One Day

PRIVACY POLICY

Privacy Policy for www.oneday.de

I. Controller responsible for data processing

One Day e.V.
Wolfslaufstrasse 2
63768 Hoesbach
Germany
Tel.: +49 176 70277600
E-mail: hello@oneday.de

II. Provision of the website and creation of log files

When you visit our website www.oneday.de, the browser on your device used to access the website automatically sends information to our website’s server. This information is temporarily stored in a so-called log file. The following information is recorded without your involvement and stored until it is automatically erased:

  • IP address of the computer requesting access
  • Time at which the website was accessed
  • Name and URL of the website or file accessed
  • Website from which our website was accessed (referrer URL)
  • Browser type and version used to access our website
  • Operating system of your computer, where applicable

We process the details specified above for the following purposes:

  • To guarantee the smooth establishment of a connection with our website
  • To guarantee convenient use of our website
  • To evaluate the security and stability of the system
  • For other administrative purposes

The legal basis for the data processing is Article 6 paragraph 1 sentence 1 lit. f) of the General Data Protection Regulation (GDPR). Our legitimate interest is based on the purposes of the collection of data specified above. Under no circumstances do we use the data collected to draw any conclusions about your identity.

III. The use of cookies

We use cookies on our website. Cookies are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone or a similar device) when you visit our website. Cookies do not cause any damage to your device and do not contain any viruses, Trojans or other malware.

The cookie is used to store information recorded in connection with the specific device used to access the website. This does not, however, mean that we are able to directly identify you based on this information. One of the reasons for using cookies is to make using our website a more pleasant experience for you. We additionally use temporary cookies that are stored on your device for a specific fixed period to optimise the user-friendliness of our website.
The data processed by cookies are required for the specified purposes to protect our legitimate interests and those of third parties in accordance with Article 6 paragraph 1 sentence 1 lit. f GDPR. Most browsers accept cookies automatically. You can, however, configure your browser to stipulate that no cookies should be stored on your computer or a notification should always be displayed before a new cookie is created. Please note that the complete deactivation of cookies may prevent you from being able to fully use all functions of our website.

IV. Social media plug-ins

On the basis of Article 6 paragraph 1 sentence 1 lit. f GDPR, we use plug-ins from the social networks Facebook and Instagram on our website to increase awareness of our association on these platforms. The advertising purpose behind the use of these plug-ins is a legitimate interest as defined by the GDPR. Responsibility for compliance with data protection law when running these plug-ins must be guaranteed by their respective providers.
When integrating these plug-ins into our website, we use the so-called two-click method to provide visitors to our website with the best possible protection.

1. Facebook
Our website uses social media plug-ins from Facebook to make the use of our website more personal. We use the “LIKE” or “SHARE” buttons in connection with these plug-ins. This is a service provided by Facebook.
When you visit a page of our website that contains such a plug-in, your browser establishes a direct connection with the Facebook servers. The plug-in content is then transmitted from Facebook directly to your browser and integrated into the page by your browser. This integration of the plug-in provides Facebook with the information that your browser has visited the corresponding page of our website, even if you do not have a Facebook account or are currently not logged into Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA, where it is stored.
If you are logged into Facebook, Facebook can directly assign your visit to our website to your Facebook account. If you interact with the plug-ins, for example by clicking the “LIKE” or “SHARE” buttons, the corresponding information will also be directly transmitted to a Facebook server, where it will be stored. The information will additionally be published on Facebook and displayed to your Facebook friends. Facebook can use this information for the purposes of advertising, market research and the needs-oriented design of Facebook pages. To do so, Facebook creates usage, interest and relationship profiles, for example to evaluate your use of the website with regard to the advertisements shown to you on Facebook, to inform other Facebook users about your activities on our website and to perform other services connected to your use of Facebook.
If you do not want Facebook to associate the data collected via our website with your Facebook account, you must log out of your Facebook account before visiting our website.
You can find information on the purpose and scope of the collection and processing of data by Facebook and on your rights concerning this issue and the settings that you can use to protect your privacy in Facebook’s Data Policy (https://www.facebook.com/about/privacy/).

2. Instagram
Our website also uses so-called social plug-ins (“plug-ins”) from Instagram, which is operated by the company Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).
The plug-ins are marked with an Instagram logo, for example in the form of an “Instagram camera”. When you visit a page of our website that contains such a plug-in, your browser will establish a direct connection with the Instagram servers. The plug-in content will be transmitted from Instagram directly to your browser and integrated into the page. This integration of the content provides Instagram with the information that your browser has visited the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged into Instagram.
This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA, where it is stored. If you are logged into Instagram, Instagram can directly associate your visit to our website with your Instagram account. If you interact with the plug-ins, for example by clicking the “Instagram” button, the corresponding information will also be directly transmitted to an Instagram server, where it will be stored. The information will also be published on your Instagram account and displayed to your contacts.
If you do not want Instagram to directly associate the data collected via our website with your Instagram account, you must log out of Instagram before visiting our website.
For more information, please refer to Instagram’s Data Policy (https://help.instagram.com/155833707900388).

V. Integration of the Google Maps service

On the basis of Article 6 paragraph 1 sentence 1 lit. f GDPR, we use the service. Google Maps on our website in order to provide our customers with a convenient service that they can use to find our location and generate an individual route to our location. The purpose connected to the use of this service is to support and promote new customer relations by making a location easy to find and easily generating directions to our location. Responsibility for compliance with data protection law when providing this service is guaranteed by its provider Google.
When you click on the Google Maps service on our website, data are transmitted to Google Inc. (https://www.google.com/about/), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”). Cookies (cf. section III) may be used within this context. Such cookies generate information on your use of this website such as:

  • Browser type/version
  • Operating system used
  • Referrer URL (the page visited before our website)
  • Host name of the computer accessing our website (IP address)
  • Time of the server request

This information is transmitted to and stored on a Google server in the USA.
Specific data are recorded and stored in server protocols. These protocols contain information such as:
Details on how you used the service, for example your search queries.

