Privacy Policy

Privacy Notice, Version: August 2025

We appreciate your interest in our website. Protecting your privacy is very important to us. Below, we provide detailed information about how we handle your personal data.

Your personal data is collected, processed, and used by Snipes only in accordance with the applicable data protection laws. Our data protection practices comply with the EU General Data Protection Regulation (“GDPR”) and the German Federal Data Protection Act as amended to align with the GDPR (“BDSG-new”).[Av1]

Personal data refers to all information relating to an identified or identifiable natural person. A person is considered identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (Art. 4 No. 1 GDPR). This includes, for example, your name, phone number, address, and all account data you provide when registering and creating your customer account. Statistical or anonymized data that we collect when you visit our online shop and that cannot be directly linked to your identity is not considered personal data.

You can download this Privacy Notice as a PDF.[Av2]

1. General Information

With this Privacy Notice, we (SNIPES SE, hereinafter also referred to as “Snipes”) would like to inform you about the nature, scope, and purpose of processing your personal data (“data”) when using our website and its associated features, as well as our social media presences.

Snipes processes your data only when permitted by data protection law—for example, when you have given your consent for specific uses such as subscribing to a newsletter, participating in surveys or sweepstakes, or when another legal basis allows us to use your data (e.g., to process your orders or respond to your inquiries). Detailed information about each type of data processing is provided in this Privacy Notice.

2. Controller and Contact Information

SNIPES SE Schanzenstraße 41 51063 Cologne, Germany

Phone: +49 221 977790 Email: [email protected][Av3]

3. Data Protection Officer

Snipes has appointed a Data Protection Officer. You can contact the Data Protection Officer via email at: [email protected]

4. Subject of Data Protection

The subject of data protection is personal data. According to Art. 4 No. 1 of the General Data Protection Regulation (“GDPR”), this includes all information relating to an identified or identifiable natural person. A natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (Art. 4 No. 1 GDPR). This includes, for example, your name, telephone number, address, and all master data you provide to us during registration and when creating your customer account. Statistical or anonymized data that we collect, for example, when you visit our online shop and that cannot be directly linked to your person, are not included.

5. Automated Data Collection

When accessing this website, the device used automatically transmits the following data for technical reasons:

Browser type and version

Operating system used

Referrer URL

Hostname of the accessing computer

Time of the server request

IP address

If JavaScript is enabled, the browser also transmits the resolution and color depth of the browser window

These data are stored for the following purposes:

Ensuring the security of IT systems

Defending against attacks on our online offering and IT systems

Ensuring the proper operation of this online offering

The IP address is stored only for a period of 7 days. Processing is carried out based on our overriding legitimate interests mentioned above in accordance with Art. 6(1)(f) GDPR.

6. Contacting Us

If you send us inquiries via our contact form or through other means (telephone, email), we process your information related to the inquiry, including your contact details (especially your name, email address, and, if applicable, your telephone number), for the purpose of handling the inquiry and any follow-up questions. Processing is based on Art. 6(1)(f) GDPR. We have a legitimate interest in effectively handling your inquiry. If your inquiry relates to contracts, processing is also carried out to initiate and perform the respective contractual relationship. If you are yourself a (potential) contracting party, processing of inquiries related to contracts is carried out for the initiation and performance of the respective contractual relationship (Art. 6(1)(b) GDPR). The data you transmit to us in the course of contacting us will remain with us until the purpose for data storage/processing no longer applies (e.g., after your inquiry has been fully processed). Mandatory legal provisions – especially retention periods – remain unaffected. For example, we store inquiries related to contracts or those potentially of legal relevance for the general limitation period, i.e., three years from the end of the year in which we received your inquiry. Storage is based on our legitimate interest in proper documentation of our business operations and safeguarding our legal positions (Art. 6(1)(f) GDPR). For inquiries related to contracts, storage is carried out for the initiation and performance of the respective contractual relationship (Art. 6(1)(b) GDPR) or based on our corresponding legitimate interest (Art. 6(1)(f) GDPR).

7. Advertising and Market Research Purposes

We offer you the following services, among others:

  • Sending a newsletter with current offers / product promotions

  • White mail (postal mailings)

  • Participation in promotional games

In connection with these services, we may use your data to create and maintain a user profile in order to send you personalized advertising that we believe may be of particular interest to you, provided the conditions outlined below (see 7.1, 7.2) are met. To provide the aforementioned services, we use service providers / processors (see section 28.3).

7.1 Newsletter

Before subscribing to our Snipes newsletter, you consent to us using the data you provide to send you information via email about content and products from our range. We use the so-called double opt-in procedure for sending the newsletter, meaning we will only send you a newsletter via email once you have explicitly confirmed that you wish to activate the newsletter service.

For statistical purposes, we anonymously analyze which links in the newsletter are clicked. It is not possible to identify which specific person clicked. Based on your consent, we also analyze in a personalized manner which links you click in the newsletter to optimize our offerings.

We will send you a notification email and ask you to confirm your subscription by clicking a link contained in that email. If other companies are commissioned to handle and send the newsletter, they are also obligated to protect your data in accordance with data protection regulations and to use it only for the specified purpose.

The following data may be processed:

  • Data you provide when subscribing to the SNIPES newsletter (email address, salutation, first name, last name, address, postal code, shoe size, preferred brands, interests, date of birth)

  • Data required to prove your consent to receive the SNIPES newsletter and the processing of your data (IP address and timestamp of newsletter subscription and confirmation click, consent declarations)

  • Data collected when reading the SNIPES newsletter (newsletter opening, clicks on links in the newsletter, device data, location data based on IP address, email address reachability, purchases on snipes.com

    [Av4]

    or actions on the website after clicking an offer)

  • Data collected when participating in a sweepstake organized by us (sweepstake details, responses)

  • Data collected when registering a user account on our website snipes.com (salutation, first name, last name, email address, postal code, registration date, last login date, participation in the SNIPES Loyalty Program)

  • Data about purchases made online or in-store at SNIPES (products/services, payment amount, currency, location, cash register or terminal ID, time and transaction number, store ID, discount amount)

  • Data collected when redeeming vouchers or coupons and activating credit (redeemed SNIPES vouchers and coupons, date and location of redemption)

  • Data generated when using our website snipes.com (pages visited, services used, wishlist, preferences)

  • Data collected through customer surveys (survey results)

  • Data generated from analyzing the aforementioned data (customer segments, assumed product preferences)

We only process the personal data mentioned if it is actually collected by us—for example, when using features on our website, placing an order on https://snipes.com, or participating in one of our promotional games. The processing of your data is based on your consent (Art. 6(1)(a) GDPR).

If you later decide you no longer wish to receive newsletters from us, you may withdraw your consent at any time. A simple message via our contact form, email, or postal mail is sufficient. Naturally, every newsletter also contains an unsubscribe link. We also store information to prove your consent, including the time it was given. This processing is based on Art. 6(1)(c) in conjunction with Art. 7(1) GDPR. If you withdraw your consent, we will delete your data immediately. Information stored to verify your consent will be deleted after one month.

Further retention of consent-related data is based on our legitimate interest in proper documentation of business operations and in asserting, securing, or defending legal claims (Art. 6(1)(f) GDPR).

7.2 Promotional Games

If you wish to participate in one of our promotional games, we will provide you with specific privacy information in advance.

7.3 WhatsApp

News via WhatsApp

You have the option to join our WhatsApp community and receive news, deals, and updates from SNIPES via WhatsApp (“WhatsApp Conversations”). WhatsApp is operated by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“WhatsApp Ireland”). WhatsApp Ireland acts as the controller in the sense of data protection law for the transmission of messages via WhatsApp and your responses. Further information on data processing by WhatsApp can be found here: WhatsApp Ireland Privacy Notice.

