My Cart

Close

Privacy policy

Privacy policy

1.) Basic information

This privacy policy is intended to inform the users of this website about the type, scope and purpose of the collection and use of personal data by the website operator [North Glow, Mittelweg 144, 20148 Hamburg].

We take your data protection very seriously and treat your personal data confidentially and in accordance with the statutory provisions. As new technologies and the continuous development of this website may result in changes to this privacy policy, we recommend that you read the privacy policy again at regular intervals.

Definitions of the terms used (e.g. "personal data" or "processing") can be found in Art. 4 DSGVO.

2.) Access data

We, the website operator or page provider, collect data on access to the website on the basis of our legitimate interest (see Art. 6 Para. 1 lit. f. DSGVO) and store this data as "server log files" on the website server. The following data are logged in this way:

  • Visited website
  • Time at time of access
  • Amount of the sent data in bytes
  • Source/reference from which you reached the site
  • Used Browser
  • Operating system in use
  • Used IP address

The server log files are stored for a maximum of 7 days and then deleted. The data is stored for security reasons, e.g. to be able to clarify cases of abuse. If data must be kept for reasons of evidence, they are excluded from deletion until the incident has been finally clarified.

3) HOSTING

Hosting by the webshop - service provider Shopify

We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify") for the purpose of hosting and displaying the online shop.

All data collected from the www.northglow.de website is processed on Shopify's servers. Data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc for further processing on behalf of Shopify. In the event that data is transferred to Shopify Inc. in Canada, an adequacy finding by the European Commission will ensure an adequate level of data protection.

For more information about Shopify's privacy policy, please visit the following website: https://www.shopify.de/legal/datenschutz

3.) Range measurement & Cookies

Some cookies are necessary to enable you to surf our website, use its functions and access secure areas. The use of these cookies is essential for the functioning of the website. For example, we use cookies that are entered by the user for the duration of a session in order to track a user's input when filling out forms that span several pages.

These are small text files that are stored on your end device when you visit certain websites. We use a variety of different cookies on the Shopify Web site, including strictly necessary performance, advertising and social media or content cookies. Cookies enhance your browsing experience by enabling the site to remember your actions and preferences (such as login and region selection). This means that you do not have to re-enter this information each time you return to the Site or scroll from one page to another. Cookies also provide information about how people use the site, such as whether it is their first visit or whether they are a frequent visitor.

We also use functional cookies to remember decisions you have made or information you have entered, such as your user name, language, or the region in which you are located. This allows us to tailor your website experience to your preferences. For example, authentication cookies are functional cookies that are used for the duration of a session (or permanently if you agree to the "Remind Me" feature) to allow users to authenticate on subsequent visits or to gain cross-site access to authorized content. The functional cookies we use include

1 ) User-centric security cookies to detect authentication abuse for a limited, persistent period of time, such as repeated failed login attempts. These cookies are set for the specific task of enhancing the security of the service.

2) Session cookies (flash cookies) are used for the duration of a session to store technical data required for the playback of video or audio content (e.g. image quality, network connection speed and buffering parameters).

3) Load balancing session cookies are used for the duration of the session to identify the same server in the pool so that the load balancer can redirect user requests accordingly.

4) Persistent user interface customization cookies are used to store a user's preference for a service on different web pages.

If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings of your web browser.

Insofar as personal data is also processed by individual cookies used by us, processing is carried out in accordance with Art. 6 Para. 1 letter b DSGVO either for the execution of the contract, in accordance with Art. 6 Para. 1 letter a DSGVO in the case of a granted consent or in accordance with Art. 6 Para. 1 letter f DSGVO to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or generally. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for each browser under the following links:

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac

Opera: https://help.opera.com/de/latest/web-preferences/#cookies

Please note that the functionality of our website may be limited if cookies are not accepted.

Advertising cookies are used on our website to tailor marketing to you and your interests and to provide you with an even more personalized service in the future. These cookies remember that you have visited our website and we may share this information with third parties, such as advertisers. Although these cookies can track your device's visits to our website and other websites, they usually cannot identify you personally. Without these cookies, the ads you see may be less relevant and interesting to you. Read more about how companies use cookies to deliver targeted or realigned advertising. We do not set advertising cookies ourselves through our merchants' storefronts, although merchants may do so independently.

Finally, social and content cookies are placed by many social media plugins (e.g., the Facebook "Like" button) and other tools designed to deliver or enhance a site's content (e.g., services that allow video files to be played or comment sections to be created). We integrate these modules into our platform to enhance the browsing experience and interaction with our websites. Please note that some of these third-party services place cookies, which are also used for things like behavioral advertising, analytics and/or market research.

