Data protection
Privacy Policy
We take the protection of your personal data very seriously and strictly adhere to the requirements of the European General Data Protection Regulation (EU GDPR). Below, we provide detailed information about how we handle your data.
1. Responsible body
The responsible body within the meaning of data protection laws is:
High-Level Fitness
Christian Goller - Personal Fitness Trainer
Weinitzenstrasse 9d
8045 Graz
Austria
Email: office.highlevelshopping@gmail.com
2. Collection, processing and use of personal data
2.1 Personal data Personal data is information that can be personally related to you, such as your name, address, or email address, as well as your IP address. We collect, process, and use your personal data only if permitted by law or if you have given us your consent.
2.2 Lawfulness of processing
According to Art. 6 GDPR, the processing of personal data is only lawful if one of the legal grounds stated in Art. 6 GDPR is met. We process your data on the basis of contractual performance in accordance with Art. 6 (1) lit b GDPR. Your data is processed to fulfill a contract or pre-contractual measures that you enter into with us when you make a purchase in our web shop. The processing of data of persons who merely inform themselves about the online offer in our web shop without concluding a purchase contract with us (so-called users) is based on the protection of legitimate interests and thus the acquisition of new customers in accordance with Art. 6 (1)
lit f GDPR.
2.3 Ordering process
When you order from our online shop, we collect your personal data only to the extent necessary to process your order. This includes, in particular, your name, address, email address, and your payment details. We use this data solely to process your order and store it only for as long as necessary to fulfill our contractual and legal obligations.
2.4 Purpose of processing
We collect your data for the purpose of providing our online services and for initiating or concluding your purchase contract when you order items from our webshop. This includes the physical shipping of the goods and the processing of the order and purchase process, including answering questions via our contact form.
2.5 Types of data processed
The following types of personal data are processed by us
- Identification data (first name, last name)
- Contact details (address, email address)
- Usage data (websites visited, length of stay)
- Payment details
2.6 Category of data subjects
We collect data from users and customers of the webshop. Users are visitors to the webshop who navigate the site to explore the webshop's online offerings or ask questions via our contact form. Customers are visitors to the webshop who use our online offerings and enter into a purchase agreement and thus a purchase transaction with us.
3. Transfer of data to processors and third parties
If, as part of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit it to them, or otherwise grant them access to the data, this will only be done on the basis of the provisions of the GDPR. The transfer will therefore only take place
- on the basis of a legal permission (e.g. if a transfer of data to third parties, as required by payment service providers, is necessary for the performance of the contract in accordance with Art. 6 (1) lit. b GDPR),
- You have given your express consent
- or on the basis of our legitimate interests (e.g. the involvement of intermediaries, web hosts, etc.)
Your data will be processed in particular for order processing with regard to payment and shipping services.
If we commission third parties to process your data on the basis of a so-called "order processing agreement", this is done on the basis of Art. 28 GDPR.
4. Payment details
Your payment data is encrypted and transmitted over the Internet during order processing. Due to the special embedding during the order process, we never have access to your payment data and are therefore not the data processors. Your payment data will only be processed by the payment service provider you selected for payment during the order process. The following payment service providers are available for selection during the payment process.
Instant bank transfer or purchase on account
Klarna Bank AB (publ)
Sveavägen 46
111 34 Stockholm
Sweden
datenschutz@klarna.de
Payment via Paypal
PayPal (Europe) S.à rl et Cie, SCA
22-24 Boulevard Royal
L-2449 Luxembourg
Payment by Visa
card complete Service Bank AG (card complete)
Lassallestrasse 3
1020 Vienna
https://www.cardcomplete.com/datenschutz/
Payment by American Express
American Express Europe SA - Austrian Branch
Kärntner Straße 21–23
1010 Vienna
Payment by Mastercard
Mastercard Europe SA
Representative Office Austria
Wipplingerstrasse 30/DG
1010 Vienna
Austria
5. Storage period
We will only retain your data for as long as we reasonably consider necessary to achieve the purposes stated above and as permitted by applicable law. In any case, we will retain your data as long as statutory retention periods exist or the statute of limitations for potential legal claims has not yet expired.
