1 Information about the collection of personal data(1) The following text informs you about the collection of personal data during usage of our website. Personal data refers to all data that can be related to you personally, such as your name, address, e-mail addresses and user behaviour.
(2) The controller as per Art. 4 (7) of the EU General Data Protection Regulation (EU GDPR) is
Am Limes 69
73527 Schwäbisch Gmünd
T: +49 (0) 7171 8001 0
The contact information of our operational data protection officer is:
- DER DATENSCHUTZBEAUFTRAGTE -
Am Limes 69
73527 Schwäbisch Gmünd
(3) When you contact us by e-mail or using a contact form, we save the data you provide (your e-mail address and your name and telephone number, if relevant) so we can answer your questions. We delete any data collected in this context once it is no longer necessary to save them, or we restrict their processing if there are legal retention requirements.
(4) If we resort to contracted service providers for individual functions of our website or if we want to use your data for advertising purposes, we will inform you below of the procedures in question in detail. We will also specify the criteria defined for the length of storage.
2 Your rights(1) Where we are concerned, you have the following rights regarding data relating to your person:
– Right to information
– Right to correction or deletion
– Right to restriction of processing
– Right to objection to processing
– Right to data portability
(2) You also have the right to file a complaint about us processing your personal data with a data protection authority.
3 Collection of personal data during visits to our website(1) If you use the website for purely informational purposes, which is to say if you do not register or provide us with any other information, we collect only the personal data that your browser transmits to our server. If you want to view our website, we collect the following data, which are technically required so we can display our website to you and guarantee its stability and security (legal basis is Art. 6 (1) s. 1 lit. f EU GDPR):
– IP address
– Date and time of the request
– Time zone difference to Greenwich Mean Time (GMT)
– Content of request (specific page)
– Access status/HTTP status code
– Volume of data transmitted in each case
– Website from which the request originates
– Operating system and its interface
– Language and version of the browser software
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and by which the provider that sets the cookie (in this case, us) receives certain information. Cookies cannot run programs or transmit viruses to your computer. They serve to make the website more user-friendly and effective.
a) This website uses the following types of cookies, the scope and operation of which are explained below:
– Transient cookies (see b)
– Persistent cookies (see c)
b) Transient cookies are automatically deleted when you close your browser, and they include session cookies in particular. They store a so-called session ID, with which various requests from your browser can be assigned to the common session. This allows your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close your browser.
c) Persistent cookies are automatically deleted after a specific period that can vary depending on the cookie. You can delete cookies at any time in your browser’s security settings.
d) You can configure your browser settings to suit your needs and reject the acceptance of third-party cookies or all cookies, for example. We would like to point out that you may not be able to use all the functions of this website in that case.
4 Additional functions and offers from our website(1) Our website is not only a source of information, but also offers various services that you may use if you like (such as the option to buy products from our online store or enter competitions). To do so, you generally need to provide additional personal data, which we use to perform the service in question and for which the previously mentioned data processing principles apply.
(2) In some cases, we use external service providers to process your data. We have selected and contracted them carefully. They are bound to follow our instructions, and we review them on a regular basis.
(3) Furthermore, we may transfer your personal data to third parties if we offer participation in special offers, prize draws, signing contracts or similar services together with partners. You will receive additional information on this when you provide your personal data or below in the description of the offer.
(4) If the registered office of our service providers or partners is located outside of the European Economic Area (EEA), we will inform you about the consequences of this situation in the description of the offer.
(5) On our website, we give users the option to register if they provide their personal data. Users enter these data on an input screen, whereupon they are transferred to us and stored. The data will not be disclosed to third parties. The information gathered by the registration form is queried during the registration process, and we save it. The legal basis for the processing of these data is Art. 6 (1) lit. a EU GDPR if the user has granted consent. Wenn die Registrierung der Erfüllung eines Vertrages, dessen Vertragspartei die betroffene Person ist, oder der Durchführung vorvertraglicher Maßnahmen dient. If the purpose of the registration is to fulfil a contract whose contracting party is the user or to perform pre-contractual measures, the additional legal basis for processing the data is Art. 6 (1) lit. b EU GDPR.
