Skip to content

Privacy policy

1. subject matter of this privacy policy

Thank you for your interest in our Internet presence and our offers on our website.

The protection of your personal data (hereinafter referred to as “data”) is a major and very important concern for us. In the following, we would therefore like to inform you in detail about which data is collected when you visit our website and use our offers there and how it is processed or used by us in the following, as well as which accompanying protective measures we have also taken in technical and organizational terms.

2. responsible body/service provider

Responsible according to Art. 4 EU-DSGVO and at the same time service provider in the sense of the Telemedia Act (TMG) is Netmusica, Mrs. Iris Wirth-Halbherr, Wackersteinweg 11, 72124 Pliezhausen, at the same time responsible according to § 18 Abs. 2 of the Interstate Media Treaty.

The office of data protection officer is held by Mr. Ulrich Emmert, Schockenriedstr. 8A, Schockenriedstr. 8A, phone +49 (0)711/469058-0, fax +49 (0)711/469058-99, e-mail datenschutz@netmusica.de.

3. collection and use of your data

We will only collect, process and use all personal data that we obtain from you in the course of your use of our website for the stated purpose. In doing so, we ensure that this only takes place within the framework of the applicable legal provisions or only with your consent.

Please contact info@netmusica.de or send us your request by post.

The data will only be processed within the EU and the European Economic Area, unless information about a transfer to third countries is provided below or directly when the data is collected, stating the respective legal basis and, if necessary, consent is requested. The provisions on the legal basis for international data transfer and the necessary requirements are available from us on request.

We do not make automated individual decisions on the processing of personal data.

The scope and type of collection and use of your data differs depending on whether you visit our website only to retrieve information or to make use of the services we offer:

a) Informational use

In principle, it is not necessary for you to provide personal data in order to use our website for information purposes only.

Rather, in this case we only collect and use the data that your Internet browser automatically transmits to us, such as:

  • Date and time of access to one of our web pages
  • Your browser type
  • the browser settings
  • the operating system used
  • the last page you visited
  • the amount of data transferred and the access status (file transferred, file not found, etc.) and
  • Your IP address.

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.

Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

Storage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the calling client.

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.

b) Use of the online store

In order to be able to place orders via this offer, each customer must set up a password-protected customer account. This contains an overview of orders placed and active order processes. If you leave the online store as a customer, you will be automatically logged out.

The operator accepts no liability for password misuse, unless this was caused by the operator himself.

All data entered by customers in the course of order processing is stored. These include:

  • Surname, first name
  • Address
  • Payment data
  • E-mail address

Data that is absolutely necessary for delivery or order processing is passed on to third-party service providers. As soon as the storage of your data is no longer required

Bank and credit card data are not processed by us. After completing your purchase in our online store, you will be forwarded directly to the selected payment provider for payment processing, where you can make the payment by entering your personal data. Paypal, Stripe and Amazon Pay are currently available to you as payment providers; please refer to points 12-14 below and their privacy policies for information on how they handle personal data.

c) Use of other offers

If you wish to make use of services offered by us on our website or after contacting us in any other way, it may be necessary for you to provide further data. These are the data that are required for the respective processing in accordance with Art. 6 I b) GDPR, otherwise we cannot provide the desired service. Further offers are listed in Appendix 2.

You can provide additional information voluntarily; input fields with optional information are marked accordingly.

Your data is collected or used for the purpose of providing the service you have requested.

If you contact the website operator using the contact options provided, your details will be stored so that they can be used to process and respond to your inquiry. This data will not be passed on to third parties without your consent.

If you leave a contribution or comment on this website, your IP address will be saved. This is for the website operator’s security: if your text violates the law, they want to be able to trace your identity.

If the provision of data is required by law, we will inform you of this.

Your data may be passed on to service providers supporting us for the aforementioned purpose, which we have of course carefully selected and obliged to comply with the EU General Data Protection Regulation.

Otherwise, your data will only be passed on to other third parties if this is permitted by law or if we have received your explicit consent to do so.

4. data protection consent

We may require your consent to the processing of your data in accordance with Art. 6 I a GDPR. We guarantee that we will only process and use the data for the purpose stated at the time of collection.

You can give your consent separately in connection with the respective data collection. You can revoke your consent at any time with effect for the future.

Consent in relation to newsletters is governed by § 5, for cookies or advertising trackers by § 6 of this declaration below.

5th Newsletter

In order to register for our e-mail newsletter service, we require at least your e-mail address to which the newsletter is to be sent in addition to your consent under data protection law in accordance with Art. 6 I a GDPR. Any further information is optional and is used to address you personally and to personalize the content of the newsletter and to clarify any queries about the e-mail address. we use the data exclusively for sending the newsletter.

We generally use the so-called double opt-in procedure for sending newsletters, i.e. We will only send you the newsletter if you first confirm your registration via a confirmation e-mail sent to you for this purpose using the link contained therein. This is to ensure that only you, as the owner of the e-mail address provided, can subscribe to the newsletter. You must confirm this promptly after receiving the confirmation e-mail, otherwise your newsletter registration will be automatically deleted from our database.

