Privacy policy

**PRIVACY POLICY**

1) INFORMATION ON THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE CONTROLLER

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about how we handle your personal data when you use our website. Personal data is any data by which you can be personally identified.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is starmembe-amsterdam.nl. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser bar.

2) DATA COLLECTION WHEN VISITING OUR WEBSITE

When you visit our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:

- The pages visited
- Date and time of access
- Amount of data sent in bytes
- Source/referrer from which you accessed the page
- Browser used
- Operating system used
- IP address used (if applicable: anonymized)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

3) COOKIES

To make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the browser session ends, i.e., after you close your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser the next time you visit (persistent cookies). If cookies are set, they collect and process specific user information such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.

Some cookies serve to simplify the ordering process by storing settings (e.g., remembering the contents of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the execution of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

We may work with advertising partners who help us make our internet offer more interesting for you. For this purpose, cookies from partner companies (third-party cookies) are also stored on your hard drive when you visit our website. If we cooperate with the aforementioned advertising partners, you will be individually and separately informed about the use of such cookies and the scope of the information collected within the following paragraphs.

Please note that you can set your browser to inform you about the setting of cookies and individually decide whether to accept them or to exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:

- Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
- Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
- Chrome: https://support.google.com/chrome/answer/95647?hl=en
- Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
- Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Please note that if you do not accept cookies, the functionality of our website may be limited.

4) CONTACTING US

When contacting us (e.g., via contact form or email), personal data is collected. The specific data collected in the case of a contact form is evident from the respective contact form. This data is stored and used solely for the purpose of responding to your request or for contacting you and the related technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact aims to conclude a contract, an additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been processed, provided that the circumstances indicate that the matter in question has been conclusively resolved and there are no statutory retention obligations.

5) DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT PROCESSING

According to Art. 6 para. 1 lit. b GDPR, personal data will continue to be collected and processed if you provide it to us for the execution of a contract or when opening a customer account. The specific data collected is evident from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above-mentioned address of the controller. We store and use the data you provide for contract processing. After the complete processing of the contract or deletion of your customer account, your data will be blocked considering tax and commercial retention periods and deleted after these periods have expired unless you have expressly consented to further use of your data or unless we reserve the right to further use your data as permitted by law, about which we inform you below.

**6) USE OF YOUR DATA FOR DIRECT MARKETING**

6.1 Subscription to Our Email Newsletter

If you sign up for our email newsletter, we will regularly send you information about our offers. The only required information for sending the newsletter is your email address. Any additional data is optional and is used to address you personally. To send the newsletter, we use the so-called double opt-in procedure. This means that we will only send you an email newsletter after you have explicitly confirmed that you agree to receive newsletters. We will then send you a confirmation email asking you to click on a corresponding link to confirm that you want to receive newsletters in the future.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 para. 1 lit. a GDPR. When registering for the newsletter, we store your IP address, which is recorded by the Internet Service Provider (ISP), as well as the date and time of registration, to trace any possible misuse of your email address at a later date. The data collected during registration for the newsletter is used exclusively for advertising purposes via the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the controller as mentioned above. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use data in a way that is legally permitted and about which we inform you in this statement.

6.2 Sending the Email Newsletter to Existing Customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services, such as those already purchased, from our range via email. For this, we do not need to obtain separate consent from you. Data processing is based solely on our legitimate interest in personalized direct marketing in accordance with Art. 6 para. 1 lit. f GDPR. If you initially objected to the use of your email address for this purpose, we will not send emails. You have the right to object at any time to the use of your email address for the above-mentioned advertising purposes with future effect by sending a message to the controller mentioned above. You will only incur transmission costs according to the basic rates. After receiving your objection, the use of your email address for advertising purposes will immediately cease.

7) DATA PROCESSING FOR ORDER HANDLING

7.1 The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, as far as this is necessary for the delivery of the goods. Your payment details will be passed on to the respective banking institution as part of the payment processing, as far as this is necessary for the payment processing. If payment service providers are used, we explicitly inform you about this below. The legal basis for the data transfer is Art. 6 para. 1 lit. b GDPR.

7.2 Use of Payment Service Providers (Payment Service Providers)

- Paypal When paying via PayPal, credit card via PayPal, direct debit via PayPal, or - if offered - "purchase on account" or "installment payment" via PayPal, we pass your payment details on to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The data transfer is based on Art. 6 para. 1 lit. b GDPR and only to the extent necessary for the payment processing.

PayPal reserves the right to carry out a creditworthiness check for the payment methods credit card via PayPal, direct debit via PayPal, or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may, if necessary, be passed on to credit agencies on the basis of PayPal's legitimate interest in determining your solvency in accordance with Art. 6 para. 1 lit. f GDPR. PayPal uses the result of the creditworthiness check regarding the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The creditworthiness check may contain probability values (so-called scores). Insofar as scores are included in the results of the creditworthiness check, they are based on a scientifically recognized mathematical-statistical procedure. Address data is, among other things, but not exclusively, included in the calculation of the scores. For further information on data protection, including the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

- SOFORT If you choose the payment method "SOFORT," the payment processing will be carried out via the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we pass on your information provided during the ordering process, together with the information about your order in accordance with Art. 6 para. 1 lit. b GDPR. SOFORT GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The transfer of your data is carried out exclusively for the purpose of payment processing with the payment service provider SOFORT and only to the extent necessary for this purpose. You can find more information about SOFORT's data protection provisions at the following internet address: https://www.klarna.com/sofort/datenschutz.