Registration is not required to conclude a contract with the user. Registration of the user may, however, be necessary for certain functions with added-value character, such as providing an order history.
We have concluded an order data processing contract with Zendesk and completely implement the strict regulations of the German data protection authorities when using Zendesk. The legal basis for processing with Zendesk is Art. 6 (1) s. 1 lit. a, provided you have granted your consent, and lit. b to in so far as the processing of your enquiry serves to prepare or execute a contractual relationship. Lit. f shall also apply if no contractual relationship exists, whereby our legitimate interest in this case consists in replying to your request.
(7) Statistical Data Analysis with Grow
We use services of the provider Grow (Grow, LLC, 5314 River Run Dr., Suite 150, Provo, UT 84604, United States). These services are used to generate statistical evaluations of the performance, sales and customer structure of our shop and services. Personal data, for example interactions with our customer service, can be processed in the course of this evaluation. The evaluations themselves do not contain any personal data. Grow, LLC, processes personal data in the United States and provides sufficient guarantees of an adequate level of data protection through certification under the Privacy Shield Agreement. Grow, LLC processes personal information on our behalf only as directed by us and not for any other purpose. The legal basis for the processing is Art. 6 Para. 1 lit. f) DSGVO, whereby our legitimate interest lies in the optimisation and demand-oriented orientation and design of our services as well as the improvement of our services and offers.
5 Objection to or revocation of the processing of your data(1) If you have granted your consent to the processing of your data, you may revoke it at any time. Such a revocation impacts the permissibility of the processing of your personal data after you have issued it to us.
(2) In so far as we base the processing of your personal data on the weighing of interests, you may file an objection to the processing. This is the case if the processing in particular is not necessary to fulfil a contract with you, which we will address in the following description of functions. When you exercise such an objection, please illustrate the reasons why we should not continue processing your personal data as previously. If your objection is justified, we will examine the matter and either cease or alter data processing, or we will present you with our compelling and legitimate grounds for continuing the processing.
(3) Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You can use the contact information above to inform us of your objection to advertising.
6 Newsletter(1) You can consent to subscribe to our newsletter, which we use to inform you about our latest interesting offers. The goods and services we advertise are mentioned in the declaration of consent.
(2) We use what is known as the double-opt-in procedure for newsletter registrations. That means that we send an e-mail to the e-mail address you have provided after your registration and ask you to confirm that you want to receive the newsletter. If you do not confirm your registration within 96 hours, your information will be blocked and automatically deleted after one month. In addition, we save the IP addresses you use, as well as the times of your registration and confirmation. We use this procedure so we can prove your registration and, if necessary, clear up any possible misuse of your personal data.
(3) The only information required for sending the newsletters is your e-mail address and your date of birth so we can verify your age and provide age-appropriate content. The provision of additional, specially marked data is voluntary and is used to address you personally. After your confirmation, we will save your e-mail address so we can send the newsletter. The legal basis is Art. 6 (1) s. 1 lit. a EU GDPR.
(4) You may revoke your consent to our sending the newsletter at any time and unsubscribe it. You can declare your revocation by clicking on the link provided in all newsletter e-mails or by sending a message to the contact information listed in the imprint.
7 Web analytics
Use of Webtrekk(1) We have integrated components from Webtrekk into some of our websites. Webtrekk combines marketing and analysis solution in a single system. Webtrekk allows the site operator to collect data about the use of their websites and individualise their marketing activities.
The company operating Webtrekk is Webtrekk GmbH, Robert-Koch-Platz 4, 10115 Berlin, Germany.
Each time certain pages of websites operated by Schleich are accessed, Webtrekk collects and saves data for marketing and optimisation purposes. Pseudonymised user profiles are created using the data collected. These pseudonymised user profiles are used to analyse user behaviour and make it possible to improve our website. The data collected using Webtrekk components are not used to identify the data subject without this person’s consent having been obtained separately and expressly. These data are not merged with personal data or other data containing the same pseudonym.