To send messages via WhatsApp, we process your phone number and your WhatsApp profile name. The processing of your data is based on your consent, which you give us in the WhatsApp chat by clicking the button “Sounds great.” or “Sign up.” The legal basis for this processing is Art. 6 (1) (a) GDPR. For this purpose, we act as the controller in the sense of data protection law.

To offer and operate WhatsApp Conversations, we use the software solution provided by Charles GmbH, Gartenstr. 86-87, 10115 Berlin (“Charles”). Charles acts as a processor and processes your data exclusively on our behalf and not for its own purposes.

The legal basis for this processing is Art. 6 (1) (a) GDPR.

Notice on Right of Withdrawal You may withdraw your consent(s) at any time with effect for the future by sending the message “STOP” in our WhatsApp chat.

8. Cookies & Similar Technologies

To make your visit to our website more attractive and enable the use of certain features, we use cookies and similar technologies such as browser storage objects. These help make our website more user-friendly, efficient, and secure, and improve navigation. These are small text files stored on your device. Some cookies are deleted after your browser session ends (session cookies), while others remain and allow us or our partners to recognize your browser on your next visit (persistent cookies).

Example: To use our shopping cart, session and persistent cookies must be enabled. You can configure your browser to notify you about cookie placement and decide individually whether to accept them, or to exclude cookies altogether. If cookies are not accepted, website functionality may be limited.

We use the following cookie categories:

Technically Necessary Cookies

These cookies are essential for the operation and functionality of our website. They help ensure that the website is technically accessible and usable, and they provide core and fundamental features such as website navigation, correct display in your internet browser, and consent management. Without these cookies, the website cannot function properly.

Functional / Analytics Cookies

These cookies are used to measure online traffic and analyze user behavior. This helps us better understand how our website is used and allows us to improve our services accordingly.

Marketing Cookies

The legal basis for the use of technically necessary cookies is § 15(1) of the German Telemedia Act (TMG) or Art. 6(1)(f) GDPR, which allows us to pursue our legitimate interests. These interests include providing you with a technically optimized, user-friendly, and needs-based website, as well as ensuring the security of our systems.

All other cookies are used based on your consent in accordance with Art. 6(1)(a) GDPR.

If we use cookies based on your consent, you may withdraw that consent at any time with future effect by adjusting your cookie settings [here][Av5] . Alternatively, you can change your preferences at any time via the “Cookie Settings[Av6] ” link in the footer of the website. Your withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.

9. Personalized Product Recommendations – Tracking Pixels

Tracking pixels serve similar functions to cookies but are not visible to users. If you provide your consent, we use tracking pixels within the shop functionality, in newsletters, and for remarketing purposes to measure your user behavior. These data are anonymous and not linked to personal data stored on your device or in any database.

For personalized product recommendations on snipes.com, we use your shopping history. This includes items and product categories you have viewed, searched for, or purchased. All collected information is stored in anonymized form, and it is not possible to identify you personally. The legal basis for this data processing is Art. 6(1)(a) GDPR. You may withdraw your consent at any time as described in section 8. Please note that if you do so, we will no longer be able to offer personalized recommendations in this browser.

10. Google Tag Manager

This website uses Google Tag Manager, a service that allows website tags to be managed via an interface. Google Tag Manager itself does not use cookies and does not collect personal data. It merely triggers other tags, which may in turn collect data. However, Google Tag Manager does not access these data.

If deactivation has been implemented at the domain or cookie level, it remains effective for all tracking tags deployed via Google Tag Manager.

11. Analytics Software, Marketing Pixels and Retargeting

11.1 Google Analytics

If you provide us with your consent, we use the web analytics service Google Analytics, operated by Google Ireland Limited (“Google”). This service enables us to analyze user behavior on our website and generate reports to improve our services.

The processing of personal data is carried out in accordance with the EU-U.S. Data Privacy Framework, which ensures an adequate level of data protection for data transfers to the United States. Google has adhered to this framework, thereby ensuring the secure handling of your data. The legal basis for the use of Google Analytics is your consent pursuant to Art. 6 (1) (a) GDPR.

Google Analytics uses cookies to collect information about your use of our website, including your IP address, which is anonymized (IP masking) before transmission. This information is transmitted to Google servers in the USA or other data locations that comply with the EU-U.S. Data Privacy Framework and stored there.

The data collected is used by Google to compile reports on website activity and to provide other services related to website and internet usage. Additionally, Google may link this data with other information from your Google account, provided you are logged into Google while using our website.

The data collected through Google Analytics is stored for a maximum period of 14 months. After this period, only aggregated statistics are retained. You may withdraw your consent to the use of Google Analytics at any time with future effect by adjusting your cookie settings accordingly.

Further information on the use of personal data by Google can be found at https://policies.google.com/privacy, and details on the EU-U.S. Data Privacy Framework are available at https://policies.google.com/privacy/frameworks.

Please take the above-mentioned circumstances into account when granting your consent.

11.2 Google Ads Remarketing

If you provide us with your consent, we use the features of Google Ads Remarketing provided by Google. This allows us to advertise our website in Google search results and on third-party websites. For this purpose, Google places a cookie in the browser of your device, which automatically enables interest-based advertising through a pseudonymous cookie ID and based on the pages you have visited.

In addition, your browser history may be linked by Google to your Google account, and information from your Google account may be used to personalize the ads you see on the web. If you are logged into Google while visiting our website, Google uses your data together with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked with Google Analytics data to form target audiences.

As described under section 11.1, the use of Google Ads Remarketing may involve the transfer of personal data to third countries (in particular to servers of Google LLC in the USA).

Please take the above-mentioned circumstances into account when granting your consent.

Details regarding the data processing triggered by Google Ads Remarketing and Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites.

The data stored by Google is retained for a period of up to 14 months. After this period, only aggregated statistics are retained within Google Analytics.

The use of Google Analytics is based on your consent (Art. 6 (1) (a) GDPR). You may withdraw your consent at any time with future effect by adjusting your cookie settings as described under section 8.

11.3 Microsoft Bing Ads

If you provide us with your consent, we use the conversion tracking feature of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, on our website. In this context, Microsoft Bing Ads places a cookie on your device, provided you accessed our website via a Microsoft Bing advertisement. This allows Microsoft Bing and us to recognize that someone clicked on an ad, was redirected to our website, and reached a predefined target page (conversion page). We only receive information about the total number of users who clicked on a Bing ad and were then redirected to the conversion page.

The processing of personal data in the context of Microsoft Bing Ads now takes place under the EU-U.S. Data Privacy Framework, which has been recognized by the European Commission as providing an adequate level of protection. Microsoft has committed to complying with the requirements of the EU-U.S. Data Privacy Framework to ensure the secure and lawful handling of your data. If your personal data is nevertheless transferred to a third country, such transfer is based on the Standard Contractual Clauses pursuant to Art. 46 (2) (c) GDPR, supplemented by appropriate technical and organizational measures.

Please take the above-mentioned circumstances into account when granting your consent.

The use of Microsoft Bing Ads is based on your consent (Art. 6 (1) (a) GDPR). You may withdraw your consent at any time with future effect, as described under section 8.

Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on Microsoft’s website at https://privacy.microsoft.com/de-de/privacystatement.

11.4 Facebook Custom Audiences

If you provide us with your consent, we use the features of “Facebook Custom Audiences” on this website, provided by Meta Platforms Ireland Limited. By using the Facebook Pixel, we can define visitors to our website as a target audience for displaying ads (“Facebook Ads”). This enables us to show Facebook Ads only to users who have shown interest in our website or specific topics and products. Such audiences are created based on specific characteristics that we transmit to Meta (“Custom Audiences”).

The Facebook Pixel also helps ensure that our Facebook Ads are relevant to you and allows us to measure their effectiveness for statistical and market research purposes through conversion tracking. This means we can determine whether a user was redirected to our website after clicking on an ad.

