The protection of your personal data is very important to us. Therefore, we will only collect, process and use your personal data in compliance with the provisions of this Privacy Statement and the applicable data protection legislation.
SECTION 1 - RESPONSIBLE PARTIES
The data controller and party responsible for the operation of the Claï Studio – Website as well as the online store (https://www.claistudio.com), including any versions adjusted for mobile devices like smartphones, (hereinafter referred to as the “Website” and "online shop") is Stefanie Lennartz, Vorbergstraße 9B, 10823 Berlin, Germany. Carried out data processing activities are described in sections 3 to 6. Please note that some functions described hereinafter may not be displayed or may not be available on mobile devices (e.g. on smartphones).
SECTION 2 - STORING ACCESS DATA IN SERVER-LOGFILES
You can visit our website without giving any details about yourself. We only store access data in so-called server log files, for example, the name of the requested file, the date and time of the retrieval, the amount of data transferred, and the requesting provider. These data are only used to ensure the correct operation of the site and to improve our offer and do not allow us to draw conclusions about you.
SECTION 3 - DATA COLLECTION AND USE FOR CONTRACT PROCESSING
We collect, store and process personal data if you voluntarily communicate this to us within the framework of your order or when contacting us. This applies to the entire processing of your purchase, including any later warranties, to our services, to technical administration and to your own marketing purposes. Which data are collected can be seen in the respective input forms.
After completion of the contract, your data will be blocked for further use and will be deleted after expiration of the tax and commercial storage periods provided unless you have not expressly consented to any further use of your data or we reserve ourselves an additional data usage permitted by law and about which we will inform you below.
SECTION 4 - DATA GATHERING BY CLAÏ STUDIO
Claï studio is responsible for the operation of the customer orders as well as for providing the services offered in connection with it and for the mailing of newsletters. Claï studio will only collect, process or use your personal data as far as legally permitted or provided you have given your prior consent (e.g. for sending newsletters).
SECTION 5 - DATA USE E-MAIL NEWSLETTER REGISTRATION
If you have subscribed to a claï studio newsletter, claï studio will only use your personal information for the purpose of sending the requested newsletter to you. If you cancel your subscription to a newsletter, your data will be deleted without delay. You can cancel the subscription at any time by clicking on the related link in each newsletter.
SECTION 6 - DATA PROCESSING BY CLAÏ STUDIO
Claï studio is also responsible for all data processing related to the processing of orders placed in the Online Store.
SECTION 7 - DATA PROCESSING BY THIRD PARTIES
Where necessary, for example for the handling of your order, the mailing of newsletters or advertisements or the conduct of a contest, your personal data may be made available by claï studio to specialized service providers located within as well as outside of EU/EEA countries. These service providers are carefully selected by claï studio and will only process your data as instructed and on behalf of claï studio. Furthermore, they will comply with the provisions of this Privacy Statement and will take all requisite security measures.
SECTION 8 - COOKIES
SECTION 9 - USAGE OF SOCIAL PLUGINS FROM FACEBOOK, GOOGLE+, TWITTER USING THE “2-CLICK-SOLUTION”
On our website, so-called social plugins (“Plugins”) provided by the social networks Facebook, Google+ and Twitter are used. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103 (“Twitter”). Google+ is operated by the Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA (“Google”). The plugins are a Facebook, Twitter or Google+ logo or the phrase “Social Plug-in of Facebook/Twitter/Google+ “or” Facebook/Twitter/Google Social Plugin”. An overview of the Facebook, Twitter or Google+ plugins and their appearance can be found here:
For the security of your personal data our homepage integrates the so called “2-click-solution”. With this your browser does not directly make a connection to the Facebook/Twitter/Google servers, but only after you activated the “plug ins”. With this you give your agreement to the data transmission. The content of the plugin is from Facebook/Twitter/Google sent directly to your browser and integrated into the side. Through this integration Facebook/Twitter/Google receives the information that your browser called our website even if you do not have a Facebook/Twitter/Google profile or you are just not logged in. This information (including your IP address) will be directly transferred from your browser to a Facebook/Twitter/Google server in the US and stored there. If you are logged into Facebook/Twitter/Google, the company can directly relate our website to your profile. If you interact with the plugins, for example, the “Like”, “Twitter” or “+1” – Button or leaving a comment, this information is also directly transmitted to a Facebook/Twitter/Google server and stored there. The information is also published on your profile. For purpose and scope of data collection, further processing and your individual rights please refer to the privacy policies of Facebook/Twitter/Google:
If you do not want Facebook/Twitter/Google to collect data about your visit on our website, you need to logout your profile, before you visit our website. You can also avoid Facebook plug-ins to come into action through add-ons for your browser like the “Facebook Blocker” (http://webgraph.com/resources/facebookblocker/).
SECTION 10 - USAGE OF GOOGLE ANALYTICS, WEB ANALYTICS SERVICE PROVIDED BY GOOGLE INC. (“GOOGLE”)
SECTION 11 - DATA SECURITY
To protect your payment data, it is encrypted using a 128-bit key and transferred to our servers using the SSL (Secure Sockets Layer) protocol. You can verify that the connection is secure by checking the URL displayed in your browser. If the beginning of the address changes from “http” to “https”, a secure connection has been established. In addition, all payment providers are PCI-DSS (Payment Card Industry Data Security Standard) certified and comply with highest security standards in order to secure your payment data. For more information please visit: www.pcisecuritystandards.org.
SECTION 12 - RIGHT TO OBTAIN, CORRECT, BLOCK OR DELETE INFORMATION
You have a right to obtain information regarding the personal data stored about you free of charge. Furthermore, you have the right to correct your personal data or have it blocked or deleted. You may, at any time, revoke any given consent to the collection, processing and use of data with future effect. Should you have any questions regarding data protection and the use of your personal data, or if you wish to obtain information regarding the personal data we have stored about you or would like to exercise your right to have this data corrected, blocked or deleted, please send an e-mail with your request to email@example.com. The same applies in the event that you wish to revoke your consent to the collection of your personal data. You can also use the contact details supplied in the imprint to contact us or use the contact form available at the Online Store or Website. Claï studio will only collect, process and use the information that you provide on a contact form for the purpose of handling the matter that you wrote about on this form.
SECTION 13 - RIGHT TO OBJECT
Please contact us at any time if you would like to find out which personal data we store about you or if you want to have it corrected or deleted. Furthermore, you have the right to restrict processing (Art. 18 GDPR), a right to object to processing (Art. 21 GDPR) and the right of data transferability (Art. 20 GDPR).