Which data we process, and for what purposes, for example when you visit the kioknitting.com website, buy something, or contact our Customer Service.
Which internet technologies are used on kioknitting.com and what settings you can put in place in response to them.
What data protection rights you have and whom you can contact.
1. CONTROLLER AND CONTROLLER’S CONTACT DETAILS
The controller under the terms of the European General Data Protection Regulation (GDPR) for the processing of data in connection with kioknitting.com is SARL PST with registered office in France at 17, rue d’Estienne d’Orves 92260 Fontenay aux Roses 3, business register number 494 966 328, and VAT number FR 07494966328. (“we” or “us”).
You will find further information about us and our complete contact details in the imprint.
Should you have questions or any requirements relating to data protection, our Data Protection Officer will be glad to help: just send an e-mail to firstname.lastname@example.org or use the contact information set out in the imprint (by post please mark “FAO Data Protection Officer”).
2. WHEN USING OUR WEBSITE
2.1. General notes on purposes of processing
Every time our website is accessed, particular items of technical information are transmitted by your browser to the servers on which the content you have requested is stored (e.g. name of file requested, date and time of access, type of browser used, internet sites viewed, error messages) and online identifiers (e.g. IP address, cookie IDs, device identifiers). We process these access data in order to run our website (legal basis for this is Article 6(1)(b) of the GDPR).
For administrative and statistical purposes, and to guarantee our IT security, access data are stored in logfiles on the server and evaluated in anonymised form for the foregoing purposes (the legal basis for this is Article 6(1)(f) of the GDPR). Logfiles do not contain any personal data or online identifiers. It is therefore not possible to identify you by means of these logfiles or to trace which content you have requested on our website.
Beyond this, data relating to your person (e.g. your name, your contact details) are only transmitted to us if you actively and deliberately supply us with this information for particular purposes. This is the case, for instance, when registering, when ordering goods, and when sending messages to our Customer Service. In such cases, we shall process your information only to the
extent as is necessary for the purpose in question, i.e. particularly in order to process orders and requests as part of our customer service (the legal basis for this is Article 6(1)(b) of the GDPR);
that you have expressly agreed to this, i.e. you have given us a declaration of consent, for instance by ordering our newsletter (the legal basis for this is Article 6(1)(a) of the GDPR);
necessary to pursue our legitimate interests and those of third parties, e.g. in carrying out market research, direct marketing and optimisation of business processes in compliance with statutory regulations (the legal basis for this is Article 6(1)(f) of the GDPR);
required because we have a legal duty of data processing, e.g. pursuant to duties of storage under commercial and tax law.
2.2. Processing orders
We shall store and use your order data to perform the associated purchase contract by sending the goods ordered, and to handle further contract administration, including returns and guarantee management. In the course of order handling (e.g. payment, shipping) your data will also be transmitted to third parties, such as outside payment service providers (e.g. PayPal, Stripe) and parcel services, insofar as this is necessary to carry out your order (the legal basis for this is Article 6(1)(b) of the GDPR). Under https://kioknitting.com/customer-care-3/ you will find an overview and further details on our transport service providers and the payment options we accept.
2.3. Use of your e-mail address for marketing purposes
If you have already bought goods on kioknitting.com, we shall use your data to the extent allowed by law to dispatch e-mails containing marketing information for similar products and services (the legal basis for this is Article 6(1)(f) of the GDPR, grounded on our legitimate interest in direct marketing within existing customer relationships).
You can object to this use of your e-mail address for marketing purposes at any time without incurring any costs other than the transmission costs under the basic tariffs. For this purpose you will find a disablement link in each marketing e-mail. Alternatively, you can direct your objection to the contact details set out in the imprint.
On our website, you have a facility to send us your e-mail address and further information voluntarily in order to receive our Newsletter regularly by e-mail in future, with features about new products and offers on kioknitting.com.
