Privacy policy

Thank you for your interest in the information on our website!

 

This privacy policy aims to inform our website users about the nature, scope, and purpose of processing personal data.
In this context, personal data refers to any information that could identify you personally as a website user, including but not limited to your IP address and information stored in cookies.

 

In the general section of this privacy policy, we provide details on data protection that apply broadly to our data processing activities, including data collection on our website.
Specifically, you, as a data subject, will be informed of your rights..

 

The terminology used and our data protection practices align with the regulations of the EU General Data Protection Regulation (GDPR) and other relevant national legislation

 

Data Controller within the meaning of the GDPR

Kofferworld.de online-Vertriebs GmbH
A 100% subsidiary of Hallerstede GmbH & CO.
KGFN HRB 201603
Lange Str. 19
26122 Oldenburg
Germany
E: info@kofferworld.com
T: +49 441 219 751 919
F: +49 441 243 09

No Data Protection Officer has been appointed, as this is not legally required.
Data Protection Coordinator: Mr. Maximilian Hallerstede

Data Collection on Our Website

Personal data is collected in two ways: when you explicitly provide it to us and when data, especially technical data, is automatically collected during your visit to our website.
Part of this data is collected to ensure that our website functions without errors.
Other data may be used for analytical purposes.
However, you can generally use our website without providing any personal information..

Learn more about the technologies used on our website:

Technologies on Our Website

Amazon Pay

On our website, we offer the option to make payments via Amazon Pay, provided by Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg (“Amazon Pay”).

When using Amazon Pay, personal data such as your first name, last name, address, email address, and phone number will be transferred to us to enable payment processing.
This data processing is based on our legitimate interest in offering a secure and efficient payment method (Art.
6 Para.
1 lit.
f GDPR) to fulfill the contract with you (Art.
6 Para.
1 lit.
b GDPR).
We only share the necessary data required to perform the contract (Art.
6 Para.
1 lit.
b GDPR)..

Amazon Pay reserves the right to conduct a credit check to ensure your creditworthiness and ability to pay. This is based on Amazon Pay’s legitimate interest (Art. 6 Para. 1 lit. f GDPR) and assists us in fulfilling our contract with you (Art. 6 Para. 1 lit. b GDPR). For this purpose, Amazon Pay may forward your data to credit agencies and online merchants. Additionally, your data may be used for interest-based advertising and marketing purposes by Amazon Pay if you have given consent in your account settings at amazon.de/adprefs.

We have no control over the payment process conducted by Amazon Pay and only receive the result of the transaction, indicating whether the payment was successful or declined.
Amazon Pay acts as an independent data controller in this context..

For more information on how to object to or stop Amazon Pay’s data processing, please visit pay.amazon.de/help/201212490.

Your data will be stored by us until the completion of the payment transaction, including the period required for refund processing, debt management, and fraud prevention

WEBGAINS

We participate in the WEBGAINS marketing partner program by ad pepper media GmbH, FrankenStraße 150C, FrankenCampus, 90461 Nuremberg, Germany ("WEBGAINS").

As part of its tracking services, WEBGAINS stores cookies on the devices of users who visit or use websites or other online offerings of its clients (e.g., register for a newsletter or place an order in an online shop) to document transactions (e.g., leads and sales). These cookies are solely used to ensure the correct attribution of the success of an advertisement and the corresponding billing within its network.

The cookie only stores information about when a particular advertisement was clicked on from a device. The WEBGAINS tracking cookies contain an individual sequence of numbers that cannot be attributed to a specific user. This sequence documents the advertiser's partner program, the publisher, and the timing of the user’s action (click or view). Additionally, WEBGAINS collects information about the device used for the transaction, such as the operating system and the browser being used.

Further information on how WEBGAINS uses data can be found in their privacy policy at https://www.webgains.com/public/de/datenschutzerklaerung/.

Klaviyo

We send newsletters, emails, and other electronic notifications (hereinafter referred to as “Newsletters”) exclusively with the recipient’s consent or on a legal basis.
If specific contents of the newsletter are mentioned as part of a newsletter subscription, these contents are relevant to the user’s consent.
Normally, providing your email address is sufficient for subscribing to our newsletter.
To provide a personalized service, we may request your name for a personalized greeting in the newsletter or other information, if necessary for the newsletter’s purpose..

Deletion and Restriction of Processing: We may store unsubscribed email addresses for up to three years based on our legitimate interests to demonstrate prior consent. The processing of this data is limited to defending against potential claims. An individual deletion request is possible at any time, provided the former existence of consent is simultaneously confirmed. In cases where we are required to observe objections permanently, we reserve the right to store the email address solely for this purpose in a suppression list (a so-called “block list”).

The logging of the registration process is carried out based on our legitimate interests to ensure a lawful process.
If we engage a service provider to send emails, this is based on our legitimate interests in using an efficient and secure mailing system..

Contents: Information about us, our services, promotions, and offers.

• Data Types Processed: Customer data (e.g., full name, address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); meta-, communication-, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons). Usage data (e.g., page views and time spent, click paths, usage frequency and intensity, device types, and operating systems, interactions with content and features).
• Affected Persons: Communication partners.
• Purposes of Processing: Direct marketing (e.g., by email or post); reach measurement (e.g., access statistics, identification of returning visitors); marketing, audience building.
• Legal Bases: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
• Opt-Out Option: You can unsubscribe from our newsletter at any time, i.e., revoke your consent or object to further receipt. A link to unsubscribe from the newsletter is found at the end of each newsletter or use any of the contact options provided above, preferably email.

