1. Information on data protection

We warmly welcome your visit to our website and appreciate your interest in our company and our products. At this point we would like to inform you about which data is collected, used and processed, when, and how we handle your personal information.

2. Data collection and data use

Personal data is information that can be used to identify an identifiable individual. This includes information such as your name, address, email address or telephone number.

(1) Collection of personal data when using the website

If you visit our website for purely informational purposes without registering or otherwise providing us with information, we only collect the personal data that your browser sends to our server. In order to display our website to you and to ensure stability and security, we collect the following technically necessary data when you want to visit our website:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• amount of data transferred in each case
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software.
• The legal basis for storing the data is Article 6 Paragraph 1 Letter f GDPR.

(2) Collection of personal data upon registration

We offer you the opportunity to register on our website by providing personal data.
Depending on the type of contract concluded, we store the following data:

• Full Names
  
• Address
• Billing address
• E-mail address
• Telephone number

The data is entered into an input mask and transmitted to us and stored. A transfer of data to third parties does not take place. Users can access to order goods via their user account.
As part of the registration process, the user's consent to the processing of this data was obtained, Article 6 Paragraph 1 a) GDPR. Registration is also required to fulfill a contract for the purchase of goods in our online shop or to carry out pre-contractual measures, Article 6 Paragraph 1 b) GDPR. The data collected serves us to process the purchase of goods in our online shop, in particular to enable the correct shipping of ordered goods.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. This occurs if your registration on our website is canceled or changed, or if the data is no longer required for the fulfillment of the contract. Even after the contract has been concluded, it may be necessary to store the contractual partner's personal data for contractual or legal reasons, for example for tax considerations.

Users have the option to cancel their registration at any time. You can change the data you have stored at any time as follows:

If the data is necessary for the fulfillment of the contract or to carry out pre-contractual measures, early deletion can only take place if there are no contractual or legal obligations to prevent deletion

If you give your consent, the legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR and, if the registration serves to fulfill a contract or carry out pre-contractual measures with you, additionally Art. b GDPR.

3. Name and contact details of the person responsible

The person responsible for the management of personal data is

EdenNova GmbH
Marderweg 14
65933 Frankfurt am Main
Managing Directors: Fabrizio Lauria, Marcello Lauria
Mail: hello@edenblau.com

4. Purposes of processing personal data
   
   Your personal data will only be transferred to third parties if the transfer is necessary as part of contract processing or for billing or debt collection purposes (e.g. shipping companies or payment service providers) or if you have expressly consented.
   
   The legal basis for the transmission of data to third parties for the purpose of contract processing or for billing purposes is Article 6 Paragraph 1 Letter b GDPR and for the transfer in the context of legally mandated cases Article 6 Paragraph 1 Letter c GDPR.
   
   
5. Duration of data storage

Your data will be stored for as long as required for the respective purpose, taking into account your legitimate interests. If tax retention periods apply to certain data processed in connection with sales contracts, this data will be retained for 6 or 10 years. During this period, the processing of data will be restricted after 2 years, meaning that the data will only be used to fulfill legal obligations. The retention period begins at the end of the calendar year in which the order was placed by the customer or the contract was fulfilled.

6. Transfer of personal data to third parties

We may share your personal data with the following companies/categories of people in accordance with legal requirements:

Tax auditing and other authorities
External service providers and professional consultants such as lawyers, auditors, accountants, credit agencies for credit checks, debt collection service providers, postal/shipping service providers, freight forwarders e.g. UPS, DHL, Deutsche Post.
Payment providers such as PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg; Klarna AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden, (Amazon Pay) Amazon Payments Europe sca, 5 Rue Plaetis, L-2338 Luxembourg; (Apple Pay) Apple Distribution International, Hollyhill Industrial Estate, Hollyhill Cork, Ireland; Shopify Payments, 126 York Street, Suite 200, Ottawa, ON, Canada, K1N 5T5; Google Pay (Europe), Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

E-commerce platform Shopify
To operate our online shop, we use Shopify, a service provided by Shopify Inc., 126 York Street, Suite 200, Ottawa, ON, Canada, K1N 5T5. This service provides an e-commerce platform through which we offer our goods for sale. The data transmitted as part of your order is stored on a Shopify server.

