Veri koruması

Privacy Policy

This Privacy Policy informs you about how we handle your personal data and about your rights under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). ROY ROBSON FASHION GmbH & Co. KG (hereinafter referred to as ‘we’ or ‘us’) is the data controller.

Contents

  1. General information
  1. Contact details
  1. Legal basis
  1. Duration of storage
  1. Categories of data recipients
  1. Data transfer to third countries
  1. Processing when you exercise your rights
  1. Your rights
  1. Right to object
  1. Data Protection Officer
  1. Data processing on our Web pages
  1. General information about our Web pages
  1. Cookies
  1. Consent management tool
  1. Meta Pixel
  1. WP Statistics
  1. YouTube
  1. Further data processing on our Web pages
    1. Data processing on https://royrobson.com/
    2. Data processing on https://100years.royrobson.com/https://100years.royrobson.com/
  1. Data processing on our social media pages
  1. Visiting a social media page
  1. Communication via social media pages
  1. Further data processing
  1. Applications
  1. Contact by email
  1. Contractual relationship
  1. Use of the email address for marketing purposes
  1. General information
  1. Contact details

If you have any questions or suggestions regarding this Privacy Policy or would like to contact us to assert your rights, please send your enquiry to

ROY ROBSON FASHION GmbH & Co. KG

Bleckeder Landstrasse 18–20

21339 Lüneburg, Germany
Tel. +49 (0)4131 8870
Email  office@royrobson.com

  1. Legal basis

The data protection term ‘personal data’ refers to all information relating to an identified or identifiable person. We process personal data in compliance with the relevant data protection regulations, in particular the GDPR and the BDSG. We only process data on the basis of legal permission. We process personal data only with your consent (Section 25 [1] of the German Telecommunications and Telemedia Data Protection Act [TTDSG] or Article 6 [1a] of the GDPR) in order to perform a contract to which you are a party or at your request to take steps prior to entering into a contract (Article 6 [1b] of the GDPR), to comply with a legal obligation (Article 6 [1c] of the GDPR) or if the processing is necessary to safeguard our legitimate interests or the legitimate interests of a third party, unless overridden by your interests or fundamental rights and freedoms which require protection of personal data (Article 6 [1f] of the GDPR).

If you apply for a vacancy with our company, we also process your personal data for the purpose of deciding on whether to enter into an employment contract (Section 26 [1] sentence 1 of the BDSG and Article 6 [1b] of the GDPR).

  1. Duration of storage

Unless stated otherwise in the following provisions, we will only store the data for as long as necessary to achieve the purpose of processing or to fulfil our contractual or legal obligations. Such statutory retention obligations may arise in particular from commercial or tax regulations. From the end of the calendar year in which the data was collected, we will retain such personal data contained in our accounting records for ten years and we will retain personal data contained in commercial correspondence and contracts for six years. Otherwise, we will retain data in connection with consents that require proof of consent and in connection with complaints and claims for receivables for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to processing for this purpose.

  1. Categories of data recipients

We use processors to process your data. The processing operations carried out by such processors include, for example, hosting, sending emails, maintenance and support of IT systems, customer and order management, order processing, accounting and billing, marketing measures and destruction of files and data carriers. A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller. Processors do not use the data for their own purposes, but carry out the data processing exclusively for the controller and are contractually obliged to guarantee suitable technical and organisational measures for data protection. Otherwise, we may transfer your personal data to bodies such as postal and delivery services, our bank, tax consulting/auditing firms or the tax authorities. Other recipients may result from the provisions below.

  1. Data transfer to third countries

Our data processing operations may involve the transfer of certain personal data to third countries, i.e. countries where the GDPR is not applicable. Such a transfer is permissible if the European Commission has determined that an adequate level of data protection is provided in the third country concerned. In the absence of such an adequacy decision by the European Commission, personal data will only be transferred to a third country if suitable safeguards are in place in accordance with Article 46 of the GDPR or if one of the conditions of Article 49 of the GDPR is met.

