Privacy Statement

We manage our web sites in accordance with the principles set out below:

We undertake to comply with statutory data protection regulations and endeavour always to take into account the principles of data avoidance and data minimisation.

1. Name and address of the controller

The controller, within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States, as well as other statutory data protection regulations, is:

Begadi GmbH
CEOs: Benjamin und Gabriel Digeser
Dietinger Strasse 23
78661 Dietingen - Böhringen

Telephone: +49 (0) 7404 - 92001 - 10
Mobile: +49 (0) 7404 - 92001 - 12
E-mail: info@begadi.com
Web: www.begadi.com


2. Definitions

We have designed our Privacy Statement in accordance with the principles of clarity and transparency. However, should there be any ambiguity regarding the use of various terms, the corresponding definitions can be found here.


3. Legal basis for processing personal data

We process your personal data - such as your last name, first name, e-mail address, IP address, etc. - only if there is a legal basis for doing so. Three specific rules come into consideration here, in accordance with the General Data Protection Regulation (GDPR):

a) You have given us your consent to the processing of your personal data for one or more purposes. See Art. 6 (1) (1) (a) GDPR. In this context, we will inform you in detail of the purposes of the processing and document your express consent.

b) Processing of your personal data is necessary for the performance of a contract or to take steps prior to entering into a contract with you. See Art. 6 (1) (1) (b) GDPR.

c) Processing of the personal data is necessary to protect our legitimate interests, except where such interests are overridden by your own or by your fundamental rights and freedoms. See Art 6 (1) (1) (f) GDPR.

However, we will always inform you at the appropriate points of the legal basis on which your personal data is being processed.


4. Transfer of personal data

Your personal data will not be transferred to third parties for purposes other than those referenced below. We will only transfer your personal data to third parties if:

a) You have given your express consent in accordance with Art. 6 (1) (1) (a) GDPR,

b) The transfer is necessary in accordance with Art. 6 (1) (1) (f) GDPR for the purpose of asserting, exercising or defending legal claims, and there is no reason to assume that you have an overriding interest worthy of protection in your data not being transferred.

c) There is a legal obligation to transfer the data in accordance with Art. 6 (1) (1) (c) GDPR, and

d) this is legally permissible and necessary for managing contractual relationships with you, in accordance with Art. 6 (1) (1) (b) GDPR.

5. Storage period and erasure

We store all personal data which you provide to us only for as long as they are required for the purposes for which they were transferred to us, or for as long as required by law. Once the purpose has been achieved, or upon expiry of the statutory storage periods, we will erase or restrict the data.

6. SSL encryption

This site uses SSL encryption for security reasons and to safeguard the transfer of confidential content, such as any requests you send to us as the operators of the site. An encrypted connection may be identified by the change in the address from “http://” to “https://” and by the padlock symbol in your browser’s address bar.
With SSL encryption activated, the data which you transfer to us cannot be read by third parties.

7. Collection and storage of personal data, their type and intended purpose

a) When visiting the website

When you access our website, information is automatically sent to our web server by the browser being used on your client device. This information is stored temporarily in what is known as a log file. The following information is recorded without any action on your part and stored until it is automatically erased:

  • The IP address of the computer making the request,
  • The date and time of access,
  • The name and URL of the requested file,
  • The website from which the site is accessed (referrer URL),
  • the browser used and, if applicable, your computer’s operating system and the name of your access provider.

The above-referenced data are processed by us for the following purposes:

  • To ensure a smooth connection to the website,
  • To ensure that our website is convenient to use,
  • Evaluation of system security and stability, and
  • other administrative purposes.

Data which permit your identification as a person, such as the IP address, will be deleted after 7 days at the latest. Any data stored by us beyond this period will be pseudonymised, so that they can no longer be associated with you.

