Privacy policy

_
_
Last updated: June 23, 2023 _______________________________________________________________________________
___
___

Security and Data Protection

Privacy and security are especially important to Reevela. Through constant optimisation of all technical security fundamentals, Reevela is continuously improving the protection of your data.

If you voluntarily provide us with personal data, e.g. via our contact form, by e-mail or as part of the use of our online shop, the processing is carried out in accordance with the requirements of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).

Name and contact details of the authority designated as responsible for the processing of that data:
Reevela Technology Systems ApS
Inge Lehmanns Gade 10
8000 Aarhus C / Denmark
Tel: +45 26 29 61 23
Email: email@reevela.com

Available Mon-Fri 9am-4pm, Copenhagen Time

Data Protection Officer
Lee Chamberlain, Email: lee@reevela.com

Transfer of data
Your data is in good hands. We promise you that: We will not sell your personal data to third parties, nor lease it to other companies for advertising purposes.

We only share your personal information with third parties if:

- you have given us explicit consent to do so in accordance with Art. 6 para. 1 lit. a GDPR
- to the extent permitted by law and in accordance with Art. 6 para. 1 lit. b GDPR necessary for the settlement of contractual relationships with you, your personal data will be passed on to third parties. This includes credit institutions, postal and courier services and logistics companies.
- External service companies process data on our behalf as a processor. Your data is subject to the same privacy standards as ours. The recipient of the data may only use the data for the purposes for which the data was transmitted to them. The external service providers include data centres and companies that support us in the maintenance of computer equipment and IT applications.
- in the event that disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR there is a legal obligation.
- disclosure pursuant to Art. 6 para. 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to believe that you have an overriding interest in not disclosing your data.

For further details on the transfer of personal data, please refer to the explanations below.

SSL Encryption
Personal data on this website are transmitted only in an encrypted form, using the TLS encryption method (Transport Layer Security, also known as SSL, Secure Sockets Layer). The TLS v1.2 method used is at this time one of the safest ways to encrypt data. Reevela uses a 256-bit encryption pursuant to AES (Advanced Encryption Standard) and thus meets the highest security standards. The issuer of the SSL certificate is Let's Encrypt.

Through the application of the SSL encryption, your data will be mutated so that a third party could not reconstruct it before it is transmitted to the Reevela-server. This encryption procedure also ensures that your data will be sent exclusively to the server from which it was requested. Once the data is received by the Reevela server, it is verified in regards to completeness and immutability.

If you use the Internet Explorer as your browser, you can identify the encrypted data transmission by the yellow lock icon in the address bar of your browser.

Personal data
Pursuant to Art. 4 No. 1 GDPR, personal data means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Personal data is therefore any data that is personally available to you, e.g. name, address, e-mail address, phone number or IP address.

Collection and storage of personal data and the nature and purpose of its use

When visiting the website
When you visit our website, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

- IP address of the requesting computer (shortened in the logfile),
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access is made (referrer URL),
- the browser used and, if applicable, the operating system of your computer and the name of your access provider.

The mentioned data will be processed by us for the following purposes:

- Ensuring a smooth connection of the website,
- Ensuring comfortable use of our website,
- evaluation of system security and stability as well as
- for other administrative purposes. Reevela uses the IP address to protect the customer and to prevent misuse of the website or to detect misuse. We point out that the IP address is only used in a shortened version and further processed in order to exclude a direct reference to a person.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

In addition, we use cookies when you visit our website. You will find more detailed explanations under the data protection declaration below.

Customer registration
Here, Reevela processes and uses the data, which has been voluntarily entered into input forms and transmitted to Reevela. These are, e.g. the name, address and other contact details such as telephone number and e-mail address, a user name and password (Art. 6 (1) (1) (b) GDPR for the execution of contractual relationships). You can also order as a guest user and your data will then be used and processed for the implementation of the contractual relationship and to process the order.

Orders in the online shop
We collect personal data when you voluntarily provide it to us for the purpose of carrying out a contract or opening a customer account. This can include, e.g. name, address and e-mail address. This data is used and stored by us for the execution of the contract and the delivery of your order (Art. 6 (1) (1) (b) GDPR for the execution of contractual relationships).