(2) Webtrekk sets a cookie on your device. We explained the concept of cookies above. On behalf of Schleich GmbH, Webtrekk shall use the data and information collected via our websites to evaluate the user behaviour of the data subject who visited our website. Furthermore, Webtrekk shall use the data to create reports on user activity on our behalf, as well as to provide additional services for us which are related to the use of our website. Webtrekk does not merge your IP address with other personal data.
(3) You may prevent our websites from setting cookies as described above at any time by configuring your Internet browser accordingly and thus permanently object to cookies being set. Configuring your Internet browser in such a way would also prevent Webtrekk from setting a cookie on your device. Additionally, you can delete cookies Webtrekk has already set at any time using an Internet browser or another software program.
(4) Additionally, you can object to the data generated by the Webtrekk cookie being recorded and related to use of this website, as well as the processing of this data by Webtrekk and prevent such processing. To do so, you need to click on this link http://optout.webtrekk.net/optout.php?r=https://www.schleich-s.com/en/GB/legal/privacy-policy/privacy-statement-objection, which sets an opt-out cookie. The opt-out cookie set when you object is stored on the device you use. If the cookies in your system are deleted following an objection, you must access the link again and set a new opt-out cookie.
However, if you set this opt-out cookie, it may no longer be possible for you to use Schleich’s webpages to their full extent.
(5) If you want to exercise your right to information, we need the Webtrekk EID to identify your personal data with Webtrekk. You can view this number here.
You can access Webtrekk’s valid data protection regulations at https://www.webtrekk.com/en/why-webtrekk/data-protection/.
(6) The legal basis for using the services provided by Webtrekk and the related processing of your personal data is Art. 6 (1) s. 1 lit. f EU GDPR. The purpose of processing is to analyse the use of our website and the resulting optimisation and needs-based structuring of our contents and advertising measures. This also constitutes our legitimate interest as per the aforementioned legal basis.
Use of NostoThis website uses retargeting technology from Nosto Solutions Ltd., Schützenstr. 6, 10117 Berlin, Germany (“Nosto”). This enables us to selectively use personalised, interest-based ads to reach out to our website visitors who have already shown an interest in our shop and our products. Advertising material is displayed based on a cookie-based analysis of previous usage behaviour. However, no personal data is stored. In cases involving retargeting technology, a cookie is stored on your computer or mobile device in order to record pseudonymised data about your interests and to adapt the advertising individually to the information stored. These cookies are small text files that are stored on your computer or mobile device. As a result, you receive advertising which are very likely to correspond to your product and informational interests. If the information collected indicates a link to a specific individual, processing shall take place as per Art. 6 (1) s. 1 lit. f EU GDPR based on our legitimate interest in displaying personalised advertising and market research. You can permanently object to cookies being set for advertising preferences by configuring your Internet browser so that, in future, no more cookies can be stored on your computer, and cookies that are already stored are deleted. Deactivating all cookies can, however, mean that some functions on our websites can no longer be executed.
In addition, we use Nosto based on your consent and thus on the legal basis of Art. 6 (1) s. 1 lit. a, so we can provide you with information and advertising by e-mail for products that may be particularly interesting for you based on content you have visited.
You can view more detailed information and data protection regulations regarding advertising and Nosto here: http://www.nosto.com/terms/
We use the online advertising program “Google AdWords” on our website and, in this context, Conversion Tracking (evaluation of visit actions). Google Conversion Tracking is a web analytics service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). A Conversion Tracking cookie will be installed on your computer when you click on an ad placed by Google. These cookies are valid for a limited period of time, do not contain any personal data and thus cannot be used for personal identification purposes. If you visit certain pages of our website and the cookie has not yet expired, Google and we can see that you clicked on the ad and were forwarded to this page. Each Google AdWords customer receives a different cookie. That means there is no chance that cookies can be tracked using the websites of AdWords customers.
