Legal notice Terms Right to withdraw

Data Protection


Privacy Policy

Besides providing online services, we offer a mobile app that you can download onto your mobile device. In the following, we provide information on how personal data is collected when you use our mobile app or contact us by e-mail or by phone. Personal data is all data that can be personally related to you, e.g. your name, address, email addresses and user behaviour.

 

Name and contact information of the controller and the data protection officer

The controller within the meaning of Art. 4(7) EU General Data Protection Regulation (GDPR) is Sportspar GmbH, Gustav-Adolf-Ring 7, 04838 Eilenburg (Germany), tel. +49 (0) 3423 7007-0, e-mail kontakt@sportspar.de; please refer to our statutory information page at https://www.sportspar.com/legal-notice.

Our data protection officer, lawyer Mr. Christian Krösch, Königsbrücker Straße 76, 01099 Dresden (Germany), can be contacted by phone on +49 (0) 351 563 406 70 or by e-mail at datenschutz@slk-rechtsanwaelte.de.

 

General information on the collection and transfer of personal data and the period for which it is stored

We process your personal data in compliance with the provisions in the GDPR, the Federal Data Protection Act (BDSG) and all other relevant legislation.

Your personal data is primarily processed for the purpose of establishing and fulfilling a contractual relationship with you. When you contact us by email, by phone or using a contact form, we store the data you give us (your email address, your name and phone number if applicable) for the purpose of responding to your queries. The principal legal basis for this is Art. 6(1)(b) GDPR. Moreover, if you give us your consent separately as per Art. 6(1)(a) and Art. 7 GDPR, this may be understood under data protection law as permission to process your personal data. We also process your data in order to meet our legal obligations, particularly those incumbent on us under commercial and fiscal law. The legal basis for this processing is Art. 6(1)(c) GDPR. If necessary, we also process your data on the basis of Art. 6(1)(f) GDPR in order to pursue our legitimate interests or those of third parties.

Your personal data will not be disclosed to any third party for purposes other than those specified below. We only disclose your personal data to third parties if you have expressly consented to us doing so pursuant to Art. 6(1)(a) GDPR, if the disclosure of your personal data is necessary to establish, exercise, or defend legal claims pursuant to Art. 6(1)(f) GDPR and there is no reason to assume that you have an overriding interest in the non-disclosure of your data that is worthy of protection, if your data has to be disclosed to fulfil a legal obligation as per Art. 6(1)(c) GDPR, or if the disclosure of your data is permitted by law and necessary for the performance of a contract to which you are a party, as described in Art. 6(1)(b) GDPR.

If we use contracted service providers for individual components of our offering, or if we wish to use your data for advertising purposes, we will inform you in detail about the respective processes as described below. We will also specify the criteria determining the period for which your data will be stored.

We will erase your personal data as soon as it is no longer required for any of the purposes set out below. After the contractual relationship with you has expired, we will retain your personal data for as long as the law obliges us to do so. This is regularly the case in connection with the statutory retention periods and obligations to produce evidence specified for example in the Commercial and Fiscal Codes. The retention periods stipulated in this legislation can be up to ten years. Personal data may also be retained for the period in which claims can be brought against us (statutory limitation period of three or up to thirty years).

 

Collection of personal data when using our mobile app

Downloading and using the app

When you download the mobile app, the necessary information is transmitted to the app store; this specifically includes your user name, your e-mail address, your customer account number, the time at which you downloaded the app, your payment information and the device identifier. We have no influence on the collection of this data and are not responsible for it. We only process the data insofar as this is necessary for you to download the mobile app onto your mobile device.

When you use the mobile app, we collect the data mentioned below for the purpose of making the app more convenient. If you wish to use our mobile app, we will collect the following data; this is technically necessary for us to display our app to you and to guarantee its stability and security. This data will also be stored in our system’s log files. It will not be stored together with any other personal data pertaining to the user. This data includes your order information, name, address, date of birth if required, telephone number if required, e-mail address, chosen payment method, order details, IP address, customer group, and form of address/gender.

