1. Controller and general principles of data protection
phone/CH: +41 (0)71 508 5779
phone/DE: +49 (0)7141 309 8853 0
represented by its CEO Peter Rohn
commercial registry office: Canton of Thurgau
company identification number (UID) / company number: CHE-228.574.355
as the provider of the web pages that can be visited at “www.blackroll.de” and “www.blackroll.com” (hereinafter referred to as the “Website”) and of the web shop available on the Website (hereinafter referred to as the “Online Shop”) place great emphasis on the protection and security of your personal data.
While collecting, processing and using your personal data, the protection of your privacy and compliance with the data protection rules and regulations is of particular importance to us. Therefore, your personal data is exclusively collected, processed and used in compliance with data protection rules and regulation.
As the controller, it is important to us that you may rely on compliance with data protection rules and regulations at all time when using our Website and the online services. We would like to inform you which personal data will be collected during your visit to our Website and while using our online services and how we process and use this information. The following information is provided for the purpose of keeping you informed. In addition, we would like to inform you which measures we will take to protect your personal data from manipulation, loss, destruction and misuse.
2. Collection and use of your personal data
Personal data consists of details regarding the personal or material circumstances of an identified or identifiable individual. Consequently, your personal data comprises all information that allows your identification, such as your name, address, phone number or your email account. We will only collect, process and use personal data if and to the extent that you have voluntarily shared this information for a specific collection and/or use of data, a legal provision permits the specific data collection and/or use, or if you have granted your prior express consent.
aa) Customer account
We will set up a password-protected direct access to the inventory data (Bestandsdaten) that we have stored on any customer (customer account) who duly registers. This is where you can look up data on your completed, pending and shipped orders and edit your address data and newsletter settings. You agree to keep your personal login data strictly confidential and not to allow access by any unauthorized third party. We cannot accept any liability for passwords that were misused, unless we were responsible for the misuse.
The feature “angemeldet bleiben/remember me” [VP1] is intended to make your user experience as pleasant as possible. This feature allows you to use our services without having to log in each time. However, for safety reasons you will be requested to re-enter your password, e.g., when you modify your personal data or if you wish to place a purchase order. We suggest not activating this feature, if your computer is used by several users. Please note that the feature “angemeldet bleiben/remember me” will not be available, if you use settings that automatically delete the stored cookies at the end of each session.
bb) Collection, processing and use of your personal data
Data protection is very important to us. For this reason, we strictly comply with the statutory data protection rules and regulations during the collection, processing and use of your personal data.
In our Online Shop, we collect, store and process your data for the entire purchase transaction, including subsequent warranty claims, if any, and the corresponding services, technical administration and, to the extent permissible by virtue of law or a separate consent, for our own marketing purposes. Your personal data will only be provided or transmitted to third parties if required for processing the purchase transaction or for settlement or if you have granted your express prior consent. For example, in the course of the purchase transaction the service providers retained by us (such as carriers, logistics companies, banks) will be provided with the necessary information for processing the purchase order and handling the purchase transaction. The information disclosed for this purpose may only be used by our service providers to complete the tasks assigned to them. Any other use of this information is not permissible and will not occur at any of the service providers retained by us.
Together with your purchase order we need your accurate name, address and payment details. We need your email account to be able to confirm receipt of your purchase order and for communication with you. We will also use it for identifying you (customer log-in). Furthermore, you will receive our order and shipping confirmation by email.
Your personal data will be deleted when this data is no longer required for the purpose for which it had been stored, unless statutory retention duties provide otherwise, or if its storage is not permissible for other statutory reasons. In these events, you may assert your claim to deletion of personal data.
cc) Collection of claims / payment processing
We use the following payment service providers for payment processing:
Your payment details will be transferred to the corresponding payment service provider for the purpose of payment processing.
Please note that the privacy and/or security policy of the corresponding payment service provider will apply:
If you contact us by email, the collection, processing and use of your contact data that you shared voluntarily (e.g., name, email account) will only occur for a certain purpose, either for receiving and, if applicable, for answering your inquiry (inquiries) and for technical administration.