The legal basis for the data processing is Art. 6 (1) (1) (f) GDPR. Our legitimate interest derives from the data collection purposes referenced above. Under no circumstances do we use the data collected for the purpose of identifying you as a person.

b) Contractual relationship

aa) Formation of contract

In establishing the contractual relationship, and pursuant to Art. 6 (?) (1) (b) GDPR, the only mandatory data (indicated by an asterisk) is that personal data which is essential for the performance of the contract.
Any additional data you may choose to provide will only be processed on the basis of the consent you have given in accordance with Art. 6 (?) (1) (a) GDPR2. We use this optional data for the purpose of providing (and continuously improving) a customer-friendly service.
For the purpose of dispatching goods, we pass on the necessary data (name, address, e-mail address, telephone number, where these are required for shipping) to the appropriate shipping provider for notification/coordination of shipping and delivery of the goods.

bb) Customer account

You have the option of creating a customer account with us. For this purpose, in addition to your personal data for performance of the contract, we will also store and process any additional data you may choose to provide, as well as data on any previous purchases you have made from us. You may access this data at any time and thus obtain an overview of the purchases you have made from us. These data enable you to log in simply by using your login details when making your next purchase. They are also intended to help you manage your purchasing activities.

The legal basis derives from the consent given by you, in accordance with Art. 6 (1) (1) (a) GDPR.

You may amend or delete the data in your customer account at any time, or delete your account altogether. If you make use of this functionality, your customer account and all the data contained within it will be deleted immediately.

cc) Forwarding of data for dispatch purposes

For the purpose of dispatching goods, we pass on the necessary data (name, address, e-mail address, telephone number, where these are required for shipping) to the appropriate shipping provider for notification/coordination of shipping and delivery of the goods.
The legal basis for the transfer derives from Art. 6 (?) (1) (b) GDPR.

dd) Transfer of data when using online payment service providers

If, in the course of the order process, you opt for payment via one of the online service providers we offer,
your contact data will be transferred to that service provider in connection with the order in question.

Personal data transferred to the online payment service provider usually include first name, last name, address, telephone number, IP address, e-mail address, or other data required for order processing, as well as data relating to the order, such as the number of articles, part numbers, invoice amount, taxes as percentages, invoice information, etc.

This transfer is required to process your order using the payment method you selected, and in particular to confirm your identity and administer your payment, and for purposes of customer relations.

Please note, however: Personal data may also be passed on by the online payment service provider to other service providers, subcontractors or affiliated companies, where this is necessary to fulfil the contractual obligations arising from your order, or where the personal data are to be processed on its behalf.

Depending on the payment method selected via PayPal - for example, invoice or direct debit - the personal data transferred to PayPal are passed on by PayPal to credit agencies. These data are used to verify your identity and check your credit with regard to the order you have placed. You can find out which credit agencies are involved, and what data are generally collected, processed, stored and transferred by the provider in question in the respective providers’ privacy statements:

PayPal

PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Sofort Überweisung

SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany

If you have further questions regarding the use of your personal data, you can contact Sofort Überweisung by e-Mail (datenschutz@sofort.com) or in writing (SOFORT GmbH, Datenschutz, Theresienhöhe 12, 80339 Munich).

Klarna

Klarna AB, head office at Sveavägen 46, 111 34 Stockholm, Sweden You can also obtain further information on data protection directly from Klarna at: Datenschutzerklärung der Klarna AB
You can obtain information about the personal data stored by Klarna at any time by contacting Datenschutz@klarna.de.

Klarna examines and evaluates your data and maintains a legitimate interest and cause a data exchange with other companies and credit reference agencies. Your personal information will be treated in accordance with the applicable data protection regulations and in accordance with the information in Klarnas data protection regulations for Germany / Austria.

Further information on data protection can be obtained from Klarna directly: Data Protection Policy

GiroSolution GmbH

For credit card payments, the data protection specifications of GiroSolution GmbH apply, which can be viewed here.

c) Contact form / E-mail contact

We provide a form on our website for you to contact us at any time. In order to use the contact form, you are required to enter a name (so that we may address you in person) and a valid e-mail address which we can use to contact you, so that we know who is making the request and we are able to process it.

If you use the contact form to send us requests, your data from the request form will be processed, including the contact details you provided in it and your IP address, pursuant to Art. 6 (1) (1) (b) and (f) GDPR, for the implementation of pre-contractual measures in response to your request or to exercise our legitimate interest, i.e. in the performance of our business activities.