Where no adequacy decision has been made and nothing else is stated below, we use the EU standard contractual clauses as suitable safeguards for the transfer of personal data to third countries. You have the option of receiving or viewing a copy of these EU standard contractual clauses. To do so, please contact us at the address provided under ‘Contact details’.

If you consent to the transfer of personal data to third countries, the transfer will take place on the legal basis of Article 49 (1a) of the GDPR.

  1. Processing when you exercise your rights

If you exercise your rights pursuant to Articles 15 to 22 of the GDPR, we will process the personal data transmitted for the purpose of implementing these rights by us and in order to be able to provide evidence of this. Data stored for the purpose of providing and preparing information will only be stored for this purpose and for data protection control purposes; we will otherwise restrict processing in accordance with Article 18 of the GDPR.

The legal basis for this processing is Article 6 (1c) of the GDPR in conjunction with Articles 15 to 22 of the GDPR and Section 34 (2) of the BDSG.

  1. Your rights

As a data subject, you are entitled to assert your rights as a data subject against us. In particular, you have the following rights:

  • Pursuant to Article 15 of the GDPR and Section 34 of the BDSG, you have the right to obtain information as to whether or not we are processing your personal data and, if so, to what extent.
  • In accordance with Article 16 of the GDPR, you have the right to request that we rectify your data.
  • In accordance with Article 17 of the GDPR and Section 35 of the BDSG, you have the right to request that we erase your personal data.
  • Pursuant to Article 18 of the GDPR, you have the right to have the processing of your personal data restricted.
  • Pursuant to Article 20 of the GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit this data to another controller.
  • If you have given us separate consent to data processing, you may revoke this consent at any time in accordance with Article 7 (3) of the GDPR. Such a revocation does not affect the lawfulness of the processing that has taken place on the basis of consent up to the time of revocation.
  • If you believe that the processing of personal data concerning you infringes the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Article 77 of the GDPR.

  1. Right to object

Pursuant to Article 21 (1) of the GDPR, you have the right to object to processing on the legal basis of Article 6 (1e) or (1f) of the GDPR on grounds relating to your particular situation. If we process personal data about you for the purpose of direct marketing, you may object to this processing in accordance with Article 21 (2) and (3) of the GDPR.

  1. Data Protection Officer

You can contact our Data Protection Officer using the following contact details:

Email: datenschutzbeauftragter@royrobson.com

Herting Oberbeck Datenschutz GmbH

Hallerstrasse 76, 20146 Hamburg, Germany

https://www.datenschutzkanzlei.de

  1. Data processing on our Web pages
  1. General information about our Web pages

ROY ROBSON FASHION GmbH & Co. KG operates multiple Web pages. When you use one of these Web pages, we collect information that you provide yourself. In addition, certain information about your use of the Web page is automatically collected by us during your visit to our website. Under data protection law, the IP address is also classed as personal data. An IP address is assigned by the Internet service provider to each device connected to the Internet, enabling it to send and receive data.

The following information applies to all Web pages operated by ROY ROBSON FASHION GmbH & Co. KG. If special data processing takes place on individual Web pages, this will be indicated accordingly.

  1. Cookies

We use cookies and similar technologies (‘cookies’) on our Web pages. Cookies are small data sets that are stored by your browser when you visit a Web page. They identify the browser used, which can then be recognised by the Web server. Your browser gives you full control over the use of cookies. You can delete the cookies at any time in the security settings of your browser. You can opt out of the use of cookies in your browser settings, either generally or in specific cases.

The use of cookies is, in part, necessary for technical reasons for the operation of our website and is therefore permissible without the user’s consent. We may also use cookies to provide special features and content, as well as for analytical and marketing purposes. These may also include third-party cookies. We only use such technically unnecessary cookies with your consent in accordance with Section 25 (1) of the TTDSG and, if applicable, Article 6 (1a) of the GDPR. Information on the purposes, providers, technologies used, stored data and duration of storage in respect of individual cookies can be found in the cookie settings of our consent management tool.

  1. Consent management tool

Our Web pages use the Borlabs consent management tool from Borlabs GmbH (Germany, EU) to manage cookies and process personal data.

