DATENSCHUTZ

Data protection declaration

Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.

Server log files

You can use our websites without submitting personal data.
Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.

Your data may be transferred to third countries outside the European Union for which an adequacy decision has been made by the EU Commission.

Contact

Responsible person

Contact us at any time. The person responsible for data processing is: Shahrokh Shahinfar, Stendaler Str. 44, 40599 Düsseldorf Deutschland, +491605689685, shahinfar@brilhaus.de

Data processing when using the reporting system in accordance with the TCO Regulation (Regulation (EU) 2021/784) and the Digital Services Act (Regulation (EU) 2022/2065)

If you send us information regarding suspected terrorist content or other illegal content by email, contact form or other electronic means of communication provided by us, we will only collect your personal data (email address, name, message text) to the extent provided by you. The data processing serves the purpose of carrying out a reporting procedure in accordance with the aforementioned regulations.

The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR in conjunction with Art. 15 TCO-VO and Art. 6 para. 1 lit. c GDPR in conjunction with Art. 11, 12 and 16 of the Digital Services Act.
Your data will then be deleted in compliance with statutory retention periods.

Proactive contact of the customer by e-mail

If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.

If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.

We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.

Collection and processing when using the contact form

When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.

We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.

Use of WeTransfer

We use the WeTransfer service of WeTransfer B.V. (Willem Fenengastraat 19, 1096 BL Amsterdam, Netherlands; “WeTransfer”) to send files up to 2 GB in size at your request.
The purpose of using this service is to transfer large files in high quality. For this purpose, we pass on your e-mail address and the file to be transferred to WeTransfer. WeTransfer generates a download link that is sent to you and us by e-mail. The data is encrypted during transmission and storage by WeTransfer and can only be accessed via the download link.

Your personal data may be transmitted to WeTransfer servers in the USA and temporarily stored there (partly unencrypted). For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). WeTransfer is not certified under the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, viewable at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data- protection/standard-contractual-clauses-scc_de.
Processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent, insofar as you have expressly consented to the use of WeTransfer.
You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal.
For more information about data protection when using WeTransfer, please visit: https://wetransfer.com/legal/privacy.

Advertising

Use of your personal data for the sending of postal advertising

We will use your personal data (name, address) that we have received in the process of the sale of goods or services to send you postal advertising, unless you have objected to this use. The provision of these data is necessary for conclusion of an agreement. Failure to provide it will prevent the conclusion of any agreement.

The processing will be carried out on the basis of Article 6(1)(f) GDPR for the purposes of our legitimate interest in direct advertising. You can object to this use of your address information at any time by contacting us. You will find the contact details for exercising your right to object in our imprint.

Use of your email address for mailing of direct marketing

We use your email address, which we obtained in the course of selling a good or service, for the electronic transmission of marketing for our own goods or services which are similar to those you have already purchased from us, unless you have objected to this use. You must provide your email address in order to conclude a contract. Failure to provide it will prevent the conclusion of any contract. The processing will be carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in direct marketing. You can object to this use of your email address at any time by contacting us. You will find the contact details for exercising your right to object in our imprint. You can also use the link provided in the marketing email. This will not involve any costs other than transmission costs at basic tariffs.

Use of Brevo (formerly Sendinblue)

We use the service of Sendinblue GmbH (Köpenicker Straße 126, 10179 Berlin; “Brevo”) for the newsletter dispatch within the scope of order processing.
We pass on the information you provide when registering for the newsletter (e-mail address, first and last name, if applicable) to Brevo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.

In order to evaluate newsletter campaigns, the sent e-mail newsletters contain a 1×1 pixel graphic (tracking pixel) and/or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, your personal data such as IP address, browser type and device as well as the time of opening may also be collected. From this data, user profiles can be created under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.

The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information and Brevo’s privacy policy at: https://www.brevo.com/de/legal/privacypolicy/.

Use of Mailchimp

We use the service of Rocket Science Group LLC (675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308, USA; “Mailchimp”) for newsletter dispatch as part of an order processing.
We pass on the information you provide during the newsletter registration (e-mail address, first and last name, if applicable) to Mailchimp. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1×1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
The data processing serves the purpose of sending the newsletter and its statistical evaluation. Your data is usually transmitted to Mailchimp servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Mailchimp has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information and MailChimp’s privacy policy at: https://mailchimp.com/de/legal/data-processing-addendum/ andhttps://www.intuit.com/privacy/statement/.

Use of HubSpot

We use the service of HubSpot Ireland Ltd. (Ground Floor, Two Dockland Central Guild Street, Dublin 1, Ireland; “HubSpot”) for the newsletter dispatch as part of an order processing. HubSpot is an affiliated company of HubSpot, Inc. (25 First Street, Cambridge, MA 02141 USA).
We pass on the information you provide during newsletter registration (e-mail address, first and last name, if applicable) to HubSpot. The data processing serves the purpose of sending the newsletter and its statistical evaluation.

In order to evaluate newsletter campaigns, the newsletters sent contain a 1×1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.

Your data may be transmitted to HubSpot servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). HubSpot has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.

