Data Privacy Policy

We operate our websites in accordance with the following principles:

We are committed to complying with data protection laws and strive to always adhere to the principles of data avoidance and data minimisation.

1. Name and address of the controller and data protection officer

  1. The controller within the meaning of the General Data Protection Directive and other national data protection laws of the Member States of the European Union as well as other data protection regulations is:

    lichtbasis GmbH
    represented by CEO Roland Schmider
    Sieboldstr. 1
    97230 Estenfeld
    Germany

    Phone: 09305/98810
    Fax: 09305/9881499
    E-Mail: info@lichtbasis.de

    Website: https://www.lichtbasis.com

  2. The Data Protection Officer of the controller is:

    SiDIT GmbH
    Holger Loos
    Unterdürrbacherstr. 8
    97080 Würzburg
    Germany

    Phone: 0931/41726241
    Fax: 0931/3598711
    E-Mail: info@sidit.de

    Website: https://sidit.de/

2. Definitions

We have created our Data Privacy Policy in accordance with the principles of clarity and transparency. However, if there are any ambiguities regarding the use of different terminology, the corresponding definitions can be viewed here [https://dsgvo-gesetz.de/art-4-dsgvo/] eingesehen werden.

3. Legal basis for the collection and processing of personal data

We only process your personal data, such as your surname and first name, e-mail address and IP address etc. if there is a legal basis for this. Three provisions of the General Data Protection Directive in particular come into consideration here:

  1. You have given us your consent for us to process your personal data for one or more purposes, Art. 6 (1) 1 lit. a GDPR. In this context, you will be informed by us in detail about the purpose or purposes of the processing and we will document your explicit consent.
  2. We need to process your personal data to fulfil a contract or to carry out pre-contractual measures with you, Art. 6 (1) 1 lit. b GDPR.
  3. We need to process your personal data to safeguard our legitimate interests, unless your interests or fundamental rights and freedoms prevail, Art. 6 (1) 1 lit. f GDPR.

However, we will always inform you of the legal basis for processing your personal data in each case.

4. Disclosure of personal data

We will not your personal data to third parties for purposes other than those listed below. We only share your personal information with third parties if:

  1. You have given your express consent in accordance with Art. 6 (1) 1 lit. a GDPR
  2. The disclosure pursuant to Art. 6 (1) 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
  3. Disclosure is legally required pursuant to Art. 6 (1) 1 lit. c GDPR, and
  4. This is legally permissible and necessary for the settlement of contractual relationships with you pursuant to Art. 6 (1) 1 lit. b GDPR.

5. Storage duration and deletion

We only save all personal data you provide to us for as long as necessary to fulfil the purposes for which such data was transferred, or as required by law. Upon fulfilment of the purpose and/or expiration of the legal storage periods, the data will be deleted or blocked by us.

6. SSL encryption

This website uses SSL encryption for security reasons and to protect the transfer of sensitive content, such as the requests you send to us as the website operator. You can identify an encrypted connection as the address line of the browser changes from "http://" to "https://" and the lock symbol in your browser line.

If SSL encryption is enabled, the data you submit to us cannot be read by third parties.

7. Collection and storage of personal data and the nature and purpose of use

A. When visiting the website

When you visit our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until automatic deletion:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is gained (referrer URL)
  • Browser used and, if applicable, the operating system of your computer and name of your access provider

The data mentioned is processed by us for the following purposes:

  • Ensuring the convenient use of our website

Data which can be used to identify you, such as your IP address, is deleted after no more than seven days. If we save the data beyond this period, the data will be pseudonymised so that it is no longer possible to identify you.

The legal basis for data processing is Art. 6 (1) 1 lit. f GDPR Our legitimate interest is based on the data collection purposes listed above. Under no circumstances do we use the collected data to make any conclusions about you as an individual.

B. Contractual relationship

  1. Conclusion of contract

    Within the scope of the grounds for the contractual relationship, we only process the personal data required for the execution of the contract pursuant to Art. 6 (1) 1 lit. b GDPR.

    If you voluntarily provide additional information, this will only be processed on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR. We use this voluntary information to provide and constantly improve our customer-friendly service.

  2. Customer account

    You have the option of creating a customer account with us. In addition to your personal data for the execution of the contract, we will store and process any further data you have voluntarily provided, along with details of the purchases made with us in the past. You can access this data and an overview of your purchases made with us at any time. This data is used to enable you to simply log in using your login data to make your next purchase. It should also help you to manage your buying activities.

    The legal basis results from the consent you have granted pursuant to Art. 6 (1) 1 lit. a GDPR.

    You are entitled to change or delete your data in your customer account or delete the entire account at any time. If you use this function, your account will be immediately deleted along with all the contained data.

