Privacy Protection, Data Security

Advice: You can print or download this Privacy Notice by an appropriate link at the bottom of this page. Get Adobe Reader for free to read pdf-Files if necessary: Download Adobe Reader

Privacy Notice, General Data Protection Regulation (GDPR)

Privacy policy is a matter of trust. Therefore, considering all valid privacy policy regulations is a very important matter to us. It is a matter of course. To make the protection of personal data as easy as possible for you, we herewith inform you about the collection and use of personal data in the course of our costumer relation.

Responsible position in terms of Data Protection Act is

Diburnium GmbH
Thalkirchner Str. 5
Munich, 80337, Germany

Commercial Register: HRB 258317, District Court Munich
VAT ID: DE332276052, Tax Number: 143/129/30162
CEO: Siegfried Haderer

Customer Service – Office Hours between 12 am and 7 pm (working days)
Phone: +49 89 26019310
Telefax: +49 89 26022977
E-Mail: info@toy-versand.de
Website: https://shop.toy-versand.com

Collection of General Data

You can visit our internet appearance anonymously. We only get to know about some technical data, about the web page from which you visit us and about the pages of our appearance that you have visited, your browser type and the operating system, the date and time of access to the internet site and other similar data and information. This information is used for statistical purposes with the aim to further optimize our web appearance for our customers. Without your explicit consent we’ll not use tracking tools to collect your personal data unnoticed, transfer personal data to third parties or link such data with your personal data (name, address and so on). The legal basis for this data processing is Art. 6 para. 1 point f GDPR.

Provision of services

We collect and use your data for order processing, customer care and our own advertising purposes and for processing of your order and payment. For these purposes, it might be necessary to also communicate data to our service providers (e.g. DHL). The legal basis for this data processing is Art. 6 para. 1 point b GDPR. These service providers do only use your data for the implementation of the order and payment. Illegal share of your data with third parties will not take place at any time. The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.

SSL Data Encryption

All data, especially your personal data and order data are encrypted during transmission by best available technology (TLS 1.2, AES with 256 Bit key, RSA with 2048 Bit key exchange).

Register as (Frequent) Buyer

It is not necessary to register in this online shop before placing an order. Choose between placing an order as guest or as registered customer with your e-mail-address and a password. If you choose the option last mentioned you can log in at your next visit. The shop will remember you and all personal fields (such as name, address) are initialized with your data automatically. You are able to create and delete up to five addresses for delivery. An easy option to save your time! During the process of registering we ask you to agree with the following: "… I want to create my own account. Please store my personal data for this purpose, based on § 6 Ia GDPR. I can cancel this agreement anytime, by e-mail for example." Should you decide in the future you don’t want to use this service any more just contact our customer service and we’ll delete your account completely. Please find our contact data on the beginning of this page or imprint.

Customers with an existing account we'll send our monthly newsletter by e-mail. We provide information about new products, specials and discounts. We use this newsletter for our own advertising only. Your e-mail-address will not be forwarded to third parties. If you wish to cancel the newsletter you can unsubscribe at any time by a link embodied in in each newsletter or by use of our newsletter form or just tell us by e-mail.

Contact Form

In case you contact us by E-Mail or by using our contact form we will save the contact data you provided and your message to ensure a proper handling and reply. The legal basis for this data processing is Art. 6 para.1 pint a GDPR.

Comment function for the evaluation of a product

In order to leave a comment with a rating on a product, which is displayed with the respective product, you must have previously registered as a customer and logged in. If you leave comments or ratings on products, in addition to this information, the time of their creation and your first name and the first letter of your last name are stored and displayed with the respective product. In each individual case, we check in advance whether you have actually purchased the goods from us. We are obliged to do this in accordance with the law to strengthen consumer protection and trade law. This also serves our security, as we can be prosecuted for illegal content on our website. We collect this data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 f GDPR.

