Privacy policy

Privacy Policy

Below, we inform you about the type, scope, and purpose of processing your personal data when using our shop. Personal data refers to all information that relates to an identified or identifiable natural person.

  1. Controller The controller within the meaning of the EU General Data Protection Regulation (GDPR) is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data. For the personal data processed in this shop, the controller within the meaning of the GDPR is: Worawo OHG, Dankwartstraße 13, 23966 Wismar, Telephone 03841281528, Email info@worawo.de (hereinafter "we").

  2. When you visit our website When you visit our website, our server collects the following information from your device: browser type and version, operating system, the previously visited website ("referrer"), IP address, and the time of the page view.

We collect and process this data to ensure the smooth operation of our website and to be able to detect, defend against, and track the misuse of our services. Furthermore, we use the collected data for statistical purposes, such as evaluating which devices and browsers access our shop, in order to continuously adapt and improve our offer based on this information. This data processing is based on Article 6(1)(f) GDPR.

We delete all the above-mentioned personal data at the latest twelve months after its collection.

  1. When you place an order with us When you place an order in our shop, we process your name, delivery address, and email address as provided during the ordering process. If you voluntarily provide additional data with your order (e.g., a different billing address or a phone number), we also process that data.

We process this data electronically for the proper fulfillment of the contract, especially for delivery, invoicing, payment processing, and handling returns and complaints. This data processing is based on Article 6(1)(b) GDPR.

We keep this data stored until all mutual claims arising from the respective contractual relationship with you are fully settled and the commercial and tax retention periods have expired, to which we are subject.

For the conclusion of a contract between you and us, it is necessary that we receive your name, delivery address, and email address. The necessity of providing this data arises from legal requirements (e.g., § 312i para. 1 no. 3 BGB, § 14 para. 4 UStG). Without providing this data, you cannot conclude a contract with us.

In the decision to conclude a contract, we refrain from automated decision-making and profiling.

  1. Customer account You can optionally create a customer account in our online shop. The data required and processed by us for this purpose can be found in the input mask for opening the customer account. The customer account is only set up at your request. The legal basis is therefore your consent in accordance with Article 6(1)(a) GDPR. We keep the personal data associated with the customer account stored until you delete the customer account or request its deletion. For personal data from already concluded contracts, the retention periods specified in the section "When you order from us" apply, regardless of the existence of the customer account.

  2. Delivery and payment If we send physical goods as part of the purchase contract, we transmit the name and address of the recipient and, if you have consented, your email address, to Deutsche Post (Deutsche Post AG, 53113 Bonn), DHL (DHL Paket GmbH, 53113 Bonn), or RPV Regionalpaket Vertriebsgesellschaft mbH as shipping service providers, for the purpose of delivering the shipment, including a prior email notification about the expected delivery time, and for the purpose of a possible return of your shipment to us based on Article 6(1)(b) GDPR.

For the payment of your purchase, the payment service provider chosen by you collects and processes your name, email address, card or account number, and/or other data as required for the chosen payment method. The contractual and data protection provisions of the payment service provider you have chosen also apply in addition.

When receiving a payment, we process the data transmitted to us by the payment service provider. The data processed depends on the payment service provider chosen by you.

The processing is based on Article 6(1)(b) GDPR. We keep this data stored until all mutual claims arising from the respective contractual relationship with you are fully settled and the commercial and tax retention periods have expired, to which we are subject.

  1. Data processors To support our operational processes, we use the services of BillBee (BillBee GmbH, 32756 Detmold) as a data processor in accordance with Article 28 GDPR.

For the operation of our website on the Internet, we use the technical services of Mailchimp.com / The Rocket Science Group LLC 675 Ponce de Leon Ave NE Suite 500 Atlanta, GA 30308 USA as a data processor in accordance with Article 28 GDPR.

  1. Contact If you use a contact form or a chat function on our website, we process the data you enter, which may include your name and email address, in addition to your message.

If you send us a message by email, we save your message with the sender data transmitted (name, email address, and possibly other information added by your email program and the transmitting servers). For receiving, storing, and sending emails, we use an email provider who acts as a data processor for us in accordance with Article 28 GDPR.

The legal basis for this data processing is our legitimate interest in responding to your message and being able to respond to any follow-up questions from you (Article 6(1)(f) GDPR). We delete the data collected with your message at the latest twelve months after the last communication with you regarding your request, subject to the regulation in the following paragraph.

If you submit a legally relevant declaration regarding the contractual relationship (e.g., a revocation or complaint), the legal basis for the processing, regardless of the transmission method, is also Article 6(1)(b) GDPR. In such a case, we delete the data related to your statement as soon as all mutual claims from the contractual relationship are finally settled and the commercial and tax retention periods have expired.

  1. Newsletter If you have subscribed to our newsletter, we will inform you by email about new offers and features of our shop. You will not receive more than one newsletter per week. You can object to the use of your email address for advertising purposes at any time, informally and without incurring any costs other than the transmission costs according to the basic tariffs.

This data processing is based on your consent in accordance with Article 6(1)(a) GDPR. If you revoke your consent to the use of your email address for advertising purposes, we will delete your email address from our newsletter distribution list.

  1. Use of cookies If you have consented to the use of cookies, we place one or more "cookies" on your device. A cookie is a small text file that allows us to recognize your device when you visit our shop again later. With the help of cookies, we can also analyze certain user behavior, such as which products you view, how long you stay on our site, and when and how often you return to our shop. Cookies stored by us are deleted at the latest twelve months after your last visit to our shop.

This data processing is based on your consent (Article 6(1)(a) GDPR).

