Data protection is a matter of trust and your trust is important to us. The protection and legally compliant collection, processing and use of your personal data is therefore an important concern for us. To give you an overview of the use of your personal data, we would like to inform you here about our data collection and data use.
In the following, we would like to provide you with some introductory general information on data protection and an overview of the purposes for which we process your data.
1. Verantwortlicher, Kontakt, Datenschutzbeauftragter
The controller responsible for the collection, processing and use of your personal data within the meaning of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) is
furor per fumum GmbH
Im Teelbruch 112
Managing Director: Hans-Peter Lorenz, Annabelle Schuster
Phone: +49 2054 872 66 47
(hereinafter also referred to as "Emil Élise", "we" or "us").
Personal data within the meaning of the GDPR and the BDSG are individual details about factual or personal circumstances of an identified or identifiable natural person. The personal data of users processed in the context of this online offer includes in particular
- your name, your address, your date of birth, your e-mail address and your telephone number, your user name and your encrypted password for your customer account
- the products you have purchased, the services you have used, payment information (e.g. bank details, payment history),
- Your data that is collected when you use our website and our online offering.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection. The collection, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on our behalf.
Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her
3. overview of the purposes of processing
We process personal data insofar as this is necessary to provide a functional website and to display our content or to process your order or to provide further services. We also process your personal data to respond to contact inquiries, measure reach and for marketing purposes as well as for any security measures.
4. Legal bases for the processing of your data
- Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a GDPR serves as the legal basis.
- If the processing of personal data is necessary for the performance of a contract for consideration or free of charge, Art. 6 para. 1 sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
- If the processing is necessary to fulfill a legal obligation to which we are subject, Art. 6 para. 1 sentence 1 lit. c GDPR serves as the legal basis.
- If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interests, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the processing.
5. Your rights
You can assert the following free rights against any controller responsible for the processing of your personal data in accordance with Art. 4 No. 7 GDPR in accordance with the statutory provisions:
- Right to withdraw your consent (Art. 7 para. 3 GDPR).
- Right to information: You can request information about your personal data that we process in accordance with Art. 15 GDPR.
- Right to object: You have the right to object for specific reasons. You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (f) of Article 6(1) GDPR. The controller will then no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website.
- Right to rectification: If the information concerning you is not (or no longer) accurate, you can request rectification in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed;
- Right to erasure: You can request the erasure of your personal data in accordance with Art. 17 GDPR.
- Right to restriction of processing: In accordance with Art. 18 GDPR, you have the right to request that the processing of your personal data be restricted.
- Right to data portability: In the event that the requirements of Art. 20 para. 1 GDPR are met, you have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website. They are therefore not based on consent pursuant to Art. 6(1)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR, but are justified pursuant to Art. 6(1)(f) GDPR. The requirements of Art. 20 (1) GDPR are therefore not met in this respect.
To assert your rights against the controller, please contact the controller using the contact details listed above. The data protection officer is also available for confidential inquiries.
You also have the right, pursuant to Art. 77 et seq. GDPR to complain to a data protection supervisory authority about the processing of your personal data by the controller. The supervisory authority responsible for us is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, P.O. Box 20 04 44, 40102 Düsseldorf, Tel.: 0211/38424-0, Fax: 0211/38424-10, e-mail: email@example.com. You can find an overview of all supervisory authorities at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
6. Storage period
We store your data collected for the purpose of processing the contract until the expiry of the statutory or possible contractual warranty and guarantee rights. After this period has expired, we retain the information required under commercial and tax law relating to the contractual relationship for the periods specified by law. For this period (regularly ten years from the conclusion of the contract), the data is processed again in the exemplary case of a review by the tax authorities. With regard to other purposes pursued by us, please refer to the following provisions for the duration of storage.
7. Secure data transmission and data security
Your personal data is transmitted securely using encryption. This applies to your order and also to the customer login. We use the SSL (Secure Socket Layer) coding system. We also use technical and organizational measures to protect our websites and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons. Our security measures are continuously improved in line with technological developments.
