Info and order telephone: +49 8856 9367133
deen
Home

DATA PROTECTION AT SPORT CONRAD

About data processing in our online shop


Conrad GmbH (hereinafter also "Sport Conrad", "we" "us") collects only the personal data from you that is necessary for the execution of the order in our online shop or on our website and the contractual and payment processing are necessary.

Our website can generally be used without providing personal data, but personal data can already be processed when using the website, which we cannot usually assign to a natural person.

We use the services of various providers on our website to optimize our website and to measure and optimize advertising campaigns carried out or commissioned by us in the context of direct marketing.

When using certain functions or services offered on this website, such as subscribing to our newsletter or sending application documents electronically, personal data will also be processed by us or commissioned services and/or service providers.

In addition, in accordance with Art 6 S 1 lit f DSGVO, we can send you information emails as well as catalogs and flyers by post for similar goods and services if you buy goods from us or use services to inform you about our offer keep informed. You can object to this at any time without incurring any costs other than the transmission costs according to the basic tariffs.

In order to protect your personal data when using our online shop, we use TLS / SSL encryption in the entire online shop.

The processing of personal data at Sport Conrad always takes place in accordance with the European General Data Protection Regulation (EU-DSGVO), as well as any federal and state-specific data protection regulations.

Further detailed information on the processing of personal data at Sport Conrad, its type, purpose, and scope, as well as information on the services and service providers used, can be found in the following of this data protection declaration.


The data protection/site processing is the company

Conrad GmbH
Bahnhofstrasse 20
82377 Penzberg

Phone: +49 8856 9367 133
Fax: +49 8856 9367 166
email : [email protected]

Managing directors Hans Conrad, Christina Linder

External data protection officer:

e-Data Protection GmbH
Markus v. Hohenhau
Roof site 8
93047 Regensburg

Tel: 0941-56712006
Fax: 0941-56712008
email : [email protected]
www.e-data-protection.de

Processing of your data in the context of the services we provide


With our customers or business partners, or if you are interested in our services, the type, scope, and purpose of the processing of your personal data are based on the contractual or pre-contractual relationships between us. We process personal data that we request from you or that you provide to us in order to answer your request, make you an offer, or process your order. Affected persons are interested parties, business, and contractual partners. The processing purpose is the processing of contractual services, communication, as well as answering contact inquiries and office and organizational procedures.

Unless otherwise stated in the further information in this data protection declaration, the processing of your data and its transfer to third parties is limited to the data required to answer your inquiries and/or to fulfill the contract, to safeguard our rights, and to fulfill legal requirements Obligations are necessary and appropriate.

Affected data are:
● Inventory data (e.g. names, addresses)
● Payment data (e.g. bank details, invoices)
● Contact details (e.g. email address, telephone number, postal address)
● Contract data (e.g. subject matter of the contract, duration of the contract)

The legal basis for data processing is Art. 6 I 1 lit. b DSGVO, the fulfillment of the contract or the fulfillment of pre-contractual inquiries.

We delete your personal data when we no longer need it, ie after the contractual relationship between us has ended, or after our legitimate interest in the further processing of the data has ceased, or if you ask us to delete it. Mandatory statutory provisions - in particular statutory retention periods - remain unaffected. Likewise, to assert, exercise, or defend legal claims from contractual relationships, or to protect the rights of another natural or legal person, it may be necessary to process your personal data until these deadlines have expired. We will then only delete the personal data required for this after these deadlines have expired. However, until these deadlines have expired, we limit the processing of this data to these purposes.

Legal basis for the processing of personal data

For the processing of personal data in our online shop, we rely in particular on the following legal bases, unless otherwise stated:

With the use of web analytics, the conversion tracking for advertising campaigns, the creation of user profiles for personalized advertising, we have a legitimate interest (1 acc. Art. 6 para. Lit . F DSGVO) in the implementation of direct marketing to increase sell-off of goods in our online shop and to measure the success of advertising campaigns carried out or commissioned by us.

You give us your consent (in accordance with Art. 6 Para. 1 lit. a DSGVO) to receive our personalized newsletter using the "double opt-in" procedure. The permission e-mail marketing to customers to send is Art. 6 para. 1 lit. f DSGVO.
Order the processing of personal data of customers, the goods in our online store, the performance is the resulting purchase contract (acc. Art. 6 para. 1 lit 1. B DSGVO) and legal obligations (acc. Art. 6 para. Lit . c).

When creating a customer account, personal data is processed within the framework of pre-contractual measures (in accordance with Art. 6 Paragraph 1 lit. b DSGVO). processed.

The processing of personal data in the case of online payment methods and parcel delivery is primarily based on the fulfillment of the contract (according to Art. 6 Para. 1 b DSGVO). In the case of address checks, we have a legitimate interest (in accordance with Art. 6 Paragraph 1 lit. f DSGVO) in reducing costs through incomplete delivery addresses and in preventing fraud and abuse.