If you purchase goods or services from us and enter your e-mail address, we may subsequently use it to send you a newsletter. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter. The legal basis for sending the newsletter as a result of the sale of goods or services is Art. 6 I f GDPR in conjunction with Section 7 para. 3 UWG.

You can unsubscribe from our newsletter at any time. To do so, you can either send us an informal e-mail to info@woerwag.de or use the link at the end of the newsletter to cancel your subscription.

6. use of cookies

We use cookie technology for our website. Cookies are small text files that are sent from our web server to your browser when you visit our website and are stored on your computer for later retrieval. The purpose of using technically necessary cookies (session cookies) is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies.

The use of analysis cookies or web beacons (small graphics for log evaluation) is for the purpose of improving the quality of our website and its content and to recognize visitors. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer.

We do not pass on cookie information to third parties.

You can determine yourself whether cookies can be set and retrieved by changing the settings in your browser. For example, you can completely deactivate the storage of cookies in your browser, restrict it to certain websites or configure your browser so that it automatically notifies you as soon as a cookie is to be set and asks you for feedback. You can also delete the cookies in your browser at any time. For the full functionality of our website, however, it is necessary for technical reasons to allow the aforementioned session cookies.

We use a login area. These are technically necessary cookies for the operation of the online store.

We do not offer the option of registering with us via a third-party service provider

In accordance with Art. 13 of the EU Data Protection Regulation, we will obtain your consent in advance for the use of non-technically necessary cookies in accordance with Art. 6 I a GDPR.

7. website analysis tool Matomo (formerly Piwik)

This website uses the open source web analytics service Matomo. Matomo uses technologies that enable the cross-page recognition of the user for the analysis of user behavior (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymized before it is saved.

With the help of Matomo, we are able to collect and analyze data about the use of our website by website visitors. This allows us to find out, among other things, when which page views were made and from which region they come. We also record various log files (e.g. IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).

The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

IP anonymization

We use IP anonymization for the analysis with Matomo. Your IP address is shortened before the analysis so that it can no longer be clearly assigned to you.

Hosting

We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on to third parties.

8. right of objection

In accordance with Art. 21 EU GDPR, you can object to the processing of your data in the cases specified therein; this applies in particular in cases of processing carried out on the basis of Art. 6 I e or Art. 6 I f or in the form of direct advertising or profiling.

9. data security

We also use technical and organizational security measures to protect personal data that is generated or collected, in particular against accidental or intentional manipulation, loss, destruction or attack by unauthorized persons. Our security measures are continuously improved in line with technological developments.

We provide you with various online forms and services with which you can send personal data to us. These forms are protected against access by third parties through the use of TLS encryption from version 1.2. The data that you enter or send to us as a file may be stored by us and processed by agreement. If the use and processing requires the consent of the user or third parties, the consent can be revoked at any time without giving reasons. In this case, however, the fulfillment of the contract by us may be impaired.

Depending on the service, you may be asked to make various entries to identify or prevent misuse:

a) A user-defined identifier or other suitable authentication may be required for identification when delivering data. The data is protected against access by third parties via SFTP or HTTPS in accordance with Art. 32 I a and b GDPR, provided the user uses the methods of data transmission recommended by us.

b) To prevent use by machines, so-called CAPTCHAS can be used in accordance with Art. 32 I b GDPR, which contain images or tasks that cannot be processed by computer scripts.

10. deletion periods

We only store personal data until the purpose of the data storage no longer applies. This does not apply if the user has voluntarily consented to a longer processing of the data or if statutory retention periods or the possible pursuit of legal claims within limitation periods that have not yet expired prevent the deletion (in the case of conflicting retention or limitation periods, it may be necessary to restrict the processing of the data in accordance with Art. 18 EU GDPR).

11. rights of data subjects

Under the applicable laws, you have various rights regarding your personal data. If you would like to assert these rights, please send your request by e-mail or by post, clearly identifying yourself, to the above address of the controller.

Below you will find an overview of your rights.

a) Right to confirmation and information

b) Right to rectification

c) Right to erasure (“right to be forgotten”)

d) Right to restriction of processing

e) Right to data portability

f) Right of objection

g) no automated decisions including profiling

h) Right to withdraw consent under data protection law

i) Right to lodge a complaint with a supervisory authority in the EU

The competent supervisory authority is the State Commissioner for Data Protection, Lautenschlagerstr. 20, 70182 Stuttgart

.

12. payment processing via Amazon Pay

We offer the option of processing the payment transaction via the payment service provider amazon pay (Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to Amazon Payments insofar as it is necessary for the fulfillment of the contract (Art. 6 para. 1 lit b. GDPR).

