Please note that this is only a translation from German. The German version is the ONLY contractually binding version!
The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the Basic Data Protection Regulation (DSGVO) and in compliance with the country-specific data protection regulations applicable to Pilotessadesign.com.
Pilotessadesign.com's data protection declaration is based, among other things, on the terms used by the European Directive and Regulation Giver when the Basic Data Protection Regulation (DS-GVO) was adopted. Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. Definitions of the terms used can be found in Art. 4 DSGVO.
Pilotessadesign.com has implemented numerous technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, such as by telephone.
1) Name and address of the responsible person for processing
is responsible within the meaning of the basic data protection regulation, other data protection laws applicable in the member states of the European Union and other regulations of a data protection nature:
Pilotessa Design, K. Wötzel, Klaus-Holighaus-Str. 60, 73230 Kirchheim Teck / Germany E-mail: info (at) pilotessadesign.com.
2) Data processing via the website
This website collects a number of general data and information with every visit. This general data and information is stored in the log files of the server. The (1) browser types and versions, (2) the operating system, (3) the website from which you access our website (so-called referrer), (4) the sub-websites that are accessed on our website, (5) the date and time of an access, (6) an Internet Protocol address (IP address), (7) the Internet service provider and (8) other similar data and information that serve to prevent danger in the event of attacks on our information technology systems.
When using this general data and information, we do not draw any conclusions about the user. Rather, this information is required to (1) deliver the contents of our website correctly, (2) optimize the contents of our website and the advertising for it, (3) ensure the permanent operability of our IT systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack.
This anonymously collected data and information is therefore evaluated statistically and also with the aim of increasing data protection and data security in our company. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned.
3) Subscription to our newsletter
On our website, users are given the opportunity to subscribe to our company newsletter. Which personal data is transmitted to us when ordering the newsletter is determined by the input mask used for this purpose. Pilotessadesign.com informs its customers and business partners at irregular intervals about company offers by means of a newsletter. The newsletter of our company can only be received by the person concerned if (1) the person concerned has a valid e-mail address and (2) the person concerned registers to receive the newsletter.
When registering for the newsletter, we also save the IP address assigned by the Internet Service Provider (ISP) of the computer system used by the person concerned at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a person concerned at a later date and therefore serves as a legal safeguard. The personal data collected during registration for the newsletter is used exclusively for sending our newsletter. In addition,
subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or for registration, as could be the case if there are changes to the newsletter offer or if technical conditions change. The personal data collected within the scope of the newsletter service will not be passed on to third parties. The subscription to our newsletter can be cancelled by the person concerned at any time via the link provided for this purpose. After cancellation, the stored personal data, which were communicated to us for the newsletter dispatch, will be deleted immediately from our newsletter distribution list, unless you have expressly agreed to a further use of your data or we reserve the right to use the data as permitted by law.
If you have provided us with your e-mail address in connection with the purchase of goods or services, we reserve the right to send you regular offers on similar goods or services from our product range by e-mail. In accordance with § 7 paragraph 3 UWG, we do not need to obtain your separate consent for this. In this respect, data processing is carried out solely on the basis of our legitimate interest in personalised direct advertising in accordance with Art. 6 Para. 1 lit. f DSGVO. If you have initially objected to the use of your e-mail address for this purpose, we will not send you an e-mail. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time. After receipt of your objection, the use of your e-mail address for advertising purposes will be discontinued immediately.
4) Cookies (NEWSLETTER)
With the newsletter we inform you about us and our offers.
If you would like to receive the newsletter, we require a valid email address from you as well as information that allows us to verify that you are the owner of the email address provided or that the owner agrees to receive the newsletter. Further data will not be collected. This data is only used for sending the newsletter and will not be passed on to third parties.
When you register for the newsletter, we save your IP address and the date of registration. This storage is only used as proof in the event that a third party misuses an email address and registers to receive the newsletter without the knowledge of the owner.
You can revoke your consent to the storage of the data, the email address and its use for sending the newsletter at any time. The revocation can be made via a link in the newsletters themselves, in your profile area or by sending a message to the contact details above.
5) Integration of third-party services and content
It can happen that within this online offer third party content, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites are integrated. This always presupposes that the providers of these contents (hereinafter referred to as "third party providers") are aware of the IP address of the users. Without the IP address, they would not be able to send the content to the browser of the respective user. The IP address is therefore necessary for the display of this content. We make every effort to use only such content whose respective providers use the IP address only to deliver the content.
However, we have no influence on this if the third-party providers store the IP address for statistical purposes, for example. As far as we are aware of this, we inform the users about it.
