This data protection declaration is based on the definitions used by the European legislator for directives and regulations when the General Data Protection Regulation (GDPR) was issued. This data protection declaration uses the following definitions, among others: personal data, data subject, processing, restriction of processing, profiling, person responsible, recipient, third party, consent. Under the following link you will find information on how the definitions are to be understood within the meaning of the GDPR: //www.anwaltblog24.de/artikel-4-dsgvo-terminologie
2. Name and contact details of the data controller
This data protection notice applies to data processing by:
Responsible: Glacier Games e. U, represented by the owner Mr. Thomas Schönthaler, email firstname.lastname@example.org, telephone +43 677 63999062
3. Collection and storage of personal data, as well as the type and purpose of their use
We do not collect any further personal data from you beyond your order process in our online shop www.glaciergames.at. This personal data transmitted to us will be stored by us.
We use this data
to be able to identify you as our customer;
to process, fulfill and process your order;
to correspond with you;
to process any liability claims that may exist and to assert any claims against you;
As part of your ordering process and/ your registration on www.glaciergames.at, your consent to the processing of this data will be obtained.
The data processing takes place in response to your order and is required in accordance with Article 6 Paragraph 1 Sentence 1 lit. b GDPR for the stated purposes for the appropriate processing of your order and for the mutual fulfillment of obligations from the purchase contract.
The personal data collected by shopify and transmitted to us for the processing of your order will be stored by us until the statutory retention period has expired and then deleted, unless we are required to do so in accordance with Article 6 (1) sentence 1 lit. c GDPR due to tax - and commercial law storage and documentation obligations (from HGB, StGB or AO) are obligated to longer storage or you have consented to further storage according to Art. 6 Para. 1 S. 1 lit. a DSGVO.
4. Sharing of Data
We pass on your personal data to third parties exclusively to the service partners involved in the execution of the contract, such as the logistics company commissioned with the delivery and the bank commissioned with payment matters. In cases where your personal data is passed on to third parties, however, the scope of the transmitted data is limited to the necessary minimum.
When paying via PayPal, credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal, we pass on your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"), further. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal. PayPal uses the result of the credit check in relation to the statistical probability of non-payment for the purpose of deciding whether to provide the respective payment method. The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical process. Address data, among other things, is included in the calculation of the score values. Further data protection information can be found in the PayPal data protection principles: //www.paypal.com/de/webapps/mpp/ua/privacy-full
Your personal data will not be transmitted to third parties for purposes other than those mentioned above.
We also only pass on your personal data to third parties if:
you have given your express consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR,
the transfer according to Article 6 paragraph 1 sentence 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
in the event that there is a legal obligation for the transfer according to Art. 6 Para. 1 S. 1 lit
this is legally permissible and according to Art. 6 (1) sentence 1 lit. b GDPR for the processing of contractual relationships