1. Name and contact data of the party responsible for processing and of the responsible company data protection officer
This data protection information is valid for data processing by:
Responsible Party: bc GmbH & Co. KG (in the following mentioned as: bc),
Carlo-Schmid-Straße 12, 52146 Würselen, Deutschland
Phone: +49 (0)2405 – 450045
Fax: +49 (0)2405 – 450046
Commercial Register Aachen HRA6179
VAT ID: DE191317292
bc Verwaltungs GmbH
Commercial Register Aachen HRB21024
Marcus Wenkel, Klaus Hoenig, Philipp Simon
bc’s company data protection officer is Mr. Stefan Sippel. He is contactable, to the attention of Mr. Stefan Sippel at the above-mentioned address, resp. email@example.com.
2. Collection and storage of personal data and nature and purpose of use when you visit our website
When you visit our website www.bike-components.de, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automatically deleted:
• IP-address of the accessing computers,
• date and time of access,
• name and URL of the accessed file,
• website, from which access takes place (Referrer-URL),
• used browser and if applicable the operating system of your computer as well as the name of your access provider.
The following data are processed by us for the following purpose:
• to guarantee a trouble-free connection set-up of the website,
• to guarantee a comfortable usage of our website,
• evaluation of the system security and stability, as well as
• for further administrative purposes.
The legal basis for data processing is article 6, sentence 1 littera f of the EU General Data Protection Regulation (DSGVO). Our legitimate interest results from the data collection purposes listed above. In no case, will we use the collected data for the purpose of drawing conclusions about you.
3. Collection and storage of personal data and nature and purpose of use during registration
In addition to the information mentioned under item 2, we also store the following information during registration:
· date and time of registration,
· first and surname,
The currently valid general terms and conditions are also stored. Our registration form is encrypted, ensuring the entered data cannot be viewed by a third party. You have the possibility to change your registration data at any time.
We store this data for the purpose of giving you the opportunity to order and access your order data at any time. The order data consist of: your orders, your account data, your address book, your password, your newsletter subscription, your assessments.
The data processing is based on your request and is required for the stated purposes for the appropriate processing of your orders and subscriptions and for the mutual fulfillment of obligations arising from the order contracts in accordance with article 6, sentence 1 littera b of the EU General Data Protection Regulation (DSGVO).
If you have concluded a contract with us for the order of goods, your data is stored accordingly for the duration as stated below under item 4. Online Orders. If you have not placed an order, we will store your registration data for a reasonable amount of time, in which an order can be expected after registration, but not longer than three months.
4. Collection and storage of personal data and nature and purpose during online orders
An online order can only be placed if registration is completed. Therefore, we will store the information as stated under item 2 and 3. Our order form is encrypted, ensuring the entered data cannot be viewed by a third party. The following additional information is collected for orders:
· address, first and surname,
· e-mail address,
· postal address,
· phone number (if stated),
· date and time of the order,
· ordered goods,
· payment information.
We also store the contractual text and our currently valid general terms and conditions.
This data is collected:
· in order to identify you as our customer,
· to deliver the goods to you and to fulfil the contract,
· for invoicing,
· to process the payment claims and assert any other claims against you,
· to correspond with you.
The data is processed upon your request and is required to fulfil the mutual obligations resolving from the sales contract in accordance with article 6, sentence 1 littera b of the EU General Data Protection Regulation (DSGVO).
The personal data collected, required to process the sales contract is stored until expiry of the statutory period of limitations and then deleted (3 years after the end of the calendar year in which the claim arose and the creditor becomes aware of the circumstances of the person of the debtor or becomes aware without gross negligence, article 199 clause 1 Civil Law [BGB]), unless we are obliged to storage for a longer period of time in accordance with article 6, clause 1, sentence 1 littera c of the EU General Data Protection Regulation (DSGVO) due to tax and commercial requirements for storage and documentation (Commercial Law HGB, Criminal Law StGB or General Fiscal Law AO) or you have consented to further storage in accordance with article 6, clause 1, sentence 1 littera a of the EU General Data Protection Regulation (DSGVO).