Accessing the website - processing of personal data as well as the type and purpose of use

When you visit our website, you transmit data to our web server via your internet browser (for technical reasons). The following data is processed in the server log files during an ongoing connection for communication between your internet browser and our web server:

● The page from which the file was requested - referrer URL
● The name of the file
● The date and time of the request
● A description of the type of web browser/browser version and operating system used
● The IP address of the requesting computer
● Access status (file transferred, file not found, etc.)
● Amount of data transferred

For technical reasons (calling up the website), this data is stored briefly. It is not possible for us to draw conclusions about individual persons based on this data. The IP addresses are deleted or anonymized after 7 days at the latest.
The data are evaluated exclusively for internal purposes and do not allow us to draw any conclusions about your person. A comparison with other databases does not take place.

The data mentioned are processed for the following purposes:
● Ensuring a proper and smooth connection to the website,
● Ensuring comfortable use of the website,
● Evaluation of system security and stability

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. The legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally. You can visit the website without providing any personal information.


Cookies

We use cookies on our website. Cookies are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain any viruses, Trojans, or other malware.
Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity. Cookies do not contain any personal data and can therefore not be directly assigned to any user.

The use of cookies serves to make the use of our offer more pleasant for you. We use technically necessary session cookies to recognize that you have already visited individual pages on our website, as well as to save your browser´s language settings. These cookies are automatically deleted when you close your browser. The processed through cookies data for said purposes to protect our legitimate interests as well as third parties under Art. 6 para. 1 sentence 1 lit. f DSGVO required.

Additionally, we use technically necessary cookies as part of the consent-tool to save your selection regarding cookies and third party tools. The legal basis in this case is Art 6 I lit c DSGVO in conjunction with § 25 TTDSG.

Furthermore, with your consent ( Art 6 I S 1 lit a DSGVO ), cookies can be used by third-party providers. These cookies are automatically deleted after a defined period of time. You can see the duration of the storage in the overview in the cookie settings of your web browser. You can revoke your consent at any time. Further explanations of the cookies used, their purpose, and storage duration can be found in our cookie policy. There you can also change and revoke your consent to the setting of cookies at any time.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. Each browser manages the cookie settings differently. 


Data protection when registering on this website - Customer Account

When ordering goods from Sport Conrad, you have the option of creating a personal customer account. With a personal customer account, you have the following advantages: Management of delivery addresses, checking of the order status, order history, personal notepad, newsletter management. The personal data given in your customer account are collected and stored exclusively for order processing and your purposes (e.g. e-mail advertising).

You can delete your customer account at any time and send us a message.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a, b DSGVO.

It is also possible to place an order without opening a customer account (order as a guest).

Due to commercial and tax law requirements, we are obliged to save your address, payment, and order data for a period of 10 years.

As part of the processing of orders, they are passed on to one or more service providers and contract processors, for example for payment processing and shipping by a parcel service provider. These will also use the personal data exclusively for the respective purpose (payment processing, parcel delivery). Further information on the service providers used can also be found on this page.

We are authorised in accordance with legal permission to article 6, paragraph 1 sentence 1 lit. f DSGVO iVm § 7 III UWG to use the e-mail address given in the context of an order for direct advertising for its own, similar products or services. If there is no interest in e-mail advertising for corresponding products or services, the corresponding use of the e-mail address can be contradicted at any time. Further information on e-mail advertising and newsletters can be found below in this data protection declaration.


Questions to the product

On our product pages, we offer the opportunity to ask questions about the respective product, which will then be answered by our expert staff. With this function, we can also provide you with professional and competent advice in our online shop. So that you can benefit from the questions and answers of other users, the questions and answers will be our for all users, he displayed website as long as we offer the product in our range. To use this function, the statement is the first name ns (or any nickname) and your e-mail address is required. The given first name will be published together with your question and our answer after our staff has checked your question. The e-mail address is provided solely to answer your question and will not be used for any other purpose. Your specified email address will not be published. The legal basis for processing is the voluntary notification of your e-mail address and your question about the product for publication within the scope of the above-mentioned purpose according to Art 6 I S 1 lit a DSGVO.


Subscription to our newsletter and personalized email advertising

With your consent, you have the option of subscribing to our e-mail newsletter on our website. By registering for the newsletter free of charge, you will be regularly informed about new products, valuable tips, and news as well as exclusive offers. When you order our newsletter, your gender, name, and email address, as well as which outdoor activities you are particularly interested in, are saved. Subscribers to our newsletter will be informed at regular intervals by email about offers and special promotions from Sport Conrad. After registering for our newsletter, you will receive a one-time confirmation email. In order to complete the registration for the newsletter, it is necessary to confirm this using a so-called double opt-in procedure. We use your personal data, which is processed as part of the newsletter subscription, exclusively for our advertising purposes.

The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes saving the time of registration and confirmation, as well as the IP address.
In order to design our newsletters based on your interests in various outdoor activities and personalized product recommendations, we use a newsletter marketing system for personalized marketing messages. User profiles can be pseudonymized or anonymized for personalized product recommendations. There is no link to your customer profile.

The operator of the newsletter marketing system used is: Emarsys Interactive Services GmbH, Willi-Schwabe-Straße 1, 12489 Berlin, Germany.

For the purpose of personalized marketing messages, Emarsys can also use cookies on our website. Our newsletters can also contain so-called tracking pixels, which are used to optimize our e-mail marketing.