Cookies

On this website we use so-called cookies, to make your visit more convenient and secure. Cookies are small text files stored on your computer. Most of them are valid during your visit only, so-called session cookies. You can reject cookies by an option in your browser. This is possible in all popular Internet browsers. A detailed reference how to reject cookies can be found on this website https://allaboutcookies.org/.

Please note: If you deactivate the setting of cookies in the Internet browser used, not all functions of this website may be entirely usable.

Use of Google Adwords

On this website we integrated Google AdWords and Google Conversion Tracking. Google AdWords is a service for Internet advertising that allows the advertiser to place ads in Google search engine results and the Google advertising network. Google AdWords allows an advertiser to pre-define specific keywords with the help of which an ad on Google's search results only then displayed, when the user utilizes the search engine to retrieve a keyword-relevant search result. In the Google Advertising Network, the ads are distributed on relevant web pages using an automatic algorithm, taking into account the previously defined keywords. The operating company of Google AdWords is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

The purpose of Google AdWords is the promotion of our website by the inclusion of relevant advertising on the websites of third parties and in the search engine results of the search engine Google and an insertion of thirdparty advertising on our website. If you reach our website via a Google ad, a conversion cookie is filed on the information technology system of the data subject through Google. The definition of cookies is explained on this page. A conversion cookie loses its validity after 30 days and is not used to identify the data subject. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages, e.g, the shopping cart from an online shop system, were called up on our website. Through the conversion cookie, both Google and the controller can understand whether a person who reached an AdWords ad on our website generated sales, that is, executed or canceled a sale of goods.

The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are used in order to determine the total number of users who have been served through AdWords ads to ascertain the success or failure of each AdWords ad and to optimize our AdWords ads in the future. Neither our company nor other Google AdWords advertisers receive information from Google that could identify the data subject. You may, at any time, prevent the setting of cookies by our website, as stated above, by means of a corresponding setting of the Internet browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. In addition, a cookie set by Google AdWords may be deleted at any time via the Internet browser or other software programs.

Use of Google Maps

On this website we use Google Maps API to display geographical information. During to the use of Google Maps Google will also collect and process data about the use of the map functions by visitors. For more information concerning the data processing please see the Google privacy policy. You can adjust your personal privacy settings by using the Google privacy center.

Use of Matomo

This website uses Matomo. We use the data collected and stored by Matomo for our own marketing purposes and improvement only. We do not share these data with third parties any time. Your IP address will be stored anonymized (incomplete). When you have set your web browser to "I do not want to be tracked" (DoNotTrack is enabled) then Matomo will not track your visits.

Facebook Social Plugins and similar

Our web site uses social plugins (“plugins”) provided by the social networking site, facebook.com, which is operated by Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA (“Facebook”). The plugins are identified by a Facebook logo or the phrase “Facebook social plugin”. If you call up a page containing a plugin of this nature from our website, a direct link is established between your browser and Facebook's servers. The content of the plugins is transmitted directly to your browser by Facebook and included by it in the web page. When you access the plugins, Facebook is notified of the fact that you have called up the corresponding page on our website. If you are logged in to Facebook, your visit can be assigned to your Facebook account. If you interact with the plugins, for example by clicking “Like”, or entering a comment, the corresponding information is transmitted from your browser directly to Facebook and stored by it. The reason for and scope of the data acquisition and information about the way in which the data is processed and used by Facebook, as well as your rights in this respect and settings options for protecting your privacy can be found in Facebook's privacy policy. If you do not wish to have data collected about you by Facebook via our website, you need to log out of Facebook before visiting the site. This applies analogously to all similar social plugins.

