With the following information, we would like to give you an overview of the processing of your personal data by Dr. Grandel GmbH and your rights under the Data Protection Act. The details of what data is processed and how it is used essentially depends on the provision of our products and services.
Who is responsible for data processing and who can I contact?
DR. GRANDEL GmbH, Pfladergasse 7 – 13, 86150 Augsburg, Germany
Phone: +49 821 3202 0
Data protection officer:
Andreas Wehrle, Pfladergasse 7-13, 86150 Augsburg, Germany
Phone: + 49 821/3202-167
Data collection when you visit our website
You can visit our website without providing personal details. We only store access data in so-called server log files transmitted to us by your browser.
- Browser type/ version
- Operating system used
- Referrer URL (previously visited page)
- Host name of the accessing computer (IP address)
- Time of the server query
- Page visited on our website
This data is analyzed exclusively for the purpose of ensuring trouble-free operation of the site and improving our products and services and does not allow us to make any inferences regarding you as a person.
Data collection and use for contract processing and when a customer account is opened.
We collect personal data if you voluntarily provide it to us in the context of your order, when contacting us (e.g. by using the contact form or by email) or when you open a customer account. What data is collected is evident from the respective input forms and comprises the following in particular:
- Last name, first name, form of address
- Payment data
- Contact data (email, phone)
- Address and order information
We use the data you have provided for contract processing and to process your inquiries.
Please note that our collection of personal data is tied to specific purposes. Therefore, the following reasons for processing merely comprise a list.
- To provide our products & services
- To comply with statutory provisions
- For creditworthiness checks in the context of purchase processing involving insecure payment options
- To prevent fraud in connection with purchases
- For advertising purposes
Use of data when subscribing to our email newsletter
When subscribing to our email newsletter, your email address, form of address, first name and last name are used for our own advertising purposes with your consent until you unsubscribe from the newsletter.
If you wish to receive the newsletter offered on the website, we need you to provide us with a valid email address and information enabling us to verify that you are the owner of the email address provided and/or that the owner of the email address consents to receipt of the newsletter. No further data is collected.
You can revoke your consent to storage of the data and the email address and the use of same for delivery of the newsletter, including by the use of a link in the newsletter provided for that purpose, free of charge at any time.
We use so-called cookies on various pages in order to make visits to our site attractive and enable the use of certain functions. These are small text files that are stored on your terminal device. Some of the cookies we use are erased again after the end of the browser session, i.e. after your browser is closed (so-called session cookies). Other cookies remain on your terminal device and enable us to recognize your browser on your next visit (persistent cookies). You can configure your browser in such a way that you will be informed when cookies are placed and are able to decide on their acceptance individually or can generally exclude the acceptance of cookies for certain cases. If cookies are not accepted, the functionality of our website may be limited.
In the following, you will find information on the cookies we use and the configuration option of your browser.
1. Strictly necessary cookies
These cookies are necessary in order to enable operation of our website. They include, for example, cookies that enable you to login to the customer area or place goods into the shopping cart.
2. Analytic / performance cookies
These cookies make it possible to collect anonymized data about the user behavior of our visitors. We then analyze these in order to, for example, improve the functionality of the website and show you interesting offers.
3. Functional cookies
These cookies are used for certain functionalities, for example, to suggest better navigation flow on our website to you and to show you personalized and relevant information (e.g. “interest-based advertising”).
4. Targeting cookies
These cookies record your visit to our website, the pages you have visited and the links that led you to them. We will use this information to tailor our website and the advertising shown to you to your interests.
5. Third-party cookies
These cookies of some of our advertising partners help to design what is offered on the Internet and our website to better suit your interests. Therefore, cookies of partner companies are also stored on your hard disk when you visit our website. These are temporary cookies that will be erased automatically after the specified time. Cookies of partner companies are generally erased after a few days or up to 24 months, after several years as well in individual cases. The cookies of our partner companies do not contain any personal data either. Data is merely collected under a user ID pseudonym. This pseudonymised data is not merged with your personal data at any time.
How can I configure the cookies settings of my browser?
Every browser is distinguished by the way it administers cookie settings. This is described in the Help menu of every browser, which explains to you how you can change your cookie settings. You can find these for the corresponding browsers at the following links:
Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Opera™ : http://help.opera.com/Windows/10.20/de/cookies.html
Use of SSL encryption
Dr. Grandel needs your personal data for various business transactions. For example, during the login process to your customer center, sensitive data has to be transmitted to our servers. We encrypt your personal data during the login process by using the SSL protocol (Secure Socket Layer protocol), so this data will not fall into the wrong hands. This is a tried and tested and very secure data transmission procedure on the Internet.
As a result of the use of the SSL protocol, your data is masked such that it cannot be reconstructed by a third party before it is transmitted to our server. In the context of this encryption procedure, measures are taken to ensure that your data is exclusively sent to the server from which it was requested. When the data reaches our server, it is conclusively checked to make sure it is complete and unaltered.
Disclaimer for the content of external linked Internet sites
If you use external links that are offered in the context of our Internet sites, this data privacy statement does not cover these links or linked websites. If we offer links, we will make every effort to ensure that they also meet our data privacy and security standards. However, we have no way of influencing compliance with the data privacy and security provisions by other providers. Therefore, please visit the Internet sites of the other providers and acquaint yourself with the data privacy statements provided there as well. At the time the links were set up, we were not aware of any violation of provisions relating to data privacy law by linked websites.
Transfer of data for the purpose of performing an agreement
In order to perform an agreement, we transfer data to the shipping company commissioned with delivery of the goods insofar as necessary to deliver the goods ordered. Depending on the payment service provider you selected in the ordering process, we transfer the payment data collected for this purpose to the bank commissioned with the payment and/or any payment service providers we may have commissioned and/or to the payment service provider selected for the purpose of payment processing. The selected payment service providers also collect some of this data themselves if you open an account with them. In this case, you must register with the payment service provider by using your login data in the ordering process. The data privacy statement of the corresponding payment service provider applies in this respect.
No transfer of personal data to third parties beyond the foregoing will take place without your consent. However, we are authorized to provide information about your data to responsible authorities in individual cases, insofar as they request your data for the purpose of exercising statutory powers (e.g. criminal prosecution). Your collected personal data will not be sold to third parties in any case.
As we take the protection of your data seriously, we protect our website and other systems by technical and organizational measures against loss, destruction, access, alteration or dissemination of your data by unauthorized persons. However, despite regular checks, full protection against all risks is not possible.
How long is your data stored?
We process and store your personal data for as long as is required to meet our contractual and legal retention obligations under commercial and tax laws.
What are your data protection rights?
- Right to be informed
- Right to data portability
- Right to object
- Right to be forgotten
- Right to restrict processing (blocking)
- Right to rectification of data
Beyond that, there is also a right to lodge a complaint with a competent supervisory authority. You may revoke consent to processing of personal data that has been given vis-à-vis our company at any time. This also applies to the revocation of declarations of consent given vis-à-vis our company before the GDPR came into force, i.e. prior to 25 May 2018. Please note that the revocation only applies for the future. Any processing prior to the revocation will not be affected.