Privacy Policy

Thank you for visiting our website and your interest in our company and products. We would like to inform you about which data we collect and when, how it is used and processed, and how we handle your personal data.

Data Security

The security of your data is important to us. We use measures to protect your data, including encryption and secure servers. Your data will be treated confidentially and transmitted securely. Learn more about our privacy practices.

Your control over data

You have the right to access, correct, and update your personal information. If you have any concerns about how we use your data, please do not hesitate to contact us.

Person responsible

Coinlygolf - Daniel Pelosato

Eichelbergstraße 2/3

75245 Neulingen Deutschland

Tel.: +49 (0) 176 56014194

E-Mail: contact@coinlygolf.com

A data protection officer has not been appointed as there is no legal obligation to do so.

1. Access data and hosting

You can visit our website without providing any personal information. Each time a website is accessed, the web server only automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access. This access data is analysed exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. This serves to safeguard our legitimate interests, which predominate in the context of a weighing of interests, in the correct presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. All access data is only processed for as long as is necessary to fulfil the above-mentioned processing purposes.

Hosting by Wix

Our website is hosted by the service provider Wix.com Ltd, 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel. The processing of personal data takes place on servers within the European Union and in Israel. The European Commission has determined that Israel has an adequate level of data protection.

Wix may also transfer data to the USA. For these transfers, Wix relies on the Adequacy decision on the EU-US Data Privacy Framework (DPF), insofar as the respective recipients are certified there. If this is not the case, the standard contractual clauses of the EU Commission are used to ensure an adequate level of data protection.

You can find further information in Wix's data protection information at: https://de.wix.com/about/privacy.

2. data processing for contract processing and for establishing contact

2.1 Data processing for contract fulfilment

For the purpose of contract processing (including enquiries about and processing of any existing warranty and service disruption claims as well as any statutory updating obligations) in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR, we collect personal data if you voluntarily provide it to us as part of your order. Mandatory fields are labelled as such, as in these cases we need the data to process the contract and we cannot send the order without it. Which data is collected can be seen from the respective input forms.

Further information on the processing of your data, in particular on the transfer to our service providers for the purpose of order, payment and dispatch processing, can be found in the following sections of this privacy policy. After completion of the contract, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR, unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

We store order data and tax-relevant documents for 10 years (§ 147 AO) and business correspondence for 6 years (§ 257 HGB).

2.2 Customer account

If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR by deciding to open a customer account, we will use your data for the purpose of opening a customer account and storing your data for further future orders on our website. It is possible to delete your customer account at any time and can be done either by sending a message to the contact option described in this privacy policy or via a function provided for this purpose in the customer account. After deletion of your customer account, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

2.3 Making contact

As part of customer communication, we collect personal data to process your enquiries in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR if you voluntarily provide us with this data when contacting us (e.g. via contact form, live chat tool or email). Mandatory fields are labelled as such, as in these cases we need the data to process your contact. Which data is collected can be seen from the respective input forms.

Once your enquiry has been fully processed, we store the data contained therein for a period of up to 12 months in order to be able to access it in the event of queries. We will then delete your data unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

3. Data processing for the purpose of dispatch processing

In order to fulfil the contract in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR, we pass on the data required for delivery (name, delivery address; if necessary, telephone number for appointment coordination, if specified) to the shipping service provider commissioned by us.

Any further storage of shipping and tracking data will only take place as long as this is necessary for contract processing (incl. warranty/performance disruptions); otherwise, the retention periods under commercial and tax law specified in section 2.1 apply.

Data transfer to shipping service providers for the purpose of shipping notification

If you have given us your express consent to this during or after your order (Art. 6 para. 1 sentence 1 lit. a GDPR), we will transmit your e-mail address (and telephone number, if applicable) to the shipping service provider named below so that they can contact you before delivery for the purpose of delivery notification and coordination. You can revoke your consent at any time with effect for the future - by sending a message to the contact option specified in this privacy policy or directly to the shipping service provider.

Currently commissioned shipping service provider DHL Paket GmbH Sträßchensweg 10 53113 Bonn Germany

4. Data processing for payment processing

We work with the following partners to process payments in our online shop: technical service providers, credit institutions, payment service providers.

4.1 Data processing for transaction processing

We use Wix Payments, a service provided by Wix.com Ltd, 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel, to process payments. Wix Payments processes the data required to process the payment (e.g. name, billing address, payment information, order number) on our behalf. The data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR (fulfilment of contract).

Personal data is processed on servers within the EU and in Israel. The European Commission has issued an adequacy decision for Israel. Insofar as Wix processes payments via service providers in the USA, the transfer is based either on their certification under the EU-US Data Privacy Framework (DPF) or on the standard contractual clauses of the EU Commission.

