Politique de confidentialité
Thank you for your interest in our website. Protecting your privacy is very important to us. This privacy policy explains how we, TASCHEN, process personal data collected in connection with the use of our website and online store.
Controller
The
controller for the data processing described below is the entity named in the
imprint.
Storage
of usage data in server log files
When you
visit our websites, so-called usage data is temporarily stored on our web
server and analyzed for statistical purposes in order to improve the quality of
our websites. We only process the following information about you:
- Browser type and version
- Operating system
- Website from which you visit us (referrer URL)
- Date and time of access
- IP address of the requesting computer, which is shortened in such a way that it can no longer be linked to a person
- Amount of data transferred
- Access status (files transferred, file not found, etc.)
- Name of the requested file
- The requesting provider
- The aforementioned protocol data is only evaluated anonymously.
The legal basis for the processing of usage data is Art. 6 (1) (1) (f) GDPR. The processing is carried out in the legitimate interest of providing the contents of the website and ensuring a device- and browser-optimized presentation.
Data
security
We take
technical and organizational measures to protect your data from unwanted access
as comprehensively as possible. We use an encryption method on our websites.
Your information is transmitted from your computer to our server and vice versa
over the internet using TLS encryption. You can usually recognize this by the
closed padlock symbol in the address bar of your browser and the address bar
starting with https://.
Creating
a customer account
You have
the option of creating a customer account on our website. We process your email
address as part of the registration for your customer account.
The data
required for registration is processed on the basis of Art. 6 para. 1 sentence
1 lit. b GDPR. If you provide further information about yourself, this is done
voluntarily. The processing of this data is then carried out on the basis of
your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can
revoke your consent at any time with effect for the future by sending a message
to contact@taschen.com.
You can
delete your customer account at any time by sending a message to
contact@taschen.com.
Processing
of orders
When you
order something from TASCHEN, we collect your data in order to register and
process orders, deliver products, process payments and communicate with you
regarding your orders and our products and services.
This may
include the following information:
- First
and last name
- Order
number
- Details
of the items purchased (designation, purchase price, etc.)
- Information
on the payment method
- Delivery
and billing addresses
- Messages
and communications related to purchases (e.g. complaints, messages to customer
service)
- Delivery
and payment status
- Return
status
- Information from service providers involved in the execution of the contract (e.g. shipment numbers from parcel service providers)
When you place an order via your customer account, we process the data collected during registration for the purpose of contract and payment processing.
The data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR.
Data
transfer for the fulfillment of the contract
To fulfill
the contract, we pass on your data to the shipping company commissioned with
the delivery. Depending on which payment service provider you select in the
ordering process (e.g. PayPal, Klarna), we pass on the payment data collected
for this purpose to the credit institution commissioned with the payment and,
if applicable, to payment service providers commissioned by us to process
payments. In some cases, the selected payment service providers also collect
this data themselves if you create an account there. In this case, you must log
in to the payment service provider with your access data during the ordering
process. The privacy policy of the respective payment service provider applies
in this respect.
Contact
You can
contact us by email, using an online contact form or by letter.
An online contact form is available on the website and can be used for electronic contact. To use our contact form, we require the following mandatory information from you: your email address, your name and the country in which you live.
We use this data on the basis of Art. 6 (1) (1) (f) GDPR to answer your enquiry.
Beyond that, you can decide for yourself whether you wish to provide us with further information. This information is provided voluntarily and is not absolutely necessary for us to contact you. We process the information you provide voluntarily on the basis of your consent in accordance with Art. 6 (1) 1 lit. a GDPR.
Your data will only be processed to answer your request. We will delete your data if it is no longer required and there are no legal obligations to retain it.
Insofar as your data transmitted via the contact form is processed on the basis of Art. 6 (1) sentence 1 lit. b or Art. 6 (1) sentence 1 lit. f GDPR, you can object to the processing at any time. In addition, you can revoke your consent to the processing of voluntary information at any time. To do so, please contact contact@taschen.com.
The data will be used solely for the purpose for which you have provided it to us (e.g. processing of inquiries, customer administration, etc.). It will not be transferred to third parties unless this is absolutely necessary for processing your request.
Event
registration
When you
register for our events, we collect and process the following personal data:
first name, last name, email address.