The legal basis for the temporary storage of this data and these log files is Art. 6(1)(f) GDPR.        

The temporary storage of the IP address by the system is necessary to ensure that the content can be delivered to the app installed on your mobile device. This is why your IP address must be stored for the duration of the session. The data is stored in log files in order to guarantee the functionality of the app. We also use this data for the purpose of optimising the app and ensuring that our information technology systems are secure. This purpose constitutes our legitimate interest in processing your data pursuant to Art. 6(1)(f) GDPR. Data collected in this context is not evaluated for marketing purposes.

This data will be erased as soon as it is no longer required for the purpose for which it was collected. If the data was collected for the purpose of making the content available in the app, it will be erased when the respective session ends. Log files are erased within 2 months of the app being accessed.

The collection of data when users open the app and the storage of data in log files are essential for the operation of the app. This means you are unable to object to them.

 

 

Other app functions and services

Besides using our app for purely informational purposes, we offer various services that you may use if they interest you. For this, you usually have to provide further personal data, which we use to provide the respective service and to which the above-mentioned principles of data processing apply.

We sometimes use external service providers to process your data. These are carefully selected and contracted by us, bound to our instructions, and monitored on a regular basis.

We can also transfer your personal data to third parties if we are offering promotional campaigns, online competitions, the conclusion of contracts or similar services in cooperation with our partners. Further information is provided in the description of the offer or when you enter your personal data.

If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you about the consequences of this in the description of the offer.

 

Using our app

If you wish to order products through our app, a contract of sale can only be concluded if you provide the personal data we require to execute your order. The mandatory data needed to execute your order is specially marked; all other information is optional. The legal basis for processing this personal data is Art. 6(1)(b) GDPR.

You have the option of creating a customer account in which we can store your data for any other orders you may place later on. By creating an account under “My Account” or “Log in”, the data you provide is stored revocably. You can delete your customer account at any time by sending a message to the contact specified above. The legal basis for processing this personal data is Art. 6(1)(b) GDPR. After the contract has been fulfilled, your address, payment, and order data will be stored for the obligatory ten-year retention period specified in fiscal and commercial law. It will then be erased unless you have consented to it being stored for a longer period or your data has to be processed further for the purpose of establishing, exercising, or defending legal claims. The legal basis for processing personal data in order to comply with statutory storage and retention obligations is Art. 6(1)(c) GDPR.

We process the data you provide for the purpose of executing your order. In order to fulfil the contract, we transmit your data to the forwarder contracted to deliver your order insofar as this is necessary for the purpose of delivering goods you have ordered. Depending on which payment service provider you select during the order process, we transmit the payment data collected for the purpose of processing your payment to the credit institution assigned to do so and, if applicable, to the payment service providers contracted by us or the payment service selected. These payment service providers may also collect this data themselves if you create an account with them. If this is the case, you must use your access data to log in to the payment service provider’s website during the order process. The privacy policy of the respective payment service provider will then apply. Orders are processed using ERP solutions from “Afterbuy” (VIA Online GmbH, Krefeld) and “pixi” (Descartes Systems GmbH, Munich). The privacy policy of the respective ERP service provider applies. We have the right to transmit this personal data pursuant to Art. 6(1)(b) GDPR. Our service providers may only process or use your data for the purpose it was transmitted to them. You can access this data at any time. We have implemented technical and organisational measures to ensure that data privacy regulations are complied with in cases where data is transmitted to external service providers.

You are under no obligation to provide the personal data specified above. However, this data is required for the conclusion of a contract. Unless you provide this data, it may not be possible to communicate with you or to conclude and execute a contract.