The consent banner enables the users of our Web pages to grant or revoke consent for certain data processing operations. By clicking on the ‘Accept all’ button or by saving individual cookie settings, you are agreeing to the use of the cookies concerned.

The basis under data protection law is your consent within the meaning of Article 6 (1a) of the GDPR.

The banner also helps us to provide proof of the declaration of consent. For this purpose, we process information about the declaration of consent and other log data relating to this declaration. Cookies are also used to collect this data. The processing of this data is necessary in order to be able to prove that consent has been granted. The legal basis is our legal obligation to document your consent (Article 6 [1c] in conjunction with Article 7 [1] of the GDPR).

You can revoke your consent to cookies here: Cookie-Settings

  1. Meta Pixel

On our Web pages, we use the Meta Pixel, a Meta business tool provided by Meta Platforms Ireland Limited (Ireland, EU). For the contact details of Meta Platforms Ireland Ltd. and the contact details of the Data Protection Officer of Meta Platforms Ireland Ltd., please refer to the Privacy Policy of Meta Platforms Ireland Ltd. at https://www.facebook.com/about/privacy.

The Meta Pixel is a snippet of JavaScript code that allows us to track the activities of visitors to our Web pages. This type of tracking is called conversion tracking. The Meta Pixel collects and processes the following information (known as event data):

  • Information about the actions and activities of visitors to our Web pages, such as searching for and displaying a product or purchasing a product;
  • Specific Pixel information such as the Pixel ID and the Facebook cookie;
  • Information about buttons clicked by website visitors;
  • Information contained in the HTTP headers, such as IP addresses, information about the Web browser, the location of the page, and the referrer;
  • Information on the status of the deactivation/restriction of ad tracking.

Some of this event data is information stored on the device you are using. In addition, the Meta Pixel also uses cookies that store information on the device you are using. Such storage of information by the Meta Pixel or access to information that is already stored on your end device only takes place with your consent in accordance with Section 25 (1) of the TTDSG.

The event data collected via the Meta Pixel is used to target our ads and to improve ad delivery on Meta products such as the social media platforms Facebook and Instagram, to personalise functions and content and to improve and secure Meta products. For these purposes, the event data collected on our Web pages using the Meta Pixel is transmitted to Meta Platforms Ireland Ltd. This collection and transmission of event data is carried out by us and Meta Platforms Ireland Ltd. as joint controllers. We have entered into a joint controller agreement with Meta Platforms Ireland Ltd. that sets out the allocation of data protection obligations between us and Meta Platforms Ireland Ltd. In this agreement, we and Meta Platforms Ireland Ltd. have agreed, among other things,

  • that we are responsible for providing you with all information pursuant to Articles 13 and 14 of the GDPR regarding the joint processing of personal data;
  • that Meta Platforms Ireland Ltd. is responsible for enabling the rights of data subjects pursuant to Articles 15 to 20 of the GDPR with regard to the personal data held by Meta Platforms Ireland Ltd. after joint processing.

You can view the agreement between us and Meta Platforms Ireland Ltd. at https://www.facebook.com/legal/controller_addendum.

Meta Platforms Ireland Ltd. is solely responsible for the subsequent processing of the event data transmitted. For more information on how Meta Platforms Ireland Ltd. processes personal data, including the legal basis upon which Meta Platforms Ireland Ltd. relies and the ways to exercise your rights vis-à-vis Meta Platforms Ireland Ltd., please refer to the Meta Platforms Ireland Ltd. Privacy Policy at https://www.facebook.com/about/privacy.

We have also engaged Meta Platforms Ireland Ltd. to compile reports on the impact of our advertising campaigns and other online content (campaign reports) on the basis of the event data collected via the Meta Pixel and to produce analyses and insights about users and their use of our Web pages, products and services (analytics). For this purpose, we transfer personal data contained in the event data to Meta Platforms Ireland Ltd. The personal data transferred is processed by Meta Platforms Ireland Ltd. as our processor in order to provide us with campaign reports and analytics.

