Cart

Privacy statement

Arden Grange is the trading name for Leander International Pet Foods Ltd. This privacy statement explains how we use any personal information we collect about you when you use this website.

1. Introduction and general information

Thank you for your interest in our website. The protection of your personal data is very important to us. Below you will find information about how we handle your data collected through your use of our website. Your data will be processed in accordance with the statutory data protection regulations.

1.1. Definitions

Our data protection declaration should be simple and understandable for everyone. In this data protection declaration, the official terms of the General Data Protection Regulation (GDPR) are generally used. The official definitions are explained in Art. 4 GDPR.

2. About contact options, customer account, orders and newsletter

2.1. Registration in our online shop

You have the option of creating a customer account in our online shop in order to order goods. When registering and setting up your customer account, we collect and use the following personal data:

·    First and last name and title

·    Email address

·    Address

·    Date and time of registration

·    Password

In addition, voluntary information can be provided (e.g. telephone number, etc.). Mandatory information that is provided for the purpose of registration is marked as a mandatory field with an asterisk in the input mask.

The legal basis for data required to provide the customer account and order goods is Article 6 (1) (b) GDPR.

For the processing of voluntary information, the legal basis for data processing is your consent in accordance with Article 6 (1) (a) GDPR. Your data will be deleted as soon as the user account on our website is deleted and unless there are legal retention requirements. You can usually make a change and/or delete your customer account, including the data you provided, directly in your user account after logging in or by sending a corresponding message to the person responsible mentioned at the beginning.

You can change your private data (the points mentioned under 2.1 and 2.2) under the “My user account” section.

2.2. Billing and payment options

If you use paid services offered by Leander International Pet Foods Limited or the web shop, billing data, such as your credit card number, will be collected and used to bill you for the services or products you have ordered. All data collected from you by Leander International Pet Foods Limited is stored electronically. In addition, this data will only be used for information and advertising purposes if you give us your consent.

2.3. Shipping process

Due to the fully automatic shipping process, the parcel recipient's address data is stored by the warehouse/logistics service provider so that the data can be passed on to the shipping company. The partner companies involved in shipping undertake to use the stored data exclusively to process and execute the orders.

2.4. Email advertising

When you register for the newsletter, your email address will be used for our own advertising purposes until you unsubscribe from the newsletter. The deregistration is possible at any time. The wording of your consent is: ["Yes, inform me about promotions and vouchers by email, including a 10% welcome voucher for my next purchase! You can unsubscribe at any time."]. To send our newsletters, we use, among other things, the services “CrossEngage”, a so-called customer data platform (CDP) from CrossEngage GmbH (Bertha-Benz-Straße 5, 10557 Berlin), Mailjet GmbH (4 rue Jules Lefebvre, 75009 Paris) and Sendgrid (Twilio,101 Spear St 5th floor, San Francisco, CA 94105, United States).

If you would like to receive the newsletter offered on the website with regular information about our offers and products, we require your email address as mandatory information. Providing additional data is voluntary so that we can address you personally in the newsletter.

We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you our newsletter by email if you have expressly confirmed to us that you consent to the sending of newsletters. In the first step, you will receive an email with a link through which you can confirm that you, as the owner of the corresponding email address, would like to receive newsletters in the future. By confirming this, you give us your consent in accordance with Art. 6 Para. 1 lit. a GDPR that we may use your personal data for the purpose of sending the desired newsletter.

When you register for the newsletter, in addition to the email address required for sending, we store the IP address you used to register for the newsletter as well as the date and time of registration and confirmation in order to prevent possible misuse to be able to understand it at a later point in time. The legal basis for this is our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR.

You can unsubscribe from the newsletter at any time using the link included in each newsletter or by sending an email to the person responsible named above. Once you have unsubscribed, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to continued use of the data collected or continued processing is otherwise permitted by law.

Our email newsletters are sent via a technical service provider to whom we pass on the data you provided when registering for the newsletter. We have concluded an order processing agreement with our email service provider in which we oblige them to protect our customers' data and not to pass them on to third parties.

Service provider: CrossEngage GmbH

Address: Bertha-Benz-Straße 5, 10557 Berlin

Based on your consent in accordance with Article 6 Para. 1 lit. a GDPR, the service provider uses the information from the newsletter registration to send and statistically evaluate the newsletter on our behalf. For evaluation purposes, the emails sent contain so-called web beacons or tracking pixels, which represent single-pixel image files that are stored on our website. This makes it possible to determine whether a newsletter message was opened and which links, if any, were clicked on. With the help of so-called conversion tracking, it can also be analyzed whether a pre-defined action (e.g. purchasing a product on our website) took place after clicking on the link in the newsletter. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). The data is only collected pseudonymously and is not linked to your other personal data; direct personal reference is excluded. This data is used exclusively for statistical analysis of newsletter campaigns. The results of these analyzes can be used to better adapt future newsletters to the interests of the recipients.

If you would like to revoke your consent to data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.

