HOME JEWELS PROLINE
Deutsch English Francais

LEONARDO B2B Shop Privacy Statement

We, Glaskoch B. Koch jr. GmbH + Co. KG, Industriestraße 23, 33014 Bad Driburg, as the operator of the leonardo-b2b.de website, are committed to protecting your privacy. We want to make you aware of when we collect your data, which data these are and how we use them. We take technical and organisational measures to ensure compliance with data protection regulations. In this, we are constantly focused on the latest security measures and continue to enhance them. Of course, we use technical security systems to protect personal data, order data and payment processing data against unauthorised access by third parties during collection and processing.

Collection and use of personal data
Personal data are information pertaining to your personal or material circumstances. In particular, these include your name, home address, postal address, telephone number, email address, date of birth (voluntary disclosure) and credit card and account details. Personal data also include information regarding your use of our website, such as the amount of data transferred and the location from which you access data on our website as well as other connection data and sources you access. When you visit our website, data are stored on our servers, including the IP address, date, time and pages visited. These data may make it possible to identify individual users. We do not use IP addresses to identify users. However, we may use the IP addresses collected for (anonymous) statistical analysis. We also use information regarding your IP address and login details to prevent fraud and select the right country version of our website.
In principle, our website can be used without revealing your identity. However, if you would like to order goods or set up a customer account, we do ask for your name and other information. The data you provide to us help us continuously improve and tailor your shopping experience at LEONARDO to you. We use these data to process orders, deliver goods and provide services. The data you provide allow us to carry out and process your order and update your customer account. If you subscribe to our newsletter, your email address is used to send the newsletter until you cancel your subscription to it. You may unsubscribe at any time. Your data help us improve our website. We use your personal data for orders within our company and associated companies only and with companies commissioned to process orders. We do not share your data with third parties without your express consent, unless obliged to do so by law or court order. We delete the data stored by us once they are no longer required for the purposes stated here. The data are deleted after the stated purposes have ended if we do not (need to) continue to store them for documentation purposes (e.g. due to retention periods in place).

We also use your data to maintain customer relationships pursuant to Article 6(1)(1)(f) of the GDPR. Furthermore, only such data permitted under the GDPR and new BDSG (German Data Protection Act) are passed on for third-party marketing purposes. You may object to the use, processing and transfer of your personal data for marketing purposes at any time by sending a note to that effect by post to LEONARDO Stores GmbH, Datenschutzbeauftragter, Rosenstraße 11, D-33098 Paderborn or by email to datenschutz@leonardo.de. Please refer to “Information” for more details on this. Upon receipt of your objection, we shall no longer use, process or transfer the data concerned for any purpose other than order processing.
Depending on the selected payment type (invoice), we obtain – as governed by the General Terms and Conditions for our LEONARDO eShop – credit reports from SIT Solution for Payment GmbH (SIT-Pay / Eiffestrasse 74, 20537 Hamburg) for orders. For this purpose, we transfer the data required for a credit check (name, address, email address and payment processing information) to the service provider. You may withdraw your consent to a credit check at any time. The legal basis for this data disclosure is contract processing pursuant to Article 6(1)(1)(a) of the GDPR and Article 6(1)(1)(f) of the GDPR.

Legal basis of data processing
Insofar as we obtain your consent to processing your personal data, Article 6(1)(a) of the GDPR constitutes the legal basis for such data processing.

Insofar as we process your personal data because processing is necessary for the performance of a contract or is necessary under a quasi-contractual relationship with you, the lawfulness of data processing is based on Article 6(1)(b) of the GDPR.

Insofar as we process your personal data because processing is necessary for compliance with a legal obligation, the lawfulness of data processing is based on Article 6(1)(c) of the GDPR.

Furthermore, Article 6(1)(f) of the GDPR may constitute the legal basis for data processing, if processing of your personal data is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or your fundamental rights and freedoms which require protection of personal data.

Throughout this Privacy Statement, we refer to the legal basis on which we process your personal data.

MyFonts Counter
Our website also uses external fonts provided by the company MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA (hereinafter: MyFonts) for display purposes. These fonts are embedded by establishing a connection to a MyFonts server. In order to deliver the font files to your browser, your IP address, as a minimum, is transmitted to a MyFonts server when you visit our website. Further information (e.g. the name of the website visited, date and time of the request, type of browser used) may also be passed to MyFonts. To prevent the execution of JavaScript codes by MyFonts, you can disable JavaScript in your browser or install a JavaScript blocker (such as http://www.noscript.net or http://ghostery.com). For further information on data privacy at MyFonts, go to: https://www.myfonts.com/info/legal/#Privacy. The legal basis is Article 6(1)(1)(f) of the GDPR.