Further Notes on Processing Processes, Procedures, and Services:

• Measuring Opening and Click Rates: The newsletters contain a so-called "web beacon," i.e., a pixel-sized file retrieved from our or the server of a service provider when the newsletter is opened. During this retrieval, technical information such as details about the browser and system, your IP address, and the time of retrieval are initially collected. These data are used for technical improvement of our newsletters based on technical data, the target audiences, and their reading behavior. This analysis also includes determining if and when the newsletters are opened and which links are clicked. These evaluations help us recognize users' reading habits and tailor our content to them, or send different content based on their interests. Measuring opening and click rates and storing the measurement results in user profiles and their further processing is based on user consent. Unfortunately, separate withdrawal of performance measurement is not possible; in this case, the entire newsletter subscription must be canceled or objected to. In this case, the stored profile information will be deleted; legal bases: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR).
• Sending via SMS: The electronic notifications can also be sent as SMS text messages (or exclusively via SMS if the authorization to send only covers SMS); legal bases: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR).
• Klaviyo: Email and SMS marketing platform; service provider: Klaviyo, 225 Franklin St., Boston, Massachusetts 02110, USA; legal bases: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR); Website: https://www.klaviyo.com/; Privacy policy: https://www.klaviyo.com/legal/privacy-notice. Framework for third-country transfers: EU/EWR - Data Privacy Framework (DPF), Switzerland - Data Privacy Framework (DPF).

 

Promotional Communication via Email, Post, Fax, or Telephone

We process personal data for purposes of promotional communication, which may occur through various channels, such as email, telephone, post, or fax, in compliance with legal regulations

Recipients have the right to revoke their consent at any time or to object to promotional communication at any time

Following a revocation or objection, we store the data necessary to prove prior authorization for contact or transmission for up to three years from the end of the year in which the revocation or objection was made, based on our legitimate interests.
The processing of this data is restricted to defending against potential claims.
Furthermore, based on our legitimate interest in observing users' revocation or objection permanently, we store the data necessary to prevent renewed contact (e.g., depending on the communication channel, the email address, phone number, or name)..

• Types of Data Processed: Customer data (e.g., full name, address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., text or image messages and posts, as well as related information, such as authorship and time of creation); usage data (e.g., page views and time spent, click paths, frequency and intensity of use, device types and operating systems, interactions with content and functions); meta-, communication-, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).
• Affected Persons: Communication partners.
• Purposes of Processing: Direct marketing (e.g., via email or post); marketing; promotion; reach measurement (e.g., access statistics, identification of returning visitors); audience building.
• Retention and Deletion: Deletion as specified in the section "General Information on Data Storage and Deletion."
• Legal Bases: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

• Klaviyo: Email and SMS marketing platform; service provider: Klaviyo, 225 Franklin St., Boston, Massachusetts 02110, USA; legal bases: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR); Website: https://www.klaviyo.com/; Privacy policy: https://www.klaviyo.com/legal/privacy-notice. Framework for third-country transfers: EU/EWR - Data Privacy Framework (DPF), Switzerland - Data Privacy Framework (DPF).

 

Cookies and Local Storage

We use cookies on our website to make our online presence more user-friendly and functional.
Some cookies remain stored on your device..

Cookies are small data packets exchanged between your browser and our web server when you visit our website.
They do not cause any harm and only serve to recognize website visitors.
Cookies can only store information that your browser supplies, i.e., information you have entered into the browser or that is present on the website.
Cookies cannot execute code and cannot be used to access your device..

When you revisit our website with the same device, the information stored in cookies can be either sent back to us (“first-party cookies”) or to a third-party web application to which the cookie belongs (“third-party cookie”).
The respective web application recognizes that you have previously visited the website using your browser..

Cookies contain the following information:

• Cookie name
• Name of the server from which the cookie originated
• Cookie ID number
• Date on which the cookie will be automatically deleted

Depending on their purpose and function, we categorize cookies as follows:

• Technically necessary cookies to ensure the technical operation and basic functionality of our website. For instance, these cookies retain your settings while you navigate the website, or they keep essential information during your session (e.g., login, shopping cart).
• Statistics cookies to understand how visitors interact with our website by collecting and analyzing information anonymously. This provides valuable insights to help us optimize the website as well as our products and services.
• Marketing cookies to enable targeted advertising activities for users on our website.
• Unclassified cookies are cookies that we are currently working to classify together with individual cookie providers.

Depending on their storage duration, we also classify cookies into session and persistent cookies. Session cookies store information used during your current browser session. These cookies are automatically deleted when you close the browser. Persistent cookies store information between visits to the website. These allow you to be recognized as a returning visitor, and the website reacts accordingly. The lifespan of a persistent cookie is determined by its provider.

The use of technically necessary cookies is based on our legitimate interest in ensuring the flawless operation and smooth functionality of our website.
Our website cannot function correctly without these cookies.
The use of statistics and marketing cookies requires your consent.
You may withdraw your consent to the use of cookies at any time with future effect.
Consent is voluntary, and no disadvantages arise if it is not granted.
Additional information about the specific cookies we use (particularly regarding their purpose and storage duration) can be found in this privacy policy and in the information about cookies in our cookie banner..

You can also set your Internet browser to generally prevent the storage of cookies on your device or to prompt you each time to agree to the use of cookies.
You can delete previously set cookies at any time.
Instructions on how to do this can be found in your browser’s help function..

Please note that a general deactivation of cookies may result in limitations to the functionality of our website

On our website, we also use Local Storage functions (also known as "local storage"). Data is stored locally in your browser’s cache, which persists even after closing the browser – unless you delete the cache or it is session storage. Third parties cannot access data stored in local storage. Specific plugins or tools using local storage functions are described in the respective plugin or tool section.

If you do not wish for plugins or tools to use local storage functions, you can control this in your browser settings.
However, please be aware that doing so may result in functional limitations..

Google Analytics

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC (USA)Purpose: Web analytics, performance measurement, conversion tracking, data collection for statistical purposesCategory: StatisticsRecipients: EU, USAData Processed: IP address, details on website visits, user dataAffected Parties: Website usersTechnology: JavaScript, cookiesLegal Basis: Consent, Data Privacy Framework, Google DPF certificationWebsite: www.google.comFurther Information: Google Privacy Policy, Google Safety Principles, Google Ads Processor Terms

Our website uses Google Analytics to analyze user behavior and optimize our online presence.
Google-provided reports serve to assess our website’s performance and evaluate the success of campaigns conducted through our platform.
Google Analytics employs cookies to analyze how visitors use our site..

Information such as browser type/version, operating system, referring page, hostname of the accessing computer (IP address), and the server request time are generally transmitted to and stored on a Google server.
We have entered into an agreement with Google to process this data on our behalf.
According to Google, the IP address provided by your browser is not merged with other data held by Google..