In addition to sending promotional emails, we contacted our customers/buyers as part of the purchase process or to fulfill the performance obligation from the concluded purchase contract, among other things, with the following emails:

a) Order confirmation email

b) Shipping confirmation email

c) Order review email and others

If you do not wish to receive these order-related emails, you can also revoke the sending of these emails from us at any time using the options described.

2.4.1. Advertising to existing customers

In individual cases, we process your personal customer data in order to conduct direct advertising. You have the right to object to processing for the purpose of such advertising at any time. This also applies to profiling insofar as it is connected to this direct advertising. If you object to processing for direct advertising purposes, we will no longer process your personal data for these purposes.

3. Processing activities on our website

3.1. Accessing and storing information in terminal devices

By using our website, information (e.g. IP address) can be accessed or information (e.g. cookies) stored in your end devices. This access or storage may involve further processing of personal data within the meaning of the GDPR.

In cases where such access to information or such storage of information is absolutely necessary for the technically error-free provision of our services, this is done on the basis of Section 25 Paragraph 1 Sentence 1, Paragraph 2 No. 2 TTDSG. In cases where such a process serves other purposes (e.g. the needs-based design of our website), this will only take place on the basis of Section 25 Paragraph 1 TTDSG with your consent in accordance with Article 6 Paragraph 1 Letter a GDPR. The consent can be revoked at any time in the future. The requirements of the GDPR and the Federal Data Protection Act (BDSG) apply to the processing of your personal data.

Further information on the processing of your personal data and the relevant legal bases in this context can be found in the following sections on the specific processing activities on our website.

3.2. Web hosting

This website is hosted by an external service provider (ScaleCommerce GmbH). This website is hosted in Germany. Personal data collected on this website is stored on the host's servers. This can include IP addresses, contact requests, meta and communication data, website access and other data generated via a website.

We collect the data listed in order to ensure a smooth connection to the website and a technically error-free provision of our services. The processing of this data is strictly necessary to provide you with the website. The legal basis for processing the data is our legitimate interest in the correct presentation and functionality of our website in accordance with Article 6 (1) (f) GDPR.

We have concluded an order processing agreement with the provider in accordance with the requirements of Art. 28 GDPR, in which we oblige them to protect our customers' data and not to pass them on to third parties.

3.3. Server log files

When you access our website, it is technically necessary that data is transmitted to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:

·    Date and time of the request

·    Name of the requested file

·    Page from which the file was requested

·    Access status

·    Web browser and operating system used

·    (Full) IP address of the requesting computer

·    Amount of data transferred

We collect the data listed in order to ensure a smooth connection to the website and a technically error-free provision of our services. The processing of this data is strictly necessary to provide you with the website. The log files are used to evaluate system security and stability as well as for administrative purposes. The legal basis for processing the data is our legitimate interest in the protection and functionality of our website in accordance with Article 6 (1) (f) GDPR.

For reasons of technical security, in particular to prevent attempts to attack our web server, we store this data for a short time. After 90 days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a connection to the individual user.

3.4. Cookies

Our website uses so-called “cookies”. Cookies are small text files that are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically solves them. 

Cookies have various functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or language settings). Other cookies are used to evaluate user behaviour or display advertising. 

The processing of data through the use of absolutely necessary cookies is based on a legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR in the technically error-free provision of our services. For details on the processing purposes and legitimate interests, please see the information on specific data processing.

The processing of personal data through the use of other cookies is based on consent in accordance with Article 6 (1) (a) GDPR. The consent can be revoked at any time in the future. If such cookies are used for analysis and optimization purposes, we will inform you about this separately as part of this data protection declaration and obtain consent in accordance with Art. 6 Para. 1 lit. a GDPR.

You can set your browser so that you

·    Be informed about the setting of cookies.

·    Only allow cookies in individual cases.

·    Exclude the acceptance of cookies for certain cases or in general.

·    Enable the automatic deletion of cookies when closing the browser.

Cookie settings can be managed using the following links for each browser:

·    Google Chrome 

·    Mozilla Firefox 

·    Edge (Microsoft) 

·    Safari 

·    Opera  

You can also individually manage cookies from many companies and functions used for advertising. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices/ or  http://www.youronlinechoices.com/uk/your-ad-choices .

Most browsers also offer a so-called “Do-Not-Track-Function”. When this feature is enabled, your browser tells advertising networks, websites, and applications that you do not want to be “tracked” for behavioural advertising and similar purposes.

Depending on your browser provider, you can find information and instructions on how to edit this function using the following links:

·    Google Chrome

·    Mozilla Firefox

·    Edge (Microsoft)

·    Safari

·    Opera

In addition, you can prevent so-called scripts from loading by default. “NoScript” allows JavaScript, Java and other plug-ins to be executed only on trusted domains of your choice. Information and instructions on how to edit this function can be obtained from your browser provider (e.g. for Mozilla Firefox at:  https://addons.mozilla.org/de/firefox/addon/noscript/ ).

Please note that if you deactivate cookies, the functionality of our website may be restricted.

