Imprint

Vitamaze GmbH
Heiligenbergstr. 17
69121 Heidelberg
Germany

Email: info@vitamaze.eu
Tel.: 0800 9191992 (available in Germany only)

General manager and authorised representative: Andreas Dittmar
Commercial register number: Local Court of Mannheim, HRB 722299
VAT identification number pursuant to Section 27 a of the German Value Added Tax Act [Umsatzsteuergesetz]: DE300385539

Vitamaze GmbH is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.co.uk.

We appreciate your interest in our website. The security of your personal data is of utmost importance to us. Therefore, we would like to inform you below which data of your visit we use for which purposes.

Privacy Policy 

Last amended on: 19/05/2018

This Privacy Policy describes how we process personal data (hereinafter “data”) collected on our online platforms and through our associated webpages, features and content, as well as online shops, and describes the scope and purpose of these activities. (hereinafter referred to as “online services”). The terms “personal data’ and/or “data processing” are used within the meaning of Art. 4 of the General Data Protection Regulation (GDPR).

Controller:

Vitamaze GmbH
Heiligenbergstraße 17
69121 Heidelberg, Germany
info@vitamaze.shop

Types of the data processed:

  • Inventory data (e.g., names, addresses)
  • Contact information (e.g., e-mail, phone numbers)
  • Content data (e.g. text input, photographs, videos).
  • Contract data (e.g. subject matter of the contract, term, customer category)
  • Payment data (e.g. bank details, payment history)
  • User data (e.g., websites visited, interest in content, access times)
  • Meta/communication data (e.g., device information, IP addresses)

Hereinafter, unless further described, referred to as “data”.

Processing of special categories of data (Art. 9 (1) GDPR):

In principle, no special categories of data are processed unless they are sent by the users for the processing, e.g., entered in online forms.

Categories of data subjects:

  • Customers/prospective customers/suppliers.
  • Visitors and users of the online offer.

In the following, we also refer to the data subjects as “users”.

Restriction of processing

  • Provision of the online offer, its content and features.
  • Provision of contractual services, servicing and customer support.
  • Responding to contact inquiries and communicating with users
  • Marketing, advertising and market research.

Applicable legal bases

In accordance with Art. 13 GDPR, we inform you of the legal basis of your data processing. Unless the legal basis is stated in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6 (1) (a) and Art. 7 GDPR, the legal basis for the processing for the performance of our services and the execution of contractual measures as well as responding inquiries is Art. 6 (1) (GDPR), the legal basis for processing in order to fulfil our legal obligations is Art. 6 (1) (c) GDPR, and the legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) (f) GDPR. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

Changes and updates to this privacy policy

Users are requested to check the Privacy Policy on a regular basis to keep up-to-date with its content. We will adapt the Privacy Policy as soon as changes in the data processing carried out by us render this necessary. We will inform you as soon as the changes require your cooperation (e.g., consent) or other individual notification.

Security safeguards

  • We shall take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, in accordance with Article 32 GDPR, taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing, as well as probability and severity of the risk to the rights and freedoms of natural persons; the measures shall include in particular safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation. Furthermore, we have established procedures that guarantee the exercise of data subject rights, deletion of data and responding to data risks. Furthermore, we already consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the the general principles relating to personal data processing, the principles of data protection by design and by default. (Art. 25 GDPR).
  • These security measures include, in particular, the encrypted transmission of data between your browser and our server.