Meta Platforms Ireland processes various types of data, including:

  • Usage data

    (e.g., pages visited, interest in content, access times)

  • Meta/communication data

    (e.g., device information, IP addresses)

  • Event data

    (e.g., interactions with content, purchases, app installations)

The processing of personal data also takes place under the EU-U.S. Data Privacy Framework, which has been recognized by the European Commission as providing an adequate level of protection. Meta has committed to complying with the requirements of the EU-U.S. Data Privacy Framework. If data is transferred to non-secure third countries, such transfer is based on the Standard Contractual Clauses pursuant to Art. 46 (2) (c) GDPR, supplemented by appropriate technical and organizational measures.

We are jointly responsible with Meta Platforms Ireland Limited for the collection or receipt of event data. You can view the agreement on joint controllership here: https://www.facebook.com/legal/terms/page_controller_addendum. Metrics and analyses are provided to us by Meta in anonymized form and are not subject to joint controllership.

Please take the above-mentioned circumstances into account when granting your consent.

The use of Facebook Custom Audiences is based on your consent (Art. 6 (1) (a) GDPR), which you may withdraw at any time.

Further information can be found in Meta’s privacy policy: https://www.facebook.com/privacy/explanation.

11.5 TikTok Ads & Pixel

If you provide us with your consent, we use the so-called “TikTok Pixel” on this website, provided by TikTok. For users within the European Economic Area and Switzerland, TikTok is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (“TikTok Ireland”).

The TikTok Pixel is a code that we have implemented on our website. With your consent, this code establishes a connection to TikTok’s servers when you visit our website in order to track your behavior. For example, if you purchase a product on our website, the TikTok Pixel is triggered and stores your actions in one or more cookies. In this process, personal data such as your IP address and email address, as well as other information such as device ID, device type, and operating system, may be transmitted to TikTok. TikTok uses email or other login or device information to identify users of our website and associate their actions with a TikTok user account.

TikTok uses this data to display targeted and personalized advertising to its users and to create interest-based user profiles. The data collected is anonymous to us and not visible, and is only used by us to measure the effectiveness of ad campaigns.

If personal data is processed in a non-secure third country, this is carried out in accordance with the provisions outlined in section 11.1.

Please take the above-mentioned circumstances into account when granting your consent.

The use of TikTok Ads / Pixel is based on your consent (Art. 6 (1) (a) GDPR). You may withdraw your consent at any time with future effect, as described under section 8.

TikTok’s privacy policy can be found here: https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE.

11.6 Snap Pixel and Website Custom Audiences

We use the so-called “Snap Pixel” of the social network Snapchat, operated by Snap Inc., Market Street, Venice, CA 90291, USA (“Snapchat”), to analyze and optimize our website and services.

The Snap Pixel enables Snapchat to identify visitors to our website as a target audience for displaying ads (“Snapchat Ads”). Accordingly, we use the Snapchat Pixel to ensure that the Snapchat Ads we place are shown only to Snapchat users who have shown interest in our website or who exhibit certain characteristics (e.g., interest in specific topics or products based on visited websites) that we transmit to Snapchat (“Custom Audiences”). The Snap Pixel also helps us ensure that our Snapchat Ads match the potential interests of users and do not appear intrusive. Furthermore, the Snap Pixel allows us to measure the effectiveness of Snapchat Ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Snapchat Ad (“Conversion”).

Data processing by Snapchat is carried out in accordance with Snapchat’s data usage policy, which can be accessed here: https://snap.com/en-US/privacy/privacy-policy.

The legal basis for this data processing is Art. 6 (1) (a) GDPR. The cookies required for this service (so-called marketing cookies) are used only with your consent. You may withdraw your consent at any time via our preference center.

11.7 Use of Pinterest Social Plug-ins

We use social plug-ins from the social network Pinterest on our website, operated by Pinterest Inc., 635 High Street, Palo Alto, CA 94301, USA (“Pinterest”). When you access a page that contains such a plug-in, your browser establishes a direct connection to Pinterest’s servers. The plug-in transmits log data to Pinterest’s server in the USA. All collected data is anonymous to us and does not allow us to identify individual users.

The data collected includes device information (e.g., type, brand), operating system, IP address of the device used, time of access, type and content of the campaign, response to the campaign (e.g., purchase completion, newsletter registration), and device identifiers derived from unique characteristics of the device. This enables us to recognize your device when you revisit our website.

We use Pinterest to optimize our online offering and to tailor our Pinterest campaigns to user needs. A so-called “Pinterest Tag” (individual code snippet) is used in the advertising campaign. When a Pinterest user views or clicks on the ad, further actions and audiences that have shown interest are tracked. This ensures that Pinterest ads are shown only to users who have already expressed interest in our offerings and match the potential interests of the user. These data help us measure the conversion of each campaign and are used for statistical and market research purposes to optimize our campaigns.

The legal basis for this processing is Art. 6 (1) (f) GDPR. The cookies required for this service (so-called marketing cookies) are used only with your consent. You may withdraw your consent at any time via our preference center.

Personal data such as your IP address and email address, as well as other information like device ID, device type, and operating system, may also be transmitted to Pinterest. Pinterest uses email or other login or device information to identify users of our website and associate their actions with a Pinterest user account.

The data is stored in accordance with statutory retention periods and automatically deleted thereafter. If you log into your Pinterest account after visiting our website or visit our website while logged in, Pinterest may store and process this data. Pinterest may link this data to your Pinterest account and use it for its own advertising purposes.

Further information can be found in Pinterest’s privacy policy: https://policy.pinterest.com/en/privacy-policy. You may object to this specific data processing at any time by disabling personalization settings in your Pinterest account at https://help.pinterest.com/en/article/personalization-and-data or by clicking on the opt-out link.

Additionally, we would like to point out that the transfer of personal data to Pinterest in the USA is carried out in accordance with the EU-U.S. Data Privacy Framework. This framework ensures that the processing of personal data by Pinterest meets the data protection standards required by the European Union. Further information on the EU-U.S. Data Privacy Framework and Pinterest’s corresponding data protection measures can be found in their privacy policy.

11.8 Criteo

If you provide us with your consent, our website uses cookies/advertising IDs for advertising purposes by Criteo, 32 Rue Blanche, 75009 Paris, France. This allows us to display advertisements to visitors who have shown interest in our products on partner websites, apps, and emails. Retargeting technologies use cookies or advertising IDs and display ads based on your previous browsing behavior.

We may share information such as technical identifiers from your login data on our website or CRM system with trusted advertising partners. This enables your devices and/or environments to be linked, providing you with a seamless user experience across the devices and environments you use.

The use of Criteo is based on your consent (Art. 6 (1) (a) GDPR). You may withdraw your consent at any time as described under section 8.

Further information on data protection and details on Criteo’s cross-device linking capabilities can be found in their privacy notice: https://www.criteo.com/privacy.

11.10 Zenloop[Av7]

At various points in our online shop, we optionally request feedback regarding your shopping experience. For this purpose, we use the services of zenloop GmbH, Brunnenstraße 196, 10119 Berlin, to collect and evaluate your feedback.

In doing so, the following data may be processed: your public IP address, email address, device and browser data, statistical data related to your purchase, the website from which you access the feedback platform, and any additional information you provide in your message. The legal basis for this processing is Art. 6 (1) (f) GDPR. We offer this service to make the shopping experience on our website more attractive, which constitutes our legitimate interest.

If you wish to be contacted by SNIPES following your feedback after placing an order, this will occur by leaving a message in the comment field and confirming the process. In such cases, we may contact you via email to respond to your request.

Further information on data protection at zenloop can be found at: https://www.zenloop.com/en/legal/privacy.

11.11 Emarsys

If you provide us with your consent, we use technologies from Emarsys eMarketing Systems AG, Märzstraße 1, 1150 Vienna, Austria, to personalize our website, the SNIPES app, and newsletter content by creating user profiles via the Emarsys Marketing Cloud. All data collected through the Emarsys Web Extend database is stored using JavaScript commands and cookies.

