Data protection declaration
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of
a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing
procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.
Server log files
You can use our websites without submitting personal data.
Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in
server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of
data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate
interests in ensuring the smooth operation of our website as well as improving our services.
Your data may be transferred to third countries outside the European Union for which an adequacy decision has been made by the EU
Commission.
Contact
Responsible person/Data protection officer
Contact us at any time. The person responsible for data processing is: Martin Bretscher, Greifensteinstraße
17, 91332 Heiligenstadt Deutschland, 09198-7924948, info@soul-guitars.de
You can contact our data protection officers directly at: info@-guitars.de
Proactive contact of the customer by e-mail
If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent
provided by you. The purpose of the data processing is to handle and respond to your contact request.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or
concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our
overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation,
you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article
6(1)(f) GDPR.
We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention
periods, unless you have agreed to further processing and use.
Orders
Collection, processing, and transfer of personal data in orders
When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order
as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the
conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with
you.
Your data is transferred here for example to the shipping companies and dropshipping providers, payment service providers, service providers
for handling the order and IT service providers that you have selected. We will comply strictly with legal requirements in every case. The scope
of data transmission is restricted to a minimum.
Your data may be transferred to third countries outside the European Union for which an adequacy decision has been made by the EU
Commission.
Shipping companies
Forwarding of your email address to shipping companies for information on shipping status
We forward your email address to the shipping company in the course of contractual processing, if you have explicitly agreed to this in the
order process. The forwarding is for the purpose of informing you by email on the shipping status of your order. The processing will be carried
out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us or the transport
company without affecting the legality of the processing carried out with your consent up to the withdrawal.
Cookies
Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their
computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a
characteristic character string which allows the browser to be clearly identified when the website is called up again.
Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings
in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual
case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be
deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9
2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
technically necessary cookies
Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to
make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change
and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to
be recognised again after a page change.
The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TDDDG. Processing is carried out on the basis of
art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and
effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your
personal situation.
Plug-ins
Use of social plug-ins
Our website uses social network plug-ins. The integration of social plug-ins and the data processing associated with this serves the purpose of
optimising the advertising for our products.
The integration of social plug-ins involves a connection between your computer and the servers of the service provider of the social network
which then instructs your web browser to display the plug-in on that web page, provided you have expressly consented to this. In this process,
both your IP address as well as the information on which web pages you have visited will be transmitted to the provider’s servers. This
happens regardless of whether you are registered with or logged into the social network. The information is transferred even if users are not
registered or logged in. Should you be connected simultaneously with one or more of your social network accounts, the collected information
may also be assigned to your corresponding profiles. When using the plug-in functions (e.g. by pressing the appropriate button), this
information will also be assigned to your user account. You can therefore prevent this assignment by logging yourself out before visiting our
website and before activating the button for your social media accounts.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with
Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR.
You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
The following social networks are integrated in our website through social plug-ins. You can find more detailed information on the scope and
purpose of collection and use of the data and your associated rights and options for protecting your privacy in the provider’s privacy policy via
the link.
Instagram by Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy
Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data
protection principles.
Use of social plug-ins via “Shariff”
Our website uses social network plug-ins. We use data protection-compliant “Shariff” buttons to ensure that you retain control over your
data.No connection is made to the social network servers and no data submitted without your explicit consent. “Shariff” was developed by
specialists at the computer magazine c’t. It enables more personal privacy in the network and replaces the usual social network “share”
buttons. You can find more information on the Shariff project here https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit
Datenschutz-2467514.html
.
When you click the buttons a pop-up window appears, allowing you to log on with the relevant provider using your data. It is only after you
actively login that a direct connection to the social network is set up. By logging in, you give your permission for the transfer of your data to the
respective social media provider. At this time, information such as your IP address and which websites you have visited is transmitted. Should
you be connected simultaneously with one or more of your social network accounts, the information collected is also assigned to your
corresponding profiles. Therefore, you can only prevent this assignment by logging yourself out before visiting our website and before
activating the button for your social media accounts. The social networks listed below are integrated with the “Shariff” function. You can find
more detailed information on the scope and purpose of collection and use of the data, your associated rights and options for protecting your
privacy in the provider’s privacy policy via the link.
Instagram by Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388
.
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy
Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data
protection principles.
Use of social plug-ins via the “2-click solution”
Our website uses social network plug-ins via the “2-click solution”. No connection is made to the social network servers and no data submitted
without your explicit consent.Standard integration of plug-ins set up a connection between your computer and the provider’s servers when you
call up pages on our website which contain such a plugin, allowing the plug-in to be shown on the web page by a notice sent to your browser.
Both your IP address and the fact that you have visited our web pages are transmitted to the provider’s servers. This happens regardless of
whether you are registered with or logged into the social network. The information is transferred even if users are not registered or logged in. If
you are also logged into the social network, this information is also assigned to your user profile. When you use plug-in functions (e.g. activate
the button) this information is also assigned to your user account, which you can only prevent by logging out before using the plug-in. To
ensure that you retain control over your data we have decided to initially deactivate the corresponding button. This is shown by the greyed-out
button. No connection is made to the social network servers and no data submitted without your explicit consent – in the form of activation of
the button.Only when you activate the button does it become active (highlighted) and set up a direct connection to the social network’s
servers.By logging in, you give your permission for the transfer of your data to the respective social media provider. At this time, information
such as your IP address and which websites you have visited is transmitted. Should you be connected simultaneously with one or more of
your social network accounts, the information collected is also assigned to your corresponding profiles. Therefore, you can only prevent this
assignment by logging yourself out before visiting our website and before activating the button for your social media accounts.
