Data protection

The person responsible for data processing is:

The Fabulous Birdy Beer
Frank Urban
Lauenhäger Straße 105, 31655 Stadthagen, Germany
Email: info@birdybeer.de

We appreciate your interest in our online shop. Protecting your privacy is very important to us. Below, we provide detailed information about how we handle your data.

1. Access data and hosting

You can visit our website without providing any personal information. Each time you access a website, the web server automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred, and the requesting provider (access data), and documents the access.

This access data is evaluated exclusively for the purpose of ensuring the smooth operation of the site and improving our offering. Pursuant to Art. 6 (1) (f) GDPR, this serves to safeguard our legitimate interests in the correct presentation of our offering, which prevail within the context of a balancing of interests. All access data will be deleted no later than seven days after your visit to the site.

Hosting services provided by a third party

As part of processing on our behalf, a third-party provider provides us with the services for hosting and displaying the website. All data collected as part of the use of this website or in forms provided for this purpose in the online shop, as described below, is processed on its servers. Processing on other servers only takes place within the framework explained here.

Service provider:

Shopify International Limited
Victoria Buildings, 2nd Floor 1-2 Haddington Road Dublin 4, D04 XN32, Ireland
Privacy Policy: https://www.shopify.de

2. Data collection and use for contract processing, contact and when opening a customer account

We collect personal data when you voluntarily provide it to us as part of your order or when you contact us (e.g., via contact form or email). Mandatory fields are marked as such, as in these cases we absolutely need the data to process the contract or your contact, and without it you cannot send the order or contact. The data collected is evident from the respective input forms. We use the data you provide in accordance with Art. 6 (1) (b) GDPR to process the contract and process your inquiries.

If you have given your consent in accordance with Art. 6 (1) (a) GDPR by deciding to open a customer account, we will use your data for the purpose of opening a customer account.

After the contract has been fully processed or your customer account has been deleted, your data will be restricted for further processing and deleted after the expiration of the retention periods required by tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use your data in any other way that is permitted by law and about which we will inform you in this statement. You can delete your customer account at any time and can do so either by sending a message to the contact option described below or via a dedicated function in your customer account.

3. Data transfer

In order to fulfil the contract in accordance with Art. 6 (1) (b) GDPR, we will pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select during the ordering process, we will pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to the payment service provider commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. The data protection declaration of the respective payment service provider applies in this respect.

We also use an external merchandise management system for order and contract processing. The data transfer and processing that takes place in this regard is based on order processing.

4. Email newsletter

Email advertising with newsletter registration

If you subscribe to our newsletter, we will use the data required for this purpose or separately provided by you to regularly send you our e-mail newsletter based on your consent in accordance with Art. 6 (1) (a) GDPR.

You can unsubscribe from the newsletter at any time. You can do so either by sending a message to the contact details below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your email address from the recipient list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this policy.

5. Cookies

Our website uses so-called "cookies." Cookies are small text files that do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you visit our website (third-party cookies). These enable us or you to use certain services provided by the third-party company (e.g., cookies for processing payment services).

Cookies serve various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping cart function or displaying videos). Other cookies are used to evaluate user behavior or display advertising.

Cookies that are required to carry out electronic communication (necessary cookies) or to provide certain functions you have requested (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure web audience) are stored on the basis of Art. 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies to ensure the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the cookies in question will be stored exclusively on the basis of this consent (Art. 6 (1) (a) GDPR); this consent can be revoked at any time.

You can configure your browser to inform you about the use of cookies and to only accept cookies on a case-by-case basis, to exclude cookies for specific cases or in general, and to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

If cookies are used by third-party companies or for analysis purposes, we will inform you separately about this in this data protection declaration and, if necessary, request your consent.

Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes:

Browser type and version

operating system used

Referrer URL

Hostname of the accessing computer

Time of the server request

IP address

This data will not be merged with other data sources.

This data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be collected.

6. Online marketing

Google Fonts

The script code "Google Fonts" is integrated into this website. Google Fonts is a service provided by Google Ireland Limited, a company registered and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de). This serves to protect our legitimate interests, which predominate in a balancing of interests, in a uniform presentation of the content on our website in accordance with Art. 6 (1) (f) GDPR.

This establishes a connection between your browser and Google's servers. This allows Google to know that our website was accessed via your IP address.

To the extent that information is transferred to and stored on Google servers in the USA, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.

