Privacy Policy

{ "@context":"http://schema.org/", "@type":"BreadcrumbList", "itemListElement": [{"@type":"ListItem","position":1,"item":{"@id":"\/","name":"Home"}},{"@type":"ListItem","position":2,"item":{"@id":"\/service\/","name":"Service"}},{"@type":"ListItem","position":3,"item":{"@id":"\/service\/privacy-policy\/","name":"Privacy Policy"}}] }

This privacy statement informs you about the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) in the context of our online offering and the websites, functions and content therein. are linked, as well as external online presences, such as our social media profiles (hereinafter jointly referred to as “online offering”). Regarding the terms used, such as “processing” or “data controller”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Data controller
Holzkonzept Wegner
Klaus Wegner
Talstr. 78
D-01662 Meissen

VAT identification number: DE 200623441
Tax identification number: 209/286/05044

Such. : +49 (0) 3521 454300
Fax: +49 (0) 3521 407635

Link to legal notices: https://www.geckox.shop/content/impressum/

Types of data processed:
- Inventory data (e.g. names, addresses).
- Contact details (e.g. email, telephone numbers).
- Content data (e.g. text entry, photographs, videos).
- Usage data (e.g. web pages visited, interest in content, access times).
- Metadata/communications data (e.g. equipment information, IP addresses).

Categories of people concerned
Visitors and users of the online offering (hereinafter we also refer to the persons concerned by the generic term “users”).

Purpose of processing
- Provision of the online offer, its functions and its content.
- Respond to contact requests and communicate with users.
- Security measures.
- Reach measurement/marketing

Terms used
“Personal data”: any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier (for example a cookie) or to one or more particular characteristics, specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

“Processing”: any operation or set of operations carried out or not using automated processes and applied to personal data. The term is broad and encompasses virtually any manipulation of data.

“Pseudonymisation”: the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to processing. technical and organizational measures ensuring that personal data are not attributed to an identified or identifiable natural person.

“Profiling”: any type of automated processing of personal data consisting of using them to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning performance at work, economic situation, health , personal preferences, interests, reliability, behavior, location or movement of that natural person.

The term “data controller” means the natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Processor”: a natural or legal person, public authority, body or other service which processes personal data on behalf of the controller.

Relevant legal bases
In accordance with Article 13 of the GDPR, we communicate to you the legal bases of our data processing. If the legal basis is not mentioned in the privacy statement, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR, the legal basis for processing for the provision of our services and the execution of contractual measures as well as for responding to requests is Article 6(1)(b) GDPR, the legal basis for processing for compliance with our legal obligations is Article 6(1)(c) GDPR, and the legal basis for processing for our legitimate interests is Article 6(1)(c) GDPR, and the legal basis for processing for our legitimate interests is Article 6(1)(c) GDPR f), GDPR. In the event that the vital interests of the person concerned or of another natural person make it necessary to For the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

Security measures
We take appropriate technical and organizational measures in accordance with Article 32 of the GDPR, taking into account the state of knowledge, the costs of implementation and the nature, scope, circumstances and purposes of the processing. as well as the different degrees of probability and severity of risks to the rights and freedoms of natural persons, in order to guarantee a level of protection adapted to the risk.

These measures include ensuring the confidentiality, integrity and availability of data by controlling physical access to data, as well as access, capture, transfer, availability and segregation of data. We have also put in place procedures to ensure the exercise of the rights of data subjects, the erasure of data and the response in the event of a risk to the data. Furthermore, we take the protection of personal data into account when developing or choosing hardware, software and procedures, in accordance with the principle of data protection by design and data protection by default (Article 25 of the GDPR).

Cooperation with subcontractors and third parties
If, as part of our processing, we disclose data to other persons and companies (subcontractors or third parties), if we pass it on to them or otherwise grant them access to the data, this only takes place on the basis of legal permission (e.g. if a transmission of data to third parties, such as payment service providers, is necessary for the execution of the contract in accordance with Article 6, paragraph 1, point b) GDPR), if you have given your consent, if a legal obligation provides for it or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.)

