Free shipping within Germany

Handmade in Hamburg, Germany

Sign up for our newsletter and get 10%

Your cart

Your cart is empty

Discover these collections.

Little Cuties
Pearls & Hearts
Fine Jewelry
Save 10%

Newsletter

Sign up and get a 10% discount on your first purchase

By completing this form you are subscribing to receive our emails and you can unsubscribe at any time.

Privacy policy

Data protection information

Nidus Claudia Bossau-Engelke, Eppendorfer Weg 253, 20251 Hamburg, Germany

valid from 25.05.2018

As of 25 May 2018, the uniform requirements of the EU General Data Protection Regulation ("GDPR") apply in the area of data protection throughout Europe. In the following data protection information, we inform you about the processing of personal data carried out by Nidus Claudia Bossau-Engelke, Eppendorfer Weg 253, 20251 Hamburg ("Nidus" and/or "we" and/or "responsible party") in accordance with the DSGVO and the Federal Data Protection Act ("BDSG 2018").

Please read our data protection information carefully. If you have any questions or comments about our data protection information, please feel free to contact us at contact@nidusthelabel.com.

Content

1. Name and Contact Details of the Data Controller

This data protection information applies to the data processing carried out by

Nidus Claudia Bossau-Engelke, Eppendorfer Weg 253, 20251 Hamburg, Germany.

Email address: contact@nidusthelabel.com

Represented by the owner: Claudia Bossau-Engelke

Website: www.nidusthelabel.com

2. Contact Details of the Data Protection Officer

Nidus is not obliged to appoint a data protection officer in accordance with Art. 37 DSGVO. Please direct any enquiries regarding data protection to the contact address stated under point 1.

3. Purposes of Data Processing, Legal Bases and Legitimate Interests Pursued by the Data Controller or a Third Party as well as Categories of Recipients

3.1. Accessing Websites/Applications of the Data Controller

3.2. Log Files

We use cookies, tracking tools, targeting methods and social media plug-ins for our website/application. The exact procedures involved and how your data is used for this purpose are explained in detail below.

Each time Nidus accesses websites/applications, information is sent to the server of our website/application by the respective internet browser of your respective end device and temporarily stored in log files, the so-called log files. The data records stored in this process contain, among other things, the following data, which is stored until automatic deletion: Information on the time of the retrieval, name of the page accessed, IP address of the requesting device, referrer URL (origin URL from which you came to our websites), the amount of data transferred, loading time, as well as product and version information of the respective browser used and the name of your access provider. The legal basis for the processing of the IP address is Article 6 (1) (f) DSGVO. Our legitimate interest results in particular from

  • Ensuring a comfortable use of our website/application, 

A direct conclusion to your identity is not possible on the basis of the information and will also not be drawn by us. The aforementioned data is stored and automatically deleted after the aforementioned purposes have been achieved. The standard periods for deletion are based on the criterion of necessity.

3.1.2. Cookies, Tracking, Social Media Plug-ins

We use cookies, tracking tools, targeting methods and social media plug-ins for our website/application. The exact procedures involved and how your data is used for this purpose are explained in detail below.

3.2. Establishment, Performance and/or Termination of a Contract

3.2.1. Data Processing when Concluding a Contract

If you register with one of our websites/applications and/or conclude another contract with us, e.g. purchase a product via our website, we process the data required for the conclusion, execution or termination of the respective contract with you. This includes:

  • First name, last name
  • Billing and delivery address
  • E-mail address 
  • Billing and payment data, if applicable 
  • Date of birth
  • Telephone number

The legal basis for this data processing is Article 6(1)(a) and (b) DSGVO, i.e. you provide us with the data on the basis of the respective contractual relationship (e.g. management of your customer/user account, processing of a purchase contract) between you and us. We are also obliged to process your e-mail address in the event of a purchase via our websites/apps due to legal requirements in the German Civil Code (BGB) to send an electronic order confirmation (Article 6(1)(c) DSGVO).

