For which purposes and based on which legal framework do we process personal data?
If you browse our websites, order or use our products, or otherwise engage with us, we will receive personal data from you. We generally process your data on the following legal bases:
If you have granted your express consent (Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law ), e.g. if you would like for us to contact you directly, subscribe to our newsletter, or wish to receive advertising content tailored to your person. Any measures according to Art. 7 para. 3 UWG such as emails related to the purchase of goods or usage of the address for direct advertising by the customer for similar goods or services from Vimcar shall remain unaffected, (see our GTC).
To fulfil our contractual obligations (Art. 6 para. 1 lit. b GDPR or the equivalent provision under UK law), e.g. if you purchase and use our product.
As a company, we are subject to various legal obligations (Art. 6 para. 1 lit. c GDPR or the equivalent provision under UK law). We are, for example, required under tax law and commercial law to retain certain documents.
We additionally process data on the basis of a legitimate interest on our part or third parties (Art. 6 para. 1 lit. f GDPR or the equivalent provision under UK law). This includes, inter alia, data processing for direct advertising purposes, to promote sales, for IT security and the combatting of fraud, as well as the creation of pseudonymous user profiles for analysis purposes and the needs-based design of our website (tracking). You have the right to object to data processing on the basis of a legitimate interest in accordance with Art. 21 para. 1 GDPR or the equivalent provision under UK law. More detailed information is provided under Clause 10.
Data processing visiting the website
When you visit our website, your browser transmits data to our web server in order to provide you with the information you have requested. To enable you to visit the website, the following data is collected, stored and used for a short period of time:
Date and time of the visit
Content of the request (concrete page)
Operating system and its access status / HTTP status code
Amount of data transmitted
Browser, language and version of the browser software
In addition, in order to protect our legitimate interests, we store this data for a limited period of time in order to initiate a derivation to personal data in case of unauthorized access or attempted access to local servers. The legal basis for this is Art. 6 para. 1 lit. f GDPR or the equivalent provision under UK law.
Data processing in our webshop
You can buy our products directly through our website. In order to process your order, we need your contact and address data, as well as information about the desired services (e.g. product type). The legal basis for this is Art. 6 para. 1 lit. b GDPR or the equivalent provision under UK law.
Data processing in terms of payment
For payment processing through our website, we use payment service providers who directly take over your entries and are therefore recipients of your personal data collected in connection with the payment transaction.The responsibility for your payment data is borne by the payment service provider. Information, in particular about the controller of the payment service providers, the contact details of the data protection officer of the payment service providers, and the categories of personal data processed by the payment service providers, can be obtained at the following addresses:
Data processing for newsletters and mail communications
7.1. Distribution of our newsletter
Distribution of our newsletter You can subscribe to our newsletter to receive, among other things, information about our current offers and product updates.
To subscribe to our newsletter, we use the double opt-in procedure. This means that after your registration we will send you an email to the specified email address in which we ask you to confirm that you would like the newsletter to be sent. For the purpose of receiving our newsletter, we collect and use the e-mail address you provided during registration on the basis of your prior consent in accordance with Art. 6 Para. 1 lit. a GDPR or the equivalent provision under UK law. If you do not confirm your registration, your registration will be automatically deleted. Registration and confirmation will be logged in order to prevent misuse of your personal data. In doing so, we store the IP addresses used for your registration, the times of your registration and confirmation and our registration notifications as well as the text of your registration and confirmation. Any time you can object your consent of receiving the newsletter with effect for the future (Art. 21 GDPR or the equivalent provision under UK law). You can declare your revocation by using the link provided for this purpose in each newsletter or by contacting the above-mentioned contact persons.
7.2 Newsletter tracking
Newsletters are sent via the mailing service Mailchimp, a newsletter mailing platform of Rocket Science Group, LLC (675 Ponce De Leon Ave NE #5000, Atlanta GA 30308, USA). Master data of the recipients, i.e. first name; last name; e-mail address, are transmitted. The legal basis is Art. 6 para. 1 lit. f or the equivalent provision under UK law GDPR. Our legitimate interest is to be able to keep the opt-in information obtained (consent database) and to maintain an suppression list. The Rocket Science Group LLC d/b/a MailChimp is EU-US Privacy Shield certified. Data processing in the USA in accordance with data protection regulations can therefore be guaranteed on the basis of the European Commission's decision on adequacy (2016/1250) in accordance with Art. 45 para. 1 GDPR or, where applicable, on the basis of UK data protection laws. Please also note the data protection information of Mailchimp.
Use of social plugins
This website uses social plugins from Pinterest (Operator: Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA).