5. Collection and storage of personal data and nature and purpose of usage when subscribing to our newsletter
If you have expressly consented, in accordance with article 6, clause 1, sentence 1 littera a of the EU General Data Protection Regulation (DSGVO), we will use your e-mail address to regularly send you our newsletter. The e-mail address data is sufficient to receive the newsletter. Deregistration is possible at any time, for example via the link at the end of each newsletter. Alternatively, you can also send your unsubscribe request via e-mail to firstname.lastname@example.org.
6. Collection and storage of personal data and nature and purpose of usage when using the contact form
We offer you the opportunity to contact us via a form provided on the website, for questions of any kind. It is necessary to provide a valid e-mail address so we can determine who sent the request and to answer it. Further information can be provided voluntarily. The data processing for the purpose of contacting us, is based on your voluntarily granted consent in accordance with article 6, clause 1, sentence 1 littera a of the EU General Data Protection Regulation (DSGVO). The personal data collected by us for the use of the contact form, will be automatically deleted after completion of your request. Our contact form is encrypted, ensuring the entered data cannot be viewed by a third party.
7. Disclosure of data
A transfer of your personal data to third parties will not take place for purposes other than those listed below.
We only share your personal information with third parties, if:
• this is legally valid and required in order to process contractual relationships with you in accordance with article 6, clause 1, sentence 1 littera a of the EU General Data Protection Regulation (DSGVO). We use your mentioned data:
· to fulfil and process your order,
· transfer your data to the shipping company commissioned with the delivery, insofar as necessary to deliver the goods,
· to process payments, we also transfer your data to our bank;
• in accordance with article 6, clause 1, sentence 1 littera f of the EU General Data Protection Regulation (DSGVO), disclosure is required to assert, exercise or defend legal claims and there is no reason to assume that that you have a predominant legitimate interest in not disclosing your data,
· in case a legal obligation is given in accordance with article 6, clause 1, sentence 1 littera c of the EU General Data Protection Regulation (DSGVO), as well as
• you have explicitly consented this in accordance with article 6, clause 1, sentence 1 littera a of the EU General Data Protection Regulation (DSGVO), for example when applying for a purchase upon installments (installment payment). For installment payments, you submit your consent to submit your data to PayPal for credit review when submitting the application. For the purposes of the credit review, your data is stored, processed and used to the extent permitted by law such as name and surname, street, house number, zip code, city, date of birth, telephone number as well as the data in connection with your order. You agree that this data will be transmitted to PayPal for the purpose of a credit review.
A further disclosure of your data to a third party or usage for advertising purposes exceeding the consented newsletter dispatch, does not take place. If we have disclosed your data to a third party, that third party was carefully selected and assigned by us and are bound to our instructions and are monitored regularly.
As far as our service providers or partners are located in a country outside of the European Economic Area (EEA), we will inform you about the consequences of these circumstances in the description of the offer. We will only transfer your data to a servicer or partner located outside of the EEA, if the place of delivery mentioned in your order is outside of the EEA. We will transmit your data to service providers or partners outside the EEA if there is a Commission adequacy decision for the respective country. In case of transmittance in accordance with article 46 or article 47 or article 4, clause 1, sub-clause 2, we will inform you of the consequences of these circumstances in the offer. For the following countries a Commission adequacy decision is given: Andorra, Argentina, Canada (commercial organizations), Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland, Uruguay, USA (limited to the Privacy Shield framework). The Commission's comments on its adequacy decisions can be found at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_de
For explanations and declarations of the EU-US Privacy Shield, see: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_de
We use the following types of cookies, whose scope and function are described below:
– transient cookies (see a)
– persistent cookies (see b).
a) Transient cookies are automatically deleted after closing the browser. In particular, this includes the session cookies. These store a so-called session ID, in which the common session can be assigned to various requests from your browser. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
b) Persistent cookies are automatically deleted after a specified period, which may differ depending on the type of cookie. You can delete the cookies in the security settings of your browser at any time.
You can configure your browser setting according to your wishes and for example decline the acceptance of third party cookies or all cookies. We would like to inform you that you then, may not be able to use all features of this site.
