• Compare ()
Toggle Nav Toggle Nav
Language
Merkliste english
Merkliste
Cart Cart 0
Menu
Account
Settings
Language
Merkliste english
Region / Language
Search
Login / Register
Wishlist
Cart

Privacy policy (processing of customer data)

We take the protection of personal data very seriously and therefore want the processing of your data to be open and transparent.


1. Who is responsible for data processing?

    The Austrian company BMK Handelsund Vertriebs GmbH is responsible for processing the data you provide according to the applicable data protection law.


    BMK Handels- und Vertriebs GmbH
    Schuhfabrikgasse 17/2
    1230 Vienna
    Austria

    Tel: +43 (0)1 803 87 67 - 0
    Fax: +43 (0)1 803 87 58
    E-Mail: info@popolini.com

    Company register number: 1010 Vienna, FN 187544a
    Austrian economic chamber: Vienna, Sektion Handel
    UID: ATU 47961102


    Where this privacy statement refers to "us", "we", or "BMK", this refers to the company named above. Our data security officer can be contacted via info@popolini.com or the postal address mentioned above.


2. Which data is processed?

    2.1. When you visit our website:

      There is no personal information needed when visiting our popolini online shop at any time. In this case, the technical access data that your browser automatically transmits to our server in the context of page requests. These access data includes the following information:

        -  Date and time of your access

        -  Address of the accessed website

        -  Content of the requested files (addresses and names)

        -  Online identifiers such as IP address, device identifier, session IDs

        -  Any error messages (if the requested content is not displayed)

        -  The previously accessed page from which you were redirected to our online shop.


      Our website uses Google Analytics; for more information, see point 5.

      While you are on the popolini online shop, we collect all the data you actively communicate while using the functions. For example, we learn which articles you are interested in if you add them to your wish list.


    2.2. Use of cookies

      We use cookies in our online shop, which may be cookies set by us. A cookie is a standardized text file stored by your browser for a while (validity period) specified in advance by the respective provider. Cookies enable the local storage of information, such as language settings, shopping cart contents and temporary identification features, which can be queried on subsequent visits to the website to reload the relevant settings. However, you can view and delete the stored cookies in the security through your browser settings. Furthermore, you can configure your browser settings to your preferences and thus refuse to accept cookies. However, we would like to point out that you may not be able to use all functions of our online shop in this case.


    2.3. When you create a customer account at popolini:

      Of course, you can also shop as a guest in our online shop. You do not have to create a personal customer account to be able to shop online. However, registering in our online shop can make future purchases easier for you and provide a more personalized and simpler shopping experience. For your next order, your address, information, and payment method will be preselected. With the customer account, we can store your data (e.g. order data, delivery data, wish lists of the products you specified) collected in our customer database and display personalized product recommendations based on your previous shopping interests.

      If you register to our online shop, we will create password-protected direct access to your master data stored with us (e.g. name, address, date of birth, telephone number, e-mail address), order data (e.g. ordered products, item numbers, size information) and other information (e.g. wish list products). The mandatory fields required for registration are marked separately, e.g., an asterisk ("*"). Voluntary information is requested for personalized offers. In addition, we point out that for security reasons, we temporarily store the IP address sent by you during registration.

      You can edit and delete your popolini customer account and the information stored in it at any time. To delete your customer account, send us an informal message by e-mail to shopwien@popolini.com. You can also send your request by mail to the address above, or feel free to use our contact form. Please note that the deletion of the customer account does not automatically extend the order transactions that have been already made and stored by personal data. Please refer to the point "How long will my data be stored?".


    2.4. When you order online from popolini:

      In addition to the products you order, we collect data directly related to the execution of your order. These include in particular:

        -  details of the products ordered (e.g. article name, article number, size)

        -  your e-mail address

        -  Invoice and delivery address

        -  payment details

        -  details about returns and complaints (e.g. reasons for return, reasons for complaint)

        -  order number

        -  tracking numbers of shipping service providers (e.g. DPD parcel service, GLS Austria)


    2.5. When you contact us:

      If you contact us via our contact form, e-mail, telephone, or other means, we will collect the data that arises. Depending on which platform you visit us from, the data will appear from your contact details; (e.g. email address, telephone number, address) and message.