Pinterest enables users of this social network, among other things, to publish collections of images, individual images and descriptions on virtual pinboards, which can then be shared or commented on by other users. Each time a user calls up one of our individual pages on which a Pinterest component (Pinterest plug-in) has been integrated, the Internet browser will automatically be prompted by the respective Pinterest component on the information technology system of the person concerned to download a representation of the corresponding Pinterest component from Pinterest. As part of this technical process, Pinterest is informed which specific subpage of our website is visited by the data subject.
If you are signed in to Pinterest at the same time, Pinterest will recognize each time for the entire duration of your stay you visit on our website and which specific page of our website have been visited. This information is collected by the Pinterest component and assigned to the respective Pinterest account by Pinterest. If you click on a Pinterest button integrated on our website, Pinterest will assign this information to the personal Pinterest user account of the person concerned and store this personal data. If you click on a Pinterest button integrated on our website, Pinterest assigns this information to your personal Pinterest user account and stores this personal data. The Pinterest component will always inform Pinterest that you have visited our website if you are logged in at the same time as you access our website, regardless of whether the Pinterest component has been clicked or not. If Pinterest does not wish to receive this information, it may prevent you from logging out of your Pinterest account prior to accessing our website. The legal basis for this data processing is Art. 6, para. 1 lit. a GDPR or the equivalent provision under UK law.
We have no control over the extent of the data collected from you by the provider. For more information about the scope, type and purpose of data processing and about rights and setting options for protecting your privacy, please refer to the provider's data protection information. This is available under the following addresses: https://about.pinterest.com/privacy-policy You can object to this special data processing at any time, either by deactivating the relevant settings under "Customization" in your Pinterest account or by clicking Opt-Out.
How are cookies used on this website?
10.1 Transient cookies
These cookies are automatically deleted when you close your browser. These include session cookies, in particular. These store a so-called session ID with which various requests from your browser can be assigned to the common session. This allows your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.
10.2 Persistent cookies
These cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies in the security settings of your browser at any time.
10.3 Flash cookies
Flash cookies which are used are not stored by your browser, but instead by your Adobe Flash plugin. We also use HTML5 storage objects which are stored on your mobile device. These objects store the required data independently of the browser used and do not have an automatic expiry date. If you do not want the Flash cookies to be processed, you must install an appropriate add-on, e.g. "Flash Block (Plus)" for Mozilla Firefox or the Adobe Flash killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using the private mode of your browser. We also recommend that you regularly delete your cookies and your browser history manually.
10.4 Prevention of cookies
You can configure your browser settings as desired and refuse to accept third-party or any cookies. Please note that if you do so, you may not be able to use all functions of this website.
For the purpose of analysing and optimising our websites, we use various services, which are described below. For example, we may analyse how many users visit our site, which information is most in demand, or how users find the offer. Among other things, we collect data about the website from which a person has accessed a website (the so-called referrer), which subpages of the website were accessed, or how often and for how long a subpage was viewed. This helps us to design and improve our offers in a user-friendly way. The data collected are not used to personally identify individual users. Anonymous or at most pseudonymous data are collected. You always have the option of opting out (using a link or through the browser settings).
11.1 Google Tag Manager
For the sake of transparency, we hereby point out that we use the Google Tag Manager. The legal basis for the use of Google Tag Manager is your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law The Google Tag Manager itself does not collect personal data. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements, which, among other things, serve to measure traffic and visitor behaviour, determine the impact of online advertising and social channels, for remarketing purposes, setting up websites geared towards target groups, and for testing and optimising the website. We use the Google Manager for the Google AdWords and Google Analytics services by Google. If you have opted out, Google Tag Manager will take this into account. You can find more information about the Google Tag Manager here: https://www.google.com/analytics/tag-manager/use-policy/
11.2 Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; hereafter: “Google”). Usage comprises the Universal Analytics operating mode. The legal basis for the use of Google Analytics is your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law. The data stored by Google Analytics will be automatically deleted 14 months after their collection. This makes it possible to assign data, sessions, and interactions across multiple devices to a pseudonymous user ID and thus analyse user's activities across devices.
The web analysis and optimisation service "Google Optimize" is used on our website. Google Optimize is a sub-service of Google Analytics. We use the Google Optimize service to increase the attractiveness, content and functionality of our website by offering new functions and content to a percentage of our users and statistically evaluating the change in usage.
You can prevent the storage of cookies by setting your internet browser accordingly (see corresponding passage under Google Analytics).
11.3 Google Customer Match
We use Google Customer Match. With this service, you can be shown targeted search results about our products and services when carrying out a search via Google or using Gmail or YouTube. To this end, we import encrypted e-mail lists that Google compares to its logged-in users. If there is a match, these target groups are activated for Google searches, on YouTube, Google Shopping, and for Vimcar ads/campaigns distributed through Gmail. The legal basis is your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law . The data will be deleted as soon as a customer relationship no longer exists.