The subscription to our newsletter can be canceled at any time and the consent for the further use of your personal data for the newsletter dispatch and newsletter advertising can be revoked for the future. For this revocation ("opt-out") and thus also the cancellation of our newsletter, you will find a corresponding hyperlink in each newsletter that is marked with "unsubscribe from newsletter".

The dispatch of the newsletter is done based on their consent according to Art. 6 para. 1 lit. a. DSGVO. We are interested in the use of a user-friendly and secure newsletter system that serves both our business interests and the expectations of users regarding information about our products.


We may store unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before deleting them in order to be able to prove that consent was previously given. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for erasure is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections (also in the case of direct marketing in accordance with Section 7 III UGW), we reserve the right to store the e-mail address in a blacklist solely for this purpose.


Optimization of our online shop through Marmalade

This website uses the services of Marmalade GmbH ("Marmalade") for the operation and optimization of this online shop, for web analysis, and for optimizing the user experience in our online shop. The operator of the services and systems used Makaira e-Commerce Marketing Suite, Piwik Web Analysis, OXID eShop System; is marmalade GmbH, Otto-von-Guericke-Str. 86a, 39104 Magdeburg, Germany.

To analyze and improve the shop functions, such as the search function and personalized product sorting, usage profiles can be created and personal data can be processed. The provider can process, among other things, the following pseudonymous personal data on our behalf: online identifiers, including cookie identifiers, IP addresses (pseudonymised), customer identifiers, transaction data.

Further information on data protection at Marmalade can be found at https://www.marmalade.de/impressum-datenschutz.html.


Google Tag Manager - Google Analytics

This website uses the Google Tag Manager. This service allows website tags to be managed via an interface. The Google Tool Manager only implements tags. This means: no cookies are used and no personal data is recorded. The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been carried out at the domain or cookie level, it will remain in effect for all tracking tags, insofar as they are implemented with the Google Tag Manager.


With your consent (Art 6 I S 1 lit a DSGVO) we use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With your consent (Art 6 I S 1 lit a DSGVO), Google Analytics can use so-called "cookies". The information generated by the cookie about your use of this website, such as browser type/version, operating system used, referrer URL, the hostname of the accessing computer (IP address), and time of the server request is transmitted to a Google server and processed there. Google can also use other technologies such as tracking pixels to analyze the use of the website.

On behalf of the operator of this website, Google will use this information to evaluate the use of the website, compile reports on website activity, and provide other services related to website activity and internet usages, such as market research and needs-based website design. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking ).

You can prevent the storage of cookies by setting your browser software accordingly. You can also prevent Google from collecting the data generated by cookies and relating to your use of the website (including your IP address) and from processing this data by Google by clicking on the following link (https://tools.google.com/dlpage/gaoptout?hl=de) download and install the available browser plug-in, which prevents the collection of data by Google Analytics.

You can find more information on data protection at Google at https://policies.google.com/privacy?hl=de or at https://support.google.com/analytics/answer/6004245?hl=de.


Use of Matomo

We use the open-source software Matomo from InnoCraft Inc., 150 Willis St, 6011 Wellington, New Zealand (" Matomo ") to analyze and statistically evaluate the use of our website. The information about website usage is only transmitted to our server and summarized in pseudonymous usage profiles. The data will not be passed on to third parties. The information is used to evaluate the use of the website and to enable a needs-based design of our website.

The following data is processed here:

● Two bytes of the IP address of the calling system of the user
● The accessed website
● The website from which the user came to the accessed website ( referrer )
● The sub-pages that are accessed from the accessed website
● The length of time spent on the website
● The frequency with which the website is accessed

We use Matomo with the setting "Anonymize Visitors' IP addresses". As a result, the IP addresses are further processed in abbreviated form and thus a direct personal reference is excluded. The software is set in such a way that the IP addresses are not completely saved, are masked (IP masking ). In this way, it is no longer possible to assign the shortened IP address to the calling computer. The IP address transmitted by your browser using Matomo will not be merged with other data collected by us. It is not possible for us to draw any conclusions about your person.

We use tracking measures based on Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website. We use the tracking measures to statistically record the use of our website and to evaluate it for you to optimize our offer. These interests are to be regarded as legitimate within the meaning of the aforementioned regulation.

You can find more information on data protection at Matomo at https://matomo.org/privacy-policy/.

Microsoft Clarity

We can use the Microsoft Clarity tool (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA) on our website. Clarity is a free Microsoft tool with which we can detect usability problems on the website.
Microsoft Clarity records sessions of randomly selected users - taking privacy into account, of course. These recorded sessions can be played back to see how visitors interact with the website. Based on the recorded sessions, Clarity delivers measured values such as the number of sessions and the number of unique users, page views per session, the average active and passive time of the users, referrers, device category, countries, web browsers used, frequently accessed pages, dead Clicks, rage clicks, excessive scrolling, quick backs, which should provide information on which pages usability problems have occurred. Further information on Clarity can be found at https://docs.microsoft.com/de-de/clarity/faq.
In order to recognize users, Microsoft Clarity sets a cookie. This is saved for a year.

At https://account.microsoft.com/privacy/ad-settings/signedout you have the option of selecting data that Microsoft can use to personalize the advertising displayed - possibility of objection (opt-out).

