Data privacy policy

OVERVIEW
The protection of personal data and the responsible handling of information that you entrust to us is an important and special concern of ours. Soul Sail S.L.U processes personal data only in accordance with the legal regulations. These are, in particular, the EU General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG). With this privacy policy, we inform you about how, to what extent, and for what purposes we process personal data when using the www.soul-sail.com website.

1. Responsible person in the sense of data protection law
Soul Sail S.L.U
Calle de Llorenc Vicens 1,2
07002 Palma d. Mallorca
Phone: +49 (0)40 25467690
E-mail: info@soul-sail.de

2. Contact details of the data protection officer
E-mail: marco@soul-sail.de
Mail: Soul Sail S.L.U, Calle de Llorenc Vicens 1,2
07002 Palma d. Mallorca

3. Processing of your personal data
The subject of data protection is personal data. This is information that can be assigned to a specific or identifiable person, such as name, address, email address, and telephone number. In principle, the processing of personal data is not required for the use of this website. Apart from the cases described in section 4, data collection and processing only occur if you voluntarily provide your personal data. This applies in particular to the following situations:
3.1 Purchases on the www.soul-sail.com website.
When you make purchases via our www.soul-sail.com website, we use the data you provide (in particular name, address, payment data, and the goods ordered) to fulfill the contract concluded with you.
In order to be able to process and deliver your order, we pass on your data to the delivery service commissioned with the delivery in each case. In the case of delivery by a forwarding agency, we will also pass on your telephone number to coordinate the date.
With your order, you confirm the processing of personal data described above and agree to our General Terms and Conditions (GTC).
3.2 Advertising, which you can object to
If you have made purchases via the www.souls-sail.com website and have not objected to receiving advertising, we may use your email address to inform you about comparable offers. You can object to the use of your data for advertising purposes at any time, as described in section 10 of this privacy policy and at the end of each newsletter.
3.3 Advertising to which you have consented (e.g., subscription to the email newsletter)
Insofar as you wish to receive our newsletter and register for it, we require a functioning email address assigned to you, which enables us to check that you are the owner of the email address provided.
You can revoke your consent to the storage of the email address or telephone number and other personal data provided by you and to their use for advertising purposes at any time with effect for the future (see section 10).

4. Automatic collection and processing of data when you visit the website.
When you visit our website, we show you a “cookie banner” to let you know that we use cookies to improve the user experience on our website. The related data processing is described in detail in this Section 4. As indicated in the cookie banner, you consent to this use if you continue to use our website. You may revoke this consent in whole or in part at any time with effect for the future. To delete all first-party cookies, click here. The options available to you for deactivating individual cookies and the tracking technologies used are described in detail below.
4.1 Data processing to enable website use
When you visit our website, we collect the data necessary to enable you to use it (usage data). This includes your IP address and data about the beginning, end, and subject of your use of the website, as well as any identification data (e.g., your login data if you log in to a secure area). In addition, this includes technical data transmitted by your browser, such as browser type, previously visited website (referrer URL), monitor resolution, etc.). This data is used to provide the service and to design the service according to your needs. They are generally deleted as soon as they are no longer required. For the processing of pseudonymous usage profiles, see section 4.3.
4.2 Cookies
When you visit our website, information may be stored on your computer in the form of a cookie. Cookies are small text files that are sent to your browser by a web server and stored on your computer’s hard drive. This allows us to recognize you when you visit the site again. In this way, we can ensure better functionality of the site and, for example, avoid you having to log in repeatedly or perform web analysis (see section 4.3).
There are different types of cookies. A distinction must be made between cookies that are set by the website operator when you visit a website (also “first-party cookies”) and cookies that are set by third-party providers (also “third-party cookies”). We only have technical control over the first-mentioned cookies. On the other hand, there are cookies that are only stored on your computer during your respective visit to our website (also “session cookies”) and cookies that are stored for a longer period of time. The following cookies are set directly by us on our website:
Name
Purpose
Storage period

