Protecting your data is very important to us. Therefore, in the following, we would like to inform you of what data we use for which purposes. The “controller” pursuant to the General Data Protection Regulation and other national data protection laws of the Member States as well as other data protection laws is:
KANTO SPA GmbH
Bei den Thermen 2
72574 Bad Urach
Tel: 07125 / 94 36 0
Fax: 07125 / 94 36 30
In addition, KANTO SPA GmbH has appointed an external data protection officer who can be contacted at:
With this data privacy statement, users are informed of the nature, scope, and purpose of the collection and use of their data by the responsible provider.
Collection and storage of personal data as well as the nature and purpose of its use
When you access our website, the browser used on your device automatically transmits information to the server for our website. This information is temporarily stored in a “log file.” The following information is automatically collected and stored until deleted on an automated basis:
The information above is processed by us for the following purposes:
The legal basis for processing the data is Art. 6 section 1 sentence 1 lit. f GDPR. Our legitimate interest is based on the data collection purposes above. Under no circumstances do we use the data collected to make inferences about your person.
SSL or TLS encryption
For security reasons and to ensure safe transmission of confidential content that you send to us as website operator, our website uses SSL or TLS encryption. This renders data that you transmit via this website unreadable for third parties. You can see that the connection is encrypted through the “https://” address bar in your browser and the lock icon in the browser bar.
Data transfer when entering into a contract for the purchase and shipment of goods
Personal data is only transmitted to third parties when necessary to fulfill the terms of the contract. Such third parties include, for example, payment services or logistics companies. Personal data is not shared for any other purpose unless you have given us express permission to do so.
The legal basis for the processing of data is Art. 6 section 1 lit. b GDPR, which permits the processing of personal data when necessary for the performance of a contract or for measures that serve the entering into a contract.
Registration on this website
To be able to use certain functions, you can register on our website. The information transferred exclusively serves the purpose of using the respective offer or service. The required fields for registration must be thoroughly completed. We will otherwise deny the registration.
You will be informed by email of important changes, for example for technical reasons. The email will be sent to the address provided at registration.
The processing of data provided at registration is based on your consent (Art. 6 section 1 lit. a GDPR). You may withdraw this consent at any time. To withdraw your consent, it is sufficient to send us an informal email stating your intention to do so. The lawfulness of data processing that has taken place prior to this remains unaffected by the revocation.
We store the data collected at your registration for the period of time during which you are registered on our website. Should you cancel your registration, your data will be deleted. Mandatory data retention periods remain unaffected.
Data transferred via the contact form, including your contact details, are only stored for the purpose of processing your inquiry or for assisting with follow-up questions. This information is not shared with third parties without your consent.
The information entered in the contact form is exclusively processed on the basis of your consent (Art. 6 section 1 lit. a GDPR). You may withdraw this consent at any time. To withdraw your consent, it is sufficient to send an informal email stating your intention to do so. The lawfulness of data processing that has taken place prior to this remains unaffected by the revocation.
We retain data transferred to us via the contact form until you ask us to delete the data, revoke your consent to storage of the data, or when storing the data is no longer necessary. Mandatory regulations – in particular, retention periods – remain unaffected.
We require an email address from you in order to send you our newsletter. It is not necessary to verify the email address provided and consent to receipt of the newsletter must be given. Additional information is not collected or is voluntary. The information is exclusively used to send the newsletter.
The information provided when subscribing to the newsletter is exclusively processed on the basis of your consent (Art. 6 section 1 lit. a GDPR). You may withdraw your consent at any time. To withdraw your consent, it is sufficient to send us an informal email stating your intention to do so, or you can unsubscribe using the "unsubscribe" link in the newsletter. The lawfulness of data processing that has taken place prior to this remains unaffected by the revocation.
Information provided to set up a subscription is deleted when you unsubscribe. If this information was transmitted to us for other purposes and in a different context, we retain it.
We use CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. With this service, we can organize and analyze newsletter mailings. The information you provide to receive the newsletter, e.g. your email address, is stored on the servers of CleverReach. Server sites are in Germany or Ireland.
Using CleverReach newsletter mailings allows us to analyze the behavior of newsletter recipients. The analysis shows, for example, how many recipients opened their newsletters, and how frequently they clicked on links in the newsletter. CleverReach supports conversion tracking in order to analyze whether a previously defined action, for example a product purchase, takes place after a click on a link. You can find more details about data analysis by CleverReach at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.
Data is processed on the basis of your consent (Art. 6 section 1 lit. a GDPR). You may withdraw this consent at any time. To withdraw your consent, it is sufficient for you to send an informal email stating your intention to do so, or you can unsubscribe using the "unsubscribe" link in the newsletter. The lawfulness of data processing that has taken place prior to this remains unaffected by the revocation.
If you do not wish an analysis by CleverReach then you must unsubscribe from the newsletter. To unsubscribe, just send an informal email stating your intention to do so or use the "unsubscribe" link in the newsletter.
