Last updated: August 9, 2023
1. General Information
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is all data by which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.
Data Collection on This Website
– Who is responsible for data collection on this website? The data processing on this website is carried out by the website operator. You can find their contact details in the “Notice of Responsible Party” section in this privacy policy.
– How do we collect your data? Your data is collected, on one hand, by you providing it to us. This could be data, for example, that you enter into a contact form. Other data is automatically collected or with your consent upon visiting the website by our IT systems. These are mainly technical data (e.g., internet browser, operating system, or time of page access). This data collection occurs automatically as soon as you enter this website.
– What do we use your data for? Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.
– What rights do you have regarding your data? You have the right at any time to receive information free of charge about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent for data processing, you can revoke this consent at any time for the future. You also have the right to request, under certain circumstances, the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time with further questions on the subject of data protection.
Analysis Tools and Third-Party Tools
When visiting this website, your surfing behavior can be statistically evaluated. This mainly happens with what are known as analysis programs. Detailed information on these analysis programs can be found in the following privacy policy.
2. Hosting
We host the contents of our website with the following provider:
Amazon Web Services (AWS)
The webserver is located in Frankfurt, Germany
The hosting is owned by Coco and Jay LLC. Details regarding AWS’s privacy practices can be found in AWS’s privacy policy: AWS’s Privacy Policy.
The use of AWS is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in the most reliable presentation of our website. If appropriate consent was obtained, processing is carried out solely on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) in the sense of the TTDSG. The consent can be revoked at any time.
Order Processing
We have concluded a contract for order processing (AVV) to use the above-mentioned service. This is a contract required by data protection law, which ensures that the service processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
3. Use of Personal Information
We use collected information for various purposes: – Providing Services: Fulfilling your requests, responding to inquiries, and delivering information. – Transactions: Processing payments, completing orders, and providing order-related communications. – Analytics: Understanding how you use our Website to improve functionality and offerings. – Communication: Sending updates, newsletters, marketing materials, and promotional offers. – Compliance: Complying with legal obligations and protecting our rights.
4. Cookies and Tracking Technologies
Our websites use so-called “cookies.” Cookies are small data packets that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until automatic deletion occurs through your web browser. Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services). Cookies serve various purposes. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes. Cookies that are necessary for the performance of electronic communication processes, the provision of certain desired functions (e.g. shopping cart function), or for the optimization of the website (e.g. cookies for measuring web audience) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and similar recognition technologies has been requested, processing will be carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) German Telemedia Act (TTDSG)); consent can be revoked at any time. You can configure your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website. You can find information on which cookies and services are used on this website in this privacy policy.
5. Local Hosting of Google Fonts
This site uses so-called Google Fonts for the uniform display of fonts, which are provided by Google. The Google Fonts are installed locally. There is no connection to Google servers in this process. For more information about Google Fonts, please visit https://developers.google.com/fonts/faq and consult Google’s privacy policy: https://policies.google.com/privacy?hl=en.
6. Use of Google Maps
This site uses the Google Maps map service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. To use the features of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. When Google Maps is active, Google can use Google Fonts for the uniform display of fonts. When you access Google Maps, your browser loads the necessary web fonts into your browser cache to display texts and fonts correctly. The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy findability of the places we have indicated on the website. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If consent has been requested, processing will only be carried out on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of TTDSG. Consent can be revoked at any time. The data transfer to the USA is based on the standard contractual clauses of the European Commission. You can find more details here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/. For more information on how user data is handled, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=en. The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Each company certified under the DPF undertakes to comply with these data protection standards. You can find more information about this from the provider at the following
7. Your Rights
You have rights regarding your personal information:
– Access: Request access to your personal data.
– Correction: Request correction of inaccuracies in your data.
– Deletion: Request deletion of your data under certain circumstances.
– Objection: Object to processing in certain situations.
– Withdraw Consent: Withdraw consent you’ve provided.
8. Storage Duration
Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, deletion will take place after these reasons no longer apply.
9. Legal Basis for Data Processing
If you have given your consent to data processing, we process your personal data on the basis of Art. 6 Para. 1 lit. a DSGVO or Art. 9 Para. 2 lit. a DSGVO, if special data categories according to Art. 9 Para. 1 DSGVO are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing is also based on Art. 49 Para. 1 lit. a DSGVO. If you have consented to the storage of cookies or to access information on your end device (e.g., via device fingerprinting), data processing also takes place on the basis of § 25 Para. 1 TTDSG. The consent can be revoked at any time. If your data is necessary for contract fulfillment or for carrying out pre-contractual measures, we process your data on the basis of Art. 6 Para. 1 lit. b DSGVO. Furthermore, we process your data if this is necessary to fulfill a legal obligation based on Art. 6 Para. 1 lit. c DSGVO. Data processing can also take place on the basis of our legitimate interest according to Art. 6 Para. 1 lit. f DSGVO. Information about the respective legal basis applicable in individual cases is provided in the following sections of this privacy policy.
10. Recipients of Personal Data
We may share data with external parties for contractual, legal, or legitimate interest purposes, including processors under valid contracts. We only pass on personal data to external bodies if this is necessary for contract fulfillment, if we are legally obliged to do so (e.g., passing on data to tax authorities), if we have a legitimate interest according to Art. 6 Para. 1 lit. f DSGVO in the transfer, or if another legal basis permits data transfer. When using processors, we only pass on personal data of our customers on the basis of a valid contract for order processing. In the case of joint processing, a contract for joint processing is concluded.
11. Revocation of Consent
Many data processing operations are only possible with your explicit consent. You can revoke an already given consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
12. Right to Object
IF DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE CAN PROVE COMPELLING REASONS WORTHY OF PROTECTION FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 PARA. 1 DSGVO). IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT ADVERTISING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING, IN SO FAR AS IT IS CONNECTED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION UNDER ART. 21 PARA. 2 DSGVO).
13. Contacting the Supervisory Authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, especially in the member state of their habitual residence, their place of work, or the place of the alleged violation. This right to lodge a complaint is without prejudice to any other administrative or judicial remedies.
14. Data Portability
You have the right to receive the data that we process automatically based on your consent or in fulfillment of a contract, in a commonly used and machine-readable format, and to have it handed over to yourself or to a third party. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.
15. Information, Correction, and Deletion
You have the right, in accordance with applicable legal provisions, to obtain information free of charge about your stored personal data, their origin and recipients, and the purpose of data processing, as well as, if applicable, the right to correction or deletion of this data. For this purpose and for any further questions regarding personal data, you can contact us at any time.
16. Restriction of Processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to exercise this right. The right to restrict processing exists in the following cases:
17. SSL/TLS Encryption
For security reasons and to protect the transmission of confidential content such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
18. Changes to this Privacy Policy
We reserve the right to update this Privacy Policy. Changes take effect upon posting on the Website.
19. Contact Information
If you have questions or concerns, please contact us at:
Coco & Jay GmbH
Friedrichstraße 114A
10117 Berlin, Germany
Phone: 0163 1727352
Email: info@cocoandjay.com
Coco and Jay LLC
30 N Gould St Ste R
Sheridan, WY 82801, USA
Phone: 0061 424 303 337
Email: info@cocoandjay.com
Coco and Jay LLC
30 N Gould St Ste R
Sheridan, WY 82801
United States
Coco & Jay GmbH
Friedrichstraße 114A
10117 Berlin
Germany