We will process your personal data (e.g. title, name, address, e-mail address, phone number, bank details, credit card number) solely in accordance with the provisions of the German data protection law and the data protection law of the European Union (EU). The following provisions will inform you, besides the information about the processing purposes, recipients, legal bases and storage periods, also about your rights and the controller for your data processing. This privacy policy applies only to our websites. If you are directed to other sites via links on our pages, please pay attention and be sure to review their privacy practices.

(1) Purpose of data processing

Your personal data you provide us during the ordering process are necessary for the conclusion of a contract with us. You are not obliged to provide your personal data. However, we would not be able to send you the goods without your address. For some payment methods we ask for the necessary payment data in order to pass them on to a payment service provider commissioned by us. Hence, the processing of your data collected during the ordering process is soley for the purpose of contract performance.

If you send us a request by e-mail or by using the contact form, etc. before concluding the contract, we process the obtained data to carry out pre-contractual measures and answer your questions about e.g. our products.

In the case of opening a customer account, your data (in particular name, address, payment method, e-mail and password) will be processed for registration and creation of a customer login. With the stored data, you are able to shop faster and view your previous orders at any time. By sending us a note or via a delete function you can delete the account again.

(2) Legal basis

The legal basis for such processing is set out in Article 6 (1) (b) of the GDPR.

(3) Recipient categories

Payment service provider, shipping service provider, hosting provider, if necessary merchandise management system, suppliers if necessary (drop-shipping).

(4) Duration of Storage

We store the data required for contract execution until the statutory warranty and, if applicable, contractual warranty periods expire.

We store the data required under commercial and tax law for the statutory periods, generally ten years (cf. § 257 German Commercial Code (HGB), § 147 Regulation of Taxation (AO)).

The data processed for the execution of pre-contractual measures will be deleted as soon as the measures have been carried out and the contract cannot be concluded.

(1) Purpose of processing
If you decide to rate our service, we will collect and process your personal date e.g. email address and number and date of your request, in order to send you a rating confirmation and a final rating request as well as to assign your rating and to prevent misuse of your rating.
(2) Legal Basis
This processing is based on our legitimate interests in the improvement of our services and the prevention of misuse of ratings in accordance with Act. 6 1 (f) of the GDPR.
(3) Recipient
[Please name the company performing the shop rating]
(4) Storage periods
Your data will be stored as long as the EHI shop rating is displayed on our website.

The Trustami trust seal is integrated on this website to display the collected ratings and social media feedback. This serves the implementation of our legitimate interests in an optimal marketing of our offer on our own website according to Art. 6 para. 1 p. 1 lit. f DSGVO. When the Trustami trustmark is accessed, the web server automatically stores data (access data) in the form of a server log file containing the name of the website accessed, the file, the date and time of access, your IP address in abbreviated form, the volume of data transferred, the message about a successful access, the browser type, the user's operating system, the referrer URL (the previously visited page) and the requesting provider. This access data is not evaluated and is automatically overwritten at the latest seven days after the end of your visit to the site. The Trustami trustmark and the services advertised with it are an offer of Trustami GmbH, Bamberger Straße 40, 10779 Berlin. The privacy policy of Trustami at www.trustami.com/datenschutz applies to the processing of data collected by Trustami.

Google reCAPTCHA
We use Google reCAPTCHA (hereinafter 'reCAPTCHA') to check entries made in online forms on our website. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google').
The purpose of reCAPTCHA is to check whether data is being entered by a human or being misused by automated machine processing. To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor accesses the page. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website or mouse movements of the user). The data collected during the analysis will be forwarded to Google.

The reCAPTCHA analyses take place entirely in the background. Website visitors are not notified that an analysis is taking place.

The processing is carried out on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its web content from abusive automated spying and from spam. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; consent can be revoked at any time.

For more information about Google reCAPTCHA and Google's privacy policy, please see the following links:
https://policies.google.com/privacy
https://www.google.com/recaptcha/about/

If you have special requirements or need further customisations, please let me know!

Mollie

Privacy Statement
As a financial institution, Mollie processes a large amount of data from our customers who use Mollie's services, as well as from our end customers (consumers). Both our customers and consumers are invaluable to Mollie. It is therefore very important to Mollie to ensure that our customers' and consumers' data, and in particular their personal data, is processed carefully and securely.

