Data protection declaration
Controller responsible for data processing:
Alexander Andreadis
Wienerstraße 206
8051 Graz, Austria
+43.664.1690000
alexander@andreadis.wine
Thank you for your interest in our online shop. We believe that protecting your privacy is important. Below we inform you about how we handle your data.
You can visit our website without providing any personal information. Each time you call up a web page, the web server only saves a server log file which contains, for example, the name of the requested file, your IP address, the date and time of access, the volume of data transferred and the requesting provider (access data) to record the access. This access data is processed only for the purpose of ensuring trouble-free operation of the site and improving our services. In accordance with point (f), Art. 6(1) GDPR, this serves to protect our legitimate interests in a correct presentation of our offer. All access data is deleted no more than seven days after the end of your visit to the site.
1.1 Hosting services provided by a third party provider
As part of processing on our behalf, a third party provider provides hosting and website display services on our behalf. This serves to protect our legitimate interests in a correct presentation of our offer. All data collected during the use of this website or in forms provided for this purpose in the online shop as described below are processed on its servers. Processing on other servers takes place only to the extent laid out here.
This service provider is located within a country of the European Union or the European Economic Area.
We collect personal data when you voluntarily provide it to us in the context of your order or when contacting us (e.g. via contact form or e-mail). Mandatory fields are marked as such, since we need this information to complete the contract or to deal with your enquiry and cannot dispatch your order and/or establish contact with you without this information. You can see the data that we collect from the respective input forms. We use the data provided by you in accordance with point (b), Art. 6(1) GDPR for contract processing and dealing with your enquiries. If you have given your consent in accordance with point (a), Art. 6(1) GDPR by deciding to create a customer account, we will use your data for the purpose of creating a customer account. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after the retention periods specified by tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data for other purposes to the extent permitted by law and about which we inform you in this declaration. You can delete your customer account at any time, either by writing a message to the contact option given below or via a function provided for this purpose in the customer account.
To fulfil the contract in accordance with point (b), Art. 6(1) GDPR, we pass on your data to the shipping company instructed with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the order process, we transfer the payment data collected for this purpose to the credit institution instructed with the payment and, if applicable, to payment service providers instructed by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. In this case, the data protection declaration of the respective payment service provider shall apply. We use payment service providers that are based in a country outside the European Union. The transmission of personal data to this company takes place only to the extent necessary to fulfil the contract.
3.1 Data transfer to shipping providers
If you have given us your express consent with or subsequent to your order, we will pass on your e-mail address to the selected shipping provider on the basis of this consent in accordance with point (a), Art. 6(1) GDPR, so that the shipping provider can contact you before delivery to notify you of or coordinate the delivery with you.
You can revoke your consent at any time by sending a message to the contact option given below or directly to the shipping provider at the contact address given below. After your revocation, we will delete your data provided for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data for other purposes that are permitted by law and about which we inform you in this declaration.
Österreichische Post Aktiengesellschaft
Rochusplatz 1
1030 Vienna
Austria
If you subscribe to our newsletter, we use the data required for this purpose or separately provided by you to send you our e-mail newsletter on a regular basis on the basis of your consent according to point (a), Art. 6(1) GDPR. You can unsubscribe from our newsletter at any time, either by writing a message to the contact option given below or via a links provided for this purpose in the newsletter. After your cancellation, we will delete your e-mail address provided for this purpose, unless you have expressly consented to further use of your data or we reserve the right to e-mail for other purposes that are permitted by law and about which we inform you in this declaration. The newsletter is sent by a service provider on our behalf, to whom we pass on your e-mail address for this purpose.
This service provider is located in the USA and is certified under the EU-U.S. Privacy Shield Framework. You can view a current certificate here. Based on this agreement between the United States and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.
To display our Trusted Shops Trustbadge and the collected ratings as well as to offer Trusted Shops products to buyers after an order, the Trusted Shops Trustbadge is integrated on this website. This serves to protect our legitimate interests in the marketing of our website according to point (f), Art. 6(1) GDPR. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.
Each time you call up the Trustbadge, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of access, the volume of data transferred and the requesting provider (access data) to record the access. This access data is not evaluated and is automatically overwritten no later than seven days after the end of your visit to the site.
Further personal data will only be transferred to Trusted Shops if you have consented to this, have decided to use Trusted Shops products after completing an order or have already registered to use Trusted Shops. In this case, the contractual agreement between you and Trusted Shops applies.
