DATA PROTECTION

Data protection

Unless otherwise stated below, the provision of your personal data is neither legally nor
contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the data.
Failure to provide such data will have no consequences. This only applies if no other information is provided in the subsequent processing operations.
is made.
“Personal data” means any information relating to an identified or identifiable natural person.


Server log files
You can visit our websites without providing any personal information.
Every time you access our website, usage data is sent to us or our web host / IT service provider through your Internet browser
and stored in protocol data (so-called server log files). This stored data includes, for example, the name of the accessed
Page, date and time of retrieval, IP address, amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in the
To ensure trouble-free operation of our website and to improve our offering.

Your data will be transferred to Canada, among other places. For data transfers to Canada, there is an adequacy decision by the EU Commission
before.


Contact

Responsible
Please contact us if you wish. The person responsible for data processing is: Mija Matuski, Pescher Str.
116, 41352 Korschenbroich Germany, 017663098661, info@goldenbumblebee.de

Customer’s initiative contact via email
If you initiate business contact with us by email, we collect your personal data (name, email address,
message text) only to the extent provided by you. The data processing serves to process and answer your
Contact request.
If the contact serves to carry out pre-contractual measures (e.g. advice in case of interest in purchase, preparation of an offer)
or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit.
b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR from
our overriding legitimate interest in processing and answering your request. In this case, you have the right
for reasons arising from your particular situation, at any time to this processing based on Art. 6 (1) lit. f GDPR
to object to the processing of personal data concerning you.
We only use your email address to process your request. Your data will then be processed in accordance with legal
Retention periods will be deleted unless you have consented to further processing and use.


Orders

Collection, processing and transfer of personal data when placing orders
When you place an order, we only collect and process your personal data to the extent necessary to fulfil and process your order.
and to process your inquiries. The provision of data is necessary for the conclusion of the contract.
Failure to provide this data will result in no contract being concluded. Processing is carried out on the basis of Art. 6 Para. 1 lit. b
GDPR and is necessary for the performance of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have selected,
Payment service providers, service providers for order processing and IT service providers. In all cases, we strictly observe the legal
Specifications. The scope of data transmission is limited to a minimum.
Your data will be transferred to Canada, among other places. For data transfers to Canada, there is an adequacy decision by the EU Commission
before.


Advertising

Use of the email address for sending newsletters
We use your email address, regardless of the contract processing, exclusively for our own advertising purposes to send newsletters,
provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 paragraph 1 letter a GDPR with your consent.
You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by
Unsubscribe from our communications. Your email address will then be removed from the mailing list.

Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) to send newsletters in
As part of order processing.
We pass on the information you provide during the newsletter registration (email address, if applicable first and
Last name) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking
Link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links.
In this context, we collect your personal data such as IP address, browser type and device as well as the time.
Data can be used to create user profiles under a pseudonym. The data collected will not be used to identify you personally.
identify. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transferred to Klaviyo servers in the USA and stored there. For the USA, a
The EU Commission has an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has committed itself to the
TADPF certified and therefore obliged to comply with European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR from our predominantly
legitimate interest in a targeted, promotional and user-friendly newsletter system. You have the right
reasons arising from your particular situation, at any time to this processing of personal data concerning you
to object to data.
For more information about privacy at Klaviyo, please visit https://www.klaviyo.com/legal/privacy-notice and
https://www.klaviyo.com/legal/data-processing-agreement.


Shipping service provider merchandise management

Passing on the email address to shipping companies to inform them about the shipping status
We will pass on your email address to the transport company as part of the contract processing, provided that you expressly consent to this in the
The purpose of the data transfer is to inform you by email about the shipping status. The processing
is based on Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us or
the transport company, without affecting the legality of the processing carried out on the basis of the consent until the revocation
is touched.

Use of an external inventory management system
We use a merchandise management system to process contracts as part of order processing. For this purpose, your data will be
personal data collected during the order to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal.


Cookies

Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on the
computer system of a user. When a user visits a website, a cookie can be placed on the operating system of the
This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when
allows you to access the website again.

Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting
By making appropriate technical settings in your Internet browser, you can be notified before cookies are set and
decide individually whether to accept them or not, and prevent the storage of cookies and the transmission of the data they contain.
Cookies stored on our website can be deleted at any time. However, we would like to point out that you may not be able to use all
can fully use the functions of this website.

The links below will tell you how to manage cookies in the most important browsers (including
deactivate):
Chrome: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-
2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac


Technically necessary cookies
Unless otherwise stated in the privacy policy below, we only use these technically necessary
Cookies to make our service more user-friendly, effective and secure. Cookies also enable
our systems to recognize your browser even after you change pages and to offer you services. Some functions of our
The website cannot be offered without the use of cookies. These require that the browser is
page change is recognized.

The use of cookies or similar technologies is based on Section 25 Para. 2 TTDSG. The processing of your
personal data is processed on the basis of Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in the
Ensuring optimal functionality of the website as well as a user-friendly and effective design of our offering.
You have the right, for reasons related to your particular situation, to object at any time to the processing of personal data concerning you.
personal data.

Use of GDPR Legal Cookies
We use the consent management tool GDPR Legal Cookie from beeclever GmbH (Universitätsstraße 3, 56070
Koblenz a. Rh.; “beeclever”). The tool enables you to consent to data processing via the website, in particular the
setting of cookies, as well as to exercise your right to withdraw consent for consents already given.
The data processing serves the purpose of obtaining and documenting the necessary consents for data processing and thus
to comply with legal obligations. Cookies can be used for this purpose. The following information can be collected and
transmitted to beeclever: anonymized IP address, date and time of consent, URL from which the consent was sent
was, anonymous, random, encrypted key, consent status. This data will not be passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 (1) lit. c GDPR.
Further information on terms of use and data protection at beeclever can be found at: https://gdpr-legal-cookie.com/pages/termsconditions
and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.


analysis

Using Shopify Statistics
We use the statistics and analysis functions of Shopify International Limited (2nd Floor Victoria Buildings, 1-2
Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") as part of an order processing agreement. Shopify is a service provider affiliated with Shopify Inc. (151
O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada) affiliated company
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data on marketing and
optimization purposes and provided in reports, analyses and statistics. The following device information is stored, among others,
collected and processed: Information about the web browser, IP address, time zone and some of the cookies stored on your device
are installed. When you navigate on the website, information about the websites or products you visit, the referrer
URL (website from which you accessed our website) and information about how you interact with the website.
For this purpose, technologies such as cookies, web beacons, tags and pixels (electronic files for collecting information about
how you navigate the website).
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Clause 1 TTDSG in conjunction with
Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 Para. 1 lit.
a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
processing carried out.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz, information about
Order processing agreement at https://www.shopify.com/de/legal/dpa and information on the cookies used
at https://www.shopify.com/de/legal/cookies.


Plug-ins and Others

Use of Google reCAPTCHA
We use the reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) on our website;
"Google"). The query serves the purpose of distinguishing the input by a human or by automated, machine
Processing. For this purpose, your input will be transmitted to Google and used there. In addition, the IP address and, if applicable,
other data required by Google for the reCAPTCHA service. This data is stored by Google within the
European Union and may also be transferred to Google LLC servers in the USA. For the USA, a
The EU Commission has an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has agreed to
TADPF certified and therefore obliged to comply with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Clause 1 TTDSG in conjunction with
Art. 6 Para. 1 lit. a GDPR. Your personal data will be processed with your consent on the basis of Art. 6 Para. 1 lit.
a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
processing carried out.
Further information about Google reCAPTCHA and the associated privacy policy can be found
at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy.