We use Google Analytics with IP anonymization enabled by default, meaning Google truncates the user’s IP address within EU member states or other parties to the Agreement on the European Economic Area.
Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
As stated by Google, the IP address collected in the context of Google Analytics will not be linked to other data held by Google..

During a website visit, user behavior is recorded as events, which may include:

• Pageviews and user click paths
• First-time visit to our website
• Pages visited
• Session start
• Interaction with our website
• User behavior (e.g., clicks, scrolling, time spent, bounce rates)
• File downloads
• Viewed or clicked ads
• Interaction with videos
• Internal searches conducted

Additional data recorded includes:

• Approximate location (region)
• Date and time of visit
• IP address (truncated)
• Technical information about the browser or device used (e.g., language settings, screen resolution)
• Internet provider
• Referrer URL (indicating the website or advertisement that directed the user to our site)

This data is processed by Google primarily for profiling purposes, which is outside our control.
Google Analytics gives us control over data retention, and we have chosen the shortest retention period available that meets our needs..

Google Fonts

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC (USA), Google DPF certificationPurpose: Embedding fontsCategory: StatisticsRecipients: EU, USA (potentially)Data Processed: IP address, language settings, screen resolution, browser version, and nameAffected Parties: Website visitorsTechnology: JavaScriptLegal Basis: Consent, Data Privacy FrameworkWebsite: www.google.comFurther Information: Google Fonts FAQ, Google Privacy Policy, Google Data Center Locations

Our website utilizes Google Web Fonts for uniform font representation.
To display Google Web Fonts, your browser connects to Google’s servers, notifying Google of your visit to our website through your IP address.
If your browser does not support Web Fonts, a standard font is used..

Each request for a Google Font transmits information such as the IP address, language settings, screen resolution, browser version, and browser name to Google’s servers, enabling Google to gauge font popularity and publish the results on internal analytics pages (e.g., Google Analytics). We use Google Fonts to enhance website quality, as these fonts are automatically optimized for web performance, reducing data load and improving load times for mobile devices. 

Google Marketing Platform / Google Ad Manager

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC (USA)Purpose: Personalized advertising, conversion tracking, remarketing, campaign performance measurementCategory: MarketingRecipients: EU, USAData Processed: IP address, website visit details, user dataAffected Parties: UsersTechnology: JavaScript, cookiesLegal Basis: Consent, Data Privacy Framework, Google DPF certificationWebsite: www.google.comFurther Information:Google Privacy PolicyGoogle Safety PrinciplesGoogle Ads Processor TermsLocation of Google Data Centers: Google Data Center Locations

Our website utilizes Google Ads to promote our products and services.
Google Ads is Google’s proprietary online advertising system.
We aim to determine if an interested visitor ultimately becomes a customer, which is facilitated through conversion tracking.
Additionally, we seek to retarget and re-engage visitors, a process known as remarketing (or retargeting)..

Google Ads serves both conversion tracking and remarketing purposes.
We can track the actions taken after a user clicks on one of our ads.
To function effectively, this service employs cookies, and users are sometimes added to remarketing lists to be targeted with specific ad campaigns.
This is done using a pseudonymous identifier (pID) assigned to a user’s browser.
This pID helps identify which ads a user has already seen and interacted with.
The data is used for cross-website ad placements, allowing Google to identify the visited pages..

Our goal is to reach visitors genuinely interested in our offerings using Google Ads.
Conversion tracking data enables us to measure the effectiveness of individual marketing efforts and optimize our web presence for users.
Conversions can be measured with the help of cookies..

The generated information is transmitted to a Google server in the USA and stored there for analysis.
Google only transfers data to third parties when required by law or within data processing agreements.
Under no circumstances does Google link user data with other data collected by Google..

Google Tag Manager

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC (USA)Purpose: Management of tools and pluginsCategory: Technically NecessaryRecipients: EU, USAData Processed: IP addressAffected Parties: UsersTechnology: JavaScriptLegal Basis: Legitimate Interest, Data Privacy Framework, Google DPF certificationWebsite: www.google.comFurther Information:Google Privacy PolicyGoogle Safety PrinciplesGoogle Ads Processor TermsLocation of Google Data Centers: Google Data Center Locations

Our website uses Google Tag Manager.
This service allows us to manage website tags through an interface, enabling us to incorporate code snippets such as tracking codes or conversion pixels without modifying the source code.
Data is merely forwarded by the Tag Manager and is neither collected nor stored.
The Tag Manager itself is a cookie-free domain and does not process personal data, serving purely to manage other services on our online platform..

When the Google Tag Manager is activated, the browser connects to Google’s servers, primarily located in the USA.
This connection informs Google that our website was accessed via a user's IP address..

The Tag Manager triggers other tags that may collect data. However, the Tag Manager does not access this data itself. If deactivation has been performed on a domain or cookie level, it applies to all tracking tags implemented with the Tag Manager. 

Hosting by Shopify

We use the Shopify platform, provided by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”), to host and display our online shop based on data processing carried out on our behalf.
All data collected on our website is processed on Shopify's servers.
As part of Shopify’s services, data may also be transferred for further processing to Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada; Shopify Data Processing (USA) Inc.; Shopify Payments (USA) Inc.; or Shopify (USA) Inc.
If data is transferred to Shopify Inc.
in Canada, the European Commission’s adequacy decision guarantees appropriate data protection standards.
Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., and Shopify (USA) Inc.
are certified under the EU-US Privacy Shield Framework, ensuring adherence to EU data protection standards..

For more details on Shopify’s data privacy practices, visit: Shopify Privacy PolicyAny further processing on servers other than those specified above only occurs within the framework detailed below.

Contacting Us

Our website provides multiple ways to contact us.
When you reach out to us, we process the information provided to handle and respond to your inquiry, fulfilling pre-contractual rights and obligations.
This data processing is essential for us to address your inquiry; without it, we may be unable to respond fully or at all.
In certain cases, the information may also be stored in a customer and prospect database based on our legitimate interest in direct marketing..