  3. Disclosure of data for shipping

    We pass on the data required for the shipment of our goods (full name, address, e-mail address, telephone number if required to deliver the goods) to the relevant shipping service so that they can provide notifications/arrange the delivery of the goods.

    The legal basis for the transfer of this data is Art. 6 (1) 1 lit. f GDPR.

    For this purpose, we will pass on your data to one of the following shipping service providers. You can request further information about the processing of your data from these companies:

    UPS
    United Parcel Service Deutschland S.à r.l. & Co. OHG, Görlitzer Straße 1, D-41460 Neuss, Tel.: +49 (0)1806 / 882 663, Website: Website UPS

    Geis
    Hans Geis GmbH + Co KG, Rudolf-Diesel-Ring 24, D-97616 Bad Neustadt, Tel.: +49 (0)9771 / 603-0, E-Mail: info@geis-group.de, Website: Website Geis

    Schäflein
    Schäflein Spedition GmbH, Am Etzberg 7, D-97520 Röthlein, Tel.: +49 (0)9723 / 9069-0, E-Mail: info@schaeflein.de, Website: Website Schäflein

    DB Schenker
    Schenker Deutschland AG, Uhlfelder Straße 1-3, D-60314 Frankfurt, Tel.: +49 (0)6107 / 74-00, E-Mail: internet.germany@dbschenker.com, Website: Website DB Schenker

    M&M
    M&M Militzer & Münch International Holding AG, Zwinglistr. 25, CH-9001 St. Gallen, Tel.: +41 (0)71 / 227-1500, E-Mail: info@mumnet.com, Website: Website M&M

C. Newsletter

  1. Content of the newsletter and registration data

    We will only send you a newsletter if you have subscribed and given your consent in accordance with Art. 6 (1) lit. a GDPR. The content of the newsletter is described in detail when subscribing for the newsletter. You only need to provide your e-mail address to subscribe for the newsletter. If you voluntarily provide any additional information, such as your name and/or gender, these will be used exclusively for the personalisation of the newsletter sent to you.

  2. Double opt-in and logging

    For security reasons, we use the double opt-in procedure to ensure that no one can subscribe with a third-party e-mail address. Once you have subscribed to our newsletter, you will therefore receive an e-mail asking you to confirm your subscription. The subscription will not be validated until it has been confirmed.

    Your newsletter subscription will also be logged. The logged details include the subscription and confirmation dates, the data you have provided and your IP address. If you make any changes to your data, those changes will also be logged.

  3. Revocation

    If you no longer wish to receive our newsletter, you can revoke your consent at any time with future effect. To do this, you can click on the unsubscribe link at the bottom of any newsletter or send us an e-mail to the following e-mail address: info@lichtbasis.de

    The revocation of consent does not affect the legality of any processing carried out on the basis of your consent before it was revoked.

  4. Use of Newsletter2Go

    We use the Newsletter2Go e-mail tool (Newsletter2Go GmbH, Köpenickerstr. 126, 10179 Berlin) to send our newsletter.

    The data you provide will be forwarded to and processed by newsletter2go for this purpose. This tool enables us to evaluate how often the newsletters are opened and used.

    Newsletter2Go is a German company with servers based in Germany, so they are also subject to the provisions of the German Federal Data Protection Act and the GDPR.

    We also have a commissioned data processing contract with Newsletter2Go. Newsletter2Go is not entitled to transfer your data.

    Further information on the data privacy policy of Newsletter2Go is available here [https://www.newsletter2go.de/datenschutz/].

    The use of the shipping service provider Newsletter2Go is based on our legitimate interests pursuant to Art. 6 (1) 1 lit. f GDPR. Our aim is to provide a user-friendly and secure newsletter system that serves our business interests and meets the expectations of our users.

D. Contact form / e-mail contact

A form is available on our website which can be used to contact us at any time. To use the contact form, you will be required to provide a name for us to personally address you and a valid email address which we can use to contact you, so that we know who has sent the enquiry and are able to process it.

If you send us enquiries using the contact form, your details in the enquiry form, including the contact details you provide and your IP address pursuant to Art. 6 (1) lit. b and f GDPR for the execution of pre-contractual measures performed out at your request or for the purpose of exercising our legitimate interests, namely to carry out our business activities.

You are also welcome to send us an e-mail using the e-mail address provided on our website. In this case, we will store and process your e-mail address and the data you provided in the e-mail pursuant to Art. 6 (1) lit. b and f GDPR to process your message.

The enquiries and associated data will be deleted no later than three months after receipt, unless they are required for a further contractual relationship.

8. Cookies

We use cookies on our website. Cookies are small data packages that your browser automatically creates and that are stored on your device when you visit our website. These cookies are used to store information associated with the respective device used. However, it is not possible to identify you personally through the cookies.

The data is processed by cookies as required for the purposes mentioned above in order to safeguard our legitimate interests and those of third parties pursuant to Art. 6 (1) lit. f GDPR.

