Your cart
Close Alternative Icon

Privacy Notice

Thank you for visiting our website and your interest in data protection. Please read the following information to learn when we collect which personal data and how we use such data.

Responsible Entity (Controller)

The responsible entity (controller) according to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is

Colours of a Kind GmbH
c/o Design Offices
Luise-Ullrich-Strasse 14
80636 Munich
Germany

Phone: +49 151 25 38 42 34

Email: info@coloursofakind.de

Managing Director: Christiane Wacker

Collection, Processing and Use of Personal Data
The legal bases of the collection, storage and processing of personal data can be found in particular in the General Data Protection Regulation (GDPR), in the German Telemedia Act (TMG) and in the Federal Data Protection Act (BDSG).

Personal data is information relating to an identified or identifiable natural person (Art. 4 no. 1 GDPR). This includes in particular names, address data, telephone numbers or email addresses. However, information on preferences, memberships or e.g. previously visited websites may also constitute personal data.

Contact

If you contact us (e.g. via email or our contact form), the data transmitted by you will be stored for the purpose of processing your enquiry as well as for possible processing of subsequent questions. Legal basis for the processing is the necessity to perform pre-contractual measures according to Art. 6 para. 1 lit. b GDPR. We will delete the data accruing in this connection after storage is no longer necessary or we restrict the processing if there are statutory retention obligations.

Use of the Online Shop

If you would like to order any of our products via our webshop, your personal data such as name, address, email address and, if necessary, payment details are required for the conclusion of the contract. We need this information for the processing of your order. Information required for the execution of the contracts are marked separately, other details are voluntary. If necessary, payment details will be forwarded to the respective bank or payment service provider. The legal basis of the processing is Art. 6 para. 1 lit. b DSGVO.

You can place an order in our online shop as a guest. Alternatively, you can create a customer account where your data and orders are stored to facilitate future purchases. When registering the customer account, the data you provide will be revocably stored.

Due to commercial and tax laws, we are required to keep your address, payment and order information for a period of ten years. However, after two years we are restricting processing. From this point on, only the data that is required to fulfil our commercial and tax obligations will be kept.

To prevent unauthorised access by third parties to your personal data, in particular, payment data, the ordering process is encrypted.

Disclosure to Third Parties

We disclose your personal data to third parties insofar as this is required to fulfil contracts or to process payments. Legal basis for the disclosure is the necessity to fulfil a contract according to Art. 6 para. 1 lit. b GDPR. Disclosure of personal data to third parties for marketing or advertising purposes will not be made without your express consent.

Newsletter

Our newsletter regularly informs you about us and our latest offers.

If you subscribe to our newsletter, we need a valid email address. After entering your email address and confirming the consent wording, you will receive an automated email in which you once again confirm your consent by clicking a link (double opt-in). As proof of your consent, we store your email address, the consent wording, the confirmation email as well as the respective IP addresses, time and date of the registration and confirmation. Legal basis for the processing is your consent according to Art. 6 para. 1 lit. a GDPR.

Our newsletters are sent through the newsletter service provider “MailChimp” of the US-American provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. MailChimp stores the email addresses of our newsletter subscribers as well as other data described in the following, if any, on servers in the USA. The data is used by MailChimp for sending the newsletter as well as for statistical analysis on our behalf as well as for optimisation of their own services. However, MailChimp does not pass on the data of our newsletter subscribers to third parties and does not use them for contacting the subscribers itself.

As far as we know, MailChimp fulfils the applicable standards for IT and data security and has been certified under the US-EU data protection agreement “Privacy Shield”. Thus, MailChimp has committed to adhering to the EU data protection requirements.

Furthermore, we concluded a so-called “data processing agreement with MailChimp according to which MailChimp commits itself to protect the data of our newsletter subscribers, process it according to its data protection regulations on our behalf and to not pass it on to third parties. You can view the data protection regulations of MailChimp here.

Our newsletters contain a so-called “web beacon”. This is a small file which is retrieved from the MailChimp servers when our newsletter is opened. On this occasion, both technical information (e.g. about your browser and the time of your retrieval) as well as your IP address are collected and stored. This data is used by MailChimp for statistical analysis as well as the improvement of its own services. Additionally, MailChimp can analyse the reading habits of the newsletter subscribers, in particular if and when our newsletters are being read and which links are being clicked. This analysis also serves the purpose of tailoring the newsletter offer as exactly as possible to the interests of the subscribers. Legal basis for the processing is Art. 6 para. 1 lit. f GDPR.

