Privacy policy

As of October 2021

Tabel of contents

  1. Name and address of the data controller

  2. Contact details of the data protection officer

  3. General information on data processing

  4. Rights of the data subject

  5. Provision of the website and creation of log files

  6. Use of Cookies

  7. Registration

  8. Webshop

  9. Payment options

  10. Shipping service provider

  11. Newsletter

  12. Application by email

  13. Email contact

  14. Contact form

  15. Company presentations

  16. Use of company presences in job-oriented networks

  17. Geotargeting

  18. Partner programs

  19. Content Delivery Networks

  20. Plugins used and Integration of plugins via external service providers


  1. Identity and contact details of the data controller

The data controller responsible in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other national data protection laws of the Member States as well as other data protection regulations is:

LIVE FAST DIE YOUNG Clothing GmbH

Schloßstraße 57

40477 Düsseldorf

Deutschland

+49 (0) 211 361 89449

support@livefastdieyoung.de

www.livefastdieyoung.com


  1. Contact details of the data protection officer

The designated data protection officer is:

DataCo GmbH

Dachauer Str. 65

80335 Munich

Germany

+49 89 7400 45840

www.dataguard.de


  1. General information on data processing

1. Scope of processing personal data

In general, we only process the personal data of our users to the extent necessary in order to provide a functioning website with our content and services. The processing of personal data regularly only takes place with the consent of the user. Exceptions include cases where prior consent technically cannot be obtained and where the processing of the data is permitted by law.

2. Legal basis for data processing

Art. 6 (1) (1) (a) GDPR serves as the legal basis to obtain the consent of the data subject for the processing of their data.

As for the processing of personal data required for the performance of a contract of which the data subject is party, Art. 6 (1) (1) (b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual activities.

When it is necessary to process personal data in order to fulfil a legal obligation to which our company is subject, Art. 6 (1) (1) © GDPR serves as the legal basis.

If vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (1) (d) GDPR serves as the legal basis.

If the processing of data is necessary to safeguard the legitimate interests of our company or that of a third party, and the fundamental rights and freedoms of the data subject do not outweigh the interest of the former, Art. 6 (1) (1) (f) GDPR will serve as the legal basis for the processing of data. If the processing of data is necessary to safeguard the legitimate interests of our company or that of a third party, and the fundamental rights and freedoms of the data subject do not outweigh the interest of the former, Art. 6 (1) (1) (f) GDPR will serve as the legal basis for the processing of data.

3. Data removal and storage duration

The personal data of the data subject will be erased or restricted as soon as the purpose of its storage has been accomplished. Additional storage may occur if it was provided for by the European or national legislator within the EU regulations, law, or other relevant regulations to which the data controller is subject. Restriction or erasure of the data also takes place when the storage period stipulated by the aforementioned standards expires, unless there is a need to prolong the storage of the data for the purpose of concluding or fulfilling the respective contract.

  1. Rights of the data subject

When your personal data is processed, you are subsequently a data subject in the sense of the GDPR and have the following rights:

1. Right to information

You may request from the data controller to confirm whether your personal data is processed by them.

If such processing is the case, you can request the following information from the data controller:

  • The purpose for which the personal data is processed;

  • The categories of personal data being processed;

  • The recipients or categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;

  • The planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;

  • The existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the data controller or a right to object to such processing;

  • The existence of a right of appeal to a supervisory authority;

  • All available information on the source of the data if the personal data is not collected from the data subject;

  • The existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and, in certain cases, meaningful information about the data processing system involved, and the scope and intended result of such processing on the data subject.

You have the right to request information on whether your personal data will be transmitted to a third country or an international organization. In this context, you can then request for the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.

2. Right to rectification

You have a right to rectification and/or modification of the data controller, if your processed personal data is incorrect or incomplete. The data controller must correct the data without delay

3. Right to the restriction of processing

You may request the restriction of the processing of your personal data under the following conditions:

  • If you challenge the correctness of your personal data for a period of time that enables the data controller to verify the accuracy of your personal data;

  • The processing is unlawful, and you refuse the erasure of the personal data and instead demand the restriction of the use of the personal data;

  • The representative no longer needs the personal data for the purpose of processing, but you need it to assert, exercise or defend legal claims; or

  • If you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the data controller outweigh your reasons.

If the processing of personal data concerning you has been restricted, this data may – with the exception of data storage – only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest, interest to the Union, or a Member State.

If the processing has been restricted according to the beforementioned conditions, you will be informed by the data controller before the restriction is lifted.

4. Right to erasure

a) Obligation to erase

If you request from the data controller to delete your personal data with immediate effect, they are required to do so immediately given that one of the following applies:

  • Personal data concerning you is no longer necessary for the purposes for which they were collected or processed.

