Data protection

Data Protection

1. Data Protection at a glance

General Information: The following information provides an overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. Please refer to our data protection declaration below for more details.

Data collection on our website

Who is responsible for the data collection on this website?
Data processing on this website is carried out by the party who manages this website. You can find their contact details in the impressum – legal notice on this website.

How do we collect your data?
On the one hand, your data is collected by the fact that you provide us with it. This may be data that you send to us by e-mail, for example.
Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time when the website was viewed). This data is collected automatically as soon as you visit our website.

What do we use your data for?
Part of the data is collected to ensure that the website functions properly. Other data may be used to analyse your activity on our website.

What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge and at any time. You also have a right to request the correction, blocking or deletion of such data. You can contact us at any time at the address given in the impressum – legal notice with regard to this matter and any other questions on the subject of data protection. Furthermore you have the right to file a complaint with the competent supervisory authority.

2. General and Compulsory Information

Data Protection

The party managing this website takes the protection of your personal data very seriously. We treat your personal data confidentially and according to the legal data protection regulations and this data protection declaration.

Some personal data is collected when you use this website. You can be identified by your personal data. This data protection declaration explains which data we collect and what we use it for. It also explains how we collect the data and for what purpose.

We would like to point out that transmitting data via the internet (e.g. communication by e-mail) can be vulnerable. It is not possible to protect data completely against third-party access.

Information on the Party Responsible for Data Processing
The party responsible for data processing on this website is:

turbocut Jopp GmbH
Donsenhaug 4
97616 Bad Neustadt
Germany

Telephone: +49 9771 9105-366
E-Mail: info(at)turbocut.de

The responsible party is the natural person or legal entity who/which alone or jointly with others determines the purpose and means for processing personal data (e.g. names, e-mail addresses, etc.).

Revoking your Consent to Your Data Being Processed
Many data processing operations are only possible with your explicit consent. You can revoke consent you have already given at any time. All you need to do is send us a simple e-mail message. Your revocation does not change the fact that it remains legal for us to continue processing your data until your revocation.

Right to Make a Complaint to the Competent Supervisory Authority
You have a right to make a complaint to the competent supervisory authority if data protection regulations are violated. The competent supervisory authority for data protection is the State Data Protection Officer of the federal state where our company is registered. A list of the data protection officers and their contact details can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to the Transfer of Data
You have the right to receive data that we process automatically based on your consent or an agreement or that such data is handed over to a third party in a standard machine-readable format. If you request that the data is transferred directly to another responsible party, this will only be done to the extent that it is technically feasible.

SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content, such as orders or enquiries, that you send to us as the manager of the website. You can recognise an encrypted connection by the padlock in your browser line and the fact that the address line of the browser changes from "http://" to "https://". The data you transmit to us cannot be read by third parties when SSL or TLS encryption is activated.

Information, Block, Deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of processing the data and, if applicable, a right to correction, blocking or deletion of this data. Please feel free to contact us at any time at the address given in the impressum – legal notice if you have any further questions about your personal data.

Objection to Advertising Mails
It is hereby prohibited to use contact data published within the impressum – legal notice obligation to send advertising and information material which has not been explicitly requested. The manager of the website explicitly reserves the right to take legal action should advertising material be sent in an unsolicited manner, such as in spam e-mails.

3. Data Protection Officer

Data Protection Officer as required by law
We have appointed a Data Protection Officer for our company.

Herr Christian Schmitt
Donsenhaug 4
97616 Bad Neustadt
G

Telefon: +49 9771 9105-0
E-Mail: data_privacy(at)jopp.com

4. Data Collection on our Website

Cookies
Some of our website pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies make our website more user-friendly, effective and secure. Cookies are small text files that are saved by your browser on your computer.

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit.
You can set your browser so that you are informed when cookies are created and only allow cookies in individual cases; you can exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If you de-activate the cookies, the functionality of this website may be restricted.
Cookies that are required for electronic communication or to provide certain functions you have requested (e.g. shopping cart function) are stored on the basis of Art. 6, Subsection 1, Cipher f, German General Data Protection Regulation (Datenschutz-Grundverordnung – DSGVO). The manager of the website has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. to analyse your surfing behaviour) are stored, these are treated separately in this data protection declaration.

Server Log Files

The provider of the website automatically collects and stores information in so-called server log files which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system
Referrer URL
Host name of the computer accessing the website
Time of the server request
IP address

This data is not merged with other data sources.
The data is processed on the basis of Art. 6, Subsection 1, Cipher b, DSGVO, which allows data to be processed for precontractual measures or in order to fulfil an agreement.

Web Analysis, Monitoring and Optimisation
The web analysis serves to analyse the visitors to our online site and can include behaviour, interests and demographic information about our visitors, such as age or sex, as pseudonyms. By measuring our visitors, we can, for example, see when our online site or its functions or content are most frequently being used or invite our visitors to visit the site again. Likewise we can understand which areas need optimisation.
In addition to web analysis, we may also use testing procedures, e.g. to test and optimise different versions of our online site or its components. Unless otherwise stated below, profiles, i.e. data collected for use, can be created for these purposes and information stored in a browser or in an end device and read from it. The information collected includes, in particular, websites visited and elements used there as well as technical information such as the browser used, the computer system used as well as information on usage times. If users have agreed to the fact that we or the providers of the services we use can collect their location data, then such data may also be processed. The IP addresses of the users are also stored. However, we use an IP masking procedure (i.e. pseudonymisation by shortening the IP address) to protect our users. In general, pseudonyms are stored for web analysis, A/B testing and optimisation rather than clear user data (such as e-mail addresses or names, for example). This means that the providers of the software used and we only know the information stored in the user profiles for the purpose of the respective procedures and not the actual identity of our users.

