Data Protection Declaration KELLER Group GmbH
Data Protection Declaration
In the following, we will inform you about the gathering of personal data while using this website. Personal data are all data that can be connected to you personally, such as name, address, e-mail addresses, user behavior.
1. Liable Entity for Data Processing and Point of Contact
(1) Liable pursuant to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is KELLER Group GmbH, Balanstraße 73 in 81541 Munich, represented by managing directors Moritz Keller, Jakob Keller and Marcus Trute, cf. our imprint.
(2) If you have questions regarding data protection, reach out to our data protection officer:
- via data protection enquiry form: https://www.keller-sports.co.uk/datasecurity/
- via e-mail: [email protected]
- via mail: KELLER Group GmbH - Datenschutzbeauftragter / Balanstraße 73 / 81541 Munich
2. Your Rights When Using the Website
You are granted
- pursuant to Art. 15 GDPR the right to receive information on your data saved by us, gathered as you visit the website and use the online shop. pursuant to Art. 16 GDPR the right to demand correction of incorrect or completion of your personal data saved by us;
- pursuant to Art. 17 GDPR the right to demand deletion of your personal data saved by us, insofar as their processing is not needed to fulfill a legal obligation or to assert, practice, or defend legal claims;
- pursuant to Art. 7 para. 3 GDPR the right to at any moment withdraw your previously given consent for data processing from us. This will have as a consequence that henceforth we are no longer allowed to continue processing data based on that consent. The legality of any consent-based processing that took place before the withdrawal of the affected person remains unaffected.
- pursuant to Art. 20 GDPR the right to receive your personal data provided to us in a structured, common, and machine-readable format or to request having it sent to a third person in charge;
- pursuant to Art. 77 GDPR the right to complain to the responsible data protection supervisory authority if you are of the opinion that by processing the personal data gathered over the course of you visiting our website we violated your right of informal self-determination. KELLER Group GmbH is under the authority of the bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Office for Data Protection Supervision).
- in case your personal data gets processed based on legitimate interests pursuant to Art. 6 para. 1 s. 1 lit. f GDPR, the right to pursuant to Art. 21 GDPR appeal the processing of your personal data, insofar as that is justified by the existence of reasons resulting from your special situation or if the appeal is directed against direct advertising. In the latter case, you have a general right of appeal that we will put into effect without special circumstances claimed.
3. Data Security
We put up-to-date technical measures in place in order to ensure data security, especially in order to protect your personal data from risks during data transfer as well as from third parties accessing them. These receive updates to meet the respective current state of the art.
4. Processing of Personal Data
(1) Gathering of Personal Data When Visiting Our Website
1. When using the website for solely informational purposes, meaning if you do not register or share information with us in another way, we only gather personal data transmitted by your browser to our server. If you wish to see our website, we gather the following data necessary for technical reasons in order to display the website and ensure its stability and security (legal basis is Art. 6 para. 1 s. 1 lit. f GDPR)
- IP address
- date and time of request
- time zone difference to Greenwich Mean Time (GMT)
- content of the request (concrete page)
- access status/HTTP status code
- respective transmitted data volume
- website the request originates from
- browser operating system and its interface
- language and version of browser software
2. In addition to the previously stated data, cookies will be saved on your computer as you use our website. Cookies are tiny text files that are saved on your hard drive and assigned to your browser. They transmit certain information to the site that placed the cookie (in this case that will be us). Cookies cannot run any programs nor bring viruses to your computer. They serve the purpose of making internet services in general more user-friendly and effective.
You are free to configure your browser settings according to your wishes. However, please note that you might then find yourself unable to use all of this website’s features.
(2) Further Features and Services of Our Website
Apart from a solely informational usage of our website, we offer various services for you to use if interested. For those, you will usually have to share further personal data we will then use to provide the respective service.
1. Usage of Our Online Shop
If you want to make orders in our online shop, it is required for concluding the contract that you disclose some of your personal data we need for handling your order. Indications required for processing the contract are highlighted, all other indications are voluntary. The data provided by you is processed by us to complete your order. In this context, your address data will be handed over to a commissioned shipping company and, if necessary, your payment data to our principal bank. Legal basis for this is Art. 6 para 1. s. 1 lit. b GDPR.
You may voluntarily create a customer account, allowing us to save your data for later purchases. When creating an account, your data is saved revocably. You may delete all additional data, including your user account, at any time in the customer section.
Furthermore, we may process the data you provided to inform you about other interesting products from our portfolio. For this purpose we use existing information about, for example, products you took a look at. In case you wish to not receive personalized advertisements, you may object at any time by writing a message to the contact details listed under No. 1.
Due to commercial and tax law requirements, we are obliged to save your address data, payment details, and order details for ten years. They will be deleted once the retention obligations run out.
2. Contacting Us Via E-mail
For questions of any kind, we offer the possibility of contacting us using the e-mail address of the customer service provided on the website. Your data will be processed to answer to your request. Data processing for the purpose of contacting us happens according to Art. 6 para. s. 1 lit. a GDPR based on your voluntary permission.