We use your data exclusively to process and confirm your registration for the event and to send you information about the event (e.g. changes, schedule). We delete your data if it is no longer required and there are no legal obligations to retain it.
We process this data on the basis of Art. 6 (1) sentence 1 b) and Art. 6 (1) sentence 1 f) GDPR.
Applications
in response to our job ads
If you
apply for a job using our online application form, the personal data you
provide (such as name, email address, CV, cover letter, etc.) will be collected
and processed for the purpose of processing your application.
Your personal data is processed solely for the purpose of conducting the application process. The legal basis for the processing of this data is § 26 (1) sentence 1 BDSG and Art. 6 (1) point b GDPR, as the data is required for the decision on the establishment of an employment relationship. Data processing for other purposes does not take place.
Your information will be treated confidentially in our company. We use the strictly instruction-bound service provider Personio SE & Co. KG as an order processor for applicant management, with whom an agreement in accordance with Art. 28 GDPR has been concluded. Beyond that, your data will not be passed on. If an employment contract is concluded after the application process, we will store the data from your application that is required for the execution of your employment relationship. The legal basis for this processing is § 26 para. 1 sentence 1 BDSG and Art. 6 para. 1 lit. b GDPR. If your application is unsuccessful, your documents will be deleted after 180 days. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR. The processing up to the deletion takes place in our legitimate interest to be able to defend ourselves against any complaints regarding the application. We only process the personal data that you provide to us as part of the application process.
This does not apply if you expressly consent to a longer storage of your data (applicant pool). On the basis of your consent, your data will then be processed for a period of several years so that we can also consider your application for other or future job openings. The legal basis for the storage of the application documents and for contacting you in the event of a suitable vacancy is Art. 6 (1) point a GDPR and Sec. 26 (2) BDSG. You can withdraw your consent at any time with effect for the future. To do so, please contact contact@taschen.com.
Further information on Personio's privacy policy: https://www.personio.de/datenschutzerklaerung/
Registering
for the e-mail newsletter
If you
register for our e-mail newsletter, we will regularly send you information
about our products. The only information required to send the newsletter is
your e-mail address. The provision of further data is voluntary and is used to
address you personally.
We will only send you the newsletter if you have given us your express consent to do so in accordance with Article 6 (1) sentence 1 point (a) GDPR. After placing an order, you will receive a confirmation email at the email address you provided (so-called double opt-in). You can revoke your consent at any time. You can easily revoke your consent via the link provided in the newsletter. Once you have unsubscribed, your e-mail address will be immediately deleted from our newsletter distribution list.
We use the strictly instruction-bound processor June Online Marketing GmbH to send our newsletter. Your data will be transmitted to June and processed by June on our behalf in accordance with Art. 28 GDPR.
As part of the newsletter registration process, we store further data in addition to those already mentioned, insofar as these are necessary to enable us to prove that you have ordered our newsletter. This may include the storage of the complete IP address at the time of ordering or confirming the newsletter, as well as a copy of the confirmation e-mail sent by us. The corresponding data processing is carried out on the basis of Art. 6 Para. 1 S. 1 lit. f GDPR and in the legitimate interest of being able to account for the legality of sending the newsletter.
Further information on June's data protection policy: https://juneapp.com/imprint/
Use of
data for e-mail advertising without newsletter registration
If we
receive your e-mail address in connection with the sale of a product or service
and you have not objected to this, we reserve the right to send you regular
information about products from our range by e-mail.
The use is based on Art. 6 para. 1 sentence 1 lit. f GDPR and in the interest of promoting the sale of our goods or services. You can revoke your consent at any time by sending a message to contact@taschen.com. An uncomplicated option for revocation can be obtained via the designated link in the newsletter. After you have successfully unsubscribed, your e-mail address will be immediately deleted from our newsletter mailing list.
Necessary
cookies
We use
cookies on our pages to optimize the user-friendliness of our website. These
are small text files that are stored on the respective end device and can be
read. Information is stored in the cookie that results in each case in
connection with the specifically used end device. A distinction is made between
session cookies, which are deleted again as soon as you close your browser, and
permanent cookies, which are stored beyond the individual session. In some
cases, these cookies only contain information about certain settings and cannot
be linked to a particular person. They may also be necessary to enable user
guidance, security and implementation of the site. These cookies are referred
to as essential or functional cookies.