  • You withdraw your consent, to which the processing is allowed pursuant to Art. 6 (1) (1) (a) GDPR or Art. 9 (2) (a) GDPR and there is no other legal basis for processing the data

  • According to Art. 21 (1) GDPR you object to the processing of the data given that the processing of the data is justified by a legitimate interest, or you object pursuant to Art. 21 (2) GDPR.

  • Your personal data has been processed unlawfully.

  • The act of deleting your personal data will invoke a legal obligation under the Union law or the law of the Member States to which the data controller is subject.

  • Your personal data was collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

b) Information to third parties

If the data controller has made your personal data public and has to delete the data pursuant to Art. 17 (1) GDPR, they shall take appropriate measures, including technical means, to inform data processors who process the personal data, that a request has been made to delete all links to such personal data or copies or replications of the personal data, taking into account available technology and implementation costs to execute the process.

c) Exceptions

The right to deletion does not exist if the processing is necessary

  • to exercise the right to freedom of speech and information.

  • to fulfil a legal obligation required by the law of the Union or of the Member States to which the representative is subject, or to perform a task of public interest or in the exercise of public authority delegated to the representative;

  • for reasons of public interest in the field of public health pursuant to Art. 9 (2) (h) and (i) and Art. 9 (3) GDPR;

  • for archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or

  • to enforce, exercise or defend legal claims.

5. Right to information

If you have the right of rectification, erasure or restriction of processing over the data controller, they are obliged to notify all recipients to whom your personal data have been disclosed of the correction or erasure of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.

You reserve the right to be informed about the recipients of your data by the data controller.

6. Right to data portability

You have the right to receive your personal data given to the data controller in a structured, standard and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance by the data controller who was initially given the data, given that

  • 1. the processing is based on a consent in accordance with Art. 6 (1) (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract in accordance with Art. 6 (1) (1) (b) GDPR and

  • the processing is done by automated means.

In exercising this right, you also have the right to maintain that your personal data relating to you are transmitted directly from one person to another, insofar as this is technically feasible. Freedoms and rights of other persons shall not be affected.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the data controller.

7. Right to object

Subjective to your situation, you have, at any time, the right to object against the processing of your personal data pursuant to Art. 6 (1) (1) (e) or f GDPR; this also applies to profiling based on these provisions.

The data controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, exercising or defending legal claims.

If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data in regard to such advertising; this also applies to profiling insofar as it is associated with direct marketing.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

Regardless of Directive 2002/58/EG, you have the option, in the context of the use of information society services, to exercise your right to object to automated decisions that use technical specifications.

8. Right to withdraw the data protection consent declaration

You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent until the withdrawal.

9. Automated decisions on a case-by-case basis, including profiling

You have the right to not be subjected to a decision based solely on automated processing – including profiling – that will have a legal effect or affect you in a similar manner. This does not apply if the decision:

  • is required for the conclusion or execution of a contract between you and the data controller,

  • is permitted by the Union or Member State legislation to which the data controller is subject, and where such legislation contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or

  • is based is based on your explicit consent.

However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) (a) or g GDPR applies and reasonable measures have been taken to protect your rights and freedoms as well as your legitimate interests.

With regard to the cases referred to in (1) and (3), the data controller shall take appropriate measures to uphold your rights and freedoms as well as your legitimate interests, including the right to obtain assistance from the data controller or their representative, to express your opinion on the matter, and to contest the decision.

10. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in the Member State of your residence or your place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR.

The supervisory authority to which the complaint has been submitted shall inform the accused of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

  1. Provision of website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and relevant information from the computer system of the calling device.

The following data is collected:

  • Browser type and version used

  • The user's operating system

  • The user’s internet service provider

  • The IP address of the user

  • Date and time of access

  • Web pages from which the user’s system accessed our website

This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Purpose of data processing

The temporary storage of the IP address by the system is necessary for the delivery of the website to the computer of the user. For this purpose, the user’s IP address must be kept for the duration of the session.

The storage in logfiles is done to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our IT systems. An analysis of the data for marketing purposes does not take place.

For the aforementioned purposes, our legitimate interest lies in the processing of data in compliance with Art. 6 (1) (1) (f) GDPR.

3. Legal basis for data processing

The legal basis for the temporary storage of data and logfiles is Art. 6 (1) (1) (f) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The session is complete when the collection of data for the provision of the website is accomplished.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is not possible.

5. Objection and removal

The collection of data for the provision of the website as well as the storage of data in log files are essential for the operation of the website. Therefore, the user may not object to the aforementioned processes.

  1. Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or the internet browser on the user’s computer system. If a user calls up a website, a cookie can be stored on the user’s operating system. These cookies contain a string of characters that allows the browser to be uniquely identified when the website is reopened.

Some elements of our website require that the calling browser can be identified even after a page change.

