Save up to 20%* from €79 with the code spring26
  • Free shipping from 40€
  • Trusted Shops Buyer Protection
  • 30 days return policy
  • Fast shipping
Go to homepage
Wishlist
Shopping cart

Koffer24 GmbH’s Privacy Policy for Direct Data Collection (Article 13 of the GDPR)

I. Scope

This privacy policy applies to the website of Koffer24 GmbH (www.koffer24.de). In this policy, we aim to explain to you in a clear, transparent and concise manner how your personal data is processed in connection with your visit to and use of our website.

The following descriptions of data processing, the associated rights and obligations, and in particular the restrictions on the scope of data processing, each set out what applies within the scope of the GDPR.

II. Name and address of the data controller

We, Koffer24 GmbH, are the controller within the meaning of Article 4(7) of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), as well as other data protection regulations, for our website (www.koffer24.de) and the associated data processing. Comprehensive details of our company can be found in the legal notice.


Contact person: Claus Kreitmeier

Koffer24 GmbH
Mauerberg 25
86152 Augsburg

E-Mail:
mail@koffer24.de Website: www.koffer24.de

(hereinafter referred to as “Koffer24 GmbH”)

III. Data Protection Officer

You can contact our Data Protection Officer using the following details:

Data Protection Officer of the company

c/o IT LAW AND ORDER UG (limited liability)
Sterzinger Straße 3
D-86165 Augsburg

Tel.: +49 (0) 821 6660 6600
Email: datenschutz@koffer24.de


IV. Hosting

The web server for the operation of our website is technically operated by the IT service provider Hetzner Online GmbH:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany


V. Provision of the website and log files

1. Description and scope of data processing

Every time you visit our website, you transmit data to our web server via your internet browser (due to technical necessity). During an active connection for communication, our system automatically records information from the system of the user’s computer or end device.

We collect the following data in this process:

  • Information about the web browser and the version used
  • the operating system of the user’s device
  • the user’s internet service provider
  • the user’s IP address
  • the previous website from which the user accessed our website (so-called referrer URL)
  • Date and time of the access request
  • Name of the requested file
  • Amount of data transferred

2. Legal basis for data processing

The legal basis for the temporary storage of this data and the log files is Article 6(1)(f) of the GDPR (legitimate interests of us as the responsible website operator).

3. Purpose of data processing

The temporary storage of the user’s IP address by our system is necessary to enable the website to be delivered to the user’s computer. To this end, the user’s IP address must necessarily be stored for the duration of the session. The storage of the aforementioned data in the log files is carried out to ensure the functionality of our website. Furthermore, this data helps us to optimise the website and to ensure the security of our IT systems (e.g. for attack detection). No analysis of the data for marketing purposes takes place in this context.

4. Duration of storage

The data mentioned above is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of data collected for the purpose of providing the website, this is the case once the respective session has ended. In the case of data stored in log files, this is the case after 60 days at the latest. Storage beyond this period is possible. In this case, we will delete or anonymise the user’s IP address so that it is no longer possible to identify the client making the request and the data contained therein no longer relates to any specific individual.

VI. Contact form and email contact

1. Description and scope of data processing

You can contact us via our contact form and the email address provided: mail@Koffer24.de. In this case, the personal data of the sender (i.e. the user) transmitted with the enquiry will be stored. The sender’s first name, surname and email address are defined as mandatory fields. Other form fields are optional.

2. Legal basis for data processing

The legal basis for the processing of this data, which is transmitted when an enquiry is sent, is Article 6(1)(f) of the GDPR (legitimate interests of us as the controller). If the enquiry is aimed at concluding a contract, the additional legal basis for processing is Article 6(1)(b) of the GDPR (performance of a contract).

3. Purpose of data processing

We process this personal data solely for the purpose of handling your enquiry.

4. Duration of storage

The data mentioned above will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For personal data sent by email or via the contact form, this is the case once the relevant conversation with the user has ended. The conversation is deemed to have ended when it is clear from the circumstances that the matter in question has been conclusively resolved.

5. Right to object

The user has the right to object to the processing of their data at any time. The objection must be sent to the following email address: datenschutz@Koffer24.de. In this case, all personal data stored in the course of the contact will be deleted.

