Privacy Policy

for consent to the processing of personal data by the website of
ICheer GmbH
www.icheer.de and its subdomain

Collection, processing and use of personal data

You do not have to provide any data to visit our online shop. We only store anonymized access data without personal reference, such as the name of your internet service provider, the page from which you visit us or the name of the requested file. Cookies can be used for data collection, but they also collect and store the data exclusively in anonymous or pseudonymous form and do not allow any conclusions to be drawn about your person. We only collect personal data if you voluntarily provide it to us during the ordering process, when opening a customer account or when registering for our newsletter. We use the collected data exclusively for processing the contract. After complete contract processing, your data will be blocked and deleted after the expiry of the tax and commercial law regulations, unless you have expressly consented to a further use of data. If you register with your email address for our monthly newsletter, we will use your email address for our own advertising purposes until you unsubscribe from the newsletter.
The following regulations inform you about the type, scope and purpose of the collection, use and processing of personal data by the provider, the responsible body within the meaning of the BDSG:

ICheer GmbH

Berta-Benz-Str. 108
64404 Bickenbach
Germany
Email: info[at]icheer.de

Managing Director

Mr. Jurij Seitenzahl
Mr. Yannic Lou Schmidt

Data security

Your personal data is encrypted using Hypertext Transfer Protocol Secure (https) and transmitted to us. Our websites are protected by technical and organizational measures against damage, loss, destruction, unauthorized access. We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps.
Complete protection of data against access by third parties is not possible.

Right to information & revocation

(1) For the execution of purchase contracts (initiation, conclusion, processing, warranties and reversal), for our service services, the technical administration, own marketing purposes and ensuring the correspondence between you and us, we collect personal data for the ordering process as well as for opening a customer account, which include in detail: Name, contact details, payment data, eMail, telephone number. A transfer of your data can in principle take place to several companies, as far as this is necessary for the processing of our contractual relationship, in particular in the following cases:
a) A transfer always takes place for the purpose of delivery to the shipping company commissioned by us for this purpose. The transfer includes only such data that are necessary for sending the goods.
b) If payment services are used for the payment process (e.g. Paypal, Visa, Mastercard etc.), your data will be passed on to the payment intermediaries used. The same applies with regard to the credit institutions commissioned with the payment.
c) In the event of payment disruptions, a claim can be assigned to a collection agency. In addition, information can be sent to credit agencies. The transfer of the personal data required for this purpose is based on the explanations on CREDIT ASSESSMENT. The transferred data may be used by the service providers exclusively for the purpose of their transfer.
(2) In addition, your personal data will not be passed on to third parties, unless we are legally obliged to do so or you have given us your prior consent.
(3) Personal data that you provide to us for the processing of orders may be stored for up to 10 years for commercial and tax reasons.
(4) Your personal data is encrypted using Hypertext Transfer Protocol Secure (https) and transmitted to us. Our websites are protected by technical measures against damage, destruction, unauthorized access.
(5) You will receive information about your data stored by us free of charge at any time without giving reasons. You can have your data collected by us blocked, corrected or deleted at any time. You can revoke your consent to data collection and use granted to us at any time without giving reasons. If you make use of your right of objection, we will terminate the processing of the data concerned. However, further processing remains reserved if we can prove compelling legitimate grounds for the processing that outweigh your interests, fundamental rights and freedoms, or if the processing serves to assert, exercise or defend legal claims. Contact info[at]icheer.de.
(6) Without the consent of the customer, the provider will not use customer data for advertising, market or opinion research purposes.

Duration of storage of personal data

The duration of the storage of personal data is based on the respective statutory retention period (e.g. commercial and tax retention periods). After the expiry of the period, the corresponding data are routinely deleted, provided that they are no longer required for contract fulfillment or contract initiation and/or there is no legitimate interest on our part in the further storage.
These include:

  • The original purpose of data processing no longer exists
  • The existing contractual relationship ends and there is no other basis for processing (e.g. a declaration of consent)
  • The declaration of consent to data processing is revoked

Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie.
Cookies also serve to simplify the ordering process by storing settings (e.g. remembering the contents of a virtual shopping cart for a later visit to the website). If personal data are also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 Para. 1 lit. b GDPR either for the execution of the contract or in accordance with Art. 6 Para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.
Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. These can be found for the respective browsers under the following links:
Internet Explorer: https://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: https://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/kb/ph21411?locale=de_DE
Opera: https://help.opera.com/Windows/10.20/de/cookies.html
Please note that the functionality of our website may be limited if cookies are not accepted.

Server log files

When using our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you reached the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymized form)

The processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. A transfer or other use of the data does not take place. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

Contact

In the context of contacting us (e.g. via contact form or e-mail), personal data are collected. Which data are collected in the case of a contact form can be seen from the respective contact form. These data are stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 Para. 1 lit. f GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 Para. 1 lit. b GDPR. Your data will be deleted after final processing of your request, this is the case when it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no legal storage obligations to the contrary.