Google Analytics: Used to distinguish users and sessions.
2 years
__utmb
Google Analytics: Used to determine new sessions/visits.
30 minutes
__utmc
Google Analytics: Used to establish interoperability with Google’s Urchin service.
Only for the session
__utmgacjtaca
Google Analytics:
1 year
__utmz
Google Analytics: stores the traffic source or campaign through which the visitor arrived at the website.
6 months
_ga
Google Analytics: Used to distinguish users.
2 years
_gac_UA-XXXXX-X
Google Analytics / Google Adwords: Contains campaign-related information about the user. 90 days
_gat_UA-XXXXX-X
Google Analytics: Used to limit the number of requests per time period.
1 minute
_gid
Google Analytics: Used to distinguish users.
1 day
_dc_gtm_UA-XXXXX-X.
Google Tag Manager (see section 4.3.2)

1 minute
Most browsers are set to accept cookies automatically. You can deactivate the storage of cookies in your browser and have the option to delete them from your hard drive at any time. We would like to point out that the use of our offers on the website without cookies is only possible to a limited extent.
However, you can also use your browser to prevent only the setting of certain cookies (e.g., cookies from third-party providers), for example, if you want to prevent web tracking. You can find more information on this in the help function of your browser. For more information on third-party cookies that are sent or processed when you visit our website, see section 4.3 and the privacy statements of the providers mentioned there.
4.3 Pseudonymous usage profiles for advertising and market research (web tracking and analysis)
For advertising, market research, and to make your use of our website as pleasant as possible, the Soul-Sail website uses web tracking systems. Here, data about the use of our website is stored in pseudonymous user profiles (your IP address is anonymized). This allows us to further develop our website and tailor the content even better to your needs. In addition, the usage profiles are used for so-called retargeting. This enables the Soul-Sail website to place interesting offers on other websites that you visit. The pseudonymous usage profiles are not merged with personal data.
You can object to the creation of pseudonymous usage profiles. To do this, you can, on the one hand, prevent the setting of cookies in your browser (see section 4.2). On the other hand, you can install a plugin in your browser to protect your privacy, which offers the possibility to prevent tracking – e.g. AdBlock, Ghostery, or NoScript (please refer to the data protection information of the respective plugin provider). The following table lists the tracking technologies used on our website (which may include cookies, in particular, see section 4.2) and the respective providers that process usage data in pseudonymous profiles for the purposes stated in each case. In addition, the link to the privacy policy of the provider is given and we explain how you can specifically switch off or on web tracking by the individual service providers with effect for the future. As a rule, a special cookie is stored on your terminal device to switch it off, which excludes the collection of usage data from your terminal devices by the respective provider in the future; please note that you may have to set this cookie again if you delete cookies from your computer.

Tool/Provider
Purpose
Link to provider’s privacy policy/link to turn off or turn on data processing Facebook Exchange (FBX) / Facebook Custom Audience:
Facebook, 1601 S. California Avenue, Palo Alto, 94304 CA, United States.
Web analysis, interest-based advertising
https://www.facebook.com/privacy/explanation
Further information on data protection
Switch tracking off or on: see the privacy policy
4.3.1 Google Analytics
This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies (see section 4.2) to enable an analysis of your use of the website. The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there. However, your IP address will be shortened beforehand by Google within the EU or the EEA and thus anonymized. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity, and providing us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. You can prevent the storage of cookies by selecting the appropriate settings on your browser software (see section 4.2) or a privacy plugin (see section 4.3). You can also prevent the collection of data related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. Alternatively, you can prevent the collection by Google Analytics by setting a so-called “opt-out cookie” on your computer; use the following link for this: Set opt-out cookie[A2].
For more information on data protection at Google Analytics, please visit: https://www.google.de/intl/de/policies/.

4.3.2 Google Tag Manager
This website uses Google Tag Manager to manage website tags. A tag is a JavaScript snippet used to send information from a website to third parties, especially in the context of web tracking. The Google Tag Manager tool itself does not collect any personal data. The tool takes care of triggering other tags, which in turn may collect data (e.g., the Google Analytics tag). Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it will remain in place for all tracking tags implemented with Google Tag Manager. This makes it easier to effectively implement your objections to tracking methods.
5. Data collection by third-party providers / social networks
Our website contains links to social networks (e.g., Facebook, XING, Google Plus, LinkedIn, Twitter). These social networks are operated exclusively by third parties. If you follow the links, information may be transmitted to these third parties. The purpose and scope of data collection by the social networks as well as the further processing and use of your data there as well as your rights in this regard and setting options for protecting your privacy can be found in the respective data protection notices of the operators (these can be found for the named providers via the following links: Facebook, XING, Google Plus, LinkedIn, Twitter).

