Data Protection Statement

We take the protection of your data seriously and make every effort to collect and store as little data as possible. Nevertheless, a certain degree of storage and evaluation of user data is necessary to guarantee and improve the operation of this website. The use of this Internet site is basically possible without having to provide any personal data. Nor is there any assignment of data to a specific person - unless you tell us your name, for example in an e-mail, via one of our forms or as part of an order.

If you use one of the services offered on this website or buy goods, this also regularly requires the collection, processing and storage of personal data, such as your name, your address, your e-mail address or telephone number. This collection, processing and storage takes place either on the basis of your express consent obtained beforehand or on the basis of a corresponding legal approval and on the basis of the provisions of the European Data Protection Basic Regulation and the German Federal Data Protection Act.

We would like to inform you here about the type, scope and purpose of the data collected, processed, stored and used by us via this website as well as about your rights in this context.

We use SSL transport encryption on this site. This serves among other things the protection of confidential contents, for example in the case of inquiries to us. You can see that the connection is actually encrypted in the address line of your browser, which always starts with "https://" and confirms the existing transport encryption with a green lock symbol.

1. Name and address of the controller The controller

within the meaning of the Basic Data Protection Ordinance and other data protection regulations is: KidBX BEST IN MARKET GmbH Mühlenstr 8A, 14167 Berlin, Germany [email protected]

2. Definitions

Data protection law has special terms which we also use in this data protection declaration in accordance with the legal definitions of the basic European data protection regulation. Therefore in this data protection declaration the expression

  • "personal data“
    any information relating to an identified or identifiable natural person ("data subject");
  • "data subject“
    any identified or identifiable natural person whose personal data is processed; an identifiable natural person is one who can be identified, directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an on-line identifier or one or more special characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
  • "Processing“
    any operation or series of operations carried out with or without the aid of automated procedures relating to personal data, such as the collection, collection, organisation, classification, storage, adaptation or alteration, reading, consultation, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction;
  • "Restriction of processing“
    the marking of stored personal data with the aim of restricting its future processing;
  • "Profiling“
    any automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or relocation of that natural person; as a company committed to data protection, we waive any form of profiling;
  • "Pseudonymisation“
    the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data is not attributed to an identified or identifiable natural person;
  • "File system“
    any structured collection of personal data accessible according to specific criteria, whether centralised, decentralised, functional or geographical;
  • "Controller“ (or: "person responsible for the processing“)
    ;the natural or legal person, authority, body, office or other body which alone or jointly with others decides on the purposes and means of processing personal data; where the purposes and means of such processing are specified by Union law or by the law of the Member States, the data controller or the specific criteria for his appointment may be laid down by Union law or by the law of the Member States;
  • "Contract processor“
    a natural or legal person, authority, institution or other body processing personal data on behalf of the controller;
  • "Recipient“
    a natural or legal person, authority, institution or other body to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing;
  • "Third party“
    a natural or legal person, authority, institution or other body other than the data subject, the data controller, the data processor and the persons authorised to process the personal data under the direct responsibility of the controller or the data processor;
  • "Consent“ of the data subject
    any voluntary declaration of intent, made in an informed and unequivocal manner, in the form of a declaration or other clear affirmative act, which the data subject indicates his or her consent to the processing of personal data concerning him or her;
  • "Violation of the protection of personal data“
    a breach of security resulting in destruction, loss or alteration, whether unintentional or unlawful, or unauthorised disclosure or access to personal data transmitted, stored or otherwise processed;
  • "Cross-border processing“
    the processing of personal data in the context of the activities of a controller or contract processor in the Union in more than one Member State where the controller or contract processor is established in more than one Member State, or the processing of personal data in the context of the activities of an individual establishment of a controller or contract processor in the Union, but which has or may have a significant impact on data subjects in more than one Member State;
  • "relevant and well-founded objection“
    an objection as to whether or not there has been an infringement of this Regulation or whether the proposed measure is in conformity with this Regulation against the controller or the processor, where the objection clearly indicates the scope of the risks posed by the draft decision in relation to the fundamental rights and freedoms of data subjects and, where appropriate, the free movement of personal data within the Union.

3. Legal basis of data processing

The processing of personal data by us is carried out on the basis of the provisions of the European Data Protection Basic Regulation and the German Federal Data Protection Act:

  • For processing operations for which we request consent for a specific processing purpose, the processing is carried out on the basis of Article 6(1)(a) of the Basic Data Protection Regulation.
  • Insofar as the processing of personal data is necessary for the performance of a contract to which the data subject is a party (e.g. for the delivery of goods or the rendering of another service or consideration) or for the performance of pre-contractual measures (e.g. for enquiries about our products or services), the processing is based on Article 6 paragraph 1 letter b of the Basic Data Protection Regulation.
  • Insofar as processing of personal data is necessary on the basis of a legal obligation applicable to us, such as for the fulfilment of tax obligations or commercial storage regulations, the processing is carried out on the basis of Article 6 paragraph 1 letter c of the Basic Data Protection Regulation.
  • Where the processing of personal data should exceptionally be necessary to protect the vital interests of the data subject or another natural person, processing would be carried out on the basis of Article 6(1)(d) of the Basic Data Protection Regulation.
  • The processing of personal data necessary to safeguard a legitimate interest of our company or of a third party shall be carried out on the basis of Article 6(1)(f) of the Basic Data Protection Regulation, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail. Such a legitimate interest also represents the conduct of our business for the well-being of all our employees and our shareholders.

The provision of personal data may be required for legal (e.g. commercial or tax) reasons or for reasons of contract execution. If such data (such as information on a contractual partner) is not made available to us for processing, we cannot conclude a corresponding contract.

