LOOK BEHIND YOU (Barbat & Neumann GbR) (hereinafter referred to as “LOOK BEHIND YOU”) takes the protection of its customers’ personal data very seriously. It is important to us that you have confidence in LOOK BEHIND YOU’s protection of your personal information at all times, and that you understand how LOOK BEHIND YOU uses your information while safeguarding your privacy.
With this data protection information we inform you about the processing of personal data (hereinafter: data) by the LOOK BEHIND YOU when you visit the website www.lookbehindyou.de or order goods in the webshop.
1. contact details of the responsible person
LOOK BEHIND YOU (Barbat & Neumann GbR)
Tel.: 02224 / 89 829 85
2. contact details of the data protection officer
Mr. Nico Barbat
3. processing of personal data
The use of your data is governed by the applicable legal provisions, in particular the General Data Protection Regulation (hereinafter: DSGVO).
3.1 Orders in the webshop
Why and on what legal basis is data processed?
When you place an order in our online store, the data required to establish a contract and to process your order, i.e. first and last name, billing and, if applicable, delivery address, e-mail address and, if applicable, your account details or credit card number are processed (customer data). The data is processed for the purpose of assigning your order to your person, the delivery of the ordered goods, if necessary, the invoice dispatch, the payment processing and the clarification of possible legal claims. The legal basis for this is Art. 6 para. 1 b) DSGVO. When purchasing e-books, for legal reasons we must apply the VAT of the country in which the download takes place. We therefore determine your IP address for country identification. The legal basis for this is Art. 6 para. 1 c) DSGVO.
If you order magazines as student or preferential subscriptions, the proof you send us for this purpose will also be processed.
If you wish, you can create a customer account for future orders (registration). In doing so, your customer data will be stored for use also for future orders in our online store, so that you do not have to enter them again. For registration, it is also necessary to provide a user ID and password (access data) so that only you can log into your customer account. We may use the data provided by you during registration in accordance with Art. 6 para. 1 b) DSGVO, insofar as this is necessary for the establishment or performance of a contract. Furthermore, we may use the data in accordance with Art. 6 para. 1 f) DSGVO, as we would like to simplify your future orders.
Furthermore, we may use data that you have voluntarily provided to us when placing an order or registering in accordance with Art. 6 para. 1 a) and, if applicable, also f) DSGVO, provided that you have consented to this processing. This is, for example, your phone number or the reason for your order. This voluntary information is processed in order to contact you more quickly in the event of delivery difficulties and for internal market research purposes. The legal basis for this is Art. 6 para. 1 a) and, if applicable, f) DSGVO. We have an interest in knowing the reason for your order for market research purposes.
Will data be shared?
For the following purposes, we also transfer the data, at least in part, to the following processors and other recipients:
- Publisher Deliveries: This company handles delivery, invoicing and fulfillment of tax retention obligations on our behalf.
- Payment service providers such as credit card companies (e.g. telecash, stripe, VISA, Mastercard): When ordering books, the invoice amount and a pseudonymous transaction code are transmitted for payment processing when paying by credit card.
- PayPal (Europe) S.à r.l. & Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg): If you have chosen the PayPal payment method, the invoice amount and a pseudonymous transaction code are transmitted to PayPal for payment processing.
- TrustedShops GmbH (Subbelrather Straße 15c, D-50823 Cologne, Germany): Your e-mail address and the invoice amount are passed on to TrustedShops if you have opted for an optional so-called “Buyer Protection” and clicked on “Buyer Protection” in the TrustedShops banner.
- Collection agencies: A transfer is only made for the collection of receivables from customers who do not pay their purchase price.
- Further processors or recipients see below under 3.6.1
Do I have to provide my data?
The provision of your data is neither legally nor contractually required. However, for a contract with us at least the indication of your name, address and e-mail address is required. Otherwise, we would not be able to send the order and invoice to your address and send you an order confirmation by e-mail. For all payment methods with the exception of a purchase on account, it is necessary to provide payment information, otherwise we would not be able to charge your account or credit card with the agreed price. All other information and registration are not required for a contract with us. However, providing us with your phone number will make it easier for us to contact you quickly in case of delivery problems.
When will my data be deleted at the latest?
We may store data until the final settlement of the respective contract. In the case of purchase contracts, we may store data until receipt of payment and beyond that for up to two years after delivery. If the storage is necessary to fulfill our legal obligations according to Art. 6 para. 1 c) DSGVO in conjunction with the German Commercial Code or the German Fiscal Code, we are entitled to store data until the expiry of the retention periods specified therein. The data provided as part of a registration will be deleted either at your request or at the latest 4 years after the last order, unless we are entitled to store it longer for the reasons stated above.