Information on cookies used:

Name

Provider

Storage duration (days)

Purpose

Legal Basis

_kla_id

Klaviyo Inc.

730

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

__zlcmid

Zendesk

365

These cookies are used by Stores the visitor's ID to authenticate the Zendesk Chat widget.

Art. 6 Abs. 1 S. 1 a GDPR

_fbp

Facebook Ireland Ltd.

90

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_ga

Google Ireland Ltd.

730

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_gat

Google Ireland Ltd.

730

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_gcl_au

Google Ireland Ltd.

90

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_gid

Google Ireland Ltd.

1

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_hjIncludedInSessionSample

Hotjar

< 1

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_hjAbsoluteSessionInProgress

Hotjar

< 1

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_hjIncludedInPageviewSample

Hotjar

< 1

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_hjid

Hotjar

< 1

Analysis of user behaviour

Art. 6 Abs. 1 S. 1 a GDPR

_landing_page

Shopify

14

Tracking landing pages.

Art. 6 Abs. 1 S. 1 a GDPR

_orig_referrer

Shopify

14

Tracking landing pages.

Art. 6 Abs. 1 S. 1 a GDPR

_s

Shopify

< 1

Shopify analytics

Art. 6 Abs. 1 S. 1 a GDPR

_shg_session_id

Shogun

< 1

Session ID for shop functionalities

Art. 6 Abs. 1 S. 1 f GDPR 

_shg_user_id

Shogun

1.825

Session ID for shop functionalities

Art. 6 Abs. 1 S. 1 f GDPR 

_shopify_country

Shopify

0

Used in conjunction with the checkout.

Art. 6 Abs. 1 S. 1 f GDPR 

_shopify_d

Shopify

Session

Shopify analytics

Art. 6 Abs. 1 S. 1 a GDPR

_shopify_evids

Shopify

Session

Shopify analytics

Art. 6 Abs. 1 S. 1 a GDPR

_shopify_m

Shopify

365

Used to manage privacy settings of the client

Art. 6 Abs. 1 S. 1 f GDPR 

_shopify_s

Shopify

< 1

Shopify analytics

Art. 6 Abs. 1 S. 1 a GDPR

_shopify_sa_p

Shopify

< 1

Shopify analyses in relation to marketing & recommendations.

Art. 6 Abs. 1 S. 1 a GDPR

_shopify_sa_t

Shopify

< 1

Shopify analyses in relation to marketing & recommendations.

Art. 6 Abs. 1 S. 1 a GDPR

_shopify_tm

Shopify

< 1

Used to manage privacy settings of the client

Art. 6 Abs. 1 S. 1 f GDPR 

_shopify_tw

Shopify

14

Used to manage privacy settings of the client

Art. 6 Abs. 1 S. 1 f GDPR 

_shopify_y

Shopify

365

Shopify analytics

Art. 6 Abs. 1 S. 1 a GDPR

_tracking_consent

Shopify

365

Tracking settings

Art. 6 Abs. 1 S. 1 f GDPR 

_y

Shopify


Shopify analytics

Art. 6 Abs. 1 S. 1 a GDPR

cart_currency

Shopify

14

Used in conjunction with the shopping cart.

Art. 6 Abs. 1 S. 1 f GDPR 

cart_sig

Shopify

14

Used in conjunction with the shopping cart.

Art. 6 Abs. 1 S. 1 f GDPR 

cookieconsent_preferences
_disabled

Live Fast Die Young

365

Used for setting the currency

Art. 6 Abs. 1 S. 1 f GDPR 

cookieconsent_status

Live Fast Die Young

365

Used for setting the currency

Art. 6 Abs. 1 S. 1 f GDPR 

locale_bar_accepted

Shopify

Session

Used for setting the currency

Art. 6 Abs. 1 S. 1 f GDPR 

secure_customer_sig

Shopify

365

Used in conjunction with the customer login.

Art. 6 Abs. 1 S. 1 f GDPR 

shopify_pay_redirect

Shopify

< 1

Used in conjunction with the checkout.

Art. 6 Abs. 1 S. 1 f GDPR 

The user data collected in this way is pseudonymized by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the users.

The user data collected through technically necessary cookies are not used to create user profiles.

2. Legal basis for data processing

The legal basis for the processing of personal data using non-technical cookies is Art. 6 (1) (1) (a) GDPR.

The legal basis for the processing of personal data using technical cookies is Art. 6 (1) (1) (f) GDPR.

3. Duration of storage, possibility of objection and elimination

Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

If you use a Safari browser from version 12.1, cookies are automatically deleted after seven days. This also applies to opt-out cookies, which are set to prevent tracking measures.

  1. Registration

1. Description and scope of data processing

We offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data will not be passed on to third parties. The following data is collected as part of the registration process:

  • Email address

  • Last name

  • First name

  • Telephone / mobile phone number

  • Date and time of registration

  • Date of birth

As part of the registration process, the user's consent to the processing of this data is obtained.