Use of cookies
We use cookies that enable us to make your shopping experience as pleasant as possible. Cookies are small text files placed on your computer and stored by your browser for interaction with our systems. As a rule, a cookie contains the name of the domain from which the cookie data has been sent as well as information about the age of the cookie and an alphanumeric identifier. Cookies are used to make a website more user-friendly and effective. They enable our systems to recognise your computer and make any default settings immediately available. We need to have cookies stored in order to display to you the “Last viewed”, “Shopping cart” and “Wish list” features. Most of the cookies we use are what are known as session cookies. These are deleted as soon as your browser session ends. In addition to this, we also use some persistent cookies to remember you as a user. Most Internet browsers are set to accept cookies by default. You may set up your browser as you wish and e.g. refuse to accept third-party cookies or all cookies. Please be aware that in that case you may not be able to use all features of this site. Please check with the provider of your browser in this regard if necessary. If you change your browser settings accordingly, this may mean that you cannot avail yourself of all of the functionality of our website.

We also use cookies in the customer’s interest so that we can design our website to be as effective, smooth and user-friendly as possible. In the interests of the fastest and easiest possible use of our website and service offerings, we have therefore decided to also use cookies. The legal basis is Article 6(1)(1)(f) of the GDPR.

Use of Google Analytics, Google AdWords and Google Remarketing
This website uses Google Analytics, Google AdWords and Google Remarketing, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses so-called “cookies” which are text files placed on your computer to help the website analyse how you use the site. The information generated by the cookie about your use of this website is usually transmitted to and stored on a Google server in the United States. However, if IP anonymisation is activated on this website, Google truncates your IP address within European Union member states and other countries which are contracting parties to the Agreement on the European Economic Area prior to this. Only under exceptional circumstances is the complete IP address transmitted to a server of Google in the United States and truncated there. On behalf of the operator of this website, Google uses this information to analyse your usage of the website, to compile reports on the website activities and to render further services to the website operator connected with the usage of the website and of the Internet. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on behalf of Google. Google and third-party providers place advertisements on Internet websites. Google and third-party providers use stored cookies to place advertisements based on a user’s previous visits to this website. Google will not associate the IP address transmitted Google by your browser in connection with Google Analytics and Google Remarketing with any other data held by Google. You may prevent cookies being stored by selecting the appropriate settings on your browser software; however, please note that you may not then have access to all of the features of this website. In addition, you can prevent the data generated by the cookie based on your usage of this website (including your IP address) being sent to and processed by Google by downloading and installing the browser plug-in available at the following link http://tools.google.com/dlpage/gaoptout?hl=de. For further details please visit http://tools.google.com/dlpage/gaoptout?hl=de and/or http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection). Please be advised that Google Analytics has been extended on our website to include the code “anonymizeIp();” in order to anonymise IP addresses by deleting the last octet. We also use the Google AdWords online advertising program and therefore conversion tracking as well. The corresponding cookie is set when a user clicks on an advertisement placed by Google. These cookies are not used to identify any individual. If a user visits certain pages of this website, we and Google can identify that the user has clicked on the advertisement and was forwarded to this website. Each Google AdWords customer gets a different cookie. Therefore, cookies cannot be tracked across the websites of AdWords customers. This information is used to provide aggregate conversion statistics to AdWord clients who have decided to make use of conversion tracking. Customers are informed about the number of users who clicked on their advertisement and were redirected to a page with a conversion tracking tag. However, customers do not receive any information that helps identify individual users. Users that wish to opt-out of this tracking can disable the Google conversion tracking cookie using their browser settings. These users are not then included in the conversion tracking statistics. Further information is available at http://www.google.de/intl/de/policies

We use remarketing technology provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). This technology is used to retarget users that have already visited our website and online services and were interested in our offering by means of targeted advertising on sites within the Google Partner network. The advertising is shown by using cookies, which are small text files stored on the user’s computer. The text files help analyse user behaviour when the website is visited for the purposes of targeted product recommendations and interest-based advertising. If you do not wish to receive interest-based advertising, you may disable Google’s use of cookies for these purposes by visiting the page https://www.google.de/settings/ads/onweb. Alternatively, users can disable the use of cookies by third-party vendors by visiting the Network Advertising Initiative opt-out page. By using our website, you give your consent to the use of the data collected about you by Google in the manner described above for the previously stated purposes. Please note that Google has its own privacy policy independent of ours. We do not accept any responsibility or liability for these policies and procedures. Please refer to the Google privacy policy before using our website
Placing advertisements constitutes a legitimate interest in data processing in accordance with Article 6(1)(f) of the GDPR.