The legal basis for using Clarity is Art 6 I S 1 lit f GDPR, our legitimate interest in the usability of the website, as well as Art 6 I S 1 lit a GDPR for the setting of cookies.

You can find Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.


Microsoft Advertising ( Bing Ads - Bing Remarketing ) - Universal Event Tracking (UET)

We use technologies from Bing Ads (bingads.microsoft.com), which are provided and operated by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft"). We use Universal Event Tracking (UET) for this. This is a code that, in connection with the cookie, stores some non-personal data about the use of the website. This includes, among other things, the length of stay on the website, which areas of the website were accessed, and via which ad the user reached the website. Information about your identity is not recorded.

Microsoft stores a cookie in the user's browser via UET in order to enable an analysis of the use of our online offer. This requires that the user via a display of Microsoft Advertising on our website has come. Microsoft and we can recognize in this way that someone clicked on an ad, was forwarded to our online offer, and reached a previously determined target page ("conversion site") (so-called conversion measurement). No IP addresses are saved here. No further personal information about the identity of the user is communicated. We only find out the total number of users who clicked on a Bing ad and were then redirected to the conversion site. Microsoft collects, processes, and uses information via the cookie, from which usage profiles are created using pseudonyms. These usage profiles are used to analyze visitor behavior and are used to display advertisements. No personal information about the identity of the user is processed.


Cookie name: MUIDB - MUID
Purpose: The cookie is used to understand how our website is used and which advertisements were clicked to visit our pages. The cookie is used in connection with the UET day synchronization via various Microsoft websites to detect the user over various domains.
Expiry date: maximum 1 year


If you do not want information about your behavior to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this - for example via a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of the data generated by the cookie and related to your use of the website and the processing of this data by Microsoft by clicking on the following link https://account.microsoft.com/privacy/ad-settings/signedout?lang=de-DE declare your objection to interest-based advertising.

Further information on these processing activities, the technologies used, stored data, and the storage period can be found in the settings of our consent management tool.

For more information about privacy and cookies on applied at Microsoft on the Web, visit Microsoft under https://privacy.microsoft.com/de-de/privacystatement.

Google Marketing Platform (formerly Double Click)

This website uses Google Marketing Platform for advertising. The operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The legal basis is Art 6 I S 1 lit f DSGVO.

As a result of the integration, Google receives the information that you have accessed the relevant part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out your IP address and save it.

Further information on data protection at Google can be found in Google's data protection declaration at https://policies.google.com/privacy?hl=de and at
https://support.google.com/displayvideo/answer/7621162?hl=de.


Google AdWords Conversion Tracking & AdWords Remarketing

We use the Google AdWords offer to draw attention to our attractive offers with the help of advertising materials (so-called Google Remarketing) on external websites. We can, in relation to the data of the advertising campaign, determine how successful the individual advertising measures are. We are interested in showing you advertisements that are of interest to you, to make our website more interesting for you and to achieve a fair offsetting of advertising costs (Art 6 I S 1 lit f DSGVO)

These advertising materials are delivered by Google via the so-called " AdServer ". To do this, we use AdServerCookies, which can be measured by certain parameters for measuring success, such as the insertion of advertisements or clicks by the user. If you access our website via a Google ad, Google AdWords will store a cookie on your PC. These cookies usually lose their validity after 30 days and are not intended to identify you personally. The analysis values for this cookie are usually the unique cookie ID, the number of ad impressions per placement ( frequency ), last impression (relevant for post-view conversions ), and opt-out information (marking that the user no longer wants to be addressed) is saved.

These cookies enable Google to recognize your internet browser. If a user visits certain pages on the website of an AdWords customer and the cookie stored on his computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each AdWords customer. Cookies cannot, therefore, be tracked via the websites of AdWords customers. We do not collect or process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material; in particular, we cannot identify the users based on this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data that is collected by Google through the use of this tool and therefore inform you according to our level of knowledge: Through the integration, Google receives the information that you have accessed the corresponding part of our website or that you have requested a Have clicked on our ad. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out your IP address and save it.

You can prevent participation in this tracking process in various ways:

● By setting your browser software accordingly, in particular by suppressing third-party cookies, you will not receive any advertisements from third-party providers;
● By setting for personalized advertising on Google at https://adssettings.google.de/anonymous
● By setting a browser plug-in for permanent deactivation in your browser at the link https://support.google.com/ads/answer/7395996. We would like to point out that in this case, you may not be able to use all functions of this offer to their full extent.

Further information on data protection at Google can be found at http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html.


Online catalogs

You can access our website at any time online in our current and in perusing previous catalogs. For this, we use the system flipaio.de the provider apollon GmbH + Co. KG, Maximilianstr. 104, 75172 Pforzheim, Germany. When using the online catalogs, your IP address is processed by the provider in order to enable technically functioning retrieval of the content and to avert danger, and anonymized data is also collected for statistical evaluations regarding the use of the online catalog.

You can also give us direct feedback in the online catalog. When using the feedback function, you will need to provide your email address in order to process your feedback. This will only be used to process your feedback and any queries you may have. 


The processing is done in accordance with Art. 6, para. 1 lit. f DSGVO due to our legitimate interest in the provision, improvement, and functionality of our online catalogs. The data will not be passed on or used in any other way. You can find Apollon's privacy policy at https://apollon.de/datenschutz/.


