Privacy policy


Privacy policy
The protection of your privacy when you use our website is important to us.
We treat the data that is provided as part of our online offering as confidential.
Using this privacy policy, we wish to inform you about the nature, scope and purpose for us collecting, processing and using personal data.
Please be aware that when you correspond with us via email, email does not represent a secure method of communication and email contents are not protected against unauthorised third-party access. We recommend that you post confidential messages.

Contact details for the controller within the meaning of the General Data Protection Regulation
TGU GmbH & Co. KG
Joseph-Monier-Str. 2
D-48268 Greven
Germany
Telefon +49 2575-95587-0
E-Mail: info@tgu-shop.com


Contact details for the privacy officer
Frau Saskia Reimann
TGU GmbH & Co. KG
Joseph-Monier-Str. 2
48268 Greven
Germany
Telefon: +49 2575-95587-0
E-Mail: dsgvo@tgu-shop.com


Types of data that is processed
Within this online offering, TGU GmbH & Co. KG, subsequently called TGU, processes user data (e.g. names and addresses), contact data (e.g. email addresses), usage data (e.g. websites visited, times of access), metadata (e.g. IP addresses) and employee information (e.g. photographs, names and positions).

Purpose of processing
Within this online offering, TGU processes personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) for the purpose of providing the online offering and associated content and functionality, for the purposes of advertising, marketing and market research; for communication with users, for replying to contact enquiries and as part of security measures (IT security).
TGU only processes personal data when legal permission has been provided and only in accordance with relevant data-protection regulations. Accordingly, personal data is only processed when it is necessary or required by law, and in particular:
• to perform contractual services (fulfilling orders)
• to perform online services
• when users have given their consent
• when TGU has a legitimate interest
Based on GDPR Article 13, the personal data processed by TGU is governed by the following legal grounds:
• GDPR Article 6(1)(a) for consent
• GDPR Article 6(1)(b) for processing to fulfil the services performed by us and for the performance of contractual activities
• GDPR Article 6(1)(c) for processing to discharge legal obligations
• GDPR Article 6(1)(f) for processing for the purposes of our legitimate interests

Subject of data protection
The subject of data protection is personal data as defined in Article 4 of the General Data Protection Regulation (GDPR), therefore any information relating to an identified or identifiable natural person (a ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier through which the data required for the business transaction can be identified. This includes, for example, your name, address, telephone number, email address and other data required for the business transaction. Data that cannot be linked to you personally is not included among this.

Security measures
TGU ensures the security of the processing in line with GDPR Article 32 by using technical, organisational and contractual measures and incorporating the latest technology and the nature, scope, circumstances and purpose of the processing, while balancing with implementation costs, in order to protect users’ personal data against unintended or unlawful manipulation, destruction, erasure, loss and unauthorised access and disclosure.
The security measures include ensuring the confidentiality, integrity and availability of data through physical and logical controls on access and further controls on the input, disclosure, backup, availability and separation of personal data. These also include the encrypted transfer of data between your browser and our server.
TGU has furthermore established procedures that ensure a response to threats to data, the erasure of data and the exercise of data-subject rights.

Collection and storage of personal data
Your personal data is only collected if you share it with us for specific purposes – e.g. to reply to enquiries – after we ask for it. Personal data that you voluntarily transfer to us when using electronic forms, e.g. contact forms, or when sending emails is only collected, processed and used for the purpose for which you transfer the data to us, such as registration for personalised services, replies to enquiries, technical administration or performance of contracts. Your personal data is always treated confidentially and only stored for as long as it takes to fulfil the purpose for which it is provided or as long as it takes for the statutory or legal retention obligation to expire. The personal data is used to render services. You will also receive product information if you have given your explicit consent.

