Privacy policy

We take data protection seriously

The protection of your privacy when processing personal data is very important to us. When you visit our website, our web servers automatically store the IP address of your internet service provider, the website from which you visit us, the pages you visit on our site, as well as the date and duration of your visit. This information is essential for the technical transmission of the web pages and secure server operation. A personalised analysis of this data does not take place.

If you send us data using the contact form, this data is stored on our servers as part of the data backup process. We will use your data only for the purpose of processing your request. Your data will be treated in strict confidence. Your data will not be passed on to third parties. When you use one of our services, we generally only collect the data necessary to provide you with that service. We may ask you for additional information, which is, however, voluntary. Whenever we process personal data, we do so either to provide you with our service or to pursue our commercial objectives.

1. Who is responsible for data processing, and who can you contact?

Controller

TEVEO GmbH

Dr.-Zumach-Ring 6

91522 Ansbach, Germany

Email: service@teveo.com

Tel.: +49 9872 438 96 64

The company’s data protection officer is

Mr Nico Becker

Projekt 29 GmbH & Co. KG

Ostengasse 14

93047 Regensburg

Email: anfragen@projekt29.de

Tel.: 0941-2986930

2. Personal data

Personal data refers to information about you as an individual. It includes your name, address, and email address. You do not have to disclose any personal data in order to visit our website. In some cases, we require your name, address, and additional information in order to provide the service you have requested.

The same applies if we provide you with information material upon request or respond to your enquiries. In such cases, we will always inform you. Additionally, we only store the data that you have transmitted to us either automatically or voluntarily.

When you use one of our services, we generally only collect the data necessary to provide you with that service. We may ask you for additional information, which is, however, voluntary. Whenever we process personal data, we do so either to provide you with our service or to pursue our commercial objectives.

3. Visiting the website

3.1 General use

When you visit our website, our web servers automatically store the IP address of your internet service providers, the website from which you visit us, the pages you visit on our site, as well as the date and duration of your visit. The processing of this information is strictly necessary for the technical transmission of the website, the convenient use of our services, and the secure operation of the server. Our legitimate interest arises from Article 6(1)(f) GDPR.

3.2 Automatically stored data

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in server log files. This includes:

Date and time of the request
Name of the requested file
Page from which the file was requested
Access status (file transferred, file not found, etc.)
Web browser and operating system used
Full IP address of the requesting computer
Amount of data transmitted

This data will not be combined with data from other sources. The processing is carried out in accordance with Article 6(1)(f) of the GDPR, based on our legitimate interest in improving the stability and functionality of our website.

We store this data temporarily for technical security reasons, in particular to prevent attempts to attack our web server. It is not possible for us to identify individuals from this data. After no more than seven days, the data is anonymised by shortening the IP address at the domain level, making it impossible to link the information to an individual user. The data is also processed in anonymised form for statistical purposes. It is not compared with other data sets or passed on to third parties, not even in part.

3.3 Making contact

When you contact us (for example, using the contact form, by email, telephone, or via social media), the information provided by you as the inquirer is processed to the extent necessary to respond to your contact request and any requested action. We respond to contact requests in the context of contractual or pre-contractual relationships in order to fulfil our contractual obligations or to respond to (pre-)contractual requests and otherwise on the basis of our legitimate interests in responding to the requests.

Processed data types: Account data (such as names, addresses), contact details (such as email addresses, phone numbers), content data (such as entries in online forms).
Data subjects: Communication partner.
Purpose of processing: Contact requests and communication.
Legal basis: Performance of contracts and pre-contractual enquiries (Article 6(1)(b) GDPR), legitimate interests (Article 6 (1)(f) GDPR).

3.4 Cookies

When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters by which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other internet browsers that contain different cookies. A specific internet browser can be recognised and identified by means of the unique cookie ID.

By using session cookies, the controller can provide users of this website with a user-friendly service that would not be possible without the use of cookies. Without consent, we only use technically necessary cookies based on legitimate interest in accordance with Article 6(1)(f) of the GDPR.

We only use personal data cookies to improve our website or for marketing/advertising purposes with your consent. During your first visit, you can voluntarily consent to tracking and analysis via the displayed cookie banner. Your data may be passed on to partners or third-party providers. These cookies will only be stored if you explicitly agree, with the legal basis being your consent in accordance with Article 6(1)(a) of the GDPR. You can change your cookie settings here at any time: https://teveo.com/pages/cookie-einstellungen

3.5 Consent management

GDPR Legal Cookie

On our website, we use the consent management tool GDPR Legal Cookie by Pandectes OÜ, (Harju maakond, Kuusalu vald, Pudisoo küla, Männimäe/1, 74626, Estonia).

