1. Introduction

This privacy policy informs you about the nature, scope, and purposes of collecting and using personal data when using the online shop at www.bluettipower.eu (hereinafter referred to as "online shop") of POWEROAK GmbH (hereinafter referred to as "we" or "us"). We are the responsible entity for all personal data collected on the online shop unless this privacy policy provides different information.

Personal data refers to information that can be used to identify a person, such as the name, email address, or telephone number. It also includes purely technical data that can be associated with a person.

 

2. Contact Details of the Controller

POWEROAK GmbH
Lise-Meitner-Str. 14
28816 Stuhr
Germany
Authorized Managing Director: Xiaoxiang Yan
Phone: +49 911 - 311 09 790
Email: sale-eu@bluettipower.com

 

3. Overview of Processing Activities

The following processing activities involving personal data are carried out on this online shop:

1. Server log files
2. Contact
3. Use of cookies 
4. Order processing and fulfillment

3.1 Automatic Collection of Access Data/Server Log Files

We automatically collect a range of technical data, which includes personal data, with each access to our online shop. These data include:

• User's IP address
• Name of the accessed online shop or file
• Date and time of access
• Transferred data volume
• Message about successful retrieval
• Browser type and version
• User's operating system
• User's device, including MAC address
• Referrer URL (the previously visited page)

These data are not merged with other personal data that you actively provide within the online shop. We collect server log files for the purpose of administering the online shop and being able to detect and defend against unauthorized access.

a) Legal basis

The processing of personal data in log files is based on Art. 6(1)(f) of the General Data Protection Regulation (GDPR). This legal basis allows the processing of personal data within the scope of the "legitimate interest" of the controller, provided that your fundamental rights, freedoms, or interests do not outweigh this interest. Our legitimate interest lies in facilitating administration and the ability to detect and track hacking attempts. You can object to this data processing at any time if you have reasons based on your particular situation that speak against the processing. To do so, simply send an email to sale-eu@bluettipower.com.

b) What are IP addresses?

IP addresses are assigned to any device (e.g., smartphone, tablet, PC) connected to the internet. The specific IP address depends on the internet connection your device is currently using. It can be the IP address assigned to you by your internet service provider when you are connected to the internet via your home Wi-Fi, or it can be the IP address assigned to you by your mobile network provider or the IP address of a public or private Wi-Fi or other internet access provider. In its most common form (IPv4), an IP address consists of four blocks of digits. As a private user, you typically do not use a constant IP address since it is only temporarily assigned to you by your provider (so-called "dynamic IP address"). With a permanently assigned IP address (so-called "static IP address"), it is theoretically easier to assign user data uniquely. Apart from the purpose of tracking unauthorized access to our online offerings, we do not use this data on a personal basis but analyze it anonymously to determine which of our online shops are favored, how many daily accesses occur, and similar information.

Our online shop already supports the new IPv6 addresses. If you already have an IPv6 address, you should also know the following: The IPv6 address consists of eight blocks of digits. The first four blocks are typically dynamically assigned to private users, just like the entire IPv4 address. However, the last four blocks of an IPv6 address (known as the "Interface Identifier") are determined by the device you use to browse the online shop. Unless otherwise configured in your operating system, the so-called MAC address is used for this purpose. The MAC address is a unique serial number assigned to each IP-capable device worldwide. Therefore, we do not store the last four blocks of your IPv6 address. In general, we recommend enabling the "Privacy Extension" on your device to better anonymize the last four blocks of your IPv6 address. Most common operating systems have a "Privacy Extension" function, although it may not be enabled by default in some cases.

c) Data Retention Period

The server log files containing the aforementioned data are automatically deleted after 180 days. However, we reserve the right to store the server log files for a longer period if circumstances indicate an unauthorized access attempt (such as hacking or a so-called DDoS attack).

3.2 Data Collection When Contacting Us

When you contact us via email or phone, the data you provide (your email address, optionally your name, and phone number) will be stored by us to address your inquiries.

a) Legal Basis

The processing of personal data from contact inquiries is based on Article 6(1)(b) of the GDPR. This legal basis allows the processing of personal data when it is necessary for the performance of a contract or for pre-contractual measures at the request of the data subject.

b) Data Retention Period

We will delete the data collected in connection with a contact inquiry once the storage is no longer necessary for handling your request, or we will restrict the processing if legal retention obligations apply.

3.3 Use of Cookies

Our webshop utilizes cookies for analytical purposes to enhance the visitor experience and improve the quality of our webshop and its content. Currently, our webshop uses the following cookies for analytical purposes:

• to analyze interactions with and performance of our Products;
• to debugto analyze interactions with and performance of our Products;
• to debug and identify errors that impair functionality;
• to detect security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity;
• for research related to technological development and demonstration;
• to improve or enhance our Products or website.

Please note that if cookies are not accepted, the functionality of our webshop may be limited.

a) Notes on Cookies

Cookies are small text files that are stored on your device by the browser when you visit our webshop. They enable individual services within a webshop to be "recognized" and remember the settings you have made. Cookies enhance user-friendliness by storing login data and are also commonly used to collect statistical data for analysis and advertising purposes.

Some cookies, known as session cookies, are automatically deleted from your device once you leave the webshop. Others, known as persistent cookies, are stored for a specific period, not exceeding two years. Additionally, we use third-party cookies, which are managed by third parties to provide specific services.