6) Cookies (WEBSITE)
In the event that the cookies we use also process personal data, the processing is carried out in accordance with Art. 6 Para. 1 letter b DSGVO either to implement the contract or in accordance with Art. 6 Para. 1 letter f DSGVO to protect our legitimate interests in the best possible functionality and customer friendliness of the website.
You can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.
Our newsletter may contain so-called tracking pixels. A pixel-code is a thumbnail image embedded in e-mails sent in HTML format to enable log file recording and analysis. This enables a statistical evaluation to be carried out for the benefit of online marketing campaigns. By means of the embedded pixel-code we can see if and when an e-mail was opened and which links in the e-mail were called up. Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by us in order to optimise the newsletter dispatch and to adapt the content of future newsletters even better to your interests. This personal data is not passed on to third parties. You can revoke the given declaration of consent at any time. We automatically interpret a cancellation of the receipt of the newsletter as a revocation. After a revocation this personal data will be deleted immediately.
8) How to contact us via the website
On our website we offer a quick way to get in touch with us via a contact form. If you contact us by e-mail or via a contact form, your name and e-mail address will be saved automatically. This personal data is stored for the purpose of processing or contacting you. This personal data will not be passed on to third parties.
9) Data processing within the scope of order processing
To fulfil and process your orders, we work together with various service providers, including transport companies, service providers in connection with payment processing and individual service providers such as printers. Insofar as a transfer of data is necessary in this context, this is done on the basis of the legal permission (Art. 6 para. 1 lit. b DSGVO). Only information that is necessary for the execution of the service will be passed on to these service providers. In addition, Pilotessadesign.com is obliged to maintain confidentiality and to comply with the relevant data protection laws. Data for the processing of payment will be passed on to the assigned credit institution, if this is necessary for the processing of payment. The transmission of data is intended for order processing as well as for identity and credit checks.
The following payment service providers are used for individual payment methods:
We offer payment by credit card and invoice. The payment will be made by Stripe,185 Berry Street, Suite 550, San Francisco, CA 94107, Attention: Stripe Legal For information on data protection, please refer to the data protection declaration of Stripe: https://stripe.com/de/privacy. You can object to the processing of your data at any time by sending a message to Stripe. If this is necessary for the contractual handling of payments, Stripe may still be entitled to process your personal data. The responsibility for data processing and storage within EEA+Switzerland lies with Stripe Payments Europe, LTD, address: 1 Grand Canal Street Lower, Grand Canal Dock, Dublin. For information on data storage, please contact a Stripe representative via e-mail Dpo@stripe.com.
You can object to the processing of your data at any time by sending a message to PayPal. If this is necessary for the contractual payment processing, PayPal may still be entitled to process your personal data.
The transport companies commissioned in connection with the delivery of the ordered goods will receive address data to the extent that this is necessary for the delivery of the goods.
If the goods are delivered by the transport service provider DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany), we only pass on the name and delivery address of the recipient to DHL for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b DSGVO. The passing on is carried out because DHL requires this data for the delivery of goods. Consent may be revoked at any time with future effect vis-à-vis the above-mentioned responsible party or the transport service provider DHL. However, DHL may still process your personal data if this is necessary for delivery in accordance with the contract.
If the goods are delivered by the transport service provider DHL Express (DHL Express Germany GmbH, Heinrich-Brüning-Str. 5, 53113 Bonn), we will pass on the telephone number, name and delivery address of the recipient to DHL Express for the purpose of delivering the goods in accordance with Art. 6 Para. 1 lit. b DSGVO. The transfer is made because DHL Express requires this data for the delivery of goods. Consent can be revoked at any time with future effect vis-à-vis the person responsible as described above or vis-à-vis the transport service provider DHL Express. However, DHL Express may continue to process your personal data if this is necessary for delivery in accordance with the contract.
10) Deletion and blocking of personal data
Personal data is collected by us in accordance with Art. 6 Para. 1 lt. b DSGVO if you provide us with it voluntarily, e.g. as part of registration, an order and the associated order processing. We process and store your personal data only for the period of time required to achieve the purpose of storage or if this is provided for by the European Directive and Regulation Giver or another legislator in laws or regulations to which the person responsible for processing is subject. If the purpose of storage ceases to apply or if a storage period prescribed by the European Directives and Regulations or any other competent legislator expires, the personal data will be blocked or deleted in accordance with the statutory provisions.
11) Rights of the personal data subject
11.1 Right to confirmation and information
European Data Protection Regulation: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=de – Chapter 2 | Article 15
If you have an interest, we will be happy to confirm whether we process personal data from you. In this case, please contact the data protection officer named under point 1. For faster processing, please send us characteristics for identification (name, address, customer number/order number). In your reply you will then receive a list of all the data that we store and for what purpose.