VII. Search

1. Description and scope of data processing

We aim to continuously improve our search function. For this reason, in compliance with legal guidelines, we process pseudonymised usage data which allows us to determine at a later stage whether our users were able to navigate our online portal effectively and what improvements may be required.

2. Legal basis

The legal basis for this data processing is Article 6(1)(f) of the GDPR.

3. Categories and origin of personal data

Our search function automatically collects usage data, such as search queries, IP addresses and anonymous web browser data.

4. Duration of storage

We generally store the pseudonymised usage data relating to the Koffer24 GmbH search for 7 days, up to a maximum of 21 days.

5. Transfer to third parties or abroad

The Koffer24 GmbH search function only accesses internal company data stored on a server located in Germany. No data is transferred abroad for the purposes of the search.

VIII. Use of cookies

Our website uses cookies.

1. Description and scope of data processing

When you visit individual pages on our website, so-called “session cookies” are used to facilitate navigation.

Cookies are small text files that are stored in your computer’s browser directory and enable recognition, but do not allow for personal identification. They serve to make our website more user-friendly, effective and secure.

Example:

  • Tracking your movements on the website
  • Helping you to continue where you left off
  • Remembering your login details
  • Setting your preferences and other personalisation features

“Session cookies” therefore do not contain any personal data.

2. Legal basis

The legal basis for this data processing is Article 6(1)(f) of the GDPR.

3. Purpose of data processing

The purpose is to carry out the electronic communication process or to provide certain functions requested by you (e.g. the shopping basket function).

Furthermore, a cookie is required for web analytics (using previously anonymised IP addresses). This means that, with the help of the cookie file, we as the operator can track your movements on our website and obtain information that you may have voluntarily provided during your visit. The use of cookies is necessary to achieve our legitimate interests in the technically fault-free and optimised provision of our services.

Where other cookies (e.g. cookies for analysing your browsing behaviour) are stored, these are dealt with separately in this privacy policy

4. Preventing the storage of cookies

You can generally prevent cookies from being stored on your hard drive by selecting “do not accept cookies” in your browser settings. You can also set your browser to ask for your consent before cookies are set. Finally, you can delete cookies that have already been set at any time.

For instructions on how to do this, please refer to your browser manufacturer’s documentation or the following guide: www.meine-cookies.org/cookies_verwalten/index.html

If you do not accept cookies, this may, in some cases, lead to functional restrictions on the website.

5. Duration

“Session cookies” expire at the end of the session, i.e. they are automatically deleted once you have finished your visit.

Other cookies, known as persistent cookies, remain stored on your device until you delete them. These cookies enable us to recognise your browser on your next visit. They remain valid for our website for 12 months and are automatically deleted upon expiry.

IX. Technologies used

Google Analytics

1. Description and scope of data processing

We use the Google Analytics tracking tool on our website.

In Google Analytics, user interactions on our website are primarily recorded and systematically analysed using cookies. When specific sections of our website are accessed, the following data is stored:

  • three bytes of the IP address of the user’s accessing system (anonymised IP address),
  • the website accessed,
  • the website from which the user accessed the page on our website,
  • the subpages accessed from the page visited,
  • the length of time spent on the website,
  • the frequency of visits to the website

The software is configured so that IP addresses are not stored in full; instead, the last octet of the IP address is masked (e.g. 192.168.79.***). In this way, it is no longer possible to link the truncated IP address to the user’s computer or end device.

2. Legal basis for data processing

The legal basis for the processing of users’ personal data is Article 6(1)(a) of the GDPR (consent).

3. Purpose of data processing

The processing of the user’s personal data using Google Analytics enables us to analyse our users’ browsing behaviour. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness.

4. Duration of storage

The data stored through tracking is deleted as soon as it is no longer required for our record-keeping purposes. In our case, this is after twelve months. The processing of the user’s personal data using Google Analytics enables us to analyse our users’ browsing behaviour. By analysing the data collected, we are able to compile information on the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness.