4. Log files

  • As on other web servers, a log file is kept on our Internet server. This log file stores records in which
  • the IP address with which you are travelling on the Internet and the Internet service provider you use
  • date and time of each access to our website,
  • the exact URL of each website you visit
  • the data you requested from the server,
  • general information on the web browser (in particular the browser type and version) and operating system you use to access the website, and
  • in some cases the website from which you accessed our website (the so-called "referrer")

are listed. This information is required and used by us

  • for the correct delivery of the respective website
  • for statistical purposes,
  • to further improve our Internet offering and to optimise the advertising it contains,
  • to permanently guarantee the functionality and integrity of our information technology systems, including security in the event of attacks on our information technology systems, and
  • in the event of an attack on our information technology systems to provide the necessary information to the law enforcement authorities
  • This data is collected anonymously by us and stored separately from all personal data provided to us by a data subject.

5. Cookies and user profiles

Within the framework of legal regulations we can,

  • to provide user-friendly services that would not be possible without cookies,
  • in our web-shop to remember the items you have placed in your (virtual) shopping cart,
  • as part of a user registration you have made (log-in),
  • for purposes of advertising, market research and
  • to improve our services and Internet offerings,

evaluate use profiles under a pseudonym, but only if you have not made use of your legal right to object to this use of your data. Some of our services require that we use so-called cookies.

These are small (text files) that your web browser stores on your device. Cookies may store information about your visit to our website that enables us to recognise your browser and to distinguish it from the browsers of other persons affected.

Most browsers are set to accept cookies by default. However, you can reconfigure your browser at any time so that it rejects cookies or asks you for confirmation beforehand. If you refuse cookies, however, this may mean that not all offers and functions of this website function or can be used by you without interruption.

Further details on the use of cookies on this website - including the existing opt-out options - can be found in this data protection declaration in the sections

  • on internal visitor statistics and
  • visitor tracking through advertising networks.

6. Internal visitor statistics

This website uses "Google Analytics" for statistical analysis of visitor access. This is a web analysis service offered by Google Inc. Google Inc. acts on our behalf as a contract processor. The data is collected and processed via servers operated by Google Inc, which are usually not located in the European Union but in the USA. Pseudonymous user profiles of visitors to our website are created.

We use the web analysis service "Google Analytics" with activated "IP-Anonymisation". This shortens the IP address of visitors to our website. This shortening of the IP address is not done by us, but by Google Inc.

Google Inc. uses cookies for "Google Analytics", whose information is read out by Google, transferred to servers located in the USA and processed and stored there.

Important for you: You can generally prevent the installation of cookies by setting your browser software accordingly. Alternatively, you can prevent Google from collecting, processing and storing the data generated by the cookie by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en.

The data protection declaration of Google Inc. applicable to the "Google Analytics" service can be viewed at https://support.google.com/analytics/answer/6004245?hl=en .

7. e-mail and contact forms

If you send us an e-mail or contact us via a contact form, the personal data voluntarily transmitted to us will be automatically stored and, if necessary, processed for the purpose of processing or contacting you. This includes - if stated by you - in particular your name, your address or e-mail address, your telephone number and any other information you provide voluntarily. If you contact us via a form provided on this website, your IP address will also be stored. As a matter of principle, we only use the resulting personal data to the extent necessary for processing your inquiries and orders. This data is never passed on to third parties, unless we are legally obliged to do so.

8. Registration

This website offers you the possibility of registration. This registration takes place under indication of personal data, which we inquire in the form provided for this purpose. In addition, the IP address used by you and the date and time of sending the registration form are recorded. This personal data is collected and stored by us for internal use, for the purpose of communicating with you, for processing existing or future contractual relationships (e.g. orders), for protecting our technical system and for preventing misuse and, if necessary, for passing on to one or more contract processors (such as postal, parcel and payment service providers).

As a registered person, you can change or delete your personal data provided at the time of registration at any time, provided there are no legal regulations to the contrary, such as legal retention regulations. You can also obtain information from us at any time about which personal data about you as the person concerned is stored.

9. Newsletter

If you subscribe to a newsletter offered by us on this website, you must submit certain personal data, in particular your e-mail address, to us using the corresponding input form.

For legal reasons we use the "Double-Opt-In"-procedure for the newsletter registration by means of an automatically processed confirmation e-mail to the e-mail address provided by you. We hereby check whether the owner of the e-mail address you have provided has actually authorised the receipt of the newsletter as the person concerned.

We use the personal data collected in the context of the newsletter registration exclusively

  • for sending the newsletters and
  • for sending information and enquiries by e-mail which are necessary or required for the operation or further development of the newsletter service.

A newsletter subscription can be cancelled at any time and consent to the storage of personal data can be revoked at any time. Such termination or revocation may be effected via the link contained in each newsletter or by other communication to the controller. In the event of both termination and revocation, we will delete the respective personal data, unless otherwise required by law, and discontinue sending the newsletter to the person concerned.

In addition to the information provided via the input form, we also store the date and time of your registration and the IP address you use for this purpose. This is done for the purpose of our own legal protection and to protect our technical systems against misuse.

The newsletters we send contain pixel tags, i.e. miniature graphics embedded in the e-mail, whose call is recorded in a log file and is used to determine whether and when the respective newsletter was opened. In the same way, the links contained in the newsletter are recorded and evaluated. This data is stored and processed exclusively for the purpose of statistical evaluation of the newsletter dispatch, optimisation of the newsletter dispatch and better adaptation of the newsletter content to the respective subscriber.