The tracking measures listed below and used by us are in accordance with article 6, clause 1, sentence 1 littera f of the EU General Data Protection Regulation (DSGVO). With these tracking measures we want to ensure a needs-based design and a continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate for purposes of optimizing our offer for you. These interests are to be considered justified within the meaning of the previously mentioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.
(1) Google Analytics
We use Google Analytics, a web analyzing service of the Google Inc. (https://www.google.de/
intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the purpose of needs-based design and continuous optimization of our website; in the following mentioned as “Google”. In this context, pseudonymized usage profiles are created and cookies are used (see item 8). The cookie generates information about your use of this website, such as
• browser type/version,
• used operating system,
• referrer-URL (the prior visited site),
• host name of thee accessing computer (IP-address),
• time of the server request,
are transferred to a Google server in the USA and stored there.
The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and needs-based website design. This information may also be transferred to third parties if required by law or if third parties process this data in the order. Under no circumstances will your IP-address be merged with any other data provided by Google. The IP-addresses are anonymized, so that an assignment is not possible (IP-masking). You can prevent the installation of cookies by setting the browser software accordingly; however, we would like to point out that in this case not all features of this website may be fully exploited. Additionally, you may prevent the collection of data generated by the cookie and related to your use of the website (including your IP- address) and the processing of this data by Google, by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de). Alternatively, to the browser add-on, especially for browsers of mobile devices, you can prevent the collection by Google Analytics by clicking on this link. An opt-out-cookie is set that will prevent the future collection of your data when you visit this website. The opt-out-cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out-cookie again. For more information about data protection related to Google Analytics, see the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=de).
(2) Google Adwords Conversion Tracking
(3) Google AdWords Remarketing
Our website uses Google Adwords Remarketing Tags. Google Adwords Remarketing is a service of the Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; in the following mentioned as “Google”). Here, so-called cookies are stored on your computer and are used by Google to analyze the usage of the website. The information generated by the cookie (including your IP-address) are transferred to a Google server located in the USA and stored there. Subsequently the IP-address is shortened by Google by the last three digits. Therefore, a clear allocation of the IP-address is no longer possible. Google will use this information to evaluate your usage of the website, to create reports concerning the web activity for the website owner and render further service coherent to website and internet usage. Furthermore, Google will summit this information to a third party if this is required by law or if the third-party processes data on behalf of Google. Third parties, including Google, place adds on the website in the internet.
Third parties including Google, use stored cookies to activate ads based on prior visits of the user to this website. In no case, will Google associate your IP-address with other data collected by Google. Google is registered with the “Safe Harbor” Program of the US-Department of Commerce and follows the data protections regulations of the “US-Safe-Harbor” agreement.
Data collection and storage can be objected at any time with effect for the future. You can deactivate the usage of cookies by Google by accessing the site to deactivated Google ads. Click here
However, in this case please note that you may not be able to use all the features of this website. By using this website, you consent to the processing of your data by Google in the manner and for the purposes mentioned above.
(4) YouTube plugin, links to social media
(a) On our website we do not use plugins of medias such as Facebook, Twitter and Instagram. The shown icons are only links to the social media sites. Therefore, no data is transferred to the provider’s server unless you click one of these links yourself.
(b) We have included YouTube videos in our online offering, which are stored on http://www.YouTube.com and are directly playable from our website. These are all included in the "extended privacy mode", which means none of your user data is transferred to YouTube if you are not playing the videos. Only when you play the videos, the data mentioned in paragraph 2 will be transmitted. We have no influence on this data transfer.
(c) By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. In addition, the data mentioned under 2 of this declaration will be transmitted. This happens regardless of whether YouTube provides a user account that you are logged in to, or if there is no user account. When you are logged on to Google, your data will be assigned directly to your account. If you do not wish to associate your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and / or needs-based design of their website. Such an evaluation is concluded in particular (even for users who are not logged on) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right to object to the establishment of these user profiles, whereas you must address YouTube to exercise these rights.