We use the solutions provided by Shopgate GmbH, Schloßstraße 10, 35510 Butzbach, to operate our app. Shopgate GmbH assists us with our sales activities and with the operation of our app. Shopgate GmbH receives personal data relating to our customers, i.e. master data (name, date of birth, address, e-mail address), order processing information (payment method, shopping basket, order value, credit card data, transaction number, status etc.), information on order handling (complaints) and wish lists linked to the account; this personal data is necessary for them to render their services. We have the right to transmit this personal data pursuant to Art. 6(1)(b) GDPR. We use solutions from Shopgate for the purpose of operating our app and improving its content; the legal basis for this is Art. 6(1)(f) GDPR.

 

Use of Google Analytics

We use the web analysis service Google Analytics provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google uses the add-on “_anonymizeIP()” to shorten your IP address within European Union member states or other states that are party to the agreement on the European Economic Area. Only in exceptional cases is a full IP address sent to a Google server in the USA and shortened there. Google uses this information on our behalf to evaluate your app use, generate reports on app activity, and render other services associated with app and internet use for the app operator.

We use Google Analytics to analyse use of our app and to make regular improvements. The legal basis for the use of Google Analytics is your consent pursuant to Art. 6(1)(a) GDPR; Art. 49(1)(a) GDPR also applies if your data is transferred to the USA.

Besides processing the aforesaid data through Google, we transmit the data collected to third parties (e.g. providers of platform, hosting, support and analytical services) for processing in line with the purposes specified above (implementation of and assistance with web analysis).

In the exceptional cases where Google transfers personal data to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, these transfers are subject to the standard data protection clauses mentioned in Art. 46 GDPR. These are available here: https://privacy.google.com/businesses/processorterms/mccs/. The USA does not guarantee a standard of data privacy equivalent to that enforced in the EU. There is a risk of security authorities accessing your data without legal recourse.

The personal data collected will be erased as soon as it is no longer required for processing purposes; this is usually the case once 14 months have expired since the data was collected. 

News service via Telegram

Our app offers you the option of requesting news and information about offers in our app through the messaging service “Telegram”. We have assigned the technical execution of this service to the company MessengerPeople GmbH, Schwanthaler Straße 32, 80336 Munich, Germany.

The messages are sent from an account created in our name. By sending a start message, you give your consent pursuant to Art. 6(1)(a) GDPR to the sender using your personal data (e.g. your surname and first name, telephone number, messenger ID, profile image, messages) for purposes of direct communication and to the data processing necessary when using the messaging service selected. In order to use this service, you will require an existing messaging account with the provider. The provider responsible for this messaging service is:

  • Telegram Messenger LLP, 71- 75 Shelton Street, Covent Garden, London, United Kingdom; privacy policy accessible at https://telegram.org/privacy

The provider will receive personal data (particularly communication metadata) that will also be processed in countries outside the EU (e.g. the USA) in which no appropriate standard of data protection can be guaranteed. More information can be found in the privacy policy of the messaging service mentioned above. The sender has no precise knowledge of or influence over the provider’s data processing measures. You can unsubscribe from messages sent by MessengerPeople at any time by sending the message “STOP” to the account through which you previously subscribed to the message service. Moreover, you can instruct MessengerPeople to erase the above-mentioned data by sending the message “DELETE ALL DATA” to the corresponding account.

Information on the use and operation of the news service provided by MessengerPeople is also provided when you request the desired news. Detailed information on MessengerPeople's use of personal data is also given in MessengerPeople’s privacy statement, which can be accessed at https://www.messengerpeople.com/privacy/.

 

Use of data for postal advertising and your right to object

Furthermore, we reserve the right to store your first name, surname, postal address and – insofar as we require this additional information for purposes of our contractual relationship with you – your title, academic degree, year of birth, and profession, industry or business in summarised lists and to use it for our own advertising purposes, e.g. to send you interesting offers and product information by post. You can object to the storage and use of your data for these purposes at any time by sending a message to the contact whose information is provided below.

