Christian Engelhard
Kreuthof 1
91719 Heidenheim
The following overview summarizes the types of data processed and the purposes of their processing, and refers to the data subjects.
In the following, we inform you about the legal basis of our data processing operations.
National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations apply to data protection in Germany. This includes in particular the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). The BDSG contains, inter alia, provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, data processing for other purposes and transmission as well as automated individual decision-making.
Note on the basis of our data protection declaration: The GDPR has a direct effect in the member states of the European Union. The DSGVO is therefore applicable in the member states.
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, in order to ensure a level of security appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input, disclosure, ensuring availability and separation of data.
As part of our processing of personal data, it may happen that the data is transferred to other bodies, companies or persons or that it is disclosed to them. The recipients of this data may include, for example, payment institutions within the framework of order processing, IT service providers or providers of services and content that are integrated into a website.
In the course of our processing of personal data, it may happen that the data is transferred to other bodies, companies or persons or that it is disclosed to them in a third country i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation.
The recipients of this data may include, for example, international IT service providers or providers of services and content that are integrated into a website.
The EU-US Trans-Atlantic Data Privacy Framework is an intergovernmental agreement between the United States of America and the European Union on the basis of which the European Commission has issued an adequacy decision for the United States. The framework provides that the data protection standards of the GDPR are essentially reflected in the United States, which is why the United States is considered a secure third country for data transfers from the EU.
You have the following rights, which you can exercise at any time by contacting the responsible party mentioned at the beginning of this privacy policy:
This Website doesn't use any cookies.
We process user data in order to provide them with our online services...
Collection of access data and log files: Access to our online service is logged in the form of so-called "server log files"...
As part of contractual and business relationships, we process data for payment processing. The processing is carried out to fulfill contractual obligations and due to legal requirements.
When paying via Whop Shop, your payment data will be transmitted to Whop Shop as part of the payment processing. The data processing is carried out on the basis of Art. 6(1)(b) GDPR (contractual performance).
When paying via PayPal, your data will be transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. The data transfer takes place in accordance with Art. 6(1)(b) GDPR.
When using Stripe as a payment method, your data will be forwarded to Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. The transfer takes place in accordance with Art. 6(1)(b) GDPR exclusively for payment processing.
Legal bases: Contractual performance and pre-contractual inquiries (Art. 6(1)(b) GDPR), Legal obligation (Art. 6(1)(c) GDPR), Legitimate interests (Art. 6(1)(f) GDPR).
When contacting us and within the framework of existing user and business relationships, the information of the inquiring persons is processed...
Contact form: When users contact us via our contact form, email, or other communication channels...