Privacy policy

Privacy Policy

We take the protection of your personal data when you visit our website very seriously. All information relating to your person, such as your name, address, telephone number, email address, account number, etc., as well as all information that can be traced back to you, is referred to as personal data. This also includes the IP address that is automatically transmitted when you visit a website. This is technically necessary.

We want you to know if and when we collect what data and how we use it. We have taken technical and organisational measures to ensure that data protection regulations are observed both by us and by any external service providers. In particular, we also comply with the General Data Protection Regulation (GDPR) of the European Union (EU), which came into force on 25 May 2018.

Below you will find information about what data is collected during your visit to our website and how it is used.

If you wish to exercise your rights (see below), please contact Lampuga GmbH as the data controller for this website. Send an email to datenschutz@lampuga.de or write to the address given in the legal notice at https://lampuga.com/en/imprint 

If you have any general questions or concerns regarding data protection, please contact the external data protection officer (DPO) Thomas Schneider of DSB Baden GmbH in writing at edsb@lampuga.de. Please enter ‘Lampuga: Data protection’ in the subject line so that the external DPO can easily identify your enquiry.

Legal basis

Personal data may only be ‘processed’ if there is a valid legal basis for doing so. Processing is limited to a specific purpose. We process personal data that we may collect from you via this website on the basis of the following legal grounds:

Balancing of interests pursuant to Art. 6 para. 1 lit. f GDPR

The possible use of tools designed to make our website more customer-friendly, efficient and secure may be carried out within the framework of a balancing of interests, as this does not involve the profiling of user behaviour and the IP address of the visitor is only stored in non-anonymised form for a short period of time.

We also process information that you provide to us for the purpose of a potential or existing business relationship (B2B relationship) within the scope of the balancing of interests.

Contractual relationship pursuant to Art. 6 para. 1 lit. b GDPR

If you provide us with your personal information as a private individual (e.g. in the context of a product enquiry), we process this data within the framework of contract initiation or for the purpose of processing the contractual relationship.

Legal requirement pursuant to Art. 6 para. 1 lit. c GDPR

Insofar as we are subject to legal requirements that require us to use your personal data, this is done within the scope of this legal basis.

Consent pursuant to Art. 6 para. 1 lit. a GDPR

In rare cases, we may wish to use the personal data you have provided for a purpose other than that for which it was intended. If this occurs and there is no other legal basis, we will require your voluntary consent, which you may revoke at any time in the future, for which we will then ask you separately.

Website access

When you visit our website, your IP address and other information are automatically transmitted. We do not store this data ourselves, but our service provider requires this information for the technical provision of the website. It automatically logs every access to our homepage and every possible retrieval of a file stored on the homepage.

The following are logged: name of the file accessed, date and time of access, amount of data transferred, notification of successful access and web browser. The IP address of the computer from which the request was sent is not stored. Personal user profiles cannot therefore be created.

The storage serves internal system-related purposes, primarily to ensure the availability of our website, in accordance with § 12 TDDDG (disruption of telecommunications systems and misuse of telecommunications services). Processing under our responsibility is carried out within the scope of Art. 6 para. 1 lit. f GDPR.

If we wish to use the transmitted IP address for further purposes, this will be explained in more detail below.

Information obligations under Art. 13 GDPR

The General Data Protection Regulation requires us to provide appropriate information whenever personal data is collected directly from the data subject. We collect personal data from you on our website and would therefore like to inform you accordingly. This collection takes place, for example, when we

• collect your IP address for the technical provision of the website

• use a tracking tool that uses the IP address

• receive your entries in a contact module for communication with us.

Basic procedure:

If you have provided us with personal data, we will only use it to respond to your enquiries and for technical administration. The anonymised IP address for statistical evaluation is an exception to this.

Your personal data will only be passed on to third parties or otherwise transferred if this is necessary for the purpose of contract processing – in particular the transfer of order data to suppliers – if this is necessary for billing purposes, if we are legally obliged to do so, if this is done within the scope of order processing by subcontractors or if you have given your prior consent. You have the right to revoke your consent at any time with effect for the future.

The stored personal data will be deleted if you revoke your consent to storage, if knowledge of it is no longer necessary to fulfil the purpose for which it was stored, i.e. the process has been completed and there are no legal retention periods, or if their storage is inadmissible for other legal reasons. If the data cannot be deleted for technical reasons, we will anonymise it so that it can no longer be linked to a specific person in the future.

All collection and processing of data on this website is the responsibility of our company.

You can find additional detailed information in the following sections.

Contact forms

Contact form for rental enquiries

On our website, we offer users the option of submitting a rental enquiry, which we forward to cooperating rental stations. To do this, we require the information in the mandatory fields marked with an asterisk (*). Please note that we have the option of setting a restricted service mode for children. You therefore have the option of specifying the number of children who will be using a board.

After submission, we will forward this information to the contractual partner you have selected (selected rental station).

Your personal data will be processed in accordance with Art. 6 para. 1 lit. b GDPR (contract initiation between you and the rental station).