This tool enables you to grant consent to data processing via the website, particularly by setting cookies, and to exercise your right of withdrawal for previously granted consent. This data processing serves the purpose of obtaining and documenting the required consent to data processing, and thereby complying with legal obligations. Cookies may be used for this purpose. In this context, the following information may be collected and transferred to Pandectes: anonymised IP address; date and time of consent; URL from which consent was submitted; anonymous, random, encrypted key; status of consent. This data will not be forwarded to other third parties. Data processing occurs to fulfil a legal obligation on the basis of Article 6 (1)(c) GDPR. You can find more detailed information about the terms of use and data protection by Pandectes at: https://pandectes.io/privacy-policy/ as well as https://pandectes.io/regulations/gdpr/

4. Service optimisation

4.1 Platform

Shopify

We are hosted by Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter ‘Shopify’). Shopify is a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address, as well as information about the device and browser you are using. Shopify also analyses visitor numbers, visitor sources, and customer behaviour and compiles user statistics. When you make a purchase on our website, Shopify also collects your name, email address, shipping and billing addresses, payment information, and other data related to the purchase (such as, phone number, total transaction amount, etc.). Shopify stores cookies in your browser for the analyses.

For details, see Shopify’s privacy policy: https://www.shopify.com/uk/legal/privacy

The use of Shopify is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in ensuring that our website is displayed as reliably as possible. If the appropriate consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG (German Telecommunications and Telemedia Data Protection Act), insofar as the consent includes the storage of cookies or access to information on the user’s device (such as device fingerprinting) as defined by the TTDSG. Your consent can be revoked at any time.

We have entered into a data processing agreement (DPA) with the aforementioned provider in accordance with Article 28 of the GDPR. This is a contract required by data protection law which ensures that the processor only processes the personal data of our website visitors based on our instructions and in compliance with the GDPR.

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, store cookies or carry out independent analyses. It is solely used for managing and delivering the tools integrated through it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The use of Google Tag Manager is based on Article 6(1)(f) of the GDPR.

Gorgias Chat

We use Gorgias, Gorgias Inc., 611 Mission St FL 6 San Francisco, CA, 94105-3536 United States to communicate with our customers. If you send us a request via the platform, you only need to provide your email address. We store your message and email address until the statutory retention period has expired. If there is no such time limit, we will delete your data if you request us to do so or when your enquiry has been finally processed. If you submit your question via the chat window, the same applies, but instead of your email address, your IP address will be stored.

As a company, we have a legitimate interest in being able to process customer enquiries quickly and efficiently. The processing of your data is therefore based on Article 6(1)(f) of the GDPR.

We store your message and the information from the form in order to process your request, including follow-up questions. This also applies to the contact details provided. We will not share your data with other parties without your consent.

We will delete your data as soon as one of the following occurs:

Your request has been processed in full.
You request that we delete the data.
You revoke your consent to the storage of your data

This does not apply if we are legally required to retain the data.

Gorgias has established internal company policies to ensure that data transfers are compliant with the GDPR (see https://www.gorgias.com/legal/privacy))

MaxMind

We use the GeoIP2 Precision City geolocalisation service on our website. GeoIP2 Precision City is a service of MaxMind, Inc., Waltham, MA, 14 Spring St., Suite 3, Waltham, Massachusetts 02451, USA.

The IP addresses used in the database are associated with approximate location/geolocation data based on the country of origin of the IP address. It cannot be ruled out that MaxMind may also transfer the information to a server in a third country.

As indicated by the certification of MaxMind, Inc. (Available at https://www.privacyshield.gov/list under the search term ‘MaxMind’), MaxMind, Inc. has committed to complying with the Data Privacy Framework and the Swiss-US Framework published by the US Department of Commerce, regarding the collection, use, and storage of personal data from EU member states and Switzerland. MaxMind, Inc. has declared that it adheres to the Data Privacy Framework principles through certification. For more information, please go to:

https://www.maxmind.com/de/privacy_policy

Furthermore, we have entered into a data processing agreement with MaxMind for the use of GeoIP2 Precision, in accordance with Article 28 of the GDPR. By integrating GeoIP2 Precision, our aim is to determine your approximate location based on the IP address transmitted to MaxMind, in order to recommend local education providers near you based on your location. This enables us to continuously improve our services.

The legal basis for the processing of personal data described here is Article 6(1)(f) of the GDPR. Our legitimate interest required for this is based on the significant benefit that the aforementioned functions provide to our services. The localisation of your position enables us, in particular, to respond in a targeted manner, optimise our services, and facilitate the technical implementation of our website.

