At Stealkey Customs, your satisfaction is our top priority, and part of our job is to protect your privacy
1. We are responsible for your data
As a visitor to our website, you expect a high level of quality and competence not only from our offers and service, but also in the processing of your personal data.
We are responsible for the handling of your data, which we process according to your wishes and in compliance with German and EU data protection laws. Personal data is data by which you are identified or identifiable. Your personal data will only be processed by us if a legal regulation permits this or if you have given your prior consent.
We, that is Reger & Gottschalk GbR "Stealkey Customs", Neu Roggentiner Straße 3a, 18184 Rogegntin and our service providers who process your data on our behalf for the purposes specified below (hereinafter: Stealkey, we). Our service providers include, for example, printers, lettershops, logistics companies, data centers, analytics service providers and payment service providers. Our service providers are prohibited from processing your data for other purposes or for themselves. You can also reach us by e-mail at firstname.lastname@example.org.
It is important to us that you can find out at any time from the following notices which personal data is collected during your visit to our website and when you use our services, and how we process it afterwards.
2. Scope of application
Our information on data protection applies to the following offers:
Our online offer, i.e. our webshop, available at https://www.stealkeycustoms.de.
Our contractual cooperation with manufacturers/suppliers and contacts of manufacturers/suppliers
Whenever reference is otherwise made to this data protection declaration from one of our offers (e.g. websites, subdomains, mobile applications, web services or integrations in third-party sites), irrespective of the way in which you access or use it.
3. Our data protection officer
If you have a question about data protection or data security, you can reach our data protection officer
by e-mail at email@example.com. and on site:
Reger & Gottschalk GbR
New Roggentiner Street 3a
4. How secure is your data?
We take technical and organizational security measures to protect your personal data against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons and to ensure the protection of your rights and compliance with applicable data protection laws of the EU and the Federal Republic of Germany.
The measures taken are intended to ensure the confidentiality and integrity of your data and to ensure the availability and resilience of the systems and services when processing your data on a permanent basis. They are also intended to quickly restore the availability of and access to the data in the event of a physical or technical incident. Our security measures also include encryption of your data. All information that you enter online is technically encrypted and only then transmitted. This means that this information cannot be viewed by unauthorized third parties at any time. Your data is protected by the SSL protocol (Secure Sockets Layer) with a 256-bit key.
Our data processing and security measures are continuously improved in line with technological developments. Our employees are committed in writing to confidentiality and compliance with the data protection requirements of the DSGVO.
5. Notes on data processing
Unless otherwise specified, the following applies to all processing described by us:
a. What are mandatory data or mandatory fields?
If certain data fields are designated as mandatory fields and/or marked with an asterisk ( * ) when collected, the provision of this data is either required by law or contract, or we need this data for the conclusion of the contract, the desired service or the stated purpose. The provision of data is of course at your discretion, even in the case of mandatory fields. Failure to provide such data may result in our not being able to fulfill the contract or provide the requested service or achieve the stated purpose.
In various cases, you have the option of also giving us your consent (where applicable for part of the data) to further processing in connection with the processing described below. In this case, we will inform you separately about the modalities and scope of the consent and the purposes we pursue with these processing operations in connection with the submission of the respective declaration of consent. The processing operations based on your consent are therefore not listed again here (Article 13 (4) DSGVO).
c. Transfer of personal data to third countries
If we transfer data to third countries, i.e., countries outside the European Union (EU) or the European Economic Area (EEA), then the transfer takes place exclusively in compliance with the legally regulated admissibility requirements, i.e., if an adequacy decision pursuant to Article 45 of the GDPR or appropriate safeguards pursuant to Article 46 of the GDPR exist.
One of these adequacy decisions is the European Commission's Implementing Decision (EU) 2016/1250 of 12.07.2016 on the so-called EU-US Privacy Shield for the USA. For transfers to companies that are certified under the EU-US Privacy Shield, the level of data protection is generally considered adequate within the meaning of Article 45 of the GDPR. Furthermore, adequacy decisions exist for certain countries such as Switzerland, Canada and Israel.