Data protection for online payment methods

When processing online orders in our online shop, you have the option of choosing from various payment methods.

In order to process the payment process (" checkout "), personal data, name, address, e-mail addresses, payment information, invoice amount, which you specify in the order process, can be transmitted to the provider of the payment method of your choice. The provider can further process and pass on your data to third parties for the following purposes: Verification of your identity before a payment can be approved, depending on the selected payment method, a credit check can also be carried out by the payment provider. In addition, the address data and online identifiers you provide, such as the IP address used for the checkout, can be processed in order to prevent illegal activities such as fraud and money laundering.

We work with the following providers:


● TeleCash , the operator is TeleCash GmbH & Co. KG, Marienbader Platz 1, 61348 Bad Homburg, Germany.
● SofortÜberweisung - Klarna GmbH, Theresienhöhe 12, 80339 Munich, Germany. Further information on data protection can be found at: https://www.klarna.com/sofort/datenschutz/
● PayPal, the operator is the PayPal (Europe) S.à R.L. . et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg. Further information on data protection at PayPal can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.


For the payment method "credit card", Concardis GmbH, Helfmann -Park 7, 65760 Eschborn, Germany.

We use the provider customweb GmbH, General-Guisan- Strasse 47, CH-8400 Winterthur, Switzerland as the interface between our shop system and the payment providers we use.

In some cases, the selected payment service providers also collect this data themselves if you create an account there. In this case, you must log in to the payment service provider with your access data during the ordering process. The data protection declaration of the respective payment service provider applies in this respect.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a, b DSGVO.


PayPal / PayPalPlus

On our website, we offer payment via PayPal, among other payment providers. The provider of the payment service is PayPal (Europe) S.à.rl. et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). PayPal assumes the function of an online payment service provider as well as a trustee and offers buyer protection services.

If you choose the payment method "purchase on account" of the PayPal service " PayPalPlus ", you will be asked during the ordering process to consent to the transfer of the data required for processing the payment and an identity and credit check to PayPal. If you give your consent (Art 6 I S 1 lit a DSGVO), this data will be transmitted to PayPal. The personal data transmitted to PayPal are usually first name, last name, address, email address, IP address, or other data that are necessary for payment processing. In order to process the purchase contract, personal data related to the respective order are also required (such as the number of items, item number, invoice amount and taxes, and other invoice information - Art 6 I S 1 lit b DSGVO).

The transmission of your data is necessary to process payments via PayPal and to confirm your identity and administer your payment instructions. PayPal may pass on your personal data to affiliated companies and service providers or subcontractors insofar as this is necessary to fulfill contractual obligations or the data is processed on behalf of us.

The personal data transmitted by us to PayPal may be transmitted to credit agencies by PayPal. The purpose of this transmission is to check your identity and creditworthiness. PayPal uses the result of the credit check for a balanced decision on the establishment, implementation, or termination of the contractual relationship and to decide whether to provide the respective payment method. The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Detailed information on this and the credit agencies used can be found in PayPal's data protection information (https://www.paypal.com/de/webapps/mpp/ua/privacy-full).

You can revoke your consent to PayPal at any time. However, PayPal may still be entitled to process, use and transmit your personal data if this is necessary or legally required for contractual payment processing or is ordered by a court or an authority.

The transfer takes your data to PayPal on the basis of Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6, para. 1 lit. b DSGVO (processing to fulfill a contract). You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.

Further data protection information can be found in the PayPal data protection principles at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.


Instant bank transfer - Sofortüberweisung

On our website, we offer, among other things, payment by means of “instant transfer”. The payment service provider is "Sofort GmbH", Theresienhöhe 12, 80339 Munich (Sofort GmbH). With the help of the “Sofortüberweisung” procedure, we receive a real-time payment confirmation from Sofort GmbH and can immediately begin to meet our obligations.
If you choose the “Sofortüberweisung” payment method, send the PIN and a valid TAN to Sofort GmbH, which can be used to log into your online banking account. Sofort GmbH automatically checks your account balance after logging in and carries out the transfer to us with the help of the TAN you transmitted. She then sends us a transaction confirmation. After logging in, your sales, the credit line of the overdraft facility, and the existence of other accounts and their stocks are automatically checked.
In addition to the PIN and TAN, the payment data you have entered and your personal data are also transmitted to Sofort GmbH. Your personal data is your first and last name, address, telephone number (s), email address, IP address, and any other data required for payment processing. The transmission of this data is necessary to establish your identity beyond doubt and to prevent attempted fraud.
The transfer of your data to Sofort GmbH takes place on the basis of Art. 6 I S 1 lit. a GDPR (consent) and Art. 6 I S 1 lit. b GDPR (processing to fulfill a contract).
You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.
Details on payment with Sofortüberweisung and the data protection declaration of Sofort GmbH can be found at https://sofort.de/datenschutz.html.


Data processing when sending parcels

We work with two forwarding agencies for the shipping of your order.
• (UPS)United Parcel Service of America, Inc. 55 Glenlake Parkway, NE Atlanta, GA 30328, USA.
• DHL Paket GmbH (DHL), Sträßchensweg 10; 53113 Bonn

For the delivery of goods, among other things, the personal data required for parcel delivery such as name, address and, if applicable, communication data are processed. The legal basis is Art 6 I S 1 lit b DSGVO.