We delete your inquiry and related contact data once it has been fully addressed, provided that no legal retention obligations apply (e.g., due to a subsequent contract).
Generally, this is the case if we have had no ongoing contact with you for three consecutive years..

Meta Pixel

Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, Parent Company: Meta Platforms, Inc. (USA)Purpose: Web analysis, tracking (conversion)Category: MarketingRecipients: EU, USAData Processed: IP address, user data, website visit informationAffected Parties: UsersTechnology: JavaScript, cookiesLegal Basis: Consent, Data Privacy Framework, Meta DPF certificationWebsite: www.facebook.comFurther Information:Meta Privacy PolicyMeta Ads Help

Our website uses Meta Pixel, a service by Facebook, to analyze, optimize, and improve the economic performance of our online offerings.
Meta Pixel allows Meta to identify visitors to our website as a target audience for personalized ads.
We use Meta Pixel to display ads only to users who have shown an interest in our online offerings or who meet specific criteria (e.g., interests in certain topics or products, as determined by their visits to certain websites) that we communicate to Meta (so-called “Custom Audiences”).
Meta Pixel also helps us ensure that our Meta ads align with user interests without being intrusive and allows us to measure the effectiveness of Meta ads for statistical and market research purposes by tracking if users who clicked on a Meta ad were redirected to our website (so-called “conversion”)..

Your actions are stored in one or more cookies, allowing Meta to match your user data (such as IP address, user ID) with your Facebook account data.
The collected data remains anonymous to us, and we can only use it for advertising purposes.
You can prevent linking with your Facebook account by logging out before performing any actions..

To control which types of ads are displayed to you on Facebook, you can visit the settings page provided by Meta and follow the instructions on setting preferences for personalized ads: Facebook Ad SettingsSettings are applied across platforms and will be maintained for all devices, including desktop computers and mobile devices.

Microsoft Advertising

Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USAPurpose: User analysis, conversion measurementCategory: StatisticsRecipients: USAData Processed: IP address, website visit informationAffected Parties: UsersTechnology: JavaScript, cookiesLegal Basis: Consent, EU-US Data Privacy Framework, Microsoft DPF certificationFurther Information:Microsoft Privacy StatementEU Model ClausesHelp on AdsOpt-Out Option: Microsoft Ad Settings

Our website uses Microsoft Advertising (formerly Bing Ads) to analyze and optimize its economic performance.
Microsoft Advertising sets cookies on users' devices to analyze behavior on our website.
This requires users to arrive on our site through a Microsoft Advertising ad, allowing us to gather information on the total number of users who clicked on such an ad, were redirected to our website, and reached a specific target page (conversion measurement).
No IP addresses or personal details about user identity are stored..

Microsoft operates its servers globally, most of which are located in the USA.
Microsoft retains data as long as necessary for providing its services and products or for legal purposes..

Microsoft Clarity

Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland; Parent Company: Microsoft Corporation, 1 Microsoft Way, Redmond, WA 98052 USAPurpose: Usability testing, usage statistics generationCategory: StatisticsRecipient Countries: EU, Third Country (USA)Data Processed: IP address, user behavior, website usage informationAffected Parties: Website usersTechnology: JavaScript, cookiesLegal Basis: Consent, EU-US Data Privacy Framework certification, Swiss-US Data Privacy Framework, UK Extension to EU-US Data Privacy Framework, Standard Contractual Clauses (SCC)Website: Microsoft ClarityFurther Information:Microsoft Privacy StatementClarity TermsEU Model Clauses

We use Microsoft Clarity for statistical analysis of our website’s usage, employing tools such as heatmaps, session replays, and usage reports to gain insights into user behavior and optimize our website.
Microsoft Clarity uses cookies and a tracking code executed when this service is activated.
Information collected, such as IP address, location, time, and frequency of website visits, is transferred to Microsoft (usually stored on EU and US servers) for analysis and stored there.
This data is used to generate anonymous usage statistics, which Microsoft may also use for advertising and other services related to internet and website usage..

We use Microsoft Clarity with the anonymization feature, where Microsoft truncates IP addresses within the EU/EEA

Newsletter

Our website offers users the option to register for a newsletter that provides information on our products, services, related information, offers, or promotions.
Newsletter consent follows a “double opt-in” process, meaning you will receive an email to confirm your registration.
This confirmation is necessary to ensure that no one can register using another person's email.
Registrations are documented per Art.
6(1)(f) GDPR, based on our legitimate interest in documenting consent.
This includes saving the time and date of both registration and confirmation and the IP address.
Any changes to stored data are also documented..

The newsletter is sent based on your consent under Art.
6(1)(a) GDPR or, where consent is not required, on our legitimate interest in direct marketing similar products and services as per Art.
6(1)(f) GDPR.
If consent was not previously given, we may send a newsletter if we obtained your email address from a previous transaction.
In this case, the newsletter will relate to similar products or services, and you will have been given the option to opt-out..

You may unsubscribe from the newsletter at any time, withdrawing consent with future effect under Art.
7(3) GDPR or by objecting to the processing.
An unsubscribe link is included in each newsletter, or you can email us directly.
After unsubscribing, we retain your email address for up to three years based on our legitimate interest under Art.
6(1)(f) GDPR to document previously given consent..

Newsletter Service Provider

Our newsletters are sent using the specified mailing service provider.
The provider processes data on our behalf based on a written data processing agreement per Art.
28 GDPR.
This provider may use recipient data in pseudonymous form to optimize its services, such as for technical optimization of sending and displaying newsletters or for statistical purposes.
However, the provider does not use our subscribers' data to contact them directly or share it with third parties..

Newsletter Tracking

Please note that we analyze user behavior when sending newsletters.
These emails contain web beacons or tracking pixels, stored by us.
Data and web beacons are linked to your email address, and links in newsletters also contain tracking IDs.
The legal basis for this is Art.
6(1)(f) GDPR..

This information is retained as long as you are subscribed to the newsletter.
After unsubscribing, we store this data solely for statistical and anonymous purposes..

If images are disabled by default in your email program, this tracking does not occur.
In such cases, the newsletter may not display fully, and some features may not be available.
When you manually enable images, tracking resumes as described above..