If you use the feature for contacting the advertiser directly, the collection, processing and use of your contact data that you shared voluntarily (e.g., name, email account) will also only occur for a certain purpose, for transmitting your inquiry (inquiries) to the designated recipient and for technical administration. The same applies to the reply to such inquiries by the advertiser. [VP2]
Since the communication by email and using the contact feature will not occur via a secured data link, please do not send confidential information such as bank or credit card data, etc.
We will electronically collect and process your application data for the purpose of processing job applications. In the event an employment contract is entered as a consequence of your application, the data you shared may be stored in your personnel file for the purpose of the regular organizational and administration process, provided, however that the applicable statutory provisions are complied with.
In the event your application is rejected, the data you shared will be automatically deleted within two (2) months from the notice of rejection. This shall not apply, if due to the statutory requirements (e.g., burden of proof in accordance with the General Equal Treatment Act) an extended storage period is required or if you have granted your express consent to a longer storage in our job candidate database.
Furthermore, we will also use your data to communicate with you, subject to the following paragraphs, about products, services and/or marketing campaigns and to suggest products or services that may be of interest to you.
You may object to the use of your personal data for marketing purposes at any time without incurring any other than the transmission charges included in the basic telecommunication rates. Likewise, you have the right to revoke any consent that you may have granted separately. A written notice (e.g., email, letter) to the contact indicated in Art. 8 is sufficient.
The newsletter is mailed using the so-called double opt-in procedure, i.e., we will not send you a newsletter by email, unless you have expressly confirmed that you wish us to activate the newsletter service. We will then send you an email confirmation and ask you to confirm by clicking on the link contained in that email that you wish to receive our newsletter. Upon completion of this separate double opt-in procedure, you have granted your consent to receiving the newsletter.
In the event the newsletter is subscribed to from within a user account, we may omit the renewed double opt-in, since your email account was verified by a confirmation link during the activation of your customer account. In this case, a simple opt-in (by clicking a check box) in the customer account is sufficient.
In the event you should decide at a later date that you do not wish to receive our newsletter any more, you may revoke your consent at any time without incurring any other expenses than the transmission charges included in the basic telecommunication rates. A notice in text form (e.g., email, letter) to the contact indicated in Art. 1 is sufficient. Of course, you will find an unsubscribe link in every newsletter.
The newsletter is mailed using “MailChimp”, a newsletter mailing platform operated by the U.S. provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, U.S. In this context, data will be processed on our behalf subject to a data processing agreement that we have concluded with MailChimp. In that agreement, MailChimp agrees to protect the data of our users, to process it only on our behalf and, in particular, not to disclose it to any third party
The email accounts of our newsletter recipients and any other data referred to in this notice will be stored on the U.S. based servers of MailChimp. MailChimp will use this information for mailing and analyzing the newsletter on our behalf. Furthermore, according to MailChimp, it may use this data to optimize or improve its own services, e.g., for technical optimization of bulk mailings, the appearance of the newsletter or for economic purposes in order to determine in which countries the recipients are based. However, MailChimp will neither use the data of our newsletter recipients to contact them on its own behalf nor disclose this data to third parties.
We trust in the reliability, IT and data security of MailChimp. MailChimp has been certified in accordance with the U.S.-EU data protection treaty “Privacy Shield” and, thus, undertakes to comply with the EU data protection requirements.
We would like to draw your attention to the fact that following the mailing of the newsletter your user behavior regarding our newsletter will be analyzed on our behalf. This analysis is based on so-called web beacons, also known as tracking pixels, that are included in the email messages. These are one-pixel image files that are linked with our website and, thus, allow us to analyze your user behavior in connection with our newsletter. This is achieved by collecting technical information, e.g., on your browser, your system, your IP address and the time of download as well as web beacons that are matched with your email account and assigned their own ID.
Tracking using web beacons is not possible, if you have deactivated the display of images by default in your email browser. However, in that case, the newsletter will not be fully displayed and you may not be able to use all of the features. If you manually download the images, this will enable the tracking described above.
bb) Market and consumer research:
In addition, we will use your data for market and consumer research. It goes without saying that we will use this data exclusively in an anonymized manner for our own statistic purposes. Answers that you give in inquiries will neither be disclosed to third parties nor published. When you respond to inquiries, we will not store your answers together with your email account or other personal data.
