PRIVACY POLICY
1. DATA PROTECTION IN ONE VIEW
General notes
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.
Data collection on our website:
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This may, for example, be data that you enter in a contact form. Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this purpose and for further questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Analysis tools and tools from third-party providers
When you visit our website, your surfing behaviour may be statistically analysed. This is done primarily with cookies and so-called analysis programs. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following data protection declaration. You can object to this analysis. We will inform you about the objection options in this data protection declaration.
2. GENERAL NOTES AND OBLIGATORY INFORMATION
Data protection
The operators of these pages (FISHSTONE – Karsten Jaszkowiak) take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. When you use this website, various personal data are collected. Personal data is data by which you can be personally identified. This Privacy Policy explains what information we collect and how we use it. It also explains how and for what purpose this is done. We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
Note on the responsible office
The responsible party for data processing on this website is:
FISHSTONE – Karsten Jaszkowiak
c/o soulproducts GmbH
Volkmarstr. 1-7
12099 Berlin
Phone: +49.(0)177.977 71 45
E-mail: hello[at]fishstone.de
The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the data subject has a right of appeal to the competent supervisory authority. The competent supervisory authority in matters of data protection law is the State Data Protection Commissioner of the federal state in which our company is based. A list of the data protection officers and their contact details can be found in the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, the right to correction, blocking or deletion of this data. For this purpose as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Objection to advertising e-mails
We hereby object to the use of contact data published within the framework of the imprint obligation to send advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.
3. DATA PROTECTION OFFICER
Data Protection Officer required by law
We have appointed a data protection officer for our company
Karsten Jaszkowiak
FISHSTONE – Karsten Jaszkowiak
c/o soulproducts GmbH
Volkmarstr. 1-7
12099 Berlin
Phone: +49.(0)177.977 71 45
E-mail: datenschutz[at]fishstone.de
4. DATA COLLECTION ON OUR WEBSITE
Cookies
Cookies Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are dealt with separately in this data protection declaration.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
Contact form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. The data you entered in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
Processing of data (customer and contract data)
We collect, process and use personal data only insofar as they are necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done on the basis of Art. 6 (1) lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our Internet pages (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user. The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
5. SOCIAL MEDIA
Fishstone uses the following social plugins on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO) the following social plugins (“Plugins”):
Facebook Plugin
Functions of the Facebook service are integrated on our pages. These functions are offered by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are recognisable by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “Like” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of Facebook social plugins can be viewed here:
https://developers.facebook.com/docs/plugins/. Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law. (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). When a user calls up a function of this online offer that contains such a plugin, his or her device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offer by the latter. In the process, user profiles can be created from the processed data. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge. By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his or her Facebook account. If users interact with the plugins, for example by clicking the Like button or posting a comment, the corresponding information is transmitted from their device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and store his or her IP address. According to Facebook, only an anonymised IP address is stored in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the related rights and settings options for protecting the privacy of users, can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/. If a user is a Facebook member and does not want Facebook to collect data about him or her via this online offer and link it to his or her membership data stored on Facebook, he or she must log out of Facebook and delete his or her cookies before using our online offer. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US-American page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
Facebook Pixel
The so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used on our pages. Facebook is certified under the Privacy Shield agreement and thus offers a guarantee of compliance with European data protection law. (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). With the help of the Facebook pixel, it is possible for Facebook to determine the visitors to our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”). The Facebook pixel is integrated directly by Facebook when our website is accessed and can save a so-called cookie, i.e. a small file, on your device. If you subsequently log in to Facebook or visit Facebook while logged in, your visit to our online offering will be noted in your profile. The data collected about you is anonymous for us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and can be used by Facebook and for its own market research and advertising purposes. If we transmit data to Facebook for matching purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of matching the data with the data that is also encrypted by Facebook. The processing of the data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general information on the display of Facebook ads, in Facebook’s data usage policy: https://www.facebook.com/policy.php. Specific information and details on the Facebook pixel and how it works can be found in Facebook’s help section: https://www.facebook.com/business/help/651294705016616 You can refuse the collection by the Facebook pixel and the use of your data to display Facebook ads. To adjust which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices. You can also prevent the use of cookies that are used for range measurement and advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and additionally the US-American website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/)
Instagram plugin
Functions of the Instagram service are integrated on our pages. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram. You can find more information on this in Instagram’s privacy policy:
https://instagram.com/about/legal/privacy/
6. ANALYSIS TOOLS AND ADVERTISING
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google Analytics cookies are stored on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
Time of storage
We store the data via Google Analytics for 14 months. When there is renewed activity on our site, the data is not reset.
IP anonymisation
We have activated the IP anonymisation function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Browser plugin
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set, which will prevent the collection of your data during future visits to this website: Deactivate Google Analytics
For more information on how Google Analytics handles user data, please see Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de
Order data processing
We have concluded an order data processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
7. PLUGINS AND TOOLS
YouTube
Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO. For further information on the handling of user data, please refer to YouTube’s privacy policy at:
https://www.google.de/intl/de/policies/privacy
Vimeo
Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account. For more information on the handling of user data, please see the Vimeo privacy policy at:
https://vimeo.com/privacy
Google Maps
This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO. More information on the handling of user data can be found in Google’s privacy policy:
https://www.google.de/intl/de/policies/privacy/
8. (PAYMENT) SERVICE PROVIDERS
In order to process your order, we work together with the service provider(s) listed below, who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
Use of WooCommerce plugin
WooCommerce is a plugin for embedding e-commerce functions in the WordPress framework. We use the free plugin WooCommerce Germanized, which is licensed under GPLv3. The WooCommerce privacy policy can be found at
https://automattic.com/privacy/
Use of PayPal
All PayPal transactions are subject to the PayPal privacy policy. You can find this under https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Use of Stripe
All Stripe transactions are subject to the Stripe Privacy Policy. You can find this under https://stripe.com/de/privacy