Data processing when opening a customer account and for contract processing

In accordance with Art. 6 Para. 1 lit. b DGSVO, personal data are also collected and processed if you provide them to us for the execution of a contract or when opening a customer account. Which data are collected can be seen from the respective input forms. A deletion of your customer account is possible at any time and can be done by sending a message to the above-mentioned address of the responsible person. We store and use the data you provide for contract processing. After complete processing of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after expiry of these periods, unless you have expressly consented to a further use of your data or a legally permitted further data use has been reserved by our side, about which we inform you accordingly below.

Newsletter data

If you subscribe to our e-mail newsletter, we will send you regular information about our offers. Mandatory information for sending the newsletter is only your e-mail address. The provision of further data is voluntary and will be used to address you personally. For the dispatch of the newsletter, we use the so-called double opt-in procedure. This means that we will only send you an e-mail newsletter if you have expressly confirmed to us that you consent to the sending of newsletters. We will then send you a confirmation e-mail asking you to confirm by clicking on a corresponding link that you want to receive newsletters in the future.
By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 Para. 1 lit. a GDPR. When you register for the newsletter, we store your IP address registered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace a possible misuse of your e-mail address at a later point in time. The data collected by us when registering for the newsletter will be used exclusively for the purpose of advertising in the form of the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the responsible person mentioned at the beginning. After unsubscribing, your e-mail address will be deleted immediately in our newsletter distribution list, unless you have expressly consented to a further use of your data or we reserve a further data use that is permitted by law and about which we inform you in this declaration.

Newsletter dispatch via MailChimp

Our e-mail newsletters are sent via the technical service provider The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (https://www.mailchimp.com/), to whom we pass on your data provided during newsletter registration. This transfer takes place in accordance with Art. 6 Para. 1 lit. f GDPR and serves our legitimate interest in the use of an effective, secure and user-friendly newsletter system. Please note that your data is usually transferred to a MailChimp server in the USA and stored there.
MailChimp uses this information to send and statistically evaluate the newsletter on our behalf. For the evaluation, the sent e-mails contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. This allows us to determine whether a newsletter message has been opened and which links have been clicked. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). The data is collected exclusively pseudonymized and is not linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you want to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
Furthermore, MailChimp can use this data in accordance with Art. 6 Para. 1 lit. f GDPR itself on the basis of its own legitimate interest in the needs-based design and optimization of the service as well as for market research purposes, for example to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or pass them on to third parties.
To protect your data in the USA, we have concluded a data processing agreement ("Data-Processing-Agreement") with MailChimp on the basis of the standard contractual clauses of the European Commission in order to enable the transfer of your personal data to MailChimp. This data processing agreement can be viewed at the following Internet address if you are interested: https://mailchimp.com/legal/forms/data-processing-agreement/
MailChimp is also certified under the US-European data protection agreement "Privacy Shield" and thus undertakes to comply with EU data protection regulations.
The data protection regulations of MailChimp can be viewed here: https://mailchimp.com/legal/privacy/

Data processing for order processing

For the processing of your order, we work together with the following service providers, who support us in whole or in part in the execution of concluded contracts. Certain personal data are transmitted to these service providers in accordance with the following information.
The personal data collected by us will be passed on to the transport company commissioned with the delivery within the scope of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution within the scope of payment processing, insofar as this is necessary for payment processing. If payment service providers are used, we will inform you explicitly about this below. The legal basis for the transfer
of the data is Art. 6 Para. 1 lit. b GDPR.

Use of payment service providers (payment service providers)

Paypal

When paying via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “installment payment” via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”) as part of the payment processing. The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only to the extent that this is necessary for payment processing.
PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “installment payment” via PayPal. For this purpose, your payment data may be forwarded to credit agencies in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of PayPal's legitimate interest in determining your ability to pay. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, these are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Further data protection information, including information on the credit agencies used, can be found in PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

Use of Google reCAPTCHA

On this website, we also use the reCAPTCHA function from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). This function is primarily used to differentiate whether an entry is made by a natural person or is misused by automated processing. The service includes sending the IP address and, if necessary, other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in determining the individual intention of actions on the Internet and avoiding misuse and spam.
Google LLC, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the level of data protection applicable in the EU.
Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/

Google Web Fonts

This page uses web fonts provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) for the uniform display of fonts. When you access a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online services. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer.
Google LLC, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the level of data protection applicable in the EU.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/

Use of Instagram

Functions of the Instagram service are integrated on our pages. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that as the provider of the pages, we have no knowledge of the content of the data transmitted or how it is used by Instagram. You can find more information on this in Instagram's privacy policy: https://instagram.com/about/legal/privacy/

Use of Tumblr

Our pages use buttons from the Tumblr service. The provider is Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA. These buttons allow you to share a post or page on Tumblr or follow the provider on Tumblr. When you access one of our websites with a Tumblr button, the browser establishes a direct connection to the Tumblr servers. We have no influence on the amount of data that Tumblr collects and transmits using this plugin. According to the current status, the user's IP address and the URL of the respective website are transmitted. Further information on this can be found in Tumblr's privacy policy at https://www.tumblr.com/policy/de/privacy

