Data protection declaration
The following data protection declaration applies to the use of our online service www.globes.de (hereinafter “website”), as well as to the uses and applications detailed below.
We take data protection very seriously. Your personal data will be collected and processed
in compliance with the relevant data protection
regulations, especially the General Data Protection Regulation (GDPR).
1 Responsible body
The body responsible for the collection, processing and use of your personal data within the
meaning of article 4 no. 7 GDPR is
If you would like to lodge an objection to the collection, processing or use of your data by us in accordance with these
data protection provisions, whether generally or for individual actions, you can send your
objection to the responsible body.
You can save and/or print this data protection declaration at any time.
2 General purposes of processing
We use personal data for the purpose of operating the website and for sending technical information about the products we distribute.
3 What data we use and why
The hosting services we use help us provide the
following services: infrastructure and platform services, computing capacity, storage space
and database services, security services and technical maintenance services that we use for the purpose
of operating our website.
For this purpose we, and our hosting provider, process inventory data, contact data, content data,
contract data, usage data, meta and communication data of our customers, people interested in our services and
visitors of this website on the basis of our legitimate interests in the efficient and secure
provision of our website in accordance with article 6 paragraph 1 p. 1 f) GDPR in conjunction with article 28
3.2 Access data
We collect information about you when you use this website. We automatically collect
information about your usage behaviour and your interaction with us and we register data about
your computer or mobile device. We collect, store and use data about each time our website
is accessed (in ‘server log files’). The access data include:
– name and URL of the file accessed
– date and time of access
– amount of data transferred
– message about successful access (i.e. HTTP response code)
– browser type and version
– operating system
– referrer URL (i.e. the site visited before)
– websites accessed by the user’s system via our website
– user's internet service provider
– IP addresses and requesting provider
We use these protocol data without matching it to you personally or otherwise creating a profile
for statistical analysis for the purpose of operating, securing and optimising our
website, but also to anonymously establish the number of visitors to our website (traffic)
and the extent and nature of the use of our website and services, and also for
billing purposes to measure the number of clicks our partners receive.
This information allows us to provide personalised and location-specific content
and to analyse data traffic, find and fix errors and improve our service.
This is also the basis of our legitimate interest as described in article 6 paragraph 1 p. 1 f) GDPR.
We reserve the right to retroactively examine protocol data if there is
any indication that the website has been used illegally. We store IP addresses
for a limited period in the log files when this is necessary for security purposes or
to provide our services or when we have to bill for a service, e.g. when you use one of the services
we sell. After the ordering process is terminated or after we have received payment, we delete
the IP addresses if we no longer need them for security purposes. We also store IP addresses
if we have specific reason to believe that an offence has been committed in connection
with the use of our website. Otherwise, as part of your account, we store the date of your
last visit (e.g. when you registered, logged in, clicked on a link etc.).
We use ‘session cookies’ to optimise our website. A session cookie
is a small text file that is sent to a computer by a server when an internet site is visited
and saved on your hard drive. This file contains a
‘session ID’, which can be used to assign various requests made by your browser to a single
session. This means your computer can be recognised if you
return to our site. These cookies are deleted after you close your browser. They allow you
to use the shopping cart function across several pages, for example.
We also use a small number of persistent cookies (also small text files stored
on your device), which remain on your device and allow us
to recognise your browser next time you visit. These cookies are stored on your hard drive
and are deleted automatically after a specified time. Their lifespan is 1
month to 10 years. This allows us to present our services in a more user-friendly, effective and secure way
and to display information to you in a way that is tailored to your interests,
making our website more user-friendly, effective and secure.
The following data and information are stored in the cookies:
- login information
- language settings
- search terms entered
- information about the number of time our website is accessed and the use of
individual features of our internet presence.
When the cookie is activated, it is assigned an identification number and
your personal data is not matched to this identification number. Your name,
your IP address and similar data that would allow the cookie to be matched to you
are not stored in the cookie. We use cookie technology to acquire only
pseudonymised information, such as about what pages are visited in our shop,
what products are viewed, etc.
You can configure your browser so that you are informed each time a cookie is set
and can decide on a case-by-case basis whether you would like to accept cookies in specific events
or reject them by default, or not accept cookies at all. This may limit
the functionality of the website.
3.4 Data required to meet our contractual obligation
We process personal data that we require to meet our contractual obligations,
such as names, addresses, email addresses, products ordered, invoice
and payment data. We have to collect these data for the purpose of contract fulfilment.
The data is deleted after the guarantee periods and statutory
retention periods. Data connected with your user account (see below) are always stored
for as long as the account is held.
The legal basis for these data being processed is article 6 paragraph 1 p. 1 b) GDPR; these data
are required for us to meet our contractual obligations to you.
3.5 User account
User accounts cannot be created on our website.