Alternatively or additionally, the conclusion of the EU standard data protection clauses issued by the European Commission with the receiving entity creates appropriate safeguards pursuant to Art. 46 (2) c) DSGVO as well as an adequate level of data protection. Copies of the EU standard data protection clauses are available on the European Commission's website at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_de.
d. Hosting with external service providers
Our data processing is carried out to a large extent using so-called hosting service providers, who provide us with storage space and processing capacity in their data centers and also process personal data on our behalf according to our instructions. It may happen with all of the functionalities mentioned below that personal data is transferred to hosting service providers. These service providers either process data exclusively in the EU/EEA or an adequate level of data protection is guaranteed in compliance with the admissibility requirements set forth in c. below.
e. Transfer to government authorities
We transfer personal data to state authorities (including law enforcement authorities) if this is necessary for the fulfillment of a legal obligation to which we are subject (legal basis: Art. 6 para. 1 c) DSGVO) or if it is necessary for the assertion, exercise or defense of legal claims (legal basis Art. 6 para. 1 f) DSGVO).
f. Storage period
As a matter of principle, personal data will only be used by us for as long as it is necessary for the respective processing purpose. After this time, the data will no longer be processed by us, but will be deleted at regular intervals, unless continued processing and storage is provided for by law (in particular because it is necessary to fulfill a legal obligation such as the statutory retention periods pursuant to §§ 238, 257 HGB, §147 AO or for the assertion, exercise or defense of legal claims) or you give us consent that goes beyond this.
g. Designations of data categories
In particular, the following summary category designations are used in the next sections for certain types of data:
Account Data: Login/user ID and password
Personal master data: Title, salutation/gender, first name, last name, date of birth.
Address data: street, house number, address additions if applicable, postal code, city, country
Contact data: Telephone number(s), fax number(s), e-mail address(es).
Registration data: Information about the service through which you have registered; timing and technical information about registration, confirmation and deregistration; data provided by you when registering.
Order Data: Products ordered, prices, payment and delivery information.
Payment data: Account data, credit card data, data on other payment services
User profile data Newsletter: opening of the newsletter (date and time), content, selected links, also the following information of the accessing computer system: used Internet Protocol address (IP address), browser type and version, device type, operating system and similar technical information.
Access data: Date and time of the visit to our service; the page from which the accessing system reached our site; pages accessed during use; data for session identification (session ID); also the following information of the accessing computer system: Internet protocol address (IP address) used, browser type and version, device type, operating system and similar technical information.
6. What are your data processed for?
a. Contact / Inquiries
If you have any questions or requests, we are at your disposal. We process your information to answer your inquiries (Art. 6 para. 1 b, f DSGVO). The communication of address and telecommunication data marked as mandatory is necessary in order to process and respond to your request. The voluntary provision of further data facilitates the processing of your request.
We usually store the information from your inquiry for six months after answering the inquiry in case of further inquiries, if it does not concern commercial or business letters, we store these for six years (§ 257 para. 4 HGB, Art. 6 para. 1 c DSGVO). For contract-related inquiries, please refer to letter c.
We process your required registration details (mandatory details, e.g. name, e-mail address and password) as well as any further data voluntarily provided in the course of your use for setting up and your use of the functions of our portal (Art. 6 para. 1 b DSGVO). We store your registration details until you cancel your access by informing us accordingly (for contact details, see section 3), provided that there are no other retention periods to the contrary. These may result, for example, from your orders (see letter c.).
In the case of an order or other contract-related inquiries, we initially process your personal data for the processing or handling of the order or other contract-related inquiry and, if necessary, for the corresponding invoicing (Art. 6 para. 1 b DSGVO).
Insofar as data are marked as mandatory, they are required for the processing or handling of the corresponding contract or for invoicing.
We store your data relevant to the order and the associated documents (e.g. commercial letters, invoices) in accordance with the statutory requirements for six years (Section 257 (4) HGB, Art. 6 (1) c DSGVO) or ten years (Section 147 (3) AO, Art. 6 (1) c DSGVO) after conclusion of the contract in accordance with the statutory requirements.
Postal advertising and customer analyses: We also process the data from orders and inquiries to the legally permissible extent for sending catalogs and advertising by mail from our company and from friendly companies in the trade, publishing, telecommunications and financial sectors as well as donation organizations and for internal marketing and customer analyses to the legally permissible extent in order to be able to offer you suitable information (Art. 6 para. 1 f DSGVO). Our analyses are regularly pseudonymized.