This website uses Hotjar, analysis software of Hotjar Ltd., 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). The legal basis for the use of Hotjar is Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law. Hotjar makes it possible to measure and evaluate the usage behaviour on our website. By using this tool, we pay particular attention to the protection of your personal data. We can only track which buttons are clicked, the course of the mouse, how far it scrolls, the screen size of the device, device type and browser information, geographic location (country only) and the preferred language to display our website. Areas of the websites in which personal data from you or third parties is displayed are automatically hidden by Hotjar and can therefore not be traced at any time. In order to exclude the possibility of direct personal references, IP addresses are only stored and processed anonymously.The information about your visit to our website which is generated by the tracking code and cookie is transmitted to the Hotjar servers in Ireland and stored there.
We use the conversion tracking technology and retargeting feature of the LinkedIn Corporation on our website.
Cookies for marketing purposes
We use the technology of Criteo (Criteo GmbH, Unterer Anger 3, 80331 Munich, Germany). This information about the surfing behaviour of website visitors is collected in purely anonymous form, and cookies are set, for marketing purposes. Criteo can thus analyse the surfing behaviour and then display targeted product recommendations as appropriate advertising banners when other web pages are visited. Under no circumstances can the data collected be used to personally identify the visitor of this website. The data collected by Criteo are solely used to improve the advertising offer. The data are not utilised in any other way nor are they passed on to third parties. You can find out further details from Criteo and register your objection to the anonymous analysis of your surfing behaviour on http://www.criteo.com/privacy.
12.2 Google Adwords and conversion tracking
To draw attention to our current services, we place Google Ads ads and use Google Conversion Tracking and the Google Tag Manager in this context, to offer personalised online ads tailored to interests and geographical location. The legal basis for the use of Google Ads and conversion tracking is your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law . The option to anonymise the IP addresses is configured using an internal setting in the Google Tag Manager, which is not visible in the source of this page. This internal setting is configured such that the anonymisation is guaranteed. These ads appear after searches on websites of the Google Ad Network. We have the possibility to combine our ads with certain search terms. Cookies allow us to activate ads based on previous visits of a user to our website.
When you click on an ad, a cookie is set on the computer of the user. Further information on the cookie technology used can also be found in Google's notes on website statistics and in the data policy.With the help of this technology, Google and we as customers receive information that a user has clicked on an ad and has been redirected to our websites. The information obtained in this way is used exclusively for statistical evaluation for ad optimisation. We do not receive any information that personally identifies visitors. The statistics provided by Google include the total number of users who clicked on one of our ads and, if applicable, whether they were forwarded to a page of our website with a conversion tag. Based on these statistics, we can trace the search terms for which our advertisement was clicked particularly often, and which advertisements lead to contact by the user via the contact form.
12.3 Google Dynamic Remarketing
12.4 Bing Ads
This website uses Bing Ads, a service of the Microsoft Corporation (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Bing Ads will place a cookie if you have accessed our website via a Microsoft Bing ad. In this way, it can be recognised that someone has clicked on an ad, has been redirected to our website, or has reached a previously defined target page (conversion page). The legal basis for the use of Bing Ads is your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law . We only see the total number of users who clicked on a Bing ad and who were then redirected to the conversion page. No personal information about the identity of the user is disclosed. The collected data is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. For more information about Microsoft Bing's privacy practices and which cookies are used, please visit the Microsoft website.
12.5 Facebook Custom Audiences
12.6 Awin (Zanox)
We use the performance advertising network of AWIN AG (Eichhornstraße 3, 10785 Berlin, Germany). The legal basis for the use of Awinis your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law. As part of its tracking services, AWIN stores cookies on end devices of users who visit or use websites or other online services of its customers (e.g. subscribe to a newsletter or place an order with an online store) to document transactions (such as leads and sales). These cookies are solely used for the purpose of correctly assigning the success of an advertisement and relevant billing within its network. In doing so, AWIN does not collect, process, or use personal data. The cookie solely stores information about when a particular advertising medium was clicked on by an end device. A custom range of digits, which however cannot be traced back to the individual user, is stored in the AWIN tracking cookies; this allows for the partner program to document the advertiser, publisher, and the time of a user action (click or view). Over the course of this process, AWIN also collects information about the end device from which a transaction is carried out, e.g. the operating system and the accessing browser. These data will be deleted as soon as the purpose of storage in the form of a correct allocation of the success of an advertising medium has been achieved.
