Data protection regulations

The party responsible for data processing on this website is

The Patch Factory, owner: Andree Koriath, Holmfors, 14, 914 94 Nyåker, Sweden

The data controller decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

Withdrawal of your consent to data processing

Some data processing operations are only possible with your express consent. You can withdraw your consent at any time. An informal notification by e-mail is sufficient to withdraw your consent. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority

As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The data will be provided in a machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

Right to information, rectification, blocking, erasure

You have the right to free information about your stored personal data, the origin of the data, its recipients and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time using the contact options listed in the legal notice if you have any further questions on the subject of personal data.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the "https://" address line of your browser and the lock symbol in the browser line.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in server log files. These are

  • Visited page on our domain
  • Date and time of the server request
  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • IP address

This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Data transmission upon conclusion of a contract for the purchase and dispatch of goods

Personal data will only be transmitted to third parties if this is necessary for the fulfilment of the contract. Third parties may be, for example, payment service providers or logistics companies. No further transmission of data takes place or only if you have expressly consented to this.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Registration on this website

You can register on our website to use certain functions. The transmitted data is used exclusively for the purpose of using the respective offer or service. Mandatory information requested during registration must be provided in full. Otherwise we will refuse registration.

In the event of important changes, for example for technical reasons, we will inform you by e-mail. The e-mail will be sent to the address provided during registration.

The data entered during registration is processed on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. An informal notification by e-mail is sufficient for the cancellation. The legality of the data processing that has already taken place remains unaffected by the cancellation.

We store the data collected during registration for the period that you are registered on our website. Your data will be deleted if you cancel your registration. Statutory retention periods remain unaffected.

Contact form

Data transmitted via the contact form, including your contact details, will be stored, to be able to process your enquiry or to be available for follow-up questions. This data will not be passed on without your consent.

The data entered in the contact form will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. An informal notification by e-mail is sufficient for the cancellation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store the data. Mandatory statutory provisions - in particular retention periods - remain unaffected.

Newsletter data

We require an e-mail address from you in order to send you our newsletter. Verification of the e-mail address provided is necessary and you must consent to receiving the newsletter. Additional data is not collected or is voluntary. The data is used exclusively for sending the newsletter.

The data provided when registering for the newsletter will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. To withdraw your consent, simply send us an informal email or unsubscribe via the "Unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

Data entered to set up the subscription will be deleted in the event of cancellation. If this data has been transmitted to us for other purposes and elsewhere, it will remain with us.

Cookies

Our website uses cookies. These are small text files that your web browser stores on your end device. Cookies help us to make our website more user-friendly, effective and secure.

Some cookies are "session cookies". Such cookies are deleted automatically at the end of your browser session. Other cookies, on the other hand, remain on your device until you delete them yourself. Such cookies help us to recognise you when you return to our website.

With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured so that cookies are deleted automatically when the programme is closed. Deactivating cookies may result in limited functionality of our website.

The setting of cookies, which are necessary for the performance of electronic communication processes or the provision of certain functions desired by you (e.g. shopping basket), takes place on the basis of Art. 6 para. 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in the storage of cookies for the technically error-free and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these are treated separately in this privacy policy.

Google Analytics:

We use Google Analytics to measure and analyse the use of our online services on the basis of a pseudonymous user identification number. This identification number does not contain any unique data, such as names or email addresses. It is used to assign analysis information to an end device in order to recognise which content users have called up within one or more usage processes, which search terms they have used, which they have called up again or which they have interacted with our online offering. The time of use and its duration are also stored, as well as the sources of the users who refer to our online offer and technical aspects of their end devices and browsers.
Pseudonymous profiles of users are created with information from the use of various devices, whereby cookies can be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides rough geographic location data by deriving the following metadata from IP addresses: City (and the city's inferred latitude and longitude), Continent, Country, Region, Subcontinent (and ID-based counterparts). For EU traffic, the IP address data is used exclusively for this derivation of geolocalisation data before it is immediately deleted. It is not logged, is not accessible and is not used for other purposes. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before the traffic is forwarded to Analytics servers for processing; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Website: https://marketingplatform.google.com/intl/de/about/analytics/; IP anonymisation

We use Google Analytics in conjunction with the IP anonymisation function. It ensures that Google truncates your IP address within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before transmitting it to the USA. There may be exceptional cases in which Google transmits the full IP address to a server in the USA and truncates it there. Google will use this information on our behalf to analyse your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by Google Analytics will not be merged with other Google data.

Presence in social networks (social media)

We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.

We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights.

Furthermore, user data is usually processed within social networks for market research and advertising purposes. For example, user profiles can be created based on user behaviour and the resulting interests of users. The user profiles can in turn be used, for example, to place adverts within and outside the networks that presumably correspond to the interests of the users. Cookies are generally stored on users' computers for these purposes, in which the usage behaviour and interests of the users are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

For a detailed description of the respective forms of processing and the opt-out options, please refer to the data protection declarations and information provided by the operators of the respective networks.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

  • Processed data types: Contact data (e.g. e-mail, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and process data (e.g. IP addresses, time data, identification numbers, consent status).
  • Data subjects: Users (e.g. website visitors, users of online services).
  • Purposes of Processing: Contact requests and communication; Feedback (e.g. collecting feedback via online form). Marketing.
  • Legal bases: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing operations, procedures and services:

  • Instagram: Social network; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.instagram.com. Privacy Policy: https://instagram.com/about/legal/privacy.
  • Facebook pages: Profiles within the social network Facebook; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; Further information: Together with Meta Platforms Ireland Limited, we are responsible for the collection (but not the further processing) of data from visitors to our Facebook page (so-called "fan page"). This data includes information about the types of content users view or interact with, or the actions they take (see under "Things you and others do and provide" in the Facebook Data Policy: https://www.facebook.com/policy), as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data; see under "Device information" in the Facebook Data Policy: https://www.facebook.com/policy). As explained in the Facebook Data Policy under "How do we use this information?", Facebook also collects and uses information to provide analytics services, so-called "Page Insights", for page operators to gain insights into how people interact with their pages and the content associated with them. We have concluded a special agreement with Facebook ("Information on Page Insights", https://www.facebook.com/legal/terms/page_controller_addendum), which regulates in particular which security measures Facebook must observe and in which Facebook has agreed to fulfil the rights of data subjects (i.e. users can, for example, send information or deletion requests directly to Facebook). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with Facebook. Further information can be found in the "Information on Page Insights"(https://www.facebook.com/legal/terms/information_about_page_insights_data). The joint responsibility is limited to the collection by and transfer of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular concerns the transfer of data to the parent company Meta Platforms, Inc. in the USA.
  • LinkedIn: Social network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out; Further information: Together with LinkedIn Ireland Unlimited Company, we are responsible for the collection (but not the further processing) of visitor data for the purpose of creating the "page insights" (statistics) of our LinkedIn profiles.
    This data includes information about the types of content users view or interact with, or the actions they take, as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data) and information from the user's profile, such as job function, country, industry, hierarchy level, company size and employment status. Data protection information on the processing of user data by LinkedIn can be found in LinkedIn's data protection information: https://www.linkedin.com/legal/privacy-policy
    We have concluded a special agreement with LinkedIn Ireland ("Page Insights Joint Controller Addendum (the 'Addendum')", https://legal.linkedin.com/pages-joint-controller-addendum), which regulates in particular which security measures LinkedIn must observe and in which LinkedIn has agreed to fulfil the rights of data subjects (i.e. users can, for example, send information or deletion requests directly to LinkedIn). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with LinkedIn. The joint responsibility is limited to the collection of data by and transfer to Ireland Unlimited Company, a company based in the EU. The further processing of the data is the sole responsibility of Ireland Unlimited Company, which in particular concerns the transfer of data to the parent company LinkedIn Corporation in the USA.
  • Pinterest: Social network; service provider: Pinterest Europe Limited, 2nd Floor, Palmerston House, Fenian Street, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.pinterest.com. Privacy Policy: https://policy.pinterest.com/de/privacy-policy.
  • X: Social network; Service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland; Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR). Privacy Policy: https://twitter.com/privacy,(Settings: https://twitter.com/personalization).
  • Xing: Social network; Service provider: New Work SE, Am Strandkai 1, 20457 Hamburg, Germany; Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR); Website: https://www.xing.com/. Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.

Browser plugin

The setting of cookies by your web browser can be prevented. However, this may restrict some functions of our website. You can also prevent the collection of data relating to your website use, including your IP address and subsequent processing by Google. You can do this by downloading and installing the browser plugin available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to the collection of data

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to our website: Deactivate Google Analytics.

Details on how Google Analytics handles user data can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded an order processing contract with Google in order to fully fulfil the statutory data protection requirements.

Demographic characteristics with Google Analytics

Our website uses the "demographic characteristics" function of Google Analytics. It can be used to create reports that contain statements about the age, gender and interests of visitors to the site. This data comes from interest-based advertising from Google and visitor data from third-party providers. It is not possible to assign the data to a specific person. You can deactivate this function at any time. This is possible via the ad settings in your Google account or by generally prohibiting the collection of your data by Google Analytics, as explained in the section "Objection to data collection".

PayPal

Our website enables payment via PayPal. The provider of the payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

If you pay with PayPal, the payment data you enter will be transmitted to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract). You can withdraw your consent at any time. Data processing operations carried out in the past remain effective if you withdraw your consent.

Google AdWords and Google conversion tracking

Our website uses Google AdWords. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.

AdWords is an online advertising programme. As part of the online advertising programme, we work with conversion tracking. After clicking on an advert placed by Google, a cookie is set for conversion tracking. Cookies are small text files that your web browser stores on your end device. Google AdWords cookies lose their validity after 30 days and are not used to personally identify users. The cookie allows Google and us to recognise that you have clicked on an ad and have been redirected to our website.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. Conversion cookies are used to create conversion statistics for AdWords customers who use conversion tracking. AdWords customers find out how many users clicked on their advert and were redirected to pages with a conversion tracking tag. However, AdWords customers do not receive any information that allows users to be personally identified. If you do not wish to participate in tracking, you can object to its use. In this case, the conversion cookie must be deactivated in the user settings of the browser. This also prevents inclusion in the conversion tracking statistics.

The storage of "conversion cookies" takes place on the basis of Art. 6 para. 1 lit. f GDPR. As the website operator, we have a legitimate interest in analysing user behaviour in order to optimise our website and our advertising.

Details on Google AdWords and Google Conversion Tracking can be found in Google's privacy policy: https://www.google.de/policies/privacy/.

Plugins and embedded functions and content

We incorporate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may be, for example, graphics, videos or city maps (hereinafter uniformly referred to as "content").

The integration always requires that the third-party providers of this content process the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content or function. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to analyse information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.

  • Processed data types: Usage data (e.g. websites visited, interest in content, access times); meta, communication and process data (e.g. IP addresses, time data, identification numbers, consent status); inventory data (e.g. names, addresses); contact data (e.g. email, telephone numbers); Content data (e.g. entries in online forms).
  • Data subjects: Users (e.g. website visitors, users of online services).
  • Purposes of processing: Provision of our online services and user-friendliness.
  • Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Further information on processing operations, procedures and services:

With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Deactivating cookies may result in limited functionality of our website.