3.4.1. Change cookie settings

You can revoke or change your cookie settings at any time. To do this, access the cookie settings again via our integrated thumbprint. You can always find this at the bottom left of the website."

or

You can revoke or change your cookie settings at any time. To do this, access the cookie settings again using the button above.

4. Processing by individual providers

4.1. Google services

4.1.1. Google Analytics

Our website uses Google Analytics, an internet analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called “cookies”.

Google will use this information on behalf of the operator of this website to evaluate your use of the website and to create reports on website activity. Google will also use this information to provide the website operator with other services related to the use of the website and the Internet. The IP address sent by your browser as part of Google Analytics is not combined with other data from Google. The processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR on the basis of the consent you have given.

We only use Google Analytics with IP anonymization activated. This means that your IP address will only be processed by Google in a shortened form.

We have concluded an order processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass them on to third parties.

The Google Analytics terms of use and data protection information can be accessed via the following links:

https://marketingplatform.google.com/about/analytics/terms/us/

https://policies.google.com/privacy?hl=en-US

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. A deletion of user and event-level data associated with cookies, user identifiers (e.g. User ID) and advertising IDs (e.g. DoubleClick cookies, Android Advertising ID, IDFA [Apple Advertiser Identifier ]) are linked no later than 14 months after they were collected.

You can prevent cookies from being stored by adjusting the settings of your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this website without restrictions. You can also prevent Google from collecting the data generated by the cookie and from analyzing your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout is available.

4.1.2. Google Fonts

We use “Google Fonts”, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: “Google”) on our website. Google Fonts allows us to use external fonts. When you access our website, the required Google Fonts are loaded from your web browser into your browser cache. This is necessary so that your browser can display a visually improved representation of our texts. If your browser does not support this function, a standard font from your computer will be used for display. These Google Fonts are integrated via a server call, usually a Google server in the USA. This sends information to the server about which page of our website you have visited. The IP address of the browser of the visitor's device is also stored by Google.

We use Google Fonts for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. The processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR on the basis of the consent you have given. This consent can be revoked at any time with future effect.

Further information on data protection can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en-US

Further information about Google Fonts can be found at https://fonts.google.com/

4.1.3. Google Tag Manager

This website uses the Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. This means: No cookies are used and only the user's IP address is transmitted to Google to establish the connection. The Google Tag Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data If a deactivation has been made at the domain or cookie level, it remains in effect for all tracking tags if they are implemented with the Google Tag Manager.

We use Google Tag Manager based on your consent in accordance with Article 6 (1) (a) GDPR.

Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-US Data Privacy Framework. Google LLC is certified according to the EU-US Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

4.1.4. Google Ads

We use “Google Ads”, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”) on our website. We use Google Ads for marketing and optimization purposes, in particular to show ads that are relevant and interesting to you.

If you have given us your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, we can use Google Ads to draw attention to our attractive offers using advertising materials on external websites. This allows us to determine how successful individual advertising measures are.

These advertising materials are delivered by Google via so-called “AdServers”. For this purpose, we use so-called ad server cookies, through which certain parameters can be measured to measure success, such as display of ads or clicks by users.

If you reach our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually expire after 30 days. They are not intended to identify you personally. The following information is usually stored for this cookie as analysis values: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wants to be addressed). These cookies enable Google to recognize your web browser. If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Ads customer is assigned a different cookie. Cookies cannot therefore be tracked via the websites of Ads customers. We ourselves do not collect or process any personal data in the advertising measures mentioned. We only receive statistical evaluations from Google. Based on these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of advertising materials; in particular, we cannot identify users based on this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. As far as we know, Google receives the information that you have accessed the relevant part of our website or clicked on an advertisement from us. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out and store your IP address.

Further information about Google's use of data, settings and objection options, and data protection can be found on the following Google websites:

·    Data protection declaration: https://policies.google.com/privacy?hl=en-US

·    Google website statistics: https://services.google.com/sitestats/en.html

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to fully use all functions of our website. It is also possible to prevent the storage of cookies by setting your web browser so that cookies from the domain “www.googleadservices.com” are blocked (https://www.google.com/settings/ads). Please note that this setting will be deleted if you delete your cookies. You can also deactivate interest-based ads via the link http://optout.aboutads.info. We would like to point out that this setting will also be deleted if you delete your cookies.

4.1.5. Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

reCAPTCHA is intended to check whether data entry on our website (e.g. in a contact form) is done by a human or by an automated program. To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information, e.g.

·    IP address.

·    Length of stay of the website visitor on the website.

·    Mouse movements made by the user.

The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place. Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f GDPR. We have a legitimate interest in protecting our website from abusive, automated spying and unwanted, automated mailings (spam).

We do not store any personal data from the use of reCAPTCHA. In general, the personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies.

Further information about Google reCAPTCHA and Google's privacy policy can be found under the following links: https://policies.google.com/privacy?hl=en-US

 and https://www.google.com/recaptcha/intro /v3beta.html

4.1.6. Google Marketing Platform (Campaign Manager, Doubeclick)

On our website we use tools from the Google Marketing Platform, a service provided by Google Inc. or Google Ireland Limited, based in Gordon House, Barrow Street Dublin 4, Ireland.