Cooperation with contract processors and third parties

  • If we disclose data to other persons and companies (contract processors or third parties) within the scope of our processing, pass on the data to them or otherwise grant them access to the data, this shall only take place on the basis of a legal authorisation (e.g., if a transmission of the data to third parties, such as payment service providers, in accordance with Art. 6 (1) (b) GDPR is required for contract fulfilment), your consent, a legal obligation provides for this or on the basis of our legitimate interests (e.g., if agents, web hosts, etc. are commissioned).
  • If we commission third parties with the processing of data on the basis of a so-called “order processing contract”, this takes place on the basis of Art. 28 GDPR.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this shall only take place if it occurs for the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual authorisations, we only process the data in a third country or have the data processed in a third country if the specific requirements of Art. 44 (ff) GDPR are met. This means, for example, that the processing is carried out on the basis of specific safeguards, such as the officially recognised determination of a data protection level corresponding to the EU (e.g., for the USA by the “Privacy Shield”) or compliance with officially recognised special contractual obligations (so-called “standard contractual clauses”).

Rights of the data subject

  • You are entitled to request confirmation as to whether the data concerned are being processed and to request information about the data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
  • Pursuant to Art. 16 GDPR, you are entitled to request the completion or rectification of your personal data.
  • In accordance with Art. 17 GDPR, you are entitled to request that the relevant data be erased without undue delay or, alternatively, demand a restriction on the processing of the data in accordance with Art. 18 GDPR.
  • You are entitled to request that the personal data you have provided to us be received in accordance with Art. 20 GDPR and to request its transmission to other controllers.
  • In accordance with Art. 77 GDPR you are entitled to lodge a complaint with the competent supervisory authority.

Right of revocation:

You have the right to revoke consent once granted in accordance with Art. 7 (3) GDPR at any time with effect for the future.

Right to object

You can choose to opt out of the future processing of your personal data at any time in accordance with Art. 21 GDPR. This right to object applies in particular to the processing of data for the purposes of direct advertising.

Cookies and right to object in direct advertising

We use temporary and permanent cookies, i.e. small files that are stored on the user’s devices (for definition of the term and feature, please refer to the last section of this Privacy Policy). Cookies are partly used for security purposes or are required for the operation of our online offer (e.g., for the presentation of the website) or for saving the user’s decision when confirming the cookie banner. In addition, we or our technology partners use cookies for tracking and marketing purposes, about which the users will be informed in the course of the Privacy Policy.

You can object to the use of cookies used for the online marketing purposes for a large number of services, particularly in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, you can configure your browser setting to disable the storage of cookies. Please note that certain functions of this website may not be used, if you have disabled the use of cookies.

Deletion of data

  • The data processed by us will be deleted or their processing restricted in accordance with Art. 17 and 18 GDPR. Unless otherwise expressly stated in this Privacy Policy, the data stored by us is deleted once it is no longer required for the designated purpose and provided that we have no statutory obligation to retain said data. If the data is not deleted because it is necessary for any other legally permissible purposes, the processing of the data will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained due to commercial or tax requirements.
  • According to statutory regulations, documents must be retained for six years as per Section 257 (1) of the German Commercial Code (HGB) (accounting ledgers, inventories, opening balance sheets, annual financial statements, trade letters, accounting records, etc.) and for 10 years as per Section 147 (1) of the German Fiscal Code (AO) (accounts and records, situation reports, accounting records, trade and business letters, other documents of relevance for taxation, etc.).

Provision of contractual services

  • We process inventory data (e.g., names and addresses as well as contact information of users), contract data (e.g., services used, names of contacts, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 (1) (b) GDPR. The entries marked as mandatory in online forms are required for the conclusion of the contract.
  • Users can optionally create a user account, in particular by viewing their orders. During the registration process, the required information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data with regard to the user account will be deleted, subject to their retention, for commercial or tax reasons, in accordance with Art. 6 (1) (c) GDPR . It is the responsibility of the users to back-up their data in the event of termination taking place before the end of the agreement. We are entitled to irretrievably delete all user data stored during the term of the contract.
  • As part of the registration and repeated logins and the use of our online services, we store the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as those of users, to protect against abuse and other unauthorised use. Distribution of this data to third parties does not take place as a matter of principle, unless it is required to pursue our claims or a legal obligation for this exists in accordance with Art. 6 (1) c of the GDPR.
  • We process user data (e.g., the visited websites of our online offer, interest in our products) and content data (e.g., entries in the contact form or user profile) for marketing purposes in a user profile in order to show the user product information based on their previously used services, for example.
  • The deletion takes place after the expiry of statutory warranty and similar obligations, the necessity of the retention of the data is reviewed every three years; in the case of statutory archiving obligations the deletion takes place after their expiry (termination of the retention obligation under commercial law (6 years) and tax law (10 years)); user account information remains until deleted.