4.2 Data processing for the purpose of fraud prevention and optimisation of our payment processes

We provide you with the following payment methods via Wix Payments:

Credit/debit cards (Visa, Mastercard, American Express, Discover, Maestro, etc.)
Apple Pay
Google Pay
Instant bank transfer (Klarna Sofort)

4.3 PayPal

Payments via PayPal are processed via PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. You must be registered with PayPal or legitimise yourself with your access data for processing. The payment transaction is carried out immediately after completion of the order. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR. Further information can be found in PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

5. Advertising by e-mail

Newsletter and use of Brevo (formerly Sendinblue)

When you subscribe to our newsletter, we use your email address and any other data you provide to send you our newsletter on a regular basis.
We use the Brevo service (formerly Sendinblue), provided by Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. The data you provide for the purpose of receiving the newsletter is stored on Brevo's servers in the European Union.

The legal basis for the processing of your data is your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke this consent at any time with effect for the future, for example via the unsubscribe link in each newsletter or by sending us a message.

We have concluded a contract with Brevo for order processing in accordance with Art. 28 GDPR, in which Brevo undertakes to protect the data of our subscribers and not to pass it on to third parties.

Your data will be stored for as long as your newsletter subscription is active. After you unsubscribe from the newsletter, your data will only be stored in a block list to prevent further emails from being sent.
Further information on data protection at Brevo can be found at: https://www.brevo.com/de/legal/privacypolicy/

Double opt-in procedure
Registration for our newsletter is carried out using a double opt-in procedure. After you have registered using our form, you will receive a confirmation email from us. Only when you click on the link contained in this email will your registration become effective and you will receive our newsletter in future.

This procedure is necessary to ensure that no one can register with someone else's email address. The registration process (time of registration and confirmation, IP address) is logged in order to be able to verify the registration process in accordance with legal requirements.

6. Cookies and other technologies

General information In order to make visiting our website attractive and to enable the use of certain functions, we use technologies on various pages, including so-called cookies. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser on your next visit (persistent cookies).

Protection of privacy on end devices When using our online services, we use absolutely necessary technologies in order to be able to provide the telemedia service expressly requested. The storage of information in your end device or access to information already stored is necessary for this and does not require consent.

For all other functions (e.g. analysis, marketing, convenience functions), we only use cookies and comparable technologies with your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG. If you do not give your consent, certain functions of our website may not be fully usable. The consent you have given will remain in place until you adjust the respective settings in your end device or revoke your consent via our Consent Management Tool.

Consent management with Usercentrics We use the consent management tool Usercentrics from Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, to document and manage the consents you have given in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR (legal obligation to provide proof of consent) and Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest in legally compliant, user-friendly consent management). Your consent decisions and the associated device and browser information, time stamp and IP address are logged.

The data collected will be deleted after three years, unless there are longer statutory retention obligations. You can change or revoke your consent at any time with effect for the future by accessing the cookie settings via the corresponding link in the footer of our website.

Cookie settings in the browser

You can also control the storage of cookies in your browser settings and delete or restrict cookies there. The links below explain how you can change the cookie settings in the most common browsers:

Microsoft Edge
Safari
Google Chrome
Mozilla Firefox
Opera

Please note that deactivating cookies may limit the functionality of our website.

7. Use of cookies and other technologies

7.1 Wix statistics for web analysis

For the purpose of website analysis, data (IP address, time of visit, device and browser information, location information and information on your use of our website) is automatically collected and stored using technologies from Wix.com Ltd, 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel, from which user profiles are created using pseudonyms. Cookies can be used for this purpose. The pseudonymised user profiles are not merged with personal data about the bearer of the pseudonym.

Data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest in an optimised presentation and analysis of our offer) and, if necessary, on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG.

Personal data is processed on servers within the EU and in Israel. The European Commission has determined an adequate level of data protection for Israel. If data is transferred to the USA, this is based either on the certification of the recipients under the EU-US Data Privacy Framework (DPF) or on the standard contractual clauses of the EU Commission.

Further information can be found in the data protection information of Wix: https://de.wix.com/about/privacy.

7.2 Google Analytics (optional, if activated)

We use the web analytics service Google Analytics 4 on our website (if activated by us), which is provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. The automatically collected information about your use of our website is usually transmitted to a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and stored there.

Google Analytics uses cookies and similar technologies that enable your use of the website to be analysed. The data collected in this context can be used to create user profiles.

We only use Google Analytics with activated IP anonymisation. This means that your IP address will be truncated by Google within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area prior to transmission. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

Data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG. You can revoke your consent at any time via our consent management tool (Usercentrics) with effect for the future.

The European Commission has issued an adequacy decision for the USA (EU-US Data Privacy Framework, DPF). If Google is certified, data is transferred on this basis. In addition, we have concluded the standard contractual clauses of the EU Commission with Google in order to guarantee an appropriate level of data protection.

Further information on data processing by Google Analytics can be found in Google's privacy policy:

https://policies.google.com/privacy

7.3 Adobe Fonts

We use Adobe Fonts, a service provided by Adobe Systems Software Ireland Ltd, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland, on our website for the standardised display of fonts. When you access our pages, your browser loads the required fonts from Adobe in order to display texts and fonts correctly. Your IP address is transmitted to Adobe for this purpose.

Data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG, which you can give via our consent management tool (Usercentrics).