4.2 Data Processing for Order Fulfilment

GoKarla

To handle complaints and provide customer services, we use the following provider: GoKarla GmbH, Gormannstrasse 19a, 10119 Berlin, Germany.

For the purposes of processing refunds, reporting damages, and clarifying order status information, we share personal data such as name, address, email address, telephone number, order number, and product details (such as item description, quantity, price) with the provider in accordance with Article 6(1)(b) of the GDPR. Processing is carried out solely to the extent necessary to fulfil contractual obligations. In addition, tracking data (such as shipment number, delivery status, estimated delivery time, and shipping details) are used to verify liability and process complaints.

To fulfil the purposes outlined above, we share personal data with logistics and insurance service providers for liability assessments and claims settlements. Data is shared only to the extent necessary and includes personal information such as name, address, email address, telephone number, order number, and product details.

We have entered into a data processing agreement with the provider in accordance with Article 28 of the GDPR, which ensures the protection of personal data and prohibits unauthorised disclosure to third parties.

If you wish to object to the use of your data for non-essential purposes, you may do so at any time. You can submit your objection in writing to the responsible party mentioned above.

4.3 Newsletter

We offer the option to subscribe to our newsletter on this website. After registration we regularly inform you about new developments via email. Furthermore, you will receive an email reminder after a certain period of time regarding items that you placed in your basket if you had to interrupt the order or were unable to complete the purchase. A valid email address is required in order to subscribe to the newsletter. To verify your email address, you will first receive a registration email, which you must confirm by clicking the link. If you subscribe to the newsletter on our website, we process personal data such as your email address on the basis of your consent. The legal basis for processing your data is Article 6(1)(a) of the GDPR. You can unsubscribe from our newsletter at any time by using the relevant link in the email you received or by sending an email to service@teveo.com .

Klaviyo

This website uses the services of Klaviyo to distribute newsletters. The provider is Klaviyo, 225 Franklin St, Boston, MA 02110, USA.

Klaviyo is a service used to organise and analyse newsletter distribution. When you enter data for the purpose of subscribing to the newsletter (for example, your email address), it will be stored on Klaviyo’s servers in the United States.

Klaviyo helps us to analyse our newsletter campaigns. When you open an email sent using Klaviyo, a file contained in the email (known as a web beacon) connects you with the Klaviyo servers in the USA. This makes it possible to determine whether a newsletter message was opened and which links were clicked on. In addition, technical information will be collected (such as time of access, IP address, browser type, and operating system). This information cannot be attributed to the specific newsletter recipient. It is only used for statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of recipients.

If you do not want your data to be analysed by Klaviyo, you will need to unsubscribe from the newsletter. We provide a link for this purpose in every newsletter email. Data processing is carried out based on your consent (Article 6(1)(a) of the GDPR). You can withdraw this consent at any time by unsubscribing from the newsletter. The lawfulness of the data processing operations that have already occurred will be unaffected by this withdrawal.

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe, after which it will be deleted from the newsletter distribution list. Data which we saved for other purposes remain unaffected by this.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.klaviyo.com/legal/dpa

After you are removed from the newsletter mailing list, your email address may be saved on a blacklist by us or the newsletter provider if this is required in order to prevent future mailings. The data from the blacklist is used only for this purpose and is not merged with other data. This serves both your interest and our own interest in complying with the legal requirements when mailing newsletters (legitimate interest within the meaning of Article 6(1)(f) GDPR). Storage in the blacklist occurs for an unlimited period of time. You can object to this storage to the extend that your interests outweigh our legitimate interest.

You can find more details in the Privacy Policy of Klaviyo at:

https://www.klaviyo.com/legal/privacy-notice

5. Tools and services for analysis, statistics, and marketing

5.1 Analysis and statistics

Google Analytics (4)

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In this process, the website operator receives various usage data, such as page views, duration of visit, operating systems used, and the user’s location. This data is summarised in a user ID and assigned to the respective end device of the website visitor.

Furthermore, we can use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modelling approaches to supplement the collected data sets and employs machine learning technologies in data analysis.

Google Analytics uses technologies that enable the recognition of users for the purpose of analysing user behaviour (such as cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there. The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG. Your consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/controllerterms/mccs/

The European Commission has issued an adequacy decision for the United States, provided that companies are certified according to the Data Privacy Framework programme. Google is certified accordingly and thus fulfils the requirements of the EU Commission.

Google Signals We use Google Signals. When you visit our website, Google Analytics collects information including your location, search history, YouTube history, and demographic data (visitor data). This data can be used for personalised advertising with the help of Google Signals. If you have a Google account, Google Signal visitor data will be linked to your Google account and used for personalised advertising messages. The data is also used to create anonymised statistics on the user behaviour of our users.