You can prevent the storage of cookies by going to the cookie settings of your internet browser and objecting to the storage of cookies for our site or for all websites. There, you can also delete already stored cookies.

  1. Social Media Social media buttons may be displayed in our shop; they can be recognized by the logos of the social media platforms ("platforms") (Facebook: "f" logo, Twitter: bird silhouette, Instagram: square camera, Pinterest: "p", Google+: "g+"). Clicking on such a button calls up the website of the respective platform, with the IP address of the calling device and the address of the page from which the link is made ("referrer") being transmitted to the called platform. However, we do not collect or process any data in connection with the social media buttons ourselves.

  2. Your rights Regarding the personal data we process about you, you have the following rights:

You have the right to request confirmation from us as to whether we are processing personal data concerning you. If this is the case, we will provide you with the personal data stored about you and the further information in accordance with Article 15(1) and (2) GDPR.

You have the right to have incorrect personal data concerning you corrected without delay. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data, including by means of a supplementary statement.

You can request the immediate deletion of personal data concerning you under the conditions of Article 17(1) GDPR, provided that the processing is not necessary under Article 17(3) GDPR.

You can request the restriction of the processing of your data if one of the conditions of Article 18(1) GDPR is met. You can request the restriction instead of deletion, especially in case of a restriction.

We will inform all recipients to whom we have disclosed personal data about you of any correction or deletion of your personal data and any restriction on processing, unless this proves impossible or involves a disproportionate effort. We will also inform you about these recipients if you request it.

You have the right to receive the personal data you have provided to us in a structured, common, and machine-readable format and to request that we transmit this data to another controller without hindrance, as far as this is technically possible.

If data processing is based on your consent, you have the right to revoke your consent at any time. The revocation of consent does not affect the lawfulness of the data processing carried out until your revocation.

RIGHT TO OBJECT: FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, YOU CAN OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU AT ANY TIME; this right to object exists with regard to the data processing that is based on Article 6(1)(f) GDPR to safeguard our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms, which require the protection of personal data, outweigh. If you exercise your right to object, we will no longer process the data concerned, unless we can prove compelling legitimate reasons for the processing that outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

IN CASE WE PROCESS PERSONAL DATA FOR DIRECT MARKETING PURPOSES (E.G., NEWSLETTERS), YOU CAN OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING AT ANY TIME, WITH THE RESULT THAT WE WILL NO LONGER PROCESS YOUR DATA FOR THESE PURPOSES.

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, your place of work, or the place of the alleged infringement. This does not preclude other administrative or judicial remedies.

  1. Use of Google Analytics We use Google Analytics to analyze website usage. The data obtained is used to optimize our website and advertising measures.

Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the data for website usage on our behalf and contractually commits to measures to ensure the security and confidentiality of the processed data.

During your visit to the website, the following data is recorded:

Visited pages Orders including turnover and ordered products Achievement of "website goals" (e.g., contact inquiries and newsletter registrations) Your behavior on the pages (e.g., duration of stay, clicks, scroll behavior) Your approximate location (country and city) Your IP address (in shortened form, so that no clear assignment is possible) Technical information such as browser, internet provider, device, and screen resolution Source of your visit (i.e., through which website or advertising medium you came to us) Personal data such as name, address, or contact details are never transmitted to Google Analytics.

This data is transferred to servers of Google in the USA. We would like to point out that data protection in the USA may not be guaranteed at the same level as within the EU.

Google Analytics stores cookies in your web browser for a period of two years from your last visit. These cookies contain a randomly generated user ID that can be used to recognize you on future website visits.

The recorded data is stored together with the randomly generated user ID, enabling the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.

If you do not agree with the collection, you can prevent it by installing the browser add-on to deactivate Google Analytics once or by rejecting cookies through our cookie settings dialog.

13. TikTok

We use the TikTok Pixel on our website. The TikTok Pixel is a TikTok advertising tool provided by both TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and TikTok Information Technologies UK Limited, WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom (collectively "TikTok"). The TikTok Pixel is a JavaScript code snippet that allows us to understand and track the activities of visitors on our website. The TikTok Pixel collects and processes information about the visitors to our website or their used devices. The data collected through the TikTok Pixel is used for targeting our advertisements, improving ad delivery, and for personalized advertising. For this purpose, the data collected on our website via the TikTok Pixel is transmitted to TikTok. Some of this data may be information stored on your used end device. Additionally, cookies are used by the TikTok Pixel to store information on your used end device. Such storage of information by the TikTok Pixel or access to information already stored on your end device only occurs with your consent.

For further information on how TikTok processes personal data, including the legal basis TikTok relies on and the options to exercise your rights with TikTok, please refer to TikTok's privacy policy at https://www.tiktok.com/legal/privacy-policy?lang=en-US.

14. Facebook

This website uses the visitor action pixel from Facebook for conversion measurement. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the United States and other third countries.

This allows tracking of the behavior of site visitors after they have been redirected to the provider's website by clicking on a Facebook ad. This enables the evaluation of the effectiveness of Facebook ads for statistical and market research purposes, and future advertising measures can be optimized.

The collected data is anonymous to us as the operator of this website, and we cannot draw any conclusions about the identity of the users. However, Facebook stores and processes the data, allowing a connection to the respective user profile, and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy. This allows Facebook to display ads on Facebook pages as well as outside of Facebook. We, as the website operator, cannot influence this use of the data.

The use of Facebook Pixel is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If the corresponding consent has been requested (e.g., consent to the storage of cookies), processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

In Facebook's privacy policy, you will find further information on protecting your privacy: https://de-de.facebook.com/about/privacy/.

You can also deactivate the remarketing function "Custom Audiences" in the ad settings at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can deactivate Facebook's usage-based advertising on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.