Insofar as we do not use your data for advertising purposes, we store the data collected for contract processing for the duration of the contract as well as until the expiry of the statutory or possible contractual warranty and guarantee claims. After the expiry of this period, we retain the information of the contractual relationship required by commercial and tax law for the periods determined by law. For this period, the data will be processed again solely in the event of an audit by the tax authorities.

The following data processing is also required for the execution of a purchase contract via our websites/applications:


Your payment details will be passed on to payment service providers commissioned by us to process the payment(s). We pass on details of your delivery address to logistics companies and shipping partners commissioned by us. The respective data will be transmitted solely for the respective purposes and deleted again after delivery has taken place.

3.2.2. Transmission of Data to Logistics Companies and Shipping Partners

For the purpose of delivering ordered goods, we work together with logistics service providers/transport companies and/or shipping partners: The following data may be transmitted to them for the purpose of delivery of the ordered goods or for their announcement: First name, last name, postal address.

The legal basis of the processing is Art. 6(1)(b) DSGVO. 

3.2.3. Transmission of Data on Outstanding Debts to Collection Service Providers

If you fail to pay outstanding invoices despite repeated reminders, we may transfer the data required to carry out a debt collection to a debt collection service provider for the purpose of trustee collection. Alternatively, we can sell the outstanding receivables to a collection service provider. This service provider then becomes the holder of the claim and asserts the claims in its own name. We work with the following debt collection service provider: EOS Deutscher Inkasso-Dienst GmbH, Steindamm 71, 20099 Hamburg. The legal basis for the transfer of data within the scope of trustee collection is Art. 6 (1) (b) DSGVO; the transfer of data within the scope of the sale of receivables is based on Art. 6 (1) (f) DSGVO.

3.3. Data Processing for Advertising Purposes

3.3.1 Newsletter

On our websites/applications we offer you the possibility to register for our newsletter. In order to be able to ensure that no mistakes have been made when entering the email address, we use the so-called double opt-in procedure (DOI procedure): After you have entered your email address in the registration field and given your consent to receive our newsletter, we will send you a confirmation link to the address you have provided. Only when you click on this confirmation link will your email address be added to our distribution list for sending our newsletter. The legal basis for this data processing is Article 6(1)(a) DSGVO.

Note Right of Withdrawal

You can revoke your consent at any time with effect for the future by sending a message to contact@nidusthelabel.com or using the unsubscribe option at the end of each newsletter.

3.3.2. Product Recommendations via E-mail

As an existing customer of our online shop, you will regularly receive product recommendations from us by e-mail. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter. In doing so, we use the email address you provided as part of the purchase to advertise our own goods and / or services that are similar to those you have purchased from us based on an order you have already placed. The legal basis for this data processing is Art. The legal basis for this data processing is Art. 6(1)(f) DSGVO.

Notice Right of Objection

You can object to our product recommendations at any time with effect for the future by sending a message to contact@nidsthelabel.com or at the end of each product recommendation e-mail, without incurring any costs other than the transmission costs according to the basic rates.

3.3.3. Raffles

If you register for a competition organised by us, we will use the data you provided during the respective registration/application for the purpose of implementing the participation agreement, in particular for prize notification. Detailed information can be found in the respective conditions of participation for the respective competition. The legal basis for this data processing is Article 6(1)(a) DSGVO, Article 6(1)(b) DSGVO and Article 6(1)(f) DSGVO.

3.4. Online Presence and Website Optimisation

3.4.1. Cookies - General information

We use cookies on various pages to make visiting our website attractive and to enable the use of certain functions as well as to statistically record the use of our website. Cookies are small text files that are automatically created by your browser and stored on your respective end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that is related to the specific end device used. However, this does not mean that we gain direct knowledge of your identity.