Google Analytics e-commerce measurement

This website uses the ‘e-commerce measurement’ feature of Google Analytics. Using e-commerce measurement, the website operator can analyse the purchasing behaviour of visitors to improve their online marketing campaigns. This involves collecting information such as completed orders, average order values, shipping costs, and the time from viewing a product to making a purchase. This data can be summarised by Google under a transaction ID, which is assigned to the respective user or their device.

Klar attribution

On our website, we use the services of Klar (Klar Insights GmbH, Marktstr. 18, 80802 Munich, Germany). On this website and its subpages, Klar collects, processes and saves data for reach measurement and statistical analysis on our behalf. This collection occurs on the following legal basis:

If the user has given consent pursuant to Art. 6 (1) Sentence 1 (a) GDPR and Section 25 (1) Sentence 1 TTDSG, the processed data will be collected on a user-specific basis.

For the different collection methods mentioned above, different cookies are used to ensure the specific collection method.

Cookie opt-out

To completely opt out of the use of Klar, please use the following link:[Link](https://536832101.teveo.com/donottrack/me.). This will cause a cookie to be saved with the name “do_not_track” from the domain “teveo.com”. Please do not delete this, as it will not be possible otherwise to ensure that you are not tracked by Klar.

You can find information about data protection and Klar’s use of data on the following website: [https://www.getklar.com/data-protection](https://www.getklar.com/data-protection)

5.2 Advertising and marketing

Nosto retargeting/remarketing/recommendation advertising

This website also uses retargeting technology from Nosto Solutions Ltd., Schützenstr. 6, 10117 Berlin or Nosto Solutions Ltd, Bulevardi 21 00180 Helsinki, Finland (‘Nosto’). This retargeting technology uses cookies – text files stored on your computer or mobile device – to enable an analysis of how you use the website.

We use Nosto’s retargeting technology to specifically target visitors to our website with personalised, interest-based advertising, aimed at those who have already shown interest in our shop and products. The display of advertising materials is based on a cookie-based analysis of previous user behaviour, with only pseudonymised personal data being stored. This can include the use of retargeting technology, where a cookie is stored on your computer or mobile device to collect pseudonymised data about your interests, allowing advertisements to be tailored to the stored information.

The processing of your data is based on your consent in accordance with Article 6(1)(1)(a) GDPR, and for the transfer to a third country, in conjunction with Article 49(1)(a) GDPR. You grant your consent by accepting the use of cookies on our website. Additionally, when visiting our website, you can individually allow or opt out of the cookies we use by ticking the appropriate box within the cookie banner.

The data collected includes the IP address (visitor IP and geolocation of the IP address, email address, country, and postcode).

Further information and the privacy policy regarding advertising and Nosto can be viewed here:

https://www.nosto.com/data-privacy/

https://www.nosto.com/legal/terms-conditions-dpa/

Facebook Custom Audiences

We use Facebook Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When you visit or use our websites and apps, take advantage of our free or paid services, transmit data to us, or interact with our company’s Facebook content, we collect your personal data in the process. If you give us permission to use Facebook Custom Audiences, we will transfer this data to Facebook, which will enable Facebook to show you appropriate advertising. Furthermore, target groups can be defined with your data (lookalike audiences).

Facebook processes this data as our processor. Details can be found in the Facebook user agreement:

https://www.facebook.com/legal/terms/customaudience

The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG. Your consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Moreover, Facebook is certified according to the Date Privacy Framework.

https://www.facebook.com/legal/terms/customaudience

https://www.facebook.com/legal/terms/dataprocessing

Google Ads Customer Match

We use Google Ads Customer Match Lists as part of our Google advertising activities. To use Customer Match, lists of encrypted user data (such as names, email addresses, postal addresses, customer-specific identifiers) are uploaded to Google. Google then compares whether the transmitted user data matches existing Google customers. From this, target groups can be created, which can then be used for the delivery of ads or campaigns. After the creation of the Customer Match lists, the encrypted customer data is automatically deleted. The providers do not gain access to any new addresses as a result.

The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google LLC, based in California, USA, and, where applicable, US authorities, may access the data stored by Google.

The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG. Your consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:

https://policies.google.com/privacy/frameworks

https://privacy.google.com/businesses/controllerterms/mccs/

Pinterest Ads

This website uses Pinterest Ads, a marketing service provided by Pinterest Inc., 651 Brannan Street, San Francisco, CA, 94107, USA.

