data protection

Data protection

Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data has no consequences. This only applies if no other information is provided in the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.


Server log files
You can visit our websites without providing any personal information.
Every time you access our website, usage data is transmitted to us or our web host/IT service provider through your Internet browser and stored in protocol data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offering.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Contact

Responsible
Please contact us if you wish. The person responsible for data processing is: Justin Moser, 24568 Kaltenkirchen Germany, 015167971945, info@vitalitypeak.de

Customer contact via email
If you initiate business contact with us by email, we will only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves to process and answer your contact request.
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves the purpose of establishing contact.
If the contact is for the purpose of carrying out pre-contractual measures (e.g. advice in the event of a purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Paragraph 1 Letter b GDPR. If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Paragraph 1 Letter f GDPR out of our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Paragraph 1 Letter f GDPR at any time for reasons arising from your particular situation. We only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

Orders


Collection, processing and transfer of personal data when placing orders
When you place an order, we only collect and process your personal data to the extent that this is necessary to fulfil and process your order and to process your enquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide the data means that no contract can be concluded. The processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR and is necessary for the fulfilment of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have chosen, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly adhere to the legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Advertising

Use of the email address for sending newsletters
We use your email address, regardless of the contract processing, exclusively for our own advertising purposes to send newsletters, provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.

Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; "Klaviyo") to send the newsletter as part of order processing.
We pass on the information you provide when registering for the newsletter (email address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as IP address, browser type and device, and the time. Usage profiles can be created from this data under a pseudonym. The data collected is not used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transferred to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in a targeted, promotionally effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
For more information about data protection at Klaviyo, please visit https://www.klaviyo.com/legal/privacy-notice (https://www.klaviyo.com/legal/privacy-notice) and https://www.klaviyo.com/legal/data-processing-agreement (https://www.klaviyo.com/legal/data-processing-agreement).

Payment service provider credit report


Using Klarna payment options
We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna") on our website. By selecting and using payment via Klarna, the data required for payment processing will be transmitted to Klarna in order to be able to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

Cookies may be stored here that enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 Paragraph 1 Letter f of GDPR due to our overriding legitimate interest in offering a customer-oriented range of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.

"Pay Later" (invoice), "Pay Now" (payment by direct debit), "Financing" (installment purchase)
For individual payment methods such as "Pay Later" (invoice), "Pay Now" (payment by direct debit), "Financing" (installment purchase), Klarna reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies.
For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, email address, IP address and data related to the order, to a credit agency for the purpose of identity and credit checks and uses the information received on the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values ​​(score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Klarna makes advance payments. You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time by notifying Klarna, for reasons arising from your particular situation. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have chosen.
Further information, in particular to which credit agencies Klarna passes on your personal data, can be found for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies) and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies)
General information about Klarna can be found for Germany at: https://www.klarna.com/de/ (https://www.klarna.com/de/) and for Austria at https://www.klarna.com/at/ (https://www.klarna.com/at/). Your personal data will be treated by Klarna in accordance with the applicable data protection regulations and in accordance with the information in Klarna's data protection regulations for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy) and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy).

Using SOFORT
We use the payment service provider SOFORT GmbH (Theresienhöhe 12, 80339 Munich, Germany; "SOFORT") to process payments on our website. Sofort GmbH is a company of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The data processing serves the purpose of being able to offer you various payment methods by processing payments via the payment service provider SOFORT. If you have chosen the payment option, the data required for payment processing will be transmitted to SOFORT. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider SOFORT can be found at https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ (https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/) and https://www.klarna.com/sofort/ (https://www.klarna.com/sofort/).


Cookies

Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is visited again.

Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the cookies from being stored and the data they contain from being transmitted. Cookies that have already been stored can be deleted at any time. However, we would like to point out that you may then not be able to use all of the functions of this website to their full extent.

The links below will tell you how to manage (including deactivate) cookies in the most important browsers:
Chrome: https://support.google.com/accounts/answer/61416?hl=en (https://support.google.com/accounts/answer/61416?hl=en)
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09 (https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09)
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen (https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen)
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac (https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac)

Technically necessary cookies
Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies for the purpose of making our service more user-friendly, effective and secure. Cookies also enable our systems to recognize your browser even after you change pages and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after you change pages.

