1) Information about the collection of personal data and contact details of the person responsible
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Bestsales Online GmbH, Weidegrund 13, 21614 Buxtehude, Germany, Tel.: +49 4161 752 9250, email: firstname.lastname@example.org. The person responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data.
1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.
2) Data collection when visiting our website
If you only use our website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:
Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you came to the page
Operating system used
IP address used (if necessary: in anonymous form)
The processing takes place in accordance with Article 6 Paragraph 1 Letter f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.
Hosted by Shopify
We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify") for the purpose of hosting and displaying the online shop on the basis of a processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of the aforementioned Shopify services, data may also be processed as part of further processing on behalf of Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc .or Shopify (USA) Inc. In the case of the transmission of data to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by the European Commission's adequacy decision. Further information on Shopify's data protection is available on the following website: https://www.shopify.de/legal/datenschutz
Further processing on servers other than those of Shopify mentioned above only takes place within the scope communicated below.
4) Content Delivery Network
On our website we use a so-called Content Delivery Network ("CDN") from the technology service provider Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA ("Cloudflare"). A content delivery network is an online service that is used to deliver large media files in particular (such as graphics, page content or scripts) through a network of regionally distributed servers connected via the Internet. Using Cloudflare's Content Delivery Network helps us to optimize our website's loading speeds.
Processing is carried out in accordance with Article 6 Paragraph 1 Letter f GDPR on the basis of our legitimate interest in providing our website securely and efficiently, as well as improving the stability and functionality of our website.
We have concluded an order processing agreement (Data Processing Addendum, available at https://www.cloudflare.com/media/pdf/cloudflare-customer-dpa.pdf) with Cloudfare, which obliges Cloudfare to protect the data of our site visitors and not to pass them on to third parties. For the transmission of data from the EU to the USA, Cloudfare relies on the so-called standard data protection clauses of the European Commission, which are intended to ensure compliance with the European data protection level in the USA.