If we commission third parties to process data on the basis of a “processing contract”, we do so on the basis of Article 28 of the GDPR.

Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if we do so in the context of the use services of third parties or the disclosure or transfer of data to third parties, we only do so if this is necessary to fulfill our (pre)contractual obligations, on the basis of your consent, pursuant to a legal obligation or based on our legitimate interests. Subject to legal or contractual authorizations, we only process or have data processed in a third country if the specific conditions of articles 44 et seq. of the GDPR are met. That is to say, the processing is carried out, for example, on the basis of particular guarantees, such as the officially recognized establishment of a level of data protection equivalent to that of the EU (e.g. for United States, the “Privacy Shield”) or by compliance with specific officially recognized contractual obligations (called “standard contractual clauses”).

Rights of data subjects
You have the right to obtain confirmation that the data concerned is or is not being processed and to access this data, as well as to obtain additional information and a copy of the data in accordance with Article 15 of the GDPR.

You have the right, in accordance with Article 16 of the GDPR, to demand that the data concerning you be completed or that inaccurate data concerning you be rectified.

In accordance with Article 17 of the GDPR, you have the right to demand that the data concerned be immediately deleted or, failing that, in accordance with Article 18 of the GDPR, to demand restriction of the processing of the data.

You have the right to request to receive the data concerning you that you have provided to us, in accordance with Article 20 of the GDPR, and to request their transmission to other data controllers.

You also have the right, in accordance with Article 77 of the GDPR, to lodge a complaint with the competent supervisory authority.

Right to retract
You have the right to revoke consents granted in accordance with Article 7(3) GDPR with effect for the future.

Right to object
You can object at any time to the future processing of data concerning you, in accordance with Article 21 of the GDPR. The opposition may relate in particular to processing for direct advertising purposes.

Cookies and right to object to direct marketing
“Cookies” are small files that are stored on users’ computers. Different information may be stored in cookies. A cookie is mainly used to record donations born from a user (or from the device on which the cookie is stored) during or after his visit within the framework of an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted when a user leaves an online offering and closes their browser. The contents of a shopping cart in an online store or a login status can, for example, be stored in such a cookie. Cookies are said to be “permanent” or “persistent” when they remain stored even after closing the browser. For example, login status can be saved if users visit the site after several days. Likewise, user interests may be recorded in such a cookie and used for audience measurement or marketing purposes. By “third-party cookies” we mean cookies offered by suppliers other than the person responsible for the online offering (otherwise, if it concerns only its cookies, we speak of “first-party cookies”).

We may use temporary and permanent cookies and inform you of this in our privacy statement.

If users do not want cookies to be stored on their computer, they are advised to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the browser system settings. The exclusion of cookies may result in functional restrictions of this online offer.

A general opposition to the use of cookies used for online marketing purposes can be declared for a large number of services, particularly in the case of tracking, via the American site http://www.aboutads.info/choices/ or the European site http://www.youronlinechoices.com/. It is also possible to prevent the storage of cookies by deactivating them in the browser settings. Please note that you may not be able to use all the functions of this online offer.

Data erasure
The data we process is deleted or its processing is restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated in this privacy statement, the data we store is deleted as soon as it is no longer necessary to achieve its purpose and no legal retention obligation prevents its deletion. If the data is not deleted because it is necessary for other purposes authorized by law, its processing will be limited. This means that the data is blocked and not processed for other purposes. This is the case, for example, for data that must be retained for commercial or tax reasons.

In accordance with German legal provisions, retention takes place in particular for 10 years in accordance with Sections 147(1) of the German Tax Code (AO), 257(1)(1) and 4(4) of the Commercial Code (HGB ) (books, records, status reports, accounting documents, business books, tax-relevant documents, etc.) and 6 years in accordance with Section 257(1)(2) and (3)(4) HGB (business letters).