Pinterest Conversion Tracking (Marketing)

Provider: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland ("Pinterest")Purpose: Tracking (conversion)Category: MarketingRecipients: EU, USA (potentially)Data Processed: IP address, website visit detailsAffected Parties: Website visitorsTechnology: JavaScript, cookiesLegal Basis: ConsentWebsite: PinterestFurther Information: Pinterest Privacy Policy

Our website uses the conversion tracking service provided by Pinterest, operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (“Pinterest”). Note: This service may involve data transfers to the USA or a similar possibility. Please note that as of July 10, 2023, the European Commission issued an adequacy decision per Art. 45(1) GDPR for the EU-US Data Privacy Framework. Organizations and companies in the USA, registered under the Data Privacy Framework, are recognized to provide an adequate level of data protection. You may check the current certification status of this provider here.

This technology allows us to display relevant ads and offers on Pinterest to website visitors who are Pinterest members and have previously shown interest in our content and offerings.
We integrate a conversion tracking pixel on our website, informing Pinterest that you have visited our website and indicating which parts of our offerings you have viewed..

Using this service requires your consent under Art. 6(1)(a) GDPR, which can be withdrawn at any time with future effect. You can opt out of interest-based ads on Pinterest in your Pinterest account settings at Pinterest Settings (under “Personalization”) or by following the instructions here.

For more on Pinterest’s data privacy, see the Pinterest Privacy Policy.

 

Server Log Files

For technical reasons, especially to ensure a functional and secure website, we process technically necessary data regarding access to our website in so-called server log files, which your browser automatically transmits to us. The access data we process includes:

• Name of the accessed website
• Browser type and version
• Operating system of visitors
• Previously visited page (referrer URL)
• Time of server request
• Data volume transferred
• Hostname of the accessing computer (IP address used)

This data is not associated with specific individuals and serves only for statistical analysis, website operation, improvement, security, and optimization of our online presence.
This data is only transmitted to our website host.
No connection or combination of this data with other data sources takes place.
If illegal website usage is suspected, we reserve the right to retrospectively review this data.
Data processing is based on our legitimate interest in ensuring an error-free website presentation and optimizing our website..

The access data is promptly deleted after fulfilling its purpose, usually within a few days, unless further storage is required for evidence.
In such cases, the data is retained until the incident is fully resolved..

SmartAdServer

Our website uses SmartAdServer, provided by SmartAdServer GmbH, Mehringdamm 33, 10961 Berlin, Germany.SmartAdServer is a service that manages the delivery of ad campaigns, collecting statistical data from users to track campaign performance and improve outcomes.

SmartAdServer uses cookies that contain only an anonymous user ID to deliver ads relevant to you. Your data processing is based on your consent per Art. 6(1)(a) GDPR. You can opt out of this service by clicking here: SmartAdServer Opt-Out.Further information on this service is available in SmartAdServer’s privacy notice.

SSL Encryption

For your visit to our website, we use the widespread SSL (Secure Socket Layer) protocol combined with the highest level of encryption supported by your browser.
You can recognize that a specific page on our website is being transmitted in encrypted form by the closed depiction of the key or lock symbol in your browser's status bar.
This protocol is used based on our legitimate interest in employing appropriate encryption techniques..

Additionally, we employ suitable technical and organizational security measures to protect your data from accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.
Our security measures are continuously improved and kept up to date according to technological advancements..

TikTok Pixel

Our website uses the TikTok Pixel from the social network TikTok, operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. The parent company of TikTok is based in China.Important: This service may involve data transfers to China, or such transfers cannot be ruled out.

With the TikTok Pixel, TikTok can identify visitors to our online offering as a target audience for displaying ads (so-called "TikTok Ads").
Accordingly, we use the TikTok Pixel to display our TikTok ads only to those TikTok users who have shown interest in our online offerings or who meet certain criteria (e.g., interest in specific topics or products based on the pages visited) that we provide to TikTok (so-called “Custom Audiences”)..

With the TikTok Pixel, we can also ensure that our TikTok Ads align with user interests and avoid being intrusive.
Additionally, we can measure the effectiveness of TikTok ads for statistical and market research purposes by tracking if users who clicked on a TikTok ad were redirected to our website (so-called “Conversion”)..

Data processing by TikTok occurs under TikTok’s Data Usage Policy.Detailed information on the TikTok Pixel and its functionality can be found in TikTok’s Help Center.

The use of the TikTok Pixel and the storage of “conversion cookies” are based on your consent under Art.
6(1)(a) GDPR, which you can withdraw at any time.
For cases where TikTok acts as a data processor on our behalf, we have entered into a data processing agreement with TikTok, obligating them to protect customer data and refrain from sharing it with third parties..

Trusted Shops

Our website includes the Trusted Shops Trustbadge to display our Trusted Shops seal of approval and, if applicable, any collected reviews, as well as to offer Trusted Shops products to buyers following an order.
This inclusion is based on the fulfillment of our and Trusted Shops' overriding legitimate interest in providing buyer protection services linked to the specific order and transactional rating services in accordance with Art.
6(1)(f) GDPR.
Further details, including information on how to object, are available in the Trusted Shops privacy policy linked in this Trustbadge..

The Trustbadge and the services promoted are provided by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany, within the framework of a processing arrangement by a CDN (Content Delivery Network) provider. Trusted Shops GmbH also uses service providers from the USA, ensuring an adequate level of data protection. More information on Trusted Shops’ privacy practices can be found here: Trusted Shops Privacy Policy.

When the Trustbadge is called up, the web server automatically saves a server log file that includes your IP address, the date and time of access, the transferred data volume, and the requesting provider (access data), and documents the access.
Individual access data is stored in a security database for security analysis purposes and automatically deleted after 90 days..

Additional personal data is transmitted to Trusted Shops GmbH if, following a purchase, you decide to use Trusted Shops products or are already registered for this purpose.
A contract with Trusted Shops governs this use.
For this purpose, personal data is automatically extracted from the order data.
To determine if a buyer is already registered for product use, a neutral parameter, hashed from the email address using a one-way cryptographic function, is used.
This hash is not decipherable by Trusted Shops.
Once the match is verified, this parameter is deleted..