Rights of access, consent withdrawal and erasure pursuant to GDPR Chapter 3
As a data subject, GDPR Article 15 gives you the right to request information free of charge and at any time about your personal data that we store, its origins, its recipients and the purpose for which it is processed.
In addition, you have the right to rectification (pursuant to GDPR Article 16), restriction of processing (pursuant to GDPR Article 18) and erasure (pursuant to GDPR Article 17) of this personal data and, if applicable, to data portability (pursuant to GDPR Article 20). Furthermore, you have the right to lodge a complaint (pursuant to GDPR Article 77) with the competent supervisory authority if you believe that data is being processed unlawfully. Please email to dsgvo@tgu-shop.com any such enquiries or requests for rectification, restriction of processing, erasure or portability of the personal data of yours that we store. Alternatively, please enter one of the following in the subject line: ‘Data erasure’, ‘Restriction of data processing’, ‘Data rectification’ or ‘data portability’. We will arrange for your data to be erased or have its processing restricted, carry out the necessary corrections or make your data portable within the framework provided by law.
You also have the right to withdraw any consent that you have given pursuant to GDPR Article 7(3), normally with effect for the future. To do this, please email to dsgvo@tgu-shop.com any such enquiries or requests to withdraw consent. Alternatively, please enter the following in the subject line: ‘Withdrawal of consent’.
Furthermore, you can at any time object to future processing of your personal data pursuant to GDPR Article 21. To do this, it is sufficient when you send a corresponding email to dsgvo@tgu-shop.com.
The personal data that we store is erased if there are no statutory retention obligations opposing such erasure or if the personal data is no longer required for the purpose set out in accordance with GDPR Article 17. If there exists a legally permitted ground to continue storing the personal data, TGU restricts its processing in accordance with GDPR Article 18 by blocking the data and ceasing to process it for other purposes. This applies in particular to data that must be retained for reasons relating to tax and trade laws.
The period for which the personal data is retained is determined based on the relevant statutory provisions. For documents listed in German Commercial Code (Handelsgesetzbuch, HGB) Section 257(1) (including trading books, annual accounts and trade correspondence), data must be retained for six years; for documents listed in German Tax Code (Abgabenordnung, AO) Section 147(1) (including records, books and trade and business correspondence), data must be retained for ten years.
If you have questions about the collection, processing and use of your personal data or general questions about data protection, or if you have a complaint, please contact our privacy officer who is available for such questions as well as complaints at dsgvo@tgu-shop.com.

Transfers to third countries
Data is transferred to third countries only as part of the administration of IT systems and only if:
a) The transfer is generally permissible, and
b) The special requirements for transferring to a third country have been met.
In particular, the data importer must ensure an appropriate level of data protection based on standard EU contractual clauses for the transfer of personal data to processors in third countries. The legal foundations for this are the provisions of the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG), General Data Protection Regulation (GDPR) and German Telemedia Act (Telemediengesetz, TMG).

SSL encryption
This website uses SSL encryption for security reasons and to protect the transmission of confidential information, such as the search queries you send to us, the site operator. You can tell that a connection is encrypted by looking at the address line of your browser to see if the ‘http://’ has changed to ‘https://’ and if the line contains a padlock icon. If SSL encryption is activated, the data you send us cannot be viewed by third parties.

Google Analytics
We use the ‘activation of IP anonymisation’ function on this website. This means that, prior to sending it, Google truncates your IP address within the member states of the European Union or other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the United States and truncated there. Google uses this information on behalf of the website operator to evaluate your use of the website, compile website-activity reports and perform for the website operator further services associated with the use of both the website in particular and the Internet in general. The IP address transmitted from your browser through Google Analytics is not merged with other Google data. You can prevent cookies from being stored by activating the corresponding settings in your browser software, though be aware that you may not be able to use the complete functionality of this website in that case. Furthermore, you can prevent Google from storing and processing the cookie-generated data relating to your usage of the TGU website (including your IP address) by downloading and installing the browser plug-in available over the following link (http://tools.google.com/dlpage/gaoptout?hl=en). Alternatively, you can stop Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will then be set, preventing your data from being recorded when you visit this website in the future: click here for a Google Analytics opt-out. Further information about Google Analytics and data protection can be found at http://www.google.com/analytics/learn/privacy.html?hl=en.
We have signed a data-processing agreement with Google in order to comply fully with statutory data-protection specifications.

Google Tag Manager
This website uses Google Tag Manager, a cookie-less domain that does not collect any personal data. Using this tool, ‘website tags’ (i.e. keywords that are integrated into HTML elements) are implemented and managed via an interface. By using Google Tag Manager, we can automatically see which buttons, links or personalised images you actively click on and, by extension, determine which content on our website is particularly appealing to you.
The tool also causes other tags to be triggered, which may then collect data in certain situations. Google Tag Manager does not access such data. If you have put a deactivation into effect at domain or cookie level, it will remain valid for all tracking tags implemented by Google Tag Manager.
Google Tag Manager is used in the interest of simple, convenient use of our website. This represents a legitimate interest as provided in GDPR Article 6(1)(f).

