Privacy policy

We, BerlinGreen.tech UG, operate the website and the online store offered there and the services offered https://berlingreen.cc-staging.io and collect certain data from our visitors and customers to the extent necessary. In the following privacy policy you will learn what we do with your data, so-called personal data, and why we do this. We also tell you how we protect your data, when the data is deleted and what rights you have thanks to data protection.

Who can I contact?
Responsible for this website is:

BerlinGreen.tech UG,
Niemetzstrasse 47-49,
12055 Berlin
Germany
[email protected]

Phone: 0049 15774552216

Please contact us at any time if you have specific questions about your data, its deletion or your rights.

What are my rights?
You can contact us at any time if you have questions about your data protection rights or wish to assert your rights below:

- Right of revocation pursuant to Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to revoke a previously given consent to a newsletter)
- Right of access pursuant to Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
- Rectification pursuant to Art. 16 GDPR (e.g. you can contact us if your email address has changed and you want us to replace the old email address)
- Erasure pursuant to Art. 17 GDPR (e.g. you can contact us if you want us to erase certain data that we have stored about you)
- Restriction of processing pursuant to Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your email address but only want us to use it to send essential emails)
- Data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data stored by us in a compressed format, e.g. because you want to make the data available to another website)
- Objection in accordance with Art. 21 GDPR (e.g. you can object to the processing of your data in accordance with Art. 21 GDPR). Art. 21 GDPR (e.g. you can contact us if you do not agree with one of the advertising or analysis procedures specified here)
- Right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 para. 1 GDPR (e.g. you can also contact the data protection supervisory authority in your federal state directly in the event of complaints)

Deletion of data and storage period
Unless otherwise stated, we delete your data as soon as it is no longer required, e.g. your e-mail address after you unsubscribe from our newsletter. Your data will also be blocked or deleted if a storage period prescribed by law expires, unless there is a need to continue storing the data for the conclusion or performance of a contract. Certain data may have to be stored for longer for legal reasons. You can of course request information about the stored data at any time.

Visiting the website
If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser transmits to enable you to visit the website, first and foremost:

- IP address (e.g. 95.91.215.example or 2a02:8109:9440:1198:bdb1:551f:example)
- Approximate location based on IP range (e.g. Berlin & surrounding area)
- Internet provider (e.g. Kabel Deutschland or Deutsche Telekom)
- Internet speed (e.g. 120 Mbit) - Date and time (e.g. 11:45 on 25 May 2018) - Last visited website (e.g. google.de)e.g. 120 Mbit)
- Date and time (e.g. 11:45 on 25.05.2018)
- Last visited website (e.g. google.de)
- Browser (e.g. Chrome or Safari)
- Operating system (e.g. Mac OS)
- Hardware (e.g. Intel processor)

As a protective measure for your privacy, we delete or anonymize the IP address after your visit to our website. This means that the other technical data can no longer be traced back to you and is only used for anonymous, statistical purposes to optimize our website. The purpose of the temporary storage of the data is, on the one hand, the technical necessity for establishing a connection and the correct, error-free display of our website. The IP address and the aforementioned technical data are required to display the website, to avoid display problems for visitors and to correct error messages. The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures and in accordance with the European data protection requirements under Art. 6 para. 1 lit. f GDPR.

Online order/checkout
If you wish to place an order for our products, we will only ask you for the data required to process your order and payment. This data is treated confidentially and is only processed by us, the payment provider and the shipping service provider. The following data is required for this:

- First name/last name
- E-mail address
- Address (shipment delivery)
- Telephone

As a protective measure, the data you enter is transmitted via an encrypted connection - just like the rest of the website. We also apply the principle of data minimization and only collect the data that is actually required. Your data will be stored for as long as is necessary to process your order or until you request the deletion of the data. However, invoice-related data is subject to statutory retention periods and can be stored for up to ten years. The purpose of the requested data is order and payment processing in order to deliver the desired product to you. The legal basis is the mutual fulfillment of the contract in accordance with the European data protection requirements of Art. 6 para. 1 lit. b GDPR.

Data transfer
In order to fulfil the contract in accordance with Art. 6 par. 1p 1b GDPR, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must register with the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.

Customer account

To set up the customer account and the associated data processing, primarily
- surname, first name
- email address,
- previous orders
are processed. The customer account and the associated data are stored in the database of our store provider (see Shop/Hosting). We link this data to an ID generated by us for the devices used in order to be able to offer the functionalities of our products and services.

Data processing in the app
In principle, you can use our app anonymously - i.e. without logging in. However, essential functions of the app are not possible without a login for technical reasons.
Further information on data processing in the app and in particular the associated authorisations can be found in our app-specific data protection declaration at any time.

Shop/ hosting
Our website and the associated store are provided by a service provider, Shopify, as part of processing on our behalf. This serves to safeguard our legitimate interests in the correct presentation of our offer, which predominate in the context of a balancing of interests. All data collected as part of the use of this website or in the forms provided for this purpose in the online store described above are processed on Shopify servers.
We have concluded the necessary data processing agreement with Shopify and have also taken additional measures (standard data protection clauses of the European Commission) to ensure an adequate level of data protection.

Chatbot - Tidio
For better communication and to be able to answer questions quickly, we use the chat function of Tidio Life Chat from Tidio LLC, 180 Steuart St,CA 94119, San Francisco, USA, Web: https://www.tidio.com, hereinafter: "Tidio Live Chat" on our website.
If you have any questions about our products, our online store, the website or our company, you can reach us via the Tidio Live Chat window that appears and send us a message. You will be informed whether someone is currently online to answer you immediately. If this is not the case, you can still leave a message.

