• United States (USD $) - English
  • Deutsch
  • Español
  • Français
  • Italiano
  • Nederlands
Always available for you +49 8022 26969

PRIVACY POLICY

Naturally, we take all issues involving data protection very seriously. It is thus very important to us to protect your privacy – at all times – in the course of our online offers. If and to the extent that you voluntarily communicate personal data to us, then these data shall be collected and stored in accordance with the statutory data protection provisions of the EU General Data Protection Regulation (the “GDPR”), as amended, commencing on 25 May 2018, the Bundesdatenschutzgesetz (the Federal Data Protection Act, the “BDSG”), as well as the Telemediengesetz (the Telemedia Act, the “TMG”). Naturally, all data shall be treated confidentially. In the following data protection information, we would like to inform you in detail as to how your data will be handled.

  • Name and contact data of the controller
      Within the meaning of the General Data Protection Regulation, as contemplated by Article 4(7) GDPR, other data protection laws applicable in the Member States of the European Union, and other provisions having the character of data protection law, the controller is:
      NickisBächstädt GmbH ("nickis.com")
      Seestraße 5
      83700 Rottach-Egern am Tegernsee
      Tel.: +49 8022 - 26969
      Fax: +49 8022 938 5310
      E-Mail: info@nickis.com
  • Data protection officer contact data
      You can reach our data protection officer at datenschutz@nickis.com or at our surface mail address, directed to “Data Protection Officer.”
  • Angabe der Art der verarbeiteten Daten
      Generally, the collection, processing, and use of personal data are restricted to the use of our internet presence and the requisite measure and the requisite data. ‘Personal data’ are all data which are personally relatable to you, e.g., name, address, email addresses, and user behavior.
      You can transfer types of personal data to us at various points on our website. These are listed in the following:
    • Registration
        As part of the registration through the “Log in or Register” button, the following personal data are transferred and stored:
      • Initial registration
        • email address
      • "My Account"
          Furthermore, you can place the following personal data in your account, which data, however, are necessary by no later than when ordering and are transferred to us:
        • first name
        • last name
        • company name (optional)
        • street, number
        • postal code, city
        • country
        • telephone number (optional)
        • email address
      • Newsletter subscription
          If you subscribe for our newsletter, then we will require the following personal data from you:
        • email address
    • Contact form
        In the course of making contact through the contact form, the following personal data are transferred:
      • first name
      • last name
      • reason for making contact
      • message
    • Applicant form
        Through our application form within the “career” page, you transfer to us the following types of personal data:
      • first name
      • last name
      • email address
      • telephone number
      • documents such as CV and/or cover letter and/or evaluations/references
    • Recording of webserver log data
        With each retrieval of our website, your internet browser transmits a series of technically necessary data to our webserver. These data are stored in the log files of the webserver. The following data are recorded:
      • browser types and versions used
      • the operating system used by the accessing system
      • the website from which access is made to our internet site, and the sub-sites over which an accessing system is effected on our internet site (referrer)
      • date and time of the accessing
      • name of the requested data file
      • size of the data file transferred
      • the IP address from which the request was effected
      • These data are stored separately from the personal data. In no event are they associated with your personal data. By extension, this precludes the possibility of making inferences to a particular person.