Within the Google Marketing Platform, we use the “Display & Video 360” tool and the associated “Floodlight Tags” to measure the effectiveness of our advertising campaigns, only show advertisements that are relevant to your interests, and limit the frequency of these. For this purpose, you will be assigned a cookie ID, which makes it possible to determine information about the advertising you clicked on and your previous usage behaviour on third-party websites. In addition, the Floodlight tags help us understand whether you take certain actions on our website after viewing or clicking on one of our display/video ads on another platform (conversion tracking).

We also use the “Campaign Manager”, a tool that helps us place and manage ads that are relevant to you. Campaign Manager provides us with reports on the performance of our campaigns and helps us avoid showing you the same ads multiple times. Furthermore, so-called conversions can be recorded with the Campaign Manager. This means that we and the provider know when you view certain advertisements and make a purchase through them.

If you give us your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR, we will use the Google Marketing Platform tools such as tags, visitor pixels and cookies to track whether you carry out certain actions on our website. Here, your IP address is processed, an ID is assigned and information about your views and clicks is transmitted to the Google server. If you have a Google account, Google can assign these interactions to your account. You can revoke your consent at any time with future effect. The storage period for cookies from the Google Marketing Platform is up to a maximum of 180 days.

Further information about Campaign Manager can be found at https://marketingplatform.google.com/about/enterprise/

Further information about data protection at Google can be found at https://policies.google.com/privacy?hl=en&gl=en

4.1.7. Third country transfers to Google

Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-US Data Privacy Framework. Google LLC is certified according to the EU-US Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

4.2. Facebook pixels

On our website we use “Facebook Pixel”, a service provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor Dublin 2, Ireland (hereinafter referred to as: “Facebook / Instagram”).

If you have given us your consent in accordance with Article 6 Para. 1 lit improve it, make it more interesting for you as a user and avoid annoying ads.

Facebook Pixel makes it possible to show our ads on Facebook and Instagram, so-called “Facebook/Instagram ads”, only to those Facebook and Instagram users who were visitors to our website, in particular who have shown interest in our online offering. In this case, Facebook Pixel also makes it possible to check whether a user was redirected to our website after clicking on our Facebook/Instagram ads. Facebook Pixel uses, among other things, cookies, i.e. small text files that are stored locally in the cache of your web browser on your device. If you are logged into your user account on Facebook or Instagram, your visit to our online offering will be noted in your user account. The data collected about you is anonymous to us, so it does not allow us to draw any conclusions about the identity of the user. However, this data from Facebook or Instagram can be linked to your user account there. If you have a user account with Facebook or Instagram and are registered, Facebook or Instagram can assign the visit to your user account.

Since it is possible for personal data to be transferred by Facebook / Instagram to affiliated companies and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-US Data Privacy Framework. Facebook / Instagram or Meta Platforms, Inc. is certified according to the EU-US Data Privacy Framework and is therefore committed to adhering to appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/ participant search.

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

Further information from the third-party provider on data protection can be found on the following Facebook or Instagram website: https://www.facebook.com/about/privacy or https://help.instagram.com/519522125107875

Information about Facebook pixels can be found on the following Facebook website: https://www.facebook.com/business/help/651294705016616

You can make the settings regarding which types of advertisements are displayed to you within Facebook or Instagram on the following Facebook or Instagram website: https://www.facebook.com/settings?tab=ads or https: //help.instagram.com/245100253430454

Please note that this setting will be deleted if you delete your cookies. In addition, you can deactivate cookies that are used to measure reach and for advertising purposes via the following websites:

http://optout.networkadvertising.org/

http://www.aboutads.info/choices

http://www.youronlinechoices.com/uk/your-ad-choices/

We would like to point out that this setting will also be deleted if you delete your cookies.

4.3. Microsoft Advertising (Bing Ads, Bing Conversion)

Our website uses Bing Ads from Microsoft Corporation One Microsoft Way, Redmond, WA 98052-6399, USA for marketing and analysis purposes. (“Microsoft Advertising”).

If you have given us your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, Microsoft Bing Ads will store cookies on your computer. Microsoft Bing and we can recognize that someone clicked on our ad, was redirected to us and previously reached a specific target page (conversion page). Microsoft processes and uses the cookie to create usage profiles using pseudonyms, analyse user behaviour and display advertisements. The following data is collected for this purpose:

·    IP address

·    Browser information

·    User IDs

·    Language

·    Information about how you interact with ads

·    URL and referrer URL

·    UET ID tag

·    User agent data

·    Visit data (duration, number)

·    Data about your screen resolution/colour depth settings

·    Conversion data

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected.

We have concluded an order processing agreement with our service provider Microsoft, in which we oblige them to protect our customers' data and not to pass it on to third parties.