      We also use social media platforms (e.g. Facebook) to engage with our customers. Please be aware that we do not influence the terms of use of the social media platforms and their data processing practices. Therefore please check carefully which personal data you transmit to us via social media platforms.


    2.6. If you order the popolini newsletter:

      We need this information to send and personalize our newsletter. Voluntary information is also used to personalize the newsletter.

      Once you have signed up for the popolini newsletter, we store your data provided for this purpose (e.g. name, gender, email address, date of birth) to send newsletters.

      To prevent the misuse of e-mail addresses, we usually ask you, with an automated process by e-mail, to confirm the application you have made. Your registration and, if applicable, the confirmation will be logged, and the IP address used for this purpose can be documented.

      You can unsubscribe from the popolini newsletter at any time. To unsubscribe, you can use the unsubscribe link in each newsletter or our contact form.


3. For what purposes will your data be used?

    3.1. Provision of the popolini online shop:

      When you visit our popolini online shop, we process the access data we receive from you (e.g. server log files and cookies). This enables us to provide our website, content, and functions you access to ensure the stability and security of our IT systems and databases.

      Legal basis: If you use the popolini online shop with your customer account, the legal basis is Article 6(1)(b) of the GDPR (contract performance and pre-contractual measures).

      If you visit the popolini online shop without logging in, the legal basis is Article 6(1)(f) of the GDPR (balance of interests based on our legitimate interests mentioned above).

      Once you consent to our data processing, the primary legal basis is your consent (Article 6(1)(a) of the GDPR).


    3.2. Contract fulfilment (processing of the purchase)

      We process your data to execute the contracts concluded with you and the fulfilment of your desired services. The purposes are primarily based on the specific contents of the agreement or the services required from you. Details regarding the terms and conditions can be found at any time in our General Terms and Conditions.


      The data that will be processed:

        -  Data to set up and provide your customer account

        -  Data for the execution of purchase contracts

        -  Data for the implementation of competitions

        -  Communication with you regarding changes relevant to the contract, safety instructions, etc.


      Legal basis: Article 6(1)(b) of the GDPR (contract performance and pre-contractual measures).


    3.3. Personalization of our popolini online shop

      Information we receive from you regarding the shopping experience enables us to continuously improve our services and make them more customer-friendly and personal. The information you provide (e.g. your master data, order data, access data, search entries, or even your wish list) will be used further to develop our online shop's content regarding your needs. This way, we make it easier for you to find the products you have searched for frequently (e.g. while searching for a product, we can highlight those products that match your wish list).

      Furthermore, we also use this information for individual product recommendations, insofar as these are part of the personalized service offer or advertising addressed directly to you (e.g. newsletter, customer account).


      Legal basis: If you use the popolini online shop with your customer account, the legal basis is Article 6(1)(b) of the GDPR (contract performance and pre-contractual measures).

      If you use the popolini online shop without logging in, the legal basis is Article 6(1)(f) of the GDPR (balance of interests based on our legitimate interests mentioned above).

      Once you consent to our data processing, the primary legal basis is your consent (Article 6(1)(a) of the GDPR).


      Do you not want the usage of your data for personalization?

      Suppose you do not want your master, order, and access data to personalise our online shop during your visit. In that case, you can always unsubscribe from your customer account and use the popolini online shop as a guest. Thus, the data will no longer be used in the personalization process. As a guest, the personalization is carried out exclusively based on your access data which we collect as part of the web analysis (point 5) during your visit to our online shop.

      If this is also not desired, you can deactivate the personalization based on your access data at any time by deactivating the web analytics services mentioned in point 5.

      Detailed information on your data privacy rights and choices is to be found under point 9 (your data protection rights are) and under point 10 (your rights of revocation and objection).


    3.4. Personalization of our popolini online shop

      We further process your data to carry out our customer service. This includes, for example:

        -  The processing of your requests and concerns, inquiries by our customer service

        -  Non-promotional communication with you (e.g. safety instructions, advice)


      Legal basis: Article 6(1)(b) of the GDPR (contract performance and pre-contractual measures).


    3.5. Payment process

      Depending on the payment method agreed upon, we pass on the data relevant for payment processing to the payment service provider commissioned with the payment. In some cases, the payment service providers also collect this data on their responsibility. To this extent, the data protection guidelines of the respective payment service provider apply.

