Privacy policy

Responsible for the processing of data is:

TouriSpo GmbH & Co. KG
Ebenäcker 2a
94121 Salzweg
Bayern
+49 (0)851-20424140
info@sportfits.de

Thank you for visiting our online shop. Protection of your privacy is very important to us. Below you will find extensive information about how we handle your data.

1. Access data and hosting

You may visit our website without revealing any personal information. With every visit on the website, the web server stores automatically only a so-called server log file which contains e.g. the name of the requested file, your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request.

These access data are analysed exclusively for the purpose of ensuring the smooth operation of the website and improving our offer. This serves according to Art. 6 (1) 1 lit. f) GDPR the protection of our legitimate interests in the proper presentation of our offer that are overriding in the process of balancing of interests. All access data are deleted no later than seven days after the end of your visit on our website.

Third-party hosting services

Data are also processed by a third-party provider that we have engaged to render hosting and website presentation services on our behalf. This provider processes on its servers all data that are collected in the manner specified below when you visit our website or fill in forms made available for this purpose in our online shop. Data are processed on other servers only in the scope described herein. This service provider is based in an EU or EEA member state.

2. Data collection and use for processing the contract, making contact and for opening a customer account

We collect personal data that you voluntarily submit to us when you place an order or contact us (e.g. via contact form or by email). Mandatory fields are marked as such because we absolutely need those data to perform the contract or process your contact request and you would otherwise not be able to complete your order or send the contact request. It is evident in each input form what data are collected. We use the data that you disclose to us to perform the contract and process your enquiries according to Art. 6 (1) 1 lit. b) GDPR.
As far as you have given your consent according to Art. 6 (1) 1 lit. a) GDPR by creating Your customer account, we use Your data for the purpose of opening the customer account.
Upon completion of the contract or deletion of your customer account, any further processing of your data will be restricted, and your data will be deleted upon expiry of the retention period applicable under relevant regulations, unless you expressly consent to the further use of your data or we reserve the right to further use your personal data in the scope and manner permitted by law, of which we inform you in this notice. Your customer account can be deleted at any time. For this purpose you can either send a message to the contact option specified below or use the relevant function available in the customer account.

3. Transfer of data

We disclose your data to the shipping company in the scope required for the delivery of the ordered goods according to Art. 6 (1) 1 lit. b) GDPR. Depending on the payment service provider you have selected during the ordering process, we disclose the payment details collected for order processing purposes to the bank commissioned to handle the payment and, as the case may be, to the payment service provider commissioned by us or to the selected payment service. Some of those data are collected by the selected payment service providers themselves if you open an account with them. In such a case, during the ordering process, you must register with your payment service provider using your access data. In this respect, the privacy notice of the relevant payment service provider applies.

In order to process orders and contracts we also use an external merchandise management system. The data transfer or the data processing that takes place in this respect is based on order processing.

Data transfer to debt collection companies

In order to fulfil the contract according to Art. 6 para. 1 s. 1 lit. b GDPR, we forward your data to an authorised debt collection agency if our payment claim has not been settled despite a previous reminder. In this case, the claim will be collected directly by the collection agency. In addition, the transfer of data serves to safeguard our legitimate interests in an effective assertion or enforcement of our payment claim in accordance with Art. 6 para. 1 s. 1 lit. f GDPR that are overriding in the process of balancing interests.

4. SportFits Club

If you are a member of the SportFits Club, we process personal data to enable you to participate in the program and provide you with your benefits. This includes in particular:

• Master data from your customer account (e.g., name, email address)
• Transaction data (e.g., purchase history, returns, sales figures)
• Program data (e.g., FitPoints collected, level status, progress indicators)
• Voluntary information (e.g., preferences from your SportFits profile).

The data is processed for the following purposes:

• Management of FitPoints and levels
• Implementation of club promotions and benefits
• Personalized communication (e.g., newsletters, exclusive offers)
• Analysis of program usage for further development of the club.

The legal basis is Art. 6 (1) (b) GDPR (fulfillment of the contract within the scope of your club membership) and, if you have given us your consent to receive advertising communications, Art. 6 (1) (a) GDPR. Your data will only be stored for as long as is necessary to fulfill the aforementioned purposes or as long as there are legal retention obligations. Data will only be passed on to external service providers for the technical processing of the SportFits Club (e.g., sending our newsletter, managing points). These service providers are contractually obliged to process your data only in accordance with our instructions (Art. 28 GDPR). Further information on your rights, in particular information, correction, deletion, and objection, can be found in the general information section of this privacy policy.

