We appreciate your interest in our products. In order to make you feel safe and secure when using our shop, we take the protection and its confidential treatment of your personal data very serious.
Name and contact of responsible person
Responsible for the data protection of this website is
TwoSight GmbH Schindmaaser Weg 17 08371 Glauchau Email: ed.rekitporv@ofni
Collection and storage of personal data and the nature and purpose of their use
Visiting our website
During a purely informative usage of our website, your browser automatically transmits information to our CDN (Content Delivery Network). This is a technical necessity to serve the content you are requesting. The transmitted data includes i.a. the IP address of your device, date and time of the request, URL of the visited page and content of the request. Our website is served through the CDNs Netlify and Cloudflare (see Data Processors).
We are using Sentry (see Data Processors) to improve the availability and integrity of our site. To achieve this, aggregated performance data and error information (in case an error occurs) are send to Sentry. The data collected in the event of an error is recorded pseudonymously and deleted right after being reviewed or latest after 7 days. The aggregated performance data is deleted after three months. The legal basis for processing in order to safeguard our legitimate interests in providing an optimized and error-free shop experience is Article 6 (1) lit. f GDPR.
Using our contact form / contacting us by email
If you'd like to contact us using our contact form or by directly sending us an email, it is required that you provide us your email address, so that we are able to respond to your inquiry. Further provided contact details and the content of your message will be stored for answering/handling your inquiry and for possible follow-up questions.
The form input of our contact form is received by Cloudflare and send to our inbox via Postmark (see Data Processors). Any email contact, being it direct or via our contact form, will be received in our email mailbox, which is hosted by Google (see Data Processors).
The legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) lit. f GDPR and for the usage of our contact form Article 6 (1) lit. a GDPR (obtaining consent). If the goal of the inquiry is to establish a contract the legal basis for processing is additionally Art. 6 para. 1 lit. b. GDPR (fulfillment of a contract).
Using our cart
Any information (articles in the cart, your shipping and billing addresses) in the cart is not saved on our servers. The data in the cart is solely stored within the so called local storage of your browser. When loading the page while having a cart stored in your local storage, a request will be send to our servers to ensure that this cart hasn't been used for an order yet. This request does not contain the content or personal information of your cart. The cart is only send to our servers when you complete the checkout with the final "pay" button on the last review step of the checkout.
When sending an order
When completing the checkout (using the "pay" button on the last confirmation step) and thus sending your order to our server the following data, which is automatically send by your browser to our server (which is hosted on DigitalOcean, see Data Processors), are saved in so called log files (until they are automatically erased on a regular basis):
- ip address of your device
- date and time of the request
- url of the called site
- content of your request
- used browser and p.r.n. operating system
This data is processed, without being assigned to your person, for administrative purposes, such as optimizing the operation, stability and security of our website, as well as tracing possible errors that might occur. This is done within our legitimate interests as of Article 6 para. 1 lit. f GDPR.
In addition to this log data, we save the personal data of your order that is necessary to fulfill the purchase contract. We only save the data legally and technically necessary to fulfill the contract. The legal basis for processing this data is Article 6 (1) lit. a GDPR (obtaining consent before you are able to finalize the order) and Art. 6 para. 1 lit. b. GDPR (fulfillment of a contract). Furthermore, due to commercial- and tax-related laws we are obligated to store the invoice data if your purchase for a period of ten years. The legal basis here is Article 6 para. 1 lit. c GDPR.
Payments are handled by Unzer (see Data Processors). This requires to submit some of your personal information to Unzer. The transmitted data contains your email address, your name, your delivery and invoice address of your order and the total of your order. The legal basis for transmitting this data is Article 6 (1) lit. a GDPR (obtaining consent) and Art. 6 para. 1 lit. b. GDPR (fulfillment of a contract). Depending on the selected payment method through Unzer, the privacy policies the respective payment providers apply, this includes:
- SOFORT: https://www.klarna.com/international/privacy-policy/
- Giropay: https://www.giropay.de/en/legal/private-policy
- PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en_US
- iDEAL: https://www.ideal.nl/en/disclaimer-privacy-statement/
After a successful order, you will receive an order confirmation by email. This email will be send via Postmark (see Data Processors) and contains your email address, your name, the delivery and invoice address and the line items of your order. Once your order gets shipped, we'll send your shipping address to the respective shipping company (selected during checkout) for the purpose of creating a shipping label. For international orders, we are also sending the invoice and or order content to the shipping company necessary for the import of the order in the destination country. The legal basis for transmitting this data is Article 6 (1) lit. a GDPR (obtaining consent) and Art. 6 para. 1 lit. b. GDPR (fulfillment of a contract).
Cookies, Analyse-Tools, Social Media Plugins
Do Not Track
We do not track our customers and therefore do not respond to Do Not Track (DNT) signals.
Rights of data subjects
If your personal data is processed, you have the following rights. You can make use of your rights by contacting us with your request. Your rights are:
- Right of access: You have, in accordance with Art. 15 GDPR, the right to obtain confirmations as to whether or not personal data concerning yourself is being processed, and also to access this personal data.
- Right to Rectification: You have, in accordance with Art. 16 GDPR, the right to obtain the rectification of inaccurate personal data concerning your personal data.
- Right to erasure: You have, in accordance with Art. 17 GDPR, the right to obtain the eareasure of your personal data, as long as the data is not required for the fulfillment of a legal obligations, because of reasons of the public interest or for claiming or defending legal entitlements.
- Right to restriction of processing: If the requirements of Art. 18 GDPR are met, you have the right to obtain the restriction of processing of personal data concerning your person.
- Right to data portability: You have, in accordance with Art. 20 GDPR, the right to receive your personal data (you previously provided) in a structured, commonly used and machine-readable format.
- Right to object: You have the right, as long as the concerned personal data is processed based on legitimate interests as of Article 6 para. 1 lit. f GDPR and as long as the request is based on special circumstances, in accordance with Art. 21 GDPR, to object against the processing of your personal data.
- Withdrawal: Is a processing of personal data based on an obtained consent, you have the right to withdraw your consent (if there are no other legitimate reasons the data is required to be stored/processed).
- Right to lodge a complaint: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority.