We are very pleased that you have expressed interest in our company. Data protection is a top priority for Plugin Theme WP management. The use of Plugin Theme WP’s Internet pages is possible without providing any personal data; however, if a user wants to utilize special services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.
The processing of personal data, such as the name, address, email address, or telephone number of a data subject, shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with country-specific data protection regulations applicable to Plugin Theme WP. Through this data protection declaration, our company aims to inform the general public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.
As the controller, Plugin Theme WP has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may have potential security vulnerabilities, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, such as by telephone.
1. Definitions
The data protection declaration of Plugin Theme WP is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, among other terms, the following:
a) Personal data:
Any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data subject:
Any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
c) Processing:
Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
d) Restriction of processing:
The marking of stored personal data with the aim of limiting their processing in the future.
e) Profiling:
Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
f) Pseudonymization:
The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing:
The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
h) Processor:
A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
i) Recipient:
A natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
j) Third party:
A natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
k) Consent:
Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. Name and Address of the Controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union, and other provisions related to data protection is:
Plugin Theme WP
Email: [email protected]
Website: http://pluginthemewp.com
3. Cookies
The Internet pages of Plugin Theme WP utilize cookies. Cookies are text files that are stored in a computer system via an Internet browser.
Many Internet sites and servers use cookies. Many cookies contain a unique identifier known as a cookie ID. This identifier is a character string that allows Internet pages and servers to recognize the specific Internet browser in which the cookie was stored. Through the use of cookies, Plugin Theme WP can provide users of this website with more user-friendly services that would not be possible without the cookie setting.
Cookies enable us to optimize the information and offers on our website with the user in mind. For example, cookies allow us to recognize website users so that they do not have to enter access data each time the website is accessed. However, users can prevent the setting of cookies through our website by adjusting the settings of the Internet browser used, although this may affect the usability of certain functions of our website.
4. Collection of general data and information
When a data subject or automated system accesses the website of Plugin Theme WP, a series of general data and information is collected. This includes browser types and versions, operating systems, referrers, sub-websites, date and time of access, Internet protocol addresses (IP addresses), and other similar data.
This information is collected to ensure the proper delivery and optimization of website content, as well as for long-term viability of our information technology systems. Additionally, it may be used to provide law enforcement authorities with information necessary for criminal prosecution in the event of a cyber-attack. The data collected is analyzed anonymously to increase data protection and security.
5. Registration on our website
Users have the option to register on Plugin Theme WP’s website by providing personal data. The personal data collected is used exclusively for internal purposes by Plugin Theme WP and may be transferred to processors, such as parcel services, for internal use attributable to the controller.
The registration process includes storing the IP address, date, and time of registration, which is used to prevent misuse of services and investigate offenses. This data is not shared with third parties unless required by law or for criminal prosecution purposes.
Registered users can update or delete their personal data at any time. The data controller is available to provide information or make corrections upon request from data subjects.
6. Subscription to our newsletters
Users can subscribe to Plugin Theme WP’s newsletter on the website. The personal data collected during newsletter registration, such as email addresses and IP addresses, is used solely for newsletter distribution and will not be shared with third parties.
Subscribers may receive emails related to the newsletter service or modifications to the newsletter offer. Subscriptions can be terminated at any time, and consent for data storage can be revoked. Instructions for unsubscribing are provided in each newsletter.
7. Newsletter Tracking
The newsletter of Plugin Theme WP includes tracking pixels, which are miniature graphics embedded in HTML-format emails to enable log file recording and analysis. This allows for statistical analysis of the success or failure of online marketing campaigns. By using tracking pixels, Plugin Theme WP can determine if and when an email was opened by a data subject, as well as which links in the email were accessed.
The personal data collected through tracking pixels in the newsletters are stored and analyzed by the controller to optimize newsletter delivery and tailor the content of future newsletters to the interests of the data subject. These personal data are not shared with third parties. Data subjects have the right to revoke their consent for newsletter tracking at any time, and upon revocation, their personal data will be deleted by the controller. Plugin Theme WP automatically considers opting out of newsletter receipt as a revocation of consent.
8. Contact Options via the Website
Plugin Theme WP’s website provides information for quick electronic contact with our enterprise, including a general email address. If a data subject contacts the controller via email or a contact form, the personal data transmitted by the data subject are automatically stored. These personal data are stored for the purpose of processing or contacting the data subject and are not transferred to third parties.
9. Routine Erasure and Blocking of Personal Data
Plugin Theme WP processes and stores personal data of data subjects only for the period necessary to achieve the purpose of storage, or as permitted by applicable laws or regulations. If the storage purpose no longer applies or if a prescribed storage period expires, personal data are routinely blocked or erased in accordance with legal requirements.
10. Rights of the Data Subject
a) Right of Confirmation
Every data subject has the right, as granted by European legislation, to obtain confirmation from the controller as to whether or not personal data concerning them are being processed. If a data subject wishes to exercise this right of confirmation, they may contact any employee of the controller at any time.
b) Right of Access
Every data subject has the right, as granted by European legislation, to obtain free information from the controller about their personal data stored at any time, as well as a copy of this information. Additionally, European directives and regulations grant the data subject access to specific information:
– The purposes of the processing
– The categories of personal data concerned
– The recipients or categories of recipients to whom the personal data have been or will be disclosed, particularly recipients in third countries or international organizations
– The envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
– The existence of the right to request rectification, erasure, or restriction of processing of personal data, or to object to such processing
– The right to lodge a complaint with a supervisory authority
– Where the personal data are not collected from the data subject, any available information as to their source
– The existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.
Furthermore, the data subject has the right to be informed whether personal data are transferred to a third country or to an international organization. If so, the data subject has the right to be informed of the appropriate safeguards relating to the transfer.
If a data subject wishes to exercise this right of access, they may contact any employee of the controller at any time.
c) Right to Rectification
Every data subject has the right, as granted by European legislation, to obtain from the controller without undue delay the rectification of inaccurate personal data concerning them. Considering the purposes of the processing, the data subject also has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If a data subject wishes to exercise this right to rectification, they may contact any employee of the controller at any time.
d) Right to Erasure (Right to be Forgotten)
Every data subject has the right, as granted by European legislation, to obtain from the controller the erasure of personal data concerning them without undue delay, where one of the following grounds applies:
If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by the Plugin Theme WP, they may contact any employee of the controller at any time. An employee of Plugin Theme WP shall promptly ensure that the erasure request is complied with immediately.
Where the controller has made personal data public and is obliged pursuant to Article 17(1) to erase the personal data, the controller shall take reasonable steps to inform other controllers processing the personal data that the data subject has requested erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required. An employee of Plugin Theme WP will arrange the necessary measures in individual cases.
e) Right of Restriction of Processing
Every data subject has the right, as granted by European legislation, to obtain from the controller restriction of processing where one of the following applies:
If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by the Plugin Theme WP, they may contact any employee of the controller at any time. The employee of the Plugin Theme WP will arrange the restriction of the processing.
f) Right to Data Portability
Every data subject has the right, as granted by European legislation, to receive the personal data concerning them, which was provided to a controller, in a structured, commonly used, and machine-readable format. They shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent or a contract, and the processing is carried out by automated means.
If the data subject wishes to exercise the right to data portability, they may contact any employee of the Plugin Theme WP at any time.
g) Right to Object
Every data subject has the right, as granted by European legislation, to object, on grounds relating to their particular situation, to processing of personal data concerning them, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.
If the data subject wishes to exercise the right to object, they may contact any employee of the Plugin Theme WP at any time.
h) Automated Individual Decision-Making, Including Profiling
Every data subject has the right, as granted by European legislation, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them, or similarly significantly affects them, unless the decision is necessary for entering into, or the performance of, a contract between the data subject and a data controller, is authorized by Union or Member State law, or is based on the data subject’s explicit consent.
If the data subject wishes to exercise the rights concerning automated individual decision-making, they may contact any employee of the Plugin Theme WP at any time.
i) Right to Withdraw Data Protection Consent
Every data subject has the right, as granted by European legislation, to withdraw their consent to the processing of their personal data at any time.
If the data subject wishes to exercise the right to withdraw consent, they may contact any employee of the Plugin Theme WP at any time.
11. Data Protection Provisions Regarding the Application and Use of Google Analytics (with Anonymization Function)
On this website, Plugin Theme WP has integrated the component of Google Analytics (with the anonymizer function). Google Analytics is a web analytics service that collects, gathers, and analyzes data about the behavior of visitors to websites. It collects data about the website from which a person has come (referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics is mainly used for website optimization and to carry out cost-benefit analyses of internet advertising.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
For web analytics through Google Analytics, Plugin Theme WP uses the application “_gat._anonymizeIp”. This application abridges and anonymizes the IP address of the internet connection of the data subject when accessing the website from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyze traffic on the website. Google uses the collected data and information to evaluate the website’s use, provide online reports showing activities on the website, and offer other services concerning the website’s use.
Google Analytics places a cookie on the data subject’s information technology system. With the setting of the cookie, Google can analyze the website’s use. When a data subject accesses a page with a Google Analytics component, data is automatically submitted to Google for online advertising and commission settlement purposes. During this process, Google gains knowledge of personal information, such as the data subject’s IP address, to understand visitor origins and clicks and create commission settlements.
The cookie stores personal information such as access time, location, and frequency of website visits. This personal data, including the IP address, is transmitted to Google in the United States of America with each website visit. Google may pass this personal data to third parties.
Data subjects can prevent cookie setting through the website by adjusting their web browser settings to permanently deny cookie setting. They can also delete cookies already in use by Google Analytics at any time via their web browser or other software programs.
Additionally, data subjects have the option to object to data collection by Google Analytics related to website use and its processing by Google. They can download and install a browser add-on available at https://tools.google.com/dlpage/gaoptout, which informs Google Analytics not to transmit data and information about website visits. Reinstallation of browser add-ons may be necessary if the information system is deleted, formatted, or newly installed.
For further information and applicable data protection provisions, visit https://www.google.com/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/us.html. More details about Google Analytics are available at https://www.google.com/analytics/.
12. Data Protection Provisions Regarding the Application and Use of Google AdWords
On this website, Plugin Theme WP has integrated Google AdWords, a service for internet advertising that allows advertisers to place ads in Google search engine results and across the Google advertising network. Google AdWords lets advertisers pre-define specific keywords so that their ads are displayed on Google’s search results pages only when users search for relevant terms. In the Google Advertising Network, ads are distributed on relevant web pages using an automatic algorithm based on predefined keywords.
The operator of Google AdWords is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.
Google AdWords aims to promote our website by placing relevant advertising on third-party websites and in Google search engine results, as well as by displaying third-party advertising on our website.
When a data subject reaches our website via a Google ad, a conversion cookie is placed on their device by Google. This cookie expires after 30 days and is not used to identify the data subject. It helps track certain actions on our website, such as visiting specific sub-pages like the shopping cart of an online shop. The data collected via the conversion cookie is used by Google to generate visit statistics for our website, helping to determine the success of AdWords ads and optimize future campaigns. Neither our company nor other Google AdWords advertisers receive personally identifiable information from Google.
The conversion cookie stores information about the data subject’s internet page visits. Each time the data subject visits our website, personal data, including their IP address, is transmitted to Google in the United States of America. Google may share this personal data with third parties.
Data subjects can prevent the setting of cookies by adjusting their browser settings accordingly, as described above. Additionally, they can delete cookies set by Google AdWords at any time via their browser or other software programs.
Data subjects also have the option to opt out of Google’s interest-based advertising by adjusting their ad settings. They can access the link www.google.com/settings/ads from each browser they use and configure their preferences.
For further information and the applicable data protection provisions of Google, visit https://www.google.com/intl/en/policies/privacy/.