5. Email newsletter

If you have subscribed to our newsletter in your communication settings (profile/email communication), we will use the data required for this purpose or provided separately by you to send you our email newsletter on a regular basis based on your consent in accordance with Art. 6 (1) (a) GDPR. If we have received your email address in connection with a purchase or an existing customer relationship, we will also occasionally inform you about our own similar products and exclusive benefits of the SportFits Club. We consider these messages to be part of our service so that you can benefit from relevant offers. The legal basis for this is Section 7 (3) UWG (German Unfair Competition Act). You can, of course, unsubscribe at any time with future effect or object to the use of your email address for advertising purposes—for example, independently in your customer account under Profile/Email Communication, via the unsubscribe link in each email, or by sending us a short message. There are no additional costs for objecting. The newsletter is sent as part of processing on our behalf by a service provider within the EU/EEA.

5. Integration of the Trusted Shops Trustbadge

The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops Trustmark and the collected reviews as well as to offer Trusted Shops products to buyers after an order.

This is necessary to safeguard our legitimate prevailing interests in an optimal marketing by ensuring the safety of your purchase according to Article 6 (1) f GDPR. The Trustbadge and the services advertised with it are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany. The Trustbadge is made available by a CDN provider (Content-Delivery-Network) as part of order processing. The Trusted Shops GmbH uses also service provider from the USA. An adequate level of data protection is guaranteed. Further information to the data security of the Trusted Shops GmbH can be found here.

When the Trustbadge is called up, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data are stored in a security database for the analysis of security problems. The log files are automatically deleted 90 days after creation at the latest.

Further personal data will be transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or have already registered for use. The contractual agreement made between you and Trusted Shops applies. For this purpose personal data is automatically collected from the order data. Whether or not you are already registered as a Trusted Shops customer is automatically checked by means of a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted to this hash value, which cannot be decrypted by Trusted Shops before it is transmitted. After checking for a match, the parameter is deleted automatically.

This is necessary for the fulfillment of our and Trusted Shops' legitimate prevailing interests in the provision of the buyer protection linked to the specific order and the transactional review services in accordance with Art. 6 para. 1 s. 1 lit. f GDPR. Further details, including your right to object, can be found in the Trusted Shops Privacy Policy linked above and within the Trustbadge.

6. Cookies and web-analysis

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser during your next visit (persistent cookies). This serves the protection of our legitimate interests in the optimised presentation of our offer according to Art. 6 (1) 1 lit f GDPR that are overriding in the process of balancing of interests.
Cookies are also used for market research and for suitable product advertisements. Further information on this can be found in the notes for the respective tool below. You can find the storage period in the overview function in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or whether to exclude the acceptance of cookies in certain cases or in general. If cookies are not accepted, however, the functionality of our website may be restricted. Below you will find information on the cookies we use and the settings that can be made in your browser.

Necessary cookies:

These cookies are necessary to enable you to use our website. This includes e.g. cookies that enable you to log into the customer area or add items to your shopping cart.

Analytical / performance cookies:

These cookies enable collecting anonymised data about user behaviour on our website. We analyse them e.g. to improve the functionality of our website and recommend you products that will be interesting to you.

Functionality cookies:

These cookies are used for certain features of our website, e.g. to improve the website’s navigation, or deliver to you customised and relevant information (e.g. ads that match your interests).

Targeting cookies:

These cookies record information about your visit to the website, previously viewed pages and links you clicked. We use this information to tailor our website and displayed ads to your interests.

Third-party cookies:

The cookies of some of our advertising providers help make the on-line offering and our website more attractive to you. Therefore, cookies of our partner providers are also saved to your hard disk when you are visiting our website. These are temporary cookies and are automatically deleted after a specific timeframe. As a rule, cookies of our partner providers are deleted a few days or up to 24 months later, or in some cases after several years. Cookies of our partner providers do not collect personal data, either. They will collect exclusively pseudonymised data under a user ID. These pseudonymised data will not be associated with your personal data at any time.

How can I change cookie settings in my browser? Every browser has a different policy for managing the cookie settings. The browser’s policy is described in the Help menu of every browser and explains how you can change your cookie settings. To find out how to change the settings in your browser, see the links below:

Internet Explorer™
Safari™
Chrome™
Firefox™
Opera™

7. Online Marketing

Google reCAPTCHA

To protect against misuse of our web forms and spam, we use the Google reCAPTCHA service. Google reCAPTCHA is an offer from Google Ireland Limited, a company incorporated and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.co.uk). By checking a manual entry, this service prevents automated software (so-called bots) from carrying out abusive activities on the website. In accordance with art. 6 (1) 1 lit. f) GDPR, this serves to protect our legitimate interests in the protection of our website from misuse as well as in a trouble-free presentation of our online presence that are overriding in the balancing of interests.