Google AdWords and Google Conversion Tracking
Our website uses Google AdWords. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.
AdWords is an online advertising service. We work with conversion tracking as part of this online advertising service. A cookie for conversion tracking is set after a click on an advertisement displayed by Google. Cookies are small text files which your Web browser stores on your device. Google AdWords cookies cease to be effective after thirty days and are not used to personally identify users. Using the cookie, Google and we can identify that you have clicked on an advertisement and been redirected to our website.
Every Google AdWords client receives a different cookie. The cookies cannot be tracked through the websites of AdWords clients. Conversion cookies are used to create conversion statistics for AdWords clients that use conversion tracking. AdWords clients learn how many users have clicked on their advertisement and been redirected to pages with a conversion-tracking tag. However, AdWords clients do not receive any information that enables users to be identified personally. If you do not wish to participate in tracking, you can object to its usage. To do this, the conversion cookie in your browser’s user settings must be deactivated. This also means that you will not be included in the conversion-tracking statistics.
Conversion cookies are usually stored on the grounds provided in GDPR Article 6(1)(f). We, the website operator, have a legitimate interest in the analysis of user behaviour in order to optimise our Web service and advertising.
Specific details about Google AdWords and Google Conversion Tracking can be found in Google’s privacy policy: https://www.google.de/policies/privacy/.
You can monitor, restrict or prohibit the storage of cookies with a modern Web browser. Deactivating cookies may result in the functionality of our website being limited.

Social plug-ins
We do not integrate any social plug-ins directly into our website for privacy reasons. That is why when you visit our website, there is no data transferred to social-media services such as Facebook, Instagram, Twitter, XING or Google+. This means third parties cannot construct profiles about users.
Nevertheless, you have the option of sharing our blog posts on Facebook, Instagram,  Twitter, XING and Google+ with a single click and can also see how frequently these posts have been shared in the past from the moment you view them. We use the so-called Shariff solution developed by c’t Magazine for this so that we can offer an alternative to classic social plug-ins with more advanced data protection.
What does it involve? The first step of the Shariff solution involves our Web server providing all data and functions required to display the Facebook, Instagram, Twitter, XING and Google+ buttons. Only when you decide to share a post and click on the relevant button is data transferred to the operator of the respective social-media service. In this case, the data is processed on the grounds provided in GDPR Article 6(1)(f) and in the interest of preserving your freedom of expression and making our posts easier to share and communicate.

Facebook plug-ins
We use social plug-ins from the facebook.com network, for example the ‘Like’ button. These plug-ins are offered and operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States and clearly branded with the Facebook logo. If you visit a page of ours that contains such a plug-in, your browser establishes a direct connection with the Facebook servers. The contents of the plug-in are transferred from Facebook directly to your browser and displayed accordingly in the environment provided by us without us having any influence over the plug-in’s content. Two-click solution for embedded content: By default, TGU embeds deactivated buttons that do not establish any contact with the servers belonging to the likes of Facebook. Only when a user activates them and thereby gives his or her consent to communicating with Facebook, Pinterest, Twitter or Google+ do the buttons become active and establish a connection. Users can then share their recommendation with a second click. If they are already logged into the social network of their choice, the content is shared over Facebook or Google+ without another window opening. Facebook can in some cases see your visit of the corresponding pages of ours and match that visit with a Facebook account if you are registered with Facebook or have recently visited a Facebook website or website with Facebook content. If you actively use plug-ins (e.g. by pressing the Like button), corresponding information will also be transferred from your browser directly to Facebook without us having any influence over that. More precise information about the nature, purpose and scope and further processing and usage of your data by Facebook can be found in Facebook’s data policy. The policy also informs you about your rights relating to this and options for changing settings to protect your privacy. If you do not wish for Facebook to be able to match your visit of our website with your Facebook account, please log out of your Facebook account.

Instagram
Functions for the Instagram service are integrated on our website. These functions are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, United States. If you are logged into your Instagram account, you can link the content on our website with your Instagram profile by clicking on the Instagram button. Instagram will be able to match your visit of our website with your account as a result. We would like to point out that we, the operator of this website, are not aware of the content of the data transferred or the purposes for which it is used by Instagram.
Further information on this is available in Instagram’s privacy policy: http://instagram.com/about/legal/privacy/.

YouTube
Our website uses plug-ins from YouTube, a website operated by Google. The operator of the website is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, United States. When you visit one of our pages where a YouTube plug-in has been added, a connection to YouTube’s servers is established. The pages of ours that you have visited are communicated to the YouTube server as part of this.
Being logged into your YouTube account enables YouTube to match your surfing patterns directly with your personal profile. You can prevent this from happening by logging out of your YouTube account. You can find more information about how users’ data is handled in YouTube’s privacy policy at: https://www.google.de/intl/en/policies/privacy.