  • Specification of the purpose of the processed data
      In the following, the purpose of the collection is listed for each of the types of data set forth under (3.):
    • Registration and “My Account”
        On our website, you have the opportunity to register yourself. This registration serves the purpose of enabling you in the future to place additional personal data under “My Account” along with your email address. This information is necessary in order to enter into the contract. We require the data for the purposes of delivery and making out invoices. In addition, in the future you will be able to place orders more rapidly and easily.
        The account created also includes information about past orders (so-called “Order History”) and the products marked by you as favorites on “Your Wish List.”
    • Order
        We require your personal data as part of an order for both the delivery and to make out the invoice.
    • Newsletter subscription
        Should you be interested in our newsletter and subscribe, then we will require an email address from you in order to have the newsletter sent to you in the future. In each newsletter that you receive from us, you will also have the opportunity to unsubscribe from it.
    • Establishing contact using the contact form or email
        Our website contains instructions that enable the rapid establishment of electronic contact to our company as well as direct communication with us. Insofar as you contact us via email or via a contact form, the personal data transferred by you will be automatically stored. Such personal data transferred by you to us on a voluntary basis will be stored for the purposes of processing or for establishing contact with you. No sharing of your personal data with third parties shall take place. After your contact request has been finished, your data will be erased, insofar as no statutory retention periods exist.
    • Application using the application form
        In order to be able to process your online application, it is necessary to collect, store, and use your personal data. We use your personal data exclusively for carrying out and processing your application. Your personal data will be forwarded exclusively to the offices and departments responsible for the specific application process, and will not be shared with other companies or with any third parties.
    • Recording webserver log data
        In using the webserver log data, we do not draw any inferences about the data subject. Rather, the webserver log data are used to correctly deliver the contents of our internet site, to guarantee the sustained functionality of our information technology systems and of the technology of our internet site, as well as to furnish law enforcement authorities the information necessary for a criminal-law prosecution in the event of a cyberattack.
        The anonymously collected data and information are evaluated by us, statistically, on the one hand, and moreover, with the objective of increasing data protection and data security in our company, in order to ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
    • Encryption and other security measures
        Within the website, we use the widespread SSL procedure (secure socket layer) in conjunction with the respectively highest stage of encryption that is supported by your web browser. As a rule, this involves a 256-bit encryption. In the event that your browser does not support 256-bit encryption, we then resort to a 128-bit v3 technology. You can determine whether or not an individual page of our internet presence is transferred encrypted in the closed depiction of the key or lock symbol in the bottom status bar of your browser.
        Apart from that, we make use of suitable technical and organizational security measures in order to protect your data against accidental or intentional manipulation, whole or partial loss or destruction, or against unauthorized access by third parties. Our security measures are continuously improved in keeping with technological development.
  • Statement of legal basis for the data processing
      At nickis.com, we process personal data to perform on a contract entered into with you. Article 6(1)(a) and (b) GDPR serve as the legal basis for us for this purpose.

      Subscription and the subsequent sending of the newsletter involve a processing procedure for which we obtain a consent for a certain processing purpose (double opt-in for receipt of the newsletter). For this purpose, Article 6(1)(a) and (f) GDPR serve our company as the legal bases. The same legal bases apply to the registration and to sending an application through the application form as to establishing contact through the contact form.

      The data processing of the webserver logs is effected on the basis of the statutory provisions of Article 6(1)(f) GDPR (safeguarding legitimate interests of the controller).

      With regard to our marketing campaigns, you have expressly consented to the processing of your data, or the issue involves processing of the necessary personal data for the purposes of a legitimate interest of our company or of a third party, except where such interest is overridden by your fundamental rights and freedoms. For this purpose, Article 6(1)(a) and (f) GDPR serve us as the legal bases.
  • Sharing with third parties
      Personal data are shared with third parties, if at all, only in the instances explicitly set forth in this Data Protection Declaration. These cases are:
    • In the event of a completed order, we give your data to the retained shipping company, to the extent that the data are necessary for delivery. Your payment data are then transmitted to the corresponding payment service provider in accordance with the payment method selected by you. The payment service provider shall bear the responsibility for your payment data. Further use shall take place only if you have consented to it.
    • If you have subscribed to the newsletter, then your email address will be shared with our service providers for purposes of sending the newsletter. The service providers have obligated themselves towards us to comply with the applicable data protection regulations.
    • When you register or place an order, your data are stored on the webservers rented by us.
    • If you have decided for the “on account” payment mode, then your data shall be shared with our service provider Klarna for a creditworthiness review. You can find additional information here: Klarna’s Privacy Notice
    • In the event of an application through our application form, your data shall be shared with our service provider Personio GmbH.
    • All outside service providers were carefully selected and retained by us, are bound by our instructions, and are regularly checked. To the extent that our service providers or partners have their seat in a country outside the European Economic Area (EEA), we shall inform you about the consequence of these circumstances in the description of each offer, availed of as the case may be.