This privacy statement is intended to inform you about how Mollie ('Mollie', 'we', 'our', 'us') processes personal data of our (potential) customers, business partners, consumers and website users. Mollie values your privacy. If you have any questions about our use of your personal data, please contact us using the contact details provided at the end of this privacy statement.

If you are an applicant, please read our privacy statement for the application process to see how we process your personal data.

What is Mollie?
Mollie's responsibilities
What personal data does Mollie process?
Does Mollie process sensitive personal data?
In which cases does Mollie collect and use your personal data?
How long does Mollie store your personal data?

How does Mollie keep your personal data secure?
Does Mollie share your personal data with third parties?
Does Mollie use cookies?
What are your rights?
How can you contact Mollie?
Data Protection Officer
What is Mollie?
Mollie is a payment service provider that offers customers (e.g. webshops) the opportunity to receive online payments from their consumers (payers). Mollie is a regulated payment service provider, supervised by the relevant national (regulatory) authorities and institutions under national law. Mollie enables Clients to offer their Consumers a choice of payment methods, such as bank transfer, credit card, postpay and other payment methods. This means that you may come into contact with Mollie if you have a webshop or wish to use Mollie's payment services for other reasons, if users have paid through a webshop or website that uses Mollie's services, or if they visit Mollie's website(s).

You can find more information about Mollie on the About Mollie page.

Mollie's responsibilities

For all the activities and purposes described in this privacy statement, Mollie acts as a data controller in accordance with the EU General Data Protection Regulation 2016/679 (GDPR) and the UK General Data Protection Regulation (UK GDPR). As an authorised financial institution, Mollie takes this position for the following reasons:

Mollie determines which personal data must be processed for the correct execution of a payment;

Mollie determines the other purposes for which the personal data may be processed, provided that these purposes are compatible with the purpose for which Mollie obtained the personal data;
Mollie must comply with legal requirements, for example regarding financial supervision, the law on the prevention of money laundering and terrorist financing; and
Mollie has established its own terms and conditions, which apply directly to customers and consumers.

What personal data does Mollie process?
Mollie processes data about you if you use Mollie's services and/or you provide personal data to Mollie yourself. Below you will find an overview of the personal data that Mollie processes, depending on the product or service you use, and in what capacity.

Customers

Please note that we generally process data about your company. Business information is not considered personal data. However, if you operate as a sole proprietorship, some of your business information may be considered personal data. When you, as a customer, use a Mollie service, the following personal data is processed:

Mollie account holder

Your first and last name;

your company telephone number;
your company email address;
your company details (legal form, address details, Chamber of Commerce registration number, bank account number, VAT number);
account login details;
other personal data that you actively provide, for example by creating a custom environment on our website, by written correspondence or by telephone.

Beneficial owner

Your first and last name;
Your date of birth;
Your place of birth;
Your identification document details.
Consumer

When you use a Mollie service as a consumer, the following personal data is processed:

Your payment details (e.g. bank account number or credit card number);
Your IP address;

your internet browser and device type;
in some cases, your first and last name;
in some cases, your address details;
in some cases, your email address and/or telephone number;
in some cases, information about the product or service you have purchased from our client;
other personal data that you actively provide, for example, by correspondence or telephone when you contact our customer service.

The cases in which we may process your personal data, but do not always do so, may depend, for example, on the payment method you use, the APIs used by our customers and whether you contact our customer service as a consumer.

Business partners

If you are one of our business partners, the following personal data will be processed:

Your first and last name;
Your telephone number;
Your company email address;

In some cases and depending on the relationship, your identification document details;
Other personal data that you actively provide, for example by correspondence, email or telephone.
Website user

When you use Mollie's websites, the following personal data may be processed (also depending on your cookie settings);

Your location data;
Data about your activities on our websites;

your IP address;
your internet browser and device type.
Does Mollie process sensitive personal data?
Mollie's websites, services and products are not designed for activities that require the processing of special categories of personal data. Therefore, Mollie asks you not to provide such data. Furthermore, it is not in Mollie's intention to collect personal data about underage website users, even if they have permission from their parents or guardian. Unfortunately, Mollie cannot check whether a website user is an underage person. Mollie therefore advises parents and guardians to supervise the online activities of their children, in order to prevent Mollie from processing data of minors.