Further information about data processing by Google can be found in Google’s privacy policy.

7. Social Media

Use of social plugins from Facebook, Instagram

Our website uses so-called social plugins (“plugins”) from social networks.

When you visit a page on our website that contains such a plug-in, your browser establishes a direct connection to the servers of Facebook, Google, Twitter or Instagram. The content of the plug-in is transmitted directly to your browser by the respective provider and integrated into the page. By integrating the plug-in, the providers receive the information that your browser has accessed the corresponding page on our website, even if you do not have a profile or are not currently logged in. This information (including your IP address) is transmitted from your browser directly to a server of the respective provider (possibly in the USA) and stored there. If you are logged in to one of the services, the providers can directly associate your visit to our website with your profile on the respective social network. If you interact with the plug-ins, for example by clicking the "Like" or "Share" button, the corresponding information is also transmitted directly to a server of the provider and stored there. The information is also published on the social network and displayed to your contacts there. This serves to safeguard our legitimate interests, which prevail within the framework of a balancing of interests, in the optimal marketing of our offer in accordance with Art. 6 (1) (f) GDPR.

The purpose and scope of data collection and the further processing and use of the data by the providers on their websites as well as a contact option and your related rights and setting options for protecting your privacy can be found in the privacy policy of the providers:

https://www.facebook.com/policy.php

https://help.instagram.com/155833707900388

If you do not want social networks to directly assign the data collected via our website to your profile on the respective service, you must log out of the respective service before visiting our website. You can also completely prevent the plugins from loading using add-ons for your browser, such as the script blocker "NoScript."

Our online presence on Facebook, Instagram

Our presence on social networks and platforms serves to improve and actively communicate with our customers and prospects. We provide information about our products and current special offers there.

When you visit our online presence on social media, your data may be automatically collected and stored for market research and advertising purposes. So-called user profiles are created from this data using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used on your device for this purpose. Visitor behavior and users' interests are stored in these cookies. According to Art. 6 (1) (f) GDPR, this serves to safeguard our legitimate interests, which predominate in a balancing of interests, in an optimized presentation of our offering and effective communication with customers and interested parties. If you are asked by the respective social media platform operators for consent (approval) to data processing, e.g. using a checkbox, the legal basis for data processing is Art. 6 (1) (a) GDPR.

To the extent that the aforementioned social media platforms are headquartered in the USA, the following applies: The European Commission has issued an adequacy decision for the USA. This decision is based on the EU-US Privacy Shield. A current certificate for the respective company can be viewed here.

For detailed information on the processing and use of data by the providers on their websites, as well as a contact option and your related rights and settings options for protecting your privacy, in particular the opt-out option, please refer to the providers' privacy policies linked below. If you still need assistance in this regard, please contact us.

Facebook: https://www.facebook.com/about/privacy/

Instagram: https://help.instagram.com/519522125107875

Opt-out option:

Facebook: https://www.facebook.com/settings?tab=ads

Instagram: https://help.instagram.com/519522125107875

8. Contact options and your rights

As a data subject, you have the following rights:

• in accordance with Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein;

• in accordance with Art. 16 GDPR, the right to immediately request the rectification of inaccurate or incomplete personal data stored by us;

• according to Art. 17 GDPR, the right to request the deletion of your personal data stored by us, unless further processing

– to exercise the right to freedom of expression and information;

– to fulfill a legal obligation;

– for reasons of public interest or

– is necessary for the establishment, exercise or defense of legal claims;

• according to Art. 18 GDPR, the right to request the restriction of the processing of your personal data, insofar as

– you dispute the accuracy of the data;

– the processing is unlawful but you oppose its erasure;

– we no longer need the data, but you need it to assert, exercise or defend legal claims or

– you have objected to the processing pursuant to Art. 21 GDPR;

• in accordance with Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller;

• Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or work or at our company headquarters.

If you have any questions about the collection, processing or use of your personal data, information, correction, restriction or deletion of data, as well as revocation of consent given or objection to a specific use of data, please contact us directly using the contact details in our legal notice.

Right of objection

If we process personal data as explained above to protect our legitimate interests, which override our interests in a balancing of interests, you can object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. If the processing is carried out for other purposes, you only have the right to object if there are reasons related to your particular situation. After exercising your right of objection, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims. This does not apply if the processing is carried out for direct marketing purposes. In that case, we will no longer process your personal data for this purpose.