We are delighted that you have shown interest in our site. Data protection has a particularly high priority for us. The use of the Internet pages of themes is possible without any indication of personal data; however, if a data subject wants to use special business services through our website, the processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data such as the name or email address of a data subject will always be in accordance with the General Data Protection Regulation (GDPR) and in accordance with country-specific data protection. regulations applicable to themes.net. Through this data protection declaration, our company wishes to inform the general public about the nature, scope and purpose of the personal data that we collect, use and process. In addition, the data subjects are informed, by means of this data protection declaration, of the rights to which they have access.
As controller, themes has implemented numerous technical and organizational measures to ensure the most comprehensive protection of personal data processed through this website. However, Internet-based data transmissions may, in principle, have security gaps, so that absolute protection may not be guaranteed. For this reason, all data subjects can transfer their personal data to us by alternative means, for example by telephone.
1. Definitions
themes’s data protection statement is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration must be legible and understandable for the general public as well as for our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, among others, the following terms:
a) Personal data
Personal Data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier or one or more specific factors of the physical, physiological , genetic, mental, economic, cultural or social identity of that natural person.
b) data subject
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
c) Processing
Processing is any operation or set of operations that is performed with personal data or sets of personal data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, broadcast or making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting its processing in the future.
e) Profiled
Profiling means any form of automated processing of personal data that consists in the use of personal data to assess certain personal aspects related to a natural person, in particular to analyze or predict aspects related to the performance of that natural person at work, financial situation , health, personal preferences , interests, reliability, behavior, location or movements.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures. to ensure that personal data is not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the criminals
terios specific to their designation may be provided for in the legislation of the Union or of the Member State.
h) Processor
Processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
i) Recipient
The recipient is a natural or legal person, public authority, agency or other body, to which the personal data is disclosed, whether it is a third party or not. However, public authorities that may receive personal data in the framework of a particular investigation in accordance with Union or Member State law shall not be considered recipients. the processing of those data by those public authorities shall comply with the applicable data protection rules according to the purposes of the processing.
j) Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
k) Consent
The data subject’s consent is a freely given, specific, informed and unequivocal indication of the data subject’s wishes by which, by means of a clear affirmative statement or action, means that he consents to the processing of personal data relating to him. .
2. Name and address of the controller
The controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Member States of the European Union and other provisions related to data protection is:
3. Cookies
The themes web pages use cookies. Cookies are text files that are stored on a computer system through an Internet browser.
Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the subject’s individual browser from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.
Through the use of cookies, themes is able to provide users of this website with more user-friendly services that would not be possible without cookie settings.
Using a cookie, the information and offers on our website can be optimized with the user in mind. Cookies allow us, as mentioned above, to recognize users of our website. The purpose of this recognition is to make it easier for users to use our website. The website user who uses cookies, for example, does not have to enter access data each time the website is accessed, because the website takes care of this, and the cookie is stored on the user’s computer system. Another example is a shopping cart cookie in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart through a cookie.
The data subject can at any time prevent the setting of cookies via our website by means of a corresponding setting of the Internet browser used and can thus permanently deny the setting of cookies. In addition, already set cookies can be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the cookie setting in the Internet browser used, not all functions of our website may be fully usable.
4. Collection of general data and information
The themes website collects a series of general data and information when a data subject or automated system calls up the website. This general information and data is stored in the server log files. Those collected can be (1) the types of browsers and the versions used, (2) the operating system used by the access system, (3) the website from which a system accesses our website (so-called referrers) , (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the access system and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
By using this data and reports In general terms, themes does not draw any conclusions about the data subject. Rather, this information is necessary to (1) deliver our website content correctly, (2) optimize our website content and advertising, (3) ensure the long-term viability of our information technology systems website information and technology and (4) provide law enforcement authorities with information necessary for criminal prosecution in the event of a cyber attack. Therefore, themes analyzes the anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our company, and ensuring an optimal level of protection for the personal data we process. Anonymous data from server log files is stored separately from all personal data provided by a data subject.
5. Registration on our website
The data subject has the possibility to register on the controller’s website with the indication of personal data. The personal data that is transmitted to the controller is determined by the corresponding input mask used for registration. The personal data entered by the data subject is collected and stored exclusively for the internal use of the controller and for its own purposes. The controller may request the transfer to one or more processors (for example, a package service) that also uses personal data for an internal purpose that is attributable to the controller.
When registering on the controller’s website, the IP addresses assigned by the Internet Service Provider (ISP) and used by the data subject date and time of registration are also stored. The storage of this data takes place in the context that this is the only way to prevent misuse of our services and, if necessary, to enable the investigation of crimes committed. To the extent, the storage of this information is necessary to secure the controller. These data are not passed on to third parties unless there is a legal obligation to pass on the data, or if the transfer fulfills the purpose of criminal prosecution.
The registration of the data subject, with the voluntary indication of personal data, is intended to enable the controller to offer the data subject contents or services that can only be offered to registered users due to the nature of the matter in question. Registered persons are free to change the personal data specified during registration at any time, or to remove it completely from the data stock of the controller.
The data controller must, at any time, provide information, upon request, to each data subject about the personal data stored about the data subject. In addition, the data controller will correct or delete the personal data at the request or indication of the data subject, insofar as there is no legal storage obligation. All employees of the controller are available to the data subject in this regard as contact persons.
6. Subscription to our newsletters
On the themes website, users have the opportunity to subscribe to our company’s newsletter. The input mask used for this purpose determines which personal data is transmitted as well as when the newsletter is ordered from the controller.
themes regularly informs its customers and business partners through a newsletter about business offers. The company newsletter can only be received by the data subject if (1) the data subject has a valid email address and (2) the data subject registers for the newsletter. A confirmation email will be sent to the email address registered by a data subject for the first time for the sending of newsletters, for legal reasons, in the double opt-in procedure. This confirmation email is used to check whether the owner of the email address as a data subject is entitled to receive the newsletter.
During registration for the newsletter, we also store the IP address of the computer system assigned by the Internet Service Provider (ISP) and used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary to understand the (possible) misuse of a data subject’s email address at a later date, and thus serves the purpose of legal protection of the controller.
Personal data collected as part of a newsletter registration will only be used to send.