With the following information we would like to inform you about the type, scope and purpose of the collection, storage and use of your data that we receive from you in connection with your visit to our website.
In this case, we generally only collect, store and otherwise process your data in accordance with legal regulations. In particular, we collect, store and process your personal data only for the purposes stated in this data protection declaration and will not at any time pass it on to third parties other than those described here without your consent and without a legal reason. Without your consent, your personal data will only be passed on to third parties if this is the case
- to process a contract or to carry out pre-contractual measures at your request, or
- to fulfill a legal obligation or
- is necessary to protect legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data.
However, in the cases mentioned in this data protection declaration when your personal data is passed on to third parties, the scope of the data transmitted is limited to the minimum that is necessary to fulfill our respective purposes.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
2. Responsible body
The responsible body within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
hoots classic GmbH
Sebnitzer Str. 53
Tel.: +49 (0) 351 81081025
II. Scope and purpose of processing personal data when you visit our website
1. Protocol data/log files
In principle, you can visit our websites without telling us who you are.
1.1 When you access our website or sub-domains, the Internet browser you use when visiting our website automatically sends log data to our website server and stores it there for a limited time in a log file. Without your intervention, the following information is recorded and stored until it is automatically deleted:
- an anonymous session ID that does not allow any conclusions to be drawn about your IP address,
- the operating system you use, the web browser you use (including installed add-ons (e.g. for Flash Player) and the screen resolution you set,
- IP address of the accessing device (e.g. PC or smartphone),
- the date and time of your visit,
- the websites you have visited on our website,
- the website from which you accessed our website (so-called referrer) URL), in search engines also the search terms used),
- the size of the data transferred and
- the http status code (e.g. “request successful” or “requested file not found”).
1.2 We do not use your data to draw conclusions about your identity. The processing of the information stored in the log files only serves to ensure a smooth connection establishment, the comfortable use of our website and the anonymized evaluation for statistical purposes (e.g. for general analysis of usage behavior, which pages of the online offering are accessed, which browsers etc.) and to improve our website and the technology behind it. The legal basis for data processing is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR. The only recipients of the data are the responsible body and, if applicable, our processors.
1.3 We and our processor regularly store the individual log files for 8 weeks to identify disruptions and security reasons (e.g. to investigate attempted attacks) and then delete them. Log files whose further storage for evidentiary purposes is required for legal reasons are exempt from deletion until the respective incident has been finally clarified.
We use so-called “cookies” on our website. Cookies are small text files that are automatically created by your browser and stored on your device when you visit our site. If our website is accessed again by this device, your browser will send back the contents of the cookies and thus enable us to recognize you.
3. Use of the contact form
3.1 On our website we offer you the opportunity to contact us using a form provided. In order to process your request, you must at least provide a valid email address. If you ask us for an offer for our services or make a support request for a purchased product, you will be required to provide further data. All other information can be provided voluntarily.
3.2 Data processing for the purpose of contacting us is carried out in accordance with Article 6 Paragraph 1 Sentence 1 Letter b) GDPR. The personal data we collect when using the contact form will be deleted by us as soon as the request has been finally dealt with and there are no reasons for further storage (e.g. subsequent execution of the contract or to fulfill a legal obligation according to Art. 6 Para. 1 S. 1 lit. c) GDPR).
3.3 The only recipients of the data are the responsible body and, if applicable, our processors, the vicarious agents employed (in the event of subsequent execution of the contract) and third parties to whom there is a legal obligation within the meaning of Article 6 Paragraph 1 Sentence 1 Letter c) GDPR . Under no circumstances will the data collected be linked to your personal data that we have collected and processed using log files, cookies or other analysis services without your consent.
4.1 On our website we offer you the opportunity to register to receive our newsletter on a regular basis, in which we keep you up to date with news from our company and our products. In order to register for our newsletter service, we need at least your email address to which the newsletter should be sent. Further information is voluntary and will only be used based on your consent, for example to be able to address you personally and clarify questions about your email address. If you send by post we need your address details.