For visitors who have signed up for the newsletter, [Av8] our website uses JavaScript commands to collect browsing and purchase data. This data is used to enrich your customer profile and provide you with a personalized experience across all our touchpoints. Additionally, we store the following personal data in our Emarsys CRM Suite and use it for targeting and profiling within the website, SCAYLE, potentially WhatsApp and newsletters:[Av9]

  • Mobile number

  • Email address

  • Salutation

  • First and last name

  • Date of birth

  • IP address

  • Order data

  • Loyalty ID

  • Shoe size

  • Preferred brands

  • Interests

In connection with the use of the Emarsys Marketing Cloud, your data may be matched with Google and Facebook. This may result in your data being processed outside of Europe. Since the adequacy decision of the European Commission, the USA is considered to have an adequate level of data protection under the EU-US Data Privacy Framework. Considering the risks already mentioned (see the sections on Google and Facebook in this privacy notice), we only use Emarsys if you also consent to the potential transfer of your data to non-secure third countries. Transfers of personal data to the USA are based on the EU-US Data Privacy Framework, provided the respective recipient is certified under it Some of the third countries where data centers are located or from which processing is carried out still do not have an adequate level of data protection as determined by the European Commission (a list of so-called secure third countries can be found at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). For these third countries, the previously mentioned risks regarding data transfers still apply, particularly the possibility of access by authorities.

We process your data automatically for the purpose of evaluating certain personal aspects (profiling). We analyze your data using mathematical and statistical methods to tailor advertising to your individual interests.

After unsubscribing from the newsletter, we will stop sending it and delete your data. If you also have a customer account on our website, we will retain your data as long as the account exists, unless we are legally required or entitled to retain it for specific purposes, including the defense against legal claims.

The legal basis for this data processing is your consent (Art. 6 (1) (a) GDPR).

You may withdraw your consent at any time as described under section 8.

11.12 ChannelPilot

If you provide us with your consent, we use ChannelPilot – an online marketing tool provided by Channel Pilot Solutions GmbH, Lilienstraße 5–9, Semperhaus C, 20095 Hamburg. ChannelPilot uses cookies to analyze the performance of connected online marketing channels such as Google. In addition, your IP address is processed for click fraud detection (bot detection), typically for a maximum duration of 24 hours.

The legal basis for this data processing is your consent (Art. 6 (1) (a) GDPR).

You may withdraw your consent at any time as described under section 8.

Further information on data protection in connection with ChannelPilot can be found at: https://channelpilot.com/en/privacy-policy.

11.13 Conversion Linker

If you provide us with your consent, we use the following Google technologies: Google Ads Conversion Tracking via Google Tag Manager and the Conversion Linker. We use the Conversion Linker to improve the reliability of click data measurement, enabling effective tracking of conversions.

When you click on one of our ads, the URL of the conversion page on our website contains information about the click. If you perform an action that we have tagged as a conversion (e.g., by triggering a Google Ads Conversion Tracking tag), the conversion is linked to the click that brought you to our website. The Conversion Linker tag automatically captures the ad click information from the URLs of the conversion page and stores it in cookies on our website.

If personal data is processed in a non-secure third country, this is carried out in accordance with the provisions outlined in section 11.1.

Please take the above-mentioned circumstances into account when granting your consent.

The following cookies are used by Google:

  • _gcl_au: Contains a randomly generated user ID (stored for up to 90 days)

  • _gcl_aw: Set when a user arrives on the website via a Google ad click. It contains information about which ad was clicked so that conversions such as purchases or contact requests can be attributed to the ad (stored for up to 90 days).

The legal basis for this data processing is your consent (Art. 6 (1) (a) GDPR).

You may withdraw your consent at any time as described under section 8.

11.14 Google Enhanced Conversions

If you provide us with your consent, we use the Enhanced Conversions feature from Google. This allows us to advertise our website more effectively and with higher data quality.

Enhanced Conversions is an extension of Google Ads Remarketing. Using Google Tag Manager, customer-related data entered into form fields on our website is encrypted in advance and transmitted as hash values to a Google interface. Google may link this data with existing usage data from your Google account if you were logged in when interacting with an ad. At no point do we have access to information from your Google account. We only receive aggregated conversion reports from Google, which are more accurate thanks to Enhanced Conversions.

Data collection only begins once you explicitly consent and complete the entry of customer data on our website. If you are logged into your Google account while interacting with ads, the data may be automatically linked to your account. If you wish to prevent this, you can either log out of your Google account or choose not to provide consent for this service.

To our knowledge, Google handles the data confidentially and ensures its protection. The policies applicable to the use of Enhanced Conversions for customer data can be found here[Av10] . Details on how Google uses your data are described here[Av11] .

As with section 11.1, the use of Google Enhanced Conversions may involve the transfer of personal data to third countries (particularly to servers of Google LLC in the USA).

The legal basis for processing your personal data is your consent pursuant to Art. 6 (1) sentence 1 (a) GDPR, and where data is stored and processed on your device via tags, also § 25 (1) TDDDG.

You may withdraw your consent at any time as described under section 8.

Further information about Google Enhanced Conversions is available at: https://support.google.com/google-ads/answer/9888656?hl=en.

12. Use of Livereach

Users of social media platforms (“users”), particularly Instagram, regularly engage with us through their own photo and video posts (“content”). This occurs, for example, by tagging our Instagram profile @snipes or using one of our campaign hashtags, such as #snipesknows.

Tagged content often features products distributed by us. To identify and utilize such relevant content, we use the software solution provided by the third-party provider “Livereach,” operated by Gorilla GmbH, Geisbergweg 8, 48143 Münster. When Livereach identifies publicly accessible content relevant to us, we contact the user who published the content. The user then has the opportunity to grant us usage rights by agreeing to the participation terms.

Content for which we have been granted usage rights may be shared online (e.g., in our own webshop) and in print, in accordance with the usage terms. Alongside the content, personal data associated with the original post—such as the username/alias—may also be shared.

The lawfulness of processing personal data is based on Art. 6 (1) (b) GDPR. If you do not enter into or intend to enter into a contract with us, it is based on Art. 6 (1) (f) GDPR. The use of Livereach is in our legitimate interest to promote our brand and products.

You can view the privacy policy of the third-party provider Livereach at https://livereach.com/privacy/

13. DigitalGenius

Customer service automation is supported by the third-party provider DigitalGenius, 110 Clifton Street, London EC2A 4HT, United Kingdom. Messages from the Scayle operating system are retrieved and transmitted to the DigitalGenius platform for processing, and then automatically sent back to the customer via Scayle. As part of this process, DigitalGenius processes personal data in order to handle the inquiry. All data is stored on the platform for a maximum of 30 days.

This service is used to respond to customer inquiries more quickly and accurately. The legal basis for data processing is Art. 6 (1) (b) GDPR. If you do not enter into or intend to enter into a contract with us, it is based on Art. 6 (1) (f) GDPR. In such cases, our legitimate interest lies in providing appropriate communication channels.

14. Reviews

You have the option to review the products and services we offer on our website. After placing an order, you will receive an email inviting you to review the purchased product or service. If you do not wish to receive review emails, you may object to receiving them at any time. Details can be found in the section on the right to object in this privacy notice. Each review email also contains a link allowing you to unsubscribe from such emails with future effect.

The email contains a link to a review form where you can rate the purchased product or service.

Reviews can also be submitted directly via a form on our website.

As part of the review process, we process your email address, the content you enter in the review form, and a so-called device fingerprint (IP address, device ID, and geolocation). This data is processed to collect and publish the review and to verify its authenticity. Cookies that are strictly necessary to provide the review system are also stored.

The review system is provided by Bazaarvoice, Inc., located in the USA. Bazaarvoice acts as a processor on our behalf based on a data processing agreement in accordance with Art. 28 GDPR.

