Coming soon: Dune: Desert War & Root: Homeland ❖ On the horizon: Grimcoven & Horizon Forbidden West ❖ ❖ ❖ ICYMI: We are still shipping to the US! ❖ ❖ ❖

Privacy policy

Privacy policy 

Kim Rose, owner of Tinkering Paws®, Bahnhofstr. 6, 45701 Herten, Germany, Phone: +49 209 1658 9992, Email: info@tinkeringpaws.de takes great care in the design of her products to ensure that the customer's data privacy is protected. As a matter of principle, we collect and use personal data of our users only to the extent that this is necessary for the provision of a functional website as well as our content and services. The collection and use of personal data of our users is regularly carried out only with the consent of the user. An exception applies in those cases in which obtaining prior consent is not possible for factual reasons and the processing of the data is permitted by legal regulations.

 

Name and address of the controller

The responsible party in the sense of the Datenschutz-Grundverordnung (DSGVO) / General Data Protection Regulation (GDPR) , other data protection laws applicable in the Member States of the European Union and other provisions with data protection character is the:

Kim Rose, owner of Tinkering Paws®
Bahnhofstr. 6
45701 Herten
Germany
Phone: +49 209 1658 9992
Email: info@tinkeringpaws.de
Websites: tinkeringpaws.de & tinkeringpaws.com

 

Cookies

The websites tinkeringpaws.de & tinkeringpaws.com use cookies. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware. In the cookie, information is stored that arises in each case in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity.
The use of cookies serves on the one hand to make the use of our service more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site. In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our services for you. These cookies allow us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined period of time.
The data processed by technical cookies are necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties pursuant to Art. 6 (1) p. 1 lit. f DSGVO. Other cookies that are intended to increase comfort when using this website, serve direct advertising or facilitate interaction with other websites and social networks are only set with your consent.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. Cookies that have already been saved can be deleted at any time. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

 

Log file creation

Every time you visit the tinkeringpaws.de & tinkeringpaws.com websites, we collect data and information through an automated system. These are temporarily stored in the log files of the server.
The following data may be collected in the process and will be recorded without your intervention and stored until automated deletion:

  • Information about the browser type and version used
  • The user's operating system, browser used, name of the access provider
  • The IP address of the requested computer
  • Date and time of access
  • Name and URL of the accessed file
  • Website from which the access is made (referrer URL)

The aforementioned data will be processed by us for the following purposes:

  • Ensuring a smooth connection of the website,
  • Ensuring a comfortable use of our website,
  • evaluation of system security and stability, and
  • for further administrative purposes.

The legal basis for the temporary data processing is Art. 6 (1) p. 1 lit. f DSGVO. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.

 

Ways of contacting

A contact form is available on our website that can be used for electronic contact. Alternatively, it is possible to contact us via the e-mail addresses provided. If you contact us via one of these offered possibilities, the personal data transmitted by you will be stored automatically. If a user takes the opportunity to communicate via the contact form, the data entered in the input mask will be transmitted to us and stored. These data are: Name, e-mail address and the data from the input mask that was transmitted to us. At the time of sending the message, the following data is also stored: the IP address of the user and the date and time of registration. For the processing of the data, your consent is obtained during the submission process and reference is made to this privacy policy. The data is saved solely for the purpose of processing your request or contacting you. The other personal data processed during the submission process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. The data will not be passed on to third parties. Data processing for the purpose of contacting us is based on your voluntarily given consent according to Art. 6 ( 1 ) p. 1 lit. a DSGVO. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f DSGVO. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest. The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.

 

Conclusion of contracts

A platform for the conclusion of contracts is available on our website. During the order process, the data entered in the respective input mask for the current order process is transmitted to us and stored. These data are: Salutation, first name, last name, street, house number, postal code, city, telephone, email address. Optionally, an order note can be stored in the order form. We use your personal data exclusively for our own business purposes (such as processing the order) and never transmit the data to unauthorized third parties.
At the time of sending the order, the following data is also stored: the IP address of the user and the date and time of registration.
For the processing of the data, your consent is obtained during the submission process and reference is made to this privacy policy.
The data storage is solely for the purpose of processing the order or purchase.
The other personal data processed during the submission process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
The legal basis for the processing of the data, which is necessary for the conclusion of the contract, is Art. 6 (1) lit. b DSGVO as the permission standard for data processing.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In addition, data may be stored if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.

 

Disclosure of data to third parties

Your personal data will not be transferred to third parties for purposes other than those listed below.
We will only share your personal information with third parties if:

  • You have given your express consent to this in accordance with Art. 6 (1) p. 1 lit. a DSGVO,
  • The disclosure is necessary pursuant to Art. 6 (1) p. 1 lit. f DSGVO for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
  • In the event that a legal obligation exists for the disclosure pursuant to Art. 6 (1) sentence 1 lit. c DSGVO, as well as
  • This is legally permissible and required according to Art. 6 (1) p. 1 lit. b DSGVO for the processing of contractual relationship with you.