Most of the cookies we use are deleted at the end of the browser session (so-called session cookies). These enable us to offer you, for example, the cross-page shopping basket display, in which you can see how many items are currently in your shopping basket and what your current purchase value is. Other cookies remain on your computer and enable us to recognise your computer the next time you visit us (so-called permanent or cross-session cookies). These cookies in particular serve to make our offer user-friendly, more effective and safer. Thanks to these files, it is possible, for example, for you to receive information on the site that is specifically tailored to your interests.

Of course, you can set up your browser so that it does not place our cookies on your end device. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser notify you when you receive a new cookie or even how to delete all cookies you have already received and block them for all further ones.

Please proceed as follows: 

In Internet Explorer 

In the "Tools" menu, select "Internet Options".

Click on the tab "Privacy".

Now you can make the security settings for the Internet zone. Here you can set whether and which cookies are to be accepted or rejected.

Confirm your setting with "OK".

In Firefox: 

In the "Tools" menu, select the item Settings.

Click on "Privacy".

In the drop-down menu, select the entry "Create according to user-defined settings".

Now you can set whether cookies should be accepted, how long you want to keep these cookies and add exceptions, which websites you always or never want to allow to use cookies.

Confirm your setting with "OK".

In Google Chrome: 

Click on the Chrome menu in the browser toolbar.

Now select "Settings".

Click on "Show advanced settings".

Under "Privacy", click on "Content settings".

Under "Cookies" you can make the following settings for cookies:

Delete cookies

Block cookies by default

Delete cookies and website data by default after closing the browser.

Allow exceptions for cookies from certain websites or domains.

However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.

Insofar as these cookies and/or the information contained therein are personal data, the legal basis for the data processing is Art. 6(1)(a) DSGVO and Art. 6(1)(f) DSGVO. When you visit our website, a so-called banner is displayed on which you give your consent to the setting of cookies by clicking on the "OK" button. Our interest in optimising our website is also to be regarded as legitimate within the meaning of Art. 6(1)(f) DSGVO.

3.4.2. Google Analytics

For the purpose of demand-oriented design and continuous optimisation of our pages, we use Google Analytics, a web analytics service provided by Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043 ("Google"), on the basis of Article 6(1)(f) DSGVO. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this website, such as

- Browser type/version,

- operating system used,

- Referrer URL (the previously visited page),

- host name of the accessing computer (IP address), 

- Time of the server request

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set, which prevents the future collection of your data when visiting this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. For more information on data protection in connection with Google Analytics, please visit the Google Analytics website.

3.4.3. Webtrends Analytics

Anonymised data is collected and stored on our website/app by Webtrends Analytics, a web analytics service provided by Webtrends EMEA Acquisition Ltd, Mallard Court, Market Square Staines, Middlesex, TW18 4RH England ("Webtrends"). This data is used to analyse visitor behaviour. Cookies may be used for this purpose. These are small text files that are stored locally on the site visitor's computer and thus enable recognition when visiting our website again. The IP address of the site visitor is shortened by Webtrends before storage and thus anonymised.

The legal basis for this data processing is Article 6 (1) (f) DSGVO.

You can object to the collection and storage of data by Webtrends at any time with effect for the future using the following link: Click here to deactivate Webtrends tracking in this browser.

3.4.4. Google Adwords

Our website uses the Google AdWords service, an online advertising programme from Google.

In doing so, we use the remarketing function within the Google AdWords service. With the remarketing function, we can present users of our website with advertisements based on their interests on other websites within the Google display network (on Google itself, so-called "Google Ads" or on other websites). For this purpose, the interaction of users on our website is analysed, e.g. which offers the user was interested in, in order to be able to display targeted advertising to users on other sites even after they have visited our website. For this purpose, Google stores a number in the browsers of users who visit certain Google services or websites in the Google display network. This number, known as a "cookie", is used to record the visits of these users. This number is used to uniquely identify a web browser on a specific computer and not to identify a person, personal data is not stored. The legal basis for this data processing is Article 6(1)(f) DSGVO.