In accordance with Austrian legal provisions, retention takes place in particular for 7 years in accordance with Article 132, paragraph 1, of the Austrian Tax Code (BAO) (accounting documents, supporting documents/invoices, accounts, supporting documents, commercial documents, statement of revenues and expenses, etc.), for 22 years in relation to real estate and for 10 years for documents relating to services provided electronically, telecommunications, radio and television services provided to non-entrepreneurs in EU Member States and for which the Mini VAT One-Stop Shop (MOSS) is used.

Activity-related processing
In addition, we process
- contractual data (for example, subject of the contract, duration, category of customers),
- payment data (e.g. bank details, payment history)
of our customers, prospects and business partners for the provision of contractual services, customer service and management, marketing, advertising and market research.

Order processing in the online store and customer account
We process the data of our customers as part of the ordering processes in our online store in order to enable them to select and order the chosen products and services, and to make their payment, receipt or execution possible.

The data processed includes inventory data, communication data, contractual data as well as payment data. People affected by trafficking ment includes our customers, prospects and other business partners. The processing is carried out for the purpose of providing contractual services in the context of operating an online store, billing, delivery and customer services. To do this, we use session cookies to store the contents of the shopping cart and permanent cookies to store the connection status.

The processing is carried out on the basis of Article 6 (1) (b) (execution of order processes) and (c) (legally required archiving) of the GDPR. In this context, information marked as mandatory is necessary for the creation and execution of the contract. We only disclose data to third parties in the context of delivery, payment or within the framework of legal permissions and obligations vis-à-vis legal advisers and authorities. Data is only processed in third countries if this is necessary for the execution of the contract (e.g. at the request of the customer upon delivery or payment).

Users can, if they wish, create a user account which allows them to view their orders. As part of the registration, the required mandatory data is indicated to users. User accounts are not public and cannot be indexed by search engines. When users terminate their account, their data relating to that account is deleted, provided that its retention is not necessary for commercial or tax reasons, in accordance with Article 6(1)(c) of the GDPR. The information contained in the customer account is kept until it is deleted, followed by its archiving in the event of a legal obligation. It is the users' responsibility to back up their data in the event of termination before the end of the contract.

As part of registration and re-registrations as well as the use of our online services, we record the IP address and the time of the user's action. Storage is based on our legitimate interests, as well as the protection of users against abuse and other unauthorized uses. This data is in principle not passed on to third parties, unless it is necessary for the pursuit of our rights or there is a legal obligation to do so in accordance with Article 6 (1) (c) of the GDPR.

The deletion takes place upon expiry of legal warranty obligations and similar obligations. The need to retain data is checked every three years; in the case of legal archiving obligations, deletion takes place upon expiry of these (end of the retention obligation under commercial law (6 years) and tax law (10 years)).

External payment service providers
We use external payment service providers whose platforms enable us and users to carry out payment transactions (e.g. with a link to the privacy statement in each case, Paypal (https://www.paypal.com/uk/webapps/mpp/business), Klarna (https://www.klarna.com/international/), Skrill (https://www.skrill.com/en/), Visa (https://www.visa.com/legal/privacy-policy.html) , Mastercard (https://www.mastercard.co.uk/en-gb.html), American Express (https://www.americanexpress.com/en-gb/).

In the context of the execution of contracts, we use payment service providers on the basis of Article 6 (1) (b) GDPR. Furthermore, we use external payment service providers on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR, in order to offer our users efficient and effective payment options. safe.

Data processed by payment service providers includes inventory data, such as name and address, banking data, such as account or credit card numbers, passwords, TAN numbers and checksums, as well as information relating to the contract, amount and beneficiary. This information is necessary to complete transactions. However, the data entered is only processed and stored by the payment service providers. That is to say, we do not receive account or credit card information, but only information with confirmation or not of payment. In certain circumstances, data may be transmitted by payment service providers to agencies credit assessment. The purpose of this transmission is to verify identity and solvency. In this regard, we refer to the general terms and conditions and data protection information of the payment service providers.

Payment transactions are subject to the terms and conditions and data protection information of the relevant payment service providers, which can be found on the corresponding websites or transaction applications. We also refer you there for further information and to assert your rights of withdrawal, information and other rights of the persons concerned.