 

Encryption techniques

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. This is usually a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

 

Analytics Tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) p. 1 lit. f DSGVO. With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are considered legitimate in the sense of the aforementioned provision.

 

Social media

Social media plugins with Shariff

Plugins from social media are used on our pages (e.g. Instagram).
You can usually recognize the plugins by the respective social media logos. To ensure data protection on our website, we only use these plugins together with the so-called "Shariff" solution. This application prevents the plugins integrated on our website from transmitting data to the respective provider when you first enter the page.
Only when you activate the respective plugin by clicking the associated button, a direct connection to the provider's server is established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to our pages to your user account. Activating the plugin constitutes consent within the meaning of Art. 6 (1) lit. a DSGVO. You can revoke this consent at any time with effect for the future. For more information on the scope and purpose of the collection and use of the data, as well as your rights in this regard and options for protecting your privacy, please refer to the linked data protection notices of the providers.

 

Functions of the Instagram service are integrated on our pages. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram. The use of the Instagram plugin is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media.
For more information, please see the privacy policy of Instagram:
https://instagram.com/about/legal/privacy/.

 

On our pages, functions of the service Facebook are integrated as described above.
These functions are offered by Facebook of Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA). The use of the Facebook plugin is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media.
For more information, please refer to the privacy policy of Facebook:
https://www.facebook.com/policy.php.

 

On our pages, functions of the Google service are integrated as described above. These functions are offered by Google+ of Google LLC (1600 Amphitheatre Parkway, Mountain View, California, 94043 USA). The use of the Google plugin is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media.
You can find more information on this in Google's privacy policy at
https://www.google.com/intl/de/+/policy/+1button.html , https://policies.google.com/privacy , https://adssettings.google.com/authenticated.

 

Functions of the Twitter service are integrated on our pages as described above.
These functions are offered by Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA). The use of the Twitter plugin is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media.
For more information, please refer to the privacy policy of Twitter at:
https://twitter.com/privacy , https://twitter.com/personalization.

 

On our pages, functions of the TikTok service are integrated as described above. These functions are offered by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland) for users in the European Economic Area and by TikTok Inc. (5800 Bristol Parkway, Suite 100, Culver City, CA 90230, USA) for users outside the EEA.
The use of the TikTok plugin is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media.
You can find more information on TikTok’s data processing in their privacy policy at:
https://www.tiktok.com/legal/page/eea/privacy-policy/en

 

Use of YouTube

We use the YouTube video embedding feature of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube" on our website. YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). The function displays videos stored on YouTube in an iFrame on the website. The option "Extended data protection mode" is activated. This means that YouTube does not store any information about visitors to the website. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transmitted to the USA. Google has certified itself in accordance with the US-EU data protection agreement "Privacy Shield" and is thus obligated to comply with the European data protection guidelines. The data processing is based on Art. 6 (1) lit. f DSGVO from the legitimate interest in the demand-oriented and targeted design of our website. You have the right to object to this processing of your personal data based on Art. 6 (1) (f) DSGVO at any time for reasons arising from your particular situation. For more information about the collection and use of data by YouTube and Google, about your rights in this respect and options for protecting your privacy, please refer to YouTube's privacy policy at
https://www.youtube.com/t/privacy.

 

Newsletter mailing

We use your e-mail address independently of the contract processing exclusively for our own advertising purposes for sending newsletters, provided that you have expressly consented to this. The processing is based on Art. 6 (1) lit. a DSGVO with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. To do so, you can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your e-mail address will then be removed from the distribution list.

 

Google reCAPTCHA

We use the reCAPTCHA service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google" on our website. If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller of your data. Accordingly, Google Ireland Limited is the Google affiliated company responsible for processing your data and ensuring compliance with applicable data protection laws. The query serves the purpose of distinguishing the input by a human or by automated, machine processing. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and, if applicable, other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and may also be transmitted to the USA. Google has certified itself according to the US-EU data protection agreement "Privacy Shield" and is thus obliged to comply with the European data protection guidelines. The processing is based on Art. 6 (1) lit. f DSGVO from the legitimate interest to protect our website from automated spying, abuse and SPAM. You have the right to object at any time to this processing of your personal data based on Art. 6 (1) lit. f DSGVO for reasons arising from your particular situation.
You can find more information about Google reCAPTCHA as well as the associated privacy policy at:
https://www.google.com/recaptcha/intro/android.html as well as
https://www.google.com/privacy.