You can deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: www.google.com/settings/ads/plugin.

You can find more information about Google Remarketing and Google's privacy policy at: www.google.com/privacy/ads/.

3.4.5. Google Conversion Tracking

Furthermore, we use the so-called conversion tracking as part of the use of the Google AdWords service. When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer/end device. These cookies lose their validity after 30 days, do not contain any personal data and are therefore not used for personal identification. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking.

The legal basis for this data processing is Article 6(1)(f) DSGVO.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. Furthermore, you can deactivate interest-based ads on Google as well as interest-based Google ads on the web (within the Google display network) in your browser by activating the "Off" button at http://www.google.de/settings/ads or by deactivating them at http://www.aboutads.info/choices/. For more information on your settings options in this regard and Google's data protection, please visit https://www.google.de/intl/de/policies/privacy/?fg=1.

3.4.6. Targeting 

The so-called targeting measures listed below and used by us are carried out on the basis of Article 6 (1) (f) DSGVO. We use the targeting measures to ensure that you are only shown advertising on your respective end devices that is geared to your actual or presumed interests and that we do not bother you with advertising that is not of interest to you. 

Re-targeting 

We use re-targeting technologies from external service providers. Re-targeting enables us to make our online offer more interesting for you. This enables us to target those users on our partners' websites with online advertising who have already shown an interest in our shop and our products. We know from studies that the display of personalised, interest-related advertising is more interesting for Internet users than advertising that has no such personal reference.

For this purpose, a cookie is set with which interest data is collected using pseudonyms. Based on this information, interest-related advertisements about our offers are displayed on the websites of our partners. No directly personal data is stored and no usage profiles are merged with personal data about you.

You have the option of deactivating the collection of data for the purpose of personalised advertising. A cookie will then be set that permanently prevents the collection of data, unless you delete this cookie in your browser specifically or via the "Delete all cookies" function. You can repeat the objection at any time.

4. Advertising Partners/ Third party cookies

We work together with advertising partners to make the online offer on our site even more interesting for you. For this purpose, cookies are also set by our advertising partners when you visit our site (so-called third-party cookies). In the cookies of our advertising partners, information is also stored using pseudonyms about your user behaviour and your interests when you visit our site. In some cases, information is also collected that was obtained on other sites before you visited our site. Based on this information, you will be shown interest-related advertisements from our advertising partners.

4.1. DOUBLECLICK by Google

Doubleclick by Google is a service provided by Google. Doubleclick by Google uses cookies to present you with advertisements that are relevant to you. In the process, a pseudonymous identification number (ID) is assigned to your browser in order to check which ads were displayed in your browser and which ads were called up. The cookies do not contain any personal information. The use of DoubleClick cookies only enables Google and its partner websites to serve ads based on previous visits to our website or other websites on the Internet. The information generated by the cookies is transferred by Google to a server in the USA for evaluation and stored there. A transfer of data by Google to third parties only takes place on the basis of legal regulations or within the framework of commissioned data processing. Under no circumstances will Google combine your data with other data collected by Google.

You can prevent the collection of the data generated by the cookies and related to your use of the websites to Google as well as the processing of these data by Google by managing your settings here: http://www.google.com/ads/preferences/html/opt-out.html

The legal basis for data processing is Art. 6(1)(a) DSGVO and lit. f) DSGVO.

4.2. Custom Audiences

Nidus uses the so-called "Facebook pixel" of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), for the analysis, optimisation and economic operation of the online offer. Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). With the help of the Facebook pixel, it is possible to determine the visitors to our online offer as a target group for the display of advertisements ("Facebook Ads"). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook ("Custom Audiences"). We can also track the effectiveness of our ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad ("conversion"). The processing of data by Facebook takes place within the framework of Facebook's privacy policy, which you can access here: https://www.facebook.com/policy.php. Further information on the Facebook pixel and how it works can also be found here: https://www.facebook.com/business/help/651294705016616.