Since it is possible for Microsoft to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protection mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-US Data Privacy Framework. Microsoft Inc. is certified according to the EU-US Data Privacy Framework and is therefore committed to adhering to appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

Further information on data protection at Microsoft can be found on the following page: https://privacy.microsoft.com/de-de/privacystatement

4.4.Yahoo Analytics

This website uses the web analysis service “Yahoo Web Analytics”, which is provided by the service provider Yahoo! EMEA Limited, 5-7 Point Village, North Wall Quay, Dublin 1, Ireland.

Using Yahoo Web Analytics, we can carry out statistical analysis of user behavior on our website for optimization and marketing purposes and collect, evaluate and store pseudonymized visitor data. This is

·    Browser information

·    IP address

·    Interactions on the website

·    Links clicked

·    Location

·    Advertising that was interacted with

Pseudonymized usage profiles can be created and evaluated from this data for the same purpose. Data on the period of time that the site visitor spent on the website and the links clicked on or the advertisements viewed on these pages are included in the pseudonymized usage profile.

Yahoo Web Analytics uses web beacons and cookies to collect this data. Web beacons are small graphics integrated into the website that enable log file recording and log file analysis. The legal basis is your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR. This can be revoked at any time with future effect.

Further information about Yahoo Web Analytics technology can be found on the website: https://policies.yahoo.com/ie/de/yahoo/privacy/topics/webanalytics/index.htm

Further information about data protection at Yahoo can be found in the data protection declaration.

4.5.AWIN

On our website we use the performance advertising network of AWIN AG, Landsberger Allee 104 BC, 10249 Berlin. AWIN is a German affiliate network and serves as an interface between retailers (merchants) and sales partners (affiliates).

Affiliate marketing is an Internet-based form of sales that enables commercial operators of websites, the so-called merchants or advertisers, to place advertising, which is usually paid for through click or sale commissions, on third-party websites, i.e. sales partners who are also affiliates or publishers to be shown. The merchant provides an advertising medium via the affiliate network, i.e. an advertising banner or other suitable means of Internet advertising, which is subsequently integrated by an affiliate on its own websites or via other channels, such as keyword advertising or e-mail. Marketing, to be advertised.

As part of its services, AWIN sets tracking cookies on the end devices of users who visit or use its customers' websites or other online offerings to document transactions (e.g. leads and sales). AWIN's tracking cookies store information about when a specific advertising medium was clicked on by a device. The AWIN tracking cookies also store an individual number sequence that cannot be assigned to the individual user and is used to document an advertiser's partner program, the publisher, and the time of the user's action (click or view). AWIN also collects information about the device from which a transaction is carried out, e.g. the operating system and the browser that is accessing it. The purpose of storing this data is to process commission payments between a merchant and the affiliate, which are processed via the affiliate network, i.e. AWIN. If the information also contains personal data, the processing described is carried out on the basis of consent in accordance with Article 6 (1) (a) GDPR.

AWIN's data protection regulations can be accessed at https://www.awin.com/de/rechts/privacy-policy.

4.6. Hotjar

Our website uses the Hotjar web analysis service from Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (“Hotjar”).

Using Hotjar's technology, we get a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click, etc.). This helps us to align our offering with feedback from our users. Hotjar works with cookies and other technologies to collect data about the behaviour of our users and their devices, in particular the IP address of the device (is only recorded and stored in anonymized form during your use of the website), screen size, device type (Unique Device Identifiers), information about the browser used, location (country only), preferred language for displaying our website. Hotjar stores this information on our behalf in a pseudonymized user profile.

When using this tool, we pay particular attention to protecting your personal data. This means we can only track which buttons are clicked, the path of the mouse, how far the device is scrolled, the screen size of the device, device type and browser information, geographical location (country only) and the preferred language to display our website. Areas of the websites on which personal data from you or third parties are displayed are automatically hidden by Hotjar and are therefore not traceable at any time. The use of Hotjar and the associated processing of personal data takes place on the basis of your consent in accordance with Article 6 Paragraph 1 Letter a GDPR.

Hotjar generally stores customer data in the European Union. However, personal data may also be transferred to third countries outside the EU and the EEA. In these cases, additional protective mechanisms must be put in place to ensure the level of data protection in accordance with the requirements of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient in the third country to process the data in accordance with the level of protection in the EU.

Hotjar offers every user the opportunity to prevent the use of the Hotjar tool using a “Do Not Track header” so that no data about the visit to the respective website is recorded. This is a setting that all common browsers support in current versions. To do this, your browser sends a request to Hotjar to deactivate the tracking of the respective user. If you use our websites with different browsers/computers, you must set up the “Do Not Track header” separately for each of these browsers/computers. You can prevent the use of Hotjar by going to the opt-out page https://www.hotjar.com/legal/compliance/opt-out and clicking “Deactivate Hotjar”.

More information about Hotjar Ltd. and about the Hotjar tool can be found at: https://www.hotjar.com . The privacy policy of Hotjar Ltd. can be found at: https://www.hotjar.com/privacy

4.7. AdTriba

This website uses technologies from Adtriba GmbH – Beim Schlump 13a, 20114 Hamburg to collect and store data, from which usage profiles are created using pseudonyms.