2. Purpose of data processing

A registration of the user is necessary for the fulfilment of a contract with the user or for the execution of pre-contractual measures.

We process the data provided to us for the execution of the contract, depending on the desired method of payment, for a pre-contractual check and for possible processing of warranty claims. The legal basis for this is found in Art. 6 (1) c) and f) GDPR. In addition, the service providers we use (such as logistics companies, payment intermediaries) receive the necessary data about you or your order. Depending on the selected payment method, we also carry out credit checks. Without correct personal data, we can either not accept orders at all or only offer a limited selection of payment methods. Within the framework of the operation of our company, we process your data by means of our IT systems. In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored. We may also process the data you provide in order to inform you about other interesting products from our portfolio or to contact you on certain occasions.

If you send us enquiries or messages by post, by fax, by e-mail or via a contact form which relate to orders, we store your enquiry or message as well as our reply within the scope of our commercial and tax law retention obligations as correspondence relating to the respective order or to your customer account. In the case of other enquiries or communications by post, by fax, by e-mail or via a contact form, we will use the personal data you provide in the enquiry solely to respond to your enquiry but will not subsequently store your enquiry or the personal data provided in the enquiry.

3. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 (1) (1) (a) GDPR if the user has given his consent.

If the registration serves the fulfilment of a contract to which the user is a party or the execution of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 (1) (1) (b) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.

This is the case for the data collected during the registration process for the fulfilment of a contract or for the execution of pre-contractual measures if the data is no longer required for the implementation of the contract. Even after the conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to comply with contractual or legal obligations.

5. Objection and removal

As a user you have the possibility to cancel the registration at any time. You can request a change to the data stored about you at any time.

You have the right to demand that we delete your personal data under the conditions of Art. 17 (1) GDPR. However, this right does not exist in particular if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims.

For a request for erasure, support@livefastdieyoung.de can be contacted.

If the data is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, a premature deletion of the data is only possible insofar as contractual or legal obligations do not stand in the way of a deletion.

  1. Webshop

We offer a web shop on our website. For this purpose, we use the Software as a Service (SaaS) rental shop system of a service provider commissioned by us.

The name of our SaaS rental shop system and the name and address of the service provider are:

Shopify of the provider Shopify International Limited, 1-2 Haddington Road, D04 XN32, Dublin, Ireland (Hereinafter referred to as Shopify).

Further information can be found in the provider's privacy policy:
https://www.shopify.com/legal/privacy

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The stored information is:

  • Browser type and version

  • Used operating system

  • Referrer URL

  • Hostname of the accessing computer

  • Time and date of the server request

  • IP address of the user's device

This data will not be merged with other data sources. The data is collected on the basis of Art. 6 (1) (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - and server log files are therefore recorded.

We have concluded a data processing agreement with the relevant service provider in which we oblige the relevant service provider to protect user data and not to pass it on to third parties.

The server of the website is geographically located in the United States of America.

  1. Payment options

1. Description and scope of data processing

We offer our customers various payment options for processing their orders. Depending on the payment option, we transfer customers to the platform of the payment service provider in question. After completion of the payment process, we receive the customer's payment data from the payment service providers or our house bank and process these in our systems for billing and accounting purposes.

Payment via credit card

It is possible to complete the payment process by credit card.

If you have chosen to pay by credit card, payment details will be passed on to payment service providers for payment processing. All payment service providers comply with the requirements of the "Payment Card Industry (PCI) Data Security Standards" and have been certified by an independent PCI Qualified Security Assessor.

The following data will be transmitted regularly as part of payment via credit card:

  • Purchase amount

  • Date and time of purchase

  • First and last name

  • Address

  • Email address

  • Credit card number

  • Credit card validity period

  • Card validation code (CVC)

  • IP address of the user's device

  • Telephone number / mobile phone number

Payment data is passed on to the following payment service providers:

  • Shopify Payments

Further information on the data protection guidelines as well as objection and removal options for payment service providers can be found here:

Payment via PayPal

It is possible to process payment transactions with the payment service provider PayPal. PayPal offers a direct payment method as well as purchase on invoice, direct debit, credit card and installment payment.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg.

If you choose PayPal as your payment method, your data required for the payment process is automatically transmitted to PayPal.

Following data is processed:

  • Name

  • Address

  • Email address

  • Telephone / mobile phone number

  • IP address of the user's device

  • Bank account details

  • Credit card number

  • Card validation date and code (CVC)

  • Number of items

  • Product code

  • Data on goods and services

  • Transaction amount and tax dues

  • Information on previous purchasing behavior

The data transmitted to PayPal may be transmitted by PayPal to credit agencies. The purpose of this transmission is a check of identity and credit score.