In our form, we offer you the opportunity to participate in our WhatsApp survey on service quality. We (Lampuga GmbH) are responsible for this survey and we process your data for the survey on the basis of your voluntary consent in accordance with Art. 6 para. 1 lit a GDPR. You can also refuse this consent or revoke it at any time with effect for the future.

Further information (consent text) can be found under the relevant point directly in the contact form.

Lampuga Shop

We offer various products for sale in our shop. When you order a product, the following personal data will be processed:

First name and surname, delivery and billing address, contact information (e.g. email address), order

We use the shopify shop system provided by shopify international ltd., c/o intertrust ireland, 2nd floor 1-2 victoria buildings, haddington road, Dublin 4, d04 xn32, Ireland. Further information on data protection at shopify can be found at the following link: https://www.shopify.com/de/legal/privacy/app-users.

All data collected on our shop website is processed on Shopify's servers. Your data is processed on our own systems for the purpose of processing the payment transaction (invoice and prepayment).

Your personal data is processed for the purpose of contract fulfilment in accordance with Art. 6 para. 1 lit. b GDPR.

We store your data until the expiry of the currently valid statutory retention periods.

Personal customer data can only be deleted 180 days after a customer's most recent order. Shopify retains customer data in the event of a chargeback procedure. The deletion is marked in the system and takes place automatically on the specified date. In the meantime, the customer data is blocked and cannot be used. During the deletion period, the account can be reactivated by the customer resetting their password. The deletion request remains valid and the deletion is carried out on the specified date.

Cookies and similar

Cookies are small text files that can be stored on your computer for various purposes. Cookies can have various functions. For example, some cookies enable the user to use the website more conveniently, while others record user behaviour or help to identify users when they visit a website again.

We use cookies in accordance with Section 25 TDDDG (formerly TTDSG).

If these cookies serve to provide a function you have requested (e.g. language selection), the legal basis according to Section 25 (2) letter 2 TDDDG is a ‘balancing of interests’ in accordance with Art. 6 (1) letter f GDPR, as we would like to comply with your request.

In order to present our website in a form that is usable for you, we read some system content from your computer (e.g. screen resolution and language settings). For this purpose, we may use cookies to improve the usability of the website. The legal basis for this is a balancing of interests in accordance with Section 35 (2) (1) TDDDG.

Technically necessary cookies for the operation of a secure website (e.g. to prevent phishing attacks) also do not require consent according to the classification of the supervisory authorities. Their use is also based on Art. 6 para. 1 letter f GDPR in order to ensure our mutual interest in secure communication.

Other cookies, which are used, for example, to track user behaviour on our websites, require your express consent in accordance with Art. 6 para. 1 letter a GDPR. In this case, we will ask for your consent (usually for a service that uses these cookies), which you can also refuse.

Please refer to the consent manager to find out which cookies we use specifically.

Google Maps

We use the map service Google Maps provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (‘Google’) to make it easier for you to find rental stations.

The map view and the auto-complete function are disabled by default. By activating the convenience cookies or by clicking on ‘Load map’, you consent to the transfer of data to Google (in accordance with Art. 6 para. 1 lit. a GDPR).. Your IP address and other data (e.g. current website) will be transmitted to a Google server in the USA. Google reserves the right to use this data for its own purposes.

Further information on data protection at Google can be found here: https://www.google.de/intl/de/policies/privacy/

You can use the consent tool, which is used to manage your consent, to block the loading of maps and the auto-complete function. In this case, no data will be transmitted to Google. However, you will then no longer be able to use the search and navigation functions to find our rental stations. The simplified search for rental stations and address entry will also no longer be available.

Google Tag Manager

Google Tag Manager allows tags to be integrated centrally via a user interface. Tags are small pieces of code that can track activities. Script codes from other tools are integrated via Google Tag Manager. Tag Manager allows you to control when a specific tag is triggered.

Processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest).

The data will be deleted as soon as it is no longer required for processing purposes.

Web analysis with Google Analytics

We want to make our websites user-friendly and appealing. To do this, we want to recognise how our users navigate our websites so that we can carry out anonymous evaluations.

We use the server-based tool ‘Google Analytics 4’ to implement this. By implementing this on our own servers, we ensure that your personal data is filtered/anonymised before it is passed on to Google. Google is therefore unable to link your user behaviour on our website to your data stored by Google. This procedure means that we do not transfer any personal data to Google.

Technically, implementation is only possible if we use the cookies listed in the consenttool for the operation of Google Analytics. In accordance with Section 25 (1) TDDDG, we require your voluntary consent in accordance with Art. 6 (1) lit. a GDPR to set these cookies, which we request via the consent manager. We ask for your consent to use them in connection with the cookies used.

Facebook Pixel

This is a tracking technology offered by Facebook and used by other Facebook services. It is used to track visitors' interactions with websites (‘events’) after they have clicked on an advertisement placed on Facebook or other services provided by Meta (‘conversion’).

Processing company:

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data protection officer of the processing company

Below you will find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/1650115808681298

The legal basis for the processing of your personal data and its transfer to Meta is Art. 6 para. 1 lit. a GDPR (consent), which you can revoke at any time with future effect.