  • Storage period
      We shall process your personal data, to the extent necessary, for the duration of the entire business relationship (from the initiation, transacting, through the end of a contract), in addition to in accordance with the statutory retention and documentation duties, which, e.g., arise on the basis of standards imposed by commercial and tax law, as well as through the end of any possible legal dispute or ongoing warranty and guarantee periods. The specific storage periods:
    • Registration
        If you have registered and created an account, then it will continue to exist until you request us in writing to erase the account.
    • Newsletter
        After you have subscribed to our newsletter, at the end of each newsletter the opportunity is offered to unsubscribe to it.
    • Order
        In accordance with statutory regulations, there exists a retention duty of ten (10) years.
    • Contact through contact form
        Your information, including personal data from our contact form, is transferred to us for purposes of addressing your inquiry. The data are stored until the inquiry has been completely addressed.
    • Storage period of online applications
        The data of your online application are stored by us for the duration of your application procedure. After the end of your application procedure, we erase the data of your online application after six (6) months, if your application had been unsuccessful. This shall not apply insofar as statutory rules and regulations stand opposed to the erasure. In the event of a successful application, we shall place the application data into the personnel file, observing what is permissible under law.
    • Storage period of webserver log data
        The data are stored by us for one week.
  • Notice of rights of data subjects
      (a) Right to access
      In accordance with Article 15 GDPR, at any time you have the right to receive access to your personal data stored with us. In particular, you can obtain access to the purposes of the processing, the category of the personal data, and the categories of recipients, to whom your data were or are being disclosed, the envisaged storage period, the existence of a right to rectification, erasure, and restriction of the processing or objection, the existence of a right to lodge a complaint, and the source of your data, insofar as these are not collected by us, as well as concerning the existence of automated decision-making, including profiling and, as applicable, meaningful information about the details concerning such.

      (b) Right to rectification
      In accordance with Article 16 GDPR, you have the right to obtain, without undue delay, the rectification of any inaccurate personal data concerning you. Additionally, you have the right to have incomplete personal data completed, taking the purposes of the processing into account.

      (c) Right to erasure
      In accordance with Article 17 GDPR, you have the right to obtain the erasure of personal data concerning you without undue delay, to the extent that no legal retention duty exists or that any further legitimate reasons stand opposed to it.

      (d) Right to restriction of processing
      In accordance with Article 18 GDPR, you have the right to obtain the restriction of processing of your personal data, to the extent that the data’s accuracy is contested by you, the processing is unlawful, but you oppose the data’s erasure and we no longer need the data, but you require the data for the establishment, exercise or defense of legal claims, or you have lodged an objection as contemplated by Article 21 GDPR (see (e) below) against the processing.

      (e) Right to object
      You have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning you which is based on processing in the public interest, in the exercise of official authority, for the purposes of the legitimate interests pursued by the provider or by a third party . Such shall also apply to profiling based on those provisions. In the event of objection, we shall no longer use the data, unless we can demonstrate compelling legitimate grounds for the processing, which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise or defense of legal claims. If the personal data are collected for direct marketing purposes, then the data subject shall have the right to object at any time to processing of personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

      (f) Right to data portability
      In accordance with Article 20 GDPR, you shall have the right to receive the personal data concerning you, which you have made available to us, in a structured, commonly used, and machine-readable format. Moreover, you have the right to have these data, under certain preconditions, transmitted by us directly to another provider.
  • Right to withdraw a consent
      In accordance with Article 7(3) GDPR, you have the right to withdraw, at any time, an already-issued consent to the processing of your personal data (newsletter subscription, registration, contact over the contact form, or through an application). Such shall be without prejudice to the lawfulness of the processing based on the consent before its withdrawal.