First name Last name Address E-mail address Telephone number

The processing of the data specified in this section is not required by law or contract. We cannot process a payment via amazon pay without the transmission of your personal data. [You have the option of choosing a different payment method.]

Amazon Payments Europe reserves the right to carry out a credit check to ensure your willingness and ability to pay. This corresponds to the legitimate interest of Amazon Payments Europe (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). Your data will be passed on to credit agencies and online retailers for this purpose. In addition, your data may be used for interest-based advertising and marketing purposes by amazon pay if you have consented to this in your account settings https://www.amazon.de/adprefs. We have no influence on this process and only receive the result of whether the payment was carried out or rejected.

Further information on objection and removal options vis-à-vis Amazon Payments Europe can be found at: https://pay.amazon.de/help/201212490.

13. payment processing via PayPal

We offer the option of processing the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to PayPal insofar as it is necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b. GDPR).

First name, last name, address, e-mail address, telephone number

The processing of the data specified in this section is not required by law or contract. We cannot process a payment via PayPal without the transmission of your personal data. [You have the option of choosing a different payment method.]

PayPal carries out a credit check for various services such as payment by direct debit to ensure your willingness and ability to pay. This corresponds to PayPal’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). Your data (name, address and date of birth, bank account details) will be passed on to credit agencies for this purpose. We have no influence on this process and only receive the result of whether the payment has been made, rejected or is pending verification.

Further information on objection and removal options vis-à-vis PayPal can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Your data will be stored until the payment process has been completed. This also includes the time required to process refunds, receivables management and fraud prevention.

14. payment processing via Stripe

We offer the option of processing the payment transaction via the payment service provider Stripe, ℅ Legal Process, 510 Townsend St., San Francisco, CA 94103 (Stripe). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to Stripe insofar as it is necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b. GDPR).

Name of the cardholder

E-mail address

Customer number

Order number

Bank details

Credit card details

Period of validity of the credit card

Credit card verification number (CVC)

Date and time of the transaction

Transaction amount

Name of the provider

Location

The processing of the data specified in this section is not required by law or contract. We cannot process a payment via Stripe without the transmission of your personal data. [You have the option of choosing a different payment method.]

Stripe assumes a dual role as controller and processor for data processing activities. As the controller, Stripe uses your submitted data to fulfill regulatory obligations. This corresponds to the legitimate interest of Stripes (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). We have no influence on this process.

Stripe acts as a processor in order to complete transactions within the payment networks. Within the scope of the order processing relationship, Stripe acts exclusively in accordance with our instructions and has been contractually obliged to comply with the data protection regulations within the meaning of Art. 28 GDPR.

Stripe has implemented compliance measures for international data transfers. These apply to all global activities in which Stripe processes personal data of natural persons in the EU. These measures are based on the EU standard contractual clauses (SCCs).

Further information on objection and removal options vis-à-vis Stripe can be found at: https://stripe.com/privacy-center/legal

Your data will be stored by us until the payment process has been completed. This also includes the time required to process refunds, receivables management and fraud prevention.

15. google web fonts

Google Web Fonts are integrated locally, so there is no data transfer to Google Inc. takes place.

16. data protection information for our Facebook and Instagram pages:

We are jointly responsible with Meta Platforms Ireland Limited for the collection (but not the further processing) of data of visitors to our Facebook page (so-called “fan page”). This data includes information about the types of content users view or interact with, or the actions they take (see “Things you and others do and provide” in the Facebook Data Policy: https://www.facebook.com/policy), as well as information about the devices used by the users (e.g. B. IP addresses, operating system, browser type, language settings, cookie data; see under “Device information” in the Facebook Data Policy: https://www.facebook.com/policy). As explained in the Facebook Data Policy under “How do we use this information?”, Facebook also collects and uses information to provide analytics services, known as “Page Insights”, for page operators to help them understand how people interact with their pages and the content associated with them. We have concluded a special agreement with Facebook (“Information on Page Insights”, https://www.facebook.com/legal/terms/page_controller_addendum), which regulates in particular which security measures Facebook must observe and in which Facebook has agreed to fulfill the rights of data subjects (i.e. users can, for example, send information or deletion requests directly to Facebook). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with Facebook. Further information can be found in the “Information on Page Insights” (https://www.facebook.com/legal/terms/information_about_page_insights_data); Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Website: https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; Standard Contractual Clauses (Safeguarding the level of data protection when processing data in third countries): https://www.facebook.com/legal/EU_data_transfer_addendum; Further information: Agreement on joint controllership: https: //www.facebook.com/legal/terms/information_about_page_insights_data.

17. data protection information for our Twitter page:

Twitter is a social network operated by the service provider Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, the parent company is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; The privacy policy: can be found at https://twitter.com/privacy,(settings at: https://twitter.com/personalization).

18. data protection information for our YouTube page:

YouTube is a social network and video platform offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, the parent company is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The privacy policy can be found at https://policies.google.com/privacy, an opt-out option is available at https://adssettings.google.com/authenticated.