5. Right to object

By using a browser add-on to disable Google Analytics JavaScripts (ga.js, analytics.js, dc.js), the user can prevent Google Analytics from using their data on our website. If the user wishes to deactivate Google Analytics, they can download and install the add-on for their own web browser. The add-on for deactivating Google Analytics is compatible with the current versions of Chrome, Internet Explorer, Safari, Firefox and Opera. For the add-on to work, it must be loaded and run correctly in the browser. For Internet Explorer, third-party cookies must also be enabled. Interested users can find further information at the following link:https://tools.google.com/dlpage/gaoptout?hl=de

FAST Tracking

1. General scope and description of data processing

We use FAST to correctly attribute the success of an advertising medium. The data is automatically deleted after 90 days. No profiling takes place. FAST uses a unique key that third parties cannot attribute, meaning users cannot be traced. Personalised advertising is not possible with FAST.

FAST establishes a link between a click on an advertising medium, e.g. an advertisement, and an action, e.g. a purchase or a sign-up or registration.

The information transmitted to us serves solely the purpose of correctly attributing the success of an advertising medium and the corresponding billing.

FAST does not store any cookies or cookie-like data on your device.

When generating the device fingerprint, only non-personal parameters are combined (browser settings, time zone, CPU class, colour depth, browser language, etc.).


2. Scope and description of data processing when using Google Ads / Microsoft Ads

In the case of a campaign, the order number and the value of the shopping basket are usually also transmitted and stored by us for 90 days. Personal data such as name, telephone number or address is expressly not collected or stored.

In addition, the following values may be transmitted:

  • ID (sequential number)
  • ClickID
  • Time of purchase
  • Currency
  • Conversion name (shop order or lead)

Device fingerprint processing takes place on the respective customer’s server. Where integration is carried out via Google Tag Manager, device fingerprint processing takes place via the Smarketer Host-Europe server in Strasbourg.

Thanks to high security standards, such as an HTTPS connection, the conversion data is sent to our HOST-Europe server located in Strasbourg. The export file is transferred and the data (ClickID, conversion name, timestamp, order value, currency) is processed via Google Ads / Microsoft Ads on a US server.

The software is configured so that no profiling takes place.


3. Legal basis for the processing of personal data

The legal basis for the processing of the user’s data is Article 6(1)(f) of the GDPR.


4. Purposes of processing

The information transmitted to us serves exclusively the purpose of correctly attributing the success of an advertising medium and the corresponding billing, and is justified by our legitimate interests pursuant to Article 6(1)(f) of the GDPR.


5. Duration of storage

The data subject to the processing described here is automatically deleted after a maximum storage period of 90 days.


Controller:
Name: Smarketer GmbH
Postal address: Alte Jakobstraße 83/84, 10179 Berlin
Email: info@smarketer.de


6. Right to object and opt-out

You can prevent tracking by deactivating FAST tracking via an opt-out link on the relevant page.

X. Data security

We protect our website and other systems against the loss, destruction, unauthorised access, alteration or dissemination of your data by unauthorised persons through technical and organisational measures. In particular, your personal data is transmitted in encrypted form. We use the widely used SSL (Secure Socket Layer) protocol during your visit to the website. Unfortunately, however, the transmission of information over the internet is not completely secure, which is why we cannot guarantee the security of data transmitted to our website via the internet.

XI. No automated decision-making (including profiling)

We do not use fully automated decision-making in accordance with Article 22 of the GDPR to establish or carry out our business relationship with you, which produces legal effects concerning you or similarly significantly affects you.

XII. No data disclosure

We do not disclose your personal data to third parties unless you have consented to such disclosure or we are entitled or obliged to do so on the basis of statutory provisions and/or official or court orders. This may include, in particular, the provision of information for the purposes of criminal prosecution, to avert danger or to enforce intellectual property rights.