Recording function
Users can create a user account. As part of the registration, the required mandatory data is communicated to users and processed on the basis of Article 6 (1) (b) GDPR for the purpose of providing the user account. The data processed includes connection information (name, password and email address). The data entered during registration is used to make the use of the user account possible for specific purposes.

Users can be informed by email of information relevant to their user account, such as technical changes. If users have terminated their user account, their data relating to this account will be deleted, subject to legal retention obligations. It is the users' responsibility to back up their data in the event of termination before the end of the contract. We are entitled to irremediably delete all user data stored during the term of the contract.

As part of the use of our registration and login functions as well as the use of the user account, we record the IP address and the time of the user's action. Storage is based on our legitimate interests, as well as the protection of users against abuse and other unauthorized uses. This data is in principle not passed on to third parties, unless it is necessary for the pursuit of our rights or there is a legal obligation to do so in accordance with Article 6(1)(c) GDPR . IP addresses are anonymized or deleted after 7 days at the latest.

Comments and contributions
When users leave comments or other contributions, their IP addresses may be stored for 7 days on the basis of our legitimate interests within the meaning of Article 6(1)(f) GDPR. This aims to guarantee our security, in case someone leaves illicit content in comments and messages (insults, prohibited political propaganda, etc.). If applicable, we ourselves may be sued for the comment or contribution and are therefore interested in the identity of the author.

Furthermore, we reserve the right, on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR, to process user data for spam detection purposes.

On the same legal basis, we reserve the right, in the case of surveys, to retain the IP addresses of users for their duration and to use cookies in order to avoid multiple votes.

The data provided in the context of comments and contributions are kept permanently by us until users object.

Making contact
When a user contacts us (e.g. by contact form, e-mail, telephone or via social media), the information provided by the user is used to process the contact request and its execution in accordance with Article 6 , paragraph 1, point b) (in the context of contractual/pre-contractual relationships), or Article 6, paragraph 1, point f)(other requests), of the GDPR. The information provided by users may be stored in a comparable customer relationship management system (“CRM system”) or request organization.

We delete requests if they are no longer necessary. We check the necessity every two years, in addition legal archiving obligations apply.

Hosting and sending emails
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, email sending, security services and technical maintenance services that we use for the purpose of operating this online offering.

In this context, we, or our host, process inventory data, contact data, content data, contractual data, use, metadata and communication data of customers, interested persons and visitors to this online offer on the basis of our legitimate interests in the efficient and secure provision of this offer in accordance with Article 6, paragraph 1 (f) of the GDPR in connection with Article 28 of the GDPR (conclusion of a subcontracting contract).

Collection of access data and log files
We, or our host, collect on the basis of our legitimate interests within the meaning of Article 6(1)(f) GDPR, data on each access to the server on which this service is located (so-called log files of the server). The access data includes the name of the website consulted, the file, the date and time of the consultation, the amount of data transmitted, the notification of the successful consultation, the browser type and its version, the user's operating system, referring URL (previously visited page), IP address and service provider.

The log file information is stored for security reasons (e.g. to investigate abuse or fraud) for a maximum of 7 days, after which it is deleted. Data whose further retention is necessary for evidentiary purposes are excluded from deletion until the definitive resolution of the incident in question.

Google Tag Manager
Google Tag Manager is a solution that allows us to manage so-called website tags via an interface (and thus integrate Google Analytics and other Google marketing services into our online offering, for example) . The tag manager itself (which implements the tags) does not process users' personal data. With regard to the processing of users' personal data, we refer to the following information on Google services. Use policy: https://marketingplatform.google.com/intl/en/about/analytics/tag-manager/use-policy/.

Google Analytics
On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Article 6(1)(f) , GDPR), we use Google Analytics, a web analysis service from Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by users is usually transmitted to a Google server in the United States and stored there.

Google is certified under the Privacy Shield agreement and thus offers a guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online offering by users, to compile reports on the activities within this online offering and to provide other service-related services to us. use of it and the internet. In this context, pseudonymous usage profiles of users can be created from the processed data.