What are the sources of my data?
As a rule, you provide us with your data yourself. We also receive the following data from the following sources: Payment service provider (payment confirmation, anonymized transaction number, invoice amount as well as the name, e-mail address and postal address stored with the payment service provider).
We also use your data to send advertising or e-mail advertising for our products, provided you have been our customer for the last two years, you have given us your postal address or e-mail address and you have not objected to the advertising (for your right to object, see 4.4). The processing of the data is based on Art. 6 para. 1 f) GDPR. We have a legitimate economic interest in sending our existing customers advertising by mail or e-mail.
If and to the extent that you contact us by e-mail, letter, telephone, fax or via social media platforms and wish to request information about your orders, it may be necessary for you to provide us with data such as name, address, year of birth, order or invoice number in order to process your request. This data will only be used to verify your identity and process your request. The legal basis is Art. 6 para. 1 p. 1 b) GDPR.
Your data will be used for the purpose of deciding on the establishment of an employment relationship on the basis of Art. 6 para. S. 1 a) and Art. 88 DSGVO in conjunction with. § 26 para. 1 p. 1 BDSG processed. They remain stored with us for the purpose of processing the application procedure for a maximum period of 6 months after completion of the application procedure and are then deleted. Processing beyond this is permitted for the purpose of establishing and implementing an employment relationship in accordance with the above-mentioned legal basis, provided you take up employment with us after completing the application process.
The provision of your personal data is neither contractually nor legally required. However, an online application necessarily requires the transmission and storage of data. If you provide us with unsolicited special categories of data that include information about your origin, political, religious or ideological beliefs, trade union membership, health or sex life, you also consent to the processing of this data. We ask that you do not provide such data to us.
If you have ordered a newsletter from the publisher, we process your e-mail address for the purpose of sending you our newsletter on a regular basis. In addition, it is necessary that you name at least one of the areas of interest that you would like to be informed about when ordering the newsletter. After ordering the newsletter, you will receive an email from us with a link to verify your email address.
The legal basis for the dispatch is your consent, which you gave us when ordering the newsletter (Art. 6 para. 1 a) DSGVO). The provision of your data is not mandatory. However, in order to send a newsletter, it is necessary to provide your e-mail address. The provision of your name, title and place of residence are voluntary and serve the purpose that we can address you personally and refer you to events near your place of residence. Your data, which you have provided in the context of ordering the newsletter, will be deleted as soon as you have unsubscribed from the newsletter. You can unsubscribe from the newsletter at any time, e.g. by clicking on the corresponding unsubscribe link at the end of a newsletter (to revoke your consent, see 4.5).
3.6 Visitors to the website
3.6.1 Creating log files
When you visit this website, we
- the IP address of your computer or mobile device,
- the date and time of your visit,
- the names of the files you have accessed and the amount of data transferred,
- the type of operating system and web browser used, including language settings,
- the website from which you reach our website (referrer URL)
stored in a log file for 6 months. The storage of a large amount of this data is necessary for technical reasons to display the website on your device and to ensure system security. This data is also analyzed anonymously for statistical purposes and to improve our website. We do not link this data with your other personal data.
This data is partially transferred to the following processors and other recipients for the following purposes:
- IONOS SE (Elgendorfer Str. 57, 56410 Montabaur): Hosting of the server for our website www.lookbehindyou.de on our behalf
The processing of this data takes place on the basis of Art. 6 para. 1 f) DSGVO. Insofar as Google Analytics is used in the process, 3.6.3 also applies. We have a legitimate interest in ensuring that our website is displayed correctly to you, that we can quickly identify and rectify the causes in the event of malfunctions and hacker attacks, and that we evaluate this data anonymously for statistical purposes. The provision of this data is neither legally nor contractually required; however, it is not possible to use the website without processing much of this data for technical reasons.
We also use session cookies and permanent cookies on our website. Cookies are small files that contain an identification number assigned by us. Cookies are stored on your computer or mobile device when you visit our website. If you visit our website again, your computer or mobile device can be recognized by this identification number.
Session cookies make it easier for you to navigate through our website. They allow items that you have added to the shopping cart to remain stored there and you remain logged in as a registered customer, even if you have successively called up different Internet pages. Persistent cookies help us tailor the design and content of our website to your expectations by logging your browsing behavior on our website. This data is pseudonymized and not stored together with your other data.
We are permitted to set session cookies in accordance with Art. 6 para. 1 f) DSGVO entitled. Session cookies are deleted after closing the browser. Permanent cookies for analysis purposes are used on the basis of Art. 6 para. Permanent cookies are valid for up to 24 months and are then deleted.