E-mail advertising with consent: With your explicit consent, which can be revoked at any time, we will inform you about our offers by e-mail (Section 7 (2) No. 3 UWG, Art. 6 (1) a DSGVO). For revocation of consent and its consequences, see section 7 below. We process your mandatory data when you give your consent in order to send you the selected newsletter and to be able to address you personally. When obtaining your consent, we use the so-called double opt-in procedure online to prevent our e-mail messages from being sent to e-mail addresses of persons who have not requested them. In this process, in accordance with the requirements of the data protection supervisory authorities, your IP address is also recorded and stored for documentation purposes (Art. 7 para. 1, Art. 6 para. 1 c DSGVO).
E-mail advertising as part of the business relationship: If you have provided us with your e-mail address when placing your order, we will also inform you by e-mail about our products or services to the extent permitted by law (Section 7 (3) UWG, Art. 6 (1) f DSGVO). Of course, you can object at any time at basic rates (see point 7 below).
Storage period for advertising purposes: We store your data collected for advertising purposes as long as the advertising purpose exists or until we receive a revocation of your consent or your objection to the processing of your data for advertising purposes (see number 7 below).
Change of purpose: If we change the purposes of processing over time, we will inform you in advance by updating this privacy notice.
e. Extended storage periods
The specified storage periods may be extended accordingly if, in individual cases, in particular if the data is processed for different purposes, there is a longer statutory or contractual retention period.
7. Right of objection and revocation at any time
You have the right to object to the processing of your data at any time for reasons arising from your particular situation, provided that the legal requirements are met.
Also, if you object to the processing of your data for advertising purposes or wish to revoke a granted consent, a short message to our data protection officer by e-mail to firstname.lastname@example.org or Reger & Gottschalk GbR, "Stealkey Customs", Neu Roggentiner Straße 3a, 18184 Roggentin, is sufficient at any time; in the case of e-mails, pressing the unsubscribe button in the e-mail is sufficient. Your data will then no longer be processed for the purposes covered by the advertising objection or the revocation of consent.
The lawfulness of the processing carried out until the objection or revocation remains unaffected.
After your objection to the processing of your personal data for advertising purposes or the revocation of your consent, we are obligated under data protection law in accordance with the requirements of the German data protection supervisory authorities to include the data required for this purpose (name, address, e-mail address) in our internal advertising block list and to store (block) it permanently - for this purpose only - and to use it for comparison with our future advertising files (Art. 21 Para. 3, Art. 17 Para. 3 b, Art. 6 Para. 1 c, f DSGVO). In this way, the observance of your advertising objection or the revocation of your consent can be permanently ensured.
8. What are cookies and what are they used for?
Cookies are small files that are stored on your data carrier and save certain settings and data for exchange with our system via your browser. Basically, we distinguish between 2 different types of cookies, so-called session cookies, which are deleted as soon as you close your browser, and temporary/permanent cookies, which are stored on your data carrier for a longer period of time or indefinitely. This storage helps us to design our websites and our offers for you accordingly and makes it easier for you to use them, for example, by storing certain entries from you in such a way that you do not have to repeat them constantly.
Cookies are used on this website (§ 12 para. 1 TMG) to enable and ensure the technical functions required for the requested services, e.g. the shopping cart function (Art. 6 para. 1 b and f DSGVO), to observe the rejection of cookies ("opt-out" cookies) (Art. 6 para. 1 c DSGVO).
c. What data is stored in the cookies?
Only pseudonymous data is stored in the cookies we use. When the cookie is activated, it is assigned an identification number and no assignment of your personal data to this identification number is made. Your name, IP address or similar data that would allow the cookie to be assigned to you are not placed in the cookie. Based on the cookie technology, we only receive pseudonymized information, for example, about which pages of our store were visited, which products were viewed, etc.
d. How can you prevent cookies from being stored?
In your browser you can set that a storage of cookies is only accepted if you agree to it. If you only want to accept the Stealkey cookies, but not the cookies of our service providers and partners, you can select the setting in your browser "Block third-party cookies". You will usually be shown how to reject new cookies and turn off cookies you have already received in the menu bar of your web browser via the help function. Detailed information on how to make the settings in the browser you use can be found at the following link. We recommend that if you use shared computers that are set to accept cookies and Flash cookies, you always log out completely when you are finished.
e. Are there also cookies from third-party providers (so-called third-party cookies)?