Contacting us

  • When you contact us (via contact form or e-mail), the information provided by the user to process the contact inquiry and its processing will be managed in accordance with Art. 6 (1) (b) GDPR.
  • The inquiries that are no longer necessary are deleted. We review the requirement every two years; requests from customers who have a customer account are stored permanently and are linked to the customer account details for deletion. In the case of statutory archiving obligations, the deletion takes place after their expiry (termination of the retention obligation under commercial law (6 years) and tax law (10 years)).

Comments/contributions/reviews

  • If users leave comments or other reviews, their IP addresses are stored on the basis of our legitimate interests as defined in Art. 6 (1) (f) GDPR.
  • This takes place for our safety, if someone leaves illegal contents in comments and contributions (insults, forbidden political propaganda, etc.). In this case we can be prosecuted ourselves for the comment or contribution and are therefore interested in the identity of the author.

Collection of access data and log files

  • For the purposes of our legitimate interests, in accordance with Art. 6 (1) point f GDPR, we collect data every time the server on which the service is located is accessed (so-called server log files). These access logs include the name of the webpage and/or file accessed by the user, the date and time of access, the amount of data transferred, notification of successful retrieval, details of the web browser used (including the version), the User’s operating system, the referrer URL (of the previous page linking to our website), the IP address and the requesting provider.
  • Log file information is retained for security reasons (e.g. to detect improper use or fraud) for a maximum of seven days before being deleted. Data that is to be retained as evidence shall be excluded from deletion until the relevant case has been finalised.

Online presence in social media

  • We maintain online presence based on our legitimate interests within the meaning of Art. 6 (1) (f) GDPR within social networks and platforms in order to communicate with active customers, prospective customers and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.
  • Unless otherwise stated in our Privacy Policy, we process the data of users who communicate with us within social networks and platforms, e.g., contribute to our websites or send us messages.

Cookies & reach measurement

  • Cookies are data packets that are transferred from our web server or third parties’ web servers to the user’s web browser and stored there for later retrieval. Cookies may comprise small files or any other kinds of information storage.
  • We use “session cookies”, which are only stored on our website throughout your current visit (e.g., to enable the storage of your login status or the the shopping cart function and thus the use of our website). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and log out or close your browser, for example. Similarly, we use “Persistent cookies”. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
  • This Privacy Policy explains to users how we use cookies in a pseudonymised manner to measure reach.
  • If the user does not wish cookies to be stored on their computer, we hereby request that they disable the relevant option in their browser settings. Stored cookies can be deleted in the browser settings at any time. Disabling cookies may prevent you from enjoying the full functionality of these websites.
  • You can block cookies that are used for tracking and online advertising by visiting the opt-out page of the network advertising initiative (http://optout.networkadvertising.org/) and also by managing your preferences on the U.S. website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Google Analytics