For ordering Newsletter, we use the double opt-in procedure, since we must be able to certify that you are actually the holder of the e-mail address provided. This means, once your e-mail address has been provided, that we shall send you a confirmation e-mail to the e-mail address stated, in which we shall ask you to confirm your e-mail address. (The legal basis for the foregoing data processing is Article 6(1)(a) of the GDPR, based on your declaration of consent).
Newsletter contains normal market technologies, such as invisible pixels and pseudonyms (random identification numbers), by which we can record usage of Newsletter by its readers. This helps us to understand which content is particularly attractive and which products and topics are particularly interesting to our readers. The data captured are always stored only under a pseudonym and not merged with other data about yourself (e.g. customer number, name, address, order data). (The legal basis for this is Article 6(1)(f) of the GDPR, grounded on our legitimate interest in measuring the reach and demand-led design of our website).
You can unsubscribe from Newsletter at any time by clicking the “unsubscribe” link contained in every issue. Alternatively, in order to unsubscribe you can communicate with the contact details set out in the imprint. If you unsubscribe, we shall erase your e-mail address and any data provided voluntarily when you registered for Newsletter. Please note that any data which you have sent us for registration or when making an order will not be affected by the erasure when unsubscribing from Newsletter.
“Cookies” are used on our website. Cookies are small, standardised text files which are automatically stored by your browser for a set period when our internet pages are first visited. When visiting the same internet sites later, your browser tells the server which text the previously stored cookie contains. Along with a statement of its particular storage period, a cookie typically contains information about your individual system settings or a random series of signs as an identification number, enabling Kioknitting to recognise your browser during later visits and thus to link it to a previous visit.
The cookies which we use are placed by us or by third parties (e.g. advertising partners, service providers). Our own cookies (“Kioknitting cookies”) serve the technical realisation of interactive user functions, designed to make use of Kioknitting .com more convenient and more user friendly. For example, cookies enable you to fill your virtual shopping basket with orders during your visit to Kioknitting.com and to manage it, while ensuring that your page settings (e.g. language, country, method of payment) are preserved (the legal basis for this is Article 6(1)(b) of the GDPR).
You can configure your browser that storage of cookies during your visit to Kioknitting.com is prevented in general or only on our website. We must point out, however, that in this way the usability of our website is significantly restricted. Instructions are usually provided by the browser developers. Here are some selected examples:
With the aid of web-analysis services we capture statistical information on the general use of our website, in order to make our service continually more user friendly, to monitor the success of our online advertising, and to undertake market research.
For this purpose we employ the following web-analysis services (the legal basis for this is in each case Article 6(1)(f) of the GDPR)
4.1. Google Analytics
Google will use this information on this website operator’s behalf in order to analyse your use of the website, to compile reports on website activity, and to supply further services to the website operator associated with use of the website and internet. It is these purposes which are served by our legitimate interest in the said data processing. The legal basis for the use of Google Analytics is Article 6 (1) (f) of the GDPR. The data which we send and which is linked with cookies, user identifications (e.g. user ID) or marketing IDs are automatically erased after 36 months. Erasure of data whose retention period has been reached is carried out automatically once a month. You will find more detailed information on terms and conditions of use and on data protection at https://www.google.com/analytics/terms/gb.html
Disabling Google Analytics:
You can object at any time to the production and evaluation of pseudonymous user profiles by Google. To do this, you have the following options:
You can adjust your browser that cookies from Google Analytics are blocked (see Section 3).
You can insert a disablement cookie by clicking here: Disable Google Analytics.
You can install the disablement plug-in supplied by Google at http://www.google.com/settings/ads/plugin on your Firefox, Internet Explorer or Chrome browsers (this option does not work on mobile devices).
Please note that disablement via disablement cookie or disablement plug-in only applies to the browsers via which the objection was issued. If you erase the disablement code manually or use another browser, the objection must be issued again.
