Data protection

General

Our data protection practice is compliant with the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG).

Compass stores your address details for its own advertising purposes and allows carefully selected companies to send you interesting promotional offers and information. In some cases we use external service providers for the technical performance of our data processing activities. If you do not wish to receive any offers or information in the future, you can, at any time, withdraw your consent to the use of your data for advertising purposes by us or by third parties . You can do this by sending an informal message to the address below or an email to:
info@compass24.com
Beyond this use, we only store and process your personal data for the purposes of processing your order.

In order to be able to process and deliver your order, we will only provide your data to the delivery service commissioned with delivering it.

Upon request, we will provide you with access to the data we have stored pertaining to you or your pseudonym, free of charge. If you wish to access these data, please send a message to info@compass24.com. We are also obliged to rectify, block or erase saved data that pertains to you upon request.

Other services

We also offer the following services:

  • Newsletter with information on current offers.
  • Registration as a regular customer

By registering to receive our newsletter, you are consenting to the storage of your data (including email address, forename, surname and gender). Your data will be processed on the basis of your consent in accordance with point (a) of Article 6(1) GDPR in this case.

 You can unsubscribe from the newsletter at any time by filling in the form under the “Newsletter” menu option. Each Compass24 newsletter also contains an “unsubscribe” button. You can, of course, also simply send an email to info@compass24.com to unsubscribe.

If you wish to delete your customer account, please send an email to: info@compass24.com requesting the deletion of your account.

Data collection

We need your address and contact details to process your order. We also need your date of birth to distinguish between you and other customers with the same name.

Your visit to our website will also be logged. The following data will be processed in connection with this: Name of the web page accessed, date and time of access, volume of data transferred, browser type and version, the operating system that you are using, the referrer URL (the site visited before reaching our site), your IP address and the requesting provider. We collect this data on the basis of our legitimate interests in accordance with point (f) of Article 6(1) GDPR.

If you contact us using our contact form or by email, your data, namely your surname, forename, email address and your message, will only be used to process your enquiry. We will process these data on the basis of your consent in accordance with point (a) of Article 6(1). GDPR.

By opening a customer account, you consent to the storage of your data, including your name, postal address, email address and payment details, as well as your user account details (user name, password). This enables you to use your email address or customer number, along with your personal password, to order from us.

We also process your name, address, date of birth, email address, order details and payment details for the performance of the contract. We process this data on the basis of point (b) of Article 6(1). GDPR for the performance of the contract.

Where necessary for the fulfilment of your order, we will disclose your name, address and where appropriate, your telephone number to the company commissioned with delivery of your order for the purposes of arranging a delivery date. Your payment details will be sent to the bank commissioned to perform the payment. We process this data on the basis of point (b) of Article 6(1). GDPR for the performance of the contract.

One service provider to which personal data collected via the website is forwarded, and which has or can have access to it, is our web host Omeco GmbH, Technologie-Park I, Gewerbegebiet Sauerwiesen 2, 67661 Kaiserslautern, Germany.

The website is hosted on servers located in Germany. The data is forwarded for the purposes of providing and maintaining the functionalities of our website. It is here that our legitimate interest pursuant to point (f) of Article 6 (1) EU GDPR applies.

We also reserve the right to store your forename and surname, your postal address and – insofar as we have received this additional information from you in connection with our contractual relationship – your title (including academic title), your birth year and the profession, industry or business in which you work, in summarised lists to be used for our own marketing purposes, e.g. for the delivery of interesting offers and information on our products by post. You may withdraw consent for the storage and use of your data for these purposes at any time, by sending a message to the contact details specified below.

By requesting a catalogue, you consent to the storage of your data, including your forename, surname, gender, postal address and email address. Your data will be processed on the basis of your consent in accordance with point (a) of Article 6(1) GDPR in this case. Once the catalogue has been sent, the data will be stored and erased in accordance with statutory and archival requirements.

No data will be transferred to third countries.

Storage of access data in server log files

By way of protection against external access, we store server log files in IP address format (date and time, URL, status code, referrer and useragent).  This data is processed exclusively to ensure the smooth operation of the website and to improve our offerings, and cannot be used to draw any conclusions about you.

