Data protection

Notes on data protection

Data collection and data use

Personal data is information that can be used to identify an individual. This includes, for example, your name, address, email address, or telephone number.

(1) Collection of personal data when using the website

If you simply use the website for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and ensure stability and security:

IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request originates, browser, operating system and its interface, language and version of the browser software. The legal basis for storing the data is Art. 6 (1) (f) GDPR.

(2) Collection of personal data upon registration

We offer you the opportunity to register on our website by providing personal information. Depending on the type of contract concluded, we store the following data:

Surname, first name Address Billing address Email address Telephone number

During the registration process, you will be asked whether you have read and agree to the privacy policy. You confirm this by clicking the appropriate box and checking the appropriate box. By doing so, you consent to the use of your personal data for the following purposes:

Processing of orders Sending of direct advertising, e.g. by e-mail, package insert or post, sending of offers and vouchers Sending of evaluation requests Sending of our newsletter

In the case of your consent, the legal basis for the processing of the data is Art. 6 (1) (a) GDPR and, if the registration serves the performance of a contract or the implementation of pre-contractual measures with you, additionally Art. 6 (1) (b) GDPR.

Name and contact details of the person responsible

(3) The controller responsible for the management of personal data is

Nextlevelnutrition GmbH Industriestrasse 9 79541 Lörrach

Managing Director: Eric Ziehme

E-mail: datenschutz@nextlevelnutrition.de

(4) Contact details of the data protection officer

You can reach our data protection officer at: Email: datenschutz@nextlevelnutrition.de

Purposes of processing personal data

(5) We only store your data for the following purposes:

To process orders (including payment processing and, if applicable, credit checks), to send you advertising from us and for customer service.

We store and process your personal data at our central headquarters.

Your personal data will only be transferred to third parties if this is necessary for the execution of the contract or for billing or collection purposes (e.g. shipping companies or payment service providers) or if you have expressly consented.

The legal basis for the transfer of data to third parties for the purpose of contract processing or for billing purposes is Art. 6 (1) (b) GDPR and Art. 6 (1) (c) GDPR for disclosure in cases ordered by law.

Duration of data storage

We store your data for as long as the respective purpose requires, taking into account your legitimate interests. If a tax retention period applies to certain data processed for the execution of purchase contracts, the data will be stored for 6 or 10 years. During this period, data processing is restricted after 2 years, meaning the data will only be used to comply with legal obligations. The retention period begins at the end of the calendar year in which the order was placed by the customer or the contract was fulfilled.

Disclosure of personal data to third parties We may disclose your personal data to the following companies/categories of persons in accordance with legal requirements:

Tax, audit and other authorities External service providers and professional advisors such as lawyers, auditors, accountants, credit agencies, debt collection agencies, postal/shipping service providers, freight forwarders e.g. UPS, DHL, Deutsche Post Payment providers such as PayPal, Klarna, Amazon Pay, Apple Pay, Shopify Payments, Google Pay

E-Commerce Plattform Shopify

To operate our online store, we use Shopify, a service provided by Shopify Inc., 126 York Street, Suite 200, Ottawa, ON, Canada, K1N 5T5. For more information on data protection, please refer to Shopify's privacy policy.

Your rights

You have the following rights:

  1. Revocation of consent

  2. right to information

  3. Right to Rectification

  4. Right to erasure or restriction of processing

  5. Right to object to processing

  6. Right to data portability

You also have the right to lodge a complaint with the competent data protection supervisory authority for Baden-Württemberg:

The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg Lautenschlagerstraße 20 70173 Stuttgart Telephone: 0711/615541-0 Email: poststelle@lfdi.bwl.de

 

contact form

If you send us inquiries via the contact form, we will use your data exclusively to process your request. This data will not be used for advertising purposes or passed on to third parties.

The legal basis for the processing of data transmitted via the contact form or in the course of sending an e-mail is Art. 6 (1) (f) GDPR. If the contact is also aimed at concluding a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR.

The data you enter in the contact form will be stored by us until you ask us to delete it, revoke your consent to its storage or the purpose for which it was stored has ceased to apply.


Cookies

To make visiting our website more attractive and to enable the use of certain functions, we use cookies. These are small text files that your web browser receives and stores on your computer when you visit our website. Some cookies are deleted immediately after you close your browser. Other cookies remain permanently on your computer and allow us to recognize you or your computer the next time you visit our website.

This site uses the following types of cookies, the scope and functionality of which are explained below:

  • Transient cookies: These are automatically deleted when you close your browser.
  • Persistent cookies: These remain stored on your device until they are manually deleted or expire.

You can disable cookies in your browser settings. However, please note that doing so may limit the functionality of the website.


Analysetools

Use of Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google LLC. Google Analytics uses cookies to analyze website usage. The data is processed anonymously.

You can prevent Google Analytics from collecting your data by this Browser-Plugin install.


Social Media Links

We link to social media platforms such as Facebook, Instagram, and YouTube. No automatic data transfer occurs. Clicking on the links will redirect you to the respective platform.


Legal basis for the processing of data

The processing is carried out on the basis of Art. 6 (1) (f) GDPR to protect our legitimate interests in the secure and stable presentation of our website.

Marketing & Communication

Using Klaviyo for marketing and communications
We use Klaviyo to send transactional emails and marketing communications, including newsletters, special offers, and order confirmations. Klaviyo acts as a data processor and processes personal data on our behalf in strict compliance with the Swiss Federal Data Protection Act (DPA).

Data categories
The personal information we collect and share with Klaviyo includes, but is not limited to:

  • Your name and email address

  • Purchase history and order details

  • Your interactions with our emails, including opens, clicks, and preferences

  • Your behavior on our website, such as pages viewed and items added to your shopping cart

Purpose of data processing
We use Klaviyo for email marketing with amail agency for the following purposes:

  • Sending essential transactional emails related to your orders

  • Providing personalized marketing communications, including product recommendations and special offers

  • Analyzing customer behavior to improve our services and marketing strategies

Data sharing and protection
Klaviyo does not share your personal information with third parties. All data is processed securely and used solely for the purposes stated above.

Data retention period
Your personal data will be stored within Klaviyo for as long as necessary to fulfill the stated purposes or as required by applicable legal obligations.

International data transfers
As part of Klaviyo's operations, your personal data may be processed on servers located in the United States. All data transfers are carried out in compliance with the requirements of the Data Protection Act, including the use of standard contractual clauses (SCCs) approved by the European Commission to ensure an adequate level of data protection.

Your rights under the DSG
You have the following rights with regard to your personal data:

  • Access: You can request access to your data and receive a copy of it.

  • Correction: You can request the correction of inaccurate or incomplete data.

  • deletion: You can request the erasure of your personal data under certain conditions.

  • Contradiction: You can object to the processing of your data for marketing purposes.

  • Data portability: You can request a copy of your data in a machine-readable format.

  • Revocation of consent: You can revoke your consent to processing for marketing communication at any time.

Consent and opt-out
By subscribing to our newsletter or creating an account, you consent to the processing of your data for the purposes stated above. You can revoke your consent at any time by clicking the "unsubscribe" link in our emails.

For more information about Klaviyo’s privacy practices, you can review their privacy policy at https://www.klaviyo.com/legal/privacy-policy view.