Doubleclick Ad Exchange
We also use the DoubleClick Ad Exchange. Insofar as DoubleClick Ad Exchange, a web advertisement service of Google Inc., USA (“Google”), places advertising (text advertisements, banners, etc.) on this website, your browser may save a cookie sent by Google Inc. or third parties. The information stored in the cookie may be recorded, collected and analysed by Google Inc. or a third party. Furthermore, DoubleClick Ad Exchange also uses what are known as web beacons (small invisible graphics) to collect information. By using these, simple actions such as visitor traffic to the website can be recorded, collected and analysed. The information generated by the cookie and/or web beacon about your use of this website is transmitted to and stored on Google servers in the United States. Google uses the information thus obtained to analyse your usage behaviour with regard to DoubleClick Ad Exchange advertisements. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on behalf of Google. If IP addresses are transferred and stored in this context, this is only for the purpose of combating and filtering spam/fraud (spam and click spam advertising impressions). These data are strictly accessible to the anti-fraud team only. Google does not associate the IP address with other data stored by Google. You may prevent cookies from being stored on your hard drive and web beacons being displayed. For this, select “Block cookies” in your browser settings (in Internet Explorer under “Tools/Internet options/Privacy/Settings”, in Firefox under “Tools/Options/Privacy Settings/Cookies”). For further information please visit: http://www.google.com/intl/de/policies/privacy/ads/.
Analysing user behaviour for marketing purposes constitutes a legitimate interest of ours in data processing in accordance with Article 6(1)(f) of the GDPR.

Google-Tag-Manager
This website uses Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags using an interface. The Tag Manager tool which sets the tags does not collect any personal data. Tags are small code elements used to measure traffic, visitor behaviour and more. The tool causes other tags to be activated which may, for their part, record data under certain circumstances.

Google Tag Manager can be used to set up third-party pixels, such as the Facebook-Pixel needed to better track advertising measures in Facebook. Google Tag Manager does not access these data. If disabled at domain or cookie level, this setting remains in place for all tracking tags implemented with Google Tag Manager. Further information is available here: http://www.google.de/tagmanager/use-policy.html.
Analysing user behaviour for marketing purposes constitutes a legitimate interest of ours in data processing in accordance with Article 6(1)(f) of the GDPR.

Issuu
We use the plugin of the Issuu service, which allows you to access our company's publications as e-papers. The provider is Issuu, Inc. 131 Lytton Ave, Palo Alto, CA 94301, USA. You can recognize the Issuu plug-ins by the Issuu logo on the affected pages. When you visit our pages, a direct connection is established between your browser and the Issuu server after activating the plugin. Issuu receives the information that you have visited our site with your IP address. If the users are members of the Issuu platform, Issuu can assign the call of the above content and functions to the users' profiles there. Issuu uses "cookies", small text files that are stored on your computer. These enable an analysis of your use of the website. Issuu collects and stores personal data in this way, such as the IP address and information about the time and duration of use. The transfer takes place if you have activated JavaScript in your browser. You can prevent the use of cookies by setting your browser software accordingly or install a JavaScript blocker. Further information on the extent to which and for what purposes Issuu uses the collected data can be found on the website of Issuu Inc. at https://issuu.com/legal/privacy. We use the ISSUU plugin to make our company's publications available to you as e-papers (e.g. online catalogues). This is also the legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO.

Social media channels
Our website contains links to social networks and other services such as Facebook, YouTube, Instagram, Pinterest, Xing and LinkedIn. The links are identified by the logo of their relevant providers.

We give you the option of sharing individual content via Facebook, YouTube and Pinterest. You must log in to the respective provider (via a separate window) in order to use the relevant feature.
When the link is clicked, a new website opens to which this Privacy Statement does not apply. Please check the corresponding privacy policies of the individual providers for details regarding the applicable provisions there; we have compiled the relevant links for you.

Facebook: https://www.facebook.com/privacy/explanation
youtube: https://www.google.de/intl/de/policies/privacy/
Instagram: https://www.instagram.com/about/legal/privacy/
Pinterest: https://about.pinterest.com/de/privacy-policy
Xing: https://www.xing.com/app/share?op=data_protection
LinkedIn: https://www.linkedin.com/legal/privacy-policy.