Duration of storage of personal data

We process and store your personal data as required for the duration of our business relationship. We are also bound by various archival and recordkeeping obligations, among them arising from the German Commercial Code (HGB) and German Fiscal Code (AO). The retention/recordkeeping periods stated therein are between two and ten years.
The required duration of storage is ultimately governed by statutes of limitations; for instance, in accordance with Sections 195 et seq. of the German Civil Code (BGB), it is usually three years, but can be as much as 30 years in certain cases.

Encryption

Compass uses the SSL3 protocol to encrypt your data. Encrypted data transmission occurs via RSA 1024 bit for asymmetric processes.
The user data is encrypted with Triple-DES 112/168 bit.

An encrypted connection is identifiable from the address bar in the browser changing from “http://” to “https://” and a padlock symbol appearing in the address bar.

If SSL encryption is activated, the data that you transfer to us cannot be intercepted by third parties.

Cookies

Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device and to provide features such as 1-Click purchasing, Recommended for You, personalized advertisements on other Web sites and storage of items in your Shopping Cart between visits. The Help feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Because cookies allow you to take advantage of some of compass24.com’s essential features, we recommend you to leave cookies turned on. With the compass24.com cookies you will be able to add items to your Shopping Cart, proceed to Checkout, or use any compass24.com products and services that require you to Sign in.

Retargeting technologies

In order to offer you a particularly attractive range of products that reflect your interests, we collect and store information about the user behaviour of our users in anonymised form as cookies, for marketing purposes.

The data collected is used exclusively for the purposes of optimising our offerings for you. The technology is, of course, always used in accordance with the applicable legal data protection regulations.

For this we make use of technologies from Criteo SA, Affilinet, Google Inc. (including Google Maps, Google reCAPTCHA)

If you do not want to receive interest-based advertising, you can disable this feature through the links below:

Criteo http://www.criteo.com/de/datenschutzrichtlinie 

Google http://www.google.com/policies/technologies/ads

Affilinet: https://www.affili.net/uk/about-cookies

Alternatively, you can deactivate the use of cookies by third-party providers by visiting the deactivation page of the Network Advertising Initiative.

http://optout.networkadvertising.org/?c=1#!/

Google Analytics and other tracking tools

This website is using Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses so-called "Cookies", text files that are stored on your computer and that allow analysis of your use of the website.

The information on your use of this website generated by the cookie is usually transferred to and stored by Google on a server in the United States. In the event of an activation of IP anonymisation on this website, Google will truncate your IP address within the European Union member states or in other contract states of the Agreement on the European Economic Area. Only in exceptions will the full IP address be transmitted to a Google server in the USA transmit and shortened there.

Google will use this information on behalf of the operator of this website to evaluate your use of this website, compile reports about the website activities and to render other services connected with website use and Internet use to the website operator. The IP address transferred by your browser within the scope of Google Analytics will not be merged with other Google data. You can prevent the installation of cookies with the appropriate settings of your browser software; we would like to point out though that you may not be able to make use of the full scope of all functions of this website in this case. You can also prevent the data generated by the cookie and related to your usage of this website (incl. your IP address) from being acquired and processed by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=en).

For more information, see
http://tools.google.com/dlpage/gaoptout?hl=en

and http://www.google.com/intl/de/analytics/privacyoverview.html 

Please note that on this website Google Analytics has been extended by the code "gat._anonymizeIp ();" in order to ensure an anonymous collection of IP addresses (so-called IP-Masking).

Without your express consent, we will not use tracking tools and/or web bugs to covertly collect personal data about you, we will not transfer such data to third-party providers or marketing platforms, nor will we associate this data with your personal data (name, address, etc.).

Right to information and contact options

You are entitled to receive information at no charge about the personal data we have stored on you and also to have this data corrected, erased or its use restricted. Please contact us directly using the contact details in our legal notice if you have any questions regarding the collection, processing or usage of your personal data, if you wish to receive information about what data is stored, if you wish to have it corrected, erased or its use restricted, or if you wish to withdraw previously provided consent or object to a certain use of the data.