8) CONTACT FOR REMINDER OF REVIEWS

Own Review Reminder (No Dispatch by a Customer Review System)

We use your email address for a one-time reminder to submit a review of your order for the review system we use if you have given us your express consent to do so during or after your order in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time by sending a message to the controller responsible for data processing.

9) USE OF SOCIAL MEDIA: SOCIAL PLUGINS

9.1 Facebook Plugins with Shariff Solution

Special additional customs costs and/or import duties are not included in the price and are the responsibility of the customer.

Our website uses so-called social plugins ("plugins") from the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook").

To increase the protection of your data when visiting our website, these buttons are not fully integrated as plugins but only as HTML links. This type of integration ensures that when a page of our website containing such buttons is accessed, no connection is yet established with Facebook's servers. If you click on the button, a new browser window opens, and the Facebook page is loaded, where you can interact with the plugins there (possibly after entering your login details).

Facebook Inc., headquartered in the USA, is certified under the EU-US Privacy Shield, which ensures compliance with the level of data protection applicable in the EU.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights and setting options for protecting your privacy, can be found in Facebook's privacy policy: https://www.facebook.com/policy.php.

9.2 Google+ Plugins as Shariff Solution

Our website uses so-called social plugins ("plugins") from the social network Google+, which is operated by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

To increase the protection of your data when visiting our website, these buttons are not fully integrated as plugins but only as HTML links. This type of integration ensures that when a page of our website containing such buttons is accessed, no connection is yet established with Google's servers. If you click on the button, a new browser window opens, and the Google+ page is loaded, where you can interact with the plugins there (possibly after entering your login details).

Google LLC, headquartered in the USA, is certified under the EU-US Privacy Shield, which ensures compliance with the level of data protection applicable in the EU.

The purpose and scope of the data collection and the further processing and use of the data by Google, as well as your rights and setting options for protecting your privacy, can be found in Google's privacy policy: https://www.google.com/intl/en/policies/privacy/.

9.3 Instagram Plugin as Shariff Solution

Our website uses so-called social plugins ("plugins") from the online service Instagram, which is operated by Instagram LLC., 1601 Willow Rd, Menlo Park, CA 94025, USA ("Instagram").

To increase the protection of your data when visiting our website, these buttons are not fully integrated as plugins but only as HTML links. This type of integration ensures that when a page of our website containing such buttons is accessed, no connection is yet established with Instagram's servers. If you click on the button, a new browser window opens, and the Instagram page is loaded, where you can interact with the plugins there (possibly after entering your login details).

Instagram LLC, headquartered in the USA, is certified under the EU-US Privacy Shield, which ensures compliance with the level of data protection applicable in the EU.

The purpose and scope of the data collection and the further processing and use of the data by Instagram, as well as your rights and setting options for protecting your privacy, can be found in Instagram's privacy policy: https://help.instagram.com/155833707900388/.

10) ONLINE MARKETING

### 10.1 DoubleClick by Google

This website uses the online marketing tool DoubleClick by Google, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("DoubleClick").

DoubleClick uses cookies to display relevant ads to users, improve campaign performance reports, or prevent users from seeing the same ads multiple times. With a cookie ID, Google tracks which ads are displayed in which browsers and can prevent them from being shown multiple times. Processing is based on our legitimate interest in optimizing the marketing of our website in accordance with Art. 6 (1) lit. f GDPR.

Additionally, DoubleClick can track conversions related to ad requests using cookie IDs. This happens, for instance, when a user sees a DoubleClick ad and later visits the advertiser's website with the same browser and makes a purchase. According to Google, DoubleClick cookies do not contain personal information.

Due to the marketing tools used, your browser automatically establishes a direct connection with Google's server. We have no control over the extent and further use of data collected by Google through the use of this tool and inform you to the best of our knowledge: By integrating DoubleClick, Google receives information that you have visited the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or not logged in, the provider may obtain and store your IP address.

If you do not wish to participate in this tracking process, you can disable cookies for conversion tracking by setting your browser to block cookies from the domain www.googleadservices.com, https://www.google.de/settings/ads, where this setting will be deleted if you delete your cookies. You can also obtain information about setting cookies and adjust your settings at the Digital Advertising Alliance at www.aboutads.info. Finally, you can set your browser to inform you about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Disabling cookies may limit the functionality of our website.

Google LLC, based in the USA, is certified under the EU-US Privacy Shield, which ensures compliance with the data protection level applicable in the EU.

You can find more information about the DoubleClick by Google privacy policy at the following internet address: https://www.google.de/policies/privacy/

### 12) Retargeting/Remarketing/Referral Advertising

#### Facebook Custom Audience via the Pixel Method

This website uses the "Facebook Pixel" of Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"). With explicit consent, it can track the behavior of users after they have seen or clicked on a Facebook ad. This process is designed to evaluate the effectiveness of Facebook ads for statistical and market research purposes and can help optimize future advertising campaigns.

