Every order = donation for environment Delivery in 1-3 working days Laboratory-tested quality Money-back guarantee

Privacy

With this privacy policy, we, Weedo Lifestyle & Media GmbH, as the legal operator of the website accessible at www.hempcrew.de, inform you about the nature, scope and purpose of the collection and use of your personal data that becomes relevant when you visit the website and use our content.

As of May 25, 2018, the EU General Data Protection Regulation (GDPR) applies directly in all member states of the European Union.

Definition

The data protection declaration of the Weedo Lifestyle & Media GmbH uses terms which are given by the European Directive and Regulation Maker when issuing the Data Protection Regulation (DSGVO).

We use the following terms, among others, in this privacy policy:

Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Controller or data controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Consent means any freely given specific and informed indication of the data subject's wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.

Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

Responsible for the data processing is

Weedo Lifestyle & Media GmbH
Geigenbergerstr. 51
81477 Munich

Phone: 089/30707996
E-mail: info@hempcrew.de

Managing director: Philipp Ferrer

What data do we collect on our website?

You can generally move anonymously on our website. During your visit, usage data is stored, such as your IP address, the website from which you found us, the web pages you visit on our site, and the date and duration of your visit. All this data is evaluated anonymously and exclusively for statistical purposes. The evaluation is also carried out with the help of cookies (see the section. We do not create personal user profiles.

We may collect additional data in order to provide you with our online offers, content and function, this concerns inventory data (e.g. delivery/invoice address), contact data (e.g. e-mail) and content data (e.g. comments).

What do we process your data for and on what legal basis?

We process your personal data in compliance with the EU General Data Protection Regulation (DSGVO), the German Federal Data Protection Act (BDSG), and all other applicable laws. Depending on how you use our online content, there are different legal bases for this.

Art. 6 I lit. a DSGVO serves as our legal basis for processing operations in which we obtain consent for a specific processing purpose. Consent given can be revoked at any time.

If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the provision of another service or consideration, the processing is based on Article 6 I lit. b DSGVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or content.

If we are subject to a legal obligation by which a processing of personal data becomes necessary, such as for compliance with tax obligations, the processing is based on Art. 6 I lit. c DSGVO.

Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.

How long do we store your data?

We store your personal data that arises during the use of our website for as long as this is necessary for the above-mentioned purposes. In addition, we are subject to various legal obligations to provide proof and to retain data, which are regulated, among other things, in the German Commercial Code, in tax laws and in the German Fiscal Code. Accordingly, the storage periods are generally up to ten years.

Who receives personal data?

We only pass on your personal data to third parties if this is necessary for the fulfillment of a contract, if you have given your consent for this or if we are obliged to do so by law or on the basis of a court or official order.

If we cooperate with external service providers in the context of data processing, this is usually done on the basis of so-called commissioned processing, in which we remain responsible for data processing. We check each of these service providers in advance for the measures they have taken with regard to data protection and data security, thus ensuring that the contractual regulations for the protection of personal data provided for by law are complied with.

Will data be transferred to a third country or to an international organization?

If we transfer personal data to service providers outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other appropriate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contractual clauses) are in place.

To what extent is there automated decision-making in individual cases?

We do not use automated decision-making, nor do we engage in profiling.

Your data protection rights

You have the right to information according to Art. 15 DSGVO, the right to correction according to Art. 16 DSGVO, the right to deletion according to Art. 17 DSGVO, the right to restriction of processing according to Art. 18 DSGVO and the right to data portability from Art. 20 DSGVO. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 DSGVO in conjunction with § 19 BDSG).

Right of revocation

You have the right to revoke your consent at any time. This also applies to the revocation of declarations of consent given to us before the applicability of the General Data Protection Regulation, i.e. before May 25, 2018.

Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.

Right of appeal

You have the option of submitting a complaint to the data protection officer named above or to a data protection supervisory authority. The data protection supervisory authority responsible for us is:

Bavarian State Office for Data Protection Supervision (BayLDA).

Promenade 27

91522 Ansbach

What are cookies and what are they used for?

Cookies are text files that are stored in the cache of your Internet browser (e.g. Internet Explorer or Firefox) when you visit a website. Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognize your browser on your next visit. This has the advantage for you that your computer does not have to be logged in again when you repeatedly visit an encrypted page. Cookies do not store any personal data. We only use them for statistical evaluations in order to control the success of our Internet presence. The evaluation is anonymous. After 30 days at the latest, the cookies are deleted.