This enables interest-based advertisements (‘Pinterest Ads’) to be displayed to users when they visit the Pinterest network or other websites that use the same advertising process. Our Pinterest Ads are specifically targeted at users who have shown an interest in our offerings or who match certain characteristics or interests that we have shared with Pinterest (‘ActALike Audiences’). In addition, we use the Pinterest Tag for statistical and market research purposes, since it allows us to track whether a user has been redirected to our website after clicking on a Pinterest ad (‘conversion’). Our aim is to display advertisements that are relevant to you and to enhance your experience on our website. The Pinterest Tag is also used for market research purposes.

When you visit our website, the Pinterest Tag stores a cookie on your device (see the ‘Cookies’ section of this Privacy Policy for more details). If you later log into Pinterest or visit Pinterest while already logged in, your visit to our website may be linked to your profile.

The data collected by Pinterest does not allow us to identify you personally.

If consent has been requested, processing is carried out solely on

The basis of Article 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as consent includes the storage of cookies or access to information on the user’s device (such as device fingerprinting) as defined by the TDDDG. Your consent can be revoked at any time.

For more information on how Pinterest processes data, please visit:

https://policy.pinterest.com/en/privacy-policy

Dresslife Integration

To provide personalised fashion recommendations, we use technology from Dresslife GmbH, Walderseestraße 7, 30163 Hanover, Germany. As part of this integration, the following data is processed via a cookie:

Session information: A unique session ID to identify returning users.
Browsing behaviour: Data on visited pages, time spent on the site, and interactions with products.
Device and browser details: Information about the device and browser used to optimise website performance.
Geographical data: An estimated location based on truncated IP addresses to tailor content regionally.
Referrer information: Details on how you arrived at our website to assess marketing effectiveness.

The processing of this data is carried out solely on the basis of your consent in accordance with Article 6(1)(a) GDPR, which you can revoke at any time. Your IP address is immediately anonymised, and all data is transmitted securely in encrypted form and stored safely.

We have entered into a Data Processing Agreement (DPA) with the aforementioned provider in accordance with Article 28 GDPR. This is a contract required by data protection law which ensures that the processor only processes the personal data of our website visitors based on our instructions and in compliance with the GDPR.

5.3 Social media and communication

Instagram plugin

Functions of the Instagram service have been integrated into this website. These features are integrated through the Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If you are logged into your Instagram account, you can link the contents of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this site with your user account. We would like to inform you that, as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by Instagram.

Since the appropriate consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG (German Telecommunications and Telemedia Data Protection Act), insofar as the consent includes the storage of cookies or access to information on the user’s device (such as device fingerprinting) as defined by the TTDSG. Your consent can be revoked at any time.

To the extent that personal data is collected on our website using the tool described here and transmitted to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Article 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its disclosure to Facebook or Instagram. The processing that occurs after the data is transferred to Facebook or Instagram is not part of the joint responsibility. The obligations incumbent on us jointly were set out in a joint processing agreement. The full text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum

According to this agreement, we are responsible for providing the privacy information when using the Facebook or Instagram tool and for ensuring the legally compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook and Instagram products. You can exercise your data subject rights (such as requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here:

https://www.facebook.com/legal/EU_data_transfer_addendum

https://help.instagram.com/519522125107875

https://de-de.facebook.com/help/566994660333381

Moreover, Meta is certified according to the Date Privacy Framework.

For more information, please see Instagram’s privacy policy:
https://instagram.com/about/legal/privacy/.

6. Customer account

Contract partners can create an account within our online platform (such as customer or user accounts, referred to as a ‘customer account’ for short). If the registration of a customer account is required, contract partners will be informed of this, as well as the information necessary for registration. Customer accounts are not public and cannot be indexed by search engines. As part of the registration process, as well as subsequent logins and use of the customer account, we store the customer’s IP addresses along with the access times in order to be able to prove the registration and prevent any misuse of the customer account.
If customers have cancelled their customer account, the data relating to the customer account will be deleted, unless it is necessary to store it for legal reasons. It is the responsibility of the customer to back up their data when they close their customer account. The legal basis for data processing is therefore Article 6(1)(b) GDPR.

6.1 Shop and e-commerce

We process our customers’ data to enable them to select, purchase, or order the chosen products, goods, and related services, as well as to facilitate their payment and delivery or execution. If required for the fulfilment of an order, we engage service providers, particularly postal, freight, and shipping companies, to carry out the delivery or execution of services to our customers. We use the services of banks and payment service providers to process payment transactions. The required information is marked as such during the ordering or similar purchase process and includes the details needed for delivery, provision, and billing, as well as contact information for any necessary follow-up.