Google reCAPTCHA uses a code integrated into the website, a so-called JavaScript, as part of the verification methods that enable an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website including your IP address is usually transmitted to a Google server in the USA and stored there. In addition, other cookies stored by Google services in your browser are evaluated by Google reCAPTCHA.
No personal data is read out or saved from the input fields of the respective form.

Where information is transmitted to and stored by Google on servers located in the United States, the U.S. company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the US and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

You can prevent Google from collecting the data generated by the JavaScript or the cookie and relating to your use of the website (including your IP address) and from processing this data by preventing the execution of JavaScripten or the setting of cookies in your browser settings. Please note that this may limit the functionality of our website for your use. Further information about data processing by Google can be found in Google's privacy policy.

Google Fonts

This website contains the script code "Google Fonts". Google Fonts is an offer from Google Ireland Limited, a company incorporated and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.co.uk). This serves to protect our legitimate interests in a uniform presentation of the contents on our website in accordance with Art. 6 (1) 1 lit. f) GDPR.
This will establish a connection between the browser you are using and Google's servers. This gives Google knowledge that our website has been accessed via your IP address.
Where information is transmitted to and stored by Google on servers located in the United States, the U.S. company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the US and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.
Further information about data processing by Google can be found in Google's privacy policy.

8. Social Media

To find out more about the purpose and scope of collection, further processing and use of the data by the providers on their websites, and to learn about the available contact options and your rights in this respect and how you can customise your browser to better protect your privacy, please see the data privacy policies of the providers:

Our online presence on Facebook

Our presence on social networks and platforms serves a better, active communication with our customers and interested parties. We inform there about our products and current special offers.
When you visit our websiteson social media, your data may be automatically collected and stored for market research and advertising purposes. So-called usage profiles are created from these data using pseudonyms. These can be used, for example, to place advertisements inside and outside the platforms that presumably correspond to your interests. For this purpose, cookies are usually used on your terminal. The visitor behaviour and the interests of the users are stored in these cookies. This serves in accordance with Art. 6 (1) 1 lit. f) GDPR to protect our legitimate interest in an optimised presentation of our offer and effective communication with customers and interested parties that are overriding in the balancing of interests. If you are asked by the respective social media platform operators for a consent into the data processing, e.g. with the help of a checkbox, the legal basis of data processing is Art. 6 (1) 1 lit. a) GDPR.
If the aforementioned social media platforms are headquartered in the USA, the following applies: The European Commission has adopted a decision on appropriateness for the USA. This goes back to the EU-US Privacy Shield. A current certificate for the respective company can be viewed here.
For detailed information on the processing and use of the data by the providers on their pages as well as a contact option and your rights and setting options for the protection of your privacy, in particular opt-out options, please refer to the providers' data protection information linked below. If you still need help, you can contact us.

Facebook: https://www.facebook.com/about/privacy/

Possibility to object (opt-out):

Facebook: https://www.facebook.com/settings?tab=ads

9. Sending rating reminders by email

Rating reminder by Trusted Shops

If, when or after placing your order, you have given us your express consent to doing so according to Art. 6 (1) 1 lit. a) GDPR, we will disclose your e-mail address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany (https://www.trustedshops.co.uk), so that they can email you a rating reminder.

You may revoke your consent at any time by sending a message to the contact option specified below or directly to Trusted Shops.

10. Contact possibilites and your rights

Being the data subject, you have the following rights according to:
• art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
•art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
• art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required
- to exercise the right of freedom of expression and information;
- for compliance with a legal obligation;
- for reasons of public interest or
- for establishing, exercising or defending legal claims;
• art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as
- the accuracy of the data is contested by you;
- the processing is unlawful, but you refuse their erasure;
- we no longer need the data, but you need it to establish, exercise or defend legal claims, or
- you have lodged an objection to the processing in accordance with art. 21 GDPR;
• art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
• art. 77 GDPR, the right to complain to a supervisory authority . As a rule, you can contact the supervisory authority at your habitual place of residence or workplace or at our company headquarters.

If you have any questions about how we collect, process or use your personal data, want to enquire about, correct, restrict or delete your data, or withdraw any consents you have given, or opt-out of any particular data use, please contact us directly using the contact data provided in our site notice.

Data protection Officer:

The controller within the meaning of the statutory data protection regulations is TouriSpo GmbH & Co. KG, Ebenäcker 2a, 94121 Salzweg, Germany.
If you have any questions about data protection, please contact our data protection officer Andrea Berger, Ebenäcker 2a, 94121 Salzweg, Germany, Phone: +49 (0)851-2042410,
e-mail: datenschutz@tourispo.com