In your browser, you can set how cookies are handled: For example, you can specify that storage is only accepted if you agree to it beforehand. If you only want to accept the cookies of our website, but not the cookies of our service providers and partners, you can specify this in your browser via the setting "Block third-party cookies".

What are analysis tools and what are they used for?

The tracking measures we use are carried out on the basis of Art. 6 (1) p. 1 lit. f DSGVO. With the tracking measures used, we want to ensure a needs-based design and the ongoing optimization of our website. On the other hand, we use the tracking measures to statistically and anonymously record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

This website uses Google Analytics (with IP anonymization function), a web analytics service provided by Google Inc ("Google"). Weedo uses this service to understand how users use the website. Google Analytics is operated by:

Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

For this purpose, Google Analytics uses so-called "cookies" (text files), which are stored on your computer and which enable an analysis of your use of the website. These cookies do not contain any personal data, but if you provide personal data when visiting the website and do not delete the cookie from your browser after providing this data, the provider collects the non-personal data stored in the cookie (such as the number of visits) and stores it anonymously. You can prevent the storage of cookies by selecting the appropriate settings on your browser software. You can also prevent the collection of data generated by the cookie and related to your use of the website to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the link http://tools.google.com/dlpage/gaoptout?hl=de.

We generally use the addition "anonymizeIp" for the analysis via Google Analytics. By means of this add-on, the IP address of the person concerned is shortened and anonymized by Google if the access to our offer takes place from a member state of the European Union or from another state party to the Agreement on the European Economic Area.

This website uses Hotjar, an analytics software provided by Hotjar Ltd ("Hotjar").

Hotjar is operated by:

Hotjar Ltd, St Julian's Business Centre 3, Elia Zammit Street, St Julian's STJ , 1000, Malta.

With Hotjar it is possible to measure and analyze the usage behavior (clicks, mouse movements, scroll heights, etc.) on our website. The information generated by the "tracking code" and "cookie" about your visit to our website is transmitted to the Hotjar servers in Ireland and stored there. The following information is collected by the tracking code: Device dependent data.

The following information may be recorded by your device and browser: Your device's IP address (collected and stored in an anonymized format), screen size of your device, device type and browser information, Geographic location (country only), preferred language to display our website, user interactions such as mouse events (movement, position and clicks) and keystrokes, log data;

The following data is automatically created by our servers when Hotjar is used: Referring domain, pages visited, geographical location (country only), preferred language to display our website, date and time when the website was accessed;

Hotjar will use this information to evaluate your use of our website, generate usage reports, and provide other services related to website usage and internet evaluation of the website. Hotjar also uses third-party services, such as Google Analytics and Optimizely, to provide services. These third-party companies may store information that your browser sends as part of your website visit, such as cookies or IP requests. For more information about how Google Analytics and Optimizely store and use data, please see their respective privacy statements.

The cookies that Hotjar uses have different "lifetimes"; some remain valid for up to 365 days, and some remain valid only during the current visit.

You can prevent the collection of data by Hotjar by clicking on the following link and following the instructions there: https://www.hotjar.com/opt-out.

Google AdWords

We use the online advertising program "Google AdWords" and, as part of Google AdWords, conversion tracking. Google Conversion Tracking is an analysis service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer or terminal. These cookies lose their validity after 30 days, do not contain any personal data and are therefore not used for personal identification. If you visit certain web pages on our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google AdWords customer receives a different cookie. Thus, there is no way that cookies can be tracked across AdWords customers' websites. The information obtained using conversion tracking is used to create conversion statistics for AdWords customers. Here, AdWords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to identify users personally.

You can prevent the tracking by preventing the installation of cookies through a corresponding setting of your browser software (deactivation option). Furthermore, the option to object to interest-based advertising by Google. To do this, you must call up the link www.google.de/settings/ads from each of the Internet browsers you use and make the desired settings there. Further information and the applicable data protection provisions of Google can be accessed here.

Social networks ("social plugins")

At some points on our website, you have the option of accessing and/or sharing content via social networks. In doing so, we use social plugins ("plugins") of several social networks (including Facebook, YouTube, Instagram and similar) on our website. A corresponding logo identifies the plugins.