XIII. Rights of the data subject

As a user of our website, you have various rights under the GDPR:

  • Right of access
    You may request information (Art. 15 GDPR) regarding your personal data processed by us (Art. 15 GDPR). In your request for information, you should specify your enquiry to help us compile the necessary data. Please note that your right of access may be restricted under certain circumstances in accordance with statutory provisions (in particular Section 34 of the Federal Data Protection Act (BDSG) and Article 10 of the Bavarian Data Protection Act (BayDSG)).
  • Right to rectification
    If the information concerning you is no longer accurate, you may request rectification in accordance with Article 16 of the GDPR. If your data is incomplete, you may request that it be completed.
  • Right to erasure
    You may request the erasure of your personal data under the conditions set out in Article 17 of the GDPR. Your right to erasure depends, among other things, on whether the data concerning you is still required by us to fulfil our legal obligations.
  • Right to restriction of processing
    Under the provisions of Article 18 of the GDPR, you have the right to request a restriction on the processing of your personal data.
  • Right to data portability (Article 20 of the GDPR)
  • Right to object
    Under Article 21 of the GDPR, you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation. However, we may not always be able to comply with this, e.g. if we are required by law to process data in the course of performing our official duties.
  • Right to withdraw a declaration of consent at any time with effect for the future (Art. 7(3) GDPR);

Note on the withdrawal of consent

A data subject has the right to withdraw their declaration of consent under data protection law at any time. However, this does not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal.

  • Right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR)

Note on lodging a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, a data subject has the right to lodge a complaint with a supervisory authority – in particular in the Member State of the user’s place of residence, place of work or the place of the alleged infringement – if the user considers that our processing of their personal data infringes the GDPR.

The competent supervisory authority is the Bavarian State Office for Data Protection Supervision. www.lda.bayern.de

However, you may also lodge a complaint with the competent supervisory authority in your place of residence. Current addresses and contact details can be found at the following link: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

XIV. Definitions

Where a user’s personal data is processed, that user is a data subject within the meaning of the GDPR.

Personal data, as defined in Article 4 of the GDPR, is any information relating to an identified or identifiable natural person.

A person is identifiable if they can be identified directly or indirectly. This can be done by associating them with an identifier such as a name, an identification number, location data or an online identifier. Or by associating them with one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

A data subject is the person whose personal data is being processed, e.g. the website user or the sender of an email.

XV. Status and amendments to this privacy policy

This privacy policy is dated 1 May 2020.

Due to technical developments and/or changes in legal and/or regulatory requirements, it may become necessary to amend this privacy policy.

The current version of the privacy policy can be accessed at any time at www.koffer24.de/datenschutz.

XVI. Payments

We process your payment information for the purpose of payment processing, e.g. when you purchase a product and/or use a service via Koffer24 GmbH. Depending on the payment method, we may pass on your payment information to third parties (e.g. to your credit card provider in the case of credit card payments).

The legal basis for this data processing is Article 6(1)(a), Article 6(1)(b) and Article 6(1)(f) of the GDPR.

  • PayPal
    When paying via PayPal, credit card via PayPal, direct debit via PayPal or – where offered – “purchase on account” via PayPal, we pass on your payment details to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or – where offered – “purchase on account” via PayPal. PayPal uses the result of the credit check, which relates to the statistical probability of payment default, to decide whether to make the respective payment method available. The credit check may contain probability values (so-called score values). Where score values are included in the result of the credit check, these are based on a scientifically recognised mathematical-statistical method. The calculation of the score values includes, amongst other things, address data. For further information regarding data protection, including details of the credit reference agencies used, please refer to PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
  • Klarna
    On our website, we offer payment via Klarna’s services, amongst other options. The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Klarna”).

    Klarna offers various payment options (e.g. instalment purchases). If you choose to pay via Klarna (Klarna checkout solution), Klarna will collect various personal data from you. You can read more about this in Klarna’s privacy policy at the following link: https://www.klarna.com/de/datenschutz/.

    Klarna uses cookies to optimise the use of the Klarna checkout solution. The optimisation of the checkout solution constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. Cookies are small text files that are stored on your device and do not cause any harm. They remain on your device until you delete them. For details on the use of Klarna cookies, please refer to the following link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

    The transfer of your data to Klarna is based on Article 6(1)(a) of the GDPR (consent) and Article 6(1)(b) of the GDPR (processing for the performance of a contract). You have the option to withdraw your consent to data processing at any time. Withdrawal does not affect the lawfulness of data processing operations carried out in the past.