Most browsers automatically accept cookies on the basis of the browser pre-settings. However, you can configure your browser so that no cookies are stored on your device or so that a notification is displayed before a new cookie is stored. If you disable the cookies in your browser, you may not be able to use all features of our website.

The different types of cookies we use are explained below.

  1. Session cookies

    To make the use of our website more pleasant, we use session cookies to recognise if you have already visited individual pages of our website.

    These session cookies are automatically deleted after leaving our website.

  2. Temporary cookies

    We also use cookies that allow us to recognise you when you re-visit our website and use our services. As a result, you do not need to re-enter your data and settings.

    These temporary cookies are stored on your device for a specific period of time.

  3. Cookies for marketing and optimisation purposes

    Finally, we also use cookies for marketing and optimisation purposes. These statistically record the use of our website and evaluate it for the purpose of optimising our services. The cookies enable us to recognise your internet browser when you re-visit our website.

    These cookies are automatically deleted after a defined period of time.

9. Analysis and tracking tools

We use the following analytics or tracking tools on our website. These serve to ensure the continuous optimisation of our website and to design it as needed.

These interests are justified in the sense of Art. 6 para. 1 lit. f GDPR. The respective data processing purposes and data categories can be found in the corresponding tools.

  1. Google Analytics

    We use Google Analytics, a web analytics service provided by Google Inc., on our website (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google").

    Google Analytics uses cookies in this context (see paragraph 8). The information generated by the cookie about your use of this website, such as:

    • The name and version of the browser used
    • Your computer's operating system
    • Website from which access is gained (referrer URL)
    • IP address of the requesting computer
    • Time of the server request
    are usually transmitted to a Google server in the US and stored there.

    As we have activated IP anonymization on our website, however, your IP address is initially truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there.

    On our behalf, Google will use this information to evaluate your use of our website, compile reports about website activities and provide further services related to website and internet usage to us. The IP address transferred from your browser by Google Analytics that your IP address will not be linked with any other data held by Google.

    You can prevent the storage of cookies by appropriately setting your browser software. However, please note that in this case, you might not be able to fully use all functions offered by this website.

    In addition, you can prevent data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google, by downloading and installing a browser plug-in from the following link: http://tools.google.com/dlpage/gaoptout?hl=de

    You can prevent your data from being collected by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to our website: Disable Google Analytics

  2. Google Remarketing

    We use the remarketing feature of Google Analytics to direct advertising campaigns, including Google AdWords campaigns, to visitors to our website.

    On the basis of your previous visits to our website, you will be shown relevant advertisements when you visit other websites in the Google Display Network.

    The DoubleClick cookie allows Google, ourselves and other third parties to specifically display advertisements which matches the interests identified on the basis of your previous visits to our website and/or other websites. These advertisements may appear on websites of Google and/or other Google Network operators. We also use the Google Analytics advertising features to analyse the effectiveness of our own advertising campaigns.

    You can personalise your Google ad settings and opt out of Google interest-based advertisements. The cookie ID of the DoubleClick cookie (assigned individually for each cookie) will then be overwritten and can no longer be linked to a specific browser.

    If you delete all cookies from your device, a new DoubleClick cookie may be created. If so, you may need to renew your opt-out settings. You can permanently disable the DoubleClick cookie by downloading and installing the appropriate browser plugin available here: http://www.google.com/settings/ads/plugin. You can deactivate the use of third-party cookies for the purposes of online advertising on the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/.

    If, in your Google account, you have agreed to allow your web and app browsing history to be linked to your Google account and for data from your Google account to be used to personalise advertisements, Google will use your data together with Google Analytics data to create target group lists for cross-device remarketing. For this purpose, Google Analytics will first collect Google-authenticated IDs associated with your Google Account associated with you as a user on our website. Google Analytics will then temporarily associate these IDs with Google Analytics data to optimise our target groups.

    Please click here for an overview of data privacy at Google [https://support.google.com/analytics/answer/6004245].

  3. Google AdWords

    We use Google AdWords, an online advertising program from Google Inc., on our website. Conversion tracking is also used in this context. With this tool, Google AdWords creates a cookie on your device when you visit our website via a Google ad.

    The cookie is no longer valid after 30 days. It cannot be used to trace you personally. If you visit our website as a user and the cookie is still working, we and Google will recognise that you clicked on the advertisement and were redirected to our site. Each Google AdWords customer is assigned a different cookie. It is therefore not possible to trace cookies via advertisers' websites.

    Data collected through conversion cookie is used to generate conversion statistics for advertisers. As a Google AdWords customer, we are informed of the total number of people who responded to our ad and were then linked to a website tagged with a conversion tracking tag. We do not receive any information during this process that could personally identify you as a user.

    If you reject the tracking process, the Google conversion tracking cookie can be deactivated via your internet browser.

