• Free shipping from 25€ within Germany
  • 30 days return

Print Privacy Policy

Privacy



We Take Your Privacy Seriously

The protection of your private sphere is an important matter to us when we process your personal data. When you visit our website, our web server saves as standard the IP of your internet service provider, the website where your visit to our site originated, the pages of our site that you visit and the date and duration of your visit. This information is mandatory for the technical transmission of the websites and secure server operation. These data are not analysed in personalised form.

If you provide any data to us using a contact form, these data will be stored on our servers as part of the data backup. We use your data solely and exclusively for the processing of your request. Your data are treated in strictest confidence. They will not be made available to third parties.

Responsible:
ONLINE Schreibgeräte GmbH
Moosweg 8
92318 Neumarkt
Phone: +49 (0) 9181 2596-0
Email: info@online-pen.de



Personal Data

Personal data are any data related to you personally. They include your name, address and email address. You are not required to reveal any personal data to obtain access to our internet site. In some cases, we will require your name and address along with some additional information if we are to be able to offer you the requested service.

We will also need these data if you want us to provide information material to you or when we answer your queries. We will, however, always expressly point this out to you. Moreover, we store only the data that you have communicated to us automatically or voluntarily.

When you use one of our services, we generally store only the data that are required for us to offer our service to you. We may possibly ask you for more information, but your disclosure of such information is voluntary. Whenever we process personal data, we do this so that we can offer our service to you or realise our commercial goals.



Integration of the Trusted Shops Trustbadge

The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops Trustmark and the collected reviews as well as to offer Trusted Shops products to buyers after an order.


This is necessary to safeguard our legitimate prevailing interests in an optimal marketing by ensuring the safety of your purchase according to Article 6 (1) f GDPR. The Trustbadge and the services advertised with it are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, _Germany. The Trustbadge is made available by a CDN provider (Content-Delivery-Network) as part of order processing. The Trusted Shops GmbH uses also service provider from the USA. An adequate level of data protection is guaranteed. Further information to the data security of the Trusted Shops GmbH can be found here: https://www.trustedshops.co.uk/imprint/

When the Trustbadge is called up, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data are stored in a security database for the analysis of security problems. The log files are automatically deleted 90 days after creation at the latest.

When the Trustbadge is called up, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data are stored in a security database for the analysis of security problems. The log files are automatically deleted 90 days after creation at the latest.

Further personal data will be transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or have already registered for use. The contractual agreement made between you and Trusted Shops applies. For this purpose personal data is automatically collected from the order data. Whether or not you are already registered as a Trusted Shops customer is automatically checked by means of a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted to this hash value, which cannot be decrypted by Trusted Shops before it is transmitted. After checking for a match, the parameter is deleted automatically.


This is necessary for the fulfillment of our and Trusted Shops' legitimate prevailing interests in the provision of the buyer protection linked to the specific order and the transactional review services in accordance with Art. 6 para. 1 s. 1 lit. f GDPR. Further details, including your right to object, can be found in the Trusted Shops Privacy Policy linked above and within the Trustbadge.



Automatically saved data

Server log files

The website operator will automatically collect and store information in so-called “server log files”, which your browser will automatically transmit to us. The following information will be collected and stored:

  • The date and time of your request
  • The name of the requested file
  • The page from which the file has been requested
  • The access status (file transferred, file not found, etc.)
  • The web browser and operating system
  • The full IP address of the requesting computer
  • The volume of data transmitted

This data will not be merged with other data sources. Your data will be processed on the basis of our legitimate interest in accordance with point (f) of Art. 6 (1) GDPR; we have a legitimate interest in improving the stability and functionality of our website. 

This data will be stored for a short period to ensure the technical security of our services, particularly to prevent attempted attacks on our web servers. The data will not enable us to draw conclusions about individuals. After seven days at the latest, your data will be anonymised by truncating the IP address at domain level, thus preventing any links from being drawn to an individual user. The data will be processed for statistical purposes in this anonymised form; it will not be compared with other datasets or disclosed to third parties, not even as excerpts. The number of page views will only be displayed in our server statistics, which we publish every two years in our activity report.



Cookies

When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called “cookie ID”. This is a unique identifier for the cookie, consisting of a string of characters that allow websites and servers to be matched to the specific browser where the cookie is saved. This enables visited websites and servers to distinguish the user’s specific browser from other browsers that contain other cookies. A specific browser can be recognised and identified via the unique cookie ID.

By using session cookies, we can provide a more user-friendly website, which would not be possible without the use of cookies. If you do not give your consent, we will use only technically necessary cookies on the basis of our legitimate interest in accordance with point (f) of Art. 6 (1) GDPR.