You can object to the collection by the Facebook pixel and use of your data to display Facebook ads. To adjust which types of ads are displayed to you within Facebook, you can go to the page set up by Facebook and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.

The legal basis for data processing is Art. 6 (1) a) DS-GVO and f) DSGVO

4.3. Objection / Opt-out Option

In addition to the deactivation methods already described, you also have the option of deactivating preference-based advertising using the preference manager available here.

Social Media Plug-ins 

We use social plug-ins from the social networks Facebook, Google+ and Twitter on our website on the basis of Article 6 (1) (f) DSGVO in order to make our company better known and to give users the opportunity to share content. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data protection-compliant operation is to be ensured by their respective service providers.

The purpose and scope of the data collection and the further processing and use of the data by the respective provider, as well as your rights in this regard and setting options for protecting your privacy, can be found in the respective data protection information of the provider, which we link to below.

By logging out of the pages of social networks beforehand and deleting cookies that have been set, you can prevent social networks from assigning the information collected about you to your user account with the respective social network during your visit. If you do not want social networks to directly assign the data collected via our website to your profile, you must log out of the corresponding social networks before visiting our website. You can also completely prevent the loading of the plugins with add-ons for your browser, e.g. with the script blocker "NoScript", which can be found at: http://noscript.net.

4.4. Facebook Connect / Login

Nidus offers the user the possibility to register for the service with his Facebook access (so-called Facebook Connect function). Facebook Connect is a service of the social network Facebook, which is operated by Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). An additional registration with Nidus is then not required. To register, the user is redirected to the Facebook website, where he can log in with his usage data. This links the Facebook profile and the Nidus service. Through the link, Nidus automatically receives from Facebook the information that the user has consented to receive (e.g. first name, last name, email address, profile picture, gender, friends list). We use this information to be able to identify you in the context of using Nidus.

The legal basis for this data processing is Art. 6(1)(a) DSGVO.

For more information on Facebook Connect and the privacy settings, please refer to the privacy notices: https://www.facebook.com/about/privacy.

4.5. Facebook, Google+ and YouTube

Social plugins from Facebook and Google (Google+ and YouTube) are used on this website. These are offers from the US companies Facebook and Google.

When you visit a page that contains such a plugin, your browser establishes a connection to Facebook or Google and the content is loaded from these pages. Your visit to this website may thus be tracked by Facebook and Google, even if you do not actively use the social plugin function. If you have an account with Facebook or Google, you can use such a social plugin and thus share information with your friends. [xxx] has no influence on the content of the plugins and the transmission of information.

On their websites, Facebook and Google provide detailed information on the scope, type, purpose and further processing of your data. Here you will also find further information on your rights and setting options for protecting your privacy. 

Facebook data protection information: https://www.facebook.com/about/privacy

Data protection information from Google: http://www.google.com/intl/de/policies/privacy.

4.6. Pinterest 

Plugins of the social network Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA ("Pinterest") are integrated on this website. You can recognise the Pinterest plugin by the "Pin it button" on our site.

If you click on the Pinterest "Pin it" button while you are logged into your Pinterest account, you can link the content of our pages to your Pinterest profile. This allows Pinterest to associate your visit to our pages with your user account. We would like to point out that we have no knowledge of the content of the transmitted data or its use by Pinterest. For further information, please refer to the Pinterest privacy policy: http://about.pinterest.com/de/privacy.

4.7. Twitter 

Functions of the Twitter service are also integrated on this website. These functions are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA ("Twitter"). By using Twitter and the "Re-Tweet" function, the websites you visit on [xxx] are linked to your Twitter account and made known to other users. Data is also transferred to Twitter in the process. For this purpose, your internet browser establishes a direct connection to Twitter's servers and transmits data to Twitter. 

We would like to point out that we do not have any knowledge of the content of the transmitted data or its use by Twitter. You can find more information on this in Twitter's privacy policy: https://twitter.com/privacy

You can change your privacy settings on Twitter in the account settings http://twitter.com/account/settings.