You are also welcome to send us an e-mail using the e-mail address provided on our website. In this case, we will store and process your e-mail address and the data provided by you in the e-mail, pursuant to Art. 6 (1) (1) (b) and (f) GDPR, in order to process your message.

Requests and the data associated with them will be erased no later than 3 months after receipt, unless they are required for further contractual relationship purposes.

8. Cookies

We use cookies on our website. Cookies are small files created automatically by your browser and stored on your client device when you visit our website. These cookies are used to store information about the client device being used. However, it is not possible to identify you as an individual by means of cookies.

Data processed via cookies are required for the aforementioned purposes for the protection of our legitimate interests and those of third parties, in accordance with Art. 6 (1) (1) (f) GDPR.

Most browsers automatically accept cookies based on their settings. However, you can configure your browser either so that no cookies are stored on your client device, or at least so that a message is displayed before a new cookie is stored. If you completely deactivate the cookie feature in your browser, you may not be able to use all the features of our website.

Details of the various types of cookies that we use are as follows:

a)

In order to make your use of our range of services more enjoyable, we use what are known as “session cookies”, to recognise that you have already visited individual pages on our website.

These session cookies are automatically deleted after you have left our site.

b)

We also use cookies which enable us to recognise you when you return to our website and use our services again. This means that you do not need to enter the same information and settings that you entered the last time.

These temporary cookies are stored on your client device for a specified period of time.

c)

Finally, we also use cookies for marketing and optimisation purposes. These collect usage statistics for our website and are analysed for the purpose of optimising the range of services we provide for you. Cookies allow your internet browser to be recognised when you visit our website again.

These cookies are automatically deleted after a specified period of time.

9. Social Media

The following social media plugins are used on our website, in order to raise the online profile of the site. The legal basis for the use of social media plugins derives from Art. 6 (1) (1) (f) GDPR. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR.

Their respective providers are responsible for ensuring that they function in accordance with data protection regulations. We use the Shariff software 6 with these plugins, in order to provide the best possible protection for visitors to our website.

a) Facebook “Like” Button Plugin

The Facebook “Like” Button Plugin is integrated into this website. You can recognise it by the blue Facebook logo with the word “Like” next to it. The plugin is operated by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland, represented by board members Marc Andreesen, Jim Breyer, Donald Graham, Peter Thiel and Mark Zuckerberg, and is directly linked to Facebook’s servers. No data is transferred to the website operator.

When you activate the plugin, it collects, uses and transfers data to Facebook independently of this website (including that you visited this website, and when), to the extent and for the purpose specified in Facebook’s privacy policy at http://www.facebook.com/policy.php. When you use the plugin actively (for example, by clicking on the “Like” button), this information will also be transferred to and used by Facebook.

The type, scope and purpose of the data collected depend on whether you are registered and/or logged into Facebook. However, data will only be associated with your Facebook account if you are currently logged into Facebook. This means that if you do not wish data to be associated with your Facebook profile, you should log out of Facebook before visiting this website. Where appropriate, Facebook may also process the data collected in third countries, in accordance with Facebook’s privacy policy.

The most frequently asked questions about privacy regarding the plugin are explained in simple terms at http://www.facebook.com/help.php?page=1068.

b) Use of Twitter

Features of the Twitter service are integrated into our websites. These features are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” feature, the websites you visit are linked to your Twitter account and disclosed to other users. Data will also be transferred to Twitter. Please note that as the provider of these websites, we have no knowledge of the content of the data transferred or of how it is used by Twitter. You can find more information on this topic in Twitter’s Privacy Policy, at http://twitter.com/privacy.

You can modify your Twitter privacy settings in the account settings at http://twitter.com/account/settings.

c) Pinterest

Our website uses social plugins from the Pinterest social network, operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA ("Pinterest").

When you activate the plugin, your browser establishes a direct connection to Pinterest’s servers. The plugin then transfers log data to Pinterest’s servers in the USA. These log data may include your IP address, the addresses of websites you visit which also include Pinterest features, your browser type and settings, the date and time of the request, how you use Pinterest, and cookies.