Use of Google Adwords Conversion Tracking
The information gathered with the Conversion cookie are used to create Conversion statistics. These inform us of the total number of users who clicked on one of our ads and were redirected to a page featuring a Conversion Tracking tag. However, we do not receive any information that allows users to be identified personally. Processing takes place on the basis of Art. 6 (1) lit. f EU GDPR and owing to the legitimate interest in targeted advertising and analysis of the effect and efficiency of this advertising.
You have the right to object to this processing of personal data concerning you based on Art. 6 (1) lit. f EU GDPR at all times for reasons resulting from your particular situation.
Additionally, you can prevent cookies from being stored by selecting the relevant technical settings in your browser software. However, we would like to point out that you may not be able to use all functions of this website to their full extent in this case. You will then be excluded from the Conversion Tracking statistics.
Your data may also be transmitted to the USA in the process. The European Commission has issued a resolution on the appropriateness of data transmission to the USA.
Processing takes place on the basis of Art. 6 (1) lit. f EU GDPR out of legitimate interest in specifically targeting visitors to the website with advertising by running personalised, interest-based ads for visitors to the supplier’s website if they visit other websites in the Google Display network.
You have the right to object to this processing of personal data concerning you based on Art. 6 (1) lit. f EU GDPR at all times for reasons resulting from your particular situation.
8 Use of social media plug-ins and media services
Social plug-ins1) We currently use the following social media plug-ins: Facebook, Pinterest, Twitter, Instagram, Linkedin and Xing. In this context, we use the so-called two-click solution. In other words, when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognise the plug-in provider by the marking on the box above their initial letter or logo. We enable you to communicate directly with the provider of the plug-in via the button. Only if you click on the highlighted field and thereby activate it does the plug-in provider receive the information that you have called up the corresponding website of our online service. Furthermore, the data mentioned under § 3 of this policy are transmitted. In the case of Facebook and Xing, the IP address is anonymised immediately after collection based on the specifications of the relevant providers in Germany. Activating the plug-in thus transfers your personal data to the relevant plug-in provider, where it is then stored (in the case of American providers, in the USA). Since the plug-in provider collects data using cookies in particular, we recommend configuring the security settings of your browser to delete all cookies before clicking on the greyed-out box.
(2) We have no control over the collected data and data processing, nor are we aware of the full scope of data collection, the purposes of the processing and the retention periods. We also have no information as to deletion of the data collected by the plug-in providers.
(3) The plug-in provider stores the data collected about you as usage profiles and uses it for advertising, market research and/or customising its website. Such an evaluation is performed especially (even for users who are not logged in) in order to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must address the plug-in provider in question to exercise this right. Using the plug-ins, we enable you to interact with social networks and other users so that we can improve our website and make it more interesting for you as a user. The legal basis for using the plug-ins is Art. 6 (1) s. 1 lit. f EU GDPR.
(4) The data is transmitted regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, the data we collected from you will be directly assigned to your account with the plug-in provider. If you click on the activated button and, for example, link the page, the plug-in provider will also store this information in your user account and share it publicly with your contacts. We recommend regularly logging out after you use a social network, but especially before activating the button because by doing so, you can avoid information being assigned to your profile with the plug-in provider.
(5) For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers, which are provided below. There you will also find further information about your rights and configuration options for protecting your privacy.
(6) Addresses of the plug-in providers and URLs with their privacy policies:
a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; additional information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has agreed to uphold the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
b) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has agreed to uphold the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
c) Pinterest Inc., 808 Brannan Street San Francisco, CA 94103-490, USA: https://about.pinterest.com/de/privacy-policy Pinterest has agreed to uphold the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Embedded YouTube videos(1) We have embedded YouTube videos in our website. They are stored at http://www.YouTube.com and can be played directly from our website. They are all embedded in the enhanced data protection mode, which means that no data about you as a user are transferred to YouTube if you do not play the videos. The data mentioned in paragraph 2 are transferred only if you play the videos. We have no influence on this data transfer.