Processed data types: Account data (such as names and addresses), payment data (such as bank details, invoices, and payment history), contact data (such as email addresses and phone numbers), contract data (such as subject matter, duration, and category of the contract), usage data (such as websites visited, interest in content, and access times), metadata and communication data (such as device information and IP addresses).
Data subjects: Prospective clients, business and contract partners, customers.
Purposes of processing: Provision of contractual services and customer support, contact requests and communication, office and organisational procedures, managing and responding to requests, security measures, conversion tracking (measuring the effectiveness of marketing activities), interest-based and behavioural marketing, profiling (creating user profiles).
Legal basis: Performance of the contract and pre-contractual inquiries (Article 6(1)(b) GDPR), legal obligation (Article 6(1)(c) GDPR), legitimate interests (Article 6(1)(f) GDPR).

6.2 Economic analyses and market research

For business management purposes and to identify market trends, as well as the needs of our contract partners and users, we analyse the data available to us regarding business transactions, contracts, inquiries, etc. The group of data subjects may include contract partners, prospective clients, customers, visitors, and users of our online services.
The analyses are conducted for the purposes of business evaluations, marketing, and market research (such as to identify customer groups with different characteristics As part of this, we may, where available, take into account the profiles of registered users along with their information, such as details of services they have used. The analyses are for our internal use only and are not disclosed externally, unless they involve anonymous analyses with aggregated, in other words, anonymised data. Furthermore, we respect the privacy of users and process the data for analytical purposes in a pseudonymised form wherever possible, and, where feasible, anonymised (for example, as aggregated data).

6.3 Processing of personal data for advertising purposes

Unless you have objected, we use the email address you provided when purchasing the goods or services to send electronic advertisements for our own goods and services that are similar to those which you have previously purchased or ordered from us. For this purpose, we use your email address, name, and order history to send you information in this way about products that might interest you based on your most recent orders.

The legal bases for data processing are Article 6(1)(f) GDPR and § 7(3) UWG (German Unfair Competition Act). You can object to this processing in accordance with Article 21(2) GDPR by contacting us via the corresponding link in the email you receive or writing an email to service@teveo.com.

6.4 Review requests via Trustpilot

We participate in the evaluation process of the provider Trustpilot A/S, Pilestræde 58, 5, 1112 Copenhagen, Denmark.

If you ordered a product in our shop, we will send you an email asking about your satisfaction with your order and the products unless you objected to this previously. We will use the email address you provided to send you the request. We also process your name, your IP address, and the associated IP geolocation, as well as information regarding your order. Customer satisfaction surveys and the described data processing occur on the legal basis of Section 7 (3) UWG in conjunction with Article 6(1)(f) GDPR. This processing is for the purpose of direct marketing.

You can object to this processing and particularly the use of your email address for this purpose at any time in accordance with Article 21(2) GDPR by using the option of objecting in our emails or by sending an email to the email address in our Legal Notice without incurring costs other than the costs of transmission according to the base rates.

For more information on how your data is processed by Trustpilot, as well as details about your right to object and other rights as a data subject, please refer to Trustpilot’s privacy policy: de.legal.trustpilot.com/end-user-privacy-terms.

6.5 Payment provider

In the context of contractual and other legal relationships, due to legal obligations, or based on our legitimate interests, we offer the data subjects efficient and secure payment options. To this end, we use banks and credit institutions as well as other payment service providers (collectively referred to as ‘payment service providers’).

The data processed by the payment service providers includes account data, such as name and address, bank details, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, transaction, and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed and stored by the payment service providers. This means that we do not receive any account or credit card-related information, only information confirming or denying the payment. In certain circumstances, the data may be transmitted by the payment service providers to credit reference agencies. This transmission is for the purpose of identity and credit checks. In this regard, we refer you to the general terms and conditions and the data protection notices of the payment service providers.
The terms and conditions and privacy policies of the respective payment service providers, which can be accessed on their respective websites or transaction applications, apply to payment transactions. We also refer to these for further information and for the exercise of rights to withdraw consent, access information, and other data subject rights.

6.6 Transport service provider

For the purpose of delivering the ordered goods, we collaborate with logistics providers/transport companies to whom the following data are transferred for the purpose of delivering the ordered goods or shipment notification: First name, last name, mailing address as well as email address, and phone number where relevant. The legal basis for processing is Article 6(1)(b) GDPR.

7. Online presence on social media

If you have given your consent to the respective social media operator in accordance with Article 6(1)(1)(a) GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our social media presence. Using pseudonyms, usage profiles are created from this data. These can be used, for example, to place advertisements inside and outside the platforms that presumably correspond to your interests. Cookies are usually used for this purpose. Please refer to the respective linked privacy policies of the providers on their websites for detailed information on the processing and use of the data by the respective social media operator, as well as a contact option, and your rights and setting options for protecting your privacy. Should you require assistance in this regard, please do not hesitate to contact us.