Use of Cloudflare
We use the content delivery network Cloudflare CDN from Cloudflare Inc. (101 Townsend St, San Francisco, CA
94107, USA; “Cloudflare”). This is a nationwide network of servers in various data centers, with which
our web server connects and through which certain content of our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.
design.
The following information may be collected: IP address, system configuration information, information about
the traffic to and from customer websites (so-called server log files).
Your data may be transferred to the USA. For the USA, an adequacy decision of the EU Commission exists,
the Trans-Atlantic Data Privacy Framework (TADPF). Cloudflare has certified itself according to the TADPF and is therefore committed to European
to comply with data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR from our predominantly
legitimate interest in the needs-based and targeted design of the website. You have the right, for reasons that arise
arising from your particular situation, at any time to this processing based on Art. 6 (1) lit. f GDPR concerning you
personal data.
For more information on data protection when using Cloudflare, please visit https://www.cloudflare.com/de-de/privacypolicy/.

Use of Google Maps
We use the function for embedding GoogleMaps from Google Ireland Limited (Gordon House, Barrow
Street, Dublin 4, Ireland, "Google").
The function enables the visual representation of geographical information and interactive maps. Google
When you visit the pages that contain Google Maps, data from visitors to the websites is also collected, processed and
used.
Your data may also be transferred to the USA. For the USA, an adequacy decision by the EU Commission
the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to
comply with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Clause 1 TTDSG in conjunction with
Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 Para. 1 lit.
a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
processing carried out.
For more information about the collection and use of data by Google, please see Google’s privacy policy at
https://www.google.com/privacypolicy.html. There you also have the option to change your settings in the data protection center, so
that you can manage and protect the data processed by Google.

Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of uniform display of fonts on our website. In order to load the fonts,
When you visit a page, a connection is established to Google servers. Cookies may be used for this purpose. Among other things, your IP address
and information about the browser you use is processed and transmitted to Google. This data is not linked to your
Google account linked.
Your data may be transferred to the USA. For the USA, an adequacy decision of the EU Commission exists,
the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is thus committed to European
to comply with data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Para. 1 Sentence 1 TTDSG in conjunction with
Art. 6 Para. 1 lit. a GDPR. Your personal data will be processed with your consent on the basis of Art. 6 Para. 1 lit.
a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
processing carried out.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and
at https://developers.google.com/fonts/faq.

Use of Adobe Fonts
We use Adobe Fonts from Adobe Systems Software Ireland Limited (4-6 Riverwalk Citywest Business Campus,
Dublin 24, Ireland; “Adobe”).
The data processing serves the purpose of uniform display of fonts on our website. In order to load the fonts,
When you visit the site, a connection is established to Adobe servers. Cookies may be used for this purpose. Among other things, your IP address
and information about the browser and operating system you use is processed and transmitted to Adobe.
Your data may be transferred to third countries, such as the USA and India. There is no adequacy decision by the EU Commission for India
For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy
Framework (TADPF). Adobe has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Clause 1 TTDSG in conjunction with
Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 Para. 1 lit.
a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
processing carried out.
Further information on data processing and data protection can be found at https://www.adobe.com/de/privacy/policy.html and
at https://www.adobe.com/de/privacy/policies/adobe-fonts.html.


Rights of data subjects and storage period

Duration of storage
After the contract has been fully processed, the data will be stored initially for the duration of the warranty period, then taking into account
statutory, in particular tax and commercial retention periods and then deleted after expiry of the period, provided that you
have not consented to further processing and use.

Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information,
Rectification, erasure, restriction of processing, data portability.
In addition, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR
based, as well as against processing for direct marketing purposes.

Right to complain to the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you consider that the processing
Your personal data is not processed lawfully
.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach at the following contact details
to reach:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
PO Box 20 04 44
40102 Dusseldorf
Phone: +49 211 384240
Fax: +49 211 38424999
Email: poststelle@ldi.nrw.de

Right to object
The personal data processing listed here is based on our legitimate interest in accordance with Art. 6 Para. 1 lit.
f GDPR, you have the right, for reasons arising from your particular situation, to object to this processing at any time with effect
to object in the future.
After objection has been made, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds
for the processing which overrides your interests, rights and freedoms, or if the processing is necessary for the assertion,
Exercise or defense of legal claims.

Last update: 29.11.2023