Processing of orders
In order for us to be able to process and deliver your online shop orders, we pass on the necessary data to the logistics company responsible for the delivery, e.g. name and delivery address (Art. 6 (1) (1) (b) GDPR for the execution of contractual relationships). In addition, your e-mail address can be forwarded to the supplier. You will then receive an e-mail to use the tracking service and to know when your package will arrive. The data transmitted in this way may only be used by the recipient for the purpose of performing his task. Any other use of the information is not permitted.

Newsletter registration and shipping
If, pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, you have given your explicit consent and have registered to our newsletter (double opt-in procedure), we use your e-mail address and any other personal data you have provided to send you regular newsletters. For the receipt of the newsletter the indication of an e-mail address is sufficient. You can resign from receiving these newsletters from us at any time e.g. via a link at the end of each newsletter. You can also send us an e-mail to unsubscribe at any time. The data is then deleted and no longer used for the newsletter distribution.

Use of our contact form, contact by e-mail
For questions of any kind, we offer you the opportunity to contact us via a form provided on the website or to send us an e-mail. It is necessary to provide a name and a valid e-mail address in the contact form so that we know who the request came from and where to send the reply. Further information can be made voluntarily in the contact form. The legal basis for processing data is our legitimate interest in responding to your request and establishing contact in accordance with Art. 6 (1) point f GDPR. Your data will be deleted after final processing of your enquiry; this is the case if it can be inferred from the circumstances that the facts in question have been finally clarified, provided that there are no legal storage obligations to the contrary. If your contact is aimed at the conclusion of a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR (processing of contractual relationships).

Commentary function / customer reviews
Within the scope of the commentary function on this website, in addition to your comment, information on the time of writing the comment and the name of the commentator you have chosen are stored and published on the website. Furthermore, your IP address is logged and stored. This IP address is stored for security reasons, in case the person concerned violates the rights of third parties or posts illegal content by submitting a comment. We need your e-mail address to contact you if a third party should object to your published content as unlawful. The legal basis for the storage of your data is Art. 6 (1) point b and f GDPR. We reserve the right to delete comments if they are objected to as unlawful by third parties.

Each consumer review is checked for authenticity before it is published, ensuring that reviews only come from consumers who have actually purchased the products being reviewed.
Verification is carried out by making the submission of a review dependent on a previous purchase. The reviews are manually checked for text passages that do not comply with the law and approved before publication.

Payment Services

Payment via Stripe (Apple Pay, Google Pay, Mastercard, Visa)
For payment via the payment service provider Stripe, credit card via Stripe, direct debit via Stripe  we will transfer your payment data to Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland (hereinafter referred to as "Stripe"), in accordance with Article 6 (1) (1) (b) GDPR for the execution of contractual relationships. Stripe reserves the right to undertake a credit check for the payment methods credit card via Stripe, direct debit via Stripe or - if offered - "purchase on account". The result of the credit check on the statistical probability of default is used by Stripe to confirm creditworthiness, willingness and ability of the customers to pay. The credit information can contain probability values (so-called score values). Insofar as score values are included in the results of the credit rating, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of score values includes, among other things, address data. For further information in regards to data protection and credit checks by Stripe, please refer to the Stripe privacy policy:
https://stripe.com/en-dk/privacy-center/legal

Cookies

Reevela uses so-called cookies on some internet sites in order to enable web-based applications to manage the status of an online visit and to provide smooth navigation between the separate services and contents on the website as well as to provide the internet user with permanent settings on the Reevela website.

A cookie is a small file that is transferred by Reevela onto the user’s computer when he or she visits the Reevela website. A cookie only contains information that Reevela itself transmits to the user’s computer – private files cannot be read by a cookie.
When cookies are accepted by the user, Reevela does not have access to his or her personal information. Reevela may however identify the user’s computer through the use of the cookies. Reevela uses cookies so that the user can fill and manage the shopping cart during a session, and that Reevela's website can be tailored even more towards the desires of the customer.

Reevela uses „session-based“ cookies that are not stored permanently on the visitor’s computer. These temporary cookies will be deleted after leaving the website. Using the gathered information, Reevela is able to analyse usage patterns and structures of the website. This enables further continuous optimisation of the website by improving the content and the usage.