    If necessary, use the browser help function for further information. For more information about Google's privacy policy, please see http://www.google.de/policies/privacy/.

  4. Google Maps

    Diese Seite nutzt über eine API den Kartendienst Google Maps. Anbieter ist die Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

    Zur Nutzung der Funktionen von Google Maps ist es notwendig, Ihre IP Adresse zu speichern. Diese Informationen werden in der Regel an einen Server von Google in den USA übertragen und dort gespeichert. Der Anbieter dieser Seite hat keinen Einfluss auf diese Datenübertragung.

    Die Nutzung von Google Maps erfolgt im Interesse einer ansprechenden Darstellung unserer Online-Angebote und an einer leichten Auffindbarkeit der von uns auf der Website angegebenen Orte. Dies stellt ein berechtigtes Interesse im Sinne von Art. 6 Abs. 1 lit. f DSGVO dar.

    Mehr Informationen zum Umgang mit Nutzerdaten finden Sie in der Datenschutzerklärung von Google: https://www.google.de/intl/de/policies/privacy/.

10. Rights of the data subject

You have the following rights:

  1. Information

    You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. This right to information includes information about

    • the purposes of processing
    • the categories of personal data
    • the recipients or categories of recipients to whom your data has been or will be disclosed
    • the planned storage duration or at least the criteria for determining the storage duration
    • your right to rectify, delete, restrict or object to the processing
    • the right to complain to a supervisory authority
    • the origin of your personal information, if not collected by us
    • automated decision-making, including profiling and, where appropriate, meaningful information about the details
  2. Correction

    Pursuant to Art. 16 GDPR, you have the right to request the immediate correction of incorrect or incomplete stored personal data.

  3. Deletion

    According to Art. 17 GDPR you have the right to request immediate deletion of your personal data by us, as long as further processing is not necessary for one of the following reasons:

    • To exercise the right to freedom of expression and information
    • To fulfil a legal obligation required by the law of the European Union or Member States to which the controller is subject, or to carry out a task delegated to the controller which is in the public interest or to exercise public authority
    • For reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR
    • For archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of this processing
    • To assert, exercise or defend legal claims
  4. Limitation of the processing

    Pursuant to Art. 18 GDPR, you may request that the processing of your personal data be restricted for one of the following reasons:

    • You dispute the accuracy of your personal data.
    • The processing is illegal and you refuse the deletion of your personal data.
    • We no longer need your personal data for processing purposes, but you need it to enforce, exercise or defend your rights.
    • You have filed an objection to the processing pursuant to Art. 21 (1) GDPR.
  5. Information

    If you have requested the rectification or deletion of your personal data or the restriction of processing pursuant to Art. 16, Art. 17 (1) and Art. 18 GDPR, we shall inform all recipients who have had access to your personal data unless this proves to be impossible or can only be achieved with a disproportionate effort. You can ask us to inform you about these recipients.

  6. Transfer

    You have the right to receive your personal data in a standard, structured and machine-readable format.

    You also have the right to request the transfer of this data to a third party, provided that the processing was carried out using automated procedures and upon consent pursuant to Art. 6 (1) 1 lit. a or Art. 9 para. 2 lit. a or on the basis of a contract pursuant to Art. 6 (1) 1 lit. b GDPR.

  7. Revocation

    Pursuant to Art. 7 (3) GDPR, you have the right to revoke your consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent before the revocation. We will no longer be permitted to continue the data processing based on your revoked consent in the future.

  8. Complaints

    Pursuant to Art. 77 GDPR, you have the right to complain to a supervisory authority if you believe that the processing of your personal data violates the GDPR.

  9. Objections

    If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1) 1 lit. f GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for this arising from your particular situation or if you object to receiving direct mail. In the latter case, you have a general right of objection, which shall be implemented by us without the need to specify any particular situation. If you would like to exercise your right of revocation or objection, please send an email to info@lichtbasis.de.

  10. Automated decision making in individual cases, including profiling

    You have the right not to be subject to a decision based solely on automated processing - including profiling - which will have legal effect or significantly affect you in a similar manner. This does not apply if the decision

    1. is required for the conclusion or performance of a contract between you and us
    2. is legal under the laws of the European Union or of the Member States we are subject to, and if legislation contains reasonable safeguards to safeguard your rights and freedoms and your legitimate interests
    3. is made with your express consent

    However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g GDPR applies and reasonable measures have been taken to protect the rights and freedoms and your legitimate interests.

    With regard to the cases in i. and iii, we shall take reasonable steps to safeguard the rights and freedoms and your legitimate interests, which at least includes the initiation of an intervention by an individual representing us to express our own position and challenge the decision.

11. Changes to the Data Privacy Policy

If we make changes to the Data Privacy Policy, this will be indicated on the website and registered customers will be informed by e-mail.

Last edited: 25.05.2018