Facebook
Our website uses Facebook pixels of Facebook Ireland Limited. This facilitates anonymous comparison of our visitors, which allows us to create target groups (known as “custom audiences”) with an interest in our products or with certain characteristics (such as an interest in particular websites, products, topics, trends) for the delivery of advertisements.

You can also turn off cookies for third-party providers such as Facebook on the following website of the Digital Advertising Alliance: http://www.aboutads.info/choices/.
Placing advertisements and analysing user behaviour for marketing purposes constitutes a legitimate interest of ours in data processing in accordance with Article 6(1)(f) of the GDPR.

Cleverreach
We use a newsletter to inform you about products, events and other news from glaskoch. If you would like to receive the newsletter, we require from you a valid email address and information that allows us to verify that you are the owner of the email address given or that the owner of such agrees to receive the newsletter. Other data are not collected. These data are only used to send and analyse the use of the newsletter.
We store your IP address and date of subscription when you subscribe to the newsletter. These data are stored as evidence in case a third party misuses an email address and signs up for the newsletter without the knowledge of the legitimate owner of the email address.
We use the CleverReach email tool provided by CleverReach GmbH & Co. KG, Rastede, Germany to send our newsletter. Your data are also stored by CleverReach for this.
CleverReach offers analysis features with regard to how the newsletters are opened and used. Your data relating to your subscription to the Investor Relations newsletter are not shared with other third parties and CleverReach does not acquire any right to share your data.
You may withdraw your consent to the storage of the data, the email address and their use to dispatch the newsletter at any time. You may unsubscribe via a link in the newsletter itself or by notifying the contacts detailed in the Imprint.
If you have explicitly subscribed to our newsletter, your consent constitutes the legal basis for processing of your data in accordance with Article 6(1)(a) of the GDPR. Under the applicable legal provisions, we may send you our newsletter without having obtained your express consent based on the fact that you have ordered certain goods or services from us and we have therefore received your e-mail address and you have not objected to receiving information from us by e-mail. In this case, our legitimate interest in direct mailing constitutes the legal basis in accordance with Article 6(1)(f) of the GDPR. If you do no longer wish to receive our newsletters, you can revoke your consent at any time with effect for the future and/or object to receiving the newsletter without incurring any costs other than the transmission costs in accordance with the basic tariffs. Simply use the unsubscribe link contained in every newsletter or send a message to us or our data protection officer.

YouTube
Our online offering contains videos for which we use a plug-in from the Google-run site YouTube (“YouTube”). The operator of the service is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you call up an Internet page of our online offering which contains a video, a connection with the YouTube servers is created. On that occasion, the YouTube server is told which Internet pages of our online offering you have visited.
If you are logged in to your YouTube account at that time, you allow YouTube to directly associate your browsing behaviour with your personal profile. You can prevent that by logging out of your YouTube account first. For further information on the handling of user data, please refer to the Google privacy statement at https://www.google.de/intl/de/policies/privacy/, which also applies to YouTube.
Using YouTube enables us to show you videos and give you more information on ourselves and our Achievements; this at the same time constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR.

Instagram
We also use the plug-in of social network Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA on our website. If you are logged into Instagram at the same time, a connection is established to the Instagram servers. Instagram receives information on which pages of our website you have visited. This enables Instagram to analyse your browsing behaviour. You can prevent this by logging out of your Instagram account.
Our company uses social media such as LinkedIn and Facebook so that we can present to visitors to our website the profile and reach of our company as well as persons connected with our company. The personal and anonymised information collected and shared in this context serves exclusively to strengthen the company’s presence and enable simple communication between our company, customers, partners and investors. We are delighted when you connect with our company via social networks and thereby help to raise the company’s profile among as many people as possible. Therefore, the purpose of the data processing is the interest of our company and of our customers in the dissemination of information (Article 6(1)(1)(f) of the GDPR).

Pinterest
The Pinterest button of Pinterest Inc., 808 Brannan St, San Francisco, CA 94103, USA is also embedded in our website. As a result, the IP address is transferred to Pinterest. If you are logged into Pinterest when you visit our website, this information can be/is associated with your profile. If you do not agree to your data being transferred to Pinterest, you may prevent this by logging out of Pinterest.
Our company uses social media such as LinkedIn and Facebook so that we can present to visitors to our website the profile and reach of our company as well as persons connected with our company. The personal and anonymised information collected and shared in this context serves exclusively to strengthen the company’s presence and enable simple communication between our company, customers, partners and investors. We are delighted when you connect with our company via social networks and thereby help to raise the company’s profile among as many people as possible. Therefore, the purpose of the data processing is the interest of our company and of our customers in the dissemination of information (Article 6(1)(1)(f) of the GDPR).