  • For the purposes of our legitimate interests (i.e. our interest in analysing, optimising and running our Websites in a commercially viable manner within the meaning of Art. 6 (1) (f) of the General Data Protection Regulation (GDPR), we use Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google uses cookies. The information generated by cookies concerning the use of the Websites by the User will generally be transmitted to and stored by Google on servers in the USA.
  • Google is certified under the Privacy Shield framework which offers a guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
  • Google will use this information on our behalf for the purpose of evaluating use of our Websites by the User, compiling reports on activity on the Websites, and providing us with other services relating to the use of the Websites and use of the Internet. This process may involve creating pseudonymised usage profiles of users from the processed data.
  • We use Google Analytics to display the Google add and its affiliate advertising services, only to those users who have shown an interest in our online offering or who have certain features (e.g., interests in certain topics or products that are determined by the websites visited) that we transmit to Google (so-called “Remarketing” or “Google Analytics Audiences”). With Remarketing Audiences, we also want to make sure that our ads are in line with the potential interest of users and are not annoying.
  • We only use Google Analytics with IP anonymisation enabled. This means that Google truncates the user’s IP address within Member States of the European Union and in other countries that are party to the Agreement on the European Economic Area. The complete IP address will be transferred to a Google server in USA and truncated there only in exceptional cases.
  • The IP address transmitted by the User’s browser is not associated with any other data held by Google. The user may refuse the use of cookies by selecting the appropriate settings in their browser; the user can also prevent Google from collecting the data generated by the cookie regarding your use of the content data and the processing of the data by Google by downloading and installing the browser plugin available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
  • For more information on how Google uses data and how to opt out, please refer to Google’s websites: https://www.google.com/intl/de/policies/privacy/partners(“How Google uses data when you use our partners’ sites or apps”), https://policies.google.com/technologies/ads (“How Google uses data in advertising”), https://adssettings.google.com/authenticated (“Control the information Google uses to show you ads”).

Amazon affiliate program

  • Based on our legitimate interests (i.e. interest in the economic operation of our online offer within the meaning of Article 6 (1) (f) of the GDPR), we are participants in the Amazon EU Affiliate Program, which has been designed to provide a medium for websites that earn advertising fees by placing advertisements and links to Amazon.com. Amazon uses cookies to trace the origin of the orders. Inter alia, Amazon may recognize that you have clicked the affiliate link on this site.
  • For more information about Amazon’s data usage, please see the company’s Privacy Policy: http://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401.

Integration of third-party services and content

  • Use of GetSiteControl: This website uses visual elements (“widgets”) of the GetSiteControl user feedback service. GetSiteControl (GetWebCraft Limited Klimentos 41-43, Klimentos Tower, Flat / Office 25, 1061, Nicosia, Cyprus) is a tool that plays pop-ups and overlay windows on the website. To this end, cookies are stored. It is used in order to be able to engage in a chat dialogue with users when visiting the website and to be able to collect their feedback / consent to the newsletter at the request of the users. It also uses the tool to give users a possibility to post content from the website on the social networks. In the overlay for newsletter registration, the e-mail address is queried and saved. To find out more about the collection and use of data by GetSiteControl, your rights in this regard, and about options for protecting your privacy, go to GetSiteControl’s Privacy Policy at https://getsitecontrol.com/privacy/.

Disclaimer

1. Liability for the website

As the provider of these web pages, we are responsible for our own content on them pursuant to Section 7(1) of the German Telemedia Act [Telemediengesetz: TMG]. Concerning third-party contents, under Sections 8 to 10 of the TMG we are not obliged to monitor transmitted or stored third-party information, and the earliest point in time from which we can be held liable is the moment at which we were made aware of a specific breach of the law.

 

2. Liability for links

We accept no liability for the contents of third-party websites to which we are linked either directly or indirectly, since we have no influence over them. A linked page is the sole responsibility of the provider of that page. At the time of linking, the page was checked for breaches of the law and no unlawful contents were found. If we are made aware of breaches of the law, we will remove the link immediately.

 

3. Product liability

The effect of arginine has been investigated in numerous scientific studies. As arginine is a natural product, its effects may vary in their intensity.

 

4. Copyrights

All the contents presented on this website are subject to German copyright law. Any use, replication and/or dissemination requires the written consent of the author or originator. Third-party contents are identified as such. If, despite this, you notice an infringement of copyright, please let us know.

 

5. Arbitration platform

The European Commission provides a platform for online dispute resolution (ODR). The platform can be found at: http://ec.europa.eu/consumers/odr/

You can contact us via our email address: info@vitamaze.de

More info about privacy policy, please view our imprint