 

CrossEngage

We use the cross-channel marketing platform CrossEngage, a service provided by CrossEngage GmbH, Bertha-Benz-Str. 5, 10557 Berlin, Germany (“CrossEngage”), to display personalised content and send you advertising messages based on your previous and current use of our services. This service consolidates data from all relevant data sources and makes it available for the development and execution of effective campaigns.

We use CrossEngage to facilitate personalised cross-channel customer engagement. The legal basis for the use of CrossEngage conversion tracking is your consent pursuant to Art. 6(1)(a) GDPR.

Besides processing the aforesaid data through CrossEngage, we transmit the data collected to third parties (e.g. providers of platform, hosting, support and analytical services) for processing in line with the purposes specified above (facilitation of and assistance with personalised cross-channel customer engagement).

In the case of customers who have placed an order, the following personal data is transmitted to CrossEngage:

Personal master data

Contract master data

Customer history

Contract billing data

The legal basis for processing this personal data is Art. 6(1)(f) GDPR.

The personal data collected will be erased as soon as it is no longer required for processing purposes.

 

Facebook Pixel conversion tracking, custom audiences, retargeting

We use the analytical tool Facebook Pixel provided by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). Facebook Pixel uses JavaScript code to track the effectiveness of Facebook ads (“conversion tracking”), generate target groups for future Facebook ads (“Custom Audiences”), and re-engage with users later on (“retargeting”). If you click on a Facebook ad, Facebook will store cookies on your terminal device. The cookies make it possible to identify which of our services you viewed and subsequently used. When using Facebook Pixels, Facebook receives the information that you have accessed the corresponding part of our app or clicked on one of our ads. This means that if you are registered with a Facebook service, Facebook can assign the visit to your account. Facebook provides us with statistical evaluations that show which parameters of our active Facebook ads are working and where optimisation is required. We also use Facebook Pixel to generate target groups (“Custom Audiences”) to ensure that Facebook ads are only displayed to users who have shown an interest in our services or similar ones. Facebook can then use this data to make sure that each Facebook ad is only shown to users in the target group mentioned above. We also use the opportunity to show you appropriate ads again later on (“retargeting”).

We use conversion tracking to determine the effectiveness with which clicks on Facebook ads lead to certain activities in our app, such as purchases, registrations, or the completion of forms. We use custom audiences and retargeting to efficiently target users or user groups who have already interacted with our app or our services. The legal basis for the use of Facebook Pixel is your consent pursuant to Art. 6(1)(a) GDPR; Art. 49(1)(a) GDPR also applies if your data is transferred to the USA.

We and Facebook are jointly responsible for some of data processing carried out in connection with Facebook Pixel as set out in Art. 26 GDPR. Our joint responsibility encompasses the collection of such personal data (“event data”, https://www.facebook.com/legal/terms/businesstools_jointprocessing) through Facebook Pixel and its subsequent transmission to Facebook, where it is used (i) to display targeted advertising based on user interests, (ii) to deliver commercial and transaction-based messages, and (iii) to improve the delivery of advertising and personalise functions and content. As the controller, Facebook bears sole responsibility for all processing of this data following its transfer to Facebook. We have concluded an agreement with Facebook for this purpose (“Controller Addendum”, https://www.facebook.com/legal/controller_addendum), which sets out the respective responsibilities for fulfilling the obligations under the GDPR with regard to joint processing. According to this, we are responsible for providing information on the joint processing of personal data. Facebook is responsible for enabling data subjects to exercise their rights pursuant to Articles 15-20 GDPR with regard to the personal data stored by Facebook following the joint processing. The contact data for Facebook’s data controller and data protection officer is available here: https://www.facebook.com/about/privacy.

Besides processing the aforesaid data through Facebook, we transmit the data collected to third parties (e.g. providers of platform, hosting, support, marketing and analytical services) for processing in line with the purposes specified above (implementation of and assistance with targeted advertising and analyses of the impact and efficiency of this advertising).