4.8. Instagram 

Plugins of the social network Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA ("Instagram") are also integrated on this website. You can recognise the Instagram plugin by the "Instagram button" on our site.

If you click on the "Instagram button" while you are logged into your Instagram account, you can link the content of our pages on your Instagram profile. This enables Instagram to assign the visit to our pages to your user account. We would like to point out that we have no knowledge of the content of the transmitted data or its use by Instagram. For further information, please refer to Instagram's privacy policy: http://instagram.com/about/legal/privacy.

4.9. WhatsApp

A WhatsApp button (WhatsApp share button) is also used on this website. This button allows you to share content from Nidus via the WhatsApp application on your mobile phone. The button is a hyperlink. When the button appears on this website, no personal data is yet transmitted to the operator of WhatsApp or other third parties. As soon as you use the WhatsApp button, the operator of WhatsApp learns what content is being shared and that the button has been used on this website. More information on the handling of personal data by the operator of WhatsApp can be found in the operator's privacy policy: https://www.whatsapp.com/legal/#Privacy.

5. Customer Account/ User Account

In order to provide you with the greatest possible convenience, we offer you the permanent storage of your personal data in a password-protected customer account/user account. The creation of a customer account is generally voluntary. If you create a customer account, the processing of your data collected here is based on Article 6 (1) (b) DSGVO. After setting up a customer account, no new data entry is required. In addition, you can view and change the data stored about you in your customer account at any time.

Only if you wish to place orders via our website/application is the opening of a customer account mandatory for the processing of the contract.

In addition to the data requested when placing an order, you must enter a password of your choice to set up a customer account. This is used together with your e-mail address to access your customer account. Please treat your personal access data confidentially and in particular do not make them accessible to unauthorised third parties.

You have the option to delete your customer account at any time. Please note, however, that once you have placed an order with us, this does not mean that the data visible in the customer account will be deleted at the same time. The deletion of your data takes place automatically after the expiry of the retention obligations applicable to us under commercial and tax law. The legal basis for this further data processing is Art. 6 (1) (c) DSGVO and Art. 6 (1) (f) DSGVO.

5.1. Contact

You have the option of contacting us by email or telephone. When you contact us, we process the personal data that you provide voluntarily in the course of contacting us for the purpose of contacting you and processing your enquiry. The legal basis for this data processing is Art. 6(1)(a), Art. 6(1)(b), Art. 6(1)(c) DSGVO and Art. 6(1)(f) DSGVO.

5.2. User Content

You have the opportunity to publish your own content in various places (e.g. product reviews, comments, images, etc.). If you submit a comment, a recommendation or a rating on products or provide us with other content, we process the personal data that you voluntarily enter in the context of the respective contribution/content. You can publish content on nidusthelabel.com under a pseudonym.

When users leave comments or other contributions, their IP addresses are processed on the basis of our legitimate interests within the meaning of Art. 6 para. 1 letter f). DSGVO will be stored for 7 days. This is done for our security in case someone leaves unlawful content in comments and posts (insults, prohibited political propaganda, etc.). The legal basis for this data processing(s) is Art. 6(1)(a), Art. 6(1)(b) and Art. 6(1)(f) DSGVO.

6. Payment Service Provider

Nidus uses external payment service providers through whose platforms our customers can make payment transactions. We use the payment service providers as part of the performance of contracts and on the basis of legitimate interests. Our legitimate interests include providing our users with effective and secure payment options. 

The data processed by the payment service providers includes inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, total and recipient-related information. These details are necessary to carry out the transactions. The respective data is only processed by and stored with the payment service providers. Nidus does not receive any account or credit card related information from you, but only information with confirmation or negative information of the payment.

The respective terms and conditions and data protection notices of the respective payment service provider apply to the payment transactions. The legal basis for this data processing(s) is Art. 6(1)(a), Art. 6(1)(b), DSGVO and Art. 6(1)(f) DSGVO.