More information about the purpose, scope, further processing and use of data by Pinterest, your rights in this regard, and how to protect your privacy, can be found in Pinterest’s Privacy Policy:
https://about.pinterest.com/de/privacy-policy

10. Rights of the data subject

You shall have the following rights:

a) Right of access

Pursuant to Art. 15 GDPR, you shall have the right to request information about your personal data being processed by us. This right of access includes the following information:

- The purposes of the processing
- The categories of the personal data concerned
- The recipients or categories of recipient to whom your data have been or will be disclosed
- The envisaged data storage period, or at least the criteria used to determine that period
- The existence of the right to rectification, erasure, restriction of processing or objection
- The existence of the right to lodge a complaint with a supervisory authority
- The source of your personal data, where they were not collected by us
- The existence of automated decision-making, including profiling, and, where appropriate, meaningful information about the logic involved.

b) Right to rectification

In accordance with Art. 16 GDPR, you shall have the right to request the prompt rectification of inaccurate or incomplete personal data stored by us.

c) Right to erasure

In accordance with Art. 17 GDPR, you shall have the right to request prompt erasure of your personal data stored by us, unless further processing is required for one of the following reasons:
- To exercise the right of freedom of expression and information;
- For compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest, or in the exercise of official authority vested in the controller;
- For reasons of public interest in the area of public health pursuant to Art. 9 (2) (h) and (i) and Art. 9 (3) GDPR.
- For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89 (1) GDPR, to the extent that the right referenced in a) is likely to render impossible or seriously impair the achievement of the objectives of that data processing, or
- For the establishment, exercise or defence of legal claims.
d) Right to restriction of processing
Pursuant to Art. 18 GDPR, you may request the restriction of processing of your personal data, for one of the following reasons:

- You contest the accuracy of your personal data.
- The processing is unlawful and you oppose the erasure of your personal data.
- We no longer require the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims.
- You object to processing pursuant to Art. 21 (1) GDPR.

e) Notification obligation

If you have requested rectification or erasure of your personal data or restriction of processing in accordance with Art. 16, Art. 17 (1) and Art. 18,
we will notify all recipients to whom your personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You may request that we inform you about those recipients.

f) Right to data portability

You shall have the right to obtain the personal data which you have provided to us in a structured, commonly used and machine-readable format.

You shall also have the right to request the transfer of these data to a third party, provided that processing was carried out by automated means and based on your consent pursuant to Art. 6 (1) (1) (a) or Art. 9 (2) (a) or for the performance of a contract pursuant to Art. 6 (1) (1) (b) GDPR.

g) Right to withdraw consent

Pursuant to Art. 7 (3) GDPR, you shall have the right at any time to withdraw consent previously granted to us by you. The withdrawal of consent shall not affect the lawfulness of processing carried out based on that consent before its withdrawal.
We may carry out no further processing based on the withdrawal of your consent.

h) Right to lodge a complaint

Pursuant to Art. 77 GDPR, you shall have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is contrary to the GDPR.

i) Right to object

Where your personal data are processed based on legitimate interests pursuant to Art. 6 (1) (1) (f) GDPR, you shall have the right pursuant to Art. 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation, or if you object to processing for direct marketing purposes. In the latter case, you shall have a general right of objection which we shall implement without the need for your particular situation to be specified. You may exercise your right to object or to withdraw consent simply by sending an e-mail to info@begadi.com.

j) Automatic individual decision-making, including profiling

You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This right shall not apply if the decision:

a) is necessary for entering into, or performance of, a contract between you and us,
b) is authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
c) is based on your explicit consent.

However, such decisions shall not be based on special categories of personal data referred to in Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

In the cases referred to in a) and c), we shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention on our part, to express your point of view, and to contest the decision.

11. Amendment of the Privacy Statement

If we amend the Privacy Statement, this will be indicated on the homepage and registered customers will be informed by e-mail.

Version of 27/04/2018