To make the visit to our website more attractive and to enable the use of certain functions, to display suitable products or for market research, we use cookies on various pages. This serves to protect our legitimate interests in the representation of our offer according to point (f), Art. 6(1) GDPR. Cookies are small text files that are automatically stored on your terminal device. Some of the cookies we use are deleted at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us to recognise your browser on your next visit (persistent cookies). The duration of storage can be found in the overview in the cookie settings of your web browser. You can set your browser to notify you of set cookies and let you decide whether to allow or block each one in specific cases or in general. Each browser has its own way of managing cookie settings. To find out how to change cookie settings in your browser, see your browser’s help menu. You can find these under the following links:
Internet Explorer™: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Safari™: https://support.apple.com/kb/ph21411?locale=de_DE
Chrome™: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Firefox™: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Opera™ : https://help.opera.com/de/latest/web-preferences/#cookies
If cookies are deactivated, the functionality of our website may be limited.
6.1 What types of cookies do we use?
6.1.1 Required cookies
These cookies are necessary to enable the operation of our website. They include, for example, cookies that allow you to log into the customer area or to place something in your shopping cart.
6.1.2 Analysis / performance cookies
These cookies allow us to collect anonymised data about the usage behaviour of our visitors. We then analyse these, for example to improve the functionality of the website and to show you interesting offers.
6.1.3 Functional cookies
These cookies are used for certain functions of our website, e.g. to suggest a better navigation flow on our website or to show you personalised and relevant information (e.g. “interest-based advertisements”).
6.1.4 Targeting cookies
These cookies record your visit to our website, the pages you have visited and the links you have clicked on. We use this information to tailor our website and the advertising you see to your interests.
6.1.5 Third-party cookies
These cookies from some of our advertising partners help to make the internet offer and our website more interesting for you. For this purpose, cookies from partner companies are also saved to your hard drive when you visit our website. These are temporary cookies that automatically delete themselves after a specified time. Cookies from partner companies are usually deleted after a few days or up to 24 months, in individual cases also after several years. The cookies of our partner companies do not contain personal data. Data is only collected under a user ID pseudonym. This pseudonymous data is never merged with your personal data.
The table below lists the cookies we use:
Cookie | Purpose | Origin |
_fbp | Collects anonymised data about visitor behaviour. | |
tk_lr tk_or tk_ai tk_r3d tk_* |
Collects information for our own first-party analytics tool about the use of our services. A collection of internal user activity metrics used to improve your user experience. | Jetpack for WordPress |
__zlcmid | This live chat widget sets cookies to store the Zen Live Chat ID, which is used to identify a device during visits. | ZenDesk |
__stripe_mid __stripe_sid |
Provides a unique session ID for authentication. | Stripe |
woocommerce_cart_hash woocommerce_items_in_cart wp_woocommerce_session_* |
Saves the contents of the products added to the shopping cart. | WooCommerce |
wordpress_test_cookie wordpress_logged_in… wp-settings-3 wp-settings-time-3 |
Used on websites created with WordPress. Checks whether your browser has cookies enabled. It is also used to check whether a user is logged in. | WordPress |
cookieconsent_status | Saves the user’s choices in the cookie hint. | Analytics Germanized Plugin |
_icl_current_language | Saves the current language selection. | WPML Plugin |
_ga _gat _gid |
Analyses visitor behaviour on the site anonymously. | Google Tag Manager |
__zlcmid | This live chat widget sets cookies to store the Zen Live Chat ID, which is used to identify a device during visits. | ZenDesk |
6.2 Use of Google (Universal) Analytics for web analysis
This website uses Google (Universal) Analytics, a web analysis service provided by Google LLC (www.google.com), for website analysis. This serves to protect our legitimate interests in the representation of our offer according to point (f), Art. 6(1) GDPR. Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be truncated before transmission within member states of the European Union or in other countries party to the contract on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The anonymized IP address transmitted by your browser in the context of Google Analytics is never merged with other Google data. After the end of the purpose and use of Google Analytics by us, the data collected in this context will be deleted.
Google LLC is located in the USA and is certified under the EU-U.S. Privacy Shield Framework. You can view a current certificate here. Based on this agreement between the United States and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.
You can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en
Alternatively to the browser plugin you can click this link to prevent Google Analytics from collecting data on this website in the future. This sets an opt-out cookie on your terminal device. If you delete your cookies, you must click the link again.