It is possible that personal data may be transferred to a third country without an adequate level of data protection. In such cases, we ensure that appropriate safeguards are in place for the transfer in accordance with Art. 46 GDPR. Proof of these safeguards (EU Standard Contractual Clauses) can be provided upon request.

The legal basis for this data processing is our legitimate interest pursuant to Art. 6 (1) (f) GDPR in helping users make informed decisions by providing authentic reviews from other users. If you have expressly consented to certain types of data processing, the legal basis is your explicit consent pursuant to Art. 6 (1) (a) GDPR.

You may request the deletion of your submitted review at any time. Please contact us using the contact details provided above.

15. Use of Tracking Tools by trbo GmbH

We use technologies provided by trbo GmbH, Leopoldstr. 41, 80802 Munich, Germany (hereinafter “trbo”) on our website to optimize our online offering, measure the effectiveness of our online advertising, and deliver personalized offers.

If you have given us your consent pursuant to Art. 6 (1) sentence 1 (a) GDPR, we use tracking tools (in particular so-called “cookies” and “web beacons”). The data collected and used in this context is always stored under a pseudonym (e.g., a randomly generated identification number) and is not combined with other personal data about you (e.g., name, address, etc.).

The data is deleted as soon as it is no longer necessary for the purpose for which it was collected. Deletion of user- and event-level data takes place no later than 14 months after collection.

You may withdraw your consent to the processing of personal data by trbo for the purposes mentioned above at any time with future effect or change your preferences. To do so, please revisit the cookie settings via this link: Cookie Settings[Av12] .

We have entered into a data processing agreement with trbo in which we require the provider to protect our customers’ data and not to disclose it to third parties. Further information on data protection at trbo can be found at:

https://www.trbo.com/privacy-policy/

16. Our Social Media Presences

If our websites contain icons of the following social media providers, we use them solely for passive linking to the respective providers’ pages.

16.1 Facebook Fanpage

You can find us on Facebook at https://www.facebook.com/Snipes.com/.

For users outside the USA and Canada, Facebook is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook Ireland”). For users in the USA and Canada, Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA, is the operator of Facebook.

Even if you are not registered with Facebook and visit our Facebook fan page, Facebook may collect pseudonymous usage data about you. Further information can be found in Facebook’s Data Policy at https://www.facebook.com/about/privacy, where you will also find details on how to manage your Facebook account settings.

Facebook Ireland may share your data within the Facebook corporate group and with other third parties. This may involve the transfer of personal data to the USA and other third countries for which no adequacy decision by the European Commission exists. In such cases, Facebook Ireland uses the Standard Contractual Clauses approved by the European Commission pursuant to Art. 46 (2) (c) GDPR. Further details are also available in Facebook’s Data Policy.

We are jointly responsible with Facebook for the processing of so-called Insights data when you visit our Facebook fan page. Facebook Ireland analyzes behavior on our fan page and provides us with anonymized data. To this end, we have entered into a joint controller agreement with Facebook Ireland, which can be viewed here: https://www.facebook.com/legal/terms/page_controller_addendum. In this agreement, Facebook Ireland undertakes to assume primary responsibility under the GDPR for the processing of Insights data and to fulfill all obligations under the GDPR in relation to such processing.

This processing serves our legitimate economic interest in optimizing and tailoring our Facebook fan page to user needs, pursuant to Art. 6 (1) (f) GDPR.

Please also note: If you visit or like our Facebook fan page while logged into your Facebook account, Facebook Ireland collects personal data. If you are not registered with Facebook and visit our fan page, Facebook Ireland may collect pseudonymous usage data.

Specifically, Facebook Ireland may collect the following information:

  • Viewing a page, post, or video from a page

  • Subscribing to or unsubscribing from a page

  • Liking or unliking a page or post

  • Recommending a page in a post or comment

  • Commenting on, sharing, or reacting to a page post (including type of reaction)

  • Hiding a page post or reporting it as spam

  • Clicking a link to the page from another Facebook page or external website

  • Hovering over the name or profile picture of a page to preview content

  • Clicking buttons on the page such as website, phone number, “get directions,” or other

  • Whether you are logged in via computer or mobile device while visiting or interacting with the page or its content

Further information is available in Facebook’s privacy policy at: https://www.facebook.com/legal/terms/information_about_page_insights_data.

16.2 Instagram

Our Instagram presence is available at https://www.instagram.com/snipes/.

For users outside the USA and Canada, Instagram is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook Ireland”). For users in the USA and Canada, Instagram is operated by Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA.

Further information can be found in Instagram’s Privacy Policy: https://help.instagram.com/155833707900388.

16.3 YouTube

Our YouTube presence is available at https://www.youtube.com/user/snipes.

For users within the EEA and Switzerland, YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Republic of Ireland. Outside this area, it is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Further information can be found in Google’s Privacy Policy: https://policies.google.com/privacy?hl=en.

16.4 Spotify

Our Spotify presence is available at https://open.spotify.com/user/snipesshop.

Spotify is operated by Spotify AB, Regeringsgatan 19, 111 53 Stockholm, Sweden.

Further information can be found in Spotify’s Privacy Policy: https://www.spotify.com/de/legal/privacy-policy/.

16.5 Community Features

When you visit our social media presences (e.g., our Facebook fan page), we may process certain data about you, for example, when you interact with our page or account, like or comment on a post, respond, or share other content.

These data processing activities are generally based on our legitimate interest in providing you with the relevant features on our social media presences (Art. 6 (1) (f) GDPR), as well as on your consent given to the respective platform operators (e.g., Facebook Ireland, LinkedIn Ireland), Art. 6 (1) (a) GDPR, or your contractual relationship with the operators of the respective platforms (Art. 6 (1) (b) GDPR).

Please note that these sections are publicly accessible, and any personal information you post or provide during registration may be viewed by others. We cannot control how other users use this information. In particular, we cannot prevent unsolicited messages from being sent to you by third parties.

Content posted in community areas may be stored indefinitely. If you would like us to remove content you have posted, please send an email request to the address provided in section 2 above.

17. Payment Methods

We process your payment information for the purpose of handling payments, e.g., when you purchase a product via our online shop. Depending on the payment method selected, we may forward your payment information to third parties (e.g., in the case of credit card payments, to your credit card provider).

The legal basis for this data processing is Art. 6(1)(b) GDPR, insofar as the processing is necessary for payment handling, and Art. 6(1)(f) GDPR, whereby our legitimate interest lies in the proper execution of payment transactions. In our online shop, we primarily offer the following payment methods:

17.1 Credit Cards

We accept Visa and MasterCard. If you choose this payment method, you will be redirected to an external website (Saferpay) operated by Six Payment Services AG. Your card details will be collected there. Any required two-factor authentication will be handled by Saferpay.

Further information about the Saferpay service can be found here: www.six-payment-services.com/de/site/e-commerce/solutions/paymentsolution.html.

Important Security Information:

In the event of unauthorized use of your credit card, you have the option to file an objection with your credit card institution. Maximum security: With state-of-the-art SSL encryption, we ensure optimal protection of your personal data in the checkout area of our online shop. Additionally, for credit card payments, we secure the entire transaction by requiring the mandatory entry of the card verification number (CVC2 or CVV2). Good to know: These numbers are not stored on the magnetic stripe of your credit card and therefore do not appear on payment receipts.

17.2 PayPal

If you choose to pay via PayPal, your payment data will be forwarded to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”) as part of the payment process. You will be identified through the login to your PayPal account.

Further information regarding data protection can be found in PayPal’s privacy policy: www.paypal.com/de/webapps/mpp/ua/privacy-full

17.3 Klarna

In order to offer you the payment options of Klarna Bank AB (publ), Sweden, we will transmit personal data such as contact details and order information to Klarna. This enables Klarna to assess whether you can use the payment options offered via Klarna and to tailor those options to your needs. General information about Klarna can be found here. Your personal data will be processed by Klarna in accordance with applicable data protection regulations and as described in Klarna’s privacy policy.