If you call up a web page of our website that contains such a plugin and you click on this plugin, your browser establishes a direct connection with server systems of the relevant social network. The content of the plugin is then transmitted directly to your browser and integrated by it into the website. A communication takes place between the plugin, your browser and the social network.

By integrating the plugins, the social networks receive the information that you have accessed the corresponding page of our website. If you are already logged into the social network, the social network can assign the visit to your account. If you interact with the plugins - e.g. post a comment - the corresponding information is transmitted directly to the social network and stored there according to the guidelines of the respective social network. The purpose and scope of the data collection and the further processing and use of the data by the social network, as well as your rights in this regard and setting options for protecting your privacy, can be found in the privacy policy of the respective social network. If you do not want social networks to know about your visit to our website, you must log out of the social networks before visiting our website.

Order processing in the online store and customer account

We process the data of our customers in the context of ordering processes in our online store to enable product selection as well as order processing and payment.
The processing is carried out for the purpose of providing contractual services in the context of operating an online store, including order processing. In doing so, we set session cookies for storing the shopping cart contents and your delivery address for future orders.
We disclose the data to third parties only in the context of delivery, payment or in the context of legal permissions and obligations to legal advisors and authorities. Optionally, a user account can be created, where you can, among other things, view your order history. The mandatory information required for this is requested as part of the registration process.
If users have cancelled their user account, their data with regard to the user account will be deleted, unless we are subject to certain retention obligations for reasons of commercial or tax law in accordance with Art. 6 para. 1 lit. c DSGVO.

Integration of the Trusted Shops Trustbadge

The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops seal of approval and any ratings collected, as well as to offer Trusted Shops products to buyers after they have placed an order.

This serves to protect our legitimate interests in an optimal marketing of our offer, which are overriding in the context of a balancing of interests according to Art. 6 para. 1 p. 1 lit. f DSGVO. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne.

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. This access data is not evaluated and is automatically overwritten at the latest seven days after the end of your visit to the site.

Further personal data is only transferred to Trusted Shops if you have consented to this, have decided to use Trusted Shops products after completing an order, or have already registered to use them. In this case, the contractual agreement between you and Trusted Shops applies.

Amazon affiliate program

We are participants in the affiliate program of Amazon EU, whereby we can receive advertising fees through the placement of advertisements and links to Amazon.co.uk. Amazon uses cookies to track the origin of orders and, if applicable, order transactions. For more information about Amazon's use of data and ways to object, click here.

Forum registration function

Users can create a forum account and fill it in voluntarily. The mandatory information required for this is requested during registration. The data requested will be used for the purpose of providing the member area and the forum account. If users have cancelled their user account, their data with regard to the user account will be deleted, unless we are subject to certain retention obligations for reasons of commercial or tax law in accordance with Art. 6 Para. 1 lit. c DSGVO. In the context of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user's protection against misuse and other unauthorized use.

E-mail newsletter with Mailchimp

If you register for our newsletter, we use the data required for this purpose or separately provided by you to send you our e-mail newsletter on a regular basis based on your consent. Unsubscribing from the newsletter is possible at any time and can be done either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter.

After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement."

Contacting

When contacting us (e.g. via contact form, email, telephone or via social media), your information will be processed and, if necessary, archived for the purpose of processing and handling the request in accordance with Art. 6 (1) lit. b) DSGVO.
We delete the requests if they are no longer necessary. We review the necessity every two years; Furthermore, the legal archiving obligations apply.


Comments and contributions

If you leave comments or other contributions, then we record your IP address. This is done for our security, in case someone leaves unlawful content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.

Third-party content

This website includes content from third-party providers, such as fonts, videos and images. In order to provide this content, these third-party providers may collect the IP address of the user. A list of the integrated services and third-party providers can be found below:

Google Fonts

External fonts, Google Fonts, are used on these Internet pages. Google Fonts is a service of Google Inc ("Google"). The integration of these web fonts takes place through a server call, usually a Google server in the USA. This transmits to the server which of our Internet pages you have visited. The IP address of the browser of the end device of the visitor to these Internet pages is also stored by Google. You can find more information in Google's privacy policy, which you can access here:

https://fonts.google.com/

www.google.com/policies/privacy/

ReCaptcha

On this website, the function for recognizing bots, e.g. when entering data in online forms ("ReCaptcha") of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, is enabled. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.


What do we do for data security?