      Please direct your withdrawal to info@nickis.com

      To withdraw the newsletter subscription, at the end of each newsletter, there is the opportunity to unsubscribe. In such a case, the data previously stored about you will be anonymized and in further consequence used solely for statistical purposes without any personal relation. The withdrawal of the consent shall be without prejudice to the lawfulness of the processing based on the consent before its withdrawal.
  • 10. Notice of a right to lodge a complaint with the supervisory authority
      In accordance with Article 77 GDPR, you have the right to lodge a complaint at the data protection supervisory authorities at any time. As a rule, for this purpose you can contact the supervisory authority of your habitual residence or place of work, or that of our company seat.
  • 11. Information about statutory or contractual requirements concerning the provision of personal data; requirement necessary to enter into a contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide such
      We would like to clarify to you that the provision of personal data is in part statutorily prescribed (e.g., tax regulations) or can also arise from contractual provisions (e.g., specifications as to contracting partner). On occasion, for entering into a contract it can be necessary that you make available to us personal data which subsequently must be processed by us. For example, you shall be obligated to provide us personal information if our company enters into a contract with you. Such is the case in the event of an order placed online or over the telephone. If you do not provide your personal data, then as a consequence it will not be possible to enter into the contract. You can contact us prior to providing any personal data. We will clarify to you for the individual case whether the provision of personal data is statutorily or contractually required or necessary for entering into the contract, whether any obligation exists to provide the personal data, and which consequences would arise from failure to provide such data.
  • Existence of automated decision-making or profiling
      We use an automated decision-making/profiling. In so doing, we use personal data, such as the age of the child, gender of the child, or the like, in order to show you personalized content. This takes place within the framework of newsletters or product suggestions on the website corresponding to your interests and products purchased. The objective is to facilitate and speed up your search for appropriate products.
  • Webanalyse & Cookies
    • Google Analytics
        This website uses Google Analytics, a web analysis service of Google, Inc. (“Google”). Google Analytics uses so-called “cookies,” text data files, which are stored on your computer and enable an analysis of the use of the website by the user. The information generated by the cookie about the use of this website is, as a rule, transferred to a Google server in the United States and stored there. In the event the IP anonymization on this website is activated, the IP address, however, is abbreviated by Google ahead of time within the Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in cases of exception will the complete IP address be transferred to a server in the United States and abbreviated there. On behalf of the operator of this website, Google will use this information to evaluate the use of the website, to compile reports about the website activities, and to render additional services associated with the website and internet use vis-à-vis the website operator. The IP address transmitted by your browser in the course of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by commensurately setting your browser software; however, we would like to point out to you that in this event, it is possible that you may not be able to use all of this website’s functions to their fullest extent.

        Moreover, you can prevent the recording of data generated by the cookie and related to your use of the website (incl. your IP address) by Google, as well as the processing of these data by Google, by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en

        Alternatively, and particularly with browsers on mobile devices, in the future you will be able to prevent Google Analytics from recording the data of this website with this browser by placement of an opt-out cookie. Click here to deactivate Google Analytics. Should you erase the opt-out cookie, then you will have to click on this link again in order to prevent Google Analytics from recording the data of this website with this browser.

        This website uses Google Analytics with the expansion “_anonymizeIp().” By means of such, IP addresses are further processed having been abbreviated; in this way, any ability to relate such to a specific person is ruled out. To the extent that any relation to the person arises to the data collected about you, this will be ruled out immediately and, by extension, the personal data promptly erased.

        We use Google Analytics to be able to analyze and regularly improve the use of our website. Through the statistics obtained, we can improve our offer and design it to be of greater interest to you as the user. For the cases of exception in which personal data are transferred to the United States, Google subjected itself to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Article 6(1)(1)(f) GDPR [sic].