17.4 Gift Card

The SNIPES gift card is a digital product. The individual voucher code will be sent to you via email. SNIPES gift cards cannot be purchased together with our regular products. It is possible to purchase multiple SNIPES gift cards in one order; however, the total amount must not exceed 150 euros. Promo codes cannot be used when ordering a SNIPES gift card. No more than four SNIPES gift cards can be redeemed within a single order. SNIPES gift cards are non-refundable and cannot be exchanged for cash. No COINS can be collected when purchasing a SNIPES gift card.

18. Order Process

The following personal data will be collected from you during the order process:

First name, last name, address, email address, telephone number (optional), as well as data collected through the applications described above and by processors/service providers.

The associated data processing is carried out for the purpose of handling your purchase. The legal basis for processing is Art. 6(1)(b) GDPR. In the case of purchasing goods in our online shop (contract conclusion), the provision of your personal data is required. If you do not provide the aforementioned data, a purchase in our online shop cannot be completed. The data will be made available to employees responsible for sales and logistics, as well as to service providers/processors commissioned in this context (see section 28.3). Your data will be stored until the respective purchase contract has been fulfilled and beyond that in anonymized and locked form for as long as statutory retention periods apply to the transactions carried out.

19. Customer Account

On our website, we offer you the opportunity to register by providing personal data (“My Account”). Registration is necessary so that we can set up your customer account. SNIPES uses your personal data to manage your SNIPES account (“My Account”), including obtaining consents, verifying and confirming the identity of the account user, preventing unauthorized access and use, restricting use by minors, sending communications and notifications, taking action against account misuse, monitoring violations of the terms of use, and processing the withdrawal of consents. We also use your personal data to provide you with a personalized online experience and to immediately make information about your purchase available to you.

The processing of your personal data for your account is based on your consent when you create a customer account. The legal basis for processing is Art. 6(1)(a) GDPR. We store your personal data for as long as necessary to provide the account. Personal data collected and used solely for the purpose of providing you with a customer account will be deleted once the account is closed. You may withdraw your consent in accordance with the instructions provided in section 8.

22. Data Security[Av13]

We have implemented technical and organizational security measures to protect your personal data against loss, destruction, manipulation, and unauthorized access. All our employees are bound by data confidentiality obligations, i.e., the confidential handling of personal data. Our security measures are continuously reviewed and updated in line with technological developments.

23. Automated Individual Decisions or Profiling Measures

We do not use automated processing procedures to make decisions or for profiling.

24. Transfer of Data

As a general rule, your personal data will only be disclosed without your prior explicit consent in the following cases:

If it is necessary to investigate unlawful use of our services or for legal prosecution, personal data may be forwarded to law enforcement authorities and, if applicable, to injured third parties. This only occurs if there are concrete indications of illegal or abusive behavior. Transfer may also take place if it serves to enforce contracts or other agreements. Furthermore, we are legally obliged to provide information to certain public authorities upon request. These include law enforcement agencies, authorities that prosecute administrative offenses subject to fines, and tax authorities. The transfer of such data is based on our legitimate interest in combating abuse, prosecuting criminal offenses, and securing, asserting, and enforcing claims, Art. 6(1)(f) GDPR, or on a legal obligation pursuant to Art. 6(1)(c) GDPR.

Your data will be passed on to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of goods. The shipping company uses your personal data exclusively for the purpose of processing the delivery. For payment processing, we forward your payment data to the credit institution commissioned with the payment, PayPal, or other payment service providers. Your data will not be passed on to other third parties or used for advertising purposes. The legal basis for data processing is Art. 6(1)(b) GDPR. Upon complete execution of the contract and full payment of the purchase price, your data will be blocked for further use and deleted after the expiry of the tax and commercial retention periods.

We rely on contracted external companies and service providers (“processors”) to provide our services. In such cases, personal data is passed on to these processors to enable further processing. These processors are carefully selected and regularly reviewed by us to ensure that your rights and freedoms are protected. The processors may only use the data for the purposes specified by us and are contractually obligated to handle your data exclusively in accordance with this privacy policy and applicable data protection laws.

The transfer of data to processors is based on Art. 28(1) GDPR. In addition to the processors already mentioned in this privacy policy, we also use the following categories of processors:

  • IT service providers

  • Cloud service providers

  • Software service providers

As part of administrative processes and the organization of our operations, financial accounting, and compliance with legal obligations (e.g., archiving), we may disclose or transmit the same data that we have received in the course of providing our contractual services to the tax authorities, consultants such as tax advisors or auditors, and other fee offices and payment service providers. The transfer of this data is based on our legitimate interest in maintaining our business operations, fulfilling our duties, and providing our services, Art. 6(1)(f) GDPR, or on a legal obligation pursuant to Art. 6(1)(c) GDPR.

In the course of developing our business, it may happen that the structure of Snipes SE changes, for example, through a change in legal form or the establishment, acquisition, or sale of subsidiaries, business units, or parts thereof. In such transactions, customer and contact data may be transferred along with the part of the company being transferred. In all cases of data transfer to third parties as described above, we ensure that such transfer is in accordance with this privacy policy and applicable data protection laws. Any such transfer of personal data is justified by our legitimate interest in adapting our corporate structure to economic and legal circumstances as needed, Art. 6(1)(f) GDPR.

25. Provision of Your Data

You are neither legally nor contractually obligated to provide your data.

However, the provision of your data is required to a certain extent in order for us to offer you the functionalities of our website and our services. In particular, the provision of your data is necessary for us to receive and process your inquiries, to enable the initiation and execution of contracts, and to allow you to use the community features associated with our social media presences. Additionally, the provision of your data is required for receiving and processing your application.

Where the provision of your data is necessary, we will indicate this by marking the relevant input fields as mandatory. The provision of additional data is voluntary. If required data is not provided, we will be unable to offer the corresponding functionalities and services. Specifically, we will not be able to receive or process your inquiries or enable contract initiation or execution. Furthermore, you will not be able to use the community features of our social media presences. If you do not provide the necessary data in connection with your application, we will not be able to consider your application. Where voluntary data is concerned, failure to provide such data may result in us being unable to offer certain functionalities and services, or only to a limited extent.

26. Data Transfers to Third Countries

We also process data in countries outside the European Economic Area (“EEA”), referred to as third countries, or transfer data to recipients located in such third countries. This includes the United States. For data transfers to the U.S., the legal basis is the EU-U.S. Data Privacy Framework, provided that the receiving company is certified under this framework.

Please note that for some of these third countries, there is currently no adequacy decision by the European Commission confirming that these countries generally provide an adequate level of data protection. Therefore, when structuring contractual relationships with recipients in third countries, we rely on the Standard Contractual Clauses approved by the European Commission pursuant to Art. 46(2)(c) GDPR, or we base the transfer on your consent pursuant to Art. 49(1)(a) GDPR.

With our service providers who process your data on our behalf (“processors”), we conclude the Standard Contractual Clauses for transfers to processors in third countries. For transfers to third-party controllers in third countries, we use the Standard Contractual Clauses for transfers to controllers accordingly. You may request a copy of these Standard Contractual Clauses using the contact details provided in section 2.

27. Change of Purpose

Processing of your data for purposes other than those described will only take place if permitted by legal provisions or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to such further processing and provide you with all relevant information required for this.

28. Deletion of Your Data

Unless otherwise stated in this privacy notice, we delete or anonymize your data as soon as it is no longer required for the purposes for which it was collected or used according to the preceding sections. Further storage only takes place if required for legal reasons, in particular for the assertion, safeguarding, or defense of legal claims. Such storage is based on our legitimate interest in proper documentation of our business operations and the protection of our legal positions (Art. 6(1)(f) GDPR).