The personal data collected for the purposes described above will only be used for their intended purposes or to the extent required for safeguarding the legitimate interests of BLACKROLL.
Your personal data will be communicated to third parties, if and to the extent required for the intended use. In all other cases, your personal data will not be disclosed to third parties without your prior consent, unless we are obligated to do so in accordance with a court or official order.
3. Server log files
When you visit our Website and use our online services, the following information will be transmitted regarding your browser and temporarily stored in log file:
Storage of this information in so-called server log files is required for technical reasons and for ensuring the system security. This data will be anonymized and analyzed exclusively for statistical purposes and for improving the quality of our Website. Neither we nor any third party retained by us will attempt to identify individuals using this data. Likewise, we will not create personal user profiles based on this data.
When you visit our Website and our Online Shop, we may store information in the form of a cookie or using a technology comparable with cookies on the computer or mobile device that you use (hereinafter collectively referred to as: “Cookies”)
Accepting these Cookies is not a prerequisite for visiting our Website or using the Online Shop. However, please note that some features are only usable if you allow us to place Cookies on your computer or device.
Cookies are small files that are stored on your data medium and that store certain settings and data for data exchange with our system via your browser. Generally, there are two different kind of Cookies: the so-called session cookies that are deleted as soon as you close your browser and temporary and/or permanent cookies that are stored on your data medium for an extended or indefinite period. Storing Cookies on your computer enables us to design our Website and Online Shop and the services offered through these channels in a useful way and to make our offers more accessible to you.
The Cookies used by us do not store any personal data. The Cookies we use may not be attributed to a certain individual, and, thus, they do not identify you. When a Cookie is activated, it is assigned an identification code. We do not match your personal data with other information. Based on the Cookie technology, we will, at the most, receive pseudonymized information, for example, which of our pages were visited and which of the offered services were used.
If you do not wish us to recognize the computer or mobile device that you operate, you can prevent the storing of Cookies on your data medium by selecting “do not accept Cookies” in your browser settings. For further details please refer to the user manual provided by the producer of your browser. In addition, you can deactivate all Cookies or any other types of tracking (e.g., tracking pixels) using free browser add-ons, e.g., “Adblock Plus” (https://adblockplus.org/de/) in combination with the “EasyPrivacy” list (https://easylist.to/). If you do not accept Cookies, this may result in a limited usability of our offers.
5. Web analysis tools / Google Analytics
In order to continuously improve and optimize our offer we use so-called tracking technologies. In connection herewith, we use the services of Google Analytics.
Google Analytics is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S. ("Google"). Google Analytics uses "Cookies", i.e., text files that are stored on your computer and that allow us to analyze your use of our offer. The Cookie collects information on the use of our Website (including your IP address), sends them to Google and Google stores them. Note: In our Website, we have amended Google Analytics by the code string “gat._anonymizeIp();”, in order to ensure the anonymized collection of IP addresses (so-called IP masking). This means, we have ensured that only a shortened version of your IP address can be read by Google, which ensures that your IP address is anonymized and no conclusions regarding your identity can be drawn. To this end, your IP address will be shortened by Google within any of the member states of the European Union or in any other countries which are contracting parties to the Agreement on the European Economic Area prior to transfer to the United States. Only in exceptional cases, the full IP address will be transferred to a Google server within the U.S. and shortened afterwards. Google has obtained a Privacy Shield Certification and agreed to compliance with the Privacy Shield Treaty between the EU and the U.S. on the collection, use and storage of personal data from EU member states, as published by the U.S. Department of Commerce. Google will use the information mentioned above to analyze your use of our website in order to create website activity reports for us and to provide additional services to us in connection with the use of websites and the Internet. Google will not combine the IP address forwarded by your browser as part of the Google Analytics activities with other data. Any transfer of this data by Google to third parties will only occur in accordance with statutory provisions or in the course of commissioned data processing.