You can find more information and HubSpot’s privacy policy at: https://legal.hubspot.com/de/privacy-policy.

Cookies

Our website does not use cookies. Cookies are small text files stored on your device that are typically used to collect information about your browsing behavior. Since we do not use cookies, no usage data is collected, stored, or processed through cookies.

Plug-ins

Use of Google reCAPTCHA

Our website uses the reCAPTCHA service by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). The request serves to distinguish whether the input was made by a human or automatic machine processing. For this purpose your input will be transmitted to Google and used by them further. In addition, the IP address and any other data required by Google for the reCAPTCHA service will be transferred to Google. This data will be processed by Google within the EU and potentially also in the USA.

For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para.1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR.

You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can find more detailed information on Google reCAPTCHA and the associated data protection declaration at: https://www.google.com/recaptcha/intro/android.html and
https://www.google.com/privacy.

Use of Google invisible reCAPTCHA

Our website uses the invisible reCAPTCHA service by reCAPTCHA der Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Irland; “Google”). This serves to distinguish whether the input was made by a human or automatic machine processing. In the background, Google collects and analyses usage data which is also used by invisible reCaptcha to distinguish between regular users and bots. For this purpose your input will be transmitted to Google and further used there. In addition, the IP address and, where applicable, other data required by Google for the invisible reCAPTCHA service will be transmitted to Google. This data will be processed by Google within the European Union and, where necessary, also in the USA.

For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR.

You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can find more detailed information on Google reCAPTCHA and the associated data privacy policy at: https://www.google.com/recaptcha/intro/android.html
and https://www.google.com/privacy.

Use of GoogleMaps

Our website uses the function for embedding Google Maps by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, “Google”)
This feature visually represents geographical information and interactive maps. Google also collects, processes and uses data on visitors to the website when they call up pages with embedded Google maps.

Your data may also be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. Further information on the data collected and used by Google, your rights and privacy can be found in Google’s privacy policy at https://www.google.com/privacypolicy.html. You also have the option of changing your settings in the data protection centre, allowing you to administer and protect the data processed by Google.

Use of YouTube

Our website uses the function for embedding YouTube videos by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). This feature shows YouTube videos in an iFrame on the website. The option “advanced privacy mode” is enabled here. This prevents YouTube from storing information on visitors to the website. It is only if you watch a video that information is transmitted to and stored by YouTube. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. Further information on the data collected and used by YouTube and Google and your associated rights and options for protecting your privacy can be found in YouTube’s privacy policy (https://www.youtube.com/t/privacy).

Use of the authorized.by Badge

On our website we use the “authorized.by Badge” from Stayble Market GmbH (Theresienstraße 66, 80333 Munich; “Stayble Market”).
The data processing serves the purpose of displaying and confirming to you our status as an authorised partner of the manufacturers whose products we distribute.

To display the badge, it is necessary that your data (e.g. IP address, device type, operating system, browser type) be transmitted to Stayble Market when you access the website.
This data processing is performed on the basis of Article 6(1)(f) of GDPR due to our predominant interest in the optimal marketing of our product and in proving ourselves to be authorised partners of the manufacturers whose products we distribute. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out in accordance with Article 6(1)(f) of GDPR.

More information on data protection at Stayble Market can be found at: https://www.authorized.by/datenschutz/

Use of Google Fonts

We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Google servers is established when the page is accessed. Among other things, your IP address and information about the browser you are using will be processed and transmitted to Google. This data is not linked to your Google account. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq.

Use of Adobe Fonts

We use Adobe Fonts from Adobe Systems Software Ireland Limited (4-6 Riverwalk Citywest Business Campus, Dublin 24, Ireland; “Adobe”) on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Adobe servers is established when the page is accessed. In the process, your IP address and information about the browser and operating system you are using are processed and transmitted to Adobe. Your data may be transmitted to third countries, such as the USA and India. For India, no adequacy decision from the EU Commission is available. For the USA, there is an adequacy decision of the EU Commission, the Trans- Atlantic Data Privacy Framework (TADPF). Adobe has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.adobe.com/de/privacy/policy.html and

at https://www.adobe.com/de/privacy/policies/adobe-fonts.html.

Rights of persons affected and storage duration

Duration of Storage

The data will be stored under consideration of legal retention periods and then deleted after expiration of the period, unless you have not agreed to further processing and use.

Rights of the affected person

If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.

Right to complain to the regulatory authority

You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.

You can lodge a complaint with, among others, the supervisory authority responsible for us, which you may reach at the following contact details:Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
Besuchereingang: Puttkamerstr. 16 – 18 (5. Etage)

10969 Berlin
Tel.: +49 30 138890
Fax: +49 30 2155050
E-Mail: mailbox@datenschutz-berlin.de

Right to object

If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons arising from your particular situation to object at any time to the processing of your data with future effect.
If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.

If personal data is being processed for the purposes of direct advertising, you can object to this at any time by notifying us. If the objection is successful, we will no longer process the personal data for the purposes of direct advertising.

last update: 06.11.2024