(d) You will receive further information regarding the purpose and scope of your data collection and processing through YouTube in the data protection statement. There you will also receive further information concerning your rights and setting options for the protection of your privacy:
Google also processes your personal data in the USA and is subjected to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.
(5) Commerce Connector
On our site we use a tracking pixel of the company Commerce Connector GmbH, Eberhardstraße
69-71, 70173 Stuttgart.
The tracking pixel is a 1 x 1 pixel graphic that is virtually invisible and has no significant impact on load times. The tracking pixel will only be activated for those customers who access our page via the manufacturer’s link, which has incorporated this pixel. Through the manufacturer you can access the website of the Commerce Connector GmbH, www.commerce-connector.com. For this purpose, the manufacturer uses the software-based service Commerce Connector “buy now online”. The manufacturer uses this information to show visitors which online retailer can be used to buy a specific product. Such an online retailer is www.bike-components.de. If you have clicked on the link of the manufacturer, the Commerce Connector GmbH stores a cookie on your device for a limited period of usually seven days. If you place a purchase through us during this period, Commerce Connector GmbH may access the cookie to receive information about your purchase from us, when you arrive at our confirmation page.
The following information is communicated to the manufacturer via Commerce Connector with tracking pixel: information regarding the shop ID, the EAN for each item, the ordered quantity, the net price (optional), the time of order, the number of orders and the IP-address of the customer or other user data or customer data. The tracking pixel is located on the website of the Commerce Connector GmbH and is solely executed through an image tags HTML integration. The purchasing information is used to create anonymized sales statistics regarding the individual products.
For more information click https://www.commerce-connector.com/web/de/policy-cco/
If you wish to deactivate the Commerce Connector Tracking-System, please use the link: https://www.commerce-connector.com/web/de/policy-cco/
To deactivate, please follow the instructions of the mentioned URL Commerce Connector.
10. Rights of affected persons
You have the right:
• to demand information on the personal data which is process by us in accordance with article 15, EU General Data Protection Regulation (DSGVO). In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned storage period, the right to rectification, deletion, limitation or opposition of processing, the existing right of objection to a supervisory authority if the data was not collected from us, and the existence of automated decision-making including profiling in accordance with article 22, clause 1 and 4 EU General Data Protection Regulation (DS-GVO) and important information regarding logic involved as also the consequences and the intended effects of such processing for the concerned person. You have the right to demand information if your personal data is disclosed to a third country or to an international organization. In this context you can demand to be informed of the suitable guarantees relating to disclosure in accordance with article 46 EU General Data Protection Regulation (DS-GVO);
• to demand the immediate rectification of false or completion of your personal data stored by us in accordance with article 16 EU General Data Protection Regulation (DSGVO);
• in accordance with article EU General Data Protection Regulation (DSGVO) you can demand the deletion of your personal data stored by us for the following reasons:
· the purpose the personal data was collected or otherwise process, is no longer necessary;
· you revoke your consent to processing which is based on article 6, clause 1, littera a or article 9, clause 2 littera a EU General Data Protection Regulation (DS-GVO) and no other legal grounds are given for processing;
· you object to the processing and there are no prior justifiable reasons for the processing in accordance with article 21, clause 1 EU General Data Protection Regulation (DS-GVO) or you object to processing in accordance with article 21, clause 2 EU General Data Protection Regulation (DS-GVO);
· your concerned personal data were processed illegally;
· the deletion of your concerned personal data is necessary to fulfil a legal obligation in accordance with European Union Law or the laws of the Member States to which the responsible party is subjected to;
· your personal data was collected in relation to offered services of an information society in accordance with article 8, clause 1 EU General Data Protection Regulation (DS-GVO).
If the responsible party has released your personal data publicly and is obligated to deletion in accordance with article 17, clause 1 EU General Data Protection Regulation (DS-GVO), the responsible party who processed the personal data, must be informed that you have requested the deletion of any links to such personal data or copies or replications of such personal data, taking due account of the technology available and the costs of implementation and including appropriate technical measures.