8. Security

We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation, and unauthorised access. All our employees, as well as the service providers working for us, are bound by the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our data protection declarations are constantly being revised. Please ensure that you have the latest version.

9. Which data is processed and from which sources does this data originate?

We process the data we have received from you during contract initiation or fulfilment, based on your consent, or in connection with your application or employment with us.

Personal data includes:

Your master/contact data, which for customers includes, for example, first name and surname, address, contact data (email address, telephone number, fax), bank details.

For contest participants, this includes first and last name, email address, and postal address.

For which purposes and on which legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act 2018 in the currently valid version:

For the fulfilment of (pre-)contractual obligations (Article 6(1)(b) GDPR): Your data is processed online for the purpose of contract fulfilment. The data is processed primarily during the initiation of transactions and the execution of contracts with you.
For the fulfilment of legal obligations (Article 6(1)(c) GDPR): The processing of your data is necessary for the purpose of fulfilling various legal obligations, such as those arising from the Commercial Code or the Tax Code.
For the protection of legitimate interests (Article 6(1)(f) GDPR): Based on a balancing of interests, data processing may extend beyond the actual fulfilment of the contract to protect legitimate interests of ours or those of third parties. Data processing to protect legitimate interests occurs in the following cases, for example:

- Advertising or marketing
- Measures for business management and the further development of services and products;
- in the context of legal proceedings

Based on your consent (Article 6(1)(a) GDPR):
if you have given us consent to process your data, for example, for receiving our newsletter or publishing photos, etc.

Who receives my data?

If we use a service provider for the purpose of processing an order, we nevertheless remain responsible for the protection of your data. All data processors are contractually obligated to treat your data confidentially and to process it only within the scope of service provision. The data processors we engage will receive your data only if it is necessary for the fulfilment of their respective services. These include, for example, IT service providers that we need for the operation and security of our IT systems, as well as advertising and address publishers for our own advertising campaigns.

If there is a legal obligation and in the context of legal proceedings, authorities and courts as well as external auditors may be recipients of your data.

In addition, insurance companies, banks, credit reference agencies, and service providers may be recipients of your data for the purpose of initiating and fulfilling contracts.

How long will my data be retained?

We will process your data until the end of the business relationship or until the applicable statutory retention periods expire (such as those under the Commercial Code, Tax Code, or Working Hours Act). Beyond this, we will retain it until the conclusion of any legal disputes where the data is required as evidence.

If there is no statutory retention period, your data will be deleted once it is no longer needed for its intended purpose. If the processing is carried out on the basis of your consent, the data will be processed until you revoke it.

10. What data protection rights do I have?

You have the right at any time to request access to, correction, deletion, or restriction of the processing of your stored data, as well as the right to object to the processing. You also have the right to data portability and to lodge a complaint in accordance with data protection laws.

Right to information:
You can request information from us about whether and to what extent we process your data.

Right to rectification:
If we process your data and it is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:
You can request that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate erasure, for example, in the case of statutory retention requirements.
Regardless of your right to request erasure, we will promptly and fully erase your data unless a legal or contractual retention obligation prevents this.

Right to restriction of processing:
You have the right to request that we restrict the processing of your data if
- you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
- the processing of the data is unlawful, but you refuse to have it erased and instead request that the use of the data be restricted;
- we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
- you have objected to the processing of the data.

Right to data portability:
You can request that we provide your data, which you have supplied to us, in a structured, commonly used, and machine-readable format, and that you transfer this data to another controller without hindrance from us, provided that
- we are processing this data based on your consent, which you may revoke, or for the fulfilment of a contract between us, and
- this processing is carried out using automated procedures.
If it is technically feasible, you can request that we transfer your data directly to another controller.

Right to object:
If we process your data based on legitimate interest, you may object to this data processing at any time. This also applies to profiling based on these provisions. In that case, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defence of legal claims. You may object to the processing of your data for direct marketing purposes at any time without providing any reasons.

Right to lodge a complaint:
If you believe that our processing of your data violates German or European data protection law, we kindly ask you to contact us so that we can address any concerns. Of course, you also have the right to contact the relevant supervisory authority, specifically the respective State Office for Data Protection Supervision.
If you wish to exercise any of the aforementioned rights, please contact our Data Protection Officer. In case of doubt, we may request additional information to confirm your identity.

Am I obliged to provide data?

The processing of your data is necessary for the conclusion or fulfilment of the contract you have entered into with us. If you do not provide us with this data, we will generally have to refuse to conclude the contract or will no longer be able to fulfil an existing contract and will therefore have to terminate it. However, you are not obliged to give your consent to the processing of data that is not relevant or legally required for the fulfilment of the contract.