To subscribe to our newsletter, the data requested in the subscription process are required. Your subscription
to our newsletter is recorded. After subscription, you will receive a message at
the email address you specified in which you will be asked to confirm your subscription (the “double
opt-in” procedure). This is required so that third parties cannot register your email address.
You can revoke your consent to receive the newsletter at any time and thereby
unsubscribe to the newsletter.
We store the subscription data for as long as it is needed to send the newsletter. We store
the record of the subscription and the email address for as long as there is a reason
to keep evidence of the consent you originally gave; usually, this is
the limitation period for civil claims, i.e. three years maximum.
The legal basis for the newsletter being sent is your consent as specified in article 6 paragraph 1 p. 1 a) in conjunction with
article 7 GDPR in conjunction with section 7 paragraph 2 no. 3 UWG (the German Law against Unfair Competition). The legal basis for recording the subscription is
our legitimate interest in keeping evidence that the newsletter is sent with your
You can unsubscribe at any time without incurring any costs
other than the transmission costs under the basic tariffs. Contacting us in writing using the contact information
given under subparagraph 1 (e.g. email, fax, letter) is sufficient for this purpose. Of course, there will also be an
unsubscribe link in each newsletter.
3.7 Product recommendations
We send you product recommendations by email separately from our newsletter. This is a way
for us to inform you about products from our range
that you might be interested in based on your previous purchases of goods or services
from us. In providing these recommendations, we follow the legal guidelines very closely. You can revoke consent for these at any time without incurring
any costs other than transmission costs under the basic
tariffs. For this purpose, it is sufficient to contact us in writing using the contact information given under subparagraph 1 (e.g. email, fax,
letter). Of course, there will also be an unsubscribe link in each email.
The legal basis for this is the legal permission under article 6 paragraph 1 p. 1 f) GDPR in conjunction with section 7 paragraph 3
3.8 Email contact
If you contact us (e.g. by contact form or email), we will process
the information you provide in order to process the request, and also in case further questions arise.
If the data is processed in order to exercise pre-contractual measures arising from your query,
or, if you are already a customer with us, to execute the contract,
the legal basis for this data processing is article 6 paragraph 1 p. 1 b) GDPR.
We process other personal data only if you have provided consent for this (article 6 paragraph 1 p. 1 a)
GDPR) or we have a legitimate interest in the processing of your data (article 6 paragraph 1 p. 1
f) GDPR). An example of a legitimate interest would be in order to reply to your email.
4 Google Analytics
We do not use Google Analytics.
5 Storage duration
Unless otherwise specified, we store your personal data for only as long
as it is needed for our purposes.
In some cases, legislation provides for longer-term storage of personal data,
e.g. in tax or commercial legislation. In these cases, we will continue to store the data only for these
statutory purposes, but it will not be processed in any other way and will be deleted after the
statutory retention periods end.
6 Your rights as the person affected by data processing
According to the applicable laws, you have various rights regarding your
personal data. If you would like to assert these rights, please send your request
by email or post, clearly identifying yourself, to the address specified
in subparagraph 1.
You can find an overview of your rights below.
6.1 Rights of confirmation and information
You have the right to receive an overview of the processing of your
You have the right to receive a confirmation from us about whether personal data concerning you
is being processed. If this is the case, you have the right to request
information from us about the personal data we have stored about you free of charge, plus a copy
of these data. Furthermore, you have the right to the following information:
1. the purposes of data processing;
2. the categories of personal data that are processed;
3. the recipient or categories of recipient to whom the personal
data has been provided or will be provided, particularly if the recipients
are in other countries or are international organisations;
4. if possible, the planned duration for which the personal data will be stored,
or, if this is not possible, the criteria for setting this duration;
5. your right to have personal data relating to you corrected or deleted
or to limit processing by the
responsible body or the right to object to this processing;
6. your right to lodge a complaint with a supervisory authority;
7. if the personal data was not collected from you, all available information
about the origin of the data;
8. the existence of automated decision-making, including profiling as described under article
22 paragraph 1 and 4 GDPR and – at least in these cases – meaningful information
about the logic involved and the scope and desired effects
of this processing for you.
If personal data are transferred to another country or an international organisation,
you have the right to be informed about suitable guarantees in accordance with article 46 GDPR
in connection with this transferral.
6.2 Right of correction
You have the right to request that we correct and, where applicable, complete the personal data we store
You have the right to request that we immediately correct the incorrect data
we hold about you. Under consideration of the purposes of processing, you
have the right to request the completion of incomplete personal data – including via a
6.3 Right of deletion (“right to be forgotten”)
In a number of cases, we are obliged to delete personal data that relates to you.
You have the right under article 17 paragraph 1 GDPR to request that the personal data
we hold about you is immediately deleted and we are obliged to immediately delete
personal data if one of the following grounds applies:
1. The personal data are no longer required for the purposes for which they were collected or otherwise
2. You revoke your consent on which processing is based according to article 6 paragraph 1 p. 1 a)
GDPR or article 9 paragraph 2 a) GDPR and there is no other legal
basis for processing.