These cookies are automatically deleted after a defined period of time. We use these cookies on the basis of our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO.
You can set your browser to notify you when cookies are placed. In addition, you can delete cookies at any time via the corresponding browser setting and prevent new cookies from being placed. Please note that our web pages may then not be fully displayed and some functions may no longer be technically available.
You can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely disabling cookies may mean that you cannot use all the features of our website.
Here you can view your personal cookie settings and change them if necessary.
Consent
banner
We use a
consent management platform (cookie banner) on our websites. The processing in
connection with the use of the consent management platform and the logging of
the settings you have made is carried out on the basis of Art. 6 (1) (1) (f)
GDPR, in our legitimate interest in displaying our content according to your
preferences and to be able to prove the consent(s) you have given. The settings
you have made, the associated consents granted and parts of your usage data are
stored in a cookie. This ensures that it is retained for subsequent page
requests and that your consents can continue to be tracked. Further information
can be found under the heading “required cookies”.
Cookiebot,
the provider of the consent management platform, works for us as a service
provider (processor). A data processing agreement in accordance with Art. 28
GDPR has been agreed.
Further information on Cookiebot's data protection policy: https://www.cookiebot.com/en/privacy-policy/
Google
Analytics
Our website
uses Google Analytics, a web analysis service provided by Google Inc. Google
Analytics creates user profiles based on pseudonyms. To do this, permanent
cookies are stored on your end device and read by us. This enables us to
recognize returning visitors and count them as such.
As part of the Google Analytics service, Google Ireland Limited supports us as a processor in accordance with Art. 28 GDPR. Data processing may also be carried out by Google outside the EU or EEA (in particular in the USA). With regard to Google, an adequate level of data protection is guaranteed by the adequacy decision (EU-U.S. Data Privacy Framework). Google is also committed to concluding standard contractual clauses with other sub-processors.
Data processing is carried out on the basis of your consent in accordance with Article 6 (1) (1) (a) GDPR and Section 25 (1) TDDDG, provided that you have given your consent via our banner. You can view and, if necessary, change your personal cookie settings here.
Further information on Google's privacy policy: https://policies.google.com/privacy
Hotjar
We use
Hotjar to better understand user behavior on our website and to optimize our
website. Hotjar is a service that uses various technologies for data collection
and analysis, such as cookies and JavaScript code.
With the
help of Hotjar, we collect the following data:
- Technical data: This includes the IP address
(in anonymized form), device and browser information, operating system,
geographical location (at country level), preferred language for
displaying our website.
- Behavioral data: We record mouse movements,
clicks, scrolling behavior and the keystrokes you make on our website.
The data collected by Hotjar is stored on Hotjar's servers in the United States.
As part of the Hotjar service, Hotjar Limited Malta supports us as a processor in accordance with Art. 28 GDPR.
Data processing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, provided that you have given your consent via our banner. You can revoke your consent at any time. To do this, access the cookie banner under “Consent Banner” and make the appropriate settings.
Further information on Hotjar's data protection policy: https://www.hotjar.com/legal/policies/privacy
Criteo
Our online
shop uses the services of Criteo SA (France), a technology company for online
advertising. Criteo enables us to show you personalized product recommendations
when you visit other websites. For this purpose, cookies are stored on your end
device.
The data we share with Criteo is used to show you customized advertising for products that may interest you. This is done based on your previous surfing behavior on our website.
We share information with Criteo about your visits to our website, such as the pages visited, products viewed and purchases made. Criteo receives information about the device you are using (e.g. computer, smartphone) and your browser.
The data processing is carried out on the basis of your consent in accordance with Art. 6 (1) 1 lit. a GDPR, provided that you have given your consent via our banner.
Further information on Criteo's data protection policy: https://www.criteo.com/privacy
Matomo
Statistics
We use the
open-source web analysis tool Matomo on our website. Matomo is a service
provided by InnoCraft Limited (New Zealand) and creates user profiles based on
pseudonyms. To do this, permanent cookies are stored on your end device and
read by us. This enables us to recognize returning visitors and count them as
such.
