Privacy
When you visit this website, personal data may be collected. The website operator is responsible for data processing. This data is either collected through your input or automatically. Some data is used to ensure the smooth use of the site, while others may be used for analyzing your user behavior. You have the right at any time to obtain information about the origin, recipient, and purpose of your stored personal data. You also have the right to rectify, delete, or restrict the processing of this data. Furthermore, you can withdraw your consent to data processing at any time for the future and have the right to lodge a complaint with the relevant supervisory authority. Your browsing behavior may be statistically evaluated when visiting this website. More information can be found in the privacy policy.
Hosting
Strato AG from Berlin is our provider for the hosting services of our website. When you visit the site, log files, including your IP address, are recorded. Further details can be found in Strato’s privacy policy: https://www.strato.de/datenschutz/. Data processing is based on Article 6(1)(f) of the General Data Protection Regulation (GDPR) because we have a legitimate interest in a reliable presentation of our website. If consent is requested, processing is carried out exclusively based on Article 6(1)(a) of the GDPR and § 25(1) of the German Telemedia Act (TTDSG). Consent can be revoked at any time. To ensure the protection of your data, we have entered into a contract for data processing (AVV) to ensure that the personal data of our website visitors are processed only according to our instructions and in compliance with the GDPR.
General Information and Mandatory Information
1.Data Protection and Information about the Responsible Entity
The operators of these pages take the protection of your personal data very seriously and treat it confidentially. All personal data that you provide to us is processed in accordance with the applicable data protection regulations. In this privacy policy, we inform you about the nature, scope, and purpose of the collection and use of personal data. Furthermore, we inform you about your rights under the General Data Protection Regulation (GDPR). The responsible entity for data processing on this website is Olivia Krzyzowski, Nacker Str. 7, 55234 Wendelsheim, Telephone: 01714983393, Email: info@kiddoz.de.
2.Data Retention
If no specific retention period is specified, your personal data will remain with us until the purpose for processing no longer exists. If you request the deletion of your data or withdraw your consent for processing, your data will be deleted unless there are other legally permissible reasons for its retention (e.g., tax or commercial retention periods). If such reasons exist, your data will be deleted after the specified period has elapsed.
3.General Notes on Data Processing Legal Bases on this Website
We process your personal data based on your consent, which you can revoke at any time. If processing is necessary for a contract or pre-contractual measures, we process your data based on Article 6(1)(b) of the GDPR. We also process your data when it is necessary to fulfill a legal obligation (Article 6(1)(c) of the GDPR). Additionally, we process your data based on our legitimate interest (Article 6(1)(f) of the GDPR). Data processing in third countries is also based on Article 49(1)(a) of the GDPR, and consent for the storage of cookies or access to information is based on § 25(1) of the TTDSG.
4.Data Transfer to the USA or Other Third Countries
The tools we use are provided by companies located in the USA or other third countries that do not offer a comparable level of data protection as the EU. When we activate these tools, your personal data may be transferred to and processed in these countries. We must inform you that US authorities (e.g., intelligence agencies) may process, evaluate, and permanently store your data located on US servers for surveillance purposes. Unfortunately, we have no control over this.
Revoking Your Consent for Data Processing
You have the right to revoke your explicit consent at any time. This does not affect the lawfulness of data processing that occurred prior to the revocation. Many processing operations are not possible without your consent
Right to Object to Data Collection in Specific Cases and to Direct Marketing (Art. 21 GDPR)
You have the right to object at any time, for reasons related to your specific situation, to the processing of your personal data when the processing is based on Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions. You can find the respective legal basis for the processing in this privacy statement. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims. You also have the right to object at any time to the processing of your personal data for direct marketing purposes, including profiling related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes.
Right to Lodge a Complaint with the Competent Supervisory Authority
In case of violations of the GDPR, individuals have the right to lodge a complaint with a supervisory authority, especially in the Member State of their habitual residence, place of work, or the place of the alleged infringement. Additionally, other administrative or judicial remedies can also be pursued.
Right to Data Portability
You can request that your personal data, which we process automatically based on your consent or for the performance of a contract, be transmitted to you or to another data controller in a commonly used, machine-readable format, where technically feasible.