Your personal data will be deleted automatically after your request was taken care of.
3. Receiving the Newsletter
With your consent, you can subscribe to our newsletter, informing you about our current interesting offers. The legal basis is Art. 6 para. 1 s. 1 lit. a GDPR.
For subscriptions to our newsletter, we use the so-called double-opt-in method. That means that after you subscribed, we send you an e-mail to the e-mail address you provided, asking you to confirm your willingness to subscribe to the newsletter. If you do not confirm it, your registration will be deleted automatically. In case you confirm your willingness to receive the newsletter, we will save your e-mail address until you cancel your subscription. Furthermore, we save the respective IP addresses you use and the times of subscribing and confirming. The purpose of this method is to be able to verify your subscription and, if necessary, clarify a potential misuse of your personal data.
Mandatory detail for receiving the newsletter is just the e-mail address. Stating additional details is voluntary. Provided forenames and surnames are used for personalizing the newsletter. If the person interested in the newsletter provides their date of birth, they will receive a little something on that day. Voluntarily shared data, too, will be deleted completely upon revocation.
Your consent to receive the newsletter can be revoked at any time, resulting in unsubscribing from the newsletter. The revocation can be done by clicking the link provided in every newsletter e-mail, via an e-mail to [email protected] or by sending a message to the contact details provided under No. 1. Data provided by you will not be passed on to third parties.
4. Use of email software ExactTarget
We use email marketing software owned by the email service provider ExactTarget, Inc. 20 North Meridian Street, Suite 200, Indianapolis, Indiana 46204 USA (“ExactTarget”). If you have consented to receive our newsletter and access our site via the newsletter, certain cookies will be installed in your browser. These help us track the effectiveness of our newsletter by showing us if you have opened the email, what parts of the newsletter you found most interesting, etc.
ExactTarget also uses web beacons within most of the emails sent. Web beacons (also referred to as “clear GIFs”, or “tracking pixels”) are small images (usually GIFs no larger than 1 pixel x 1 pixel) that are inserted into websites and HTML emails (among others). Web beacons give website operators a better understanding of a user’s interaction with said website. Web beacons fulfil a similar purpose to cookies, but the former remain hidden from the user. Web beacons provide us with specific information, such as whether an email has been opened or not, and whether the user’s system is able to receive HTML emails. Web beacons do not collect any personal information.
If you do not wish to receive emails containing web beacons, you can choose to receive your emails in text format (not in HTML format). Web beacons are used in conjunction with cookies. You can, therefore, block any web beacons by preventing the installation of cookies. This can be done by changing your browser settings. We would like to warn you, however, that this action will result in you being unable to enjoy all of the functions of our website.
The following links will provide you with information on how to manage and deactivate cookies in the most popular browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl
5. Usage of Other KELLER Services Such as Keller sMiles
Using the access data for Keller Sports, at the same time you may access other services of KELLER Group GmbH (www.keller-smiles.de incl. app) as well as, for a separate charge, become a premium member, so you will need just one single account for all our services. This applies to both registering at KELLER Group GmbH as well as signing in with a Facebook or Google+ account. Please note though, that if you want to link your Keller Sports account to your other already existing accounts for KELLER services, you have to use the same e-mail address respectively it has to be the same e-mail address as for Facebook or Google.
6. Processing of Your Data
When Registering With a Facebook Account Instead of creating an account on our website, you may also sign in with your Facebook account. By registering, you agree to us accessing the following data you provided Facebook with: your forename and surname, your e-mail address, and your gender. Besides, as part of the registration process, you may pick a profile picture and a user name. We also kindly ask you to grant us access to your friends list, so you agree to that as well. You can access this information upon registering under “Double-check the Information You Provided”.
Changing your privacy settings respectively the authorizations is possible at any time in the settings of your Facebook account. If, however, you withdraw our access to your public profile, you will no longer be able to log into KELLER services using your Facebook account.
We use the data from your public profile only to identify you as a user and offer our services to you, and to allow you to take them over into your Keller Sports account.
7. Processing of Your Data When Registering With a Google+ Account
Instead of creating an account on our website, you may also sign in with your Google+ account. By registering, you agree to us accessing the following data you provided Google+ with: your forename and surname, your e-mail address, and your gender. Besides, as part of the registration process, you may pick a profile picture and a user name. We also have to have access to your general profile information at Google+ as well as the e-mail address you provided there.
Changing your privacy settings is possible at any time in the settings of your Google account. If, however, you withdraw our access to your general profile information, you will no longer be able log into KELLER services using your Google account.
We use the data from your public profile only to identify you as a user and to be able to offer our services to you.
5. Usage of Analytic Tools
The tracking measures listed below and used by us are executed on the basis of Art. 6 para. 1 s. 1 lit. f GDPR. By using the tracking measures applied by us, we try to ensure a needs-oriented design and continuous optimization of our website. The other intent of using tracking measures is to statistically measure and assess the usage of our website and for the purpose of optimizing our offer for you.
The respective purposes of data processing and data categories can be learned from the respective tracking tools.