The data collected is used exclusively for statistical purposes and helps us to analyze the use of our website, identify and correct errors, and adapt our offer to the needs of our visitors.
The data processing is carried out on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR and § 25 para. 1 TDDDG, provided that you have given your consent via our banner.
Further information on Matomo's privacy policy: https://matomo.org/privacy-policy/
YouTube
We embed
YouTube videos on our website that are not stored on our servers. YouTube is a
service of Google LLC, a company based in the United States. By embedding
YouTube videos, data about your visit to our website is transmitted to Google.
Even if you do not have a YouTube account or are not logged in to YouTube, data
may be collected. This includes, for example: IP address, pages visited, time
spent on the site.
To prevent the content of the third-party provider from being automatically reloaded when you visit our website with embedded videos, we initially only display locally stored preview images of the videos. This means that the third-party provider does not receive any information.
Only after you click on the preview image will content from the third-party provider be loaded. This provides the third-party provider with the information that you have accessed our site, as well as the usage data that is technically necessary in this context. In addition, the third-party provider is then able to implement tracking technologies. We have no influence over further data processing by the third-party provider. By clicking on the preview image, you give us permission to load content from the third-party provider.
The embedding is carried out on the basis of your consent in accordance with Article 6 (1) (1) (a) GDPR, provided that you have given your consent by clicking on the preview image.
Further information on YouTube's data protection policy: https://policies.google.com/privacy
Tracking
technologies from third-party providers for advertising purposes
We use
cross-device tracking technologies so that targeted advertising can be
displayed to you on other websites based on your visit to our websites and so
that we can see how effective our advertising measures were.
The data processing is carried out on the basis of your consent, provided that you have given your consent via our banner. Your consent is voluntary and can be withdrawn at any time.
How does
tracking work?
When you
visit our websites, it is possible that the third-party providers mentioned
below may retrieve recognition features for your browser or end device (e.g. a
browser fingerprint), evaluate your IP address, store or read recognition
features on your end device (e.g. cookies) or gain access to individual
tracking pixels.
Pixels are small image files that collect information about your use of our website. This data helps us to personalize our advertising and improve the content of our website.
The individual features can be used by the third-party providers to recognize your end device on other websites. We can commission the relevant third-party providers to place advertising that is based on the pages you visit on our site.
What
does cross-device tracking mean?
If you
register with a third-party provider using your own user data, the respective
recognition features of different browsers and end devices can be linked. This
means that if the third-party provider has created a separate feature for the
laptop, desktop PC, smartphone or tablet you are using, these individual
features can be assigned to each other as soon as you use a third-party
provider service with your login data. This also allows the third-party
provider to manage our advertising campaigns in a targeted manner across
different end devices.
Which
third-party providers do we use in this context?
Below, we
list the third-party providers with whom we work for advertising purposes.
For transfers to the USA, an adequate level of data protection is guaranteed by the provider's certification under the adequacy decision (EU-U.S. Data Privacy Framework).
A data processing agreement in accordance with Art. 28 GDPR has been concluded with each of the service providers listed below.
Tool | Provider |
Google
Ads |
Google
Ireland Limited / Google LLC |
Bing
Ads |
Microsoft Ireland Operations,
Ltd./ Microsoft Corporation |
Meta pixel (formerly Facebook pixel) |
Meta Platforms, Ireland Limited
/Meta Platforms Inc. |
Reddit pixel |
Reddit
Ireland Limited / Reddit Inc. |
X
Metapixel |
Twitter
International Unlimited Company / X Corp. |
TikTok
We use the
TikTok pixel on our website. The TikTok pixel is a code snippet that allows us
to analyze the use of our website and optimize our marketing efforts on TikTok.
The following data, among other things, is collected by the TikTok pixel: your IP address, information about your device and browser, your behavior on our website (e.g., pages visited, links clicked).
The data collected is used by us and TikTok Technology Limited (Ireland) to: analyze your interests and display personalized advertising on TikTok, measure the effectiveness of our advertising campaigns, and optimize our website and marketing efforts.
The use and the associated processing of the TikTok pixel is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, provided that you have given your consent via our banner.
The processing is carried out in joint responsibility in accordance with Art. 26 GDPR.