If you do not want cookies to be stored on your end device for range measurement purposes, you can object to the use of these files here:

Common browsers offer the setting option not to allow cookies. Note: It cannot be guaranteed that you will be able to access all functions of this website without restrictions if you make the appropriate settings.

4.) Collection and processing of personal data

The website operator collects, uses and passes on your personal data only if this is permitted by law or if you consent to the collection of data.

Personal data is defined as all information which serves to determine your person and which can be traced back to you - such as your name, e-mail address and telephone number.

You can also visit this website without providing any personal information. However, to improve our online offer, we store (without personal reference) your access data to this website. These access data include, for example, the file you requested or the name of your Internet provider. The anonymisation of the data does not allow any conclusions to be drawn about your person.

5.) Dealing with comments and contributions

If you leave a contribution or comment on this website, your IP address will be saved. This is done on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO and serves the security of us as website operators: if your comment violates applicable law, we can be prosecuted for this, which is why we have an interest in the identity of the author of the comment or contribution.

6.) Google Analytics

On the basis of our legitimate interests, this website uses for the optimization and analysis of our online offer in the sense of Art. 6 Par. 1 lit. f. DSGVO the service "Google Analytics", which is provided by Google Inc (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) is offered. The service (Google Analytics) uses "cookies" - text files which are stored on your end device. The information collected by the cookies is usually sent to a Google server in the USA and stored there.

Google LLC complies with European data protection law and is certified under the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

On this website IP-anonymization is used. The IP address of the users is shortened within the member states of the EU and the European Economic Area and in the other contracting states of the agreement. Only in individual cases is the IP address initially transferred in full to a Google server in the USA and shortened there. Through this shortening, the personal reference of your IP address is no longer necessary. The user's IP address transmitted by the browser is not combined with other data stored by Google.

Within the framework of the agreement on commissioned data, which we as website operator have concluded with Google Inc., the latter uses the information collected to create an evaluation of website use and website activity and provides services associated with Internet use.

The data collected by Google on our behalf is used to evaluate the use of our online offer by individual users, e.g. to generate reports on website activity in order to improve our online offer.

You have the option of preventing the storage of cookies on your device by making appropriate settings in your browser. It cannot be guaranteed that you will be able to access all functions of this website without restrictions if your browser does not allow cookies.

Furthermore, you can use a browser plugin to prevent the information collected by cookies (including your IP address) from being sent to Google Inc. and used by Google Inc. The following link will take you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=de

Alternatively, by clicking on this link (IMPORTANT: insert opt-out link), you prevent Google Analytics from collecting data about you within this website. By clicking on the link above, you download an "opt-out cookie". Your browser must therefore allow the storage of cookies for this purpose. If you delete your cookies regularly, you will need to click on the link again each time you visit this website.

Here you will find further information on the use of data by Google Inc:

7.) Use of social media plugins

On our pages plugins from social media are used (e.g. Facebook, Twitter, Google+, Instagram, Pinterest, XING, LinkedIn, Tumblr).

You can usually recognize the plugins by the respective social media logos. In order to guarantee data protection on our website, we only use these plugins in conjunction with the so-called "Shariff" solution. This application prevents the plugins integrated on our website from transmitting data to the respective provider as soon as you enter the site for the first time.

Only when you activate the respective plugin by clicking the corresponding button, a direct connection to the provider's server is established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged in to your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to our pages to your user account.

The activation of the plugin constitutes consent in the sense of Art. 6 para. 1 lit. a DSGVO. You can revoke this consent at any time with effect for the future.

On our pages plugins are used by social media (e.g. Facebook, Twitter, Google+, Instagram, Pinterest, XING, LinkedIn, Tumblr).

You can usually recognize the plugins by the respective social media logos. In order to guarantee data protection on our website, we only use these plugins in conjunction with the so-called "Shariff" solution. This application prevents the plugins integrated on our website from transmitting data to the respective provider as soon as you enter the site for the first time.

Only when you activate the respective plugin by clicking the corresponding button, a direct connection to the provider's server is established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged in to your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to our pages to your user account.

The activation of the plugin constitutes consent in the sense of Art. 6 para. 1 lit. a DSGVO. You can revoke this consent at any time with effect for the future.

8.) Newsletter subscription

The website operator offers you a newsletter in which he informs you about current events and offers. If you would like to subscribe to the newsletter, you must provide a valid e-mail address. By subscribing to the newsletter, you agree to receive the newsletter and the procedures explained.