Paypal

When paying via PayPal, your payment data will be forwarded to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" via PayPal. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding whether to provide the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values. For further information on data protection law, including information on the credit agencies used, please refer to PayPal's data protection statement: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Stribe

We use payment service provider Stribe, located at 185 Berry Street, Suite 550, San Francisco, CA 94107.

San Francisco, CA 94107. If you choose Stribe Invoice and/or Stribe Instalment Purchase as your payment option, you consent to us transmitting to Stribe the personal data collected during your order process and necessary for the processing of the invoice purchase and an identity and credit check, as well as your payment data and the information on your shopping cart. This data is transmitted so that Stribe can create an invoice and carry out an identity and credit check for the processing of your purchase with the invoice processing requested by you. In accordance with the Federal Data Protection Act, Stribe has a legitimate interest in the transmission of the Buyer's personal data and requires this data in order to obtain information from credit agencies for the purpose of identity and credit checks. 

In the context of the decision on the establishment, implementation or termination of the contractual relationship when selecting one of Stribe's payment services, Stribe also collects and uses, apart from an address check, information on the buyer's past payment behaviour as well as probability values on this behaviour in the future. The calculation of these score values by Stribe is carried out on the basis of a scientifically recognised mathematical statistical procedure. For this purpose, Stribe will also use your address data, among other things. If this calculation shows that your creditworthiness is not given, Klarna will inform you immediately. You can find information on data protection at Klarna at: https://stripe.com/de/privacy.

If you choose to pay by credit card, the payment will be processed by the Internet payment system Stribe, 185 Berry Street, Suite 550

San Francisco, CA 94107

Information on data protection at Stribe is available at: https://stripe.com/de/privacy.

7. Recipients Outside the EU

With the exception of the processing described above, we do not pass on your data to recipients based outside the European Union or the European Economic Area. The aforementioned processing operations include the transfer of data to the servers of the providers of tracking and targeting technologies commissioned by us. These servers are located in the USA. The data transfer takes place on the basis of so-called standard contractual clauses of the EU Commission and in accordance with the principles of the so-called Privacy Shield. 

8. Your Rights 

8.1. Overview 

In addition to the right to revoke your consent given to us, you have the following further rights if the respective legal requirements are met:

  • the right to information about your personal data stored by us (Art. 15 DSGVO), in particular you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data if it has not been collected directly from you;
  • the right to have inaccurate data corrected or to have correct data completed (Art. 16 DSGVO),
  • the right to have your data stored by us deleted (Art. 17 DSGVO), insofar as no legal or contractual retention periods or other legal obligations or rights to further storage are to be observed by us,
  • the right to restrict the processing of your data (Art. 18 DSGVO), insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure; the controller no longer requires the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 DSGVO,
  • the right to data portability pursuant to Art. 20 DSGVO, i.e. the right to have selected data stored by us about you transferred in a common, machine-readable format, or to request the transfer to another data controller
  • the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

You can assert the aforementioned rights to which you are entitled vis-à-vis us at contact@nidusthelabel.com. You can assert the right to data portability in your customer account or by email to the aforementioned email address.

8.2. Right of Objection

Under the conditions of Article 21(1) of the GDPR, data processing may be objected to on grounds relating to the specific situation of the data subject.

The above general right to object applies to all processing purposes described in this privacy notice that are processed on the basis of Article 6(1)(f) DSGVO. Unlike the specific right to object to data processing for marketing purposes, we are only obliged to implement such a general right to object under the GDPR if you provide us with reasons of overriding importance for doing so (e.g. a possible risk to life or health).

8.3. Right of Withdrawal

If we process data on the basis of your consent, you have the right to revoke this consent at any time. The revocation of consent does not have the consequence that the data processing carried out on the basis of the consent up to the time of the revocation becomes ineffective.