The use of cookies or similar technologies is based on Section 25 Paragraph 2 TTDSG. The processing of your personal data is based on Art. 6 Paragraph 1 Letter f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offering.
You have the right to object to the processing of personal data concerning you at any time for reasons related to your particular situation.

Use of GDPR cookie management
We use the GDPR cookie management of iSense LLC (855 W Maude Ave, Mountain View, CA 94043, USA; "iSenseLabs") on our website.
The service enables you to give consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw consents already given. The data processing serves the purpose of obtaining and documenting the necessary consents to data processing and thus complying with legal obligations. Cookies are used for this purpose to save your consent status.
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). iSenseLabs is not certified according to the TADPF.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 (1) lit. c GDPR.
For more information about data protection at iSenseLabs Next, please visit: https://isenselabs.com/pages/privacypolicy (https://isenselabs.com/pages/privacypolicy)

Advertising tracking



Using the Meta Pixel
We use the meta pixel of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are jointly responsible for the collection of your data when the service is integrated and for the transmission of this data to Meta. The basis for this is an agreement between us and Meta on the joint processing of personal data, in which the respective responsibilities are defined. The agreement can be accessed at https://de-de.facebook.com/legal/terms/businesstools (https://de-de.facebook.com/legal/terms/businesstools). According to this, we are particularly responsible for fulfilling the information obligations in accordance with Art. 13 and 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33 and 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the agreement on joint processing. Meta is responsible for enabling the rights of data subjects in accordance with Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects Meta's obligations under the joint processing agreement.
The purpose of the application is to target website visitors with interest-based advertising on the social networks Facebook and Instagram. For this purpose, the Meta remarketing tag has been implemented on the website. This tag establishes a direct connection to the Meta servers when you visit the website. This transmits to the Meta server which of our pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalized, interest-based ads.
The application also serves the purpose of creating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag, as well as which actions were taken after being redirected to this website. However, we do not receive any information that can be used to personally identify users.
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
You can deactivate the "Custom Audiences" remarketing function here. For more information about the collection and use of data by Meta, your rights in this regard and options for protecting your privacy, please see Meta's privacy policy at https://www.facebook.com/about/privacy/ (https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0).

Use of Google Ads Conversion Tracking
We use the online advertising program "Google Ads" on our website and, as part of this, conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. This means that there is no way that cookies can be tracked across Ads customers' websites.
The information collected using the conversion cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.

Your data may be transferred to the servers of Google LLC in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information and Google’s privacy policy can be found at: https://www.google.de/policies/privacy/ (https://www.google.de/policies/privacy/)
Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The data processing serves the purpose of renting advertising space on the website and targeting website visitors with interest-based advertising. This function enables visitors to the provider's website to be shown personalized, interest-based advertising from the Google Display Network. Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. Google may transfer this information to third parties if this is required by law or if third parties process this data on Google's behalf. Under no circumstances will Google associate your IP address with other Google data.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information and Google’s privacy policy can be found at: https://www.google.com/policies/technologies/ads/ (https://www.google.com/policies/technologies/ads/) and https://www.google.de/policies/privacy/ (https://www.google.de/policies/privacy/)

Using TikTok Pixel
We use the TikTok pixel from TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; "TikTok Ireland") and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; "TikTok UK") on our website. Both companies are jointly responsible for data processing (hereinafter "TikTok").
The data processing serves the purpose of identifying and analyzing our customers' website access, as well as to better address customers by placing targeted advertisements and evaluating the effectiveness of advertisements on TikTok. To do this, TikTok uses technologies such as cookies and pixels that enable your browser to be recognized. The following information, among others, can be collected and sent to TikTok: date and time of the visit, information about the browser and device type you use, screen resolution, IP address. TikTok can assign this information to your personal TikTok user account. Usage profiles can be created from the data collected in this way using pseudonyms. However, this does not allow users to be personally identified.
Your data may be transferred to third countries, such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified according to the TADPF. Data transfer to the USA and to third countries without an adequacy decision is based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de).
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection can be found at https://www.tiktok.com/legal/new-privacy-policy?lang=de-DE (https://www.tiktok.com/legal/new-privacy-policy?lang=de-DE) and https://ads.tiktok.com/i18n/official/policy/controller-to-controller (https://ads.tiktok.com/i18n/official/policy/controller-to-controller).


Plug-ins and Others