Further information on data protection at UPS can be found at the provider: https://www.ups.com/de/de/help-center/legal-terms-conditions/privacy-notice.page.
Further information on data protection at DHL can be found at the provider: https://www.dhl.de/de/toolbar/footer/datenschutz.html.

Address validation

To ensure that your parcel reaches you, the delivery address you enter in the checkout can be validated. For this purpose, we use the service of the service provider Loqate GBG (GB Group PLC, The Foundation, Herons Way, Chester Business Park, Chester, CH4 9GB, United Kingdom - represented by Dev Dhiman. Branch in Germany: GB Group - Loqate, P7 20, 68161 Mannheim - https://www.loqate.com/de/ - hereinafter referred to as Loqate)
We validate the address with the help of the service provider to prevent incorrect data from entering our system (e.g. due to typing errors or mistyping when entering the address during order checkout, as well as to check invalid addresses - undeliverable or incomplete). The legal basis is Art 6 I S 1 lit b GDPR and Art 6 I S 1 lit f GDPR. Our legitimate interest lies in ensuring that valid data is stored and thus guaranteeing the smooth processing of customer inquiries and orders.
For the United Kingdom, the EU Commission has issued a corresponding adequacy decision pursuant to Art. 45 para. 1 GDPR, which permits the transfer to, or processing of personal data in the United Kingdom.
You can find Loqate's privacy policy at https://www.loqate.com/de/products-services-privacy-notice/.


We use Hubspot CRM on this website (Contact Form/Chatbot/E-mail support).

The provider is Hubspot Inc. (Headquarter Europa), Ground Floor, Two Dockland Central Guild Street, Dublin 1, Irland (hereinafter referred to as Hubspot CRM).
Among other things, Hubspot CRM enables us to manage existing and potential customers as well as customer contacts. With the help of Hubspot CRM, we are able to capture, sort, and analyze customer interactions via email, social media, or phone across different channels. The personal data collected in this way can be evaluated and used for communication with the potential customer or for marketing measures (e.g. newsletter mailings). With Hubspot CRM, we are also able to record and analyze the user behavior of our contacts on our website.
The use of Hubspot CRM is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the most efficient customer management and customer communication possible. Insofar as a corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
For details, see Hubspot's privacy policy: https://legal.hubspot.com/de/privacy-policy.

Your data is processed by Hubspot CRM on servers in the EU. We have concluded an order processing contract (AVV) with Hubspot CRM. This is a contract required by data protection law (GDPR), which ensures that Hubspot CRM only processes the personal data of our website visitors according to our instructions and in compliance with the GDPR.

Further information on data protection at Hubspot CRM can be found in Hubspot's data protection declaration at https://legal.hubspot.com/de/privacy-policy.


Online presence in social networks

We operate an online presence in social networks for advertising purposes (Art 6 I S 1 lit f DSGVO). We would like to point out that you use the social services and their functions at your own risk. This applies in particular to the use of interactive functions (e.g. sharing, rating).

If you visit our online presence on social media, personal data will be collected and processed by the respective provider for advertising and market research purposes. As a rule, usage profiles are also created here. This is particularly the case if you are a member of the respective platform and are logged in to it. The usage profiles can be used by the providers to show you interest-based advertising. In order to prevent social media operators from collecting information about you during your visit to our website, you should log out of the respective social medium before you start visiting our website and delete any existing social media cookies from your browser.

Data protection notice - online presence on Facebook / Instagram (META)

Facebook Ireland (Meta platforms Ireland Ltd. 4 Grand Canal Square, Dublin 2, Ireland) and the site administrator (we) are responsible for processing the personal data [that are recorded in connection with a visit to or interaction with a page (including its content)] and for the products included in the Terms of Use on the site administrator's Facebook account.

Products included are all Facebook products, Facebook pages, and Page Insights. Facebook products include Facebook itself (including the Facebook mobile app and the browser in the app), Messenger, Instagram (including apps like Direct and Boomerang), Portal branded devices, Bonfire, Facebook Mentions, Facebook Shops, Spark AR Studio, Audience Network, NPE Team Apps and any other feature, app, technology, software product, product or service offered by Facebook, Inc. or Facebook Ireland Limited. In addition, the Facebook business tools are also among the Facebook products.

The scope of the joint processing and controller addendum covers the collection of the personal data specified in the Terms of Use for Covered Products and their transfer to Facebook. The subsequent processing of data by Facebook is not part of the joint processing. Similarly, it is not part of joint processing if personal data is processed exclusively by us - we are the sole data controller in this case.     


The information required under Article 13 (1) (a) and (b) DSGVO can be found in Facebook's data policy at https://www.facebook.com/about/privacy. Further information on joint processing can be found in the respective terms of use of the products.

For the use of certain Facebook products (so-called "Facebook Business Tools") and the associated data processing, the supplementary agreement between us and Facebook as joint controller pursuant to Art. 26 DSGVO applies, which you can view at https://www.facebook.com/legal/controller_addendum.