Doofinder
We use the search functionality of doofinder (DooFinder S.L., Madrid (C.P. 28006), CL. General Pardiñas, 70, piso 1º, puerta B, Spain ("doofinder") to make visiting our website attractive and to present you better search results faster. The DooFinder software technology allows us to display targeted individual product recommendations across the entire order procedure (home page, product detail page, shopping cart page or categories page). Thus, the advertisement shown to you will most likely correspond to your product and information interests. For this purpose, the browser you are using must connect to the servers of doofinder. By doing so, doofinder becomes aware that our website has been accessed via your IP address. Further information on the doofinder search can be found at https://www.doofinder.com/de/ and in doofinder's privacy policy: https://www.doofinder.com/de/privacy-policy.  If the information collected is personal, it is processed in accordance with Art. 6 (1) point f GDPR on the basis of our legitimate interest in the insertion of personalized advertising and market research.

To the extent required by law, we have obtained your consent to the processing of your data as described in accordance with Art. 6 (1) point a GDPR. You can withdraw your consent at any time with effect for the future. In order to exercise your right of withdrawal, please follow the procedure described above.
Live Chat

The live chat is provided by Crisp IM SARL (2 Boulevard de Launay, 44100 Nantes, France), hereinafter referred to as "Crisp", (https://crisp.chat). The terms of use can be found at https://crisp.chat/de/terms/ and the privacy policy at https://crisp.chat/de/privacy/. When you contact us via our chat, necessary data such as your email address, telephone number, the content of your messages, your last activity and its time are collected via our website in order to be able to answer your request. By contacting us via chat, you consent to the processing of your personal data by Crisp. Crisp may link your data with other publicly available data, e.g. from social networks such as first and last name, avatar and company. The legal basis for the processing of your data is Art. 6 para. 1 lit. a DSGVO if you have given your consent.

Translated with www.DeepL.com/Translator (free version)

Google - Elfsight Google Reviews Widget

Functions of the Google Reviews service are integrated on our pages. These functions are offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This in turn uses Elfsight, LLC, Address: 300002, Russia, Tula, Lunacharskogo, 1, 304b Phone: +7 905 624-37-34 as the provider of the services. The Elfsight Google Reviews Widget plugin loads the images directly from Google (*.googleusercontent.com). If you are logged in with your Google account, information may be transmitted to the provider Elfsight. If you make a request as a visitor to our website, the Google data is loaded from the cache onto our server and the images come from Google. In the process, Google may be able to read out or store the user's IP.

You can find more information on this in Google's privacy policy: https://www.google.de/policies/privacy/.

You can find further information on Elfsight's data protection at: https://elfsight.com/privacy-policy/.

Newsletter data
To send our newsletter, we require an email address from you which you provide when you sign up to receive our newsletter. We are required to verify the email address you provide and to obtain consent to send out the newsletter. After signing up, you will receive an email for this purpose asking you to confirm via an activation link (double opt-in). Additional data is either not collected or is voluntary. The data is used exclusively to send the newsletter.
The data entered on the newsletter’s sign-up form is processed solely on the basis of your consent (GDPR Article 6(1)(a)). You can at any time withdraw consent that you have given. To withdraw consent, it is sufficient to send a simple message by email or to unsubscribe using the ‘Unsubscribe’ link. The lawfulness of previous data-processing operations will not be affected by this withdrawal of consent.
Data provided to set up the subscription is erased if the subscription is cancelled. Should this data have been transferred to us for other purposes at another juncture, it will remain with us.

Cookies notice
This website uses cookies. We use cookies to improve the usability and performance of our website and to analyse access to our website. Please give us your consent so that you can use this website better. Cookies are small text files used by websites to make the user experience more efficient.
The law allows us to store cookies on your device if they are absolutely necessary for the operation of this website. We require your permission for all other types of cookies.
This website uses different types of cookies. Some cookies are set by third parties that appear on our website.
You may change or withdraw to opt in or out any time
Change Cookie-Settings
Your consent pertains to the following domains: https://www.tgu-shop.com

Security
TGU implements technical and organisational security measures in order to protect the data that you provide to TGU against accidental or intentional manipulation, loss and destruction, and against access by unauthorised persons. Our security measures are enhanced on an ongoing basis to reflect technological developments.

Updates of this privacy policy
TGU reserves the right to update this privacy policy as needed to adapt to technological developments or in connection with offers of new services or products.

2020 © TGU GmbH & Co. KG - Greven – Germany