Webshop with Customer Account

We process the data of our customers and contractual partners, particularly their basic data, contact information, payment data, and contract data, as part of fulfilling order transactions in our webshop.
This processing occurs to select and order the chosen products or services, as well as for payment and delivery or execution..

The purpose of processing is to provide contractual services as part of our webshop operations, billing for deliveries and services, product delivery, and service provision.
Processing is carried out to fulfill the contract under Art.
6(1)(b) GDPR and to fulfill legal retention obligations based on trade and tax laws under Art.
6(1)(c) GDPR.
Required information for contract fulfillment is marked as such in our shop system or communicated to you personally.
Data is only transmitted to third parties for providing our services (e.g., to involved transport or other auxiliary services like subcontractors or telecommunications services), processing payments (e.g., to banks, payment service providers, tax authorities or consultants), or in accordance with our legal rights and obligations, as well as our legitimate interest in pursuing legal claims in individual cases per Art.
6(1)(f) GDPR when dealing with legal advisors, courts, and authorities.
Data is only processed in third countries if essential for contract fulfillment (e.g., customer-requested delivery or payment) and if adequate data protection guarantees are in place.
Further data sharing with third parties requires your express consent under Art.
6(1)(a) GDPR..

Users can create an account to view their orders, which are not publicly visible.
If users cancel their account, the associated data is deleted unless retention is required for commercial or tax reasons as per Art.
6(1)(c) GDPR or necessary to protect our legitimate interest in enforcing rights under Art.
6(1)(f) GDPR.
Users are responsible for securing their data before the contract ends..

During registration, re-login, or use of our online services, we store the IP address and the time of each user action.
This storage is based on our legitimate interest under Art.
6(1)(f) GDPR, as well as on users’ legitimate interest in protection against misuse and unauthorized use.
Such data is not shared with third parties unless necessary to enforce claims or required by law per Art.
6(1)(c) GDPR..

Data is deleted after statutory warranty and compensation obligations or other contractual or legal requirements expire. Customers and contract partners are informed of further data processing within marketing activities separately in this privacy policy. 

YouTube

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC (USA)Purpose: Embedding video content, collecting statistical dataCategory: StatisticsRecipients: EU, USAProcessed data: IP address, website visit information, user dataAffected: UsersTechnology: JavaScript call, cookies, device fingerprinting, local storageLegal Basis: Consent, Data Privacy Framework, Participant SearchWebsite: YouTubeMore information:

• User Settings Privacy
• Google Privacy Policy
• Google Safety Principles
• YouTube Privacy FAQ

We use the YouTube service on our website to integrate external videos.
We have enabled YouTube’s enhanced privacy mode, which, according to YouTube, prevents it from storing information about visitors until they play a video.
However, data transfer to YouTube partners is not excluded by this privacy mode..

When a YouTube video starts on our website, a connection to YouTube servers is established, allowing YouTube to know which of our pages you visited.
If you are logged into your YouTube account, this enables YouTube to associate your browsing behavior directly with your profile, which can be prevented by logging out of your account..

Additionally, once a video starts, YouTube may store various cookies on your device or use similar technologies (such as device fingerprinting).
YouTube also utilizes local storage on your device to collect information about visitors.
This information helps in collecting video statistics, improving user-friendliness, and preventing fraud..

YouTube Channel

We operate a YouTube channel provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Data transfers to the USA may occur within this service, or such transfers cannot be excluded. We inform you that, as of July 10, 2023, the European Commission adopted an adequacy decision for the EU-US Data Privacy Framework, ensuring that certified organizations or companies in the US provide an adequate level of data protection. Google is certified under the Data Privacy Framework: Participant Search.

Please note that you use our YouTube channel and its features at your own risk, especially the option to interact with other users

We have no influence or control over the type and extent of data processed by Google, how data is processed and used, or its sharing with third parties.
By using Google, your personal data may be collected, transferred, stored, disclosed, and used independently of your residence in the USA, Ireland, or any other country where Google operates, as well as transferred to Google affiliates and other trusted companies or individuals processing data on Google’s behalf..

Google processes data you voluntarily provide, such as name, username, email address, and phone number, as well as content created, uploaded, or received while using the services, like photos and videos stored, documents and spreadsheets created, and comments made on YouTube videos.
Additionally, Google evaluates shared content to determine topics of interest, processes direct messages sent to other users, and can determine your location based on GPS data, wireless network information, or IP address to deliver ads or other content.
Google may use analysis tools like Google Analytics for evaluation purposes.
Should tools like these be used on our YouTube channel, we neither commissioned nor otherwise supported them..

Finally, Google also receives information when you view content, even if you don’t have an account.
Log data may include IP address, browser type, operating system, information about the previously visited website, pages accessed, location, mobile provider, device used (including device ID and app ID), search terms used, and cookie information..

You can limit data processing by adjusting your Google account’s general settings. Google also offers specific privacy settings for YouTube. For more information on using a YouTube channel, refer to Google’s Privacy Guide for Google Products.Further general information on data protection can be found in Google’s Privacy Policy.

Fraud Detection Services

As the website provider, we use fraud0, a service by fraud0 GmbH, Sendlinger Straße 7, 80331 Munich, to detect invalid and low-quality traffic and prevent fraud on our website.
fraud0 allows us to identify invalid traffic, improve online marketing efforts, clean up marketing statistics, and enhance website usability..

The data obtained from this service is used solely for analyzing and mitigating invalid and low-quality traffic.
fraud0 processes data on our behalf under a data processing agreement, ensuring data confidentiality.
fraud0 uses JavaScript pixels, and during your visit, the following data may be collected by or through this service:.

• Browser and device information, such as device type and model, manufacturer, OS type and version (e.g., iOS or Android), browser type and version (e.g., Chrome or Safari), user agent, Flash version, location data, IP address, JavaScript support, pages visited, timezone, network connection type, hardware-based identifiers (e.g., MAC address), referrer URL, number of fonts, font hash, number of plugins, plugin hash, screen height and width, color depth, platform, resolution manipulation, language or OS, ad-blocking status, and Do-not-Track status.
• End-user behavior, such as click paths, session ID, session start/stop time, timezone offset, visit date and time, and usage and behavioral data.