Type of data processed: user data (e.g. website pages visited, interest in content, access times); meta/communication data (e.g. device information, IP addresses).
Persons concerned: users (e.g. website visitors, users of online services).
Purposes of processing: measuring visitors (e.g. access statistics, recognising returning visitors); profiles of user-relevant information (creating user profiles).
Security measures: IP masking (pseudonymisation of IP address).
Legal basis: consent (Art. 6, Subsection 1, Sentence 1, Cipher a), DSGVO).

Further information on processing operations, procedures and services:

• etracker: web analysis/measuring visitors; service provider: etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany; legal basis: consent (Art. 6, Subsection 1, Sentence 1, Cipher a), DSGVO); website: https://www.etracker.com; data protection declaration: https://www.etracker.com/datenschutz/; order processing agreement: https://www.etracker.com/av-vertrag/.

Contact
You can contact us via the contact form, e-mail addresses we have provided and telephone. In this case the personal data of the user will be stored but it will not be passed on to third parties. The data is used exclusively for processing the conversation. The legal basis for processing the data transmitted in an e-mail is Art. 6, Subsection 1, Cipher f, and Art. 6, Subsection 1, Cipher b, if the e-mail contact is to conclude an agreement.

5. Processing orders in the online shop and customer accounts

The data of our customers is processed in orders in our online shop. This enables us to select and order the products and services as well as process payments and ensure delivery.

Processed data includes the following:

Communication data
Contractual data
Master data
Payment data

Persons concerned include the following:

Potential customers
Customers
Other business partners

Our data processing serves to provide contractual services within the scope of an online shop, deliveries, billing and customer services. We use session cookies to store the contents of the shopping cart and permanent cookies to store the login status.

The data is processed pursuant to Art. 6, Subsection 1, Ciphers b (order transactions) and c (legally required archiving), DSGVO. It is necessary here to provide the information marked as required for justification and in order to fulfil the agreement. We only disclose the data to third parties within the scope of deliveries, payments or within the scope of legal permits and obligations towards legal consultants and authorities. The data will only be processed in third countries if it is necessary to fulfil the agreement, i.e. at the customer's request in the case of a delivery or payment.

If they wish, users can create a user account where they can view their orders. The users are informed of the required mandatory information during registration. All user accounts are private, i.e. not public, and cannot therefore be listed by search engines. If users have closed their account, the data from the user account will be deleted unless the data must be retained for reasons of commercial and/or tax law pursuant to Art. 6, Subsection 1, Cipher c, DSGVO. The information in the customer account will be retained until deletion or subsequently archived if there is a legal obligation. It is the user's duty to save the data if the account is closed before the end of the agreement.

In order to protect other users from misuse and to prevent other unauthorised use, the IP address and the time of the respective action by the user are stored during registration and subsequent logins as well as when our online offer is used. This data is not passed on to third parties as a matter of principle unless it is necessary for the pursuit of our claims or there is a legal obligation pursuant to Art. 6, Subsection 1, Cipher c, DSGVO.

The data is deleted after any legal warranty obligations or similar have expired. Furthermore it is re-assessed every three years whether it is still necessary to retain the data. Deletion takes place afterwards if compulsory archiving periods apply by law, i.e. after 6 years if the data must be retained under commercial law and after 10 years under tax law.

External payment service providers
We use payment service providers on the basis of Art. 6, Subsection 1, Cipher b, DSGVO,when fulfilling agreements. Furthermore we use external payment service providers for our legitimate interests pursuant to Art. 6, Subsection 1, Cipher b, DSGVO, in order to offer our users an effective and secure payment option.

The data processed by the payment service providers includes master data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and card verification values, as well as information on the agreement, amount to be paid and recipient. This information is required in order to carry out the transactions. However, the data is only processed by the payment service providers and stored by them, i.e. we do not receive any account or credit card details, just information confirming or denying payment. Under certain circumstances, the payment service providers may transmit the data to credit agencies in order to check the identity and creditworthiness of the paying party. Please see the general terms and conditions and data protection information of the payment service providers for more information.

The terms and conditions and data protection information of the respective payment service providers apply to the payment transactions and can be found on the respective websites and/or transaction apps. Please see the above documents for further information and in order to assert rights of revocation, information and other rights you may have.

Type of data processed: master data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contractual data (e.g. subject of agreement, duration, customer category), user data (e.g. website pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Persons concerned: (potential) customers.
Purposes of processing: contractual services and customer service.
Legal basis: fulfilling agreements and precontractual enquiries (Art. 6, Subsection 1, Sentence 1, Cipher b, DSGVO), legitimate interests (Art. 6, Subsection 1, Sentence 1, Cipher f, DSGVO).

Payment service providers which we use:

PayPal: payment services; service provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg; Website: https://www.paypal.com/de; Data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.