The right to deletion is not given so far, the processing is necessary
· to practice the rights of freedom of speech and information;
· to fulfil a legal obligation of processing in accordance with Union Law or the Member States to which the responsible party is subjected to or to complete a task of public interest or which resolves from exercise of official authority which was transferred to the responsible party;
· for reasons of public interest regarding public health in accordance with article 9, clause 2, littera h and i as also article 9, clause 3 EU General Data Protection Regulation (DS-GVO);
· for archival purposes of public interest, for scientific or historical research purposes or for statistical purposes in accordance with article 89, clause 1 EU General Data Protection Regulation (DS-GVO), to the extent that the law referred to in clause 1 is likely to render impossible or seriously prejudice the achievement of the objectives of such processing; or
· to assert, exercise or defend legal claims.
In accordance with article 18 EU General Data Protection Regulation (DSGVO), you can demand restriction of your personal data processing, if
· you deny the accuracy of your personal information for a period of time that enables the responsible party to verify the accuracy of your personal information;
· the processing is illegal and you refuse the deletion of personal data and instead request the restriction of the use of the personal data;
· the responsible party no longer needs personal information for the purposes of processing, but you require thus to assert, exercise or defend legal claims; or
· you objected to the processing in accordance to article 21, clause 1 EU General Data Protection Regulation (DS-GVO) and it is not yet clear whether the legitimate reasons of the responsible party outweigh your reasons.
If the processing of your personal data has been restricted, this data may only be used with your consent- with exception of storage- or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction of the processing as mentioned in the above conditions has been restricted, you will be informed by the responsible party before the restriction is repealed;
• in accordance with article 20 EU General Data Protection Regulation (DSGVO) to obtain your submitted personal data in a structured, common and machine-readable format or to request transmission to another responsible party. In addition, you have the right to transfer this data to another person without hindrance by the responsible party for providing the personal data, provided that
· the processing is related to consent in accordance with article 6, clause 1, littera a EU General Data Protection Regulation (DS-GVO) or article 9, clause 2, littera a EU General Data Protection Regulation (DS-GVO) or is based on a contract in accordance with article 6, clause 1, littera b EU General Data Protection Regulation (DS-GVO), and
· the processing takes place with aid of automated processing.
In exercising this right, you also have the right to obtain that your concerned personal data is transmitted directly from one responsible party to another responsible party, as far as technically feasible. Freedoms and rights of other persons may not be affected hereby.
The right of data portability does not apply to the processing of personal data necessary for the completion of a task of public interest or in the exercise of official authority delegated to the responsible party:
• in accordance with article 7, clause 3 EU General Data Protection Regulation (DSGVO) your once given consent can be objected at any time. As a result, we are not allowed to continue the data processing based on this consent for the future and
• in accordance with article 77 EU General Data Protection Regulation (DSGVO) you can issue complaint to a supervisory authority. Usually you can contact the supervisory authority of your usually place of location or your place of work or thus located in our company site location.
11. Right of objection
If your personal data are based on legitimate interests and processed in accordance with article 6, clause 1, sentence 1 littera f of the EU General Data Protection Regulation (DSGVO), you have the right to file an objection against the processing of your personal data in accordance with article 21 EU General Data Protection Regulation (DSGVO), provided that reasons arise from your particular situation or the objection is directed against direct mailing. In the latter case, you have a general right of objection, which is implemented by us without specifying any particular situation. If you would like to exercise your right of revocation or objection, please send an e-mail to email@example.com.
Of course, you may object at any time to the processing of your personal data for advertising and data analysis purposes. You can inform us in regards to your objection of advertisement at the above-mentioned e-mail address.
12. Data privacy
We use the common SSL-method (Secure Socket Layer) during the site visit, in conjunction with the highest level of encryption, supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we will use a 128-bit v3 technology instead. In the lower status bar of your browser you can see whether a single page of our website is encrypted, shown by the closed icon of a key or lock. We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved along with technological developments.
13. Currency and amendment of this data privacy declaration
This data privacy declaration is currently valid as of May 2018. It may be necessary to amend this data privacy declaration in result to further development of our website and offers hereof or by amended legal resp. official guidelines. The current valid data privacy declaration can be viewed and printed at any time at the website https://www.bike-components.de//en/data-privacy/.