5. ONLINE ADVERTISING
We use access data accrued when you visit our website for the insertion of personalised advertising in the online sites of other providers (retargeting). In this way we wish to present you with advertising which reflects your actual interests and is thus more useful to you. For this purpose we also participate in the relevant advertising networks e.g. of Google (Google Advertising Network) and Microsoft (provider of the Bing advertising network). This enables us to insert advertisements in other online sites which likewise participate in these advertising networks. If you visit kioknitting.com and other websites which are likewise contractual partners of the provider concerned, a third-party cookie is placed, by means of which particular access data, from which your interests can be deduced, are channelled to the providers in question. In this way the advertising networks can take your interests into account when selecting advertisements which are displayed to you in the advertising slots on other online sites.
The legal basis for the data processing set out below is Article 6(1)(f) of the GDPR, grounded on our legitimate interest in undertaking personalised advertising which reflects your interests.
As set out below, you can disable the use of personalised advertisements, based on your access data accrued during use of kioknitting.com, by the providers whom we employ. For many providers and advertising networks you can also disable the personalisation of advertisements on a central site:
Please note that you cannot prevent the use of advertisements by issuing your objection. Your objection only means that no personalised advertising will be displayed to you.
We use the retargeting technologies provided by sociomantic labs GmbH, Paul-Lincke-Ufer 39/40, 10999 Berlin (“Sociomantic”).
You can prevent data capture by sociomantic by clicking on the following link and activating the “Opt-out” check box provided there: https://www.sociomantic.com/privacy/de/. This will save an opt-out cookie in your browser which tells sociomantic that no data must be captured or processed about your usage patterns.
We also use the retargeting service provided by Criteo S.A., Rue Blanche, 75009 Paris, France (“Criteo”).
You can prevent data capture by Criteo by clicking on the following link and activating the “Opt-out” check box provided there: http://www.criteo.com/privacy/. This will save an opt-out cookie in your browser which tells Criteo that no data must be captured or processed about your usage patterns.
We use the “Custom Audiences” retargeting function provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). For this purpose, “Facebook pixels” have been incorporated on our website. If you visit our website, a connection is established via the Facebook pixel between your browser and the Facebook server and a cookie is placed. In this way Facebook receives the information that you have visited our web page with your IP address. Facebook will use this information to provide us with statistical and anonymous data on the general use of our website and on the efficacy of our Facebook ads. If you are a member of Facebook and have allowed Facebook to do this via the privacy settings of your account, Facebook will in addition link the information captured about your visit on our site with your member account and use it for targeted advertising.
If you wish to prevent the personalisation of Facebook Ads via the Facebook pixel, please click on the following link:
This will save an opt-out cookie in your web browser’s memory which from the next page visit prevents your data from being captured on this website by the Facebook pixel. Please note that you must activate the link again if you have erased the cookie from your web browser’s memory or you visit this website with another web browser or device. Our opt-out cookie does not prevent data capture by the Facebook pixel on other websites.
Nevertheless, from now on – even if you are not a Facebook member – you can prevent data capture by Facebook by clicking the “disable” button for Facebook on the YourOnlineChoices website of the European Interactive Digital Advertising Alliance:http://www.youronlinechoices.com/de/praferenzmanagement/. If you disable data capture by Facebook, Facebook will only show you Facebook Ads that are not selected on the basis of the information about you captured via the remarketing tag.
5.4. Google DoubleClick and GA Audience
We also use Google’s Audience function on our website (“GA Audience”). This function enables Google to approach you on our behalf with personalised advertising when you visit websites of other providers which are likewise participating in the Google advertising network. For this purpose Google uses the usage profiles and cookies generated pseudonymously by Google Analytics when you are using our website (see Section 4.1), to draw conclusions about your interests. On the basis of these pseudonymised usage profiles Google can present you with personalised advertisements on the websites linked to the Google advertising network (e.g. Google can present you with advertisements for offers by kioknitting.com, because you recently visited our website).
You can disable the processing of your data for personalised online advertising as part of the Google advertising network at any time. There are various possible ways of doing this:
You can change your advertising settings at Google on https://www.google.de/settings/ads.