In cases where Facebook transfers personal data to Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, these transfers are subject to the standard data protection clauses mentioned in Art. 46 GDPR. The Facebook EU Data Transfer Addendum with reference to the aforesaid standard data protection clauses is available here: https://www.facebook.com/legal/EU_data_transfer_addendum. The USA does not guarantee a standard of data privacy equivalent to that enforced in the EU. There is a risk of security authorities accessing your data without legal recourse.

You can prevent the use of the tracking methods described above (i) by adjusting your browser settings accordingly, (ii) as a Facebook user, by deactivating the “Custom Audience” function at the following link: https://www.facebook.com/settings/?tab=ads#,.

The personal data collected will be erased as soon as it is no longer required for processing purposes; this is usually the case once 6 months have expired since the data was collected.

 

Data security

Our app utilises the commonly used SSL (Secure Sockets Layer) protocol in combination with the highest level of encryption that your mobile device supports. This is usually 256-bit encryption. If your mobile device does not support 256-bit encryption, we use 128-bit v3 technology instead.

We also use appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or total loss, destruction and unauthorised third-party access. We continually improve our security measures in line with the latest technological developments.

 

Address review

We use the services provided by Deutsche Post Direkt GmbH, Junkersring 57, 53844 Troisdorf, Germany, to review/correct addresses entered during the order process. For this, we send your data (name, address) to Deutsche Post Direkt GmbH to verify your address (determine deliverability). The legal basis for this data transfer and processing is Art. 6(1)(f) GDPR. Our legitimate interest is to ensure the deliverability of shipments, to avoid unnecessary editing of the delivery address, and to prevent shipments from being returned due to incorrect address information. The service provider will delete the transferred data no later than 90 days after the completion of the work requested.

Further information about data protection at Deutsche Post Direkt GmbH and your right to object is provided here: https://www.deutschepost.de/de/d/deutsche-post-direkt/deutsche-post-direkt-datenschutz.html

 

DealClub membership

Participation in the incentive programme is subject to the specified terms and conditions of participation. In order to conclude a membership agreement with you and fulfil the terms and conditions of participation, the date on which your membership of the incentive programme expires will be added to the personal data we already have (your name, address, e-mail address and payment data) and processed accordingly. The legal basis for this processing is Art. 6(1)(b) GDPR.

After the contract has been fulfilled, your customer data will be stored for the obligatory ten-year retention period specified in fiscal and commercial law. It will then be erased unless you have consented to it being stored for a longer period or your data has to be processed further for the purpose of establishing, exercising, or defending legal claims. The legal basis for processing personal data in order to fulfil statutory storage and retention obligations is Art. 6(1)(c) GDPR.

You are under no obligation to provide the personal data specified above. However, this data is required to participate in the incentive programme. Unless you provide this data, it may not be possible to communicate with you or to conclude and execute a contract.

 

Other information about data processing on and off our website

 

Contact and communication

As a customer, business partner, prospect or supplier, we only collect your personal data if you send it to us by e-mail, post, telephone or through a contact form in our application. In this case, we collect the information disclosed during the course of the correspondence and/or cooperation. This specifically includes the names and contact data transmitted along with the date and reason for the contact. 

The personal data we collect from you is used to provide the products and services you require and to correspond with you (legal basis Art. 6(1)(b) GDPR), to comply with legal obligations (legal basis Art. 6(1)(c) GDPR), or for the purposes of the legitimate interests pursued by ourselves or by third parties (legal basis Art. 6(1)(f) GDPR) as described in this Privacy Policy.

You are under no obligation to provide the personal data specified above. The data provided may be required for the conclusion of a contract. Unless you provide this data, it may not be possible to communicate with you or to conclude and execute a contract.

Based on the statutory regulations or a contractual agreement, the data that is relevant in each individual case is transferred to public bodies where overriding legal requirements exist, to external service providers or other contractors, and to other external bodies where you have given your consent or where the transfer of your data is permitted on grounds of overriding legitimate interest.