 

Legal basis of data processing

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) lit. a DSGVO serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 (1) lit. c DSGVO serves as the legal basis.
In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6(1) lit. d DSGVO serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6(1) lit. f DSGVO serves as the legal basis for the processing. The legitimate interest of our company lies in the performance of our business activities.

 

Deletion and blocking of personal data

The controller processes and stores personal data of the data subject only for as long as necessary to achieve the purpose of storage. In addition, storage may take place insofar as this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.
As soon as the purpose of storage ceases to apply or a storage period prescribed by the aforementioned regulations expires, the personal data is routinely blocked or deleted.

 

Data subject rights

If your personal data is processed, you are a data subject within the meaning of the DSGVO and you have the following rights vis-à-vis the controller:

 

Right to information

In accordance with Art. 15 DSGVO, you may request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request information from the controller about the following:

  • the purposes for which the personal data are processed;
  • the categories of personal data which are processed;
  • the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
  • the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
  • the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
  • the existence of a right of appeal to a supervisory authority;
  • any available information on the origin of the data, if the personal data are not collected from the data subject;
  • the existence of automated decision-making, including profiling, pursuant to Art. 22 (1) and (4) of the DSGVO and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 DSGVO in connection with the transfer.

 

Right to rectification

You have a right to rectification and/or completion vis-à-vis the controller, insofar as the processed personal data concerning you is inaccurate or incomplete. The controller shall carry out the rectification without undue delay.

 

Right to restriction of processing

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

  • if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
  • the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
  • the controller no longer needs the personal data for the purposes of processing, but you need them for the establishment, exercise or defense of legal claims; or
  • if you have objected to the processing pursuant to Art. 21 (1) DSGVO and it is not yet clear whether the legitimate grounds of the controller outweigh your grounds.

Where the processing of personal data concerning you has been restricted, such data may be processed, with the exception of their storage, only with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

 

Right to deletion

You may request the controller to delete the personal data concerning you without undue delay, and the controller is obliged to delete this data without undue delay, if one of the following reasons applies:

  • The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
  • You revoke your consent on which the processing was based pursuant to Art. 6 (1) a or Art. 9 (2) a DSGVO and there is no other legal basis for the processing.
  • You object to the processing pursuant to Art. 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) DSGVO.
  • The personal data concerning you has been processed unlawfully.
  • The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
  • The personal data concerning you has been collected in relation to information society services offered pursuant to Art. 8 (1) DSGVO.

 

Information to third parties

If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Art. 17 (1) of the DSGVO, he shall take reasonable measures, including technical measures, taking into account the available technology and the cost of implementation, to inform data controllers which process the personal data that you, as the data subject, have requested that they erase all links to or copies or replications of such personal data.

 

Exceptions

The right to deletion does not exist insofar as the processing is necessary to

  • for the exercise of the right to freedom of expression and information;
  • to comply with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • for reasons of public interest in the area of public health pursuant to Art. 9 (2) (h) and (i) and Art. 9 (3) DSGVO;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) DSGVO, insofar as the right referred to in paragraph 1 is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or
  • for the assertion, exercise or defense of legal claims.

 

Right to be informed

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right against the controller to be informed about these recipients.

 

Right of data portability

You have the right to obtain the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another controller without hindrance from the controller to whom the personal data has been provided, provided that

  • the processing is based on consent pursuant to Art. 6 (1) a DSGVO or Art. 9 (2) a DSGVO or on a contract pursuant to Art. 6 (1) b DSGVO and
  • the processing is carried out with the help of automated procedures.

In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

 

Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) lit. e or f DSGVO, in accordance with Art. 21 DSGVO. The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing.
Personal data for the purposes of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising.
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the possibility, in connection with the use of information society services - notwithstanding Directive 2002/58/EC - to exercise your right to object by means of automated procedures using technical specifications.

 

Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

 

Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects vis-à-vis her or similarly significantly affects her.
This does not apply if the decision

  • is necessary for the conclusion or performance of a contract between you and the controller,
  • is permitted by legal provisions of the Union or the Member States to which the controller is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests, or
  • is carried out with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 (1) DSGVO, unless Art. 9 (2) (a) or (g) applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests. With regard to the cases referred to in a. and c. above, the controller shall take reasonable steps to safeguard the rights and freedoms of, and the legitimate interests of, the data subject, which shall include, at least, the right to obtain the intervention of a person from the controller, to express his or her point of view and to contest the decision.

 

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence or of the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the DSGVO.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 of the DSGVO.

 

Duration of the storage of personal data

Personal data is stored for the duration of the respective statutory retention period. After expiry of this period, the data is routinely deleted, unless it is necessary for the initiation or fulfillment of a contract.