These usage profiles are used to analyse visitor behaviour and are evaluated to improve and tailor our offering to meet your needs. Cookies can be used. These are small text files that are stored locally on the site visitor's device and thus enable recognition when you visit our website again. The following data is processed:

·    IP address

·    Device information

·    User ID

·    Analysis data from Google Analytics

·    Information about your orders with us

·    Information about which channel you used to come to our site

The legal basis is your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR. You can revoke this at any time with future effect.

Further information about the processing of your data can be found on Adtriba's website and privacy policy.

4.8. CrossEngage

 

We use the “CrossEngage” tool on our website, a so-called customer data platform (CDP) from CrossEngage GmbH (Bertha-Benz-Straße 5, 10557 Berlin) for the purpose of analysing the interactions of our website visitors and for event tracking, to provide personalized offers to our website visitors.

Crossengage allows us to show you individualized content and offers in real time. If you agree to the use of Crossenange, the service consolidates relevant user data from various data sources. Among other things, your email address, if you have given it to us as part of the website or an order, will be passed on to Crossengage in order to send you personalized emails based on the analysis of your interactions.

For this purpose, Crossengage also uses cookies, which are used to determine the following information:

·    Browser type.

·    Date and time of visit.

·    Referral URL.

·    Operating system.

·    Information about pages visited.

·    Information about interactions.

·    IP address.

The storage period for the cookies is 15 months. We have concluded an order processing agreement with Crossengage, in which we oblige the provider to protect your data and only process it on behalf of you. The legal basis for the use of Crossengage is Article 6 Paragraph 1 Letter a) GDPR, your voluntary consent.

You can find more information about data protection at Crossengage in the provider's data protection declaration: https://www.crossengage.io/de/security-trust-center-crossengages-security/ 

4.9. MessengerPeople

By sending a start message, I agree to the validity of the internal data protection regulations of Leander International Pet Foods Limited.

In particular, in accordance with Art. 6 Para. 1 lit. processed and used to transmit messages to me. To use the messenger service, an active account with the respective provider is required.

I am also aware that Healthfood24 GmbH uses MessengerPeople GmbH, Seidlstraße 8, 80335 Munich as a technical service provider and processor to provide this service.

My consent to the processing of personal data can always be freely revoked; For this purpose, a corresponding notification to Leander International Pet Foods Limited is sufficient. Further information can be found in the respective data protection guidelines of Leander International Pet Foods Limited, the messenger services and MessengerPeople GmbH.

I am also aware that Leander International Pet Foods Limited uses MessengerPeople GmbH, Seidlstraße 8, 80335 Munich as a technical service provider and processor to provide this service.

My consent to the processing of personal data can always be freely revoked; For this purpose, a corresponding notification to Leander International Pet Foods is sufficient. Further information can be found in the respective data protection guidelines of Leander International Pet Foods, the messenger services and MessengerPeople GmbH.

4.10. Chatchamp

When communicating via the chat widget on the website, the service of chatchamp UG (c/o WERK1, Atelierstraße 29, 81671 Munich, Germany) (hereinafter “Chatchamp”) is used. The conversation data is forwarded to Chatchamp's servers and evaluated there.

This may include, among other things, the following data: The conversation history and answers to questions asked in the chat. This data is needed to enable personalized communication. The chat widget is provided based on our legitimate interest in accordance with Article 6 Paragraph 1 Letter f) GDPR to offer you an easy way to communicate. The content entered in the chat is processed, provided this concerns the conclusion of a purchase contract, based on Art. 6 Para. 1 lit. b) GDPR, the implementation of pre-contractual measures. Otherwise, processing is based on our legitimate interest in answering your questions and communicating with you.

Further information on data protection at Chatchamp can be found at https://www.chatchamp.com/privacy/ .

4.11. Makaira

On our website we use the provider Makaira (Seckenheimer Hauptstraße 113, 68239 Mannheim) to display our store front.

When you visit our website, third-party content from Makaira is loaded and a connection is established to this service provider's website. Device information and your IP address are processed here. Makaira is a service that is necessary to display our website. Therefore, the legal basis for the processing of your data in this context is Article 6 Paragraph 1 Letter f) GDPR, our legitimate interest in providing our website.

Data processing takes place for as long as is necessary to enable you to visit the website. No cookies are set by Makaira and processing takes place solely for the purposes mentioned above.

Further information about data protection at Makaira can be found in the provider's data protection information: https://www.makaira.io/de/datenschutz/

4.12. Criteo/Outbrain

This website uses functions from Criteo. The provider is Criteo SA, 32 Rue Blanche, 75009 Paris (hereinafter “Criteo”).

Criteo is used to show you interest-based advertisements within the Criteo advertising network. Your interests are determined based on your previous usage behavior. For example, Criteo records which products you have viewed, added to your shopping cart or purchased. Further details about the data collected by Criteo can be found here: https://www.criteo.com/de/privacy/how-we-use-your-data/ .