8. Recipients of data
a) Data Processing, Recipients in Third Countries
If we transfer personal data to recipients in so-called "third countries," meaning countries outside the EU or EEA where an equivalent level of data protection cannot be assumed, and we are not authorized to transmit the data due to a legal obligation, we ensure that the necessary adequate level of data protection is guaranteed in that specific third country or with the recipient in that third country. This may arise, in particular, from an "adequacy decision" by the European Commission, establishing an adequate level of data protection for a specific third country as a whole. Alternatively, we may also base data transfers on the so-called "EU standard contractual clauses" agreed upon with a recipient or, in the case of recipients in the USA, on compliance with the principles of the "EU-US Privacy Shield." Information about EU-US Privacy Shield participants can be found here: www.privacyshield.gov/list; information about EU standard contractual clauses here: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF, and information about European Commission adequacy decisions here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en#dataprotectionincountriesoutsidetheeu. We are happy to provide you with further information on suitable and adequate guarantees to comply with an appropriate level of data protection upon request.
b) Third Parties: Payment Service Providers, Assignment of Claims
Upon your request, we disclose personal data for the purpose of payment processing to a payment service provider. Further information on this can be found under B, 3.
In the context of financing the business of furor per fumum GmbH & Co. KG, we partially assign claims from purchase contracts with you – our customers – to third parties. As part of such assignment, the personal data necessary for the identification of the relevant claim is disclosed. The legal basis for data transfer in this case is Article 6(1)(f) DS-GVO (legitimate interest). The recipients of the assignment process the transmitted data independently and in accordance with applicable data protection regulations. There is no change for you as a customer in the processing of your contract with us. Emil Élise remains your direct contact and is authorized to receive your purchase price payments.
In addition, for the purpose of shipping, we disclose your address data to a postal service provider.
c) Authorities as Data Recipients
In the event of a legal obligation, we reserve the right to disclose information about you when demanded by lawful authorities or law enforcement agencies.
Legal Basis: Article 6(1) sentence 1 lit. c DS-GVO.
You can print or save this document using the usual functionality of your browser (typically under "File" -> "Save As"). Additionally, you can download and archive this document in PDF-Form To open the PDF file, you will need the free Adobe Reader program (available at www.adobe.de) or comparable programs that support the PDF format.
10. LinkedIn Insight Tag
Sollten Sie der Verwendung von LinkedIn-Pixel zugestimmt haben, beachten Sie bitte folgende Informationen:
This website uses the LinkedIn Insight Tag. The provider of this service is LinkedIn Ireland
Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Data processing through LinkedIn Insight Tag:
The LinkedIn Insight Tag provides us with information about the visitors to our website. If a website visitor is registered with LinkedIn, we can analyze professional data (e.g.,
The use of LinkedIn Insight is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in effective advertising, including social media. If appropriate consent has been obtained (e.g., consent to store cookies), the processing is based solely on Art. 6(1)(a) GDPR; the consent is revocable at any time. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
Objection to the use of LinkedIn Insight Tag:
To object to the analysis of user behavior and targeted advertising by LinkedIn, follow this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To avoid a link between data collected on our website by LinkedIn and your LinkedIn account, log out of your LinkedIn account before visiting our website.
B. Information on Individual Processes
1. Server Logfiles
For the informational use of our website, it is generally not necessary for you to actively provide personal data. Instead, we collect and use only the data that your internet browser automatically transmits to us. This occurs with every visit to our website, whether you are logged into your user account or not. The types of processed data include:
• Date and time of access
• Hostname of the accessing computer
• Website from which the website was accessed (previously visited page)
• Websites accessed through our website
• Pages visited on our website
• Notification of whether a page request was successful
• Transferred data volume
• Information about the browser type and version used
• Operating system
• IP address
The data is processed on our servers. We do not process this data together with other personal data unless expressly indicated. The temporary storage of the IP address by the system is necessary to enable the delivery of the website to your computer.
The temporary processing of the mentioned data is technically necessary for providing a website under Art. 6(1)(1)(b) of the General Data Protection Regulation (GDPR) to correctly display our website to you.
To defend against threats, ensure our IT security, and provide evidence of potential attacks, we store log files with your IP address for 7 days and beyond with your anonymized IP address for a duration of 60 days. Our legitimate interest in data processing is based on these purposes. We store your IP address beyond your website visit only in anonymized form, meaning we truncate your IP address by three digits. Personal evaluation of the data, especially for marketing purposes, does not occur. The legal basis for this is Art. 6(1)(1)(f) of the GDPR.