The Page Administrator and Facebook have entered into this Controller Addendum to define the respective responsibilities for fulfilling the obligations under the GDPR with respect to joint processing (as set forth in the Terms of Use for Covered Products).

Furthermore, we have agreed that between the parties Facebook is responsible for enabling the rights of data subjects under Articles 15-20 of the GDPR with respect to personal data stored by Facebook after joint processing.


The data transfer is based on the standard contractual clauses of the EU Commission. You can find more info under:

https://de-de.facebook.com/help/566994660333381/?helpref=uf_share
https://www.facebook.com/legal/EU_data_transfer_addendum
https://help.instagram.com/519522125107875/?maybe_redirect_pol=0



Data processing conditions on Facebook
We expressly point out that the use of certain Facebook products may involve the transmission of personal information to Facebook. Taking into account the circumstances, Facebook Ireland Limited may also transmit EU data to Facebook Inc. in the USA for storage and further processing. By using Facebook products, the user agrees to Facebook's data processing conditions. You can find this at https://www.facebook.com/legal/terms/dataprocessing/update.
You can find the Facebook EU data transfer supplement at https://www.facebook.com/legal/EU_data_transfer_addendum.
The Facebook data policy can be found at https://www.facebook.com/about/privacy/ - the Instagram data policy can be found at https://help.instagram.com/519522125107875.
Information about cookies and other storage technologies on Facebook can be found at https://www.facebook.com/policies/cookies/.
You can view Facebook's data security conditions at https://www.facebook.com/legal/terms/data_security_terms.
You can find Facebook's terms of use for commercial use at https://www.facebook.com/legal/commercial_terms/update.
You can contact Facebook's data protection officer at https://www.facebook.com/help/contact/540977946302970.

More information on Page Insights data
Facebook continues to provide us with so-called page insights for the Facebook page. Insights data is aggregated data that gives us information on how users interact with the Facebook page. The legal basis for the data processing is Art. 6, paragraph I, p. 1 lit. f DSGVO, the safeguarding of our legitimate interests in an optimized presentation of the website and effective communication with users.
The data processing takes place on the basis of an agreement between the jointly responsible persons in accordance with Art. 26 DSGVO, which you can view at https://www.facebook.com/legal/terms/page_controller_addendum.
Further information on page insights data on Facebook at https://www.facebook.com/legal/terms/information_about_page_insights_data and https://de-de.facebook.com/help/instagram/155833707900388.

Data processing when contact is made via Facebook products
We collect personal data when you contact us e.g. B. via the contact form or Messenger. These data are stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of data, is our legitimate interest in answering your request in accordance with Art. 6, paragraph I, p. 1 lit. f DSGVO. Your data will be deleted after your request has been processed, provided that there are no statutory retention requirements.

Your rights
Facebook and we have agreed that Facebook is primarily responsible for providing you with information about the joint processing and for enabling you to exercise your rights under the DSGVO. According to the DSGVO, you have the right to information, correction, transferability, and deletion of your data, as well as to object to the processing of your data and to restrict processing. You can find out more about these rights in your Facebook settings. For further information on your rights, see also under "Rights of the Data Subject" in this data protection declaration.

We and Facebook have agreed that the Irish Data Protection Commission will be the primary authority in overseeing the processing under joint responsibility. You have the right to lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or with your local regulatory authority.

Right to object to advertising
You can object to the processing of your data for advertising purposes on Facebook at any time by changing your settings for advertisements in your Facebook user account at https://www.facebook.com/settings?tab=ads.

Legal basis of the operation of the Facebook page / Instagram and processing of personal data when accessed
We operate the Facebook / Instagram page for advertising purposes for our goods and services. The processing of personal data takes place on the basis of Art 6 I S 1 lit f DSGVO.




Social media plugins

We rely on our website on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO social plugins from the social networks listed below to make our website better known. 


We would like to point out that you use the social services offered and their functions at your own risk. This applies in particular to the use of interactive functions (e.g. sharing, rating).

In order to prevent the operator of social media from collecting information about you during your visit to our website, you should log out of the respective social medium before visiting our website and delete any existing social media cookies from your browser.


Embedding of YouTube videos

We use the provider YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for the integration/framing of videos. If you call up the web page of our website that is provided with a YouTube video, a connection to the YouTube servers is established and, after clicking on the corresponding video, this is called up. In the process, the YouTube server is informed of the website from which the video is accessed. If you are logged in as a member of YouTube, YouTube assigns this information to your personal user account. You can prevent this assignment by logging out of your YouTube user account and other user accounts of the companies YouTube and Google before using our websites and deleting the corresponding cookies of the companies. If necessary, YouTube may also load additional services and fonts, such as Google Fonts, when the videos are viewed.


The videos as well as the other services and fonts are displayed on our website based on your consent (Art 6 I S 1 lit a DSGVO - your click on the respective video to play the file). The integration and use of YouTube is furthermore in the interest of an appealing presentation of our websites. This also represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.


YouTube videos are integrated on our pages in the so-called extended data protection mode (NoCookie). Further information on data processing and notes on data protection by YouTube (Google) can be found at https://policies.google.com/privacy?hl=de.
The terms of use of YouTube can be found at https://www.youtube.com/static?gl=DE&template=terms&hl=de.