Information provided to set up a subscription is deleted from our servers and the servers of CleverReach when you unsubscribe. If this information was transmitted to us for other purposes and in a different context, we retain it.
To thoroughly fulfill data protection laws, we have concluded a contract for order processing with Clever Reach.
Some cookies are "session cookies." These cookies are automatically deleted after your browser session. Other cookies remain on your computer until you delete them yourself. These cookies help us to recognize you when you return to our website.
With a modern web browser, you can monitor, limit or disable cookies. Many web browsers can be configured to automatically delete cookies when the program is closed. Deactivating cookies can result in a loss of functionality of our website.
Cookies that are necessary for performing electronic communication processes or for providing specific functions desired by you (e.g. shopping cart) are set in accordance with Art. 6 section 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in storing cookies in order to provide technically error-free and smooth services. If other cookies are set (e.g. for analysis functions), these will be regulated separately in this data privacy statement.
Our website uses functions of the web analysis service Google Analytics. Provider of the web analysis service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses "cookies." These are small text files that your web browser stores on your computer and that allow an analysis of use of the website. Information generated by cookies regarding your use of our website are sent to a Google server and stored there. The server is normally located in the USA.
Google Analytics cookies are set in accordance with Art. 6 section 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in the analysis of user behavior in order to optimize our web services and possibly advertising as well.
We use Google Analytics in connection with the IP anonymization function. This guarantees that Google shortens your IP address within Member States of the European Union or in other parties to the Agreement on the European Economic Area before it is sent to the USA. In exceptional cases, Google transfers the full IP address to a server in the USA and abbreviates it there. On our behalf, Google will use this information to evaluate your use of the website, to create reports on website activity, and to provide further services relating to use of the website and Internet usage for us. The IP address transmitted by Google Analytics is not combined with other data held by Google.
You can prevent cookie settings on your web browser. This may, however, limit some of the functions of our website. You can also prohibit the collection of data relating to your website use, including your IP address, and subsequent processing by Google. To do this, you can download and install the browser plug-in at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set that prevents your data from being collected during future visits: Deactivate Google Analytics.
To thoroughly fulfill data protection laws, we have concluded a contract with Google for order processing.
Demographic characteristics with Google Analytics
Our website uses the Google Analytics function "demographics." This can be used to create reports regarding the age, gender, and interests of site visitors. This information is derived from interest-related advertisements of Google and visitor data of third-party providers. The data cannot be assigned to a specific person. You can deactivate this function at any time. This can be done using the advertisement settings in your Google account or you can generally prohibit the collection of your data by Google Analytics following the measures explained in the section "Objection to data collection."
Our website allows payment via PayPal. Provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.
When you pay with PayPal, the payment information you enter is transmitted to PayPal.
Your data is transmitted to PayPal in accordance with Art. 6 section 1 lit. a GDPR (consent) and Art. 6 section 1 lit. b GDPR (processing necessary to perform a contract). You may withdraw your consent at any time. In the case of a revocation, data processing that has taken place prior to this remains effective.
Direct bank transfer with "Sofortüberweisung"
Our website allows payment using "Sofortüberweisung." Provider of the payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich.
Using "Sofortüberweisung," we receive a payment confirmation from Sofort GmbH in real time and can immediately begin to fulfill our obligations.
When you use the "Sofortüberweisung" payment service, your PIN and TAN are transferred to Sofort GmbH. The payment service provider uses them to log in to your online banking account; it automatically checks your account balance and performs the transfer. A transaction confirmation follows immediately. Your credits and debits, the credit line for overdrafts, and the existence of other accounts and their balances are also automatically assessed after login.
In addition to PIN and TAN, payment information and information relating to your person is transferred to Sofort GmbH. Your personal information includes first and last name, address, telephone number, email address, IP address, and possibly other information that is necessary for processing the payment. It is necessary to transfer this information in order to establish your identity beyond doubt and to prevent attempted fraud. Your information is transferred to Sofort GmbH in accordance with Art. 6 section 1 lit. a GDPR (consent) and Art. 6 section 1 lit. b GDPR (processing to perform a contract). You may withdraw your consent at any time. In the case of a revocation, data processing that has taken place prior to this remains effective.
Data subject rights
You have the right:
Right to object
Provided your personal data is being processed on legitimate grounds in accordance with Art. 6 section 1 sentence 1 lit. f GDPR, you have the right pursuant to Art. 21 GDPR to object to the processing of your personal data provided this is on grounds relating to your particular situation or the objection concerns direct marketing. In the latter case, you have a general right to object that will be implemented by us without your stating a particular situation.
If you would like to withdraw your consent or lodge an objection, it is sufficient to send an email to: firstname.lastname@example.org.
Segments from: Data protection configurator from mein-datenschutzbeauftragter.de