The collected data is anonymous to us and does not provide us with any conclusions about the identity of the users. However, the data is stored and processed by Facebook, allowing a connection to the respective user profile and enabling Facebook to use the data for its own advertising purposes in accordance with Facebook's Data Use Policy (https://www.facebook.com/about/privacy/).

You can allow Facebook and its partners to display ads on and off Facebook. For this purpose, a cookie may be stored on your computer. These processing operations are carried out only with explicit consent in accordance with Art. 6 (1) lit. a GDPR.

Consent to the use of the Facebook Pixel may only be declared by users who are older than 13 years. If you are younger, we ask you to request permission from your legal guardians.

Facebook Inc., based in the USA, is certified under the EU-US Privacy Shield, which ensures compliance with the data protection level applicable in the EU.

To disable the use of cookies on your computer, you can set your internet browser so that no more cookies can be stored on your computer in the future or that already stored cookies are deleted. Disabling all cookies may cause some functions on our websites to not be executed. You can also disable the use of cookies by third parties, such as Facebook, on the following Digital Advertising Alliance website: https://www.aboutads.info/choices/

#### Google AdWords Remarketing

Our website uses the functions of Google AdWords Remarketing, which allows us to advertise this website in Google's search results and on third-party websites. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). For this purpose, Google places a cookie in the browser of your device, which enables interest-based advertising based on the pages you have visited. Processing is based on our legitimate interest in the optimal marketing of our website in accordance with Art. 6 (1) lit. f GDPR.

Further data processing only takes place if you have agreed with Google that your internet and app browsing history will be linked to your Google account and information from your Google account will be used to personalize ads you view on the web. If you are logged in to Google during your visit to our website, Google uses your data together with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked to Google Analytics data to form target groups.

You can permanently disable the setting of cookies for ad preferences by downloading and installing the browser plugin available at the following link: https://www.google.com/settings/ads/onweb/

You can also find out more about setting cookies and adjust your settings on the Digital Advertising Alliance website: https://www.aboutads.info/. Finally, you can set your browser to inform you about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Disabling cookies may limit the functionality of our website.

Google LLC, based in the USA, is certified under the EU-US Privacy Shield, which ensures compliance with the data protection level applicable in the EU.

For more information and the privacy policy regarding advertising and Google, please visit: https://www.google.com/policies/technologies/ads/

### 13) Rights of the Data Subject

#### 13.1 The applicable data protection law grants you comprehensive data subject rights (rights of information and intervention) with respect to the data controller regarding the processing of your personal data, about which we inform you below:

- **Right to information according to Art. 15 GDPR:** You have the right to obtain information about your personal data processed by us, the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of the right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if not collected by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved, the scope and intended effects of such processing, and your right to be informed about the safeguards under Art. 46 GDPR when your data is transferred to third countries;
- **Right to rectification according to Art. 16 GDPR:** You have the right to demand the immediate correction of incorrect data concerning you and/or the completion of your incomplete data stored by us;
- **Right to erasure according to Art. 17 GDPR:** You have the right to demand the erasure of your personal data if the conditions of Art. 17 (1) GDPR are met. This right does not exist, in particular, if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- **Right to restriction of processing according to Art. 18 GDPR:** You have the right to demand the restriction of the processing of your personal data as long as the accuracy of your data contested by you is verified, if you refuse the erasure of your data due to unlawful processing and instead demand the restriction of the processing of your data, if you need your data for the establishment, exercise, or defense of legal claims after we no longer need this data for the purpose of processing, or if you have objected to processing based on your particular situation, as long as it has not yet been determined whether our legitimate reasons outweigh yours;

- **Right to information according to Art. 19 GDPR:** If you have asserted the right to rectification, erasure, or restriction of processing against the data controller, the data controller is obliged to notify all recipients to whom the personal data relating to you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.
- **Right to data portability according to Art. 20 GDPR:** You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format, or to request the transfer to another controller, as far as this is technically feasible;
- **Right to withdraw consent according to Art. 7 (3) GDPR:** You have the right to withdraw your consent to data processing at any time with future effect. In case of withdrawal, we will immediately delete the data concerned unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of the processing carried out based on the consent before the withdrawal;
- **Right to lodge a complaint according to Art. 77 GDPR:** If you consider that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace, or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy.

#### 13.2 Right to Object

IF WE PROCESS YOUR PERSONAL DATA BASED

ON OUR PREDOMINANT LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME WITH FUTURE EFFECT ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS, AND FREEDOMS, OR IF THE PROCESSING IS FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT ADVERTISING PURPOSES.

### 14) Duration of Storage of Personal Data

The duration of the storage of personal data is determined by the respective statutory retention period (e.g., commercial and tax retention periods). After the period expires, the corresponding data is routinely deleted, provided it is no longer required for contract fulfillment or contract initiation and/or there is no legitimate interest in further storage on our part.