12.7 Twitter advertising
As part of usage-based online advertising, a tracking code (pixel) of Twitter (Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA) is placed on the website. The legal basis for the use of Twitter pixel is your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law. Basically, a non-reversible and non-personal check sum (hash value) is generated from your usage data, which can be transmitted to Twitter for analysis and marketing purposes. Hereby, a Twitter cookie is set. Information about your activities on the website (e.g. surfing behaviour, visited subpages, etc.) is collected. In the context of the use of our website, data such as your IP address and your user activities are transmitted to Twitter servers and processed and stored within the European Union. We carry out this analysis on the basis of the tracking service of Twitter Advertising, in order to constantly optimize our Internet offer and make it better available. To prevent the pixel from executing its functions, you can install a script blocker such as noScript.
12.8 Outbrain Amplify
We use the Amplify service of Outbrain Inc. (Outbrain Inc., 39 West 13th Street, 3rd floor, New York, NY 10011) to present our website visitors relevant content. The legal basis for the use of Outbrain Amplify is your consent according Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law. Hereby, a temporary cookie is set. This cookie does not store any personal data, but merely technical data (e.g. on your operating system) as soon as you interact with the Outbrain network. Your IP address is anonymised immediately on the Outbrain servers. The data collected by Outbrain is also Device type, browser type, operating system, the pages visited, the time of the visit, and referring URLs and other information normally transferred in HTTP requests. This data is regularly deleted 21 days after the last activity.
We use a service of Outgrow (Outgrow., 401 Park Ave, 10th Floor, New York 10016) to enhance the experience of our users with appealingly designed forms. The legal basis is Art. 6 para. 1 lit. f GDPR or the equivalent provision under UK law . Our legitimate interest lies in being able to offer you a visually optimised presentation of our website. Outgrow requires access data (IP address) and input data, as well as technical data which we require for the proper technical functioning and maintenance of our service.
The legal basis is your consent according to Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law.
To create interfaces between programs and to enable an automated process for different applications, we use the cloud service Zapier on our website, which is operated by Zapier Inc. (548 Market St #62411, San Francisco, California 94104, USA). Customer data, with the exception of payment data, can be transmitted. The storage of data transmitted to Zapier within the scope of order processing is for a maximum period of seven (7) days. The utilization of Zapier is in the interest of an efficient structuring of the tools we use. This constitutes a legitimate interest within the meaning of Article 6 para. 1 lit. f GDPR.
You have the following rights concerning us regarding your personal data.
16.1 General Rights You have the right of access (Art. 15 GDPR or the equivalent provision under UK law), rectification (Art. 16 GDPR or the equivalent provision under UK law) and erasure (Art. 17 GDPR, or the equivalent provision under UK law) of your data transmitted to us. In addition, you also have the right to data portability (Art. 20 GDPR or the equivalent provision under UK law) and restriction of processing (Art. 18 GDPR, or the equivalent provision under UK law). If the processing is based on your consent (Art. 6 para. 1 lit. a GDPR or the equivalent provision under UK law), you have the right to withdraw this consent with effect for the future (Art. 21 GDPR or the equivalent provision under UK law).
As a rule, you can assert your rights informally and without giving reasons. It may be that in individual cases, a copy of an identity document is required for identification purposes in order to clearly assign the stored data to your person and prevent improper requests for information. Information that is not necessary to establish your identity should blackened by you; you will be informed separately about that. The data on the ID or passport copy is subject to strict earmarking. They are therefore used by us exclusively for identity verification, but are not included in our database. Once your identity has been established, the proof is deleted from our data.
16.2 Rights in data processing following a legitimate interest
Pursuant to Art. 21 para. 1 GDPR, you have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data on the basis of Art. 6 para. 1 lit. e GDPR or the equivalent provision under UK law (data processing in the public interest) or on the basis of Article 6 para. 1 lit. f GDPR (data processing to safeguard a legitimate interest), including profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights, and freedoms, or the processing is for the purpose of asserting, exercising, or defending legal claims. Please note that, if you object, you may no longer be able to use our products, as data processing might be required for their use.
16.3 Rights related to direct advertising
If the personal data that concerns you are being processed for direct marketing purposes, in accordance with Art. 21 para. 2 GDPR you have the right to refuse this processing at any time.; this also applies to profiling, insofar as it is associated with such direct marketing. In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
16.4 Right to complain to a supervisory authority In accordance with Art. 77 I GDPR, you have the right to complain about the processing of your data to a data protection supervisory authority ( responsible: Friedrichstr. 219, 10969 Berlin)
This data protection declaration is continuously adapted in the course of the further development of the Internet or our offer. Please check this statement regularly for any changes. We will inform you of any significant changes in good time.
17.2 Links to other websites
browsing experience. By surfing this website you agree to our use of