You can revoke your consent to the storage of such data as well as the use of your email address for sending the newsletter at any time. The revocation can be made via a link in the newsletters or via notification to us by email. At the same time, this cancels your consent to receiving the newsletter through MailChimp and the statistical analysis of the data by MailChimp. A separate revocation of the consent to receiving the newsletter and the statistical analysis is not possible.

Server Log Files

Each time when our website is opened by a user, our hosting provider will store information in a log file. These log files contain information about retrieved data, status codes, time stamps and system information. The data is non-personal, it allows no conclusions to the specific person.

Apart from that, log files also store IP addresses. We cannot readily attribute these to a certain person.

If you would like to view our website, we collect the aforementioned data which is technically required for us in order to show you our website and to guarantee stability and safety. Legal basis for the processing is the necessity to safeguard our justified interests according to Art. 6 para. 1 lit. f GDPR.

Use of Cookies

Our website uses so-called cookies. These are small files that are downloaded to your access device (computer, smartphone, tablet, etc.) and stored by your browser. They serve to increase user-friendliness, effectiveness and security of our website. In addition, cookies can be used to collect statistical data on the use of the website and to analyse our online services. Cookies do not contain viruses and do not harm your access device.

You can block the storage of cookies in your browser. Most web browsers allow some control over most cookies through browser settings. For more information about blocking cookies, visit http://www.allaboutCookies.org. However, please be aware that certain features of our website may not be available to you after the blocking has been completed.

In order to clear / disable all cookies stored on your computer, most browsers offer you the option of completely blocking the use of cookies or deleting cookies generated by specific domains / websites. You will find a corresponding manual on the help page of your browser.

Web Analysis with Google (Universal) Analytics

Our website uses Google (Universal) Analytics, a web analysis service of Google Inc. (www.google.de). Google (Universal) Analytics uses methods which enable an analysis of how you use the website, such as so-called “cookies”, text files that are stored on your computer. The information generated about your use of this website will as a rule be transferred to a server of Google in the USA and stored there. By activating the IP anonymisation on this website, the IP address will be shortened prior to the transmission within the Member States of the European Union or within other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a server of Google in the USA and shortened there. The anonymised IP address transmitted by your browser within the framework of Google Analytics will not be combined by Google with other data.

We use Google Analytics in order to analyse and be able to regularly improve the use of our website. Through the statistics gained we can improve our offer and make it more interesting for you as the user. For the exceptional cases in which personal data will be transferred to the USA, Google subjected itself to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

You can prevent the capture of the data generated by the cookie and relating to your use of the website (incl. your IP address) as well as the processing of such data by Google if you download and install the browser plug-in available from the following link: http://tools.google.com/dlpage/gaoptout?hl=de

As an alternative to the browser plug-in, you can click this link in order to prevent Google Analytics from collecting your data on this website in the future. When you do this, an opt-out cookie will be stored on your device. If you delete your cookies, you need to click the link again. Legal basis for the processing is your consent (Art. 6 para. 1 lit. a GDPR). 

Social Media Plugins
We integrated so-called social network plugins on some of our sites. The plugin establishes a direct connection between your browser and the server of the respective social network as soon as you visit our website and activate the respective social network button. As a result, the operator of the network obtains the information that you have visited our site with your IP address. The data transfer takes place regardless of whether you have an account with the respective network and are logged in there. If you are logged in to the network, your data collected from us will be assigned directly to your user account stored there. If you press the button and for example, if you link the page, the network will also store this information in your user account and publicly share it with your contacts. We recommend that you log out regularly after using social networks.

Through the plugins we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plugins is your consent (Art. 6 para. 1 lit. a GDPR). 

We have no influence on the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purpose of processing or the retention periods. We have no information about the deletion of the collected data by the respective network. Further information can be found in the privacy policy of the respective network.

Links to Other Websites

Our online offer may contain links to other websites. We have no influence on the operators of those websites adhering to the data protection regulations.

Your Rights

You have the following rights with respect to the personal data concerning you:

  • right of access,
  • right to rectification or erasure,
  • right to restriction of processing,
  • right of objection against processing,
  • right to data portability.

Moreover, you have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

as of: 1 July 2019