We will always ask for your consent before using personal cookies to improve our website or for marketing / advertising purposes. When you visit our website for the first time, you will be able to optionally consent to tracking or analysis via the cookie banner displayed on screen. Your data may be passed on to our partners or third-party providers. These cookies will only be saved on your device if you give your explicit consent, which will then form the legal basis in accordance with point (a) of Art. 6 (1) GDPR.

You can change your cookie settings here at any time.



Registering on our website

You have the option of registering on our website by providing your personal data. In such cases, the following personal data will be collected: name, postal address and email address.

If you register on our website, we will also store the IP address assigned by your Internet service provider (ISP), as well as the date and time of your registration. This data will be stored because this is the only way to prevent the misuse of our services and it will enable us to investigate any criminal offences that may occur. In other words, the storage of this data is necessary to ensure our security. This data will only be disclosed to third parties if we are legally obliged to disclose such or if the data is disclosed in the interest of investigating a crime.

If you register on our website by voluntarily providing your personal data, we will be able to offer you content and services which, due to the nature of such matters, can only be offered to registered users. Once you have registered, you will be able to change the personal data provided during the registration process – or have your personal data fully deleted from our database – at any time.

You agree to treat your personal log-in details confidentially and to refrain from making them accessible to unauthorised third parties. We cannot accept any liability for the misuse of passwords, unless we are responsible for such misuse.
By providing the “stay logged in” function, we want to make your visit to our website as pleasant as possible. This function will enable you to use our services without having to log in again each time. For security reasons, however, you will be asked to re-enter your password if, for example, you would like to change your personal data or place an order. We would advise against using this function if your computer is shared by several users. Please note that the “stay logged in” function will not be available if you set your browser to automatically delete saved cookies after each session.



Use of Google services

We use the tools described below, which are provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). The information automatically collected by Google tools on your use of our website will usually be stored on a server belonging to Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The European Commission has not issued an adequacy decision for the USA. However, our cooperation is based on the standard contractual clauses recommended by the European Commission.

As IP anonymisation is enabled on our website, your IP address will be truncated before being saved on the Google servers. Your full IP address will only be first transmitted to a Google server and then truncated there in exceptional cases. Unless otherwise specified for individual tools, your data will be processed on the basis of a joint controller agreement for the respective tool in accordance with Art. 26 GDPR. More information on data processing can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

Google Tag Manager
This website uses Google Tag Manager. While no personal data is collected by the Tag Manager, the tool triggers other tags that might collect data. This data will not be accessed by Google Tag Manager. If the tool is disabled at domain or cookie level, this will apply to all tracking tags that are implemented with Google Tag Manager. Google’s privacy policy for the tool can be found here:https://www.google.com/analytics/terms/tag-manager/

Google Analytics
Google Analytics is used to automatically collect and save data (IP address, time of visit, device and browser details and information on the use of our website); this data is used to create pseudonymous user profiles for the purpose of website analysis. Cookies are sometimes used for this purpose. Your IP address will generally not be merged with any other data held by Google.

We have enabled the data sharing settings for Google products and services for the purpose of optimising our website marketing. This enables Google to access the data collected and processed by Google Analytics and use this data to improve its services. Within the scope of these data sharing settings, data is shared with Google on the basis of an additional joint controller agreement. We have no control over the subsequent processing of data by Google.

We also use the Google Optimize extension for Google Analytics to create and perform tests.

We use the Google Signal extension for Google Analytics to enable cross-device tracking as part of our web analytics. If your web-enabled devices are linked to your Google account and you enable “Ad Personalisation” within your account, Google will be able to compile reports on your user behaviour (particularly the number of users across devices), even if you change your device. We do not process any personal data in this regard; we merely receive statistics generated by Google Signals.

The DoubleClick cookie extension for Google Analytics enables your browser to be recognised when you visit other websites for web analytics and advertising purposes. Google will use this information to compile reports on website activities and provide other services related to the use of this website.

Google DoubleClick
DoubleClick by Google uses cookies to show you targeted advertising. A pseudonymous identification number (ID) will be assigned to your browser to check which ads have been displayed in your browser and which ads you have viewed. The cookies will not contain any personal information. The DoubleClick cookies will merely allow Google and its partner websites to display ads based on your previous visits to our website or others on the Internet. Google will transfer the information generated by the cookies to an analysis server in the USA, where it will be stored.