In what cases does Mollie collect and use your personal data?
If you use (or request to use) Mollie's services as a customer, your personal data will be processed for the following purposes:

assessing your application;
creating and executing the agreement;
processing payments;
sending information about products or services and/or updates and/or changes to products or services;

contacting you regarding your experience with our products and services and sending you notifications about other new or relevant Mollie products or services;
analyses for statistical and scientific purposes;
training and assessment of Mollie employees;
recording evidence (if necessary);
providing support (e.g. by email and telephone);

ensuring the security and integrity of the financial sector, for example by investigating, detecting, preventing and actively combating (attempted) criminal conduct;
complying with legal requirements as a financial institution, for example regarding the Financial Supervision Act, the Money Laundering and Terrorist Financing (Prevention) Act.
If you are a business partner of Mollie, your personal data will be processed for the following purposes:

drawing up and executing the partnership agreement;
contacting you regarding your experience with our products and services and sending you notifications about other new or relevant Mollie products or services;
analyses for analytical and statistical purposes;
training and assessment of Mollie employees;
gathering evidence (if necessary);

providing support (e.g. by email and telephone);
ensuring the security and integrity of the financial sector, for example by investigating, detecting, preventing and actively combating (attempted) criminal conduct;
complying with legal requirements as a financial institution, for example via the Financial Supervision Act, the Money Laundering and Terrorist Financing Prevention Act.

If you use Mollie's services as a consumer (payer), your personal data will be processed for the following purposes:

processing payments;
analyses for statistical and scientific purposes;
training and assessment of Mollie employees;
recording of evidence (if necessary);
providing support (e.g. by email and telephone);

safeguarding the security and integrity of the financial sector, for example by investigating, detecting, preventing and actively combating (attempted) criminal conduct;
complying with legal requirements as a financial institution, for example via the Financial Supervision Act, the Money Laundering and Terrorist Financing Prevention Act.

When you use Mollie websites, your personal data may be processed (depending on where you use our websites) for the following purposes:

setting up a personal environment (dashboard) on Mollie websites;
granting access to the personal environment;
enabling you to download and use resources and white papers;

analysing your behaviour on Mollie's websites in order to improve the websites and to adapt the range of products and services to your preferences and needs;
analyses for statistical and scientific purposes.
Mollie processes personal data for the purposes listed above on the basis of your consent, for the performance of a contract, to comply with legal obligations, to carry out activities in the public interest and to pursue legitimate business interests. If Mollie wishes to process your personal data for purposes other than those described above, we will only do so after asking for your consent or if we have a legitimate interest, if legally required. If your personal data is processed on the basis of a legitimate interest, you can withdraw your consent or object to this processing at any time without stating reasons. Please note that the withdrawal of your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information that is conducted in reliance on lawful processing grounds other than consent. You may withdraw your consent by using the unsubscribe link in our emails where available. Alternatively, you may send your request to withdraw consent to privacy@mollie.com. If you, as our customer, withdraw your consent for processing for marketing purposes, we may still contact you regarding product functionality or updates, security updates, responses to customer support queries or other transaction-related purposes that are not marketing or administrative.

How long does Mollie store your personal data?

Mollie will not keep your personal data for longer than is necessary to achieve the purposes for which we obtained your personal data. For example, the personal data that Mollie receives in connection with the assessment of your application as a customer, the creation and execution of the agreement and the processing of payments must be kept by Mollie for years, depending on the applicable local legislation.

How does Mollie protect your personal data?
Mollie attaches great importance to the protection of your personal data. Mollie has implemented a number of technical and organisational security measures to protect your data and to comply with the applicable (legal) regulations. We use, among other things, network segmentation, technologies such as firewalls, DDoS protection systems and file integrity monitoring, strong authentication, encrypted transmission of data, monitoring and alerting, and we apply industry best practices for appropriate encryption and system configuration.

The organisational measures concern, for example, the separation of roles, least privilege principles, personnel screening, strict procedures for managing adjustments, incidents, vulnerabilities and suppliers, and recurrent training for personnel. In addition, the effectiveness of our security measures is regularly tested.

We use a responsible disclosure policy to report any issues with the protection of Mollie's systems.