Use of Youtube videos

This website uses the Youtube embedding function to display and play videos from the provider “Youtube”, which belongs to Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
The extended data protection mode is used here, which, according to the provider, only initiates the storage of user information when the video(s) are played. If the playback of embedded Youtube videos is started, the provider “Youtube” uses cookies to collect information about user behavior. According to information from “Youtube”, these serve, among other things, to collect video statistics, improve user-friendliness and prevent abusive behavior. If you are logged in to Google, your data will be directly assigned to your account when you click on a video. If you do not want the assignment to your profile on YouTube, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation takes place in particular in accordance with Art. 6 Para. 1 lit.f GDPR on the basis of Google's legitimate interests in the display of personalized advertising, market research and/or the needs-based design of its website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
Regardless of the playback of the embedded videos, a connection to the Google network “DoubleClick” is established each time this website is accessed, which can trigger further data processing operations without our influence.
Google LLC, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the level of data protection applicable in the EU.
Further information on data protection at “YouTube” can be found in the provider's privacy policy at: https://www.google.de/intl/de/policies/privacy

Use of script libraries (Google Web-fonts)

In order to display our content correctly and graphically appealing across browsers, we use script libraries and font libraries such as Google Web Fonts (https://www.google.com/webfonts/). Google Web Fonts are transferred to your browser's cache to avoid multiple loading. If the browser does not support Google Web Fonts or prevents access, content will be displayed in a standard font. Calling up script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible - but currently also unclear whether and, if so, for what purposes - that operators of corresponding libraries collect data. You can find the data protection policy of the library operator Google here.

Use of Google Maps

This website uses Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes and uses data about the use of the map functions by visitors. You can find more information about data processing by Google in the Google data protection information. There you can also change your personal data protection settings in the data protection center.
Detailed instructions on managing your own data in connection with Google products can be found here.

Embedded YouTube videos

We embed Youtube videos on some of our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to Youtube servers is established. Youtube is informed about which pages you visit. If you are logged into your Youtube account, Youtube can personally assign your surfing behavior to you. You can prevent this by logging out of your Youtube account beforehand. If a Youtube video is started, the provider uses cookies that collect information about user behavior. Anyone who has deactivated the storage of cookies for the Google Ad program will also not have to reckon with such cookies when watching Youtube videos. However, Youtube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in the browser. Further information on data protection at “Youtube” can be found in the provider's privacy policy here.

Embedded Vimeo videos

Our website uses plugins from the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. The Vimeo server is informed about which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. Further information on the handling of user data can be found in Vimeo's privacy policy here.

Social Plugins

We offer you the possibility of using so-called “social media buttons” on our website. To protect your data, we rely on the “Shariff” solution for implementation. As a result, these buttons are only integrated on the website as a graphic that contains a link to the corresponding website of the button provider. By clicking on the graphic, you will be redirected to the services of the respective provider. Only then will your data be sent to the respective providers. If you do not click on the graphic, there will be no exchange between you and the providers of the social media buttons. Information about the collection and use of your data in social networks can be found in the respective terms of use of the corresponding providers. More information about the Shariff solution can be found here: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
We have integrated the social media buttons of the following companies on our website:

  • Facebook Inc. (1601 S. California Ave – Palo Alto – CA 94304 – USA)
  • Twitter Inc. (795 Folsom St. – Suite 600 – San Francisco – CA 94107 – USA)
  • Google Plus/Google Inc. (1600 Amphitheatre Parkway – Mountain View – CA 94043 – USA)
  • Instagram (1601 Willow Road, Menlo Park, CA, 94025, USA)
  • Tumblr (35 East 21st St, 10th Floor, New York, NY 10010, USA)

Amendment of our privacy policy

We reserve the right to occasionally adapt this data protection declaration so that it always meets the current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration then applies to your next visit.

Your rights as a data subject

As a data subject affected by the processing of your data, you have the following rights vis-à-vis us as the processing body:

  • Right to rectification and, if necessary, completion of your personal data processed by us
  • Right to transparent information about the handling of your personal data processed by us
  • Right to information about your personal data processed by us
  • Right to erasure and the right to be “forgotten”
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent already granted with effect for the future
  • Right to lodge a complaint with the responsible supervisory authority for data protection

You can easily exercise your rights by sending an e-mail to info[at]icheer.de. We have a legal deadline of four weeks for processing your request, which can be extended by a further four weeks in exceptional cases. We endeavor to process your request completely within the first four weeks after receipt of your request. Please note that due to legal storage periods, we may still be obliged to store certain personal data from you even after a request for deletion or “forgetting”.
The supervisory authority for data protection responsible for us is:
The Hessian Data Protection Officer
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Telephone: 06 11/140 80
E-mail: poststelle@datenschutz.hessen.de
Homepage: https://www.datenschutz.hessen.de

Validity

This data protection declaration applies indefinitely from the date of its publication. The validity of this data protection declaration is canceled by the publication of a successor data protection declaration.
Announced on: 2018-07-17

Appendix: Overview of cookies used
The following cookies are used on our pages:

Objection to advertising e-mails

The use of contact data published within the framework of the imprint obligation / data protection for sending unsolicited advertising and information materials is hereby rejected. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam e-mails.