2. Data Processing for Order Fulfillment
To place orders in the emilelise.com shop, we require the following data for order processing:
• Salutation, first name, last name
• Billing address, if different, shipping address
• Payment details
• Email address
• In the case of a freight number: telephone number for scheduling a delivery date
• Customer number
• Other order data (article numbers, order number, voucher numbers in the case of voucher purchases)
We process your data for order processing, including possible later reversals and warranty cases. We use your email address for sending order and shipping confirmations, as well as for other order-related communication. Your delivery address is transmitted to a shipping service provider. If you have chosen "cash on delivery" as the payment method, we transmit your invoice amount to the shipping service provider. The legal basis is Art. 6(1)(1)(b) of the GDPR (contract fulfillment).
Further details are voluntary. The legal basis is Art. 6(1)(1)(a), Art. 7 of the GDPR.
If you want to create a customer account during the order process, the information listed under 4. applies. Ordering as a guest is also possible.
When using our shop, cookies are set to provide the shopping system, which is necessary to use the shopping cart function.
3. Payment Processing
In processing payments on our online shop, we collaborate with these partners: technical service providers, banks, payment service providers.
a) Data Processing for Transaction Processing
b) Data Processing for Fraud Prevention and Optimization of Payment Processes
If necessary, we provide our service providers with additional data, which they use as our data processors, together with the necessary data for payment transaction processing, for the purpose of fraud prevention and optimization of our payment processes (e.g., invoicing, processing disputed payments, supporting accounting). This serves our predominant legitimate interests in protecting against fraud or in efficient payment management under Art. 6(1)(1)(f) GDPR.
c) Identity and Credit Check when Choosing Klarna Payment Services
Klarna Pay later (Purchase on Invoice)
4. Establishment and Use of a Customer Account, Wishlist
Wir richten für jeden Kunden, der sich auf unserer Webseite registriert, einen passwortgeschützten Zugang zu seinen bei uns gespeicherten Bestandsdaten (Kundenkonto) ein. Hier können Sie Daten über Ihre Bestellungen einsehen und verwalten und für künftige Bestellungen Ihre Adressdaten und Ihre Zahlungsmittel verwalten. Die Registrierung ist Voraussetzung, um die Wunschzettelfunktion nutzen und Produkte bewerten zu können. Um ein Kundenkonto anlegen zu können, benötigen wir die als Pflichtfeld gekennzeichneten Kategorien von Daten.
After registration, we will send a confirmation link to the email address provided, which you must click to activate your customer account. This serves to confirm ownership of the provided email address.
Only then can you log into your customer account. At this moment, a session cookie is set on your computer. With the optional "stay logged in" function, we want to make your visits to our websites as pleasant as possible. This function allows you to use our services without having to log in again each time. For this purpose, a cookie is set on your computer. For security reasons, you will be prompted to enter your password again if, for example, your personal data needs to be changed or you want to place an order. We recommend not using the "stay logged in" function if the computer is used by multiple users. Additionally, we note that the "stay logged in" function is not available if you use a setting that automatically deletes stored cookies after each session.
We use the data collected during the opening of the customer account for order processing, providing additional services requested by you, offering payment options, and processing payments, as well as any refunds. The legal basis for processing personal data in connection with the creation of a customer account is Art. 6(1)(1)(b) GDPR.
We delete the data collected and stored in connection with the customer account at the latest when you delete your customer account yourself or inform us that your customer account should be deleted. However, premature deletion of your personal data is not possible if and to the extent that the data is still required for the contract processing or legal regulations obligate us. In this case, your customer account will be blocked, meaning it will no longer be accessible via the internet.