Tidio Live Chat uses cookies to enable you to personalise your online experience. For an explanation of cookies, please refer to the "Cookies" section of this privacy policy. The information generated by Tidio Live Chat's cookies is processed outside the European Union. We have concluded a so-called "standard contractual clause" with Tidio Live Chat in order to oblige Tidio Live Chat to maintain an adequate level of data protection.

The data is processed exclusively for the processing of the conversation. Legal basis for the processing Art. 6 par. 1p 1f) GDPR. We carry out the aforementioned processing for customer care and to increase our services. We have no knowledge of the storage period at Tidio Live Chat and no possibility to influence it. Further information on data protection can be found at https://www.tidio.com/privacy-policy/

Newsletter
We use the so-called double opt-in procedure for the provision of our newsletter, i.e. we will only send you a newsletter by e-mail if you confirm that you wish to receive our newsletter by clicking on a link in our notification e-mail. If you confirm your wish to receive the newsletter, we will store your email address until you unsubscribe. The storage serves the sole purpose of being able to send you the newsletter.

You can of course unsubscribe from our newsletter at any time; you will find a link to do so in every newsletter. Alternatively, you can contact us using the contact details above.

We work with the service provider "MailChimp" based in Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 to send our newsletter. You can view the privacy policy of the mailing service provider here: https://mailchimp.com/legal/privacy. We have concluded an order processing contract with this service provider in accordance with the requirements of Art. 28 GDPR and have also concluded EU standard contractual clauses that ensure an adequate level of data protection.

Cookies
Our website sometimes uses so-called cookies. Cookies are small text files that are usually stored in a folder in your browser. Cookies contain information about the current or last visit to the website:

- Name of the website
- Expiry date of the cookie
- Any value

If cookies do not contain an exact expiration date, they are only stored temporarily and automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date remain stored even if you close your browser or restart your device. Such cookies are only deleted on the specified date or when you delete them manually.

We use the following three types of cookies on our website:
- Necessary cookies (we need these, for example, to display the website correctly for you and to temporarily store certain settings)
- Functional and performance-related cookies (these help us to evaluate e.g. technical data of your visit and thus avoid error messages)
- Advertising and analysis-related cookies (these ensure that e.g. advertising for shoes is displayed if you have previously searched for shoes).

The legal basis for the processing of the associated personal data is the consent of the website visitor, which we obtain via the cookie banner. They can revoke their consent at any time here.

Google Analytics

Insofar as you have given your consent to this in accordance with Art. 6 (1) sentence 1a GDPR, this website uses Google (Universal) Analytics for the purpose of website analysis. The web analytics service is provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. (www.google.de). Google Analytics uses methods that enable an analysis of your use of the website, such as cookies. The information automatically collected about your use of this website is usually transferred to a Google server in the USA and stored there. By activating IP anonymisation on this website, the IP address is shortened before transmission within the Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The anonymised IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. After the end of the purpose and the end of the use of Google Analytics by us, the data collected in this context will be deleted.
You can revoke your consent at any time with effect for the future by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de. This will prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google.
As protective measures, we integrate all third-party technologies in the most data-saving way possible and pay attention to SSL encryption. We have also concluded the necessary data protection agreements with all the providers mentioned. All of the named providers are based in the USA. The European Court of Justice has ruled that the USA does not offer a level of data protection equivalent to that of the EU and that government authorities may have access to the data of EU citizens. The providers therefore provide so-called standard contractual clauses, with the help of which a sufficient level of data protection for international data transfers is contractually guaranteed. The standard contractual clauses were individually evaluated and jointly agreed by our data protection officer.

Google Tag Manager

This website uses Google Tag Manager. This service allows website tags to be managed via an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, it remains in place for all tracking tags, provided that these are implemented with the Google Tag Manager.

Hotjar

We also use the Hotjar Ltd. web analysis service. Hotjar Ltd. is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Center, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe. This tool can be used to track movements on the websites on which Hotjar is used (so-called heat maps). For example, it is possible to see how far users scroll and which buttons users click and how often. The tool also makes it possible to obtain feedback directly from website users. In this way, we obtain valuable information to make our websites even faster and more customer-friendly.

We pay particular attention to the protection of your personal data when using this tool. For example, we can only track which buttons are clicked, the history of the mouse, how far you scroll, the screen size of the device, device type and browser information, geographical location (country only) and the preferred language used to display our website. Areas of the websites in which personal data of you or third parties are displayed are automatically hidden by Hotjar and are therefore not traceable at any time.

The legal basis for the use is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which can be declared in the context of our cookie banner. Consent can be revoked at any time via the cookie administration.

Social plug-ins
We use social plug-ins such as "Facebook Connect" from Facebook.
You can recognize the provider of the plug-in by the marking on the box above its initial letter or the logo. We give you the option of communicating directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it will the plug-in provider receive the information that you have accessed the corresponding website of our online offering. By activating the plug-in, your personal data is therefore transmitted to the respective plug-in provider and stored there (for US providers in the USA). Since the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies via your browser's security settings before clicking on the grayed-out box.
We have no influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

The plug-in provider stores the data collected about you as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Via the plug-ins, we offer you the opportunity to interact with the social networks and other users so that we can improve our offer and make it more interesting for you as a user.

The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, the data we collect is directly assigned to your account with the plug-in provider. If you click the activated button and, for example, link to the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will help you to avoid an assignment to your profile with the plug-in provider.
For further information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the data protection declarations of these providers provided below. There you will also receive further information on your rights in this regard and setting options for protecting your privacy.
Addresses of the respective plug-in providers and URL with their data protection notices:
[Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo.

Legal basis and purpose of processing
The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR. We would like to offer you the opportunity to share content or to share your interest or favor with others and process the data for this purpose. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.

Status of the privacy policy: October 2021