This data will be erased as soon as it is no longer required for the purpose for which it was collected. If the data provided is subject to statutory retention periods under fiscal or commercial law, it will be stored for the obligatory ten-year retention period and then erased unless you have consented to it being stored for a longer period or your data has to be processed further for the purpose of establishing, exercising, or defending legal claims (statutory limitation period of three or up to thirty years).

 

Newsletter

You have the option of subscribing to a newsletter in which we inform you of any interesting offers we currently have available. The merchandise and services advertised are specified in the declaration of consent.

We use the so-called double opt-in procedure for newsletter subscriptions. This means that after you register, we send an e-mail to the e-mail address specified asking you to confirm that you wish to receive the newsletter. We also store your IP address and the times at which you register for the newsletter and confirm your registration. The purpose of this procedure is to have proof of your registration and, if necessary, to be able to clarify any improper use of your personal data. The legal basis is Art. 6(1)(a) and (c), Art. 7(1), Art. 5 (2) GDPR.

The only mandatory information required for your subscription to our newsletter is your e-mail address. The provision of other (specially marked) data is optional; this data is used so that we can address you personally. After you confirm your subscription, we will store your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6(1)(a) GDPR. This data will be erased as soon as it is no longer required for the purpose for which it was collected. Your e-mail address will accordingly be stored for as long as your subscription remains active. We are entitled to store inactive e-mail addresses up to three years in order to prove a once given consent or to deny potential claims. The legal basis is Art. 6(1)(c), Art. 5(2) GDPR.

You have the right to withdraw your consent to receiving the newsletter and to the evaluation of your personal user behaviour (performance evaluation) at any time by unsubscribing from it. You can withdraw your consent by clicking the link provided in every newsletter e-mail or by sending us a message using the contact information provided on the statutory information page.

Regardless of whether you have given us your separate consent to send you our newsletter, we reserve the right to send advertising for similar goods and services in our product range to the e-mail address that you gave us in connection with the purchase of an item or service insofar as you have not objected to the use of this address for advertising purposes. The legal basis for the delivery of advertising by e-mail is our legitimate interest in direct advertising pursuant to Art. 6(1)(f) GDPR in conjunction with section 7 par. 3 UWG (Act Against Unfair Competition). You can object to the use of your e-mail address for advertising purposes at any time without incurring any costs other than transmission costs charged at the basic rates. You can lodge your objection by clicking the link provided in every e-mail or by sending us a message using the contact information provided on the statutory information page.

The newsletter software used is Mailjet. When you subscribe, your data is sent to Mailjet GmbH. Mailjet is forbidden to sell your data or use it for any other purpose than the delivery of newsletters. Mailjet is a certified German provider that was selected according to the requirements specified in the GDPR. The legal basis is Art. 6(1)(a)and (f) GDPR. You will find further information here: mailjet.com/security-privacy/. You can withdraw your consent to the storage of your data including your e-mail address and to the use of your e-mail address for delivery of the newsletter at any time, for example by clicking on the “Unsubscribe” link in the newsletter.

Our newsletters contain so-called Web Beacons, pixel sized files which are accessed by the Mailjet server when the newsletter is opened. Within this context technical data such as your browser and system data as well as your IP address and the time of your opening – data necessary to technically improve services on the basis of technical data or target groups and their reading behaviour – are collected. Furthermore, your user behaviour is evaluated to the effect that if the newsletters were opened, when they were opened and which links were clicked onto. We use these evaluation to learn more about the reading behaviour of our users and to adapt our content or to be able to offer different contents corresponding to the individual interests of our users. This performance evaluation is covered by your consent according to Art. 6 (1)(a) GDPR concerning the sending of newsletters. That is the reason why you can withdraw your consent to the performance evaluation only in combination with your consent to the sending of newsletters.