The social networks listed below are integrated with the “2-click function”. You can find more detailed information on the scope and purpose of
collection and use of the data, your associated rights and options for protecting your privacy in the provider’s privacy policy via the link.
Instagram by Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
http://instagram.com/legal/privacy/
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy
Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data
protection principles.
Use of Wordfence
We use the Wordfence security plugin from Defiant Inc. (00 5th Ave Ste 4100, Seattle, WA 98104, USA “Wordfence”) on our website as part of
order processing. Data processing is used in particular to protect against viruses and malware, to detect and defend against brute force and
DDoS attacks. For this purpose, Wordfence uses cookies to categorise website visitors as questionable or harmless. For this purpose, the IP
address of the website visitor is stored on the Wordfence servers. IP addresses classified as harmless are placed on a whitelist. Dubious IP
addresses, on the other hand, are placed on a blacklist. For this purpose, our website establishes a permanent connection to the Wordfence
servers so that Wordfence can compare its databases with the access requests sent to our website and block them if necessary.
Your data will be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy
Framework (TADPF). Wordfence is not certified under the TADPF. The data transfer takes place, among other things, on the basis of
standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at:
.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 para. 1 sentence 1 of the TDDDG in
conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1
lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the
withdrawal.
You can find more detailed information on Wordfence’s collection and use of data and your associated rights and options for protecting your
privacy in Wordfence’s privacy policy: https://www.wordfence.com/privacy-policy/
and https://www.wordfence.com/help/general-data
protection-regulation/#standard-contractual-clauses
.
Use of YouTube
Our website uses the function for embedding YouTube videos by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland;
“YouTube”). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
This feature shows YouTube videos in an iFrame on the website. The option “advanced privacy mode” is enabled here. This prevents
YouTube from storing information on visitors to the website. It is only if you watch a video that information is transmitted to and stored by
YouTube. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic
Data Privacy Framework (TADPF). YouTube has certified itself in accordance with the TADPF and has thus undertaken to comply with
European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with
Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You
can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
Further information on the data collected and used by YouTube and Google and your associated rights and options for protecting your privacy
can be found in YouTube’s privacy policy (https://www.youtube.com/t/privacy
).
Using Vimeo
Our website uses plug-ins from Vimeo Inc. (555 West 18th Street New York, New York 10011, USA; “Vimeo”) to integrate videos into the
“Vimeo” portal.
If you access pages on our website that contain this kind of plug-in, this will generate a connection to the Vimeo server and indicate the plug
in on the site by means of a message in your browser. Information such as your IP address and which websites you have visited will be
transmitted to the Vimeo server.
If you are logged into Vimeo, Vimeo will assign this information to your personal user account. When using the plug-in functions (e.g. starting a
video by pressing the appropriate button), this information will also be assigned to your Vimeo account.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy
Framework (TADPF). Vimeo has certified itself in accordance with the TADPF and has thus undertaken to comply with European data
protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with
Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You
can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
Further information on the purpose and scope of enquiry and continued use and processing of the data by Vimeo and your associated rights
and options for protecting your privacy can be found in the Vimeo data privacy policy: https://vimeo.com/privacy
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Google
servers is established when the page is accessed. Among other things, your IP address and information about the browser you are using will
be processed and transmitted to Google. This data is not linked to your Google account. Your data may be transmitted to the USA. For the
USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in
accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with
Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You
can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.google.de/intl/de/policies/
https://developers.google.com/fonts/faq
.
Use of Adobe Fonts
and at
We use Adobe Fonts from Adobe Systems Software Ireland Limited (4-6 Riverwalk Citywest Business Campus, Dublin 24, Ireland; “Adobe”)
on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Adobe
servers is established when the page is accessed. In the process, your IP address and information about the browser and operating system
you are using are processed and transmitted to Adobe. Your data may be transmitted to third countries, such as the USA and India. For India,
no adequacy decision from the EU Commission is available. For the USA, there is an adequacy decision of the EU Commission, the Trans
Atlantic Data Privacy Framework (TADPF). Adobe has certified itself in accordance with the TADPF and has thus undertaken to comply with
European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with
Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You
can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.adobe.com/de/privacy/policy.html
and
at https://www.adobe.com/de/privacy/policies/adobe-fonts.html
.
Rights of persons affected and storage duration
Duration of storage
After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the
retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed
to further processing and use.
Rights of the affected person
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion,
restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing
for the purposes of direct marketing, according to art. 21 (1) GDPR.
Right to complain to the regulatory authority
You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed
legally.
You can lodge a complaint with, among others, the supervisory authority responsible for us, which you may reach at the following contact
details:Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Tel.: +49 981 1800930
Fax: +49 981 180093800
E-Mail: poststelle@lda.bayern.de
Right to object
If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons
arising from your particular situation to object at any time to the processing of your data with future effect.
If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the
processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal
claims.
Deutsch
English