Owner, publisher and responsible for the content, coordination and maintenance of this website is:
For Legal Information/Impressum [click here]
1) General Information:
The owner of this website takes the protection of your data very seriously. We proceed your personal data confidentially and according to the applicable laws and this declaration. Personal data are data that you can personally be identified with. This declaration explains which data we gather, why we need it and how we use it. It will also explain your rights regarding your personal data.
2) Logging and processing your data on our website and how we use your data:
By visiting and browsing our websites geneticmusic.de and shop.geneticmusic.de your personal data is being processed. This happens through various possible ways:
2a) Contact Form:
If you send us a message or request through the contact form, the personal data you type into the form (e.g. email-address, name, subject, message, date and time) will be send to us and stored. This data will not be shared with any third party. We only use it to process and answer your request. Therefore the processing of the data you put into the contact form takes place exclusively on the consent you give by clicking the “SEND”-button (Art. 6. 1 a GDPR). You have the right to withdraw this consent at any time. To do so an informal email to firstname.lastname@example.org is sufficient. The lawfulness of processing your data on consent until your withdrawal stays unaffected. The data put into the contact form by you remain with us until you ask us to delete it, or until you withdraw your consent of its storage or until the purpose of storing the data expires (e.g. after we have completed your request).
We like to point out that any processing of data in the internet (e.g. communication by email) can imply lacks of security, even if a SSL-encryption is being used. A totally flawless protection of data against access of third parties is not possible. You are welcome to get in touch with us by post or phone instead (contact details see above).
By using our online shop personal data of our customers is being collected (e.g. name, address, phone number, email-address, IP-Address), as well as data regarding the sales contract (e.g. ordered items). This data is necessary to proceed orders and enable the customer’s payment for orders as well as the delivery of our products. While browsing our online shop we use so-called session cookies. These are essential for having a shopping cart and to ensure a trouble-free order process. The processing of this data is according to Art. 6. 1 b GDPR. We share this data with third parties only for the purpose of payment and delivery, or to comply with legislation.
For the purpose of delivering the ordered goods we transfer personal data (e.g. name, delivery address, in some cases phone number) to shipping companies (like e.g. UPS, Deutsche Post, DHL). This is obligatory for us to fulfil our side of the sales contract (Art. 6. 1 b GDPR).
2c) User Account:
Customers have the option to create a non-public user account in our shop. To store the login status we place a so-called permanent cookie. Data put into the user account and in order to be able to provide the account, we store personal data (e.g. user name, password, email-address, IP-address or time of user activity). Before creating the account, customers must give their consent to store personal data (Art. 6. 1 a GDPR). Customers can delete their account instantly at any time. We are obliged to archive certain data due to commercial or tax laws according to Art. 6. 1 c GDPR.
2e) Hosting and Server-Log-files:
Browsertype and browser version
Operating sytem in use
Type of device in use
Hostname of the accessing device
date and time of the server request
Referrer URL (last website visited)
Requested website or file
IP-address in anonymous form (only to locate the request)
Duration of the seeion
Page requests per session
The temporary storage of the IP-address is necessary to enable the delivery and display of the website to the user. For that reason the IP-address has to be stored for the duration of the session. The storage in log-files is necessary to ensure the functionality of the website and to optimize the website and ensure the security of the technical systems. No analysis for marketing purposes is happening. The collection and storage of this data is obligatory for the operation of the website. Therefore the user has no right of objection. No consolidation of this data with other data sources is taking place. Basis for the data processing is Art. 6. 1 f GDPR, which allows the processing of data in order to fulfil a contract.
2f) Implementation of third party services:
On our websites we implement contents or services of third parties (according to Art 6. 1 f GDPR), e.g. videos or fonts (hereafter referred to as “content”). In order to send content to the browser of the user the processing of the IP-address is necessary. Furthermore third party suppliers can use so-called Pixel-Tags (invisible graphics, also called web beacons) for statistical or marketing purposes or to analyse user traffic. Also cookies might be placed on the user device, to get information about browser and operating system, referring websites, duration of a session or further usage information. We cannot guarantee that this data is not combined with data from other sources.
On our websites we use the services of Youtube, Google Fonts and Google ReCaptcha of the following third party supplier:
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
3) Further Information:
3b) Social media:
We run online presences in social networks and platforms in order to inform about our products and to communicate with customers or people interested in our products. When using those networks and platforms, the terms and conditions and privacy policies of those sites apply. On the basis of Art. 6. 1 f GDPR we might process user data that has voluntarily been provided to us in these networks e.g. by public comments or private messages. The right of deletion of this data is of course unrestricted as well as all the other rights (see. Section 4).
In compliance with our legal duty to have an orderly accounting, as well as with legal retention periods, we store customer- and order-related data according to Art. 6. 1 c GDPR. For this purpose we might also be obliged to share data with third parties such as fiscal authorities, tax consultants or auditors.
3d) Erasure of data
We abide by the principles of data reduction and data economy. We store your personal data only for the time necessary to fulfil its purpose, or for as long as the authorities require their archiving. After that the data is being deleted.
3e) Integrity and confidentiality
By using appropriate measures of security, as well as appropriate technical and organisational measures, we protect the stored data from unintentional loss, destruction or damage. To the very best of our ability we prevent unauthorized access to the stored data and the devices (e.g. servers).
4) Your rights:
4a) Right of access:
You have the right of access which includes information about what data we have stored, its usage, the origin, recipients and the duration and purpose of its collection at any time free of charge.
4b) Right of withdrawal, rectification, blocking and erasure (right to be forgotten):
You have the right to withdraw your consent to process your data, as well as the right of rectification, blocking and erasure of the data at any time free of charge. If you have questions about personal data or about your rights you can always contact us (see contact details in the legal section of our website). Also you have the right to complain to the responsible supervising authority (see 4d).
4c) Withdrawal of your consent to process your data:
Many processes using data are only possible with your explicit consent. You can withdraw your given consent at any time. To do so an informal email to email@example.com is sufficient. The lawfulness of processing your data based on consent before its withdrawal stays unaffected.
4d) Right to complain to a supervisory authority
In the case of a breach of data protection laws, the affected person has the right to complain to a supervisory authority, which is the commissioner for data protection of the county our company is located (Nordrhein-Westfalen: www.ldi.nrw.de) or of the county the affected person is living or working or in the place of the alleged infringement.
last modified: May 24th 2018