6. Transmission to third parties
Within the scope of the purposes stated in sections 3.1-3.3, the data mentioned there will be forwarded to service providers who are active on our behalf (in particular IT service providers), if applicable. In addition to their legal obligation to comply with all data protection provisions by us, these service providers are bound by further contractual data protection requirements. As a rule, this includes an obligation as a processor pursuant to Art. 28(3) DSGVO.
Apart from that, we only transfer personal data to third parties if there is a legal permission for this or if you have given your prior consent. You can revoke any consent you may have given at any time with effect for the future. We will only pass on your data to state authorities within the scope of legal obligations or on the basis of an official order or court decision and only insofar as this is permitted under data protection law.

7. Transmission to countries outside the EU and the EEA
For the purposes mentioned under 3.1-3.3, a transfer to countries outside the EU and the EEA (third countries) is generally not necessary and therefore does not take place. Otherwise, we only transfer data to third countries if it is ensured that the recipient of the data guarantees an adequate level of data protection within the meaning of Chapter V of the GDPR and no other interests worthy of protection speak against the transfer of data. We use the EU Commission’s model contracts for the transfer of personal data to third countries to ensure an adequate level of protection for the recipient of the data.

8. Deletion
The pseudonymous usage profiles created by means of Google Analytics (see 5.3.1) are automatically deleted 38 months after the last information was added to the profile. In all other respects, we delete your personal data as soon as they are no longer required for the purposes pursued with the processing and insofar as there are no statutory retention obligations to the contrary. German commercial and tax law includes retention periods of six years (for business letters in any form) and ten years (for accounting-related transactions).

9. Data security
MS Entertainment UG has taken the necessary technical and organizational measures to protect the personal data you provide from loss, destruction, manipulation, and unauthorized access. All our employees and all persons involved in data processing are obliged to comply with the DSGVO, the BDSG, and other laws relevant to data protection and to handle personal data confidentially. Both internal and external audits ensure compliance with all data protection-relevant processes at MS Entertainment UG.
To protect the personal data of our users, we use a secure online transmission method, the so-called “Secure Socket Layer” (SSL) transmission. You can recognize this by the fact that an “s” is appended to the address component http:// (“https://”) or a green, closed lock symbol is displayed in the browser. Clicking on the symbol provides you with information about the SSL certificate used. The display of the symbol depends on the browser version you are using. SSL encryption ensures the secure and complete transmission of your data. The SSL connection we use has been certified with regard to its security and confidentiality.

10. Your rights
You may at any time and free of charge request information about your personal data stored by MS Entertainment UG and – insofar as the legal requirements are met – its correction, deletion, and the restriction of processing of this data. Insofar as MS Entertainment UG processes your data for the pursuit of legitimate interests, in particular for the purpose of advertising, you may exercise your right to object. Whether and to what extent these rights exist in individual cases and which conditions apply to them are determined by law (until May 25, 2018, from the BDSG, from May 25, 2018, also from the DSGVO). The GDPR also grants you a right to data portability under certain circumstances. If you have given your consent under data protection law, you may revoke this consent at any time with effect for the future.
To exercise these rights and for other questions regarding data protection, please contact our company data protection officer (see section 2). In order to process your request quickly, we recommend that you provide us with your surname, first name, date of birth, and, if available, your email address and, in the event of an objection after receiving advertising, send us a copy of the advertising material. You also have a right to complain to the competent data protection supervisory authority. However, if you have any questions or complaints regarding data protection at MS Entertainment UG, we recommend that you first contact our data protection officer.

11. No automated individual case decision
We do not use your personal data for automated individual case decisions within the meaning of Art. 22(1) DSGVO.

12. Links to other websites
The Soul-Sail.com website contains links to other websites. Please note that the privacy policy of MS Entertainment UG does not apply to these other websites.

13. Change of the privacy policy
New legal requirements, business decisions, or technical developments may require changes in our privacy policy. The data protection declaration will then be adapted accordingly. You will always find the most current version on our website.

Status: March 2022