In order to show you interest-based advertising, we or other Criteo partners need to be able to recognize you. For this purpose, a cookie is stored on your device or a comparable identifier is used, which links your user behavior with a pseudonymous user profile. Details can be found in Criteo's privacy policy at: https://www.criteo.com/de/privacy/ . The legal basis for this is your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR. You can revoke this at any time.

Your personal data and the Criteo cookies stored in your browser will be stored for a maximum of 13 months from the date of collection.

Criteo and we are jointly responsible within the meaning of Art. 26 GDPR. A joint processing agreement has been concluded between Criteo and us, the essential contents of which Criteo describes under the following link: https://www.criteo.com/de/privacy/how-we-use-your-data/ .

4.13. AdForm

This website uses the online marketing tool Adform from Adform A/S (Wildersgade 10B, 1, 1408 Copenhagen K, Denmark). Adform uses cookies to show ads that are relevant to users, to improve campaign performance reporting, or to prevent a user from seeing the same ads multiple times. Adform uses a cookie ID to record which ads are shown in which browser and can thus prevent them from being displayed multiple times. In addition, Adform can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, if a user sees an Adform ad and later visits the advertiser's website using the same browser and buys something there. Adform cookies do not contain information such as email addresses, names or addresses.

Due to the marketing tools used, your browser automatically establishes a direct connection with Adform's server; your IP address can also be processed. By integrating the Adform cookie, Adform receives the information that you have accessed the relevant part of our website or clicked on one of our advertisements.

In addition, the Adform cookies used enable us to understand whether you carry out certain actions on our website after you have accessed or clicked on one of our display/video ads on another platform via Adform (conversion tracking). Adform uses this cookie to understand the content you have interacted with on our websites in order to later send you targeted advertising.

We only use this cookie-based service on our website after your prior consent in accordance with Art. 6 Para. 1 lit.a GDPR. The lifespan of the cookies is up to 13 months.

You can adjust or revoke your consent at any time by calling up the “Cookie Management” again via a link in the footer.

For more information about Adform, please visit: https://site.adform.com/privacy-center/overview/ .

4.14. Calendly

You have the opportunity to book appointments with our employees via our website. For this purpose, we use Calendly, a service provided by Calendly, LLC, 1315 Peachtree St NE, Atlanta, GA 30309.

If you would like to book an appointment with us, you can use the form provided in our contact options. The data you provide (name, email address) will then be transmitted to the respective contact person via Calendly and the data will be entered into our calendar (Outlook). In addition, the data can be viewed in the Calendly login area and is stored there until it is no longer needed to achieve the purpose for which it was collected. As a rule, the data is not stored for longer than 120 days.

You will receive an appointment confirmation by email in which you have the opportunity to enter the appointment details in your calendar.

The purpose of processing the data provided is to be able to make an appointment, process the contact request and get in touch with you. The legal basis for processing is Art. 6 (1) f) GDPR, our legitimate interest in offering you the opportunity to independently arrange appointments with us whenever it suits you. This simplifies coordination and enables efficient appointment scheduling.

We have concluded a data processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass it on to third parties.

Since it is possible for Calendly to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-US Data Privacy Framework. Microsoft Inc. is certified according to the EU-US Data Privacy Framework and is therefore committed to adhering to appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

4.15. OpenStreetMap

Our homepage uses the online map service provider OpenStreetMap via an interface. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently. The map service provider is OpenStreetMap Foundation (“OSMF”), St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom.

In order to use the functionality of OpenStreetMap, it is necessary to save your IP address. The legal basis for the processing of your personal data is our legitimate interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. Our legitimate interest is to improve the user-friendliness of our website. Your internet browser connects to servers operated by OSMF in the UK and in countries in the EU (Ireland, Netherlands).

With regard to the transfer of data to the United Kingdom, there is an adequacy decision by the EU Commission within the meaning of Article 45 (1) GDPR. As the operator of this website, we have no control over such connections and the processing of your data by OSMF. Further information about the processing of user data by OSMF can be found in the privacy policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy

4.15 Taboola

This website uses "Taboola", a technology provided by Taboola Inc., 1115 Broadway, 7th Floor, New York, NY 10010, USA.

Taboola uses cookies and visitor pixels to determine which content on our website you use and which of our pages you visit when you have reached our website by clicking on a Taboola advertisement. Personalized advertising can also be displayed using Taboola. Your shortened IP address at the time of access, the operating system used, the previously visited pages through which you reached our website, general location information and a unique ID are transmitted to the external provider.

This procedure is used to evaluate the effectiveness of the advertisements for statistical and market research purposes and can help to optimize future advertising measures. These usage profiles do not allow any conclusions to be drawn about you personally and are anonymous to us.

According to Taboola, the data collected in this way will be stored for a period of 13 months. After 13 months, the data will be anonymized so that it can no longer be associated with you.

The legal basis for data processing is your consent in accordance with Article 6 Paragraph 1 Letter a GDPR.