PayPal may also share your information with third parties to the extent necessary to fulfil your contractual obligations or to process the information on behalf of PayPal. When transferring your personal information within companies affiliated with PayPal, the Binding Corporate Rules, approved by the relevant regulatory authorities, apply. You can find them here:
https://www.paypal.com/uk/webapps/mpp/ua/bcr?locale.x=en_GB
Other data transfers may be based on contractual safeguards. For further information please contact PayPal.

All PayPal transactions are subject to PayPal's privacy policy. You can find them at:
https://www.paypal.com/uk/webapps/mpp/ua/privacy-full/

Payment via Sofortüberweisung

There is the possibility of Payment via Sofortüberweisung. In this case, the data will be collected by Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany.

The data controller does not collect and store the data himself.

With the issue of an Sofortüberweisung you instruct Sofort GmbH to automatically check,

whether your account covers the amount to be transferred (account coverage check), and any instant transfers of the last 30 days have been successfully completed from your account,

and, after positive verification, to transmit the transfer order approved by you to your bank in electronic form, and to inform us, as the payment recipient selected by you (online provider), of the successful termination of the transfer.

Sofort GmbH requires the IBAN, PIN and TAN of your online banking account. As part of the ordering process, you will automatically be forwarded to the secure payment form of Sofort GmbH.

Immediately afterwards you will receive confirmation of the transaction. We will then directly receive the transfer credit note.

Anyone who has an activated online banking account with PIN/TAN procedure can use Sofortüberweisung as a payment method.

Please note that a few banks do not yet support Payment via Sofortüberweisung.

For further information please click on the following link:
https://www.sofort.com/ger-DE/general/fuer-kaeufer/fragen-und-antworten/.

Further information on the stored data can be found at
https://www.klarna.com/sofort/#cq-0.

Further payment methods

We also offer payment with the following options:

Google Pay, ApplePay, ShopPay, iDeal, EPS, bancontact

2. Purpose of data processing

The transmission of payment data to payment service providers serves to process payments, e.g. if you purchase a product and/or use a service.

3. Legal basis for data processing

The legal basis for data processing is Art. 6 (1) (1) (b) GDPR, since the processing of the data is necessary for the execution of the concluded sales contract.

4. Duration of storage

All payment data as well as data on possible chargebacks are only stored as long as they are required for payment processing and a possible processing of chargebacks and debt collection as well as for combating misuse.

Furthermore, payment data may be stored beyond this if and as long as this is necessary to comply with statutory retention periods or to prosecute a specific case of misuse.

Your personal data will be deleted at the end of the statutory retention period, i.e. after 10 years at the latest.

5. Objection and removal

You can withdraw your consent to the processing of your payment data at any time by notifying the data controller or the payment service provider used. However, the payment service provider used may still be entitled to process your payment data if and as long as this is necessary for the contractual payment processing.

  1. Shipping service providers

1. Description and scope of data processing

If you order products or services on our website that are delivered by a shipping service provider, you will receive your order and shipping confirmation via your email address and, depending on the shipping service provider, notification that your shipment has arrived and/or notification of package arrival and possible delivery options.

The data will be transmitted to the following shipping service providers:

  • DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

  • DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Germany

  • FedEx Express - European Office, Taurusavenue 111, 2132 LS Hoofddorp, Netherlands

  • UPS Europe SA, Ave Ariane 5, Brussels, B-1200, Belgium

The data transmitted are regular:

  • Name

  • Address

  • Email address

2. Purpose of data processing

The purpose of processing personal data is to give Shipping service providers the opportunity to inform recipients of the progress of a shipment by email and thus increase the probability of successful delivery.

3. Legal basis for data processing

The legal basis for the transmission of the email address to the respective shipping service provider and its use is Art. 6 (1) (1) (f) GDPR, based on our legitimate interest in being able to offer the notification service to our customers and thus to make shipping as customer-friendly as possible.

4. Duration of storage

The transmitted data will be deleted by the respective shipping service provider if the package was delivered successfully.

5. Objection and removal

The notification service provided by the shipping service provider may be terminated by the user concerned at any time. For this purpose, there is a corresponding opt-out link in every email.

  1. Newsletter

1. Description and scope of data processing

It is possible to subscribe to a newsletter free of charge. When you register for the newsletter, the following data from the input mask will be transmitted to us:

  • Email address

  • Date and time of registration

Your consent will be obtained for the processing of your data during the registration process and reference will be made to this privacy policy.

If you purchase goods or services on our website and enter your email address, we may subsequently use it to send you a newsletter. In such a case, only direct advertising for similar goods or services will be sent via the newsletter.

No data will be passed on to third parties in connection with data processing for the dispatch of newsletters. The data will be used exclusively for sending the newsletter.