5. Contacting Us via Contact Form, Email, and Phone
You can get in touch with us via email, phone, and through our contact forms to request a quote, assert warranty rights, or engage in other correspondence. We use the data you provide to us in connection with your contact exclusively for the purpose of responding to your inquiry. To process your request, we typically process:
• Name, email address, content of the inquiry, server log files (see above)
• Order data (see above) in the case of inquiries related to your orders
The legal basis for processing is Art. 6(1)(b) GDPR, if the contact is related to contractual fulfillment obligations. For other correspondence, the legal basis is based on your (presumed) consent, Art. 6(1)(a) GDPR. You have the option to revoke your consent for processing personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
a) Subscription to Email Newsletter
You can subscribe to our newsletter on our website. The Emil Élise newsletter contains news, promotional offers, and additional information about products, services, events, and discount promotions of Emil Élise. The newsletter is sent based on your revocable consent according to Art. 6(1)(a), Art. 7 GDPR. To receive the newsletter, you need to enter your email address in the designated field on our website. We will then send you a notification email and ask you to confirm your desire to receive our newsletter by clicking a link contained in this email (Double-Opt-In). We will send you a newsletter by email only after you have expressly confirmed that we should activate the newsletter service.
You can revoke your consent to the processing of your data for newsletter delivery at any time with effect for the future. A brief notice via email to one of the email addresses provided under A, Section 1 is sufficient for this purpose. Additionally, each newsletter includes an unsubscribe link. Your data will be stored for the duration of the newsletter subscription.
For newsletter delivery, we use Mailchimp by The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (Mailchimp). This allows us to communicate directly with subscribers and analyze usage behavior to optimize our offering.
We provide the following personal data to Mailchimp: Email address, [First name], [Last name], [Phone number]
[Our email communications include a link allowing you to update your personal data.]
7. Use of Google ReCaptcha
To combat spam and abuse, we use the Google ReCaptcha service on our site, provided by Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of this service is to distinguish whether the input is made by a natural person or is abusive through machine and automated processing. The service results in the transmission of your IP address and possibly other data required by Google for the ReCaptcha service. Google's separate privacy policies apply to this. For more information on Google's privacy policies, visit http://www.google.de/intl/de/privacy or https://www.google.com/intl/de/policies/privacy/[AH6]
8. Social Media
To protect your personal data, we have consciously decided not to implement plugins from operators of social networks. The links to portals you find on our website are merely static links. Information is only transmitted to the service providers when you click on the button. However, we would like to point out that the portal providers, if you are a member of one of the linked portals, may link our profile and the visit to our website with your profile there. The following portals are linked on our site. Further information can be found under the links listed below.
- Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland for the services Facebook and Instagram
9. 9. YouTube Videos
We have embedded YouTube videos on our website, which are stored on http://www.youtube.com/ and can be played directly from our website.
10. Online Marketing (Web Analytics Using Cookies); Cookie Information
a) What are Cookies? How can their Use be Prevented?
We use the technology of cookies for our online presence. Cookies are small text files sent by our web server to your browser during your visit to our websites and stored by it for later retrieval. Whether cookies can be set and retrieved can be determined by your browser settings. You can, for example, completely deactivate the storage of cookies in your browser, restrict it to certain websites, or configure your browser to automatically notify you when a cookie is to be set and request your feedback. You can delete cookies in the security settings of your browser at any time. Please note, however, that this may affect the quality of the display of our website.
Instructions for the internet browsers Safari, Firefox, Microsoft Internet Explorer, and Google Chrome can be found at:
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Acceptance of cookies is not a prerequisite for visiting our websites. However, we would like to point out that the use of the shopping cart function and the order of products is only possible if you allow us to set cookies. General deactivation of cookies may lead to functional limitations on our website.
The cookies used for the operation of the webshop are automatically deleted from your device (hence, session cookies) at the end of the browser session (end of the session). Session cookies are needed, for example, to offer you the shopping cart function across multiple pages. The legal basis for the use of these cookies, which are essential for the operation of the webshop, is Art. 6(1)(b) GDPR.
d) Online Marketing
On the Emil Élise websites, data is collected based on cookie technology for the optimization of our advertising and the entire online offering. Pseudonymous user profiles are created using identification numbers stored in cookies, which can be recognized with the help of these cookies. Your IP address is only stored in a shortened form, making it impossible for us to draw conclusions about your person. This data is not used to personally identify you but is solely used for a pseudonymous evaluation of website usage. This includes the pages accessed. With this technology, we can present you with advertising and/or special offers and services. Our goal is to make our online offering as attractive as possible for you and to present advertising that corresponds to your areas of interest. The purpose of processing through web analytics is to optimize and operate our online offering economically. Additionally, the purposes include remarketing, measuring the effectiveness of advertising measures, creating access statistics, evaluating actions of website visitors, and recognizing visitors.