In our fraud0 admin interface, we receive classifications of invalid and low-quality traffic without personal data.
No data is shared with third parties unless specified in our data processing agreement.
When invalid or low-quality traffic is detected, we use our tag manager to create invalid audience lists for automatic de-targeting across major purchasing channels like GoogleAds, Facebook, DV360, etc.
fraud0 data processing continues only until classification occurs.
Data is stored for one year for further bot analysis..

No cross-website tracking occurs at any time. fraud0’s Bot Detection Service processes data based on Art. 6(f) GDPR. The website operator has an interest in classifying website users as valid or invalid traffic to prevent fraud (GDPR Recital 47) and correct website statistics by excluding invalid traffic. This improves the efficiency of our online marketing budget, enabling us to continue offering services as usual. Data processing occurs exclusively within the EU, stored on Google servers in the EU, and is not intended for transmission to Google servers in the US. Users can object to processing by fraud0 at any time. 

General Information on Data Protection

The following provisions apply not only to data collection on our website but also, in principle, to other personal data processing activities

Personal Data

Personal data refers to information that can be individually attributed to you, such as your address, name, postal address, email address, or telephone number.
Information such as the number of users visiting a website does not qualify as personal data, as it cannot be assigned to an individual..

Legal Bases for Processing Personal Data

Unless specified otherwise in this privacy policy (eg, in relation to certain technologies used), we may process your personal data based on the following legal grounds:

• Consent under Art. 6(1)(a) GDPR – The data subject has given consent to the processing of their personal data for one or more specific purposes.
• Contract Performance and Pre-Contractual Measures under Art. 6(1)(b) GDPR – Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
• Legal Obligation under Art. 6(1)(c) GDPR – Processing is necessary for compliance with a legal obligation.
• Protection of Vital Interests under Art. 6(1)(d) GDPR – Processing is necessary to protect the vital interests of the data subject or another natural person.
• Legitimate Interests under Art. 6(1)(f) GDPR – Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

Please note that, in addition to the GDPR, national data protection regulations in your or our home country may apply

Customer Advertising

We use your account information and contact details to inform you about products in our range that may be of interest to you.
Customer information/advertising is sent based on our legitimate interest in direct marketing under Art.
6(1)(f) GDPR and where legally permitted, such as in existing customer advertising under the legal provisions of § 7(3) UWG (German Unfair Competition Act).
You receive this information from us regardless of whether you have subscribed to a newsletter..

You can object to the use of your data for sending customer information at any time, without providing any reasons, under Art.
21 GDPR, and without incurring any costs other than the transmission costs according to base rates.
A link to cancel the receipt of customer information can be found at the end of each communication..

Data Sharing

For contract fulfillment under Art.
6(1)(b) GDPR, we share your data with the shipping company responsible for delivery, to the extent necessary for delivering ordered goods.
Depending on which payment service provider you choose during the ordering process, we pass on the payment data collected for this purpose to the payment institution responsible for processing the payment and, if applicable, to the payment service provider chosen by us or the selected payment service.
In some cases, the chosen payment service providers collect this data themselves if you have an account with them.
In such cases, you must log in with your access data for the payment service provider during the ordering process.
The privacy policy of the respective payment service provider applies in these cases..

Data Sharing with Shipping Service Providers

If you have given us your express consent during or after placing an order, we will share your billing and shipping address, as well as your email address and, if applicable, phone number, with the selected shipping service provider under Art.
6(1)(a) GDPR.
This allows the shipping provider to contact you before delivery to arrange delivery details..

You can revoke this consent at any time by sending a message to the contact option provided below or directly to the shipping service provider at the contact address provided below.
Once revoked, we will delete the data provided for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use it for other purposes as permitted by law, which we inform you about in this declaration..

Shipping Service Providers

• DHL Paket GmbHSträßchensweg 1053113 Bonn, Germany
• DPD Deutschland GmbHWailandtstraße 163741 Aschaffenburg, Germany

 

Data Use in Payment Processing

Identity and Credit Check When Selecting Klarna Payment Services

If you choose Klarna's payment services, we ask for your consent under Art.
6(1)(a) GDPR to share the data necessary for payment processing and an identity and credit check with Klarna.
In Germany, credit agencies listed in Klarna's privacy policy may be used for identity and credit checks.
Klarna uses the information received on the statistical likelihood of payment default to make a balanced decision about entering, executing, or ending the contractual relationship..

You can revoke your consent at any time by contacting the details provided below.
This may mean that certain payment options will no longer be available to you.
You may also withdraw your consent for this use of personal data at any time directly with Klarna (Email: datenschutz@klarna.de)..

Payment with Klarna

Your personal information is handled by Klarna in compliance with applicable data protection laws and as stated in Klarna's privacy policy. You can find detailed information here: Klarna Payments Legal & Privacy.

Installment Purchase

When selecting "installment purchase" as a payment method and granting the required data privacy consent under Art.
6(1)(a) GDPR, personal data (first name, last name, address, email, telephone number, date of birth, IP address, gender) together with transaction-related data (items, invoice amount, due dates, total amount, invoice number, taxes, currency, order date and time) are shared with our partner, Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, for the purpose of processing this payment type..

To verify the customer’s identity or creditworthiness, Klarna may perform queries and checks with public databases and credit agencies. For details on credit agencies and data processing by Klarna Bank AB, please refer to Klarna's privacy policy here: Klarna Privacy Policy.

Klarna uses information on the statistical probability of payment default to make a balanced decision on whether to initiate, perform, or terminate the contractual relationship.
You can communicate your perspective to Klarna Bank AB and contest the decision (Email: datenschutz@klarna.de)..

You may revoke consent for data sharing given during the ordering process at any time without giving reasons, with effect for the future

Automatic Identity and Credit Check for "PayPal" Payment

If you select "PayPal" as a payment method, we forward the personal customer data collected during the order to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (referred to as "PayPal") as part of payment processing. PayPal conducts a credit check when the "PayPal" payment method is chosen, using mathematical-statistical methods to calculate a score regarding the probability of default. PayPal bases its decision on whether to provide the respective payment methods on this scoring value, which is calculated using recognized scientific methods. Please refer to PayPal's privacy policy for more details: PayPal Privacy Policy.