11. Terms and conditions for the draw to win 5 x 2 FIBO tickets

11.1 Organiser

The organiser of this prize draw is TEVEO GmbH, Dr.-Zumach-Ring 6, 91522 Ansbach, Germany.

11.2 Eligibility

Entry is open to individuals aged 18 and over who are resident in Germany, Austria, Switzerland, France, Belgium, the Netherlands, Denmark, Estonia, Finland, Ireland, Italy, Croatia, Latvia, Luxembourg, Norway, Poland, Slovakia, Slovenia, Sweden or Spain. Employees of the organiser, their relatives, as well as employees of any partners involved in the creation or administration of this prize draw, are not eligible to enter.

11.3 Participation

Entry to the prize draw is conditional upon signing up to our newsletter. By entering, participants agree to subscribe to our newsletter.
Participation is confirmed once the TEVEO newsletter sign-up process has been completed and the double opt-in confirmed.
Only one entry is permitted per person. Multiple entries will result in disqualification.
By entering, participants agree to these terms and conditions.

11.4 Entry period

The prize draw begins on 20/03/2025 at 0:00 hrs and ends on 06/04/2025 at 23:59 hrs (closing date for entries).

11.5 Winnings

We're giving away 5 x 2 day tickets for FIBO 2025 in Cologne. It will take place from 10–13 April at the Cologne Exhibition Centre. The tickets grant admission to the event. Travel, accommodation, and all other travel-related expenses are not included in the prize.

Prizes are non-transferable, non-exchangeable and cannot be redeemed for cash.

11.6 Selection and Notification of Winners

Winners will be selected at random after the entry period has ended.

They will be notified by email within 6 days of the draw.

If a winner does not respond within 24 hours of being notified, their claim to the prize will be forfeited and a new winner will be selected.

11.7 Newsletter subscription

Registering for our newsletter is a requirement for entering the prize draw.

By participating, the participant agrees to receive the newsletter.

You can unsubscribe from the newsletter at any time. However, cancelling your registration during the prize draw will end your participation. In such cases, the prize can no longer be awarded.

11.8 Data protection

Any personal data collected as part of the competition will be used solely for the administration and processing of the price draw, as well as for the delivery of the newsletter.

Data will be processed in accordance with our Privacy Policy outlined above.

Participants may request information about the data stored about them at any time and may object to its use.

11.9 Premature cancellation

The organiser reserves the right to cancel or terminate the price draw at any time without prior notice and without providing any reason. This applies in particular if proper execution cannot be guaranteed for technical or legal reasons.

11.10 Exclusion of participants

The organiser reserves the right to exclude participants from the competition if they violate these conditions of participation or if they are suspected of manipulation.

In particular, participants who use multiple e-mail addresses or identities to enter the competition will be disqualified.

11.11 Liability

The organiser is not liable for any damages that may arise from errors, delays or interruptions in transmission, from faults in technical equipment and services, from incorrect content, from the loss or deletion of data, from viruses, or in any other way when participating in the prize draw.

The liability of the organiser is limited to intent and gross negligence.

11.12 Right of appeal

There is no right of appeal.

11.13 Severability clause

Should any individual provisions of these terms and conditions be or become invalid, the validity of the remaining provisions shall remain unaffected.

11.14 Applicable law

The law of the Federal Republic of Germany shall apply.

12. Prize draws

We occasionally run prize draws, including on social media platforms. If you take part in one of our prize draws, we process the following data about you: name, contact details (such as email address and phone number), and, if applicable, your social media profile. This data is processed on the basis of the prize draw contract (Article 6(1)(b) GDPR) and is used solely for the purposes of running the prize draw, including determining and notifying the winner.

For certain prize draws, signing up to our newsletter is required, as it forms an integral part of the entry conditions. By entering, you agree to subscribe to our newsletter. The newsletter is issued solely to provide relevant information about our products, services and offers.

You can unsubscribe from the newsletter at any time by using the unsubscribe link in the newsletter or by contacting us directly. Please note that unsubscribing from the newsletter during the course of the prize draw may result in your entry being withdrawn, as the subscription forms part of the terms of participation. Your data will be deleted once the prize draw has concluded, unless legal retention periods require it to be stored for longer or you have consented to further use (such as for the newsletter).

When entering prize draws on social media platforms, the data protection regulations of the respective provider also apply.

Your data will only be disclosed to third parties if this is necessary for the delivery of the prize (such as to shipping providers).

You can find detailed information about the respective competition in the specific terms and conditions.

13. Changes to this Privacy Policy

We reserve the right to amend our privacy statements if required due to new technologies. Please ensure that you have the latest version. If fundamental changes are made to this privacy policy, we will announce them on our website.