For the revocation of your consent, we have provided corresponding options below for each provider. For further information, visit https://www.youronlinechoices.eu/.
aa) Google Conversion Tracking (Visit Action Evaluation) Google AdWords
We utilize Google Conversion Tracking (Visit Action Evaluation) through Google AdWords, provided by Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001 (Google AdWords). When you access our website through a Google advertisement, Google AdWords places a cookie on your computer. These cookies expire after 30 days and are not used for personal identification. If you visit a specific page of the AdWords customer's website, and the cookie has not expired, Google and we can recognize that you clicked on the ad and were redirected to that page. Each AdWords customer, including Emil Élise, receives a unique cookie, making it impossible to trace cookies across AdWords customers' websites. The information obtained through the conversion cookie is used to create conversion statistics for us. We learn the total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. We do not receive information that allows the identification of users personally.
For further details on Google's data usage, settings, and opt-out options, you can visit Google's websites: https://policies.google.com/technologies/partner-sites?hl=de ("Data usage by Google when you use websites or apps of our partners"), http://www.google.com/policies/technologies/ads ("Data usage for advertising purposes"), http://www.google.de/settings/ads ("Manage information used by Google to show you ads").
bb) Google Analytics
cc) DoubleClick by Google
Furthermore, we use the analysis software "Hotjar" from Hotjar Ltd., Level 2, St. Julian´s Business Centre, 3 Elia Zammit Street, St Julian´s STJ 1000, Malta, on our website.
Hotjar allows measuring and evaluating your usage behavior on the website (clicks, mouse movements, scroll heights, etc.). The data collected in this way is transferred to a Hotjar server in Ireland and stored there. The following data is collected:
• IP address – Your IP address is anonymized before storage, with the last octet set to zero, ensuring non-identifiability. The first three octets of the IP address only allow conclusions about the geographical region of the user;
• Your email address including your first and last name, as far as you have provided it to us via our website;
• Screen size of your device;
• Device type and browser information;
• Geographic location (only the country);
• The preferred language for displaying our website.
Server log files
The following data is automatically created by our servers when Hotjar is used:
• Referring domain;
• Visited pages;
• Geographic location (only the country);
• The preferred language for displaying our website;
• Date and time when the website was accessed.
Hotjar uses the information mentioned to evaluate your use of our website, to create reports about the usage, and to provide other internet-related services.
The cookies set by Hotjar are stored for different lengths, up to 365 days in the longest case. Further information can be found at https://www.hotjar.com/cookies
You can prevent data from being collected by Hotjar by clicking on the following link and following the instructions there: https://www.hotjar.com/opt-out
ee) Facebook Pixel
We use the visitor action pixel of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (Facebook Pixel), for the evaluation and support of online marketing measures. With its help, we can track the actions of users after they have seen or clicked on a Facebook advertisement. For this purpose, cookies may be stored on your computer. This allows us to understand the significance of Facebook advertisements for statistical and market research purposes. The data collected in this way is anonymous for us, and personal data of individual users is not visible to us. However, this data is stored and processed by Facebook. Facebook can connect this data with your Facebook account and use it for its own advertising purposes, in accordance with Facebook's data usage policy: (https://www.facebook.com/about/privacy/update?ref=old_policy). The Facebook Pixel can be deactivated via the following link by changing the "Facebook ad settings": http://facebook.com/ads/settings.
As of: April 2023
To manage the deployed cookies and similar technologies (tracking pixels, web beacons, etc.) and related consents, we use the consent tool "Real Cookie Banner." Details about the functionality of "Real Cookie Banner" can be found at https://devowl.io/de/rcb/datenverarbeitung/.
The legal basis for processing personal data in this context is Art. 6(1)(c) GDPR (General Data Protection Regulation) and Art. 6(1)(f) GDPR. Our legitimate interest is the management of deployed cookies and similar technologies and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obligated to provide personal data. If you do not provide the personal data, we cannot manage your consents.