If your data is relevant for the initiation or execution of contracts, it will be stored for the purpose of initiating and executing the respective contractual relationship (Art. 6(1)(b) GDPR). Where we are legally obliged to retain data, we store your data for the legally prescribed period (Art. 6(1)(c) GDPR). Legal retention requirements may arise in particular from the retention periods stipulated in the German Commercial Code (HGB) or the German Fiscal Code (AO). These retention periods generally range from 6 to 10 years from the end of the year in which the relevant transaction was completed, e.g., your inquiry was finally processed or the contract ended.

29. Your Rights as a Data Subject

With regard to the processing of your personal data, you have the rights described below. To exercise your rights, you may submit a request by post or email to the address provided in section 2 above.

29.1 Right of Access

You have the right to request information from us at any time regarding the personal data we process about you, in accordance with Art. 15 GDPR and § 34 BDSG.

29.2 Right to Rectification of Incorrect Data

You have the right, pursuant to Art. 16 GDPR, to request the immediate correction of inaccurate personal data concerning you.

29.3 Right to Erasure

You have the right to request the erasure of personal data concerning you under the conditions described in Art. 17 GDPR and § 35 BDSG. This right applies in particular when the personal data is no longer necessary for the purposes for which it was collected or otherwise processed, in cases of unlawful processing, if you have objected to the processing, or if there is a legal obligation to delete the data under Union law or the law of the Member State to which we are subject.

29.4 Right to Restriction of Processing

You have the right to request the restriction of processing in accordance with Art. 18 GDPR. This right applies in particular if the accuracy of the personal data is contested between you and us, for the duration required to verify the accuracy; if you request restricted processing instead of erasure despite having a right to erasure; if the data is no longer required for our purposes but you need it for the establishment, exercise, or defense of legal claims; or if the successful exercise of an objection between you and us is still pending.

29.5 Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, in accordance with Art. 20 GDPR.

29.6 Right to Object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is carried out, among other things, on the basis of Art. 6(1)(e) or (f) GDPR, in accordance with Art. 21 GDPR. We will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

If we process your personal data for direct marketing purposes, including profiling, you have the right to object to such processing. Upon your objection, we will cease processing your data for these purposes.

29.7 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority of your choice. The supervisory authority responsible for North Rhine-Westphalia (Germany) is:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia Kavalleriestr. 2–4 40213 Düsseldorf Phone: +49 (0)211 / 38424-0 Fax: +49 (0)211 / 38424-10 Email: [email protected]

32. Scayle

Scayle is a headless eCommerce system provided by About You SE & Co. KG (Domstraße 10, 20095 Hamburg). Snipes uses the Scayle system to operate its online shop.

Information regarding Scayle’s data protection policies can be found at the following link: https://www.scayle.com/privacy-policy/

32.1 Akamai Technologies, Inc.

Snipes uses the service “Akamai” to optimize the delivery of the website and to secure our web servers with a web application firewall. The entity responsible for processing your personal data is: Akamai Technologies GmbH, Parkring 20–22, 85748 Garching, Germany.

The following list includes all (personal) data collected through or during the use of this service:

  • Browser information

  • Pages visited

  • Date and time of visit

  • Operating system

  • IP address

The legal basis for processing your personal data is Article 6(1)(f) GDPR (balancing of interests), based on our legitimate interest in ensuring the continuous availability of our website.

Data is processed both within the European Union and the United States of America. For data transfers to the U.S., the legal basis is the EU-U.S. Data Privacy Framework. This framework ensures an adequate level of data protection in accordance with EU standards.

Additionally, personal data processed in connection with Akamai is pseudonymized and therefore particularly protected.

The cookies used by this service are session-based and expire at the end of the respective session. Personal data collected through these cookies is deleted once it is no longer required for processing.

To read the privacy policy of the data processor, click here: https://www.akamai.com/legal/compliance/privacy-trust-center

32.2 Amazon Web Services Inc.

Amazon Web Services (AWS) is a cloud computing service offered by Amazon.com. This service enables companies and organizations to operate IT infrastructure and applications in the cloud.

The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter referred to as “AWS”).

More detailed information can be found here:

https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/

Further information on the processing of personal data can be found in the AWS Privacy Notice: https://aws.amazon.com/de/privacy/?nc1=f_pr

The use of the AWS service is subject to your consent (Article 6(1)(a) GDPR). The legal basis for using the AWS service is Article 6(1)(f) GDPR. We have a legitimate interest in ensuring the reliable presentation of our website. Where we have obtained your consent to process personal data, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and § 25(1) TDDDG (German Telecommunications-Telemedia Data Protection Act), if the consent includes the storage of cookies or access to information on the user's device (e.g., fingerprint scanning on the device) under the TDDDG. This consent may be revoked at any time.

32.3 Datadog Inc.

Datadog is a service focused on monitoring real user behavior and performance. The processing of data serves to analyze this website and its visitors. On behalf of the operator of this website, Datadog uses the information received to evaluate website usage, monitor the performance of this website, application screens, user actions, network requests, and the performance of our front-end code, track ongoing errors and issues, and generate reports on website activity.

The entity responsible for data processing is:

Datadog, Inc., 620 8th Avenue, Floor 45, New York, NY 10018, USA

Among other things, the following information may be collected:

IP address

Date and time of page access

User navigation (click path)

Information about the browser and device you use

Pages visited

Link URL (website from which you accessed our site)

Location data

Shopping activity

Datadog uses technologies such as cookies, browser web storage, and tracking pixels to analyze your use of the website. The processing of personal data, particularly the setting of cookies, takes place only with your consent.

Further information on terms of use and the protection of personal data can be found here: https://www.datadoghq.com/legal/privacy/

32.4 New Relic Inc.

New Relic (New Relic, Inc., 188 Spear St. Suite 1200, 94105 San Francisco, USA) is a web service used to analyze website usage. The cookie transmits information, including your IP address, to a New Relic server in the United States. The processing of personal data is carried out in accordance with Article 6(1)(f) GDPR for the purpose of optimizing the presentation of our online offering. New Relic uses the stored information to evaluate website usage, compile reports for website operators, and provide other services related to website and internet usage.

Further information on data protection can be found here: https://newrelic.com/termsandconditions/privacy

32.5 Functional Software, Inc.

Functional Software, Inc. (132 Hawthorne Street, San Francisco, California 94107) provides a platform for reporting software bugs and outages, allowing us to retrospectively analyze and improve our website. Please note that this involves the transfer of personal data to the United States, which is considered a transfer of personal data to a third country. The processing of personal data is carried out in accordance with Article 6(1)(f) GDPR.

Information on the protection of personal data can be found at the following link: https://sentry.io/privacy/

32.6 Cloudflare, Inc.

Use of Cloudflare

This website uses a content delivery network (“CDN”) provided by the technology service provider Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (“Cloudflare”). A CDN is an online service that enables the delivery of large media files (such as graphics, page content, or scripts) via a network of regionally distributed servers connected through the internet. The use of Cloudflare’s CDN helps optimize the loading speed of this website and contributes to improved performance and stability.

For this purpose, personal data may be processed in Cloudflare’s server log files. Cloudflare also collects statistical data about visits to this website. The data collected includes:

  • Name of the accessed webpage, accessed file and URL

  • Date and time of access

  • Transferred data volume

  • HTTP status code (e.g., 200, 404)

  • Browser type, version, and language settings

  • Operating system and its version

  • Referrer URL

  • IP address of the requesting device

  • Requesting provider

  • Geolocation data

  • Security-related information (e.g., suspicious activity or bot detection)

  • TLS/SSL information for secure connections

The data processing agreement is based on Standard Contractual Clauses, which can be found here: https://www.cloudflare.com/cloudflare-customer-scc/

Further information on Cloudflare’s privacy policy is available here: https://www.cloudflare.com/privacypolicy/

Cloudflare is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States that ensures compliance with European data protection standards for data processing in the U.S. Any company certified under the DPF commits to adhering to these standards. More information is available from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnZKAA0&status=Active

Use of Cloudflare Turnstile

Cloudflare Turnstile is used to verify whether data entry on this website is performed by a human or an automated program. Turnstile analyzes the behavior of website visitors based on various characteristics.