Identity and Credit Check When Selecting "Amazon Payments"

Our website uses Amazon Payments, provided by Amazon Payments Europe s.c.a.
(38 avenue John F.
Kennedy, L-1855 Luxembourg; "Amazon Payments").
To integrate this payment service, Amazon Payments collects, stores, and analyzes data (e.g., IP address, device type, operating system, browser type, device location) when the website is accessed.
Cookies may be used for recognition purposes.
Data processing aims to offer Amazon Payments as a payment method, based on Art.
6(1)(f) GDPR and our legitimate interest in providing various customer-oriented payment options.
By selecting and using Amazon Payments, the data necessary for payment processing is transmitted to Amazon Payments to fulfill the contract with you.
This processing is based on Art.
6(1)(b) GDPR..

For more information about data processing by Amazon Payments, refer to their privacy policy here: Amazon Payments Privacy Policy.

Shop Pay (Shopify)

Payment services (technical integration of online payment methods); Service provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; Legal bases: contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR); Website: Shopify Germany; Privacy Policy: Shopify Privacy Policy. Basis for third-country transfers: Switzerland - Adequacy Decision (Ireland).

Collaboration with Data Processors

We carefully select service providers who process personal data on our behalf.
Where we commission third parties to process personal data based on a data processing agreement, this is done in accordance with Art.
28 GDPR..

Transfer to Third Countries

If we process data in a third country or transfer data to other entities as part of using third-party services or sharing data with others, this is done only for the reasons mentioned above for data sharing.
Subject to explicit consent or contractual necessity, we only process data in countries with an acknowledged level of data protection, including U.S.
processors certified under the "Privacy Shield" or based on special safeguards, such as contractual obligations via EU Commission’s Standard Contractual Clauses, certification, or binding corporate data protection rules per Articles 44 - 49 GDPR..

Data Retention Period

Unless explicitly stated otherwise when collecting data (e.g., as part of a consent declaration), we are obligated under Art.
5(1)(e) GDPR to delete personal data once it is no longer needed for the processing purpose.
Please note that legal retention obligations are a legitimate purpose for processing personal data.
We generally store data in a personally identifiable form until the end of a business relationship, the expiration of applicable warranty, guarantee, or statute of limitations periods; or until any legal disputes where the data is required as evidence are resolved; or until three years after the last contact with a business partner..

Data Subject Rights

Data subjects have the following rights:

• Right to Access (Art. 15 GDPR): You may request information about the personal data we process, including processing purposes, data categories, categories of recipients, planned retention period, and your rights to rectification, deletion, processing restriction, objection, complaint, data origin, and automated decision-making details, including profiling.
• Right to Rectification (Art. 16 GDPR): You may request the immediate correction of incorrect or completion of your stored personal data.
• Right to Deletion (Art. 17 GDPR): You may request the deletion of your stored personal data, unless processing is required for exercising the right of freedom of expression and information, fulfilling a legal obligation, public interest, or the assertion, exercise, or defense of legal claims.
• Right to Restriction of Processing (Art. 18 GDPR): You may request the restriction of processing your personal data if you dispute the accuracy of the data, the processing is unlawful, you oppose deletion, we no longer need the data, or you need the data for legal claims.
• Right to Data Portability (Art. 20 GDPR): You may receive your personal data in a structured, commonly used, machine-readable format or request its transfer to another responsible party.
• Right to Object (Art. 21 GDPR): You may object to the processing of your data based on our legitimate interest if there are reasons related to your particular situation, or if it concerns direct advertising. In the latter case, you have a general right to object, implemented without specifying a situation.
• Right to Withdraw Consent (Art. 7(3) GDPR): You may revoke your previously given consent anytime, which will prevent us from continuing the data processing based on that consent. You may, for instance, withdraw consent for cookie use on our website with future effect by adjusting your cookie settings.
• Right to Lodge a Complaint (Art. 77 GDPR): If your data is unlawfully processed by us, you may file a complaint with a supervisory authority, typically at your place of residence, workplace, or our company headquarters.

Exercising Your Rights

You have control over the use of your personal data.
If you wish to exercise any of the above rights, please contact us via email at info@kofferworld.de or by mail or telephone.
To help us process your request, please include a copy of a government-issued photo ID for verification and provide details about your relationship with us (e.g., employee, applicant, visitor, supplier, customer) and the time frame involved..

Data Protection

We prioritize the security of your personal data and implement appropriate technical and organizational measures per Art.
32 GDPR, considering the latest technology, implementation costs, and the nature, scope, circumstances, and purposes of processing.
These measures ensure confidentiality, integrity, and availability of data by controlling physical access, data access, input, transfer, and separation.
We also have procedures to ensure data subjects’ rights, data deletion, and response to data risks, and we consider data protection by design and by default according to Art.
25 GDPR.
Our data processors are held to these security standards as well..

Customer Marketing

We use your account and contact information to inform you about products of interest in our catalog, based on our legitimate interest in direct marketing per Art.
6(1)(f) EU GDPR, where legally permitted, as in existing customer advertising under § 7(3) UWG.
You may receive this information regardless of newsletter subscription status.
You can object to receiving such information anytime without reason under Art.
21 EU GDPR, with no cost beyond standard transmission charges.
A cancellation link is provided in each communication..

Policy Updates

As developments or legal requirements change, we may occasionally update this privacy policy.
The current policy is available for viewing and printing on this page at any time..

For data protection questions, contact us at info@kofferworldde or via the contact details in this privacy policy

About Cookies

Cookies are small text files stored on your device by your browser when visiting a website.
They are harmless and are used only to recognize returning visitors.
The stored information may be sent back to the website ("First Party Cookie") or another website associated with the cookie ("Third Party Cookie")..

You can configure your browser to prevent cookies from being stored generally or to prompt you each time if you agree to cookies. You can also delete stored cookies anytime. For guidance on managing cookies, refer to your browser’s help function or consult the link for instructions on Firefox, Microsoft Internet Explorer, and Google Chrome: http://www.meine-cookies.org/cookies_verwalten/index.html.