      The transfer of your data to external payment service providers is based on Article 6(1)(b) of the GDPR (contract performance).


    3.6. Consent processing of your data

      As far as you have consented to us processing your personal data for specific purposes, the legal basis of the data processing for these particular purposes is primarily your consent (Article 6(1)(a) of the DSGVO).

      Withdrawal of consent

      According to Article 7(2) of the GDPR, you have the right to revoke the consent you have given to us at any time. As a result, we will not continue the data processing based on this consent in the future. The revocation of your consent does not affect the lawfulness of the processing carried out based on the consent until the cancellation.


4. Store Locator (Google Maps)

    Our website uses the map service of Google Maps provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereafter "Google") for the "store locator" feature. For the Google map to be integrated and displayed in your web browser, it must establish a connection to the Google server located in the USA when you visit the contact page. If personal data is transferred to the USA, Google has submitted it to the EU-US Privacy Shield. Google receives information that the contact page of our website has been accessed from the IP address of your device.

    You can also use location data in the store locator to search for popolini stores or partners nearby and display them on Google Maps. For this purpose, you can enter any address data (e.g. country, postal code, city) in the search field. If you only want to search for stores in your current environment, you can also use the Store Finder's automatic location function by clicking on the "Stores nearby" button. By doing so, you activate the HTML5 "Geolocation" feature for automatic location determination, which is supported by all popular browsers. Before your browser performs the location determination, you must explicitly allow this by enabling the data protection reasons. Depending on which browser and device you use, your IP address, signals received from WLAN networks and mainly if you use a mobile device GPS and mobile signals will be used to determine your location. The address data you enter in the search field of the store search or the location automatically determined by your browser is transmitted to Google via an interface. The popolini stores or partners found in the vicinity can be displayed on the Google Maps map.

    If you visit the Google map service on our website while you are logged into your Google profile, Google may also link this event to your Google profile. If you do not want the association with your Google profile, you must log out of Google before using our store locator. Google stores your data and uses it for advertising, market research and personalized viewing of Google Maps. You can object to this data collection against Google.

    Please refer to Google's Privacy Policy and the Additional Terms of Use for Google Maps for more information.

    The legal basis for this data processing is Article 6(1)(f) of the GDPR, based on our legitimate interests in providing the store locator described above.


5. Web analytics

    5.1. Google Analytics

      This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies" that store text files on your computer, and it allows us to analyze how users use the site. The information generated by the cookie about your use of this website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information to evaluate your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.

      Google may also transfer this information to third parties if required by law or as far as third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that you may not be able to use the full functionality of this website if you do this.

      Using this website, you consent to process your data by Google in the manner and purposes set out above.

      You can object to the collection and storage of your data at any time with effect for the future. Given the discussion about using analysis tools with complete IP addresses, we would like to point out that to exclude direct personal reference and IP addresses are only processed in abbreviated form on this website as we use Google Analytics with the extension "_anonymizeIp()".

      You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de


6. Online advertisement

    6.1. Facebook

      For marketing purposes, our websites use so-called conversion and retargeting tags ("Facebook pixel") from the social network Facebook, a service of Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA ("Facebook"). We use Facebook Pixel to analyze our websites' general use and track the effectiveness of Facebook advertising ("Conversion"). In addition, we use the Facebook pixel to play individualized advertising messages based on your interest in our products ("retargeting"). Facebook processes data that the service collects via cookies and similar technologies on our websites.

      The data generated in this context may be transferred by Facebook to a server in the USA for evaluation and stored there. If personal data is transferred to the USA, Facebook has submitted it to the EU-US Privacy Shield.

      Suppose you are a member of Facebook, Facebook may also link the information collected about your visit to us to your member account and use it for the targeted placement of Facebook ads, if you allowed Facebook via the privacy settings of your account to do so. You can view and change the privacy settings of your Facebook profile at any time. If you are not a Facebook member, you can prevent data processing of Facebook by clicking the deactivation button for the "Facebook" provider on the external TrustArc opt-out website.

      If you deactivate data processing by Facebook, Facebook will only display general Facebook ads that are not selected based on the information collected about you.

      More information is found in the data policy of Facebook.