Reevela also uses “persistent“ cookies. These cookies remain on the customer’s computer, simplifying shopping and registration services during their next visit. For example, the cookies are able to remember which articles the customer has chosen for purchase while he or she continues to shop. Furthermore, the customer only has to enter passwords once on sites that require registration.

Permanent cookies can be removed manually by the user. The permanent cookies used by Reevela will be stored for up to 1000 days on your hard disk. Afterwards, they are automatically deleted. Most of the standard browsers accept cookies by default. Temporary or stored cookies can be enabled or disabled independently in the browser’s security settings. If cookies are disabled, certain features on Reevela webpages may not be available and some websites may not be displayed correctly.

In order to use the Reevela shopping cart and the checkout, session-related cookies have to be allowed! If the customer generally does not wish to, or cannot, allow cookies it is also possible to order at Reevela by email, phone or fax.

Reevela works with some partner companies in order to increase the value of the internet assortment and of the websites for the user. Therefore, cookies from partner companies are also stored on your website when you visit Reevela websites. These cookies are “persistent” cookies. These cookies remain on the computer of the user and are automatically deleted after the specified lifetime. The lifetimes may be up to 22 years in some cases. Our partner companies do not have any access to your personal information and personal data. The pseudonymous data is never merged with your personal data. The pseudonymous data includes data about the products that were searched for or which ones were viewed and bought by the user. This information is only used to enable our partner companies to, for example, show advertising that might actually interest the user or to prevent a user seeing the same advertisements over and over.

The data processed by cookies are for the purpose of safeguarding our legitimate interests as well as the interests of third parties according to Art. 6. para. 1 sentence 1 lit. f GDRP or according to Art 6. para. 1 lit b GDRP. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message appears before a new cookie is created. Disabling cookies may result in not being able to use all of the features on our website.

Use of social media, online marketing, web analytics and tracking services as well as tools of other service providers

The technologies and measures used by Reevela are in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR based on our legitimate interests. With the measures and the associated statistical recording and evaluation of the use of our website, we want to ensure a needs-based design and continuous optimisation of our website and optimal marketing of our website and reach. The described data processing operations can acc. Art. 6 (1) lit. F. GDPR also exist on the basis of the legitimate interests of the individual providers (e.g. in the display of personalised advertising or to inform other users of social networks about your activities on our website).

Google Remarketing Tag
On our websites, technologies by Google (Google Remarketing Tag) are used to collect and store data for marketing purposes. From this data, anonymised usage profiles can be created and stored in cookies. Third parties, including Google, serve ads on web pages in the internet. These parties, including Google, use cookies to serve ads based on your previous visits to our website, as part of the remarketing tag function. The data collected by the remarketing tag function, will not – without your separate consent – be used to personally identify you as a visitor of this website and will not be merged with personal information from the anonymised user profile. You can opt out of the use of cookies by Google by going to https://www.google.com/settings/u/0/ads/authenticated and clicking on the "opt out"-button. Alternatively, you may find the deactivation site of the Network Advertising Initiative here: http://www.networkadvertising.org/managing/opt_out.asp. For more information about Google’s privacy policy can be found here: http://www.google.com/intl/eng/privacy.

Google uses Standard Data Protection Clauses.

Google Conversion Tracking
We use Google Conversion Tracking on our website. It is an analysis service by Google Inc. (“Google”). Google Adwords places a cookie on your computer (“conversion cookie”), if you came to our website via a Google advertisement. These cookies will expire after 30 days and are not personally identifiable. You can visit certain pages of ours and the cookie has not expired, Google and we are able to see that someone clicked on the advertisement and was directed to our webpage. Every AdWords customer receives a different cookie. Cookies can be tracked over different web sites of AdWords customers. The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted to use conversion tracking. The AdWords customers will know the total amount of users that clicked on their advertisement and were directed to a webpage with a conversion tracking tag. They won’t receive any information that would allow them to identify the user personally, however. If you do not want to be part of the tracking procedure, you can also reject the necessary cookie – by generally deactivating the automatic storage of cookies, for example. You can also deactivate cookies for conversion tracking by adjusting your browser settings to only block cookies from the domain “googleadservices.com”. Google’s privacy policy for conversion tracking can be found here https://services.google.com/sitestats/en.html.