PayPal as a payment processor

Our web site uses components of the online payment service provider PayPal. Payments are processed via socalled PayPal accounts, which represent virtual private or business accounts. PayPal is also able to process virtual payments through credit cards or debit entry, also when a user does not have a PayPal account. A PayPal account is managed via an e-mail address, which is why there are no classic account numbers. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also accepts trustee functions and offers buyer protection services. The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If you choose "PayPal" as the payment option in the online shop during the ordering process, we automatically transmit your data to PayPal. By selecting this payment option, you agree to the transfer of personal data required for payment processing. The personal data transmitted to PayPal is usually first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. The processing of the purchase contract also requires such personal data, which are in connection with the respective order. The transmission of the data is aimed at payment processing and fraud prevention. The controller will transfer personal data to PayPal, in particular, if a legitimate interest in the transmission is given. The personal data exchanged between PayPal and the controller for the processing of the data will be transmitted by PayPal to economic credit agencies. This transmission is intended for identity and creditworthiness checks. PayPal will, if necessary, pass on personal data to affiliates and service providers or subcontractors to the extent that this is necessary to fulfill contractual obligations or for data to be processed in the order. Please find the PayPal terms and conditions for payment upon invoice here https://www.paypal.com/de/webapps/mpp/ua/pui-terms?locale.x=en_en, the PayPal EEA Privacy Policy here https://www.paypal.com/de/webapps/mpp/ua/privacy-prev?locale.x=en_en and information about the PayPal identity check and data exchange with credit agencies here https://www.paypal.com/de/webapps/mpp/ua/creditchk?locale.x=en_en

You have the possibility to revoke consent for the handling of personal data at any time from PayPal. A revocation shall not have any effect on personal data which must be processed, used or transmitted in accordance with (contractual) payment processing. The applicable data protection provisions of PayPal may be retrieved under https://www.paypal.com/us/webapps/mpp/ua/privacy-full

Newsletter

With our monthly newsletter we provide informations about new products, specials and discounts. We use this newsletter for our own advertising only. If you wish to receive the monthly newsletter, we need a valid e-mail-address. Your first name or nickname is not necessary but can be provided nevertheless. You agree thereby to store your personal data for this purpose, based on § 6 Ia GDPR. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter. There will be no transfer of personal data collected by the newsletter service to third parties. The newsletter contains embedded tracking links. This allows an anonymous statistical analysis of the success or failure of online marketing campaigns. If you wish to cancel the newsletter you can unsubscribe at any time by a link embodied in in each newsletter or by use of our newsletter form or just tell us by e-mail. In this case we'll delete your e-mail-address immediately.

Use of idealo

We have integrated the logo of our partner idealo (idealo internet GmbH, Ritterstr. 11, 10969 Berlin) onto our website. When you visit our website, information is automatically sent to the idealo server by the browser you are using on your device. This information is collected and then stored on a so-called server log file for seven days before being automatically deleted. This process requires no intervention from you and includes the following information: IP address of the user's computer, date and time the website is accessed, name and URL of the retrieved file, website from where the user came (referrer URL), browser used and, if applicable, the operating system of your computer and the name of your access provider. The temporary storage of IP addresses by the system is necessary in order for the website to be accessed. In this regard, the IP address must be stored for the duration of the visit to the website. Storage in log files occurs to guarantee optimal functioning of the website. The data collected also serves to optimise the website and ensure the safety of the information technology systems. At no point is any data stored together with other personal data. The legal basis for this data processing is Art. 6 para. 11 point f GDPR.

Use of EHI Widget

We use on our website the official seal "EHI Geprüfter Online-Shop", this is a widget of EHI Retail Institute GmbH, Spichernstr. 55, 50672 Köln (EHI). When you visit our website, information is automatically sent to the EHI server by the browser you are using on your device. This process requires no intervention from you and includes the following information: IP address of the user's computer, date and time the website is accessed, name and URL of the retrieved file, website from where the user came (referrer URL), browser used and, if applicable, the operating system of your computer and the name of your access provider. The data collected also serves to optimise the website and ensure the safety of the information technology systems. The legal basis for this data processing is Art. 6 para. 1 point f GDPR. For more information about data protection at EHI please visit https://www.ehi-siegel.de/datenschutz

Right to demand Information

In the course of legal requirements, you can require information about your personal data at any time by contacting us. You also shall have the right of rectification of inaccurate personal data, right of restriction of processing, right of erasure (in case there is no legal obligation to archive the data).