6. Data transfer to third countries
Your data is generally processed within the European Union (EU) or the European Economic Area (EEA). If we transfer data to a so-called third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or process it in connection with the use of third-party services or the disclosure or transfer of data to third parties, this will only occur on the basis of lawfulness pursuant to Art. 6 GDPR. The transfer may therefore, among other things, be based on the following grounds:
- To fulfill our (pre-)contractual obligations,
- based on your consent,
- on the basis of a legal obligation
We only transfer your data to countries for which the EU Commission has decided that they have an adequate level of data protection comparable to that in the EU.
7. Collection and use of your data by Shopify
Our webshop is based on Shopify Inc., a company based in Canada that provides the e-commerce platform that enables us to operate the webshop. Your data is stored by Shopify as part of data storage and backup and through the general Shopify application. If you are located in the EU, the European Economic Area (EEA), or Switzerland, your data will be stored on secure servers by Shopify International Ltd. in Ireland, and thus within the European Union. However, we would like to point out that in order to provide a smooth service, Shopify may, under certain circumstances, also transfer data to other regions, such as the USA.
or Canada. However, Shopify strictly adheres to the requirements of the GDPR. If your data is transferred to Canada, your personal data is protected by Canadian law. We would like to point out that the European Commission has determined (“adequacy decision”) that this provides adequate protection for your
Data is secured. If the data is transferred to the USA (so-called
Regarding "transfer to third countries," we would like to point out that the same level of data protection cannot be guaranteed in the USA as within the EU. However, transfers only take place on the basis of so-called "standard contractual clauses" to ensure a data protection-compliant transfer.
For further information, please refer to Shopify’s privacy policy (https://www.shopify.com/de/legal/datenschutz)
If you select a direct payment gateway to complete your purchase, Shopify will store your credit card information. In this case, your personal data will be transmitted over the internet in encrypted form using PCI-DSS (Payment Card Industry Data Security Standard). Your purchase processing data will be stored only for as long as necessary to complete the transaction and deleted immediately thereafter. For further information, please refer to Shopify's Terms and Conditions at http://www.shopify.com/legal/terms
8. Use of cookies
We use so-called cookies on our website to assign the inquiries and requests you send us over the Internet. Cookies are a type of electronic business card that makes it easier for you to use our online services. These small files or text modules are automatically saved by your browser on your hard disk and are necessary, among other things, for the error-free use of our website. In order to improve user-friendliness, we use cookies, pixels and similar technologies (including those from third parties) for statistical, tracking and marketing purposes as well as to display personalized content after you have given your consent. In doing so, we also use third parties located in third countries without an adequate level of data protection, in particular the
USA. When transferring data to the USA, you run the risk that US authorities may access your data for control and monitoring purposes, and that you will not have any effective legal remedies against this. By clicking on "Allow cookies" or by checking individual cookies and clicking on "Allow selection", you agree that we and the third parties (who may also be located in the USA, among others) may use the technologies used to their full extent and grant
associated third-country transfer within the meaning of Art. 49 (1) lit a GDPR your consent. For technically necessary cookies that serve the operation and security of the website, consent is not required according to Section 165 Paragraph 3 TKG 2021. You can of course delete the cookies after using our website by configuring your browser accordingly and thereby revoke your consent. You can also object to the creation of a user profile.
in the form of non-personal data. To do so, please deactivate cookies in your browser. Further details on the cookies we use can be found in the Cookie Statement.
9. Use of Google Analytics
We use Google Analytics to analyze website usage. The data obtained is used to optimize our website and advertising efforts.
Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes website usage data on our behalf and is contractually obligated to take measures to ensure the security and confidentiality of the data processed.
During your visit to the website, the following data is recorded, among others:
- Pages visited
- Orders including sales and ordered products
- The achievement of "website goals" (e.g. contact requests via the contact form)
- Your behavior on the pages (e.g., time spent, clicks, scrolling behavior)
- Your approximate location (country and city)
- Your IP address (in abbreviated form so that no clear assignment is possible)
- Technical information such as browser, internet provider, device and screen resolution
- Source of your visit (i.e. which website or advertising medium you came to us from)
Personal data such as name, address or contact details are never transferred to Google Analytics.
This data is transferred to Google servers in the USA. Please note that the same level of data protection cannot be guaranteed in the USA as within the EU.