3.6.3 Third-party cookies
Note on processing of your data collected on this website in the USA: In this context, we also use service providers in third countries outside the EU without an adequate level of data protection, which entails the following risks: Access by authorities without information, no data subject rights, no legal remedies, loss of control.
3.7 Facebook pages at facebook.com
Who is responsible?
LOOK BEHIND YOU and Facebook Ireland Ltd. (contact details) are jointly responsible for the processing of your personal data (data) on the Facebook pages. If you have any questions about data protection, you can contact the Facebook data protection officer or our data protection officer at email@example.com. For general information about Facebook privacy, click here.
Why is my data processed?
Where does the data come from?
If you write us a message via Facebook, we will receive your data from you. If you like, share or comment on our Facebook page, we will receive this information along with the name you used to register on Facebook. Incidentally, we only receive anonymous statistics from Facebook; they do not contain any data about you.
Who gets my data?
Your data that accrues when you visit this Facebook page is received by Facebook. It cannot be ruled out that data will also be transmitted to the USA.
What are my legal rights regarding my data?
You can exercise your rights against Facebook or us. We will forward your requests to Facebook. You have the right to request information. You also have the right to have your data deleted, blocked, corrected and transferred. You can revoke consents. If your data is processed according to Art. 6 para. 1 f) DSGVO, you have the right to object under the conditions of Art. 21 DSGVO. You have the right to complain to a data protection authority.
3.8 Visitors coming from affiliate websites
If you access our website from a third-party website via an affiliate link installed there, we store (in addition to the data under 3.6) the recognition code of this third-party website with your order data when you order something on our website in order to be able to remunerate the operator of the affiliate website (sponsored link, advertising link).
4. rights of the persons concerned
If your data is processed by us, you are a data subject within the meaning of the GDPR and you are entitled to the following rights against the controller. All these rights can be exercised by sending an e-mail to firstname.lastname@example.org or to the addresses mentioned in points 1 and 2.
4.1 Right to information and data portability
According to Art. 15 DSGVO, you have the right to request information about this from us,
– whether we have stored data about you, and if so, what data we have stored and for what purposes,
– where this data comes from
– and to which recipients or categories of recipients, if any, this data will be disclosed.
According to Art. 21 DSGVO, you have the right to receive your data transmitted to us on the basis of consent or a contract, provided that the processing is automated. If you wish and if this is technically possible, we will transmit this data to a third party.
4.2 Right to rectification
You have a right to have your data corrected and/or, under certain circumstances, completed vis-à-vis the data controller if the data concerning you is incorrect or incomplete (Art. 16 DSGVO).
4.3 Right of deletion or blocking
You have the right that we delete your data under the conditions of Art. 17 DSGVO or block it according to Art. 18 DSGVO. If you delete your customer account with LOOK BEHIND YOU, we will delete your data unless we are entitled to store it for the purpose of fulfilling outstanding contracts, asserting legal claims or complying with statutory obligations.
4.4 Right of objection
Insofar as we use data to protect our interests exclusively on the basis of Art. 6 para. 1 f) DSGVO, you have the right to object to the processing of your data on grounds relating to your particular situation. If you object, we will no longer process the data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to enforce legal claims.
Furthermore, you can object to the processing of your data for advertising purposes at any time without incurring any costs other than the transmission costs according to the basic rates. You can object to the sending of advertising e-mails at any time free of charge, for example by clicking on the corresponding unsubscribe link at the end of an advertising e-mail. An objection will also result in you no longer receiving newsletters after 3.5.
4.5 Right to revoke consent
If you have consented to the use of your data for a specific purpose, you can revoke this consent at any time. A revocation has no disadvantages for you. The revocation can be declared in an e-mail to email@example.com. The revocation does not affect the lawfulness of the processing until the revocation. After revocation, the data covered by the revocation will no longer be processed for the purpose covered by the consent.
4.6 Right to complain to a supervisory authority
You have the right to lodge a complaint with a supervisory authority, in particular with the State Commissioner for Data Protection and Freedom of Information, Hintere Bleiche 34, 55116 Mainz.
Insofar as we refer on our Internet pages under lookbehindyou.de with the help of links to Internet pages that are not operated by us, we are not responsible for compliance with data protection provisions on these Internet pages.
Personal data that is exchanged between you and us via our Internet pages at lookbehindyou.de is generally transmitted via encrypted connections. In addition, we take technical and organizational security precautions to protect the data we have under our control against manipulation, loss, destruction or against access by unauthorized persons. Please note, however, that we cannot guarantee complete data security when communicating by e-mail, so we recommend that you send confidential information by post.