We use Google Ads to advertise this website in Google search results and on third-party websites. For this purpose, Google sets a remarketing cookie when you visit our website, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you have visited. This serves to protect our legitimate interests in the marketing of our website according to point (f), Art. 6(1) GDPR. After the end of the purpose and use of Google Ads remarketing by us, the data collected in this context will be deleted. Additional data processing will only take place if you have consented to Google linking your web and app browsing history to your Google Account and using information from your Google Account to personalize ads you see on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, Google will temporarily link your personal data with Google Analytics data to form target groups. Google Ads remarketing is an offer of Google LLC (www.google.com).
Google LLC is located in the USA and is certified under the EU-U.S. Privacy Shield Framework. You can view a current certificate here. Based on this agreement between the United States and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield. You can deactivate the remarketing cookie with this link. You can also find out more about cookies and how to manage your cookie setting from the Digital Advertising Alliance.
7.1 Zendesk live chat tool
If you use the live chat tool to contact us, the data you voluntarily enter there (name, e-mail address, message) will be processed by us in accordance with point (b), Art. 6(1) GDPR for the purpose of answering your enquiry as part of contract processing. In addition, the use of this tool serves to protect our legitimate interests in effective, improved communication with our customers according to point (f), Art. 6(1) GDPR. The data is then deleted.
As part of processing on our behalf, the third party provider Zendesk, Inc. provides us with the services required to provide the live chat tool. All data collected during the use of the chat tool is processed on its servers.
Zendesk, Inc. is located in the USA and is certified under the EU-U.S. Privacy Shield Framework. You can view a current certificate here. Based on this agreement between the United States and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.
Contents of third party providers are integrated on this website. This content is provided by Google LLC (“Provider”).
YouTube is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). For videos from YouTube that are embedded on our website, the extended data protection setting is activated. This means that no information from website visitors is collected and stored by YouTube unless they play the video. The embedding of the video serves to protect our legitimate interests in the marketing of our offer according to point (f), Art. 6(1) GDPR.
The purpose and scope of data collection, further processing and use of the data by the providers as well as your rights in this regard and setting options to protect your privacy can be found in the Google privacy policy: https://policies.google.com/privacy.
8.1 Our online presence on Facebook
Our presence on social networks and platforms serves to improve active communication with our customers and prospects. We use them to provide information about our products and current special offers.
When visiting our social media content, your data may be automatically collected and stored for market research and advertising purposes. So-called usage profiles are created from this data using pseudonyms. These may be used, for example, to serve ads that are presumed to match your interests both within and outside the platforms. Cookies are generally used on your terminal device for this purpose. These cookies store visitor behaviour and interests. In accordance with point (f), Art. 6(1) GDPR, this serves to protect our legitimate interests in an optimized presentation of our offer and effective communication with the customer and interested parties. The legal basis for any requests for consent (agreement) by the respective social media platform operators to processing your personal data is point (a), Article 6(1) GDPR.
Insofar as the aforementioned social media platforms have their headquarters in the USA, the following applies: For the USA, there is an adequacy decision of the European Commission. This is based on the EU-U.S. Privacy Shield. You can view a current certificate for the respective company here.
For detailed information on the processing and use of data by the providers on their sites as well as a contact and your rights and setting options to protect your privacy, in particular opt-outs, refer to the data protection notices of the providers, which we have linked below. If you still need help with this, please contact us.
Facebook: https://www.facebook.com/about/privacy/
The data processing is carried out on the basis of an agreement between jointly responsible parties in accordance with Art. 26 GDPR, which you can view here https://www.facebook.com/legal/terms/page_controller_addendum
Opt-outs: Facebook: https://www.facebook.com/settings?tab=ads
If you have given us your express consent to this during or after your order in accordance with point (a), Art. 6(1) GDPR, we will transmit your e-mail address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany (www.trustedshops.de) so that they can e-mail you a reminder to rate us. You can revoke your consent at any time by sending a message to the below contact address or directly with Trusted Shops.
As a data subject, you have the following rights:
If you have any questions regarding the collection, processing or use of your personal data, for information, correction, restriction or deletion of data as well as revocation of consent given or objection to a certain use of data, please contact us directly using the contact details under “Legal information”.
********************************************************************
Right to object
Insofar as we process personal data as described above to protect our legitimate interests, you can object to this processing with effect for the future. If processing is carried out for direct marketing purposes, you may exercise this right at any time as described above. Insofar as processing is carried out for other purposes, you only have the right to object on grounds relating to your particular situation. After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing is for the establishment, exercise or defence of legal claims.
This does not apply if processing is carried out for direct marketing purposes. We will then no longer process your personal data for this purpose.
********************************************************************