We will only collect your personal data and transfer it to Meta Platforms Ireland Ltd. – and Meta Platforms Ireland Ltd. will only process this personal data on our behalf to produce analytics and campaign reports – if you have given your prior consent for this to happen. The legal basis for this processing of personal data is therefore Article 6 (1a) of the GDPR.

The data processed on our behalf is transmitted by Meta Platforms Ireland Ltd. to Meta Platforms, Inc. in the USA. Meta Platforms Ireland Ltd. transfers the data to Meta Platforms, Inc. on the basis of processor-to-processor standard contractual clauses, but reserves the right to use an alternative transfer method recognised by the GDPR and other applicable data protection laws in the European Economic Area, the United Kingdom and Switzerland.

  1. WP Statistics

We use the service WP Statistics, a WordPress plug-in from VeronaLabs OÜ (Estonia, EU), on our Web pages. WP Statistics provides us with various statistics about the use of our website, e.g. the number of website visitors and their origin. These statistics allow us to improve our website and tailor it to the needs of visitors.

When you use the service, your IP address is collected and then anonymised.

Your data is processed on the basis of Article 6 (1f) of the GDPR and processing is based on our legitimate interest in the optimisation and economical operation of our website.

Further information on data protection when using WP Statistics can be found at https://wp-statistics.com/2018/08/16/wp-statistics-gdpr/?utm_source=WordPress&utm_medium=link&utm_campaign=ProductIntroduction.

  1. YouTube

We use the YouTube service provided by Google Ireland Limited (Ireland, EU) to embed videos on our Web pages. For such embedding, it is necessary for technical reasons to process your IP address so that the content can be sent to your browser. Your IP address is therefore transmitted to Google and Google may be able to place its own cookies. We use YouTube in ‘privacy-enhanced mode’, which means that YouTube does not use cookies to analyse the

Your data is processed on the basis of your consent in accordance with Article 6 (1a) of the GDPR. Your consent is managed by our consent management tool and can be revoked at any time.

When the service is used, transmission of your data to the USA cannot be ruled out. Please refer to the information in the section entitled ‘Data transfer to third countries’. Further information on data protection at Google can be found in Google’s Privacy Policy at https://www.google.com/policies/privacy.

  1. Further data processing on our Web pages

Further data processing takes place on certain Web pages; information in this regard is provided below.

    1. Data processing on https://royrobson.com/
  1. Contact form

Our website contains contact forms that you can use to send us messages. Your data is transferred in encrypted form (recognisable by the ‘https’ in the browser’s address bar). All data fields marked as mandatory are required to process your enquiry. If you do not provide the data concerned, we will be unable to process your enquiry. Any additional data is provided voluntarily. Alternatively, you can send us a message via the contact email address. We will process your data for the purpose of responding to your enquiry.

If your enquiry relates to the conclusion or performance of a contract with us, the legal basis for data processing is Article 6 (1b) of the GDPR. Otherwise, we will process the data based on our legitimate interest in contacting enquirers. In this case, the legal basis for data processing is Article 6 (1f) of the GDPR.

  1. Retailer area

If you as a retailer would like to use our retailer area to download images and videos of our collections, for example, you must register via the website. The required information can be viewed in the registration form. The information marked as mandatory must be provided in order to complete the registration process. The data provided is processed for the purpose of providing the service. The legal basis for this processing is Article 6 (1f) of the GDPR. If you are personally a contractual partner of ours, the legal basis for processing is Article 6 (1b) of the GDPR.

  1. Newsletter

We offer the option of subscribing to our newsletter on our website. Once you have subscribed, we will provide you with regular updates about our offers. A valid email address is required to subscribe to the newsletter. To verify your email address, you will first receive a registration email, which you must confirm via a link (double opt-in). If you subscribe to the newsletter on our website, we will process personal data such as your email address and your name on the basis of your consent. The legal basis for this processing is Article 6 (1a) of the GDPR. You may revoke your consent at any time with effect for the future, for example via the ‘Unsubscribe’ link in the newsletter or by contacting us via the channels mentioned above. The legality of the data processing that has already taken place remains unaffected by the revocation.