We use the SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser. You can see whether an individual page of our website is transmitted in encrypted form by the closed key or lock symbol in the status bar of your browser.

We also use technical and organizational measures to protect your data against manipulation, loss, destruction or unauthorized access.

Links to other websites

We want to set only current and safe links to other websites on our website, but sometimes we do not notice immediately if linked contents change. If you notice that links on our website refer to Internet pages whose content violates applicable law, please inform us via the e-mail address info@hempcrew.de. We will then immediately remove these links from our website.

Girosolution

GiroSolution GmbH provides this data protection module for use in its customers' own data protection declarations as a service. The purpose of this module is to explain how GiroCheckout works. By providing this module, GiroSolution GmbH does not give any legal advice and does not assume any responsibility for the correctness, enforceability or data protection acceptance of the module itself. Each customer must legally check this module himself and accept it for himself or modify it accordingly before using it in his privacy policy.

Description and scope of data processing

For the use of payment systems on our Internet store portal, we use GiroSolution GmbH as a payment service provider. By means of an interface to their system "GiroCheckout", GiroSolution GmbH ensures the system-side connection of our store portal to the following payment procedures for us:

a) giropay
b) eps
c) IDeal
d) paydirekt
e) credit cards
f) GiroCode
g) direct debit
h) PayPal
i) Sofort bank transfer

Depending on the payment method, the following data is first passed on or retrieved to GiroSolution GmbH via GiroCheckout and then to the respective payment system and their service providers for the processing of payments:

a) Name and first name
b) IBAN
c) e-mail address
d) Information on the age of majority for giropay ID - age verification (the date of birth is not forwarded)
e) Information on the confirmation of the account details for giropay ID - account verification (IBAN and the BIC as well as the first and last name of the associated account holder)

Further information can be found in the GiroSolution GmbH terms and conditions (www.girosolution.de).

Legal basis for the data processing

The legal basis for data processing and for the transfer of data to the above-mentioned third parties is Art. 6 (1) lit. b DSGVO. In addition, Art. 6 para. 1 lit. f DSGVO is the legal basis for data processing.

Purpose of data processing

The transmission of the data and the processing of the same is necessary in order to carry out the payment of the transaction made by you on our Shopportal with the payment method selected by you and thus to be able to complete the transaction.

The connection of many different payment methods is complex and cost-intensive. Therefore, we use a service provider for the technical connection, in which our legitimate interest in the above data processing by GiroSolution GmbH according to Art. 6 para. 1 lit. f DSGVO is justified.

Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the above-mentioned data, this is the case when the contract has been settled and there are no longer any claims for return, i.e. after expiry of the statutory warranty or guarantee periods granted. Subject to legal retention periods beyond this point, the data will then be deleted.

Possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

PayPal
We offer the option of processing the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg). This is in line with our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f DSGVO). In this context, we share the following data with PayPal to the extent necessary for the performance of the contract (Art. 6 para. 1 lit b. DSGVO).

First name
Last name
Address
E-mail address
Telephone number

The processing of the data provided under this section is not required by law or contract. We cannot process a payment through PayPal without the submission of your personal data. [You have the option to choose another payment method].

 

PayPal conducts a credit check for various services such as payment by direct debit in order to ensure your willingness and ability to pay. This corresponds to the legitimate interest of PayPal (according to Art. 6 para. 1 lit. f DSGVO) and serves the execution of the contract (according to Art. 6 para. 1 lit. b DSGVO). For this purpose, your data (name, address and date of birth, bank account details) will be passed on to credit agencies. We have no influence on this process and only receive the result of whether the payment has been made or rejected or a check is pending.

You can find more information about objection and removal options vis-à-vis PayPal at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Your data will be stored until the payment processing is completed. This also includes the period required for the processing of refunds, claims management and fraud prevention. [A statutory retention period of [X] years applies to us in accordance with [§ 147 AO / § 257 HGB] for the following documents: [ ]].

Klarna Privacy Notice:

In order to offer you Klarna's payment options, we will transmit personal data, such as contact details and order data, to Klarna. This allows Klarna to assess whether you can use the payment options offered through Klarna and to adapt the payment options to your needs. General information about Klarna is available >here< . Your personal information will be treated by Klarna in accordance with applicable data protection laws and as set forth in >Klarna's Privacy Policy<.

Actuality and change of this privacy policy

This privacy policy is currently valid and has a status of 22.11.2020.