Does Mollie share your personal data with third parties?
Processor

Mollie shares your personal data with third parties if this is necessary to provide our products and services. If third parties process your personal data on our behalf exclusively on our instructions, these third parties are considered processors. Mollie enters into a processor agreement with these processors. In this way, Mollie ensures that your personal data is processed with care, enjoys the same level of protection at all times, and that the confidentiality of your personal data is guaranteed. Nevertheless, Mollie remains solely responsible for all processing and therefore takes all reasonable administrative, technical, and physical measures to protect your personal data against unauthorised access, unintentional loss, or changes.

(Jointly) responsible

Mollie may also receive personal data from third parties and/or share your personal data with third parties that are also considered controllers. In these cases, Mollie will enter into appropriate agreements to ensure the robust protection of your personal data, if this is desirable or necessary (namely, if both parties act as joint controllers).

An overview of the controllers and processors that process data for which Mollie is the controller can be found here. We advise you to consult this overview regularly, as parties may be added or deleted.

If your personal data is to be shared with third parties for purposes other than those described above, Mollie will only do so if legally permitted to do so or after obtaining your consent.

Cross-border data transfer

As part of providing our services, your personal data may in some cases be processed by third parties (as processors, joint controllers or independent controllers) outside the European Economic Area (EEA). If your personal data is processed outside the EEA in a third country (a country without an adequate level of protection as determined by the European Commission) , Mollie ensures that i) the appropriate contract is concluded for the data processing (processing agreement, joint-controller agreement or provisions for data transfer from one controller to another, if desired); and ii) an appropriate transfer mechanism is in place, such as EU standard contractual clauses. In this way, Mollie ensures that your personal data always receives the same level of protection and that the confidentiality of your personal data is guaranteed.

Does Mollie use cookies?

Mollie uses functional cookies, cookies for a personalised experience on Mollie websites and cookies for a personalised experience on other websites. A cookie is a small text file that is stored in the browser of your device (computer, tablet or smartphone) when you first visit one of Mollie's websites. On the one hand, Mollie uses cookies that perform a purely technical function. These cookies ensure that the website works properly and can, for example, store your preferred settings so that Mollie can optimise the websites. On the other hand, Mollie uses cookies that track your surfing behaviour so that Mollie can show you its own, customised content and advertisements. Some cookies are placed on Mollie's websites by third parties, such as advertisers and/or social media companies. For more information about how Mollie uses cookies, please refer to our cookie policy.

What are your rights?
You have the right to request access to, correction, deletion, or transfer of the personal data processed by Mollie, to restrict or object to the processing of this data, unless these rights are overridden by a legal obligation or exception. For example, due to legal obligations (as indicated in point 6), Mollie is obliged to keep certain personal and payment data, which means that sometimes, even if you request it, we cannot delete all your personal data.

You can send your request to exercise your right(s) to data protection to privacy@mollie.com. Mollie may verify whether the request has been made by you and whether you are really the person you claim to be. If we cannot verify your identity directly, Mollie may ask you to send a copy of your ID (i.e. a passport or ID card). Please redact your photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN) in this copy to protect your privacy. Mollie will respond to your request as soon as possible, but in any case within one month of receipt, unless the request is so extensive that we have to extend this period by two months.

How can you contact Mollie?
If you have any questions about our use of your personal data, you can contact us via privacy@mollie.com.

If you believe that Mollie has used your personal data in an incorrect manner, or if you are not satisfied with Mollie's response to your question or request, you have the right to submit a complaint to the relevant data protection authority (in the Netherlands, this is the Autoriteit Persoonsgegevens) or to take legal action. You can find more information about your options for lodging a complaint here. The contact details for the relevant EU data protection authorities can be found here.

Data Protection Officer

Mollie has appointed a Data Protection Officer (DPO). The DPO is responsible for, among other things, supervising the processing of personal data by Mollie, keeping records of data processing operations, and advising and training our employees on the responsible use of personal data. The DPO is registered with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

If you still suspect that your data is not being handled appropriately or is not sufficiently protected, believe that your personal data has been misused, or believe that Mollie is not processing your personal data properly, you can contact our DPO at dpo@mollie.com.

Amsterdam, 6 December 2022.

