If you visit our website https://cobi.bike or use our webshop, then various personal data will be collected. Personal information is information that personally identifies you.
We collect, store and use personal data only to the extent which is absolutely necessary and for the sole purpose of providing you with the features of our website and our app.
1. Collection and processing of personal data
1.1. Personal data is collected and processed by COBI.Bike exclusively for the purposes of:
- Providing the functions of our website https://cobi.bike
- Using the web shop https://get.cobi.bike
as described below.
1.2. The purpose of the collection and processing of this data can be summarised as an introduction to our company and products on our website, and the sale of our prod-ucts via a web shop.
2. Data categories and earmarking
2.1. User-related master data
The following personal data is collected, stored and processed by COBI.Bike when you visit our website or shop in our webshop. When placing an order, COBI.Bike asks you for various personal data ("user-related inventory data"): e.g.
- Firstname / Surname
- Delivery address
- Mail address
- Telephone number
COBI.Bike requires this data to sell and deliver our products to you. The user-related inventory data is also required in order to be able to fulfill the user agreement and any further agreements regarding the use of additional services.
Your personal inventory data is stored by COBI.Bike for as long as necessary for the purpose of fulfillment and, if necessary, to comply with additional mandatory storage obligations. COBI.Bike will thereafter delete the personal data from the system.
2.2. Usage-related user data
Furthermore, we collect usage data, such as usage of our webshop.
2.3. Data collection on website visit without input
Various data is collected automatically by our IT systems when you visit our website. This is, above all, technical data (for example internet browser, operating system or time of the page request). The collection of this data happens automatically when you visit our website. Part of the data is collected to ensure an error-free provision of the website. Other data can be used to analyze your user behavior. We do not connect this data with personal data. The data remains technical data without personal reference.
2.4. Data collection when using our contact form
Usage data is processed and used exclusively to enable you to make full use of our offering, and only when absolutely necessary. Inventory and usage data is used solely for the fulfillment of contractual or pre-contractual measures (Article 6 paragraph 1 b GDPR). Data which is voluntary for the contact form or elsewhere is marked as such. This data collection then takes place only with your consent (Article 6 paragraph 1 a GDPR).
3.1. You may, of course, withdraw all or part of your consent to the collection and processing of data described above that you have given to COBI.Bike at any time. The withdrawal of consent can be addressed by e-mail to firstname.lastname@example.org. The withdrawal means that you can no longer use the corresponding services for which this data is required.
3.2. Personal data that is no longer needed will be deleted by COBI.Bike as soon as possible, but at the earliest as soon as the retention period legally required has expired. Excluded from deletion is the personal data that COBI.Bike needs to handle any outstanding tasks or to enforce its rights, as well as any data that COBI.Bike is legally required to retain.
4.2. Cookies are small files that are stored locally on your device when you use the app. You can delete cookies on your devices at any time. However, this can lead to the individual functions being no longer available to you. To delete the cookies, please refer to the help function of your browser.
5. Use of the web analysis tool Google Analytics
The website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies", which are text files that are stored on your com-puter and that allow an analysis of your use of the website. The information gener-ated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. As we have activated IP anonymization on this website, the IP address assigned to your computer at the relevant time will be short-ened beforehand by Google within member states of the European Union or the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website ac-tivity, and to provide us with other services related to website activity and internet usage. The IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google or our data. You can prevent the storage of cookies by using the corresponding setting of your browser software; however, this may hinder the ease with which you use this web-site. In addition, you may prevent Google from collecting or processing the data generated by the cookie, related to your use of the website (including your IP ad-dress) by downloading and installing the plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en For more information about Google's privacy practices, please visit http://www.google.com/intl/de/policies/privacy/ We point out that on this website Google Analytics has been extended by the code "gat._anonymizeIp ();" in order to ensure an anonymous collection of IP addresses (so-called IP-Masking).
6. Use of the web analysis tool Hotjar
This website uses Hotjar, a web analysis service provided by Hotjar Ltd, Level 2, St Julian's Business Center, 3, Elia Zammit Street, St Julian's STJ 1000, Malta. Hotjar anonymously records interactions of randomly selected visitors to our website. For example, it makes a log of mouse movements and clicks with the aim to identify possibilities for improvement from our side. In addition, Hotjar evaluates information about the operating system, browsers, incoming and outgoing links, geographic origin, as well as other anonymous data for statistical purposes. The information collected is non-personal and is stored by Hotjar Ltd. and not passed on to other third parties. Additional information about Hotjar can be found at: https://www.hotjar.com/privacy. If you do not want a site analysis using Hotjar, you can disable it by setting a DoNotTrack header in your browser (opt-out): https://www.hotjar.com/opt-out
7. Use of the web analysis tool My Fonts
This website uses, amongst others, fonts provided by MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA. This integration also retrieves data from a MyFonts company server when the website is accessed, which means that this server and therefore also MyFonts, gains knowledge of your IP address. Without your IP address, the Myfonts server could not send any font files to your browser.