You can prevent the storing of Cookies by making the appropriate settings in your browser software. However, please note, that in this case you may not be able to use the full functionality of our Website. In addition, you can prevent the collection of data generated by the Cookie and related to your use of this Website (incl. your IP address) by Google and the processing of this data by Google, by downloading and installing the browser plug-in available from the following link: http://tools.google.com/dlpage/gaoptout?hl=de
For detailed information on Google Analytics and data privacy please refer to https://support.google.com/analytics/answer/6004245?hl=de.
In our Website and Online Shop we use retargeting/remarketing technologies to optimize our offer.
In this Website, we use the remarketing or “Similar audiences” feature of AdWords offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.
Google has obtained a Privacy Shield Certification and agreed to compliance with the Privacy Shield Treaty between the EU and the U.S. on the collection, use and storage of personal data from EU member states, as published by the U.S. Department of Commerce. Google will use this information to analyze your use of the Website, to create website activity reports for the website operators and to provide additional services in connection with the use of the Website and the Internet. Furthermore, Google may transfer this information to third parties, if it is required to do so in accordance with statutory provisions or if third parties process data on behalf of Google.
Third party providers, including Google, place advertisements on websites on the Internet. Third party providers, including Google, use stored Cookies/tracking information to place advertisements based on previous visits of a user on this Website.
You may object to data collection and storage for the purpose of remarketing at any time - this objection will be effective for the future, but not retroactively - by deactivating interest-based advertising in Google or by deactivating the services on the website of the Network Advertising Initiative. Note: in that case, you may not be able to use all features of this Website anymore. By using this Website, you grant your consent to the processing of data collected about you by Google in the manner and for the purpose described above.
Furthermore, this Website uses retargeting tags and Custom Audience of Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304 U.S., hereinafter referred to as “Facebook”.
When you visit our web pages, remarketing tags will build a direct connection between your browser and the Facebook server. This way, Facebook learns that you have visited our web page with your IP address. This will enable Facebook to match your visit of our pages with your user account. The information obtained this way can be used to display Facebook ads. Please note that we as the provider of the web pages do not receive any information on the contents of data transferred and their use by Facebook.
In addition, you can also deactivate Google remarketing, retargeting tags and Facebook Custom Audience as well as any cookies or other types of tracking (e.g., tracking pixels) using free browser add-ons, such as “Adblock Plus” (https://adblockplus.org/de/) in combination with the “EasyPrivacy” list (https://easylist.to/).
We take technical and organizational precautions to protect your personal data against coincidental or willful manipulation, loss, destruction or access of unauthorized parties. Our data processing and safety measures will be continuously improved based on the state of the art.
We transfer personal data that you share during the registration process safely by using encryption. This applies to the registration as well as to the customer log-in. To this end, we use the SSL (Secure Socket Layer) coding system. While it is impossible to guarantee full security, we protect our Website and other systems by technical and organizational measures against the loss, destruction, access, modification and dissemination of your data by unauthorized parties.
Please note that we are unable to guarantee, in particular, with regard to communication via the contact feature and email, absolute data security. In particular, when confidential data is concerned, we recommend using a safe communication channel, e.g., postal mail.
Our employees are bound to compliance with data secrecy rules and regulations.
Your personal data will be deleted when this data is no longer required for the purpose for which it had been stored, unless statutory retention duties provide otherwise, or if its storage is not permissible for other statutory reasons. In these events, you may assert your claim to deletion of personal data. Instead of deleting data it can also be blocked, if the deletion conflicts with statutory or contractual retention periods, if there is reason to believe interests that objectively warrant protection would be adversely affected by the deletion, or if due to the particular type of storage the deletion is not possible or only with a disproportionate amount of effort.
9. Your rights
If you should have any questions on the collection, processing and/or use of your personal data by us, we will be glad to provide you with information on the data stored about you - at any time, free of charge and promptly. Please contact us if you wish your data to be corrected, blocked or deleted or if you should have any complaints, inquiries or general questions on the topic of data protection. Please address your letter to Blackroll AG, Hauptstrasse 17, CH-8598 Bottighofen, Switzerland, or send an email to the following account: firstname.lastname@example.org.
Last revised: March 2017