Privacy Policy

Thank you for your interest in our online store. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.

Responsible for the processing of data is:

Hempro Int. GmbH
Münsterst. 336
40470 Düsseldorf
Germany
E-Mail: service@hempro.com

Thank you for visiting our website. Protection of your privacy is very important to us. Below you will find extensive information about how we handle your data.

1. Access data and hosting

You may visit our website without revealing any personal information. With every visit on the website, the web server stores automatically only a so-called server log file which contains e.g. the name of the requested file, your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request. These access data are analysed exclusively for the purpose of ensuring the smooth operation of the website and improving our online appearance. This serves according to Art. 6 (1) 1 lit. f GDPR the protection of our legitimate interests in the proper presentation of our online appearance that are overriding in the process of balancing of interests.

Hosting

The services for hosting and displaying the website are partly provided by our service providers on the basis of processing on our behalf. Unless otherwise stated in this privacy policy, all access data and all data collected in forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries there is no adequacy decision by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.

2. Data processing for the purposes of establishing contact and customer communication

Establishing contact

We collect personal data if you voluntarily provide it when contacting us (e.g. via contact form or e-mail). Mandatory fields are marked as such because in these cases we necessarily need the data to process your contact and you cannot send the contact without providing it. Which data is collected can be seen from the respective input forms. We use the data you provide to process your enquiries in accordance with Art. 6 (1) (b) GDPR.

After complete processing of your enquiry, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law in accordance with Art. 6 (1) (c) GDPR, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) (a) GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this privacy policy.

3. Cookies and further technologies

3.1 General information

In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use technologies on various pages, including so-called cookies. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser during your next visit (persistent cookies).

Protection of privacy for terminal devices

When you use our online services, we use technologies that are absolutely necessary in order to provide the telemedia service you have expressly requested. The storage of information in your terminal device or access to information that is already stored in your terminal device does not require consent in this respect.

For functions that are not absolutely necessary, the storage of information in your terminal device or access to information that is already stored in your terminal device requires your consent. Please note that if you do not give your consent, parts of the website may not be available for unrestricted use. Any consent you may have given will remain valid until you adjust or reset the respective settings in your terminal device.

Any downstream data processing through cookies and other technologies

In addition, we use technologies to fulfil the legal obligations, which we are subject to (e.g. to be able to prove consent to the processing of your personal data) as well as for web analysis and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the following sections of this privacy policy.

On our website we may use other technologies, which are not listed individually in this privacy policy. Further information on these technologies and the respective legal basis can be found on the platform of our consent management service Usercentrics.

You can access the plattform by clicking on the fingerprint button in the bottom right or left corner of the page.

You can find the cookies settings for your browser by clicking on the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

If you have consented to the use of the technologies in accordance with Art. 6 (1) (a) GDPR, you can withdraw your consent at any time by sending a message to the contact option described in the privacy policy or by clicking on the fingerprint button in the lower right or left corner of the page. If cookies are not accepted, the functionality of our website may be limited.

How can I configure the cookie settings of my browser?

Each browser is different in the way it manages cookie settings. This is described in the help menu of each browser, which explains how to change your cookie settings. You can find these for each browser under the following links:
Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

What types of cookies are being used?

Essential cookies: These cookies are necessary to enable you to use our website. This includes e.g. cookies that enable you to log into the customer area or add items to your shopping cart.

Analytical / performance cookies: These cookies enable collecting anonymised data about user behaviour on our website. We analyse them e.g. to improve the functionality of our website and recommend you products that will be interesting to you.

Functional cookies: These cookies are used for certain features of our website, e.g. to improve the website’s navigation, or deliver to you customised and relevant information (e.g. ads that match your interests).

3.2 Use of Usercentrics Consent Management Platform for obtaining and managing consent

On our website we use the Usercentrics Consent Management Platform (“Usercentrics”) to inform you about the cookies and the technologies we use on our website and to obtain, manage and document your consent to the processing of your personal data by these technologies. This is required under Art. 6 (1) (c) GDPR to fulfil our legal obligation under Art. 7 (1) GDPR to be able to prove your consent to the processing of your personal data, to which we are subject. The consent management service Usercentrics is provided by Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, which processes your data on our behalf. When you visit our website, Usercentrics’ web server stores a so-called server log file, which also contains your anonymised IP address, the date and time of your visit, device and browser information as well as information on your consent behaviour. Your data will be deleted after three years, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) (a) GDPR or we reserve the right to use your data in a manner that goes beyond this, which is legally permitted and about which we inform you in this privacy policy.