This analysis begins automatically when a visitor accesses a website with Turnstile enabled. Turnstile evaluates various information (e.g., IP address, time spent on the website, mouse movements) to perform this analysis.

The data collected during the analysis is transmitted to Cloudflare.

The data transfer between your browser and our servers is analyzed on Cloudflare’s servers to prevent attacks. Cloudflare uses cookies to enable access to our website. The use of Cloudflare Turnstile is in the interest of secure use of our online presence and protection against harmful external attacks. The storage and analysis of data is based on Article 6(1)(f) GDPR and § 25(2) No. 2 TDDDG.

33. Google Maps

This website uses the Google Maps mapping service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to store your IP address. This information is typically transmitted to a Google server in the United States and stored there. The provider of this website has no influence over this data transmission. If Google Maps is activated, Google may use Google Web Fonts for the uniform display of fonts. When accessing Google Maps, your browser loads the required Web Fonts into your browser cache to correctly display text and fonts.

The use of Google Maps is in the interest of providing an appealing presentation of our physical store locations and making it easy to find the places listed on our website. This constitutes a legitimate interest pursuant to Article 6(1)(f) GDPR. If corresponding consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent may be revoked at any time.

Data transfers to the United States are based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://www.google.com/intl/en_en/help/terms_maps/

Further information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy

34. RTB House

To conduct personalized advertising campaigns, Snipes SE processes certain data about users’ online activities on this website. This data may include: online identifiers (e.g., cookie ID / mobile advertising ID), information about specific pages visited, products viewed or added to the shopping cart along with timestamps, purchased items, and technical device and browser details.

Snipes SE engages RTB House GmbH, Kurfürstendamm 11, 10719 Berlin, an advertising technology company, as a third-party subcontractor to carry out advertising campaigns and display personalized ads to users based on this data. Where this data qualifies as “personal data” under the GDPR, Snipes SE acts as the data controller and RTB House GmbH as the data processor.

Further information about RTB House’s retargeting technology can be found at: https://www.rtbhouse.com/privacy-center/

The legal basis for this data processing is your consent pursuant to Article 6(1)(a) GDPR and § 25(1) TDDDG, which may be revoked at any time.

35. Speedkit

This website uses the product Speed Kit provided by Baqend GmbH, Stresemannstr. 23, 22769 Hamburg, to reduce page loading times. Publicly accessible data is delivered via the infrastructure of Baqend GmbH. No personalized or personal content is transmitted or stored. IP addresses are immediately anonymized after transmission.

Further information can be found here: https://www.speedkit.com/privacy

36. Use of AWIN

Sole Brothers GmbH processes your personal data to conduct affiliate marketing campaigns. This allows us to track which third-party operators of websites, apps, and other technologies have referred potential customers to our websites and apps, and to pay them a commission in return for these referrals. We do this based on our legitimate interest in running a performance-based online advertising campaign.

We work with AWIN, which supports us in executing these affiliate marketing campaigns. You can find AWIN’s privacy policy here, which includes information about your rights regarding data processing by AWIN:

https://www.awin.com/gb/privacy

In some cases, AWIN may create a limited profile related to you, which does not allow conclusions about your identity, online behavior, or other personal characteristics. This profile is used solely to determine whether a referral was initiated on one device and completed on another.

In some cases, AWIN and the intermediaries referring potential customers may receive and process your personal data to conduct affiliate marketing campaigns with us. We also receive personal data from AWIN and the referrers of potential customers, which may include:

Cookie data

Data related to the website, app, or other technology from which a potential customer was referred

Technical information about your device or a uniquely assigned ID for your transaction, which AWIN can associate with the aforementioned data in its system

You may withdraw your consent at any time in accordance with the instructions provided in section 8.

[Av1]Rechtliche Stellungnahme:Es finden die deutschen Regelungen Anwendungen und die zuständige Behörde ist das LDI NRW. Es ist ausreichend, dass die Datenschutzerklärung in englischer Sprache angeboten wird:Das BDSG ist gem. § 1 Abs. 4 Nr. 2 BDSG iVm Art. 23 DSGVO anwendbar. Art. 23 DSGVO sagt aus, dass die Betroffenenrechte aus Art. 12 ff. DSGVO durch Rechtsvorschriften der Mitgliedsstaaten, denen der Verantwortliche unterliegt, beschränkt werden können. § 1 Abs. 4 Nr. 2 BDSG erläutert, dass das BDSG Anwendung auf [Unternehmen] findet, sofern die Verarbeitung personenbezogener Daten im Rahmen der Tätigkeiten einer inländischen Niederlassung des Verantwortlichen erfolgt.2. Die Zuständigkeit ergibt sich aus Art. 56 DSGVO iVm ErwG 124. Daher sollten auch die nationalen Vorgaben, insb. des LDI NRW, beachtet werden, zB zum Double-Opt-In-Verfahren.3. In welchen Sprachen die Datenschutzerklärung angeboten werden muss, wenn sich der Onlineshop an verschiedensprachige Kunden richtet, ist umstritten. Nach dem BayLDA kann jedoch vertreten werden:„Das BayLDA macht hiervon aber auch Ausnahmen. Sofern ein Online-Shop seine Waren in Europa durchgängig in englischer Sprache anbietet und ein Kunde in der Lage ist, in diesem englischsprachigen Onlineshop Waren zu erwerben, kann der Verantwortliche nach Ansicht des BayLDA davon ausgehen, dass dieser Kunde auch englische Datenschutzinformationen verstehen.“Siehe https://www.delegedata.de/2021/05/uebersetzung-erforderlich-anforderungen-an-die-sprache-einer-datenschutzerklaerung-nach-ansichten-der-aufsichtsbehoerden/[Av2]Verlinkung[Av3]Sollen für die nicht-deutschsprachigen Kunden ebenfalls diese Kontaktdaten verwendet werden?[Av4]Läuft der SEU-Shop unter dieser Domain?[Av5]Link einfügenACHTUNG: In der deutschen Datenschutzerklärung fehlt der Link ebenfalls.[Av6]Bitte sicherstellen, dass die Datenschutzeinstellungen im Footer des SEU-Shops mit „Cookie Settings“ übersetzt wird bzw. ansonsten den Begriff aus dem Footer hier einfügen.[Av7]11.9 Contentsquare wie besprochen entfernt. Ich schlage vor, hier dennoch mit Ziffer 11.10 weiter zu machen, damit man zu enem späteren Zeitpunkt bei Bedarf Contentsquare als Ziffer 11.9 ergänzen kann.[Av8]Hinweis auf Besucher mit SNIPES CLIQUE Account entfernt, da SNIPES CLIQUE für SEU Shop nicht geplant ist.[Av9]Hinweis auf SNIPES App entfernt[Av10]https://support.google.com/google-ads/answer/9888656?hl=en[Av11]https://policies.google.com/privacy.[Av12]Wie oben: Den Link aus dem Footer zu den Datenschutzeinstellung einfügen.[Av13]Ziffer 20 und 21 behandeln die SNIPES Clique App und ich habe diese Absätze daher entfernt. Ich empfehle, hier dennoch mit Ziffer 22 fortzuführen, damit man in Zukunft die Absätze zur SNIPES Clique App bei Bedarf problemlos ergänzen kann.

Newsletter – Sign up now
*
Yes, I would like to subscribe to the SNIPES newsletter and be informed about promotions and news. By registering, I accept the SNIPES privacy policy and give my consent to the data collection, storage, and processing described there. You can unsubscribe at any time via the link in the email or through our customer service.

Fast shipping with DHL

Delivery within 1-3 business days

Free returns

Free returns via DHL

Free shipping

on orders over 60 €