XING
A connection is established to the servers of XING AG, Gänsemarkt 43, 20354 Hamburg, Germany when the Share button is enabled. Personal data are not shared with Xing via the Share function. Furthermore, Xing does not analyse the usage behaviour. Your personal data and IP addresses in relation to your visit to this website are not stored. Our company uses social media such as LinkedIn and Facebook so that we can present to visitors to our website the profile and reach of our company as well as persons connected with our company. The personal and anonymised information collected and shared in this context serves exclusively to strengthen the company’s presence and enable simple communication between our company, customers, partners and investors. We are delighted when you connect with our company via social networks and thereby help to raise the company’s profile among as many people as possible. Therefore, the purpose of the data processing is the interest of our company and of our customers in the dissemination of information (Article 6(1)(1)(f) of the GDPR).

LinkedIn
Our website uses the LinkedIn network’s “share function” of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. If you are logged in there, you are forwarded to your user account in a separate browser window. There is a direct connection between your browser and the LinkedIn server. We have no knowledge of which personal data and usage data are transferred in this context. Our company uses social media such as LinkedIn and Facebook so that we can present to visitors to our website the profile and reach of our company as well as persons connected with our company. The personal and anonymised information collected and shared in this context serves exclusively to strengthen the company’s presence and enable simple communication between our company, customers, partners and investors. We are delighted when you connect with our company via social networks and thereby help to raise the company’s profile among as many people as possible. Therefore, the purpose of the data processing is the interest of our company and of our customers in the dissemination of information (Article 6(1)(1)(f) of the GDPR).

Our technical standards, data security
We use SSL encryption (Secure Socket Layer) in the LEONARDO online shop for order transmission. This method offers the highest security when transferring data online. Therefore, your information cannot be read by any external third parties. Our servers on which the data are stored are located in Germany and the corresponding technical and organisational measures of Article 32 of the GDPR (Security of Processing) are ensured.

Links to other websites
Our website contains links to other websites. We have no influence over whether the providers of these comply with data protection provisions. Please check for yourself the data protection regulations that apply in respect of these before transferring personal data to these websites.

Rights of data subjects
We are strongly committed to explaining how we process personal data and to informing you about your rights as transparently as possible. If you want more detailed information or wish to exercise your rights, you can contact us at any time so that we can take care of your concerns.
You have extensive rights with respect to the processing of your personal data. First of all, you have an extensive right to information and under certain circumstances may demand correction and/or deletion or blocking of your personal data. You can also demand restriction of processing and you have a right of objection. You also have a right to data portability with a view to personal data that you have transmitted to us. If you wish to assert any of your rights and/or want more detailed information concerning your rights, please contact our customer service. Alternatively, you may contact our data protection officer.
You may at any time revoke your consent with future effect. Revocation of the consent does not affect the legality of any processing performed on the basis of such consent given up until the revocation thereof. In such cases, too, please contact our customer service and/or our data protection officer.
Insofar as the processing of your personal data is not based on consent given by you but on another legal basis, you can object to the data processing. Your objection will lead to a review and, if necessary, to termination of the data processing. You will be informed of the outcome of the review and – if the data processing is to be continued after all – you will receive further information from us on why the data processing is admissible.
We would like to point out here that we may still store personal data after a business relationship has ended. We can only delete personal data if no statutory retention periods prevent this. We can only meet any requests for deletion once the retention periods have expired. If you would like data to be deleted during the retention period, we will block the personal data from use during the retention period and thereby not use it further.

Controller
glaskoch B. Koch jr. GmbH + Co. KG
Industriestraße 23
33014 Bad Driburg
Tel.: 05253 / 86 - 0
E-Mail: datenschutz@leonardo.de

(External) data protection officer
DDSK GmbH
Frau Irina Weiß
Tel.: 07542 949 21 - 00
E-Mail: datenschutz@leonardo.de

Right to lodge a complaint
You have the right to report suspected breaches of data protection provisions and to lodge a complaint regarding these with the relevant supervisory authority. Your complaint can be directed to:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf

Phone: 0211/38424-0
Fax: 0211/38424-10
Email: poststelle@ldi.nrw.de

Revised: 18. May 2018