 

Privacy information for applicants

As an applicant, we only collect your personal data if you send it to us by e-mail, post, or telephone. This applies both to speculative applications and applications sent in response to job advertisements. In this situation, we collect the personal data you supply during the course of the application procedure. This specifically includes your name, date of birth, contact information, interests, qualifications, education, and professional career. The personal data we collect from you will only be used to conduct the application procedure. The legal bases are Art. 6(1)(a) (b) and (f) GDPR, section 26 BDSG. 

You are under no obligation to provide the personal data specified above. However, the data provided may be required to conclude a contract with you after the application procedure is complete. Unless you provide this data, it may not be possible to communicate with you, continue the application procedure, or conclude a contract.

The data relevant in each case is transmitted on the basis of the applicable legislation or a contractual agreement. Your data is transferred to staff in the human resources departments, members of the management, and the respective department head. Your personal data will not be sent to any third party. We have no intention of sending your data to any recipient in any third country (i.e. a country that is not a member of the EU / EEA) or to any international organisation.

This data will be erased as soon as it is no longer required for the purpose for which it was collected. In the event of a rejection, we will retain your data for a period of six months after completing the application procedure and notifying you that your application has been rejected. If you have consented to your data being stored for a longer period, the regular retention period is two years. Afterwards, we will either erase your data or request your further consent. You may withdraw your consent to the processing of your personal data at any time.

Objection or withdrawal of consent to the processing of your data

If you have consented to the processing of your data, you can withdraw your consent at any time. Once you have sent it to us, your withdrawal will affect the permissibility of processing your personal data.

If the processing of your personal data is based on the weighing of interests, you are entitled to object to this processing. This is particularly the case if the processing is not necessary for the fulfilment of a contract with you, as specified in the description of the respective functions. If you exercise your right to object, we will ask you to specify the reasons why we should not continue processing your personal information as before. If your objection is justified, we will investigate the situation and either stop or adjust the data processing or inform you of the compelling, legitimate grounds on which we are obliged to continue.

You can of course object to the processing of your personal data for advertising and data analysis purposes at any time. You can withdraw your consent to the receipt of advertising by contacting us at: SportSpar GmbH, Gustav-Adolf-Ring 7 04838 Eilenburg (Germany) Tel. +49 (0) 3423 7007-0, e-mail: datenschutz@sportspar.de

 

Your rights

Pursuant to Art. 15 GDPR, you have the right to request information from us about the personal data we are processing. In particular, you may request information about the purposes for which your data is processed, the categories of personal data processed, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of a right to rectification, erasure, restriction of processing, the existence of a right to object, the existence of a right of appeal, the source of your data if it was not collected by us, the existence of automated decision-making processes including profiling and, if applicable, meaningful detailed information about what these involve.

Pursuant to Art. 16 GDPR, you have the right to request that inaccurate personal data held by us about you be rectified or incomplete data be completed without undue delay. Pursuant to Art. 17 GDPR, you have the right to request that we erase personal data held by us about you unless this data needs to be processed to exercise the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims.

Pursuant to Art. 18 GDPR, you have to right to request that the processing of your personal data be restricted if you contest its accuracy, if the processing of your data is unlawful but you oppose its erasure, if we no longer need your data but you need it to establish, exercise, or defend legal claims, or if you have objected to the processing of your data in accordance with Art. 21 GDPR.

Pursuant to Art. 20 GDPR, you have to right to request that the personal data you provided be placed at your disposal in a structured, commonly used and machine-readable format or that it be transferred to another controller.

Pursuant to Art. 7(3) GDPR, you have the right to withdraw your consent to our processing of your personal data at any time. If you do so, we will in future cease the data processing on which your consent was based.

Pursuant to Art. 77 GDPR, you also have the right to lodge a complaint with a supervisory authority regarding our processing of your personal data, particularly in the member state of your habitual residence, place of work or placed of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.