Information, Erasure, and Rectification
You have the right to receive free information about your stored personal data from us at any time. You also have the right to have incorrect data corrected and your personal data deleted if stored by us. If you have any questions on this subject, you can contact us at any time.
You can demand that the data concerning you be deleted immediately by the data controller. The data controller is obligated to delete these data immediately, provided one of the following reasons applies: (a) the data is no longer necessary for the purposes for which it was collected; (b) you withdraw your consent on which the processing is based and there is no other legal ground for the processing; (c) you object to the processing and there are no overriding legitimate grounds for the processing; (d) the data has been unlawfully processed; (e) the data must be deleted for compliance with a legal obligation in Union or Member State law to which the data controller is subject; (f) the data has been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR. If the data controller has made the personal data public and is obliged to delete it, the data controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other data controllers processing the personal data that you have requested the erasure by such data controllers of any links to, or copy or replication of, those personal data. However, there is no right to erasure in certain cases, such as when processing is necessary to exercise the right of freedom of expression and information, to comply with a legal obligation, for the performance of a task carried out in the public interest, in the exercise of official authority, for archiving purposes in the public interest, scientific research, historical research, or statistical purposes, or for the establishment, exercise, or defense of legal claims.
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. If you wish to restrict the processing of your personal data, please contact us.
SSL/TLS Encryption
To protect your data and transmit confidential content, this website uses SSL/TLS encryption. You can recognize an encrypted connection by the address line of your browser changing from “http://” to “https://” and the padlock symbol in your browser bar. With SSL/TLS encryption activated, data you send to us cannot be read by third parties.
Objection to Promotional Emails
We expressly prohibit the use of contact information published in the context of website legal notice requirements to send promotional and informational materials that have not been expressly requested. The website operators reserve the right to take legal action in the event of the unsolicited sending of promotional information, such as spam emails.
Data Collection on this Website
1.Data Collection for Orders
We need your personal data to offer our services as a sales platform and fulfill the obligations from online purchase agreements with you. For this purpose, we must collect and store the following data: (1) first and last name; (2) address, if different delivery address; (3) phone number; (4) email address; (5) payment method; (6) date and time of the order; (7) product data; (8) IP address from which the order is placed. Since the fulfillment of the contract takes place directly between the users, we must pass on this data to the respective sellers as contractual partners so that they can fulfill their obligations under the contract. However, data transfer is only necessary for the performance of the contractual relationship and delivery of goods. The data will be deleted as soon as it is no longer needed for the purpose of its collection. The legal basis for processing the data is Article 6(1)(b) of the GDPR.
2.Data Collection for Payment
Users can use the PayPal payment service for payments. PayPal is responsible for the associated processing of personal data, and users can find information in PayPal’s privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full. If the “prepayment” payment method is selected, we store the seller’s bank details (name of the account holder, IBAN, BIC) for forwarding to the buyer. This is based on the performance of a contract (Article 6(1)(b) of the GDPR). The data will be processed until the purpose of the processing is fulfilled or there is no longer a legal obligation.
3.Data Collection for Creating a User Account
Our online shop offers you the option to create a user account. This allows you to access your stored data for current and future orders without entering it again. You provide us with your personal data (first and last name, billing and shipping address, email address, phone number, and a unique password) through an input mask. According to Article 6(1)(b) of the GDPR, this data serves the processing of pre-contractual measures and the fulfillment of contracts you enter into with us. Your data will be deleted as soon as it is no longer necessary to fulfill these purposes. As the owner of a user account, you can request the deletion of your account at any time, which will also result in the deletion of your data. For further questions regarding your user account, please contact info@kiddoz.de.
Seller Account
At Kiddoz, you can register as a seller of goods. We collect and store the following data:
(1) Company name
(2) First and last name of the contact person
(3) Address
(4) Email address
(5) Phone number
(6) Company management
(7) VAT ID number of the company
(8) Tax office of the company
(9) Commercial register of the company
(10) Local court of the company
(13) Label or brand name
(14) Bank details
(15) PayPal email address
(16) LUCID number
We process this data to create a seller account for you to carry out pre-contractual measures and to conclude and fulfill contracts. The legal basis for data processing is Art. 6 (1) lit. b GDPR. Your data will be deleted as soon as it is no longer necessary for the purpose of collection. You can delete your seller account and update your stored data at any time. Please contact us at info@kiddoz.de for assistance.
