By visiting our web pages information about access (date, time, viewed page) can be saved. These data do not belong to the personal data, but are anonymized. They are evaluated for statistical purposes only. A transfer to third parties, for commercial or non-commercial purposes, does not take place.
We expressly point out that the transmission of data on the Internet (for example in the case of communication by e-mail) has security gaps and can not be completely protected against access by third parties.
The use of the contact details of the imprint for commercial advertising is expressly not desired, unless the provider had previously given his written consent or there is already a business relationship. The provider and all persons named on this website hereby object to any commercial use and disclosure of their data.
With the application of the DSGVO 2018 we are obliged to follow the basic regulation published under https://eu-datenschutz.org/ and to inform its users accordingly about the collection and evaluation of data. The lawfulness of the processing is justified in Chapter 2, Article 6 of the GDPR.
Which data is collected and stored?
Where and how is the data stored?
How are the data processed?
Who has access to the data?
To whom are data shared?
How long will personal data be stored?
What rights do you have with respect to personal information?
compulsory registration
Which data is collected and stored?
When a user visits our online offer at www.tschum.de, the IP address, time and duration of the visit, as well as the pages visited, are automatically saved, as well as a session cookie (a small text file) created, and this locally in the browser cache filed by the user.
Thanks to these files, it is possible, for example, to assign a user the corresponding shopping cart. Session cookies are automatically deleted after visiting our website. Nevertheless, you can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, however, we point out that the functionality of this website (for example, for the purpose of logging into the customer menu) can be severely limited.
Further data will be stored by us if you enter it as a visitor to our site yourself, via the contact form, the customer registration, as a guest customer or through a newsletter registration. We also record each registration of registered customers, and subsequent actions such as making changes to the customer account, or requesting a new password. We do not collect any data that is considered sensitive.
Sensitive data can only arise if a user generates it himself in a free-text commentary function, for example a request for product suitability with regard to a physical disability.
Where and how is the data stored?
All our data is in three independent locations.
The most important storage location is our webserver, which we rented from the company UDMedia. Data and emails to and from mailboxes of the www.tschum.de domain are stored and processed in Germany, and treated under German / European law. The transmission is SSL encrypted only. Compliance with the General Data Protection Regulation (DSGVO) by UDMedia is ensured.
A backup copy of the data on the web server is stored locally in our office. The location is only occasionally physically connected to the Internet to perform backups.
Invoices and delivery notes are generated in paper form and stored in our office. These documents contain only the addresses of the customers as well as the information about ordered articles, terms of delivery and dates.
How are the data processed?
The data processing is largely automated on our webserver. The software used comes from the company Gambio GmbH, Parallelweg 30, 28219 Bremen.
We will provide you with a complete list of the software we use at your request.
Who has access to the data?
The data on the webserver can only be viewed by the management. Access to the web server and the databases as well as the backup copies is password protected.
Only the management has access to the office space.
For maintenance work and security-relevant updates to our shop system and to our databases, we temporarily allow Gambio GmbH, Parallelweg 30, 28219 Bremen, to have complete access to all data stored on our webserver. Compliance with the General Data Protection Regulation (DSGVO) by Gambio GmbH is ensured.
To whom are data shared?
Data relevant for shipping will be forwarded to the shipping service provider. We will restrict the transferred data to a minimum. We will only forward your email address and telephone number if this is expressly requested by the customer.
An indication of the disclosure of the shipping-relevant data takes place in the ordering process.
In the course of our legal obligations, we pass on booking data (addresses, articles, prices, shipping conditions, dates etc.) to the responsible tax authority, tax office Detmold, Wotanstraße 8, 32756 Detmold. In this context, we work together with a tax consultancy, which also ensures compliance with the GDPR and far-reaching regulations.
By clicking on the videos hosted by google ("Youtube") on our website, personal information may be collected from these companies. Please inform yourself in the privacy policy of the provider "Youtube".
How long will personal data be stored?
Should our offer be used with guest access, the stored data will be automatically deleted immediately after completion of the order. Only the data necessary for the processing of the order, and for the enforcement of our rights and claims are retained.
Personal data resulting from the creation of a customer account, as well as non-personal / anonymized metadata (statistical data) are stored indefinitely. A deletion takes place when this becomes technically or legally necessary, for example through the implementation of new security standards, or when the storage capacities are exceeded.
Book-entry data stored in paper form will be destroyed within a year of the statutory retention period of 10 years.
What rights do you have in relation to the personal data?
Right to information: At your request, we will inform you of all data stored with us about your person.
Right to erase: At your request, we delete all data stored with us about your person, which we do not legally have to keep (booking data). An exception is data that we need to enforce our rights and claims.
Right of rectification: If your personal data (eg addresses) change, we will correct them at your request.
Right of objection: You can object to the use of your personal data, for example, for sending out newsletters or for sending general information and advertising at any time.
Transmission Law: At your request, we will transfer to you all of the data stored about us, and then delete them.
compulsory registration
We are required to report any unauthorized access to personal user data to the appropriate authority within 72 hours. In severe cases, the affected user must also be informed.
An exception exists if the nature and extent of the unauthorized access does not cause any harm to the user.
Serious cases are not expected because we do not collect and store sensitive data.
As of: 21.03.2018