13. Data Protection Provisions Regarding the Application and Use of Jetpack for WordPress
On this website, Plugin Theme WP has integrated Jetpack, a WordPress plugin that provides additional features for website operators. Jetpack offers various functionalities such as visitor analytics, related post suggestions, social sharing tools, security features against brute-force attacks, and optimization for image loading speed.
The operating company of Jetpack Plugins for WordPress is Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, UNITED STATES. Jetpack utilizes tracking technology developed by Quantcast Inc., 201 Third Street, San Francisco, CA 94103, UNITED STATES.
Jetpack sets a cookie on the data subject’s device, which is used to collect data for website analysis purposes. This data helps create an overview of website visits and analyze user behavior to optimize the website. The collected data is not used to identify the data subject without their express consent. Quantcast also receives this data and uses it for similar purposes as Automattic.
Data subjects can prevent the setting of cookies by adjusting their browser settings, as described above. They can also delete cookies set by Automattic/Quantcast at any time via their browser or other software programs.
Additionally, data subjects can opt out of data collection by the Jetpack cookie and processing by Automattic/Quantcast by clicking the ‘opt-out’ button at https://www.quantcast.com/opt-out/, which sets an opt-out cookie on their device. If cookies are deleted, data subjects must revisit the link to set a new opt-out cookie.
However, opting out may result in limited functionality of the controller’s websites for the data subject.
For the applicable data protection provisions of Automattic, visit https://automattic.com/privacy/. For Quantcast, visit https://www.quantcast.com/privacy/.
14. Payment Method: Data Protection Provisions for the Use of PayPal as a Payment Processor
On this website, Plugin Theme WP has integrated components of PayPal, an online payment service provider. PayPal facilitates payments through virtual private or business accounts, allowing users to make payments via PayPal accounts or credit cards. These accounts are managed through email addresses instead of classic account numbers. PayPal enables online payments to third parties and offers buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
When a data subject selects “PayPal” as the payment option during the ordering process on our website, their data is automatically transmitted to PayPal for payment processing. By choosing this payment option, the data subject consents to the transfer of personal data required for payment processing.
The personal data transmitted to PayPal typically includes first name, last name, address, email address, IP address, telephone number, and other data necessary for payment processing. This data exchange aims at payment processing and fraud prevention. The controller may transfer personal data to PayPal if there is a legitimate interest in doing so. Personal data exchanged between PayPal and the controller may also be transmitted to credit agencies for identity and creditworthiness checks.
PayPal may share personal data with affiliates, service providers, or subcontractors to fulfill contractual obligations or process data on behalf of the controller.
Data subjects have the right to revoke consent for the handling of personal data at any time with PayPal. However, such revocation does not affect the processing of personal data necessary for (contractual) payment processing.
For the applicable data protection provisions of PayPal, visit https://www.paypal.com/us/webapps/mpp/ua/privacy-full.
15. Legal Basis for Processing
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations where consent is obtained for a specific purpose. Processing necessary for the performance of a contract to which the data subject is party is based on Article 6(1) lit. b GDPR. Legal obligations, such as tax obligations, form the basis for processing under Art. 6(1) lit. c GDPR.
Processing may also be necessary to protect vital interests or for the legitimate interests pursued by the controller or a third party under Article 6(1) lit. f GDPR. Such interests may include the well-being of employees and shareholders.
16. Legitimate Interests Pursued by the Controller or Third Party
Where processing is based on Article 6(1) lit. f GDPR, the legitimate interest is to conduct business for the benefit of employees and shareholders.
17. Period of Personal Data Storage
Personal data is stored according to statutory retention periods. After this period, data is routinely deleted unless necessary for contract fulfillment or initiation.
18. Provision of Personal Data as Statutory or Contractual Requirement
Some personal data provision may be required by law (e.g., tax regulations) or contractually (e.g., contractual partner information). Failure to provide necessary personal data may prevent contract conclusion.
Before providing personal data, the data subject must inquire with any employee about the necessity, legal or contractual obligations, and consequences of non-provision.
19. Existence of Automated Decision-Making
As a responsible company, we do not use automated decision-making or profiling.