(1) Purpose of data processing

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics 4 uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. According to Google, Google Analytics 4 does not log or store individual IP addresses. No precise location data is provided in Analytics. Instead, the following metadata is derived from IP addresses: "city" (and the derived latitude and longitude of the city), "continent", "country", "region", "subcontinent" (and the ID-based equivalents). For accesses originating from the EU, IP addresses are only used to derive location data and are immediately deleted afterwards. They are not logged, are not accessible, and are not used for any other use cases. When collecting measurement data in Analytics, all IP searches take place on EU-based servers before the traffic is forwarded to Analytics servers for processing. These servers are also located outside the EU.

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

(2) Legal basis

The legal basis for such processing is set out in Article 6 (1) (a) of the GDPR.

(3) Recipient categories

Google and its partners.

(4) Transfer to a third country

Google Ireland Limited is an affiliate of Google LLC. Google LLC is based in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043). The basis for the transfer of personal data from the EU to the US is the EU-U.S. Data Privacy Framework.

(5) Duration of Storage

2 months

(6) Right of revocation

You can revoke your consent at any time with effect for the future via our cookie banner or via our website.

You can prevent the installation of the cookies in your browser settings. If you choose to change your settings you may not be able to use the full functionality of this website.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website and from processing this data by Google by downloading and installing the browser plug-in available under the following link: optout

Please note that all PayPal transactions are subject to the PayPal Privacy Policy:

https://www.paypal.com/de/webapps/mpp/ua/privacy-full

(1) Purpose of data processing

This website uses technically necessary cookies. These are small text files that are stored for a short period in or by your Internet browser on your computer system. These cookies are employed, for example, when several products must be inserted in a shopping cart.

Other cookies remain stored permanently and recognize your browser on your next visit. These cookies are employed, for example, to store permanently your passwords for a customer account.

(2) Legal basis

The legal basis for such processing is set out in Article 6 (1) (f) of the GDPR.

(3) Legitimate interest

Our legitimate interest is the functionality of our website. The user data collected by technically necessary cookies and long term cookies are not used to create user profiles to preserve your interest in data protection.

(4) Duration of Storage

The technically necessary cookies are usually deleted when the browser is closed. Permanently stored cookies remain stored from a few minutes to several years.

(5) Right of revocation

If you do not wish these cookies to be stored, please deactivate the use of cookies in your Internet browser. However, this may cause a functional limitation of our website.

Your consent to persistent cookies can be withdrawn at any time by deleting the cookies in your browser settings.

If your personal data is processed, you are the ‘data subject’ in terms of GDPR and you have the following rights towards us, the controller:

1. Right to information

You may request us to provide information about your personal data processed by us under Article 15 of the GDPR.

2. Right to rectification

If your personal data provided to us is not up to date or not accurate you have the right to ask for modifications to your personal data under Article 16 of the GDPR. You also have the right to request us to complete an incomplete data.

3. Right to erasure

You have the right to have your personal data erased and ask for deletion of your data under Article 17 of the GDPR.

4. Right to restriction of processing

You have the right to restrict the processing your personal data under Article 18 of the GDPR.

5. Right to data portability

You have the right referred to in Article 20 of the GDPR to receive your personal data provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

6. Right to revoke the consent given under data protection law

You have the right referred to in paragraph 3 of Article 7 to withdraw your given consent based on the data protection provisions at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.

7. Right to lodge a complaint with a supervisory authority

If you consider that the processing of personal data relating to you infringes the GDPR, you have the right referring to in Article 77 of the GDPR to complain to the supervisory authority against the processing of your personal data (in particular in the Member State of your habitual residence, place of work or place of the alleged infringement ).

Please also note your right of objection under Article 21 GDPR:

a) In general: reasonable objection required

If the processing of personal data concerning you takes place in order

- to perform our overriding legitimate interest (legal basis: Article 6 (1f) GDPR)

or

- to safeguard the public interest (legal basis: Article 6 (1e) GDPR),

you are entitled to object to the processing at any time for reasons arising from your particular situation; this also applies to profiling based on the provisions of the GDPR.

In the event of objection, we will no longer process the personal data concerning you unless we can prove compelling grounds for processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defence of legal claims;

b) Special case of direct marketing: simple objection is sufficient

If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing and without stating reasons; this includes profiling to the extent that it is related to such direct marketing.

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

Responsible for data processing:
Jiffy Steamer Deutschland GmbH
Behringstr.28a
22765
Phone: +494033465331
info@jiffysteamer.de

This document was created and is updated with technology from janolaw GmbH.