4.2 As a rule, we use the double opt-in procedure for registration. This means that we will only send you newsletters if you confirm your registration after providing your email address via an email sent by us and a link contained therein. The registration and confirmation are logged. This is to ensure that only you as a user of the specified email address can register for the newsletter service. Your confirmation must occur promptly before we send the email, otherwise your registration and email address will be deleted from our database. Until you confirm this, our newsletter service will not accept any further registrations using this email address.
4.3 You can unsubscribe from a newsletter you have subscribed to from us at any time and revoke your consent. To do this, you can either send us an email or cancel using a link at the end of the newsletter.
4.4 The registration process is logged on the basis of our legitimate interests in accordance with Article 6 Paragraph 1 Letter f of the GDPR and serves the purpose of a user-friendly and secure newsletter system as well as proof of your consent. Data processing for the purpose of sending newsletters is carried out in accordance with Article 6 Paragraph 1 Sentence 1 Letter a) GDPR or Section 7 Paragraph 3 UWG. The personal data we collected when you registered will be deleted by us as soon as you have informed us that you no longer wish to receive newsletters from us in the future.
4.5 The only recipients of the data are the responsible body, our processors and the vicarious agents used to send the newsletter (e.g. mailing services). The mailing service we commission can use your data in pseudonymous form, ie without assigning it to a user, to optimize or improve its own services, for example to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. However, our shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass the data on to third parties.
5. Social network plug-ins (Social Plugins)
5.1 On our website you will find references (links) to our social media presences in external social networks such as Facebook (“Social Plugins”). The functions assigned to the links, in particular the transmission of information and user data, are not activated when you visit our website, but only when you click on the link yourself. After clicking on these links, the plugins of the respective social network are activated and your browser establishes a direct connection to their servers. Here, data is transmitted directly to the operator of the network and their servers, for example in the USA, where it is stored and used if necessary. As a rule, the network operator is informed of your IP address and which of our pages you have visited. If you click on the links while visiting our website and at the same time are logged into the network via your personal user account (account), you enable the network operator to assign the processed data directly to your personal profile and other data known about you and to create usage profiles about you, which may be passed on to third parties. You can prevent such an association by logging out of your user account on the network before visiting our website or activating the link.
5.2 The respective network operator is solely responsible for the data processing that starts when you click on the link. We have no influence on the scope and content of your data that the respective network operator collects. The purpose and scope of data collection as well as the further processing, use and storage period of your data as well as your related rights and setting options to protect your privacy can be found in the data protection information of the respective network operator. We ourselves do not collect any personal data in this context.
5.3 On our websites we have integrated links to our presence on the following social networks:
The network operator is Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, this service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Facebook is certified under the Privacy Shield Agreement and thereby offers a guarantee that it will comply with European data protection law.
Data protection declaration: https://www.facebook.com/policy.php
The network operator is Instagram Inc., 1601 Willow Road, Menlo Park, California 94025, USA.
Data protection declaration: https://help.instagram.com/155833707900388
6. External services
Our website uses the “Cloudflare” service as a CDN (“Content Delivery Network”) to speed up our website and protect it against hacker attacks. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.
6.1. Cloudflare, Inc. operates a Content Delivery Network (CDN), which consists of a globally distributed network of servers connected to one another via the Internet on which some of the content available on our website is stored. By using cloudflare's own server and network infrastructure, it is possible to deliver content on our website with shorter loading times. At the same time, the contents of our website are even better protected from third-party interference and manipulation by avoiding third-party servers for data transport. We store mostly static elements such as HTML pages, images, style sheets, documents or videos on Cloudflare's servers, but in no case personal data.
6.2 To provide its services, Cloudflare uses a (__cfduid) cookie, which is stored in the browser of your device and used to identify individual clients behind a shared IP address and to apply security settings per client. In addition, security tools and traffic monitoring are provided via CloudFlare Inc. For this purpose, your IP address, the time, the user agent (browser, operating system and language), the referrer URL and all entries in the contact form are transmitted to Cloudflare or their servers, e.g. in third EU countries, and then to our website forwarded.