VI. Contacting us via e-mail

You can send us an e-mail by clicking on one of our e-mail addresses on our website. Your e-mail browser will be used for this service. We receive your e-mail address and the content of your message, as well as any attachments you send. We use these data to process the enquiry or request that you send to us. The processing of data for the purpose of contacting our organisation occurs in accordance with Article 6 paragraph 1 sentence 1 lit. a GDPR on the basis of your consent given on a voluntary basis.
The personal data collected by us will be erased after processing, in consideration of any statutory periods of retention that may apply.

VII. Registration procedure and use of the shop

To place an order in our online shop, you need to register by providing your personal data. Users are required to provide their details on a form, which is subsequently transmitted to us and stored. These data are processed within the scope of the registration procedure on the legal basis of processing for the performance of the contract (Article 6 paragraph 1 lit. b GDPR). The data will be erased in consideration of the statutory retention periods after the contract has been performed, providing that no deviating information is specified below.
Some data are required for the registration and the performance of the contract: your e-mail address, a password, your name, the company for which you work (where applicable), your address or the company’s address, a different delivery address (where applicable) and your telephone number so that we can contact you if we have any questions. Your e-mail address will also be used to fulfil the statutory requirements for the conclusion of contracts in electronic legal transactions.
To pay for your purchases, you will be redirected to the PayPal or instant bank transfer (Sofortüberweisung) website, depending on which provider you select. On this website, you will be required to enter your payment details to submit your payment. Some data, for example the price, VAT rate, currency, product name, the number of products purchased and a transaction ID that enables us to assign the payment transaction to the purchasing process in our shop, will be transmitted to the service provider for the completion of the payment transaction.

VIII. Disclosure of data

Your personal data are not disclosed to third parties for any other reasons than those specified here.
We only pass on your personal data to third parties if:

  • you have granted us your express consent to do so pursuant to Article 6 paragraph 1 sentence 1 lit. a GDPR
  • the disclosure of your data is required to assert, exercise or defend legal claims pursuant to Article 6 paragraph 1 sentence 1 lit. f GDPR and there is no reason to assume that you have an overriding interest in the non-disclosure of your data that requires protection
  • in the case of a legal obligation to disclose the data pursuant to Article 6 paragraph 1 sentence 1 lit. c GDPR
  • if this is legally permitted and required for the implementation of contractual relationships with you pursuant to Article 6 paragraph 1 sentence 1 lit. b GDPR

If your personal data are disclosed to third parties, they are received by the following recipients / categories of recipient:
We have commissioned service providers to handle the storage, protection and provision of your data and all associated services and to maintain our website. We use service providers for all services concerning Internet access, telephony, e-mail and WhatsApp.
If your data are disclosed within the scope of commissioned data processing, we have concluded a commissioned data processing agreement with the service providers and comply with all further statutory requirements concerning commissioned data processing. Our service providers are predominantly based in the European Union, while others are in the USA. The service providers in the USA have agreed to comply with the requirements of the provisions agreed between the USA and the European Union in the EU-US Privacy Shield. The level of data protection of companies in the USA that have agreed to comply with the EU-US Privacy Shield requirements has been deemed adequate. The adequacy decision made by the European Commission with regard to the EU-US Privacy Shield can be accessed via this link:

IX. Rights of the data subject

You have the right to:

  • access information on data concerning you stored by us and its processing pursuant to Article 15 GDPR, especially information on the purposes of the processing, the categories of personal data concerned, the categories of recipient to whom your data have been or will be disclosed, the envisaged storage duration, the existence of the right to request rectification, erasure or restriction of processing or to object to such processing, the existence of a right to lodge a complaint, the origin of your data if they are not collected by us, the existence of automated decision-making including profiling and, where applicable, meaningful information about the details of such cases
  • obtain the rectification of inaccurate or incomplete personal data concerning you stored by us pursuant to Article 16 GDPR without undue delay
  • obtain the erasure of personal data concerning you stored by us pursuant to Article 17 GDPR if the processing of these data is not required for exercising the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims
  • obtain restriction of processing of personal data concerning you stored by us pursuant to Article 18 GDPR if you contest the accuracy of the data, the processing is unlawful but you oppose to the erasure of the data and we no longer require the data but you require them for the establishment, exercise or defence of legal claims or you have objected to the processing pursuant to Article 21 GDPR
  • receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format or to transmit these data to another controller pursuant to Article 20 GDPR
  • withdraw your consent granted to us at any time pursuant to Article 7 paragraph 3 GDPR, which will result in us no longer being permitted to continue the data processing based on this consent in the future
  • lodge a complaint with the supervisory authority pursuant to Article 77 GDPR – you can normally contact the supervisory authority of your usual place of residence or place of work or our company headquarters to lodge a complaint

X. The right to object

You can object to the processing of data for the purpose of protecting legitimate interests pursuant to Article 6 paragraph 1 lit. f GDPR if your particular situation gives rise to grounds that argue against the data processing. The objection must be submitted to hello@oneday.de or our postal address (cf. section I.).

XI. Amendments to the Privacy Policy

Due to the further development of our website and services provided via our website or as a result of amended legal or official requirements, it may become necessary for us to amend this Privacy Policy. You can access and print out the currently valid version of this Privacy Policy or privacy policies that previously applied on this website at any time.

Last updated: March 2020