Payment via Klarna KELLER Group GmbH offers using the services of the online payment provider Klarna AB, Sveavägen 46, 111 34 Stockholm for paying in our online shop, allowing purchases on account or a flexible installment.
If the customer selects the payment option Klarna “Purchase on Account” or Klarna “Installment Payment” in the online shop, customer data will automatically be transmitted to Klarna to process the purchase on account or installment as well as to check the identity and creditworthiness. This takes place based on the consent given by the customer pursuant to Art. 6. para. 1 s. 1 lit a) GDPR upon selecting the payment option.
Usually personal data such as forename, surname, address, date of birth, gender, e-mail address, phone number, as well as data necessary to process the purchase on account related to the order, such as number of items, item number, invoice amount, and taxes in percent, will be transmitted to Klarna.
Transmitting these data happens to allow Klarna to check the identity and creditworthiness and to make processing the payment possible. KELLER Group GmbH will pass on personal data specifically when there is a justified interest for doing so.
Klarna transmits personal data they received for the purpose of checking the identity and creditworthiness to credit agencies.
Currently these are:
Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss
Deutsche Post Direkt GmbH, Junkersring 57, 53844 Troisdorf
infoscore Consumer Data GmbH, Rheinstraße 99, 76532 Baden-Baden
SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden
For its decisions on justifying, carrying out, or terminating contractual relationships, Klarna gathers and uses data and information on the shopper’s payment history in the past and probabilities for their behavior in the future (so-called scoring). Klarna’s computation of these scores is based on a scientifically sound mathematical statistical method.
The customer at any time has the option of revoking their consent of having their personal data processed against Klarna. However, Klarna remains entitled to process, use, and transmit those personal data strictly necessary to handle the payment contractually.
Klarna’s data protection clauses can be accessed at https://www.klarna.com/uk/privacy-policy/.
Payment via Apple Pay
KELLER Group GmbH also offers the option of payment via Apple Pay in individual webshops.
If you choose the "Apple Pay" payment method from Apple Inc., One Apple Park Way, Cupertino, California 95014 United States ("Apple"), payment is processed via the "Apple Pay" function of your end device running iOS, watchOS or macOS by charging a payment card deposited with "Apple Pay". Apple Pay uses security functions that are integrated into the hardware and software of your device to protect your transactions. In order to release a payment, you must enter a code previously defined by you and verify it using the "Face ID" or "Touch ID" function of your terminal device.
For the purposes of payment processing, the information you provide during the ordering process, together with information about your order, will be passed on to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website from which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the source website to confirm the success of the payment.
If personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b DSGVO.
Apple keeps anonymised transaction data, including the approximate amount of the purchase, the approximate date and time, and whether the transaction was completed successfully. Anonymisation completely eliminates the possibility of any personal reference. Apple uses the anonymised data to improve Apple Pay and other Apple products and services.
When you use Apple Pay on the iPhone or Apple Watch to complete a purchase made through Safari on the Mac, the Mac and the authorisation device communicate over an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can identify you personally. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to "Wallet & Apple Pay" and uncheck "Allow payments on Mac".
For more information on Apple Pay privacy, please visit the website below: https://www.apple.com/en/legal/privacy/data/en/apple-pay/ and https://support.apple.com/en-gb/HT203027 as well as under the Apple Pay & Privacy ("This is how your information is managed") passage in Apple's Wallet app. You can ask Apple questions about privacy here: https://www.apple.com/en/privacy/contact/.
Payment via TWINT
KELLER Group GmbH also offers the option of payment by TWINT in individual webshops.
If you have opted for the TWINT payment method, the payment will be processed by the payment service provider TWINT AG / Stauffacherstrasse 41 / CH-8004 Zurich - to whom we pass on the information about your order (invoice amount, currency and transaction number) that you provide during the ordering process. No personal data will be passed on. Your data will only be passed on for the purpose of payment processing with the payment service provider TWINT AG. You can find more information on the data protection of TWINT AG here.
7. Usage of Google Webfonts
In order to display our contents across all browser correctly and graphically appealingly, we use fonts of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (Google Webfonts) on this website. Google Webfonts are moved into the cache of your browser to avoid repeatedly loading them. The connection to Google is built automatically. Theoretically, in doing so it is possible – currently also unclear though whether and, if at all, for what purposes – that Google gathers personal data.
8. Usage of Google Tag Manager
Google Tag Manager is used on the website, a service of Google Inc. (“Google”). This service allows website tags to be administered via one interface.
The tool Tag Manager itself (implementing the tags) is a cookieless domain and tracks no personal data. The tool causes other tags to be triggered which then might gather data on their part. Google Tag Manager does not access these data. If a deactivation took place on the domain level or cookie level, it remains in place for all tracking tags implemented using the Google Tag Manager.
9. Obligation to Provide Data
There is no obligation by law to provide data. Some features of our website, however, cannot be used without providing personal data.
10. Alterations to the Data Protection Declaration
Due to the development of our website and offers on it or because of changes in legal or official requirements, alterations to this data protection declaration might become necessary.