2. Purpose of data processing

The user's email address is collected to deliver the newsletter to the recipient.

3. Legal basis for data processing

The legal basis for the processing of data provided by the user after registration for the newsletter is Art. 6 (1) (1) (a) GDPR if the user has given his consent.

Art. 7 (3) UWG provides the legal basis for the dispatch of the newsletter as a result of the sale of goods or services.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The user's email address will therefore be stored as long as the newsletter subscription is active.

The other personal data collected during the registration process is generally deleted after a period of seven days.

5. Objection and removal

The subscription for the newsletter can be cancelled by the data subject at any time. For this purpose, every newsletter contains an opt-out link.

Through this, it is also possible to withdraw the consent to the storage of personal data collected during the registration process.

  1. Application by email

1. Scope of the processing of personal data

You can send us your application by email. We will collect your email address and the data you provide in the email.



    • Email address

    • Salary expectation

    • Other information provided by the applicant

2. Purpose of the data processing

The processing of personal data from your application email is solely for the purpose of processing your application.

3. Legal basis for data processing



The legal basis for the processing of your data is the initiation of a contract at the request of the data subject, Art. 6 para. 1 p.1 lit. b Alt. 1 DSGVO and § 26 para. 1 p. 1 BDSG.



4. Duration of storage



After completion of the application process, the data will be stored for up to six months. Your data will be deleted after the six months at the latest. In the event of a legal obligation, the data will be stored within the framework of the applicable provisions.



5. Possibility of objection and removal



The applicant has the possibility to object to the processing of personal data at any time. In such a case, the application can no longer be considered. If an objection is made to the further storage of application documents during a retention period of 6 months after rejection, this objection will probably not be carried out in accordance with Art. 21 para. 1 p. 2 DSGVO, as the data controller retains data for more than 6 months for the defense of legal claims.



To request deletion, please contact bewerbung@livefastdieyoung.de .

  1. Contact via Email

1. Description and scope of data processing

You can contact us via the email address provided on our website. In this case the personal data of the user transmitted with the email will be stored.

The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing

If you contact us via email, this also constitutes the necessary legitimate interest in the processing of the data.

3. Legal basis for data processing

If the user has given consent, the legal basis for processing the data is Art. 6 (1) (1) (a) GDPR.

The legal basis for the processing of data transmitted while sending an email is Art. 6 (1) (1) (f) GDPR. If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) (1) (b) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be concluded from the circumstances that the matter in question has been conclusively resolved.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Objection and removal

The user has the possibility to withdraw the consent to the processing of their personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time.

You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail, or by e-mail to the e-mail address stated under point 1 of this data protection declaration. In this case, all personal data stored while establishing contact will be deleted.

  1. Contact form

1. Description and scope of data processing

A Contact form is available on our website, which can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.

When sending the message the following data will also be stored:

  • Email address

  • Date and time of registration

As part of the sending process, your consent will be obtained for the processing of your data and reference will be made to this privacy policy.

Alternatively, you can contact us via the email address provided. In this case the personal data of the user transmitted with the email will be stored.

The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing

The processing of the personal data from the input mask serves us exclusively for the purpose of establishing contact. If you contact us by email, this also constitutes our necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the Contact form and to ensure the security of our information technology systems.

3. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 (1) (1) (a) GDPR if the user has given his consent.

The legal basis for the processing of data transmitted while sending an email is Art. 6 (1) (1) (f) GDPR. If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) (1) (b) GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the Contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the facts in question have been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Objection and removal

The user has the possibility to withdraw the consent to the processing of their personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time.

You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail, or by e-mail to the e-mail address stated under point 1 of this data protection declaration. In this case, all personal data stored while establishing contact will be deleted.

  1. Corporate Appearances

Use of corporate profiles on social networks

Instagram:

Instagram, Part of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland.

On our company profile we provide information and offer Instagram users the possibility of communication. If you carry out an action on our Instagram company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by Instagram, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

Our corporate presence in social networks is used for communication and information exchange with (potential) customers. We use the company's profile for:

Presentation of the products / collections

Publications on the company profile can contain the following content:

  • Information about products

Every user is free to publish personal data.

The legal basis for data processing is Art. 6 (1) (1) (a) GDPR.

The data generated on the company profile are not stored in our own systems.

You can object at any time to the processing of your personal data that we collect within the framework of your use of our Instagram corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to support@livefastdieyoung.de. For further information on the processing of your personal data by Instagram and the corresponding objection options, please click here:

Instagram: https://help.instagram.com/519522125107875

YouTube:

YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States.

On our company profile we provide information and offer YouTube users the possibility of communication. If you carry out an action on our YouTube company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by YouTube, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

Our corporate presence in social networks is used for communication and information exchange with (potential) customers. We use the company's profile for:

Presentation of the products / collections

Publications on the company profile can contain the following content:

  • Information about products

Every user is free to publish personal data.