Google uses Standard Data Protection Clauses.

Google Double-Click
On our website, we use DoubleClick by Google, which is a service by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). DoubleClick uses cookies in order to show you relevant advertisements. This includes verifying which ads were shown in your browser and which ones were clicked. The cookies do not contain any personal information. The use of the DoubleClick cookies allows Google and their partner pages to place advertisements based on previous visits to ours or other websites. You can prevent the storage of cookies by adjusting setting your web browser. You can also prevent the collection of the data created by the cookie and the processing of this data by google by downloading and installing the browser plug-in available here: https://www.google.com/settings/ads/plugin. You can also deactivate the use of cookies by Google by clicking on the “opt out” button at: https://www.google.com/settings/u/0/ads/authenticated. Alternatively, you can access the deactivation page of the network advertising initiative: http://www.networkadvertising.org/managing/opt_out.asp. For more information about Google’s privacy policy can be found here: http://www.google.com/intl/eng/privacy.

Google uses Standard Data Protection Clauses.

Google Analytics
This website uses Google Analytics, including the function Universal Analytics, a web analysis service of the Google Inc. Google Analytics uses so-called Cookies, text files which are stored on your computer and which allow an analysis of the use of the website by you. Through Universal Analytics and the use of a pseudonym user ID, device-crossing activities (e.g. tablet, PC or laptop) on our website can be analysed. The information generated by the cookie concerning your use of this website (including your IP address) will be passed on to a Google server in the USA and saved there. In case of an activation of the IP-anonymization on this website, your IP-address will be shortened by Google within the member states of the European Union or in other contractual states of the Agreement on the European Economic Area. Only in exceptional cases will the complete IP-address be transmitted to a Google-server in the USA and shortened then and there. Google will use this information on behalf of this website’s provider for the purpose of evaluating your website to gather reports concerning the website’s activities and to furthermore provide services around this website. Google Analytics does not combine your transmitted IP-address data with other data collected by Google. You can prevent the storage of cookies by a specific setting in your browser-software; however please note that if you do this you may not be able to use the full functionality of this website. You can furthermore prevent the collection of your data (including your IP-address) by Google as well as the processing of that data by Google by downloading and installing the following browser-plugin: http://tools.google.com/dlpage/gaoptout?hl=eng

Alternatively, you can prevent the processing of your data by Google by clicking on the following link: Click here, to be excluded from the Google Analytics measurement protocol.

Google uses Standard Data Protection Clauses.

We hereby point out that this website uses Google Analytics including Universal Analytics with the add-on „anonymizeIp()“, which is in accordance with privacy regularities. IP-addresses thereby are processed only in a shortened version to exclude any possibility of direct personal relation.

Facebook Pixel
We use the “Pixel” by Facebook, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) for the analysis and support of online marketing measures. With its help we can track the movements of users after they see or click on a Facebook ad. This is how we can evaluate the significance of Facebook ads for statistics and market analysis purposes. The data collected is anonymous and personal data of individual users is not visible to us. However, the information is saved and processed by Facebook. Facebook can connect the information with your Facebook account and use them for its own advertising purposes according to Facebook’s Data Policy: https://www.facebook.com/policy.php. Cookies may be saved on your computer for this purpose. You can prevent the storage of cookies by adjusting setting your web browser.

Facebook uses Standard Data Protection Clauses.

Facebook Plugins
Our website also includes plugins by the social network Facebook. Our website is configured so that a direct connection between your browser and the Facebook server is made only when you click on a Facebook plugin. A connection will not be made automatically as soon as you open our website. Data is transmitted to Facebook only after you click on the plug-in, consciously “activating” it. If you click on the Facebook button while you’re logged in on your Facebook account, Facebook can possibly associate the visit to our website with your account. We would like to point out that as the provider of the web page we have no knowledge of the content of the transmitted data or of their use through Facebook. Further information about this can be found in Facebook’s Data Policy: http://de-de.facebook.com/policy.php. If you do not wish for Facebook to be able to associate the visit of our website with your Facebook account, please do not click on the Facebook plugins or log out of your Facebook account.