Seller Application Form
The processing of the data you provide in the seller application form is based on a legitimate interest (Art. 6 (1) lit. f GDPR). This form is designed to facilitate a simple application process. Your information will be used for processing your application, assessing your qualifications, and for potential follow-up inquiries. Providing your personal data is voluntary, but we can only process your application if you provide all the information listed in points 1-16 under “Seller Account”. Additionally, we store your IP address to prevent unwanted spam messages. This data is collected through the WordPress plugin “Forminator,” but no data is sent to the plugin developer or their server.
Cookies
Our websites use cookies. These are small data packets that do not harm your device. They can be stored on your device temporarily during a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted after your visit, while persistent cookies remain on your device until you manually delete them or your web browser does so automatically. Cookies can come from us (first-party cookies) or third-party companies (third-party cookies). They enable the integration of specific services from third parties into our websites. Cookies have various functions, many of which are technically necessary to enable certain page functions (such as the shopping cart). Other cookies are used for analysis or advertising. Cookies that are necessary for the technical execution of the electronic communication process or to provide certain functions you request (e.g., shopping cart) or to optimize our website are stored based on Art. 6 (1) lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent for storing cookies has been requested, processing is carried out solely on the basis of this consent (Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG); consent can be revoked at any time. You can configure your browser to notify you about the placement of cookies and decide whether to accept them or automatically delete them. You can find information about the cookies and services used on this website in our privacy policy.
Social Media
This website includes features of the Twitter service, provided by Twitter International Company located at One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. When the social media element is active, a connection is established between your device and the Twitter server, allowing Twitter to receive information about your visit. Using Twitter and the “Re-Tweet” function links the websites you visit to your Twitter account and makes them known to other users. We have no knowledge of the content of the data transmitted and its use by Twitter. For more information, please refer to Twitter’s privacy policy at https://twitter.com/de/privacy. The use of this service is based on consent (Consent) according to Art. 6 (1) lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used based on our legitimate interest in achieving maximum visibility on social media. Data transfer to the USA is based on the standard contractual clauses of the EU Commission (https://gdpr.twitter.com/en/controller-to-controller-transfers.html). You can change your privacy settings on Twitter in the account settings at https://twitter.com/account/settings.
Our website includes features of the Instagram service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information about your visit to this website. If you are logged into your Instagram account, clicking the Instagram button allows you to link the content of this website to your Instagram profile. Instagram can thus associate your visit to this website with your user account. Please note that we have no knowledge of the content of the data transmitted and its use by Instagram. If consent (Consent) has been obtained, the use of the above service is based on Art. 6 (1) lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used based on our legitimate interest in achieving maximum visibility on social media. We and Meta Platforms Ireland Limited share responsibility for data processing when personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram. This shared responsibility is limited to data collection and forwarding to Facebook or Instagram. The processing carried out by Facebook or Instagram after forwarding is not part of the shared responsibility. Our shared obligations have been outlined in an agreement on joint data processing. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find more information in Instagram’s privacy policy. We are responsible for providing data protection information when using the Facebook or Instagram tool and for its data protection-compliant implementation on our website. Facebook is responsible for the data security of Facebook or Instagram products. Rights of data subjects (e.g., requests for information) regarding data processed by Facebook or Instagram can be asserted directly with Facebook. If you assert data subject rights with us, we are obligated to forward them to Facebook.
We use the social media element of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland, on our website. When you visit our site, your browser establishes a direct connection to Pinterest’s servers, transmitting various data to Pinterest. This may include your IP address, the address of the page that also has Pinterest features, your browser settings and data, date and time of your request, your use of Pinterest, and cookies. This service is used based on your consent (if obtained) or our legitimate interest in maximizing visibility on social media. For more information on the purpose, scope, and further processing and use of data by Pinterest, as well as your rights and options for protecting your privacy, please refer to Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy.
Plugins and Tools
Google Fonts (Local Hosting)
To ensure a consistent font appearance, this site uses Google Fonts that are installed directly on the device. There is no connection to Google’s servers. For more information about Google Fonts and their privacy policy, please visit the following pages: https://developers.google.com/fonts/faq and