Shopify has specifically designed its infrastructure so that the cross-border transfer of data is in compliance with the General Data Protection Regulation (GDPR). Personal data from EU citizens is initially received and processed in Ireland, Shopify's EU headquarters. This data is then transferred to Canada to the parent company. If data is transferred from there to processors in other countries, such as the USA, this will be done in accordance with the export requirements of the Canadian Data Protection Act, which has been recognized by the European Commission.

In addition, personal data may be transferred within a group of companies (e.g. between Shopify Inc. (Canada) and Shopify in the USA) if these companies have an internal policy to protect the data (so-called “Binding Corporate Rules” (BCR)), which is enforced by a European data protection authority (based here in Ireland) must be approved (Article 47 GDPR).

Finally, data transferred from Shopify Canada to the United States is encrypted in transit and at rest. This means that they cannot be easily decrypted.

For more information, see http://www.shopify.com/legal/privacy.

The legal basis for the transmission of data to third parties for the purpose of contract processing or for billing purposes is Article 6 Paragraph 1 Letter b GDPR and for the transfer in the context of legally mandated cases Article 6 Paragraph 1 Letter c GDPR.

7. Your Rights

To exercise your rights, you can use the contact form (https://edenblau.com/pages/kontakt).

You have the following rights:

7.1 Revocation of consent
You can revoke your consent to the processing of personal data at any time with future effect.
The contact options above are available to you for this purpose (https://edenblau.com/pages/kontakt).

7.2 Other Rights
You also have the following rights towards us with regard to your personal data:

• right to information,
• right to rectification,
• Right to deletion or restriction of processing,
• Right to object to processing,
• Right to data portability,

You also have the right to complain to a data protection supervisory authority about our processing of your personal data.

8. Contact Form

If you send us inquiries using the contact form, we will only use your data to process your request. This data will not be used for advertising purposes or passed on to third parties.

The legal basis for the processing of data transmitted via the contact form or when sending an email is Article 6 Paragraph 1 Letter f of the GDPR. If the contact is also aimed at concluding a contract, the additional legal basis for the processing is Article 6 (1) (b) GDPR.

The data you enter in the contact form will be stored by us until you request us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies.

9. Cookies

To make your visit to our website pleasant and to enable certain functions, we use cookies. These are small text files that your web browser receives when you visit our pages and stores on your computer. Some of these cookies are deleted immediately after you close your browser, while others remain on your computer permanently and allow us to recognize you or your computer the next time you visit our website.

This website uses the following types of cookies, the scope and functionality of which are explained below:

a) Transient cookies, these are automatically deleted when you close your browser. These include, in particular, session cookies. These store a so-called session ID, with which the various requests from your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

b) Persistent cookies, which are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete cookies at any time in your browser's security settings.
You can influence the use of cookies by changing your browser settings. Most browsers have an option that allows you to restrict or prevent the storage of cookies. Each browser is unique in the way it manages cookie settings. This is described in the respective help menu of your browser.

You can find these for the respective browsers under the following links:

• Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
• Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne
• Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
• Safari: https://support.apple.com/kb/ph21411?locale=de_DE

Please note, however, that deactivating cookies may mean that only limited functions of the website are available to you.
The legal basis for the use of cookies is Article 6 (1) (f) GDPR.
When using cookies, a distinction must be made between the absolutely necessary cookies and those for further purposes (measuring access numbers, advertising purposes). You generally have the choice via our consent manager to accept or reject all or some of the non-essential cookies. If you choose the last option, it is possible that you will not be able to fully use our offer. You can control and revoke this consent via our consent management (also known as “cookie banner” or “cookie settings”).

10. Analysis Tools

10.1 Use of Google Analytics
Our website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website and internet usage to the website operator.