7. Whom will your data be shared with?

    In principle, your data will only be passed on if:

      -  You have given your express consent according to Article 6(1)(a) of the GDPR,

      -  The disclosure is required under Article 6(1)(f) of the GDPR for the assertion, exercise and defence of legal claims.

      -  The disclosure is required by law under Article 6(1)(c)or(e) of the GDPR. Especially if we are obliged to provide information to an authority.

      -  The disclosure is legally permissible and required under Article 6(1)(b) of the GDPR to process contractual relationships with you and the implementation of pre-contractual measures that take place at your request.


    Some of the data processing described in our privacy policy may be carried out on our behalf by external service providers. In addition to the aforementioned external service providers, this may include consulting companies.

    If we pass on data to our service providers, they may only use the data to perform their tasks. Processing your data by the commissioned service providers takes place within the framework of order processing according to Article 28 of the GDPR. The service providers are carefully selected and authorised by us. They are contractually bound to our instructions and have suitable technical and organizational measures to protect the rights of the data subjects and are controlled by us.

    Suppose we transfer your data beyond this privacy policy to a service provider located outside the European Economic Area. In that case, we will inform you separately about this circumstance and how the data transfer is protected. If you would like to receive copies of the guarantees in this case, please contact our data protection regulation officers.


8. How long will your data be stored?

    Unless otherwise stated in our privacy policy, we will only store your data as long as needed to fulfil our contractual, legal obligations, the purposes for which the data was initially collected, or we have a legitimate interest in the continued storage.

    In all other cases, we delete your personal data except such data that we must continue to retain to comply with statutory retention periods. However, in these cases, we will restrict processing, i.e. your data will only be used to comply with legal obligations.

    Upon termination or deletion of your customer account in our online shop, we will delete all data stored about you there. If a complete deletion of your data is not possible or necessary for legal reasons, the relevant data will be restricted for further processing. In general, your order, payment data and possibly other data are subject to the legal obligation to retain data from the German Commercial Code and the German Fiscal Code. We are therefore obliged to retain this data for up to 10 years.

    Even if your data is not subject to any storage obligation, we may refrain from deleting it in the cases permitted by law and instead block the customer account. This applies when we may still need the data in question to process the contract or legal prosecution or legal defence. The statutory limitation periods are decisive for the duration of the block.


9. What are your privacy rights?

    To assert your statutory data protection rights described below, you can contact our data protection officer at any time, as described under point 1, "Who is responsible for data processing?".

    You have the right to request information about the processing of your personal data by us at any time. When providing you with information, we will explain the data processing and provide you with an overview of the data stored about you.

    If we have stored incorrect or outdated data, you have the right to report this data.

    You can also request the deletion of your data. If the deletion is exceptionally not possible due to legal regulations, the data will be blocked so that you are only available for this legal purpose.

    Furthermore, you may restrict the processing of your personal data (e.g. if you believe that the data stored by us is incorrect).

    You have the right to data portability, which means that we will provide you with a digital copy of the personal data you have provided to us upon request.

    You also have the right to complain to the data protection supervisory authority. The supervisory authority is responsible for the Austrian Data Protection Authority, Wickenburggasse 8, 1080 Vienna.


10. Which right of revocation and contradiction do you have?

    Would you like to make use of your following right of revocation and objection? All you need to do is send an informal message (e.g. by e-mail, phone, mail or via our contact form) to the contact details mentioned under point 1.


    Revocation of consent

    According to Article 7(2) of the GDPR, you have the right to revoke the consent you have given to us at any time. This has the consequence of no longer continuing the data processing based on this consent for the future. The revocation of your consent does not affect the lawfulness of the processing carried out based on the consent until the cancellation.


    Objection to the processing of your data

    Insofar as we process your data based on legitimate interests under Article 6(1)(f) of the GDPR, you have the right to object to the processing of your data under Article 21 of the GDPR, provided that there are reasons for this arising from your particular situation or the opposition is directed against direct mail. In the latter case, you have a general right of objection that we will also implement without reasons.


11. Data security

    We maintain appropriate technical measures to ensure data security, mainly to protect your data from risks during data transmissions and from unauthorized access by third parties. These are adapted to the current state of the art.


12. Change of privacy policy

    We occasionally update our privacy policy (e.g. if we make any changes in our website or any regulatory or governmental requirements). Significant changes will be documented in this privacy statement, and we obtain our customers' consent.