(2) When you visit our website, YouTube receives the information that you have called up the relevant subpage of our website. Furthermore, the data mentioned under § 3 of this policy are transmitted. This takes place regardless of whether YouTube provides a user account which you use to log in and whether you even have a user account. If you are logged into Google, your data are assigned directly to your account. If you do not want this assignment to your YouTube profile to take place, you must log out before activating this button. YouTube stores your data as usage profiles and uses them for advertising, market research and/or customising its website. Such an evaluation is performed especially (even for users who are not logged in) in order to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must address YouTube to exercise this right.
9 Payment methods and partner programmes
Payment method: Data protection regulations concerning PayPal as a payment methodThe legal basis for processing payments is Art. 6 (1) s. 1 lit. b and, if you have granted consent, lit. a EU GDPR.
The party responsible for processing has integrated components of PayPal into this website. PayPal is an online payment service provider. Payments are processed using PayPal accounts that are virtual private or business accounts. PayPal also allows users with no PayPal accounts to make virtual payments using credit cards. PayPal accounts are managed using e-mail addresses, which is why there are no classic account numbers. PayPal makes it possible to make online payments to third parties and receive payments. PayPal also assumes trustee functions and offers buyer protection services.
The European company operating PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If the data subject selects the payment method “PayPal” in our online shop when placing an order, data relating to this person are automatically transferred to PayPal. By selecting this payment option, the data subject consents to the transmission of personal data required for processing payment.
Personal data transmitted to PayPal generally consists of the first name, last name, address, e-mail address, IP address, telephone number, mobile phone number and other data required for processing the payment. Personal data relating to the order in question are also necessary for processing the purchase contract.
The purpose of data transmission is to process payment and prevent fraud. PayPal transmits personal data to the party responsible for processing especially if there is legitimate interest in this transmission. In certain situations, PayPal transmits the personal data exchanged between PayPal and the party responsible for processing to credit agencies. This transfer serves to verify identity and credit history.
PayPal may forward personal data to affiliated companies and service providers or subcontractors if this is required for the fulfilment of contractual obligations or if the data is to be processed on another party’s behalf.
Voucher offers of Sovendus GmbHIn order to select a currently interesting voucher offer for you, we will transmit your pseudonymised hash value of your e-mail address and your IP-address in encrypted form to Sovendus GmbH, Hermann-Veit-Straße 6, D 76135 Karlsruhe (Sovendus) (Art. 6 par. 1 f GDPR). The pseudonymised hash value of your e-mail address is used to consider a possibly existing objection to receive offers from Sovendus (Art. 21 par.3, Art. 6 par. 1 c GDPR). The IP-address will be exclusively used for data security purposes and as a rule the same will be anonymised after seven days (Art. 6 Abs.1 f GDPR). Furthermore, we will transmit order number, order value with currency, session ID, coupon code, and time stamp in pseudonymised form to Sovendus for billing purposes (Art. 6 Abs.1 f GDPR). If you are interested in a voucher offer of Sovendus, while there is no objection existing to receive such offers, and if you click on the voucher banner, we will transmit your salutation, your name, your postal code and country and your e mail address in encrypted form to Sovendus to prepare a voucher (Art. 6 par. 1 b, f GDPR).
You will find further information about the processing of your data by Sovendus in their Online Data Protection Notice at https://www.sovendus.co.uk/privacy_policy.
CREDITREFORM BONIVERSUMOur company regularly checks your credit history when concluding contracts and, in certain cases where legitimate interest exists, it also checks the credit history of existing customers. For this purpose, we work together with Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss, Germany, which provides us with the necessary data. Therefore, on behalf of Creditreform Boniversum, we hereby inform you of the following in advance as per Art. 14 EU GDPR:
Creditreform Boniversum GmbH is a credit agency. It operates a database that stores credit information about private persons.
Creditreform Boniversum issues credit history information to its customers based on this information. Its customers include banks, leasing companies, insurance companies, telecommunications companies, claims management companies, shipping, wholesale and retail companies, as well as other companies that deliver or provide goods or services. Within the scope of the legal provisions, part of the data stored in the information database is also stored in other company databases, among other things, for address trading purposes.