Processing can be prevented via the opt-out option on Taboola's website: https://www.taboola.com/policies/privacy-policy .

Since personal data is transferred to third countries (including the USA), further protective mechanisms are required to ensure the data protection level of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavor to obtain additional regulations and commitments from the recipient in the third country.

For further information, please see Taboola's privacy policy at https://www.taboola.com/policies/privacy-policy .

5. Payment options and shipping

We collect, process and use personal data only to the extent that it is necessary for the establishment, content or change of the legal relationship (inventory data). This is done on the basis of Article 6 Paragraph 1 Letter b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. We only collect, process and use personal data about the use of this website (usage data) to the extent necessary to enable the user to use the service or to bill for it.

The customer data collected will be deleted after the order has been completed or the business relationship has ended. Statutory retention periods remain unaffected.

5.1. Data transmission when concluding a contract for online shops, retailers and shipping of goods

We only transmit personal data to third parties if this is necessary as part of the contract processing, for example to the company entrusted with the delivery of the goods or the credit institution entrusted with the payment processing. The data will not be transmitted further or will only be transmitted if you have expressly agreed to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The basis for data processing is Article 6 Paragraph 1 Letter b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.

5.2. Shipping service provider

Your goods will be delivered by one of the following shipping service providers:

·    DPD

In accordance with Article 6 Paragraph 1 Letter a of the GDPR, we will pass on your email address to DPD before delivery of the goods for the purpose of agreeing on a delivery date or for delivery notification, provided that you have given your express consent to this in the ordering process. The consent can be revoked at any time with future effect from the person responsible above or from the transport service provider DPD.

Otherwise, we will only pass on the name of the recipient and the delivery address to DPD for the purpose of delivery in accordance with Article 6 (1) (b) GDPR. The data will only be passed on to the extent that this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with DHL or delivery notification is not possible.

5.3. Payment provider

5.3.1 Stripe

On this website, we offer payment via Stripe, among other options. The provider of this payment service is Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin D02 H210, Ireland (hereinafter referred to as "Stripe").

If you choose to pay via Stripe, the payment details you enter will be transmitted to Stripe. Additionally, Stripe receives the email address stored in your profile, if available.

The transmission of your data to Stripe is based on Article 6(1)(b) of the GDPR (processing for the performance of a contract) and in the interest of a smooth, convenient, and secure payment process (Article 6(1)(f) of the GDPR). If your consent is requested for certain actions, Article 6(1)(a) of the GDPR serves as the legal basis for data processing. You have the option to revoke your consent to data processing at any time. Revocation does not affect the legality of the data processing carried out in the past.

Since the transfer of personal data by Stripe to affiliated companies and subcontractors in countries outside the EU and the EEA is possible, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission according to Article 45(1) of the GDPR regarding companies certified under the EU-U.S. Data Privacy Framework. Stripe Inc. is certified under the EU-U.S. Data Privacy Framework and thus commits to comply with adequate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search.

Further information on data protection at Stripe can be found at https://stripe.com/privacy.

6. Your rights

Below you will find information about which data subject rights the applicable data protection law grants you vis-à-vis the person responsible regarding the processing of your personal data:

The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if it was not collected by us, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information about its details.

The right to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR.

The right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is carried out to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or Defense of legal claims is necessary.

The right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you dispute the accuracy of the data, the processing is unlawful but you refuse its deletion and we no longer need the data but you want to use it You need to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.

The right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible.

The right to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our registered office stated above or, if applicable, that of your usual place of residence or place of work.

The right to revoke consent given in accordance with Article 7 Paragraph 3 of the GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.

6.1. Right to object

If your personal data is processed by us on the basis of legitimate interests in accordance with Art. 6 Para. 1 Sentence 1 Letter f of the GDPR, you have the right to object to the processing of your personal data in accordance with Art reasons that arise from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct advertising, you have a general right to object without the need to specify a special situation.

7. Safe and secure shopping

We never share your personal information with third parties or other advertisers. Your data will only be used to process your order. To ensure that you are optimally protected when shopping, we use for all transactions (i.e. when you are in the “My Account” or “Checkout” area, as well as throughout the entire payment process (i.e. as soon as you have clicked “Checkout” in the following steps) a 128-bit SSL encryption (secure sockets layer protocol). The data you transmit (such as address or credit card information) is encrypted in such a way that no third party can access it.

8. Legal Obligations

The provision of personal data for the decision to conclude a contract, to fulfill the contract or to carry out pre-contractual measures is voluntary. However, we can only make the decision within the framework of contractual measures if you provide such personal data that is necessary for the conclusion of the contract, the fulfillment of the contract or pre-contractual measures.

9. Automated decision making

There is no automated decision-making or profiling in accordance with Art. 22 GDPR.

10. Changes to the data protection information

Leander International Pet Foods Limited reserves the right to update this data protection information. In the event of changes that could be detrimental to you, Leander International Pet Foods Limited will inform you of this with a reasonable advance notice.