook or are not logged in, it is possible that the provider will learn your IP address and other identifying information and use it to create a profile.
The information collected is stored on Facebook servers, including those in the USA. The provider is certified under the EU-US Transatlantic Data Privacy Framework. We have also agreed to standard contractual clauses with this provider, the purpose of which is to ensure an adequate level of data protection in the third country.
You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. The easiest way to withdraw your consent is via our Consent Manager. Alternatively, logged-in users can also object via the provider's function at the following link: www.facebook.com/settings/?tab=ads#_
Further information on data processing by Facebook can be found at Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; Privacy Policy: www.facebook.com/about/privacy .
Use of Google Fonts
Our website uses web fonts provided by Google for the consistent and appealing display of fonts. When you access a page, your browser loads the required web fonts directly from Google's servers to display texts and fonts correctly. In doing so, your IP address is transmitted to Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), and Google learns that our website was accessed via your IP address.
The integration of Google Fonts is in the interest of a consistent and appealing presentation of our website (Art. 6 para. 1 lit. f GDPR). If corresponding consent has been requested (e.g., via a consent banner), processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG; this consent can be revoked at any time.
Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de .
Recipients or categories of recipients
If we share your personal data with third parties, you will be explicitly informed of this in the description of the respective data processing (e.g., when using our contact form). Naturally, we also use external service providers for technical and organizational processing, with whom we have concluded corresponding data processing agreements in accordance with Article 28 of the GDPR. These include, for example, service providers for web hosting, email delivery, maintenance and support of our IT systems, etc.
Storage duration
Your data will be stored for as long as it is absolutely necessary to achieve the respective purpose, but no longer than any legal regulations require us to do so (e.g., under commercial law we are obliged to keep business letters, which may also include emails, for 10 years).
As soon as the purpose for which the data was stored ceases to exist or a storage period prescribed by the aforementioned regulations expires, the personal data will be routinely blocked or deleted.
Your rights
You have extensive rights regarding the processing of your personal data. Firstly, you have a comprehensive right to information and can, if necessary, request the correction, deletion, and/or blocking of your personal data. You can also request a restriction of processing and have the right to object as well as the right to data portability. If you wish to exercise any of your rights and/or obtain further information, please contact us at info@janines-fadenzauber.com
Furthermore, you have the right to lodge a complaint with a supervisory authority. Should you have any questions, comments, or requests regarding our collection, processing, and use of your personal data, please also contact us using the contact details provided.
Right to object
Case-specific right of objection
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions.
We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
Right to object to the processing of data for direct marketing purposes
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling insofar as it is related to such direct marketing.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
You have the option, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures using technical specifications.
There is no obligation to provide personal data.
We do not make the conclusion of contracts with us contingent upon you providing us with personal data beforehand. As a customer, you are generally under no legal or contractual obligation to provide us with your personal data; however, we may be limited or unable to provide certain services if you do not provide the necessary data. If this is exceptionally the case with the products and services we offer, you will be notified separately.