The newsletter is sent by the mail order service provider Omnisend, a mailing platform of the provider Omnisend eCommerce Marketing, Verkių g. 25C, Vilnius 08223, Lithuania. Information on the data protection regulations of the mail-order service provider can be found at: https://www.omnisend.com.

Revocation and termination: You can revoke your consent to receive the newsletter at any time and thus cancel the newsletter subscription. After your cancellation your personal data will be deleted. Your consent to receive the newsletter expires at the same time. At the end of each newsletter you will find the link for cancellation.

Basics of GDPR for eCommerce

1. obtain consent: The user must agree to be included in your marketing campaigns.

If the user has agreed to the message and communication channel you are offering, you can continue as before. However, if you do not have their consent, you will not be able to send them any marketing material or advertise for them. If you do not have the visitor's explicit, unambiguous consent to receive this type of marketing message, you cannot send them any messages - or face heavy fines.

Attention! E-mails collected with third party applications or at the checkout of your shop will not contain a consent form in Omnisend, as according to the European GDPR law consent can only be obtained via a third party web form. In general, we cannot confirm that customers have given their consent if they have not been collected by us.

2. ensure adequate protection: you must adequately protect the user's personal data.

If a user consents to the storage and processing of their personal information by you (e.g. through personalized marketing or advertising messages), you are obliged to ensure that this information is adequately protected. When it comes to what exactly "personal data" is, the definition under the GDPR is quite broad: all data that, alone or in combination, can be used to link or refer to a person.

This also includes those of the visitor:

Name

physical address

demographic data (age, location, etc.)

e-mail address

IP address

According to the GDPR, companies should appoint a Data Protection Officer (DPO) who is responsible for ensuring adequate security of personal data.

It simply states that DPOs are required for companies that process large amounts of personal data, so that smaller e-commerce businesses should be off the hook.

However, it is still very important that you have someone in your organisation who is responsible for data protection.

3. delete, correct or restrict data when you are asked to do so If the user asks you to delete, correct or restrict the personal information you have, you must comply quickly.

The last of the 3 essential areas of the GDPR for electronic commerce concerns the requests from users who wish to delete, correct or restrict their personal data.

In essence, the GDPR allows European citizens and residents of Europe more complete control over how their personal data is used.

For this reason, if an EU subscriber or purchaser whose personal data you hold asks you in any way to delete or amend it, you must do so within a reasonable period of time.

If a user asks you to change or delete their personal data, it is best to do so sooner rather than later.

This means that you have nothing to fear for this part of GDPR.

How Omnisend helps retailers to be GDPR compliant

Omnisend ensures that all e-commerce merchants using our marketing automation platform are fully covered. We have done this in 5 important ways:

Easy to export customer profiles

GDPR-eligible consent and renewed consent

Right to be forgotten - complete removal of user data, so that the customer or subscriber cannot be identified in any way This option is available if your customer insists or if you request the removal of your account and data.

GDPR-compliant data protection and cookie guidelines

Given the high fines and other serious consequences, it is very important that e-commerce merchants understand what these rules mean for their business and how to prepare for them.

FREQUENTLY ASKED QUESTIONS

What should I do if my contacts do not have a consent form? European customers must have a consent protocol due to the GDPR law and EU regulations which state that the contact must be enabled to receive emails. You can therefore send messages to these contacts at your own risk. US regulations do not require a legal form of consent, so a simple subscription box at the checkout is sufficient to treat the contact as a legitimate subscriber and no consent protocol is required. However, these contacts must be able to opt out of your marketing campaigns.

9.) Rights of the user

As a user, you have the right to receive free information on request about which personal data about you has been stored. You also have the right to have incorrect data corrected and to have your personal data processed or deleted. If applicable, you can also exercise your right to data portability. If you believe that your data have been processed unlawfully, you can lodge a complaint with the relevant supervisory authority.

Deletion of data

Unless your request conflicts with a legal obligation to retain data (e.g. data retention), you have the right to have your data deleted. Data stored by us will be deleted if they are no longer required for their intended purpose and if there are no statutory retention periods. If deletion cannot be carried out because the data is required for permissible legal purposes, data processing will be restricted. In this case the data will be blocked and not processed for other purposes.

Right of objection

Users of this website may exercise their right to object and object to the processing of their personal data at any time.

If you wish to correct, block, delete or obtain information about the personal data stored about you, or if you have any questions regarding the collection, processing or use of your personal data, or if you wish to revoke consents you have given, please contact the following e-mail address: [contact@northglow.de]

English
English