Facebook services

We have integrated components of the social network "Facebook" on our website. The operator of the service is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland herinafter referred to as "Facebook".

The components used enable Facebook users who visit our website to visit our Facebook page https://www.facebook.com/sportconrad or to mark them directly with "I like". Facebook can also use the implemented Facebook pixel to collect further information on pages visited on our website, even if you are not a Facebook user. Facebook can also use cookies for this. With regard to the cookies used by Facebook, you can find more information here: https://www.facebook.com/policies/cookies/.

By using Facebook Website Custom Audience, the information collected by Facebook can be used for personalized advertising on Facebook. If you are a Facebook user, you can change the general settings in the settings of your Facebook account https://www.facebook.com/ads/preferences/edit/ and here https://www.facebook.com/ads/settings for advertisements for your Facebook account and also object to usage-based advertising on and through Facebook there.

Likewise, users of Facebook, i.e. also people who are not users of Facebook, can object to the processing of personal data by Facebook for interest-based advertising here: http://www.youronlinechoices.eu/
You can also find more comprehensive information on Facebook's data protection provisions here: https://www.facebook.com/privacy/explanation.


Data protection for applications via this website

On our website, we offer applicants the opportunity to apply for vacancies at Sport Conrad by email ([email protected]). The electronically sent documents and personal data are processed in accordance with the statutory provisions.

If you send us your application documents, we will only use them to decide on your application and will not pass your data on to third parties. We would like to point out that we currently do not offer any encryption of your data when you send application documents by email. However, you can make your plants eg with the program 7ZIP (http://www.7-zip.de/) in encrypted form to us by e-mail and send us separately, eg via telephone on your password. You can also send us your application by post at any time.

If there is no employment relationship with an applicant, the application documents will be deleted no later than six months after a rejection, unless an applicant agrees upon being included in a pool of candidates for future vacancies, or if deletion does not conflict with any other legitimate interest, for example, a burden of proof in proceedings under the General Equal Treatment Act.
The data processing for the purpose of contacting and processing your application data is based on Art. 6 para. 1 sentence 1 lit. a, b DSGVO on the basis of your voluntarily given consent, as well as for the implementation of pre-contractual measures.


Google reCaptcha

For protection when submitting forms, we use the service reCAPTCHA of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This is used to distinguish whether the input is made by a natural person or improperly by machine and automated processing. Your IP address and any other data required by Google for the reCAPTCHA service are sent to Google. Your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. On behalf of the operator of this website, Google will use this information to evaluate your use of this service and to prevent spam. The IP address transmitted by your browser as part of reCaptcha will not be merged with other data from Google.


The following personal data may be collected by or through the use of this service:

• Browser-language

• Browser-Plugins

• Clicking-path

• Date and time of your visit

• IP-address

• User behaviour

• spent time per visited page

You can view Google´s privacy policy at: http://policies.google.com/privacy?hl=de.

You can find Google's cookie policy at https://policies.google.com/technologies/cookies?hl=de.


Data security

We use the SSL (Secure Socket Layer) method for encryption on our website. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.


Processing/transfer of data

A transfer of your personal data to third parties for purposes other than those listed above or below does not take place.
We only pass on your personal data to third parties if:
• You have given your express consent in accordance with Art. 6 Para. 1 S. 1 lit.
• This is legally permissible and according to Art. 6 Para. 1 S. 1 lit. b GDPR for the fulfillment of contractual relationships necessary to carry out pre-contractual measures with you
• In the event that there is a legal obligation for us to pass on according to Art. 6 Para. 1 S. 1 lit. c GDPR,
• The processing according to Art. 6 Para. 1 S. 1 lit. when the person concerned is a child.


Rights of the Data Subject

You have the right:


• To request information about your personal data processed by us in accordance with Art. 15 GDPR.
• In accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
• To request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend Legal claims is required;
• To request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert it, Need to exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;
• In accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible;
• To revoke your once given consent to us at any time in accordance with Art. 7 Para. 3 GDPR. As a result, we are no longer allowed to continue the data processing based on this consent in the future;
• To complain to a supervisory authority in accordance with Art. 77 GDPR if you are of the opinion that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our headquarters. You can find a list of data protection officers in Germany and their contact details under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.


Right to object to data collection in special cases and to direct marketing (Art. 21 DSGVO)

If we process your personal data in accordance with Art. 6 (1) sentence 1 lit. f DSGVO in order to protect our legitimate interests, which prevail in the context of a balancing of interests, you have the right to object to the processing of your personal data with effect for the future in accordance with Art. 21 DSGVO. If the processing is carried out for direct marketing purposes, you may exercise this right at any time. This also applies to profiling, insofar as it is related to such direct marketing. Insofar as processing is carried out for other purposes, you shall only have the right to object on grounds relating to your particular situation.


If you wish to exercise your right to object, simply send us an e-mail.


After exercising your right to object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.


In the event of your objection to the processing of your personal data for direct marketing purposes, the personal data will no longer be processed for these purposes.


As a responsible company, we do not use automatic decision-making or profiling.


Change of this data protection declaration - status

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may be necessary to change this data protection declaration in compliance with the applicable data protection regulations. You can call up and print out the current data protection declaration at any time on our website under data protection.

Status: November 2022