Facebook Social Plugin

This is a social plugin from Facebook that allows the operator of a website to connect their website to the social network Facebook.

Processing company:

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data protection officer of the processing company

Below you will find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

The legal basis for the processing of your personal data and its transfer to Meta is Art. 6 para. 1 lit. a GDPR (consent), which you can revoke at any time with future effect.

Google Ads

Our website uses Google Ads to show you relevant advertisements. To do this, we need to analyse your usage behaviour on our website and recognise you as a user. We use various technologies for this purpose, which also include storing and reading information on your computer. If you give your consent, we use cookies and set ‘signals’ from the tool, which ensures that the data stream to Google is enriched with further information.

These signals are:

1. Storage (ad_storage)

The ‘ad_storage signal’ regulates consent to the storage and use of cookies, local storage or other identifiers for advertising purposes.

2. Collecting data (ad_user_data)

Google Ads collects and processes data about your behaviour on our website and your interactions with the ads displayed. This data helps us to better understand users and improve the efficiency of our advertising campaigns.

3. Personalised advertising (ad_personalization)

Google Ads uses this value to personalise advertising content based on your interests and browsing behaviour in order to provide you with more targeted and relevant advertising messages.

Processing company:

Google Ireland Limited

Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

 

Data protection officer of the processing company

Below you will find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

 

The legal basis for the processing of your personal data and its transfer to Google is Art. 6 (1) lit. a GDPR (consent), which you can revoke at any time with future effect.

YouTube video

This is a video player service. It can be used by users to view, share, comment on and upload videos.

Processing company:

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data protection officer of the processing company

Below you will find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

The legal basis for the processing of your personal data and its transfer to Google is Art. 6 (1) lit. a GDPR (consent), which you can revoke at any time with future effect.

Usercentrics Consent Management Platform (‘Consent Tool’)

We use this tool to obtain consent in accordance with the GDPR and the TDDDG. When you visit our website for the first time, we use it to ask you for your consent. You can review your selection at any time and change it with future effect. To do so, please call up the tool again at https://shop.lampuga.com/en/policies/#shopifyReshowConsentBanner

We use cookies based on the legal basis of Art. 6 (1) lit. c GDPR to store your selection and control the tool in order to comply with a legal obligation to comply with these consents or to give you the option of objecting to processing on the basis of a ‘balancing of interests’ pursuant to Art. 6 (1) lit. f GDPR.

The implementation of these measures requires your voluntary consent, which we collect/manage with our consent tool and which you can revoke at any time with future effect (privacy policy à Change privacy settings).

Links to other websites

Our website may contain links to external websites of third parties. We have no influence on their content. Therefore, we cannot accept any liability for this external content. Links are marked differently. If you position your mouse on a link (e.g. an icon), it is usually displayed at the bottom left by your browser.

The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any infringements, we will remove such links immediately.

Please note that when you click on a link, in some cases the third party (e.g. Facebook, LinkedIn, Instagram, YouTube) will analyse how you got there. They can determine the exit address (our website), your IP address and other data. For example, if you have a Facebook account and are currently logged in, Facebook is able to associate this information with your account.

If you do not want this to happen, please do not use the link on our website. Instead, you can copy this link and enter it directly into your browser. Please note the privacy policies of the third parties whose websites the link leads to.

By using the link to our Shopify shop, you will be redirected to Shopify. The shop we operate there uses the IT infrastructure of Shopify. We have concluded a contract with Shopify for order processing and have made all arrangements to protect your personal data in accordance with the GDPR. On our Shopify website, you will find a separate privacy policy for the shop in order to comply with the information requirements of the GDPR.

Your rights – rights of the data subject under the GDPR

Articles 12–23 of the GDPR govern the rights of the data subject, i.e. your rights regarding the handling of your personal data. These are essentially as follows:

• Right to information at the latest at the time of collection in accordance with Art. 13 GDPR, which we comply with through this privacy policy.

• Right to information in accordance with Art. 15 GDPR

• Right to erasure in accordance with Art. 17 GDPR

• Right to restriction of processing in accordance with Art. 18 GDPR

• Right to object pursuant to Art. 21 GDPR

• Where applicable: Right to data portability pursuant to Art. 20 GDPR

We will support you in exercising your rights in accordance with the GDPR and other legal provisions.

For enquiries regarding the exercise of your rights, please contact the recipient specified in the introduction. Please understand that, in the interests of the rights of other persons, we can only provide personal information if you can provide appropriate proof of identity.

You also have the right to lodge a complaint with a data protection supervisory authority of your choice. The competent authority is usually the state data protection officer of the federal state in which our company is based – in our case, this is the state data protection officer of Baden-Württemberg.

A list of supervisory authorities and their contact details can be found at the following link:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

 

Security notice

We make every effort to store your personal data in such a way that it is not accessible to third parties by taking all technical and organisational measures. In the event of communication via unencrypted email, we cannot guarantee complete data security, so we recommend that you use an encrypted method or postal mail for confidential information.

 

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from http:// to https:// and by the lock symbol in the browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.