The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data.

You can prevent the storage of cookies by setting your browser software accordingly; However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by using the browser plug-in available under the following link. Download and install in: http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are further processed in abbreviated form, which means that any personal connection can be ruled out. If the data collected about you is personally related, this will be excluded immediately and the personal data will be deleted immediately.

We use Google Analytics to analyze the use of our website and to regularly improve it. We can use the statistics obtained to improve our offering and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User terms and conditions: http://www.google.com/analytics/terms/de .html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, and the data protection declaration: http://www.google.de/intl/de/policies/privacy .

10.2 Use of Hotjar
Our website uses Hotjar, an analysis software from Hotjar Ltd. 3 Lyons Range- 20 Bisazza Street- Sliema SLM 1640, Malta (http://www.hotjar.com), which enables us to analyze your use of the website. Hotjar uses cookies and a tracking code through which the collected data is transmitted to the Hotjar server. This data is essentially device-related information, such as the IP address, the screen size of your device, the device type and browser information, such as type and version, your geographical location and your language preference. Your email address with your first and last name will also be transmitted, provided you have provided us with this information. User interaction, such as mouse movement, websites visited and the date and time of use are also regularly transmitted to Hotjar. Your IP address is automatically anonymized by Hotjar and stored exclusively in this form. In addition, users of the website are assigned a unique user identifier (UUID), through which Hotjar can record recurring users of our website - without linking them to your personal data.

You can prevent Hotjar from collecting and using your data using the link https://www.hotjar.com/opt-out.

10.3 Use of Tidio
Our website uses Tidiochat, a service provided by Tidio Ltd. 220C Blythe Road, W14 0HH, London, United Kingdom (www.tidiochat.com). This service processes anonymized data for the purpose of web analysis and live chat. Cookies can be used for this purpose, which enable your browser to be recognized. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which certain information flows to the place that sets the cookie. Data collected using the Tidiochat service will not be used to identify you without your consent. The data will also not be merged with personal data about the bearer of the pseudonym used. You can configure your browser settings according to your wishes and e.g. B. refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all of the functions of this website.

Further information can be found in Tidio's privacy policy: https://www.tidiochat.com/en/privacy-policy .

Right to object

You can object to the collection and storage of data for the purpose of usage analysis at any time with future effect by informing us of your objection: e.g. by email: hello@edenblau.com or telephone:
The legal basis for the use of analysis tools is Article 6 Paragraph 1 Sentence 1 Letter f GDPR.

11. Social Media Links

On our website we use symbols that act as hyperlinks to the social media platforms Facebook, Instagram and YouTube. These hyperlinks do not transfer any of your data. If you click on the link, you will be redirected directly to our respective social media presence. Your data will only be transmitted to the relevant social media service if you are logged into your user account. In this case, the relevant social media platform may be able to receive information about what content you have viewed on our website.

The following are exclusively responsible for the social media services we link to:

for Facebook and its website, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;

for Instagram and its website, Instagram, LLC, 1601 Willow Rd. Menlo Park, CA 94025, USA;

for YouTube and its website, YouTube, LLC, 901 Cherry Ave., St. Bruno, CA 94066, USA;

For further information about the purpose and scope of data collection and about the further processing and use of your data by the respective social media service, please refer to the data protection guidelines of the respective platform.

12. Facebook Connect

We use the “Facebook Connect” service from Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”) on our website. We offer you the opportunity to log in to our website with Facebook Connect if you have a Facebook profile and give us your express consent to exchange data with Facebook. In this case, additional registration is not required. To register, you will be redirected to the Facebook page, where you can log in with your usage data. This means your browser establishes a direct connection to Facebook's servers, linking your Facebook profile and our service. Through this link, Facebook receives the information that your browser has accessed the corresponding page on our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. By linking, we automatically receive the following information from Facebook Inc., depending on your data protection setting on Facebook (name, email address, date of birth, address, Facebook name, user ID, age, gender and, if applicable, profile picture , the friends list and the likes). From this data, we only use your name, your email address, your date of birth and your address to create a user account, if you have approved these on Facebook. This information is necessary for the conclusion of the contract in order to be able to identify you.