        Information of third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms and conditions of use: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/en/analytics/learn/privacy.html, and the data protection: http://www.google.com/intl/de/policies/privacy .
        Link for deactivating Google services: https://policies.google.com/technologies/ads?hl=en
    • Criteo
        Furthermore, information about the web surfing behavior of visitors to the website is collected and stored for marketing purposes in anonymized form on this website using technologies of Criteo GmbH and of Google Inc. These data are stored with the aid of so-called cookie text data files (regarding “cookies,” please see below) on your computer. The stored surfing behavior is analyzed by means of an algorithm, so that targeted product recommendations can then be displayed in the form of advertising banners or advertisements on the websites of third parties (so-called publishers). These data cannot be used for the purpose of personally identifying the visitor to the website. The data collected are used solely for needs-based design or improvement of the offer. No additional use or other sharing with third parties takes place. You can object at any time to this anonymous analysis of your web surfing behavior by retrieving the following deactivation links:

        Link for deactivating Criteo services: http://www.criteo.com/en/privacy/
    • Facebook remarketing/retargeting
        The remarketing tags of the social media network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, are integrated on our websites. If you visit our websites, a direct connection between your browser and the Facebook server is created through the remarketing tags. Facebook thereby receives the information that you have been visiting our site with your IP address. This way, Facebook can match the visit to our sites to your user account. We can use the information obtained in this way for the display of Facebook Ads. The legal basis is found, as a rule, in Article 6(1)(1)(f) GDPR [sic]. We would like to point out that we, as the provider of sites, do not have any knowledge of the content of the transferred data or of their use by Facebook. You can find additional information concerning this in Facebook’s Data Policy at: https://www.facebook.com/about/privacy/ In the event that you do not desire any data recording by Custom Audience, you can deactivate Custom Audiences here.
    • Bing
        We use Bing Ads to advertise online for our company. Here, a small text data file is used, also known as a cookie, in order to record the completion of transaction processing. In so doing, products or services can be more effectively marketed. The legal basis, as a rule, is Article 6(1)(1)(f) GDPR [sic]. Bing Ads are supposed to ensure that all data collected remain anonymous and cannot be used to identify persons.