The legal basis for data processing is Art. 6 (1) (1) (a) GDPR.

The data generated on the company profile are not stored in our own systems.

You can object at any time to the processing of your personal data that we collect within the framework of your use of our YouTube corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to support@livefastdieyoung.de. For further information on the processing of your personal data by YouTube and the corresponding objection options, please click here:

YouTube: https://policies.google.com/privacy?gl=DE&hl=en

  1. Use of corporate profiles in professionally oriented networks

1. Scope of data processing

We use corporate profiles on professionally oriented networks. We maintain a corporate presence on the following professionally oriented networks:

LinkedIn:

LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland.

XING:

XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany.

On our site we provide information and offer users the possibility of communication.

The corporate profile is used for job applications, information, public relations, and active sourcing.

We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate profile. Further information can be found in the privacy policy of:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy

XING:

https://privacy.xing.com/en

If you carry out an action on our company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public.

2. Legal basis for data processing

The legal basis for the processing of your data in connection with the use of our corporate web profile is Art. 6 (1) (1) (f) GDPR.

3. Purpose of the data processing

Our corporate web profile serves to inform users about our services. Every user is free to publish personal data.

4. Duration of storage

We store your activities and personal data published via our corporate web profile until you withdraw your consent. In addition, we comply with the statutory retention periods.

5. Objection and removal

You can object at any time to the processing of your personal data which we collect within the scope of your use of our corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to the email address stated in this privacy policy.

You can find further information on objection and removal options here:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy

XING:

https://privacy.xing.com/en

  1. Geotargeting

We use the IP address and other information provided by the user (e.g. the postal code used for registration or ordering) to approach regional target groups (so-called "geotargeting").

The regional target group approach is used, for example, to automatically display regional offers or advertisements that often are more relevant to users. The legal basis for the use of the IP address and any other information provided by the user (e.g. postal code) is Art. 6 (1) (1) (f) GDPR, based on our legitimate interest in ensuring a more precise target group approach and thus providing offers and advertising with greater relevance for our users.

Part of the IP address and the additional information provided by the user (e.g. postal code) are merely processed and not stored separately.

You can prevent geotargeting by, for example, using a VPN or proxy server that prevents accurate localization. In addition, depending on the browser you are using, you can also deactivate a location localization in the corresponding browser settings (as far as this is supported by the respective browser).

We use geotargeting on our website for the following purposes:

  • Customer approach

  • Language selection and currency selection

  1. Affiliate programs

Furthermore, we use the services of the following partner programmes:

Webgains

1. scope of the processing of personal data

We use functionalities of the affiliate marketing network of Webgains GmbH, Frankenstr. 150c, 90461 Nuremberg, Germany.

With the help of Webgains, we can place advertisements on the websites of third parties (so-called publishers) in order to target our target group with marketing and advertising content that is relevant to them.

Tracking cookies from Webgains are stored on your terminal device in order to be able to track conversions on the publisher's websites. The following personal data is processed by Webgains:

  • Website ID

  • ID of the merchant page

  • ID of the advertising medium on which you clicked

  • Any references that the website attaches to the click

  • Time of click

  • Click origin

  • Link of the website that was clicked on

  • Link of the web page on which the click was made

  • Expiry point of the relationship between the website and the merchant.

Further information on the processing of data by Webgains can be found here: https://www.webgains.com/public/de/datenschutzerklaerung/

2. purpose of the data processing

The use of Webgains is for us to participate in an affiliate marketing network. This enables us to place targeted advertisements for our products on relevant websites and thus better reach our target group in order to increase our sales.

3 Legal basis for the processing of personal data

The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 Para. 1 S.1 lit. a DSGVO.

4 Duration of storage

Your personal information will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.

For further details on the storage period of Webgains' cookies, please refer to the privacy policy: https://www.webgains.com/public/de/datenschutzerklaerung/.

5. revocation and removal options

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

You can prevent the collection as well as the processing of your personal data by Webgains by preventing the storage of third-party cookies on your computer, using the ""Do Not Track"" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

You can find further information on objection and removal options vis-à-vis Webgains at: https://www.webgains.com/public/de/datenschutzerklaerung/.

Information on the data protection policies of these providers can be found on the respective websites.

  1. Content Delivery Networks

Furthermore, we use the services of the following Content Delivery Networks:

Fastly CDN

Information on the privacy policies of these providers can be found on the respective websites.