In addition, MyFonts learns that you have accessed the font through our website and also some technical information about your browser. Even if the provider, ie MyFonts, only requires the transmitted information, in particular the IP address, to deliver the retrieved contents, it is beyond our knowledge and influence as to whether and to what extent MyFonts statistically evaluates or stores this information. Our website also includes a visitor counter from MyFonts, which records the number of visitors to our website. To use this visitor counter, we are legally obliged to use the fonts.
8. Use of Facebook Pixel
This website uses Facebook Pixel, a web analytics service provided by Facebook Network, 1 Hacker Way, Menlo Park, CA 94025, USA, or if you live in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ("Facebook").
With the help of the Facebook pixel we can understand the effectiveness of the Facebook ads for statistical and market research purposes, by seeing if users were redirected to our website after clicking on a Facebook ad. If you then log in to Facebook or visit Facebook in the logged-in state, the visit to our site is noted in your profile. The data collected about you is anonymous and does not give us any information about the identity of the users. However, the data is stored and processed by Facebook, meaning that a connection to the respective user profile is possible. If we should send data to Facebook for comparison purposes, it will be encrypted locally in the browser and then sent to Facebook via a secure https connection. This is done solely with the purpose of establishing a comparison with the Facebook data, which is also encrypted.
The processing of the data by Facebook is part of Facebook's data usage policy. Accordingly, general notes on how to display Facebook Ads can be found in Facebook's Data Usage Policy: https://www.facebook.com/policy.php. For specific information and details about the Facebook Pixel and how it works, visit the Facebook help section: https://www.facebook.com/business/help/651294705016616.
To opt-out of using the Facebook pixel, you can go to the Facebook-enabled page and follow the instructions for the usage-based advertising settings: https://www.facebook.com/settings?tabs=ads
Further opt-out possibilities are offered by:
https://www.aboutads.com/choices or the EU page
We only send newsletters, e-mails and other electronic notifications with promotional information (hereinafter "newsletter") with your consent. Generally, our newsletters contain information about your COBI.Bike hardware or your COBI.Bike app. Registration for our newsletter uses the so-called double opt-in procedure. The newsletter registration will be logged in order comply with the legal requirements for registrations. Similarly, changes to your data stored with MailChimp will be logged. The newsletter is distributed via MailChimp, a service from Rocket Science Group, LLC, 675 Ponce De Leon Ave. NE # 5000, Atlanta, GA 30308, USA. MailChimp is certified under the US-EU Privacy Shield and thus undertakes to comply with EU data protection requirements. Furthermore, we have concluded a data processing agreement with MailChimp (order processing contract in compliance with Art. 28 GDPR).
10. Use of external links
There are links to third party websites on our website or in the COBI.Bike app. After you click the link, COBI.Bike is no longer responsible for the collection, saving, or processing of any data that is transmitted to a third party by clicking the link (e.g. IP address or the URL at which the link is located), since we have no control over the conduct of third parties.
11. Sharing personal data with third parties
As the user, you can always decide which personal data to share with third parties by issuing separate declarations stating the recipient. Stating that personal data can be shared with third parties is done on a voluntary basis.
With the exception of the above policy, personal user data can only be shared by us with third parties if and when COBI.Bike is legally obligated to do so, or it becomes necessary in order to execute COBI.Bike’s rights and requirements.
The personal data of the user will not be shared with third parties without their consent.
12. Deleting your personal data
Personal data will be deleted when it is no longer needed to fulfill the purpose of saving it when consent is rescinded, or if the saving of data is impermissible for other legal reasons.
Data that is required for the purposes of billing and accounting, or that is subject to statutory obligations, remains unaffected during the statutory legal period for preserving records, or beyond if required for the enforcement of rights and claims.
13. Security of data
COBI.Bike takes all necessary technical and organizational measures to ensure an appropriate level of security and to protect your data that is administered by us especially from the risks of unintended or unlawful destruction, manipulation, loss, change or unauthorized disclosure or unauthorized access. We use security measures such as the HTTPS to protect your personal information.
14. User rights
14.1. Information, correction, blocking, deletion
You have the right to obtain information about the origin, recipient, and purpose of the personal data stored about you at any time and free of charge (Article 13 paragraph 2 b GDPR). You also have the right to request the correction, blocking or deletion of this data (Article 13 (2) (b) GDPR).
14.2. Withdrawal and complaints
Furthermore, the user can revoke this consent at any time for information that is collected on the basis of their consent (Article 13 paragraph 2 b GDPR). Finally, you have a right of appeal to the competent supervisory authority, the Hessen Data Protection Officer (Article 13 paragraph 2 d GDPR).
14.3. Data portability
You are entitled to receive data that you have provided to us in a structured, commonly used and machine-readable format or – if technically feasible – to demand that we transfer that data to a third party.
We reserve the right to change our security and data protection measures should this be required due to technical development. In such cases, we will amend our data protection notice accordingly. Therefore, please take note of the current version of our data protection notice, as this is subject to change.
To assert your rights, report any data breaches, as well as for suggestions and complaints regarding the processing of your personal data, we recommend that you contact our data protection officer: email@example.com
Status: April 2018