        Cookies can be erased in browsers such as Internet Explorer and Mozilla Firefox. Moreover, there it can be selected which cookies are supposed to be allowed or not on the computer. You can find information in the browser’s Help section about erasure of cookies or, on the other hand, about changes to data protection practices for the computer.
    • Tracdelight
        With the aid of tracdelight GmbH (Commercial Register no.: HRB 219591, VAT ID no.: DE814842587), we are trying, by means of third-party product recommendations to enlarge our range and to win over new clients. After sales, data of the buyer are stored for intra-company purposes, e.g., statistical assessments. This is accomplished using an implemented pixel, which is built into the order confirmation site in the HTML source code of our shop. The only data tracdelight GmbH obtains are those which are not traceable to an individual person. These anonymous details include, e.g., the turnaround time or which web browser was used. These details are processed further exclusively for the purpose of optimizing one’s own website. The legal basis, as a rule, is Article 6(1)(1)(f) GDPR [sic]. Personal data are never shared by us with third parties, nor are they sold. You can find further information in the data protection declaration of Conversant Europe Limited under the following link: : https://www.tracdelight.com/privacy
    • CJ
        Commission Junction by Conversant Europe Limited is a provider in the area of affiliate marketing, used by us for long-term affiliate programs and short-term lead campaigns. For the purpose of optimizing and assessing these programs and/or campaigns, certain customer data are stored. These data can be subdivided into personal and non-personal data. Commission Junction receives exclusively non-personal customer data; unless data is voluntarily provided by the customer to the affiliate network. With the aid of personal data, we can segment and/or classify sales made, in order to create internal assessments and to exhaust further potentials. They are not shared with or sold to third parties. You can find additional information in the Conversant Europe Limited data protection declaration at the following link: https://www.conversantmedia.com/legal/privacy
    • Stylight
        Some products are listed and offered on the portal of Stylight GmbH (Commercial Register number: HRB 176416). Information concerning sales made are stored using an integrated tracking pixel. This is retrieved only after a successful purchase. The data are used exclusively for internal purposes and are not shared with third parties. The legal basis is Article 6(1)(1)(f) GDPR [sic]. You can obtain additional information from the Privacy Policy of Stylight GmbH at the following link: https://about.stylight.com/privacy-policy-de_DE
    • Trbo web analysis A/B-Testing
      • Furthermore, this website carries out analyses of user behavior through a so-called A/B testing. In so doing, we can display our websites to you with slight variations in content, corresponding to each profile classification done. In this way, we can analyze our offer, regularly improve it, and design it in a more interesting manner for you as the user. The legal basis for the A/B testing is Article (6)(1)(1)(f) GDPR [sic].
      • For this assessment, cookies are stored on your computer. The information thusly collected is stored exclusively on its server in Germany. You prevent the assessment by erasing present cookies and by preventing further cookies from being stored. If you prevent cookies from being stored, we would like to point out that you may not be able to use our website to its fullest extent. It is possible to prevent cookies from being stored by means of the setting in your browser.
      • Prior to carrying out the analyses, the IP addresses will be further processed in an abbreviated form; in this way, any ability to relate such to a specific person is ruled out. The IP address transmitted by your browser will not be merged with other data collected by us.
    • Cookies
        Our websites use cookies to configure the operation of these websites in a simpler, more customer-friendly manner. Cookies are small text data files that the internet browser stores on the user’s computer. If the user subsequently retrieves the corresponding website again, cookies make it possible to recognize the computer once more. As a consequence of this recognition, for instance, data entered one time already stand at the ready when an order form is filled out more than once. Ordinarily, cookies are used which, after the end of the browser, are automatically erased from the user’s hard drive (so-called ‘session cookies’). Other cookies can remain on the user’s computer and have the effect that the user is recognized subsequently upon the next visit (so-called ‘permanent cookies’). The permanent cookies are automatically erased after the expiration of the prescribed time period, which can be different for each cookie. You can erase the permanent cookies at any time in the security settings of your browser. In addition, at any time you can change the storage of cookies in the browser settings of your computer. To do so, the function “do not accept cookies” must be activated. In Google Chrome, you can activate the function “do not accept any cookies” here: chrome://settings/content/cookies. However, this can possibly result in your no longer being able to use a website to its fullest extent.

        List of the cookies generated by our website::

        Cookie name

        Storage duration

        Purpose

        Associated service (see above from 13.1)

        _ga

        2 years

        Analysis for ad placement

        Google Analytics

        _gid

        3 days

        Analysis for ad placement

        Google Analytics

        _uetsid

        1 hour

        Analysis for ad placement

        Bing

        cto_lwid

        1,1 years

        Analysis for ad placement

        Criteo

        trbo_sess_{id}

        1 Stunde

        Web analysis for A/B testing

        Trbo

        trbo_session

        1 hour

        Web analysis for A/B testing

        Trbo

        trbo_us_{id}

        3 Jahre

        Web analysis for A/B testing

        Trbo

        trbo_usr

        3 years

        Web analysis for A/B testing

        Trbo

        SERVERID

        browser session

        Routing A/B testing

        Nickis

        PHPSESSID

        browser session

        authentication and authorization

        Nickis

        catwalk_basket

        browser session

        improved user experience

        Nickis

        language

        browser session

        improved user experience

        Nickis

        local_currency

        3 days

        improved user experience

        Nickis

        nickis_site_part

        3 days

        improved user experience

        Nickis

        persistant_basket

        1 year

        improved user experience

        Nickis

        server_allocation

        20 years

        Routing A/B testing

        Nickis

        sid

        browser session

        Analysis for ad placement

        Google

        sid_key

        browser session

        Analysis for ad placement

        Google

        size_iso

        1 month

        improved user experience

        Nickis

        visited

        1 year

        Webanalyse

        Nickis