Privacy Policy


CHAPS Privacy Policy Website (GDPR)

www.hofbraeuhaus-shop.de and subpages

 

The protection and security of your personal data (hereinafter “users”) within the meaning of Art. 4 No. 1 of the General Data Protection Regulation (hereinafter “GDPR”) (hereinafter “personal data”) are important to us. Accordingly, we comply with the statutory provisions to ensure adequate protection of each user’s personal data on this website. Below, we inform you about the nature, scope, and purpose of the processing of personal data on the website www.hofbraeuhaus-shop.de.

The operator of the website is CHAPS Merchandising GmbH, Johannisstraße 1, 50226 Frechen (hereinafter “CHAPS”, “we”, or “operator”). CHAPS processes personal data exclusively in accordance with statutory provisions.

Please note that links in the online shop may lead to other websites operated by third parties. Such links are either clearly marked or recognizable by a change in the address bar of your browser. The operator is not responsible for compliance with data protection regulations on such third-party websites.

This privacy policy provides information pursuant to Art. 13 GDPR for the use of the website www.hofbraeuhaus-shop.de, including its subpages. First, we explain who the controller and the data protection officer are. Then, structured by types of access to different areas of the website, we provide information about the types of personal data, the purposes and legal basis of processing, any recipients and legitimate interests, retention periods, and further relevant information. Finally, we explain your rights.


1. Contact details of the controller

The controller responsible for operating the website and handling the personal data processed is:
CHAPS Merchandising GmbH
Johannisstraße 1, 50226 Frechen
Phone: +49 (0) 2234 999 07-0
Fax: +49 (0) 2234 999 07-710
Email: support@chaps-online.de

2. Contact details of the Data Protection Officer

Our Data Protection Officer is:
Prof. Klaus Gennen, Attorney-at-Law
c/o LLR DSC GmbH
Mevissenstraße 15, 50668 Cologne
Email: gennen@llrdsc.de

3. Accessing the website

a. Types of personal data:
Each time the website is accessed, the following log files are automatically collected: browser type and version (“user agent”), operating system used, referrer URL, IP address, and time of access. These data are transmitted by your browser unless you configure it otherwise. These data are not merged with other data sources.

b. Purpose of processing:
To ensure the functionality of the website and the security of IT systems. No evaluation for marketing purposes takes place.

c. Legal basis:
Art. 6(1)(f) GDPR (legitimate interest in providing the website).

d. Recipients:
No transfer to third parties. Processing takes place within the EU.

e. Retention:
Deleted upon leaving the website; server logs within 14 days.

4. Use of the contact form

Use requires consent via checkbox.

a. Data: Name, email, subject, message, consent log
b. Purpose: Responding to inquiries and initiating business relationships
c. Legal basis: Art. 6(1)(a) and (b) GDPR
d. Recipients: No third-party transfer unless requested
e. Retention: Max. 3 months after completion

5. Contact via email

a. Data: Email address, metadata, message content
b. Purpose: Responding to inquiries
c. Legal basis: Art. 6(1)(f) or (b) GDPR
d. Recipients: No transfer without consent
e. Retention: Max. 3 months after completion

6. User account

a. Data: Name, email, phone, password (not accessible), payment data (excluding credit cards)
b. Purpose: Order processing, account management
c. Legal basis: Art. 6(1)(b), partly (f) GDPR
d. Recipients: No third-party transfer
e. Retention: 6 months after contract ends

7. Webshop

a. Data: Name, address, email, payment data
b. Purpose: Order processing and after-sales services
c. Legal basis: Art. 6(1)(b) GDPR
d. Recipients: Shipping providers, payment providers, credit agencies, Trusted Shops, customs authorities
e. Retention: Duration of business + legal retention (up to 10 years)

f. Billpay: Data shared for identity and credit checks
g. Trusted Shops: Used for trust badge and reviews

8. Use of personal data for marketing

a. Email advertising (existing customers): Based on §7(3) UWG
b. Newsletter: Based on consent (Art. 6(1)(a) GDPR)
c.–e. Consent is limited, voluntary, and revocable at any time

9. Cookies, social media and analytics

a. Cookies: Session and functional cookies, max. 30 days
b. Facebook plugins: Data transfer to Facebook possible
c. Econda: Anonymous tracking, pseudonymized profiles

10. User rights

You have the right to:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Withdrawal of consent (Art. 7(3) GDPR)
  • Objection (Art. 21 GDPR)
  • Lodge a complaint (Art. 77 GDPR)

11. Changes to this Privacy Policy

We reserve the right to amend this policy to comply with legal requirements or changes. Please review it regularly. If relevant changes occur, we will inform you during the ordering process.