In particular, Creditreform Boniversum’s database stores information about the name, address, date of birth, and if needed the e-mail address, payment behaviour and participating interests of persons. The purpose of processing the stored data is to supply information about the creditworthiness of the person who is the subject of the request. The legal basis for processing is Art. 6 (1) f EU GDPR. Information about these data may be shared only if a customer credibly proves legitimate interest in the knowledge of this information. If data are transferred to countries outside of the EU, transmission takes place according to the so-called standard contractual clauses you can view at the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32001D0497&from=EN or have them sent to you from that link.
Data are stored as long as knowledge of them is necessary to fulfil the purpose of storage. This knowledge is generally required for a storage period of three years at first. After this time has passed, it is checked whether storage is still necessary. If not, the data will be deleted on the same day. If an issue needs to be settled, the data will be deleted three years after the settlement to the day. Entries in the record of debtors are deleted after three years to the day after the date of the order for entry as per § 882e German Code of Civil Procedure (ZPO).
Legitimate interests as per Art. 6 (1) f EU GDPR may be: Credit decisions, initiation of business, participation interests, claims, credit checks, insurance contracts and information relating to enforcement.
Where Creditreform Boniversum GmbH is concerned, you have the right to information about the personal data the company stores about you. Should the data about you be incorrect, you have the right to their correction or deletion. If it cannot immediately be determined whether the data are correct or incorrect, you have the right to have the data in question blocked until the matter is clarified. If your data are incomplete, you can demand their completion.
If you have granted your consent to the processing of data stored by Creditreform Boniversum, you have the right to revoke this consent at any time. Page 2 of 2 | Version: April 2018 | © 2018 Boniversum
The revocation does not impact the legitimacy of the processing of your data that took place based on the basis of your consent prior to its revocation.
Should you have objections, requests or complaints regarding data protection, please contact the data protection officer at Creditreform Boniversum at any time. The officer will help you with any questions relating to data protection quickly and confidingly. You can also file a complaint regarding the processing of your data by Boniversum with the data protection official responsible for your federal state.
The data Creditreform Boniversum has stored about you comes from publicly accessible sources, collection agencies and their customers.
10 Facebook Custom Audiences(1) This website continues to use the “Custom Audiences” remarketing function provided by Facebook Inc. (“Facebook”). This function makes it possible to display interest-related advertising to website users during their visits to the social network Facebook or other websites that also use the procedure (“Facebook Ads”). By doing so, we pursue the interest of showing advertising that is of interest to you in order to make our site more appealing for you.
(2) Owing to the marketing tools used, your browser automatically creates a direct connection with Facebook’s server. We have no influence on the scope and further usage of the data that are collected through Facebook’s use of this tool and are therefore informing you according to our state of knowledge: As a result of the embedding of Facebook Custom Audiences, Facebook is informed that you have accessed the corresponding page of our website, or you have clicked on one of our ads. If you are registered for one of Facebook’s services, Facebook can assign the visit to your account. Even if you are not registered with Facebook or are not logged in, the provider may ascertain and store your IP address and other identifying characteristics.
(3) It is possible to disable the function “Facebook Custom Audiences” and at this link for logged-in users: https://www.facebook.com/settings/?tab=ads#.
(4) The legal basis for processing your data is Art. 6 (1) s. 1 lit. f EU GDPR. You can find more information on Facebook’s data processing at https://www.facebook.com/about/privacy.
11 Rating reminder from Trusted ShopsIf, during or after your order, you granted us your explicit consent for this by activating a corresponding check box or by clicking one of the buttons intended for this purpose (“Rate later”), we will transfer your e-mail address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany (www.trustedshops.de) to remind you to submit an evaluation. That way, you will receive an e-mail reminding you to submit an rating. You may revoke your consent at any time by sending a message to the contact provided above or by sending your revocation directly to Trusted Shops. The legal basis for processing with your consent is Art. 6 (1) s. 1 lit. a EU GDPR.