We make use of some advertising partners who help to make the Internet offer and the web pages more interesting for you. Therefore, cookies from partner companies are also stored on your hard drive when you visit the websites. These are temporary/permanent cookies that are automatically deleted after the specified time. These temporary or permanent cookies (lifetime 14 days to 10 years) are stored on your hard drive and delete themselves after the specified time. The cookies of our partner companies also contain only pseudonymous mostly even anonymous data. This is, for example, data about which products you have viewed, whether something was purchased, which products were searched for, etc.. In this context, some of our advertising partners also collect information beyond the websites about which pages you have previously visited or which products you were interested in, for example, in order to be able to show you advertising that best matches your interests. This pseudonymous data is at no time merged with your personal data. Their sole purpose is to enable our advertising partners to address you with advertising that might actually interest you.
f. Rejection/deletion of cookies
You can set your web browser to notify you when cookies are set or to generally refuse or restrict the setting of cookies. If you disable or restrict cookies using your browser, however, you will no longer be able to use various functions on our website. You can use your web browser to delete stored cookies at any time, even automatically. You can find out about this option for the most commonly used browsers via the following links:
Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&answer=95647
If you have not made or do not make any deviating settings, cookies, which are intended to enable and ensure the necessary technical functions, remain on your terminal device until you close the browser.
9. Use of web analysis/tracking
We use - like almost every website operator - analysis tools in the form of tracking software to determine the frequency of use and the number of users of our website. For example, we use Google Analytics®, a web analytics service provided by Google, Inc. This tracking software uses so-called cookies, which are stored on a user's computer to technically enable an analysis of the use of the website (see section Cookies). The information generated by the cookie about the use of this website is used to compile reports about the activities on the website and to provide other services related to the use of the website. Your IP address is made unrecognizable and thus anonymized. With this software, neither we nor the operators of the respective analysis tools can collect personal information that allows conclusions to be drawn about the identity of the users. You can find more details on the web tracking and data protection of these providers and their technology on the specified websites of the companies mentioned:
Google (Universal) Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
This website uses Google Analytics exclusively with the extension "_anonymizeIp()", which ensures an anonymization of the IP address by shortening and excludes a direct personal reference. Through the extension, your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google LLC. server in the USA and shortened there. In these exceptional cases, this processing is carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
In the event that personal data is transferred to Google LLC. based in the USA, Google LLC. has certified itself for the US-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
Further information on Google (Universal) Analytics can be found here: https://support.google.com/analytics/answer/2838718?hl=de&ref_topic=6010376.
Stealkey Customs uses the services of Dynamic Yield Ltd (Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, England, RG7 1NT). With the recommendation tool Dynamic Yield, our website is optimized on the basis of Art. 6 (1) lit. f DSGVO to make your website visit a personal experience through tailored recommendations and content. In doing so, we use the page content you visit to recommend equivalent or thematically related products or other content that is relevant to you.
For this purpose, Dynamic Yield collects pseudonymized information about your usage activities on our site. Cookies are used to store only pseudonymized information under a randomly generated ID (pseudonym). Your IP addresses are only stored anonymously. A direct personal reference is therefore not possible.
You can prevent the collection by Dynamic Yield by clicking on this link. An opt-out cookie will be set, which prevents the future collection of data from your visit to this website.
In addition, you can find more information about the tracking technology used at the following link: https://www.dynamicyield.com/platform-privacy-policy/
10. How can you exercise your data protection rights?
If you have questions about the processing of your personal data by us, we will of course be happy to provide you with information about the data concerning you (Art. 15 DSGVO).
In addition, if the legal requirements are met, you have a right to rectification (Art. 16 DSGVO), erasure (Art. 17 DSGVO), restriction of processing (Art. 18 DSGVO), objection (Art. 21 DSGVO) and, as of 25.05.2018, the right to data portability (Art. 20 DSGVO).
In all these cases, please contact our data protection officer (see 2. above at the communication addresses mentioned there).
Finally, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 DSGVO, § 19 BDSG).
From time to time, it is necessary to adapt the content of these notes on data protection for data collected in the future. We therefore reserve the right to amend this notice at any time. We will also publish the amended version of the data protection information here. When you visit us again, you should therefore read through the data protection information again.
Status: June 2023