For further information about Facebook Connect and privacy settings, please see the data protection information and terms of use of Facebook Inc. http://www.facebook.com/policy.php

If you do not want Facebook to link the data obtained via our website with your Facebook profile, you must log out of Facebook before visiting our website. You can also exclude the Facebook Connect plugin using add-ons for your browser.

revocation
The consent given to the exchange of data via Facebook Connect can be revoked at any time in the future by sending a message to or email: hello@edenblau.com.

13. Google Tag Manager

On our site we use the Google Tag Manager service from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94.043 USA. Google Tag Manager allows marketers to manage website tags from one interface. A tag is a marking or labeling of a data set. However, the tag manager itself, which uses the tags, works without cookies and does not collect any personal data. The tags set up via Google Tag Manager only ensure the collection of data that is passed on to the target system. Because the data is only passed on, the system does not collect or store the data itself. The tag manager therefore only ensures that other tags are triggered, which in turn may collect data. Corresponding explanations for these respective third-party providers can be found in this data protection declaration. However, Google Tag Manager does not use this data. If you have set or otherwise deactivated cookies, this will be taken into account for all tracking tags that were used with the Google Tag Manager, so the tool does not change your cookie settings.

Google may ask you for permission to share some product data (such as your account information) with other Google products to enable certain features, such as: B. to make it easier to add new conversion tracking tags for AdWords. In addition, Google developers review product usage information from time to time to further optimize the product. However, Google will not share this type of data with other Google products without your consent.

For more information, please see the Google Usage Policy and Google Privacy Policy for this product.

14. Newsletter

Use of the email address to send newsletters

Regardless of the contract processing, we use your email address exclusively for our own advertising purposes to send newsletters, provided you have expressly agreed to this. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.

Your data will be passed on to a service provider for email marketing as part of order processing. It will not be passed on to other third parties.

Use of the email address to send direct mail

We use your email address, which we received as part of the sale of a good or service, to electronically send advertising for our own goods or services that are similar to those that you have already purchased from us, to the extent that you do so have not objected to use. Providing the email address is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your email address at any time by notifying us. The contact details for exercising your objection can be found in the legal notice. You can also use the link provided in the promotional email. There are no costs for this other than the transmission costs according to the basic tariffs.

15. Use of social media plug-ins

On our website we use so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).

We use the so-called two-click solution. This means that when you visit our site, no personal data will initially be passed on to Instagram. The plug-in in the form of images is provided with the heading “Follow us on Instagram”. We give you the opportunity to communicate directly with Instagram using the button. Only if you click on the marked field and thereby activate it will Instagram receive the information that you have accessed our website. In addition, the data mentioned in Section 1 of this declaration will be transmitted. By activating the plug-in, your personal data will be transmitted to Instagram and stored there (with US providers in the USA).
We have no influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing, or the storage periods. We also have no information about the deletion of the data collected by Instagram.

When you interact with the plug-in, especially by clicking on the plug-in image, your browser establishes a direct connection to Instagram's servers. The content of the plug-in is transmitted directly to your browser by Instagram and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted from your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. The information will also be published on your Instagram account and shown to your contacts there. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid being assigned to your Instagram profile.

Instagram saves the data collected about you as usage profiles and uses them for advertising, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) to display tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, although you must contact Instagram to exercise this.

Further information on the purpose and scope of data collection and the further processing and use of the data by Instagram as well as your related rights and setting options to protect your privacy can be found in Instagram's data protection information: https://help.instagram.com/155833707900388/.
If you do not want Instagram to directly assign the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website. You can also completely block the Instagram plugins from loading using add-ons for your browser, e.g. B. with the script blocker “NoScript” (http://noscript.net/).
The legal basis for the use of the plug-ins is Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.