Facebook uses Standard Data Protection Clauses.

Pinterest
We use the „Pin it“ button by the social media network Pinterest (Pinterest, Inc., 808 Brannan St, San Francisco, CA 94103, USA). Our website is configured so that a direct connection between your browser and the Pinterest server is made only when you click on a Pinterest plugin. A connection will not be made automatically as soon as you open our website. Data is transmitted to Pinterest only after you click on a plug-in, consciously “activating” it. If you click on the Pinterest button while you’re logged in on your Pinterest account, Pinterest can possibly associate the visit to our website with your account. We would like to point out that as the provider of the web page we have no knowledge of the content of the transmitted data or of their use through Pinterest. Further information and settings options can be found in the Pinterest privacy policy here: http://pinterest.com/about/privacy/. If you do not wish for Pinterest to be able to associate the visit of our website with your Pinterest account, please do not click on the Pinterest plugins or log out of your Pinterest account.

Pinterest uses Standard Data Protection Clauses.

Trustpilot
We offer you the possibility to evaluate our service through a rating service (de.trustpilot.com) operated by Trustpilot A/S, Pilestræde 58, 5, 3rd floor, 1112 Copenhagen, Denmark. The evaluation is published on the Trustpilot internet pages and can also be displayed in so-called widgets on the Reevela website. In order to rate us without having to first log in to Trustpilot, we offer a direct evaluation via a “Unique Link”. By clicking on this link, we send your name, e-mail address and order number as a unique reference to Trustpilot. This information is sent encrypted and will not be transmitted in plaintext or be passed on to third parties. You can find more information about the “Unique Link” here: https://support.trustpilot.com/hc/en-us/articles/204953148-The-Unique-Link. Please also find Trustpilot’s privacy policy at http://legal.trustpilot.com/end-user-privacy-terms.

Deletion and blocking of personal data
We only process and store personal data for the period of time required to achieve the purpose of storage (e.g. due business transaction) or which corresponds to a legal storage / retention period. If the purpose of the storage is omitted or if a legal storage / retention period expires, the personal data will be deleted. If legal storage / storage obligations should continue to exist, e.g. after proper business transaction or having answered your inquiry, we will restrict the processing, e.g. by blocking your data. If retention periods relating to commercial or tax law must be observed, the storage time for particular data may equal up to 10 years.

Rights of the affected person

As an affected person(s), you have the right:

- to demand information about your personal data processed by Reevela in accordance with Art. 15 GDPR. In particular, you have the right to information regarding processing purposes, the recipients or categories of recipients to whom the personal data have been disclosed, the planned duration for which the personal data is stored, the right of rectification, deletion, limitation of the processing or the right to object to such processing, all available information on the source of the information, and the existence of an automated decision-making process;
- to request the immediate correction or completion of incomplete personal data in accordance with Art. 16 GDPR;
- to demand, in accordance with Art. 17 GDPR, the immediate deletion of your personal data, unless the processing is necessary for the fulfilment of a legal obligation by Reevela or for the performance of a public interest task or in the exercise of public authority delegated to Reevela and /or assertion, exercise, or defence of legal claims;
- to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR, as far as the accuracy of the personal data is disputed by you, the processing is unlawful but you refuse its deletion and we no longer need the data, but you require them to assert exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- to receive personally identifiable information provided to Reevela in accordance with Art. 20 GDPR, in a structured, common and machine-readable format, and to transfer that data to another responsible person;
- to revoke your once given consent to us at any time pursuant to Art. 7 para. 3 GDPR. As a result, we are not allowed to continue the data processing based on this consent for the future and
- to lodge a complaint to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

Right to withdraw
If your personal data is based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which is implemented by us without specifying any particular situation.

If you exercise your right of objection, we will stop the processing of the data concerned. However, we can continue to process your personal data, despite your objections, if in the case of processing based on legitimate interests or on the performance of a task in the public interest/exercise of official authority, we can prove that we have compelling legitimate grounds that override your interests, rights and freedoms.

If you would like to make use of your rights, please send us an e-mail.