GA Audience
Our website uses GA Audience, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “GA Audience”). Some of the cookies used by GA Audience will be stored on your computer and other mobile devices (e.g. smartphones, tablets) to enable the service provider to analyse your use of such devices. Some of the data will be analysed across different devices. Google Audience will gain access to the cookies generated through the use of Google AdWords and Google Analytics. As part of this service, some data (e.g. your IP address and activities) may be transferred to a Google server and stored there. Google may pass on this information to third parties if prescribed by law or if such third parties have been commissioned to process such data. You can find more information on data protection in relation to GA Audience by clicking on the following link: https://support.google.com/analytics/answer/2700409?hl=en&ref_topic=2611283



Facebook Connect

Our website features components from Facebook.com. Facebook is a service provided by Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (hereinafter referred to as “Facebook”).

We use “Facebook Connect”, which is a function offered by Facebook.

If you want to use this feature, you will first be redirected to Facebook. There you will be asked to sign in with your username and password. Needless to say, we will not take note of your log-in details. This step will be skipped if you are already logged into Facebook.

Facebook will then tell you which data will be sent to us (public profile, friend list, email address and current place of residence). You will confirm this by pressing “OK”. We will use the data we receive to create your customer account; needless to say, we will not save your friend list. No further permanent link will be made between your customer account and Facebook account.

Please refer to Facebook’s privacy policy for more information as to why and to what extent it collects, processes and uses data, as well as more details on your rights and settings to safeguard your privacy.



Social plug-ins from Facebook, Instagram, YouTube and TikTok

Our website features buttons from social networks. As they are only embedded in our website as HTML links, a connection to the servers operated by the relevant service providers will not be automatically established when you visit our website. If you click on one of the buttons, the website of the respective social network will open in a new tab in your browser, where you will be able to press a like or share button or something similar.



Online presence on Facebook, Instagram, YouTube and TikTok

If you have given the respective social media provider your consent pursuant to part (a) of Art. 6 (1) GDPR and you visit our page on such social media sites, your data will be automatically collected and stored for the purpose of market research and advertising; your data will then be used to create pseudonymous user profiles. These can be used, for example, to display targeted advertising within and outside the platforms. Cookies are generally used for this purpose. Please refer to the privacy policies linked below for more detailed information on how each social media provider will process and use your data; you can also find the relevant contact details and more information on your rights and the settings you can make to safeguard your privacy. If you need further help in this regard, you are welcome to contact us.



Sweepstakes

ONLINE Schreibgeräte GmbH stores and uses the participant's personal data (name, address, email, telephone, gender, date of birth, country) for processing the "Rabazzi“ campaign and any sweepstakes taking place or, respectively, for mailing information on offers or promotions/product information (voluntary information). Processing these data is required for handling the campaigns/sweepstakes. If the information is not provided, contract implementation will not be possible. Within the campaign/sweepstakes, it may be necessary to transmit the member's personal data to third parties. If ONLINE Schreibgeräte GmbH obtains consent of the data subject regarding the processing operations of personal data, Art. 6 para. 1 letter a of the EU General Data Protection Regulation (GDPR) serves as the legal basis for processing personal data (mailing offers or promotions/product information).

Art. 6 para. 1 letter b GDPR is used as the legal basis for processing personal data which are required for the performance of a contract (campaign/sweepstakes) whose contract party is the data subject. This also applies for processing operations which are required for the implementation of pre-contractual measures, as well as for the transmission of personal data to third parties for contract performance. Art. 6 para. 1 letter c GDPR is used as the legal basis as far as processing of personal data is required for compliance with a legal obligation to which the company, ONLINE Schreibgeräte GmbH, is subjected.

These data are deleted after termination of the sweepstakes / after mailing the surprise package as far as the data are not required or used on the basis of a submitted and non-revoked declaration of consent, on the one hand, for the transmission of ONLINE Schreibgeräte offers and ONLINE Schreibgeräte product information via email, or as long as statutory storage periods exist, legal claims may be lodged under the "Rabazzi“ campaign/the sweepstake, or if other legitimate reasons justify further storage.

In connection with data processing, the member has the following legal remedies available, each in accordance with statutory provisions: the right of information about the data concerning the member, correction, erasure or restriction of processing, or objection against processing, the right of data portability, as well as filing a complaint with a supervisory authority.