You have control over the use of cookies. Most browsers offer options to restrict or completely disable cookie storage. However, please note that without cookies, the functionality and ease of use of the webshop may be limited.

b) Legal Basis

The technical structure of the webshop requires the use of certain techniques, such as cookies, that are essential for the proper functioning of the webshop and enabling support functions. Opting out of these essential cookies would prevent the use of our webshop. The legal basis for processing such cookies is our legitimate interest under Article 6(1)(f) of the GDPR, which ensures the smooth operation and user-friendliness of our webshop.

We only set non-essential cookies with your consent, which you can provide through the Consent Manager on your initial visit to our webshop. These functions are activated and used with your consent to analyze and improve the webshop's usage, enhance its usability across different browsers or devices, recognize you upon revisiting, and deliver relevant advertising (including interest-based advertising) if necessary. The legal basis for processing these cookies is Article 6(1)(a) of the GDPR. You can revoke your consent at any time without affecting the lawfulness of processing prior to the revocation.

c) Duration of Data Storage

Session cookies are automatically deleted when you close the browser. The duration of storage for persistent cookies can be found in the cookie settings overview of your web browser.

3.4 Execution and Processing of Orders

When you place an order in our webshop, we collect various personal data (name, address, contact information, payment information) that we require for the execution and processing of the order.

a) Legal Basis

The processing of personal data related to the execution and processing of orders is based on Article 6(1)(b) of the GDPR. This legal basis allows the processing of personal data when it is necessary for the performance of a contract with the data subject.

b) Duration of Data Storage

We delete the data collected in connection with the execution and processing of an order once its storage is no longer necessary for the order processing, or we restrict the processing if there are legal retention obligations.

 

4. Your Rights

You have the right to request free information about the personal data stored about you. Additionally, you have the right to have incorrect data corrected, to request the restriction of processing of excessively processed data, and to request the deletion of unlawfully processed or excessively stored personal data (subject to legal retention obligations and other reasons under Article 17(3) of the GDPR). Furthermore, you have the right to receive all data you have provided to us in a commonly used and machine-readable format (right to data portability), provided that you have provided the data to us based on consent or for the performance of a contract.

You also have the right to lodge a complaint with a supervisory authority for data protection. A list of German and European data protection officers, as well as their contact details, can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

 

5. Objection to the Processing of Your Data, Article 21 of the GDPR

In the event of the processing of personal data for the performance of tasks carried out in the public interest (Article 6(1)(e) of the GDPR) or for the purposes of legitimate interests pursued by the data controller (Article 6(1)(f) of the GDPR), you have the right to object to the processing of your personal data at any time. The processing of personal data will then cease unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.
If you have the right to object to specific procedures, we will inform you accordingly within the description of each procedure.
To exercise your rights, simply send an email to sale-eu@bluettipower.com.

 

6. Revocation of Consent

If you have granted us consent for the processing of your personal data, you can revoke it at any time with effect for the future, without stating any reasons. To do so, simply send an email to the following email address. The revocation does not affect the lawfulness of processing based on the consent before its withdrawal.
To exercise your rights, simply send an email to sale-eu@bluettipower.com.

 

7. Recipients of Data

As a general rule, we do not disclose personal data to third parties unless explicitly mentioned in this privacy policy.

Personal data may be disclosed to the following categories of recipients:

• Service Providers. We may share personal information with our vendors and Service providers who perform services on our behalf. These third parties are authorized to use your personal information only as necessary to provide these services to us, such as fulfilling orders, processing payments, sending and improving communications, developing and improving our Products, detecting, preventing, and remediating fraud or other prohibited activities, and other support for the provision of our Products.

• Displaying to other users. The content you post to  www,bluettipower.eu may be displayed on www,bluettipower.eu. Other users may be able to see some information about you, such as your name if you submit a review. We are not responsible for privacy practices of the other users who will view and use the posted information.

• As required by law and similar disclosures. We may access, preserve, and disclose your personal information, other account information, and content if we believe doing so is required or appropriate to comply with law enforcement requests and legal process, such as a court order, government request, or subpoena. We may also access, preserve, and disclose your personal information, other account information, and content if we believe in good faith that disclosure is necessary to protect yours’, ours’ or others’ rights, property, or safety, or investigate fraud.

• Merger, sale, or other asset transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. The use of your personal information following any of the foregoing events should be governed by the provisions of the Privacy Policy in effect at the time such personal information was collected.

8. Transfer to Recipients outside the EEA

In the course of our business relationships, your personal data may be transferred to third-party companies or disclosed to them. These recipients may be located outside the European Economic Area (EEA), in third countries. Such processing is carried out solely for the purpose of fulfilling contractual and business obligations and maintaining your business relationship with us.

The European Commission has issued adequacy decisions certifying that certain third countries provide a level of data protection comparable to that of the EEA (a list of these countries and copies of the adequacy decisions can be obtained from: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions). However, in other third countries to which personal data may be transferred, there may be a lack of consistent high-level data protection due to the absence of adequate legal provisions. If this is the case, we ensure that sufficient data protection safeguards are in place. This can be achieved through binding corporate rules, standard contractual clauses issued by the European Commission for the protection of personal data, certifications, or approved codes of conduct.

 

9. No Obligation to Provide Personal Data

We do not make the conclusion of contracts with us conditional upon you providing us with personal data in advance. As a customer, you are generally not under a legal or contractual obligation to provide us with your personal data. However, certain offers may be limited or unavailable if you do not provide the necessary data. If this is the case for any of the products we offer, you will be separately informed.

 

10. No Automated Decision-Making

No automated decision-making, including profiling, takes place in accordance with Article 22(1) and (4) of the GDPR.