1. Description and scope of data processing

On our website, we use functions of the content delivery network Fastly CDN of Fastly Inc, 475 Brannan Street Suite 300, San Francisco, CA 94107, USA (hereinafter referred to as: Fastly). A Content Delivery Network (CDN) is a network of regionally distributed servers connected via the Internet to deliver content - especially large media files such as videos. Fastly provides web optimization and security services that we use to improve the loading times of our website and to protect it from misuse. When you visit our website, a connection is established to Fastly's servers, e.g. to retrieve content. Personal data may be stored and analyzed in server log files, in particular the user's activity (especially which pages have been visited) and device and browser information (especially the IP address and the operating system).

Further information on the collection and storage of data by Fastly can be found here: https://www.fastly.com/de/privacy/.

2. Purpose of data processing

The use of the functions of Fastly serve the delivery and acceleration of online applications and content.

Legal basis for data processing

The collection of this data is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be collected.

4 Duration of storage

Your personal information will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law.

5. objection and removal options

For information on opting out and opting out of Fastly, please visit: https://www.fastly.com/de/privacy/.

Information on the privacy policies of these providers can be found on their respective websites.

  1. Usage of Plugins and Integration of plugins via external service providers

We use plugins for various purposes. The plugins used are listed below:

Name

Provider

Third country transfer

Purpose

Legal basis

Information on appropriate safeguards for third country transfers

Facebook Pixel

Facebook Ireland Ltd.

USA

Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://www.facebook.com/legal/EU_data_transfer_addendum/update

Facebook Retargeting

Facebook Ireland Ltd.

USA

Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://www.facebook.com/legal/EU_data_transfer_addendum/update

Facebook custom audience

Facebook Ireland Ltd.

USA

Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://www.facebook.com/legal/EU_data_transfer_addendum/update

Google Analytics

Google Ireland Ltd.

USA

Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://business.safety.google/gdpr/

Google AdWords

Google Ireland Ltd.

USA

Marketing / Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://business.safety.google/gdpr/

Google Ads Remarketing

Google Ireland Ltd.

USA

Marketing / Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://business.safety.google/gdpr/

Google Marketing Platform

Google Ireland Ltd.

USA

Marketing / Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://business.safety.google/gdpr/

Google Maps

Google Ireland Ltd.

USA

Map service

Art. 6 Abs. 1 S. 1 a GDPR

https://business.safety.google/gdpr/

Google ReCaptcha

Google Ireland Ltd.

USA

Bot Protection

Art. 6 Abs. 1 S. 1 a GDPR

https://business.safety.google/gdpr/

Google double Click

Google Ireland Ltd.

USA

Marketing / Tracking

Art. 6 Abs. 1 S. 1 a GDPR

https://business.safety.google/gdpr/

Hotjar

Hotjar Ltd.

Malta

Customer surveys

Art. 6 Abs. 1 S. 1 a GDPR

Kein Transfer außerhalb der EU.

Vimeo

Vimeo Inc.

USA

Video integration in the online shop

Art. 6 Abs. 1 S. 1 a GDPR

https://vimeo.com/enterpriseterms/dpa

Shopify

Shopify International Ltd.

USA

Provider of the shop system

Art. 6 Abs. 1 S. 1 a GDPR

https://help.shopify.com/en/manual/your-account/privacy/GDPR/gdpr-faq#will-shopify-sign-standard-contractual-clauses

Zendesk

Zendesk, Inc.

USA

Customer Support

Art. 6 Abs. 1 S. 1 a GDPR

https://www.zendesk.com/company/data-processing-form/

Klaviyo

Klaviyo Inc.

USA

E-Mail Marketing

Art. 6 Abs. 1 S. 1 a GDPR

https://www.klaviyo.com/legal/dpa

Webgains

Webgains GmbH

Deutschland

Tracking

Art. 6 Abs. 1 S. 1 a GDPR

Kein Transfer außerhalb der EU.

Fastly

Fastly Inc.

USA

The CDN used by Shopify

Art. 6 Abs. 1 S. 1 a GDPR

https://www.fastly.com/de/data-processing

1. Duration of storage

Your personal information will be stored for as long as is necessary to fulfil the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.



2. Transfer to third countries

When using the plugins marked with third country transfer or USA, personal data may be transferred to servers in the USA. The legal basis for this transfer is consent according to Art. 6 para. 1 p. 1 lit. a DSGVO. The United States of America does not provide an adequate level of data protection based on a decision of the European Union. The main risk of the transfer lies in the obligation of the plug-in providers to make user data accessible to American authorities under certain circumstances. An order processing agreement with standard contractual clauses is currently in place with all providers in order to make the third-country transfer as data protection-friendly and secure as possible. Adjustments to the ECJ ruling of 16.07.2020 (Schrems II, ref. C-311/18) including additional security measures are currently being sought by us. A copy of the standard data protection clauses can be requested by sending us an informal email.

3. Revocation and removal options

You have the right to revoke your data protection consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.

You can prevent the collection as well as the processing of your personal data by the respective providers by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

This privacy policy has been created with the assistance of DataGuard.