Engagement of External Payment Service Providers

We engage external payment service providers whose platforms enable our users and our company to carry out payment transactions:
Paypal (https://www.paypal.com/uk/webapps/mpp/ua/privacy-full),
Sofortüberweisung (https://www.payone.com/DE-de/datenschutz),
Visa/V-Pay (https://www.visa.co.uk/legal/global-privacy-notice.html)
Maestro/Mastercard (https://www.mastercard.co.uk/en-gb/vision/terms-of-use/commitment-to-privacy/privacy.html)
Amazon Pay (https://pay.amazon.co.uk/help/201212490?ld=NSGoogle)

We use the services of these payment service providers for the purpose of fulfilling contracts as is lawfully permitted in accordance with point (b) of Art. 6 (1) GDPR. In all other respects, we use the services of external payment service providers as is lawfully permitted for the pursuit of our legitimate interests in accordance with point (b) of Art. 6 (1) GDPR so that we can offer to our users effective and secure opportunities to make payments.

The data processed by the payment service providers include master data (such as name and address), bank data (such as account numbers or credit card numbers, passwords, TANs and checksums) and information relating to the contracts, totals and recipients. This information is required for the performance of the transactions. The entered data are processed solely by the payment service providers, however, and are stored by the providers. In other words, we do not receive any information concerning bank accounts or credit cards; we are notified solely that the payment has been either confirmed or refused. Under certain circumstances, the payment service providers may transfer the data to credit agencies. Any such transfer is for the purpose of checking identity and creditworthiness. We refer here to the general terms and conditions of service and the privacy statements of the payment service providers.

The payment transactions are governed by the general terms and conditions of service and the privacy statements of the pertinent payment service provider; this information can be obtained from the websites or the transaction applications of the service provider. We also refer to these providers with respect to obtaining any additional information and to exercising withdrawal, information and other data subject rights.



Security

We have implemented technical and administrative security precautions to protect your personal data from loss, destruction, manipulation and unauthorised access. All of our employees as well as the service providers acting on our behalf are obligated to compliance with current data protection laws.

Whenever we collect and process personal data, they are encrypted before being transmitted. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process, and our privacy statements are constantly being revised. Please make sure that you have the most recently revised version.



Rights of data subjects

In accordance with the requirements of data protection law, you have a right of access, the right to rectification, erasure and the restriction of processing, the right to object, the right to data portability and the right to lodge a complaint.

Right of access:
You may ask us to confirm whether we are processing your data and, if so, to what extent.

Right to rectification:
If any of your data is incorrect or incomplete, you may ask us to correct or supplement such data at any time.

You may ask us to erase your data if we are processing it unlawfully or the processing constitutes an unreasonable interference with your legitimate interests. Please note that we may not be able to immediately erase your data in certain circumstances (e.g. in accordance with statutory retention requirements).

Regardless of whether you exercise your right to erasure, we will immediately and completely erase your data, unless such erasure is prevented by a contractually binding or statutory retention requirements.

Right to the restriction of processing:
You may ask us to restrict the processing of your personal data in the following situations:

  • You dispute the accuracy of your personal data (for a period that allows us to verify the accuracy of your data)
  • Your data is being processed unlawfully but you opt against its erasure and request the restriction of its use instead
  • We no longer require your data for the intended purpose but you still need it for the exercise or defence of legal claims
  • You object to the processing of your data

Right to data portability:
You have the right to receive any data you have provided to us in a structured, commonly used and machine-readable format; you may transmit this data to another controller without any hindrance from us if the following conditions are met:

  • We are processing your data on the basis of your optional and revocable consent or for the performance of a contract with you
  • Your data is being processed by automated means
You may ask us to transmit your data directly to another controller, provided this is technically feasible.

Right to object:
If we are processing your data on the basis of a legitimate interest, you may object to such data processing at any time; this also applies to any profiling based on such provisions. We will then no longer process your data, unless we can demonstrate compelling legitimate grounds for processing which override your own interests, rights and freedoms, or unless your data is processed for the establishment, exercise or defence of legal claims. You may object to any processing carried out for the purpose of direct marketing at any time without having to state the reasons for your objection.

Right to lodge a complaint:
If you believe we are processing your data in a way that violates German or European data protection law, please contact us for clarification. You also have the right to contact your competent supervisory authority (i.e. the Office for Data Protection Supervision in your federal state).

If you want to assert one of the rights mentioned above against us, please contact our data protection officer. If in doubt, we may request additional information to confirm your identity.



Changes in Our Privacy Statements

We reserve the right to change our privacy statements if this becomes necessary because of the development of new technologies. Please make sure that you have the most recently revised version. Whenever fundamental changes are made in this privacy statement, we announce the changes on our website.

All visitors to our website – and anyone else who is interested – can contact our data protection officer here:

Mr Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
D-93047 Regensburg

Phone: +49 (0) 941 29 86 93 0
Fax: +49 (0) 941 29 86 93 16
Email: anfragen@projekt29.de
www.projekt29.de

Print Privacy Policy