We only use Google Analytics with IP anonymization enabled. This means that the IP address of users will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent cookies from being stored by configuring their browser software accordingly; users can additionally prevent the collection of data generated by the cookie and relating to their use of the online offer by Google, as well as the processing of this data by Google, by downloading and installing the available browser plug-in under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information on Google's use of data, settings and objection options, see Google's privacy policy (https://policies.google.com/technologies/ads) as well as the privacy settings. display of advertisements by Google (https://adssettings.google.com/authenticated).

Users' personal data is deleted or anonymized after 14 months.

Click here to opt out of Google Analytics

Bing Ads
As part of our online offering, we use, on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Article 6(1)(f) GDPR), the conversion tool and tracking “Bing Ads” from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. In this context, cookies are stored by Microsoft on user devices to enable an analysis of the use of our online offering by users, insofar as they have accessed our online offering via a Microsoft ad. Bing (so-called “conversion measurement”). We and Microsoft can thus recognize that a person has clicked on an ad, been redirected to our online offering and reached a predefined landing page (so-called “conversion page”). We only know the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No IP address is recorded. No personal information on the identity of users is communicated.

Microsoft is certified under the Privacy Shield agreement and thus offers a guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).

If users do not wish to participate in the Bing Ads tracking procedure, they can also deactivate the installation of a cookie necessary for this purpose by configuring their browser or using the Microsoft opt-out page: http:// choice.microsoft.com/fr-fr/opt-out.

For more information about data protection and cookies used by Microsoft Bing Ads, users can consult the Microsoft privacy statement: https://privacy.microsoft.com/en-en/privacystatement.

Dienstleister	Terrariengröße	Deutschland (ohne Insel)	Inselzuschlag Deutschland	Nachnahmegebühr Deutschland
GLS	100 x 40 x 50 cm	kostenlos	14,00 €	8,00 €
GLS	100 x 50 x 50 cm	kostenlos	14,00 €	8,00 €
GLS	120 x 60 x 60 cm	kostenlos	14,00 €	8,00 €
GLS	120 x 60 x 80 cm	kostenlos	28,00 €	8,00 €
GLS	120 x 80 x 60 cm	kostenlos	28,00 €	8,00 €
GLS	120 x 80 x 80 cm	kostenlos	28,00 €	8,00 €
GLS	150 x 60 x 60 cm	kostenlos	28,00 €	8,00 €
Cargoline	150 x 60 x 80 cm	kostenlos	28,00 €	18,00 €
Cargoline	150 x 80 x 60 cm	kostenlos	28,00 €	18,00 €
Cargoline	150 x 80 x 80 cm	kostenlos	28,00 €	18,00 €

Dienstleister	Terrariengröße	Deutschland (ohne Insel)	Inselzuschlag Deutschland	Nachnahmegebühr Deutschland
GLS	50 x 40 x 100 cm	kostenlos	14,00 €	8,00 €
GLS	60 x 60 x 120 cm	kostenlos	14,00 €	8,00 €
GLS	80 x 80 x 120 cm	kostenlos	28,00 €	8,00 €
GLS	60 x 60 x 150 cm	kostenlos	28,00 €	8,00 €
Cargoline	80 x 80 x 150 cm	kostenlos	28,00 €	18,00 €

Dienstleister	Terrariengröße	Deutschland (ohne Insel)	Inselzuschlag Deutschland	Nachnahmegebühr Deutschland
GLS	120 x 60 x 60 cm	kostenlos	42,00 €	8,00 €
GLS	150 x 60 x 60 cm	kostenlos	42,00 €	8,00 €

Zusatzpaket	Deutschland (ohne Insel)	Inselzuschlag Deutschland
Zierleistenpaket*	kostenlos	kostenlos
Sicherheitschloß*	kostenlos	kostenlos
Nässe-Schutzpaket*	kostenlos	kostenlos

Dienstleister	Größe	Deutschland (ohne Insel)	Inselzuschlag Deutschland
	Waren	5,90 €	12,00 €
außer	Glasführungsprofil	4,60 €	12,00 €
außer	Rückwände	7,90 €	12,00 €