Google Analytics stores cookies in your web browser for a period of two years from your last visit. These cookies contain a randomly generated user ID that can be used to recognize you on future website visits.
The recorded data is stored together with the randomly generated user ID
which enables the evaluation of pseudonymous user profiles.
User-related data is automatically deleted after 14 months. Other data remains stored in aggregate form indefinitely.
Source: traffic3.net
However, if IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and website usage.
Internet usage related services to the website operator
The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google.
You can prevent cookies from being saved by selecting the appropriate settings on your browser; however, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link:
Download the browser plug-in available at the link and
install: http://tools.google.com/dlpage/gaoptout?hl=de
10. Facebook Plugins
Our pages incorporate plug-ins from the social network Facebook, provided by Meta Platforms Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize the Facebook plug-in by the Facebook logo or "Like" button on our page. An overview of Facebook plug-ins can be found here: http://developers.facebook.com/docs/plugins/.
When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. Facebook thus receives the information that you have visited our page using your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or
their use by Facebook. Further information can be found in Facebook's privacy policy at http://de-de.facebook.com/policy.php.
10.1 Facebook Pixels
We use Facebook Pixel in our online shop. The Facebook Pixel is a Java script code that creates certain cookies in the browsers of users of our website only with your consent. This processing is based on Section 96 (3) of the Telecommunications Act (TKG) in conjunction with Article 6 (1) (a) of the GDPR.
The Facebook Pixel collects the following data about website users: IP address, browser information, page section, documents accessed, referrer URL, HTTP header information, buttons clicked (including the name of buttons clicked and websites visited by clicking the button), time spent on our website and sub-pages visited.
The data collected in this way is further processed by Facebook or Meta in order to provide us with anonymized reports on the website target group and ad performance. We would like to point out that by using the Facebook Pixel, Facebook registers that you have clicked on an ad from us or accessed the corresponding page on our website. If you are registered with a Facebook service, Facebook can assign the visit to your account. The possibility that the provider will learn and save your IP address and other identification features also exists even if you are not registered or logged in to Facebook. With regard to any processing in this regard, Meta Inc. is the independent controller within the meaning of the GDPR. This data processing
is based on the goal of being able to evaluate the response to our advertising campaigns and to collect information about website users who have visited our website as a result of one of our advertising campaigns on Facebook. Furthermore, we aim to make our website more intuitive and tailor the content to suit our target audience.
The cookies loaded by the pixel are valid and therefore stored for a period of three to 12 months. You can delete the cookies at any time in your browser settings. If you visit our webshop – and have given your consent – Facebook will use your data to the extent stated above.
Further information about the purpose and scope of data collection, as well as the further processing and use of the data by Meta, as well as setting options for protecting your privacy and your data, can be found in the guidelines of Meta Platforms Inc., 601 S California Ave, Palo Alto, California 94304, USA: https://www.facebook.com/policy.php; https://www.facebook.com/help/186325668085084, https://www.facebook.com/about/privacy/your-info-on-
other#applications and https://www.facebook.com/about/privacy/your-
info#everyoneinfo
If you are logged in to Facebook, you can change your privacy settings or ad settings
at https://www.facebook.com/ads/preferences/entry_product=ad_settings_screen. Website visitors who do not have a Facebook account can manage their preferences at https://www.youronlinechoices.com/de/praferenzmanagement/.
11. Your rights according to Art. 12 ff GDPR
Under applicable data protection law, you are entitled, among other things (under the
Conditions of applicable law)
- to request information about whether and what data we have stored about you and to receive copies of this data,
- to request the correction, addition or deletion of your data that is incorrect or is not processed in accordance with the law,
- to request that we restrict the processing of your data,
- to object to the processing of your data under certain circumstances or to withdraw the consent previously given for the processing,
- to request data portability,
- to know the identity of third parties to whom your data will be transferred, and
- to lodge a complaint with the competent data protection authority.
12. Revocation of your consent
You have the right to revoke your consent at any time, with future effect, in writing. Please send your revocation to office.highlevelshopping@gmail.com
13. Contact
If you have any questions or concerns about the processing of your data or wish to exercise your data protection rights, please contact
Christian Goller – Personal Fitness Trainer
Address: Weinitzenstraße 9d, 8045 Graz, Austria
Email: office.highlevelshopping@gmail.com