You can install Google‘s free disablement plug-in on your Firefox, Internet Explorer or Google Chrome browser at the following link: http://www.google.com/settings/ads/plugin (this does not work for mobile devices).
Moreover you can disable personalised advertising by Google and many other providers which are part of the “Your Online Choices” self-regulation campaign centrally on the following website:
6. SOCIAL PLUG-INS
7. FURTHER TRANSMISSION OF YOUR DATA TO THIRD ARTIES
7.1. General notes on further transmission of data
We pass on your data only in the following cases:
If you have given your express consent thereto under Article 6(1)(a) of the GDPR.
If such further transmission is allowed and is required under Article 6(1)(b) of the GDPR for handling contractual relations with yourself or for executing precontractual actions effected at your request (e.g. passing on your delivery address to forwarding agents or customs).
If we have a legal duty to pass them on under Article 6(1)(c) or (e) of the GDPR, in particular if we have a duty of disclosure to an official body (e.g. the tax authorities).
If such further transmission is necessary under Article 6(1)(f) of the GDPR in order to assert, exercise or defend legal claims and no grounds exist for assuming that you have a protective interest in your data not being passed on which outweighs other considerations (e.g. further transmission to a collection agency as part of receivables management).
7.2. Further transmission to external service providers
Insofar as we pass on data to our service providers, these providers may only use these data to carry out their tasks. Any processing of your data by the service providers so commissioned will be carried out under a processing agreement pursuant to Article 28 of the GDPR. We choose and commission these service providers carefully. They are contractually bound to follow our instructions, have suitable technical and organisational measures for the protection of data subjects’ rights, and are monitored by us regularly.
8. LINKS TO OTHER WEBSITES
9. DATA SECURITY
Kioknitting.com has taken technical and organisational measures to guarantee that the systems of Kioknitting.com are protected against misuse and the personal data of its users against loss, manipulation and unauthorised access. Transmission between our website and your browser is encrypted. For this purpose we use “secure socket layer” transmission (SSL). In this way your data cannot be read by unauthorised third parties during transmission on the internet. Most up-to-date browsers support this encryption technology.
Please note that communication by e-mail with Kioknitting is non-encrypted, so that e-mail correspondence may possibly be read by third parties without authorisation on the transmission channel.
10. PERIOD OF STORAGE
(The legal basis for the saving of your data for purposes of fulfilling statutory duties of storage is Article 6(1)(c) of the GDPR).
11. YOUR DATA PROTECTION RIGHTS
Under data protection law you enjoy the following statutory data protection rights. To assert these rights you can contact us or our Data Protection Officer (see Section 1) directly at any time:
You have the right at any time to require information about the processing of your personal data by us. In providing this information we shall explain our data processing to you and provide you with an overview of the data stored relating to your person.
Should data stored with us be incorrect or no longer up-to-date, you enjoy the right to have these data corrected.
You can also require the erasure of your data. Should in the exceptional case such erasure not be possible due to other legal regulations, the data will be blocked, so that they are only available from now on for this statutory purpose.
You can also have the processing of your data restricted, e.g. if you believe that the data stored with us are not correct.
You have the right of data portability, i.e. the right to require that we send you at your request a digital copy of the personal data which you have supplied.
You also have the right too complain to a data protection supervisory authority.
12. RIGHT OF WITHDRAWAL AND OBJECTION
12.1. Withdrawal of consent
Under Article 7(2) of the GDPR, you have the right to withdraw at any time a declaration of consent once given. This will have as a consequence that we no longer continue in future the data processing based on this consent. The legality of the processing which has taken place pursuant to the declaration of consent up to the time of withdrawal will not be affected by your said withdrawal.
12.2. Objection to processing of your data
Insofar as we process your data on the grounds of legitimate interests under Article 6(1)(f) of the GDPR, you have the right under Article 21 of the GDPR to object to the processing of your data should reasons exist arising from your particular situation or the objection is directed towards direct marketing.
Should your objection be directed towards direct marketing, you have a general right of objection, which will be implemented by us even without statement of grounds.