When you subscribe to the newsletter, we also store your IP address and the date and time of subscription. The processing of this data is necessary in order to be able to prove that consent has been granted. The legal basis is our legal obligation to document your consent (Article 6 [1c] in conjunction with Article 7 [1] of the GDPR).

  1. Vimeo

We use the Vimeo service provided by Vimeo, Inc. (USA) to embed videos on our website. For such embedding, it is necessary for technical reasons to process your IP address so that the content can be sent to your browser. Your IP address is therefore transmitted to Vimeo and Vimeo may be able to place its own cookies.

Your data is processed on the basis of your consent in accordance with Article 6 (1a) of the GDPR.

When the service is used, transmission of your data to the USA cannot be ruled out. Please refer to the information in the section entitled ‘Data transfer to third countries’. Further information on data protection at Vimeo can be found in Vimeo’s Privacy Policy at https://vimeo.com/privacy.

  1. Google Maps

On our website, we use Google Maps from Google Ireland Limited (Ireland, EU) to display maps and for virtual tours. For such embedding, it is necessary for technical reasons to process your IP address so that the content can be sent to your browser. Your IP address is therefore transmitted to Google and Google may be able to place its own cookies.

Your data is processed on the basis of your consent in accordance with Article 6 (1a) of the GDPR.

When the service is used, transmission of your data to the USA cannot be ruled out. Please also refer to the information in the section entitled ‘Data transfer to third countries’. Further information on data protection at Google can be found in Google’s Privacy Policy at https://www.google.com/policies/privacy.

    1. Data processing on https://100years.royrobson.com/https://100years.royrobson.com/

On our website, we use Adobe Fonts from Adobe Systems Software Ireland Limited (Ireland, EU) to ensure that fonts are displayed uniformly. When you access a page, your browser loads the required Web fonts into the browser cache in order to display text and fonts correctly. For such embedding, it is necessary for technical reasons to process your IP address so that the content can be sent to your browser. Your IP address is therefore transmitted to Adobe. For licensing reasons, it is necessary for the page views to be counted, which is why your browser transmits, among other things, our Adobe customer ID as the website operator. No cookies are placed. You can opt out of this data processing at any time via the settings of the browser used or using specific browser extensions. One such extension is, for example, the matrix-based firewall uMatrix for the Firefox and Google Chrome browsers. Please note that this may restrict the functionality of the website. If your browser does not support Web fonts, a standard font will be used by your computer.

Your data is processed on the basis of Article 6 (1f) of the GDPR and processing is based on our legitimate interest in the uniform and attractive presentation of our website.

When the service is used, transmission of your data to the USA cannot be ruled out. Please refer to the information in the section entitled ‘Data transfer to third countries’. For more information about data protection at Adobe, please refer to Adobe’s Privacy Policy at https://www.adobe.com/de/privacy/policies/adobe-fonts.html.

  1. Data processing on our social media pages

We have a company page on several social media platforms. Via these pages, we wish to offer further opportunities to find out more about, and communicate with, our company. Our company has company pages on the following social media platforms:

  • Facebook of Meta Platforms Ireland Limited (Ireland, EU), hereinafter referred to as ‘Meta’
  • Instagram of Meta Platforms Ireland Limited (Ireland, EU), hereinafter referred to as ‘Meta’
  • LinkedIn of LinkedIn Ireland Unlimited Company (Ireland, EU), hereinafter referred to as ‘LinkedIn’

If you visit or interact with a profile on a social media platform, personal data about you may be processed. The information associated with a social media profile used also generally constitutes personal data. This also includes messages and statements made using the profile. In addition, when you visit a social media profile, certain information about it is often collected automatically, which may also constitute personal data.