3. You object to processing as described under article 21 paragraph 1 GDPR and
there is no overriding legal grounds for processing, or you object
to processing as described under article 21 paragraph 2 GDPR.
4. The personal data are being processed unlawfully.
5. Deletion of the personal data is required to meet a legal obligation
under Union law or the law of Member States to which we are subject.
6. The personal data are collected in relation to information society
services in accordance with article 8 paragraph 1 GDPR.
If we have published personal data and we are obliged to delete it under article 17 paragraph 1
GDPR, we will take reasonable measures, including technological measures, given the available
technology and the costs of implementation, to
inform the body responsible for processing the personal data
that you have requested the deletion of all links to these personal data
or have requested copies or replications of these personal data.
6.4 Right to limit processing
In a number of cases, you are entitled to request that we limit the processing of your
You have the right to request that we limit processing if
one of the following prerequisites applies:
1. you have disputed the accuracy of the personal data for a duration
that has given us the opportunity to check the accuracy of the personal data,
2. the processing is unlawful and you have declined to have the personal data deleted
and instead have requested that its use is
3. we no longer need the personal data for the purposes of processing,
but you need the data to assert, exercise or defend
legal claims, or
4. you have lodged an objection to processing as described under article 21 paragraph 1 GDPR,
if it is not yet certain whether the legitimate reasons given by our company outweigh
those given by you.
6.5 Right of data portability
You have the right to receive, transfer or have transferred by us in a machine-readable format
data relating to you.
You have the right to receive personal data relating to you that you have given us
in a structured, common and machine-readable format and you have
the right to transfer these data to another responsible body without hindrance,
as long as
1. the processing is based on consent in accordance with article 6 paragraph 1 p. 1 a) GDPR or article 9 paragraph 2
a) GDPR or on a contract in accordance with article 6 paragraph 1 p. 1 b) GDPR and
2. processing is performed using an automated procedure.
When exercising your right to data portability in accordance with paragraph 1, you have the right
to request that the personal data are transferred directly to us from another responsible body,
if this is technically feasible.
6.6 Right to object
You have the right to object to lawful processing of your personal data by us
if this is justified by your particular situation and our
interests in processing do not outweigh this.
You have the right to object at any time to personal data being processed on the basis of article 6 paragraph 1 p. 1 e) or f) GDPR for reasons relating
to your particular situation;
this also applies to profiling based
on these provisions. We will no longer process your personal data, unless
we can provide compelling and legitimate reasons for processing that outweigh your interests,
rights and freedoms, or the processing is for the purpose of asserting, exercising or
defending legal claims.
If personal data are processed by us for the purposes of direct marketing, you have
the right to object at any time to the processing of personal data relating to you for the purposes
of this type of marketing; this also applies to profiling, where this is
in connection with direct marketing.
You have the right to object, for reasons relating to your particular situation, to processing of data that relates to you
that is performed for scientific or
historical research purposes or for statistical purposes in accordance with Article 89 paragraph 1 GDPR,
unless the processing is necessary to perform a
task in the public interest.
6.7 Automated decision making including profiling
You have the right not to be subjected to decision making that is exclusively based on automated processing –
including processing – and that will have
a legal effect or affect you in a similar manner.
We do not carry out automated decision making on the basis of the
personal data we collect.
6.8 Right to revoke consent under data protection law
You have the right to revoke your consent to the processing of your personal data
at any time.
6.9 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, especially in the Member State
where you reside, where you work or where the suspected violation was committed if you
think that your personal data have been processed in an unlawful way.
7 Data security
We make every effort to ensure the security of your data within the framework of the applicable data protection laws
and what is technically feasible.
We encrypt your personal data before transferring them. This applies both to your orders and to
your customer login. We use the SSL (Secure Socket Layer) encryption system, but
please be advised that transferring data across the internet (e.g. when communicating by email)
can pose a security risk. Flawless protection of data against access by third parties is not
To secure your data, we maintain technical and organisational security measures
in accordance with article 32 GDPR, which we constantly adjust as new technology becomes available.
We also do not guarantee that our services will be available at specific times;
faults, interruptions in service and downtime cannot be ruled out. The server we use
is regularly and carefully secured.
8 Passing data on to third parties, no data transfer to non-EU countries
Generally, we only use your personal data within our company.
If we employ third parties for the fulfilment of contracts (such as logistics companies),
they will receive personal data only to the extent necessary
for the service they provide.
When we outsource certain parts of our data processing (“job processing”),
we contractually obliged job processors only to use personal data in compliance with
the requirements of data protection law and to ensure the protection of the rights
of the persons affected.
We do not transfer data to bodies or persons outside the EU except in the cases named in this
declaration in subparagraph 4 and we have no plans to do so in the future.
9 Data protection commissioner
If you have questions or concerns regarding data protection, please contact our
data protection commissioner:
Updated: May 2018 (2)