Adobe may also transfer data to the USA. If recipients there are certified in accordance with the EU-US Data Privacy Framework (DPF), the transfer takes place on this basis. Otherwise, the standard contractual clauses of the EU Commission are used to ensure an adequate level of data protection.

Further information on Adobe Fonts can be found in Adobe's privacy policy:

https://www.adobe.com/de/privacy/policies/adobe-fonts.html

8. Social Media

Our online presence on Facebook (by Meta), X (formerly: Twitter), Instagram (by Meta), YouTube, LinkedIn and TikTok.

If you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on the social media mentioned above, from which user profiles are created using pseudonyms. These can be used, for example, to place adverts within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator as well as a contact option and your rights and setting options for protecting your privacy, please refer to the providers' data protection notices linked below. If you still need help in this regard, you can contact us.

Facebook (by Meta) is a service provided by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is usually transferred to a server of Meta Platforms, Inc, 1601 Willow Road, Menlo Park, California 94025, USA and stored there. Data processing in the context of a visit to a Facebook (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

The adequacy decision for the USA applies as the basis for third country transfers, provided that the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico. There is no adequacy decision from the European Commission for these countries. Our co-operation with them is based on these guarantees: standard data protection clauses of the European Commission.

X is a service provided by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("X"). The information automatically collected by X about your use of our online presence on X is usually transferred to a server of X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. There is no adequacy decision from the European Commission for these countries. Our cooperation with them is based on standard data protection clauses of the European Commission.

Further information can be found in Facebook's privacy policy:

https://www.facebook.com/privacy/policy

Instagram (by Meta) is a service provided by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is usually transferred to a server of Meta Platforms, Inc, 1601 Willow Road, Menlo Park, CA 94025, USA, Menlo Park, California 94025, USA and stored there. Data processing in the context of a visit to an Instagram (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

The adequacy decision for the USA applies as the basis for third country transfers, provided that the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico. There is no adequacy decision by the European Commission for these countries. Our co-operation with you is based on these guarantees: standard data protection clauses of the European Commission.

Further information can be found in Instagram's privacy policy:

https://privacycenter.instagram.com/policy

YouTube is a service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google about your use of our online presence on YouTube is usually transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Further information can be found in YouTube's privacy policy:

https://policies.google.com/privacy?hl=de

LinkedIn is a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is usually transferred to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA and stored there.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision USA.

The adequacy decision for the USA applies as the basis for third country transfers, provided that the respective service provider is certified. Certification is available.

Further information can be found in LinkedIn's privacy policy:

https://de.linkedin.com/legal/privacy-policy

TikTok is an offer of TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok"). The information automatically collected by TikTok about your use of our online presence on TikTok is generally transmitted to a server of TikTok Information Technologies UK Limited and/or TikTok Inc, 5800 Bristol Parkway, Culver City, CA 90230, USA and stored there.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: USA, United Kingdom. The adequacy decision for the USA applies as the basis for third country transfers, provided that the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which there is no adequacy decision by the European Commission. Our cooperation with them is based on standard data protection clauses of the European Union.

Further information can be found in TikTok's privacy policy: https://www.tiktok.com/legal/page/eea/privacy-policy/de

X (formerly Twitter) is a service provided by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("X"). The information automatically collected by X about your use of our online presence on X is usually transferred to a server of X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by decision.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has not issued an adequacy decision. Our cooperation with these service providers is based on standard data protection clauses of the European Commission.

Further information can be found in X's privacy policy:

https://x.com/de/privacy

9. Contact options and your rights

9.1 Your rights

As a data subject, you have the following rights:

in accordance with Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein
in accordance with Art. 16 GDPR, the right to demand the immediate correction of incorrect or incomplete personal data stored by us
in accordance with Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary
to exercise the right to freedom of expression and information
for the fulfilment of a legal obligation;
for reasons of public interest or
is necessary for the establishment, exercise or defence of legal claims;

in accordance with Art. 18 GDPR, the right to demand the restriction of the processing of your personal data, insofar as
the accuracy of the data is disputed by you
the processing is unlawful, but you oppose its erasure;
we no longer need the data, but you need it for the establishment, exercise or defence of legal claims, or
you have objected to processing pursuant to Art. 21 GDPR;
in accordance with Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller
in accordance with Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

Right of objection

Insofar as we process personal data as explained above in order to safeguard our legitimate interests, which outweigh your interests, you can object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. If the processing is carried out for other purposes, you only have the right to object if there are grounds relating to your particular situation.

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.

This does not apply if the processing is for direct marketing purposes. In this case, we will no longer process your personal data for this purpose.

9.2 Contact options

If you have any questions regarding the collection, processing or use of your personal data, for information, correction, restriction or deletion of data as well as revocation of consents granted or objection to a specific use of data, please contact us directly:

Coinlygolf – Owner. Daniel Pelosato Eichelbergstraße 2/3 75245 Neulingen Deutschland

E-Mail: contact@coinlygolf.com Telefon: +49 (0)176 56014194