6.3 The legal basis for the processing of your personal data using cookies is Article 6 Paragraph 1 Letter f) GDPR.
6.4 Cloudflare is a member of the EU-US Privacy Shield ( https://www.privacyshield.gov ). The processing contract concluded between us ensures that Cloudflare only processes the respective data for a specific purpose and in accordance with the applicable legal regulations and does not pass it on to third parties without authorization. For more information about Cloudflare, visit https://www.cloudflare.com/security-policy/ .
You can find information about what data Cloudflare, Inc. collects, processes and uses as part of the EU-US Privacy Shield Framework program and for what purposes: https://www.cloudflare.com/privacyshield/ .
III. Deletion of your data
The data we process will be deleted or its processing will be restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated in our data protection declaration, the data stored by us will be deleted as soon as they are no longer required to achieve the respective processing purpose and the deletion does not conflict with any legal retention obligations. We review the necessity every two years. Unless the data is deleted because it is required for other legally permissible purposes (e.g. storage for commercial or tax reasons), this data will be “blocked” and not further processed for other purposes (restricted processing).
IV. Your rights
You can assert your following rights against the responsible body at any time free of charge.
1. Right of providing information:
You have the right to request confirmation from us as to whether we are processing personal data concerning you and the right to information about this personal data and further information in accordance with Art. 15 GDPR.
2. Authorization right:
You have the right to request that we correct incorrect or incomplete personal data concerning you in accordance with Art. 16 GDPR.
3. Right to deletion:
You have the right to request the deletion of your data if the conditions specified in Art. 17 GDPR are met. You can then, for example, request that your data be deleted if it is no longer necessary for the purposes for which it was collected. You can also request deletion if we process your data based on your consent and you withdraw that consent.
4. Right to restriction of processing:
You have the right to request that the processing of your data be restricted if the requirements of Article 18 GDPR are met. This is the case, for example, if you dispute the accuracy of your data. You can then request that processing be restricted for the duration of the verification of the accuracy of the data.
5. Right to data portability:
If the data processing is based on consent or the fulfillment of a contract and is also carried out using automated processing, you have the right in accordance with Art. 20 GDPR to receive your data in a structured, common and machine-readable format and to pass it on to another data processor to transmit.
6. Right to object according to Art. 21 GDPR:
If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Letter f) GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR if there are reasons for this arise from your particular situation. If your objection is directed against the processing of your data for direct advertising purposes, your right of withdrawal is unlimited. This also applies to profiling as far as it is related to direct advertising. In this case, we will no longer process the data for this purpose without your prior information about a special situation.
7. Right of withdrawal according to Art. 7 Para. 3 GDPR:
If the data processing is based on your consent, you have the right to revoke the data processing within the scope of your consent at any time and free of charge with effect for the future. The revocation will not affect the lawfulness of our data processing, which was based on your consent until receipt of the revocation. Once your revocation has been received, data processing based solely on your consent will be discontinued.
8th. Right to complain:
In accordance with Art. 77 GDPR, you have the right to complain to a responsible supervisory authority (e.g. the State Commissioner for Data Protection) about our processing of your data. A list of the supervisory authorities with addresses can be found at:
If you would like to exercise your aforementioned rights towards us, you can contact us by telephone, email or letter using our contact details listed at the beginning of this data protection declaration.
v. Transfers to third countries
If we or our processors or vicarious agents process, disclose or transmit data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)), this will only occur if it is necessary to fulfill our (pre-)contractual obligations based on your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or have the data processed in a third country if the special requirements of Art. 44 ff. GDPR are met. This means that the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level that corresponds to the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
VI. Collaboration with processors and third parties
If, as part of our processing, we disclose data to other people and companies (processors or third parties), transfer it to them or otherwise grant them access to the data, this will only be done on the basis of your consent or legal permission (e.g. if a transfer of the data to third parties, such as payment service providers, in accordance with Article 6 Paragraph 1 Letter b of the GDPR, if this is required by a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties to process data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.
VII. Status and update of this data protection declaration
This data protection declaration is dated May 25, 2018. We reserve the right to update the data protection declaration in due course in order to improve data protection and/or adapt it to changes in official practice or case law.