01. March 2013
Privacy and data protection in the context of commercial websites
The legal requirements concerning data protection are contained in the German Federal Data Protection Act and the German Telemedia Act.
Under § 4 sub-paragraph 1 of the Federal Data Protection Act personal data may only be collected, processed or used if there is a legal provision allowing or requiring such action, or if the person concerned consents.
Particularly relevant here are §§ 27 – 31 Federal Data Protection Act which list a range of commercial data processing activities which cannot be undertaken without the prior consent of the person concerned.
To enable individual modification, this template is broken down into separate sections. Each section is followed by an explanation of its content.
Thank you for visiting our website. The protection of your person details is very important to us. With the following information, we would like to give you detailed information on how we use this information. We will ensure that when handling your personal information, we will comply with the legal provisions contained in the Federal Data Protection Act, the Telemedia Act and other data protection rules.
Just a few introductory sentences should prepare the visitor or user for the following details about data protection.
Data collection and processing
In general you do not need to divulge your personal details in order to use our website. The only information which will be saved is access data, which has no personal link. These could include, but are not limited to, the name of the internet service provider, the name of the website you visited before visiting our website, the name of data accessed and the date on which it was accessed. These data will be collected solely with the aim of improving our internet services and are in no way linked to your personal details.
Your personal details will only be collected if you freely disclose them to us. This may take place through the placement of an order, when opening a customer account or through subscribing to our newsletter.
If you offer a customer account service or subscription to a newsletter it is advisable to include in the registration process, in addition to the general data protection information, a check box for the user to tick (i.e. to opt-in) and in doing so confirm their acceptance for their personal data to be used. You should also explicitly state that the acceptance can be retracted at any time.
Use and passing on of personal data
If you purchase one of our services or request delivery of a product from us, your personal details will only be used to the extent needed in order to permit the service to be carried out, unless you give special permission for any other use. Use of your personal data in this context includes passing on your data to a third party courier, credit companies or other service providers relevant for the completion of the order.
Unless you specifically permit your personal data to be used for further purposes, after completion of the required service any further use of your data will be blocked and after expiry of the data retention periods set by tax and commerce regulations your details deleted.
If you have subscribed to receive our newsletter, your personal details will be used for our own advertising purposes until you unsubscribe. You may unsubscribe at any time.
Note: You need not inform a customer of any data activities which you do not pursue. Should you use personal data in a form beyond that which is described here (for example passing on data to a marketing company), you must disclose this to the customer and obtain their express consent.
The cookies referred to here are often used by online-shops (for example by the “shopping basket” function). Express permission should be obtained from a visitor, if you intend to use persistent cookies for other purposes, such as to monitor the visitor’s shopping habits.
Use of Google Analytics
This paragraph on Google Analytics relies on a template recommended by Google. If, as a website operator, you use services mentioned above, you should ensure that you utilise the “_anonymizeIp()” ad-on. This means you will protect visitor’s privacy as best you can in accordance with data protection legislation. As regulatory authorities regularly assess “opt-out” possibilities, it is advisable to stay informed of legal developments in this area.
Right to disclosure
In accordance with the Federal Data Protection Act you have a right to free disclosure of the information stored about you. You also have a right to correct, block or delete this data.
Data protection contact person
If you have any questions concerning the collection, processing and use of your personal data, disclosure, correction or deletion of data, or if you wish to withdraw consent to data being collected, please contact:
Replace square brackets and the information in them with the details of the contact person for privacy and data protection.
Are you looking for a lawyer? Immediate help from a lawyer.
+49 (0) 221 / 951 563 0 Call us for an initial free consultation. Mon – Sun 8 am to 10 pm
Ask us for free initial assessment!