  1. Visiting a social media page

When you visit one of our social media pages, where we present our company or individual products from our offering, certain information about you is processed. The sole controllers for this processing of personal data are the operators of the social media platforms concerned. Further information on the processing of personal data can be found in their privacy policies, to which we provide links below:

The operators of the social media platforms collect and process event and profile data and provide us with statistics and insights in anonymised form for our pages, which we use to gain insights into the types of actions that people take on our page (‘page insights’). These page insights are created based on certain information about people who have visited our page. This processing of personal data is carried out by the social media operator and us as joint controllers. The processing serves our legitimate interest in evaluating the types of actions carried out on our site and improving our site on the basis of these findings. The legal basis for this processing is Article 6 (1f) of the GDPR.

We are unable to associate the information obtained through page insights with individual user profiles that interact with our pages. We have entered into agreements with the operators of the social media platforms regarding processing as joint controllers, which define the allocation of data protection obligations between us and the operators. For details about the processing of personal data for the creation of page insights and the agreements between us and the operators, please visit the following links:

You also have the option of asserting your rights against the operators. Further information can be found via the following links:

We have agreed with the operators that the Irish Data Protection Commission is the lead supervisory authority that oversees processing connected with page insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or any other supervisory authority.

  1. Communication via social media pages

We also process information that you have provided to us via our company page on the respective social media platform. Such information may include your username, contact details or a message sent to us. This processing is carried out by us as the sole controller. We process this data on the basis of our legitimate interest in contacting enquirers. The legal basis for data processing is Article 6 (1f) of the GDPR. Further data processing may take place if you have given your consent (Article 6 [1a] of the GDPR) or if it is necessary to comply with a legal obligation (Article 6 [1c] of the GDPR).

If you have provided us with the information in order to enter a competition, we will only process it in order to be able to send you a prize if necessary. We will delete the data after delivery of the prize or if you have not won.

The legal basis for this processing is Article 6 [1b] of the GDPR.

  1. Further data processing
  1. Applications

If you apply to our company, we will only process your application data for purposes related to your interest in a current or future job with us and to process your application. Your application will only be processed and reviewed by the relevant contacts at our company. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. If we are unable to offer you a job, we will retain the data you provide for up to six months after any rejection for the purpose of answering questions relating to your application and rejection. This does not apply if legal provisions prevent deletion, if further storage is necessary for the purpose of providing evidence or if you have expressly consented to a longer retention period. The legal basis for data processing is Section 26 (1) sentence 1 of the BDSG and Article 6 (1a) of the GDPR. If we store your application data for longer than six months and you have expressly consented to this, please note that you may withdraw your consent at any time in accordance with Article 7 (3) of the GDPR. Such a revocation does not affect the lawfulness of the processing that has taken place on the basis of consent up to the time of revocation.

  1. Contact by email

If you send us a message using the contact email address provided, we will process the data submitted for the purpose of responding to your enquiry. We process this data on the basis of our legitimate interest in contacting enquirers.

The legal basis for data processing is Article 6 (1f) of the GDPR.

  1. Contractual relationship

In order to establish or implement a contractual relationship with our customers, suppliers and business partners, it is generally necessary to process the personal data provided to us, such as the name and contact details of the respective contact persons. The legal basis for this processing is Article 6 (1f) of the GDPR and we base this processing on our legitimate interest. Further data processing may take place if you have given your consent (Article 6 [1a] of the GDPR) or if this serves to comply with a legal obligation (Article 6 [1c] of the GDPR).

  1. Use of the email address for marketing purposes

We may use the email address you provide to notify you of our own similar products and services offered by us.

The legal basis is Article 6 (1f) of the GDPR in conjunction with Section 7 (3) of the German Act against Unfair Competition (UWG). You can opt out from this at any time without incurring any costs other than the transmission costs at the basic rates. You can unsubscribe by clicking on the ‘Unsubscribe’ link included in every mailing or by sending an email to newsletter@royrobson.com.

Version: [2.0, August 2023]

KONTAKT

Haben Sie Anregungen, Fragen oder Wünsche?
Wir freuen uns über Ihr Feedback. Nutzen Sie dazu gerne das untenstehende Formular.
*Pflichtfelder

İletişim

Herhangi bir öneriniz, sorunuz veya isteğiniz var mı? Geri bildirim için teşekkürler. Lütfen aşağıdaki formu kullanın.
*Zorunlu alanlar.