4. Use of cookies and other technologies

If you have given your consent in accordance with Art. 6 (1) (a) GDPR, we use the following cookies and other third-party technologies on our website. The data collected in this context will be deleted after the relevant purpose has been fulfilled and we have ended the use of the respective technology. You can withdraw your consent at any time with effect for the future. Further information on your withdrawal options can be found in the section “cookies and further technologies”. Further information including the legal basis for data processing can be found within the respective technologies. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.

 Other providers of web analytics – and online-marketing-services

 Use of Matomo as a software solution for web analytics

For the purpose of web analytics, the software Matomo of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand automatically collects and stores data (IP address, time of visit, device and browser information as well as information on your use of our website), from which user profiles are created using pseudonyms. Cookies may be used for this purpose. The pseudonymised user profiles will not be merged with personal data about the bearer of the pseudonym without explicit consent of the user, which must be given separately. The data processing by Matomo takes place on our servers.

5. Social Media

Our online presence on Facebook (by Meta), Twitter, Instagram (by Meta), LinkedIn

If you have given your consent to the respective social media provider in accordance with Art. 6 (1) (a) GDPR, when you visit our online presence on the social media mentioned above, your data will be automatically collected and stored for market research and advertising purposes, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are usually used for this purpose. For detailed information on the processing and use of data by the respective social media provider, as well as a contact option and your rights and settings options for the protection of your privacy, please refer to the provider’s privacy policies linked below. Should you still require assistance in this regard, please contact us.

Facebook (by Meta) is provided by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (hereafter “Meta Platforms Ireland “) The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is usually transferred to a server of Meta Platforms, Inc., 1 Hacker Way, Menlo Park, California 94025, USA and stored there. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission. Data processing in the context of a visit to a Facebook (by Meta) fan page is based on an agreement between joint controllers in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

Twitter is provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (“Twitter”). The information automatically collected by Twitter about your use of our online presence on Twitter is generally transmitted to and stored on a server at Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.

Instagram (by Meta) is provided by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (hereafter “Meta Platforms Ireland “) The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is typically transferred to and stored on a server at Meta Platforms Inc, 1 Hacker Way, Menlo Park, California 94025, USA. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission. Data processing in the context of a visit to an Instagram (by Meta) fan page is based on an agreement between joint controllers in accordance with art. 26 DSGVO. Further information (information on Insights data) can be found here.

LinkedIn is provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). The information LinkedIn automatically collects about your use of our online presence on LinkedIn is generally sent to a server at LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA and stored there. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.

6. Contact options and your rights

6.1 Your rights

Being the data subject, you have the following rights according to:

  • art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
  • art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
  • art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required
    • to exercise the right of freedom of expression and information;
    • for compliance with a legal obligation;
    • for reasons of public interest or
    • for establishing, exercising or defending legal claims;
  • art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as
    • the accuracy of the data is contested by you;
    • the processing is unlawful, but you refuse their erasure;
    • we no longer need the data, but you need it to establish, exercise or defend legal claims, or
    • you have lodged an objection to the processing in accordance with art. 21 GDPR;
  • art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
  • art. 77 GDPR, the right to complain to a supervisory authority . As a rule, you can contact the supervisory authority at your habitual place of residence or workplace or at our company headquarters.

Right to object

If we process personal data as described above to protect our legitimate interests that are overriding in the process of balancing of interests, you may object to such data processing with future effect. If your data are processed for direct marketing purposes, you may exercise this right at any time as described above. If your data are processed for other purposes, you have the right to object only on grounds relating to your particular situation.

After you have exercised your right to object, we will no longer process your personal data for such purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

This does not apply to the processing of personal data for direct marketing purposes. In such a case we will no longer process your personal data for such purposes.

6.2 Contact options

If you have any questions about how we collect, process or use your personal data, want to enquire about, correct, restrict or delete your data, or withdraw any consents you have given, or opt-out of any particular data use, please contact us directly using the contact data provided in our supplier identification.