Further
information on data protection at TikTok can be found in TikTok's privacy
policy:
https://www.tiktok.com/legal/page/eea/privacy-policy/en
Pinterest
We use the
Pinterest metapixel on our website to make our marketing campaigns more
effective. The metapixel collects information about your visits to our website,
such as the pages visited and actions taken. This data is transmitted to
Pinterest in encrypted form and linked to your Pinterest account (if you have
one). Based on this information, we can display personalized advertising on
Pinterest.
The use and the associated processing of the Pinterest metapixel is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, provided that you have given your consent via our banner.
The processing is carried out under joint responsibility in accordance with Art. 26 GDPR.
The data
collected by Pinterest Europe Ltd. is subject to Pinterest's privacy policy.
Further information on data protection at Pinterest:
https://help.pinterest.com/en/topics/privacy-safety-and-legal
Affiliate
program
We offer an
affiliate program operated through the marketing networks of Rakuten
Advertising and AWIN. If you participate in this program, your personal
information (such as name, email address, website URL, and possibly other
information required to participate) will be shared with Rakuten Advertising or
AWIN. This data is used by Rakuten Advertising or AWIN to manage participation
in the program, to calculate and pay your commissions, and to send you relevant
information about the program. Your data is processed by Rakuten Advertising
and AWIN in accordance with their privacy policies.
The legal basis for the processing of your data is Art. 6 Para. 1 S. 1 lit. b GDPR (fulfillment of contract).
Rakuten Advertising, Schönhauser Allee 112, 10439 Berlin
https://rakutenadvertising.com/de-de/rechtliche-hinweise/
AWIN AG, Otto-Ostrowski-Straße 1A 10249 Berlin
https://www.awin.com/de/datenschutzerklarung
Other
processors
We pass on
your data to service providers who support us in operating our websites and the
associated processes as part of order processing in accordance with Art. 28
GDPR. These are, for example, hosting service providers. Our service providers
are strictly bound by our instructions and are contractually bound to us.
In the following, we will name the processors we work with if we have not already done so in the above text of the data protection declaration. If data is processed outside the EU or the EEA in this context, we will inform you of this in the following table.
Processor | Purpose | Adequate level of data protection |
Salesforce | Web hosting and support | For
transfers to the USA, an adequate level of data protection is guaranteed by the
provider's certification under the adequacy decision (EU-U.S. Data Privacy
Framework). |
Zendesk,
Inc. |
Management
system for customer service |
For
transfers to the USA, an adequate level of data protection is guaranteed by the
provider's certification under the adequacy decision (EU-U.S. Data Privacy
Framework). |
Shopify
Inc. |
E-commerce
software for online shops |
Adequacy decision |
Typeform S.L |
Form tool |
EU standard
contractual clauses (SCCs) and appropriate measures have been taken. |
Storage
period of your data
If we have
not already informed you in detail about the storage period, we will delete
personal data if it is no longer required for the aforementioned processing
purposes and no legitimate interests or other (legal) reasons for storage
prevent deletion.
Right of access and contact
You have
the right to request information free of charge about the personal data we have
stored about you (Art. 15 para. 1 GDPR). In addition, you have the right to
correction (Art. 16 GDPR), deletion (Art. 17 GDPR) and restriction of
processing (Art. 18 GDPR) of your personal data if the legal requirements are
met, as well as the right to data portability (Art. 20 GDPR).
You have the right to revoke your consent at any time with effect for the future if the data is processed on the basis of Art. 6 (1) (1) (a) or Art. 9 (2) (a) GDPR. Please address the revocation to: contact@taschen.com.
You have the right, in accordance with Art. 21 GDPR, to object to the data processing if the data is processed on the basis of Art. 6 (1) sentence 1 lit. e or f GDPR. Please address the objection to: contact@taschen.com.
You also have the right to lodge a complaint with a data protection supervisory authority. The competent data protection supervisory authority is that of the federal state in which you live or in which the data controller is based or in which the data protection violation occurred.
You can contact our data protection officer at datenschutz süd GmbH, Wörthstraße 15, 97082 Würzburg, email: office@datenschutz-sued.de, website: https://www.dsn-group.de/.
If you have any questions about data protection or wish to contact us quickly, please write to us at contact@taschen.com.
We reserve the right to amend this data protection declaration in accordance with the applicable data protection regulations.