16. Remarketing/Retargeting

(1) On our websites we use “Custom Audiences” from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) for retargeting or remarketing purposes. This service uses so-called tracking or remarketing pixels. These are pixel image files that enable log file analysis. By using the pixels, the service provider can see when and how many users have accessed the pixel, or whether and when an email was opened or a website was visited.

(2) With the help of this service, users of the website can be shown interest-based advertisements (“Facebook Ads”) when they visit the social network Facebook or other websites that also use the process. Our aim is to show you advertising that is of interest to you in order to make our website more interesting for you. When you visit our website, a direct connection to the Facebook servers is established via the pixel. This enables Facebook to identify you based on your browser ID, as this can be linked to your user account. We have no influence on the extent and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding website of ours Visited our website or clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that the provider will find out and store your IP address and other identifying features.

(3) Deactivating the “Facebook Custom Audiences” function is possible for logged in users at https://www.facebook.com/settings/?tab=ads#_.

(4) The legal basis for the processing of your data is Article 6 Paragraph 1 Sentence 1 Letter f GDPR. Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy/.
Right to object
If you do not want to be shown advertising generated by the respective targeting service, you can object to the use of retargeting technology on our websites by sending us a message to hello@edenblau.com.

17. Orders via our website

In order to process orders through our websites, users are required to enter certain personal information, namely: name, address and, if applicable, payment information (e.g. credit card details). We store and use this data exclusively for the purpose of order processing. In addition, the following data is automatically stored: IP address and date and time of registration.

Data will only be passed on to third parties if and to the extent necessary for the proper processing of an order and the concluded purchase contract. To process the shipping, relevant order data (contact and delivery details) can be transmitted to our shipping partner.

To the extent that it is necessary to process contracts in connection with deliveries and payments, the personal data we collect will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Article 6 paragraph 1 letter b of the General Data Protection Regulation (GDPR).

If we need to provide updates for products with digital elements or digital products due to a relevant contract, we will use the contact details (name, address, email address) provided when ordering to contact you in accordance with Article 6 paragraph 1 letter c GDPR to personally inform you about upcoming updates in accordance with our legal information obligations. Your contact details will be used strictly for the purpose of communicating updates owed by us and will only be processed to the extent necessary for the information in question.

In order to process your order, we work with service providers who support us in whole or in part in the implementation of concluded contracts. In accordance with the following information, we transfer certain personal data to these service providers.

To fulfill our contractual obligations to our customers, we work with external shipping partners. We pass on your name and delivery address and, if necessary for delivery, your telephone number to a shipping partner selected by us exclusively for the purpose of delivering goods in accordance with Article 6 Paragraph 1 Letter b of the GDPR.

 

Paypal
Our online shop allows payment via PayPal. The payment service provider is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg.

If you pay with PayPal, the payment details you entered will be transmitted to PayPal.

Your data will be transmitted to PayPal on the basis of Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (processing to fulfill a contract). You can revoke the consent you have already given at any time. Past data processing operations remain effective if revoked.

Klarna
In order to enable you to pay via Klarna, your personal data (contact and delivery details) may be transmitted to Klarna. This is necessary so that Klarna can check your qualification to use the payment method. Personal data submitted to Klarna will be processed in accordance with Klarna's privacy policy.

18. Data Security

We have taken a variety of security measures to protect your personal information. Our servers and databases are protected, among other things, by physical and technical measures.

When collecting and transmitting data via our website, we use standardized SSL encryption technology. Personal data is transmitted as part of the ordering process via SSL encryption, which can be recognized by the lock symbol in the browser and the addition “https://” in the address bar.

With encrypted communication, the payment details you transmit to us cannot be read by third parties. When communicating via email, 100% data security cannot be guaranteed.

19. Changes to this privacy policy

We can change this data protection declaration at any time. Any changes to this Privacy Policy will be posted on this website and will automatically take effect 30 days after being posted. We will inform you of any significant changes to this privacy policy by email.

© 2023 EdenNova GmbH; As of: September 2023