11.2 Right of rectification and deletion
European Data Protection Regulation: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=de – Chapter 2 | Article 16 and 17
If you wish to have your data corrected or deleted, please contact the data protection officer named in point 1. Please note that due to financial regulations, we may only delete order-related data after 10 years.
11.3 Right to limit processing
European Data Protection Regulation: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=de – Chapter 1 | Article 18
Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations, to request the controller to restrict the processing if one of the following conditions is met:
The accuracy of the personal data is contested by the data subject, for a period of time that allows the controller to verify the accuracy of the personal data.
The processing is unlawful, the data subject refuses to have the personal data deleted and instead requests that the use of the personal data be restricted.
The controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to assert, exercise or defend legal claims.
The data subject has lodged an objection to the processing pursuant to Article 21 (1) of the DPA and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.
If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored at Pilotessadesign.com, they can contact the owners at any time.
11.4 Right to data transferability
European Data Protection Regulation: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=de – Chapter 1 | Article 20
Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations, to receive the personal data concerning him/her which have been made available to a controller by the data subject in a structured, common and machine-readable format. He or she also has the right to have this data communicated to another controller without hindrance by the controller to whom the personal data has been made available, provided that the processing is based on the consent pursuant to Article 6 paragraph 1 letter a DPA or Article 9 paragraph 2 letter a DPA or on a contract pursuant to Article 6 paragraph 1 letter b DPA and that the processing is carried out by means of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, when exercising their right to data transfer pursuant to Art. 20 Para. 1 DPA, the data subject has the right to request that personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.
To assert the right to data transfer, the data subject may at any time contact an employee of the controller.
11.5 Right of objection
European Data Protection Regulation: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=de – Chapter 1 | Article 21
Every person concerned by the processing of personal data has the right, granted by the European legislator, to object at any time, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her carried out pursuant to Article 6(1)(e) or (f) of the DPA. This also applies to profiling based on these provisions.
Pilotessadesign.com will no longer process personal data in the event of an objection, unless we can prove compelling reasons for processing that are worthy of protection and outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
Where Pilotessadesign.com processes personal data for the purpose of direct marketing, the data subject shall have the right to object, at any time, to the processing of personal data for the purpose of such marketing. This also applies to profiling, insofar as it is related to such direct marketing.
If the data subject objects to Pilotessadesign.com to the processing for the purposes of direct marketing, Pilotessadesign.com will no longer process the personal data for those purposes.
In addition, the data subject has the right to object, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her that is carried out at Pilotessadesign.com for scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) of the DS-GVO, unless such processing is necessary for the performance of a task carried out in the public interest.
In order to exercise the right to object, the data subject may contact the data controller referred to in point 1. The data subject is also free to exercise his right of objection in relation to the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures involving technical specifications.
11.6 Automated decisions in individual cases including profiling
European Data Protection Regulation: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=de – Chapter 1 | Article 22
The data controller automatically evaluates whether newsletters have been read and which links are interesting or have been clicked on. The data controller uses this information to respond to the individual needs of his customers. This function enables us to send customer-specific reminder e-mails if they were not read the first time.
11.7 Right to revocation of a data protection consent
European Data Protection Regulation: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=de – Chapter 2 | Article 7
If you wish to revoke your consent under data protection law for certain service points, you are welcome to do so with our data protection officer (see point 1).
12) Data protection regulations for the use of Google Fonts
We use Google Fonts on this website. The purpose of the integration is to minimize loading times for the users of this website. To use the fonts, all visitors to our website download them from Google servers. For more information: https://developers.google.com/fonts/faq#what_does_using_the_google_fonts_api_mean_for_the_privacy_of_my_users
15) Legal basis of the processing
Art. 6 I lit. a DS-GVO serves our company as a legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the customer of Pilotessadesign.com is a party, as is the case, for example, with processing operations which are necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations which are necessary to carry out pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation which makes it necessary to process personal data, for example to fulfil tax obligations, processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our showroom were to be injured and his or her name, age, health insurance details or other vital information had to be disclosed to a doctor, hospital or other third party. The processing would then be based on Art. 6 I lit. d DS-GVO.
Ultimately, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or of a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 sentence 2 DS-GVO).
16) Legal or contractual provisions providing the personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing
We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded that a data subject provides us with personal data, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him/her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before the person concerned makes personal data available, the person concerned must contact the owner. The Owner shall inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.
--- last update: 20.02.2020 ---