NewFormat

Privacy

New Format IO GmbH
Andrea Avellino
Steffen Bewer
Claudia Rafael
Florian Siegmann

represented by the CEO
Miriam-Leah Hess

Website by Bureau Cool

We, New Format IO GmbH, operate the website newformat.io and collect certain data from our visitors and customers, where necessary. In the following privacy policy, you will be informed what we do with your data, so-called personal data, and why we do this. We will also inform you how we protect your data, when this data is deleted and what rights you have within data protection.

Who can I contact?
Responsible for this website is:

New Format IO GmbH
Köpenicker str. 45
10179 Berlin
Germany

mail@newformat.io

Donʼt hesitate to contact us if you have specific questions about your personal data, deletion of your personal data or similar things.
What are my rights?
You can contact us at any time if you have any questions about your rights regarding data protection or if you wish to exercise any of the following rights:

  • Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to cancel a previously given consent to a newsletter)
  • Right to access your data in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
  • Right to correct your data in accordance with Art. 16 GDPR (e.g. you can contact us if your e-mail address has changed and we should replace your old e-mail address)
  • Right to have your data deleted in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete certain data that we have stored about you)
  • Right to limit data collection in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your e-mail address, but only to send absolutely necessary e-mails)
  • Right to data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data in a zipped format, if you want to upload it to another website)
  • Right to object how your data is handled in accordance with Art. 21 GDPR (e.g. you can contact us if you do not agree with advertising or user analytics procedures as described within this privacy policy)
  • Right to send complaints to the supervisory authority in accordance with Art. 77 para. 1 f GDPR (e.g. you can contact the data protection supervisory authority directly)

Deletion of data and storage periods
Unless otherwise stated, we will delete or anonymize your data as soon as it is no longer needed (e.g. your e-mail address after you have unsubscribed from a newsletter). Your data will also be deleted or anonymized automatically if the mandatory storage period expires, except when such data is required to be stored for a contract or performance of contract. Such data may be needed for longer periods of time for legal reasons. You can request information about all personal data we have stored about you.
Visiting our website
If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser sends to us, e.g.:

  • IP address (e.g. 97.93.116.example or 2a02:7122:99222:1112:bdb2:723f:example)
  • Approximate location based on IP range (e.g. „Berlin city“)
  • Internet provider (e.g. „Telecom“ or „AT&T“)
  • Internet connection speed (e.g. 120 Mbit)
  • Date and time of visit (e.g. 11:45 on 25.05.2018)
  • Last visited website (e.g. google.com)
  • Browser and version (e.g. Chrome or Safari)
  • Operating system (e.g. Mac OS)
  • Hardware (e.g. Intel processor)

As a safeguard to protect your privacy, we delete or anonymise your IP address after your visit. Therefore, all other data possibly attached to it can no longer be traced back to you. It will only serve anonymous and statistical purposes to optimise our website. The purpose of temporarily storing this data is necessary to establish a connection as well as loading our website the way it was designed to. Such data is therefore required to display the website on your screen, to avoid display problems and other technical error messages. The legal basis is the legitimate interest which we evaluated in accordance with the European data protection requirements under Art. 6 para. 1 lit. f GDPR.

Online-Order/ Checkout
If you wish to purchase our products, we will only ask you for the data required for the order and payment process. This data is treated confidentially and is only processed by us, the payment provider and the shipping service provider. The following data are necessary for this:

  • first name / last name
  • e-mail address
  • Address (delivery of shipment)
  • Telephone (optional)
    As a protective measure, the data you enter is transmitted via an encrypted connection - just like when you visit the rest of the website. In addition, we apply the principle of data minimisation and only collect data that is actually required. Your data will be stored for as long as is necessary to process your order or until you request that the data be deleted. However, invoice-relevant data is subject to statutory retention periods and can be stored for up to ten years. The purpose of the requested data is the order and payment processing in order to deliver the desired product to you. The legal basis is the mutual fulfilment of the contract in accordance with the European data protection requirements from Art. 6 para. 1 lit. b GDPR.

Data transfer
In order to fulfil the contract in accordance with Art. 6 para. 1 lit. b GDPR, we will forward your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of products that have been ordered. According to which payment service provider you select in the ordering process, we will pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to the payment service provider commissioned by us or to the selected payment service for the processing of payments. In some cases, the selected payment service providers also collect this data themselves, if you open an account there. In this case you must log in to the payment service provider with your access data during the ordering process. In this respect the data protection declaration of the respective payment service provider applies.

Shopify
Our store is hosted on Shopify inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

Payment
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the payment card industry data security standard (Pci-dss). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by Pci-dss as managed by the Pci security standards council, which is a joint effort of brands like Visa, Mastercard, American Express and discover.
Pci-dss requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s terms of service (Shopify.Com/legal/terms) or privacy statement (Shopify.Com/legal/privacy).

Cookies
Our website partially uses so-called cookies. Cookies are small text files that are usually stored in a folder of your browser. Cookies contain information about the current or last visit to the website:

  • Name of the website
  • Expiration date of the cookie
  • Any value
    If cookies do not contain an exact expiration date, they are stored only temporarily and are automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date will still be stored even when you close your browser or restart your device. Such cookies will not be deleted until the specified date or if you delete them manually.
    We use the following three types of cookies on our website:
  • required cookies (cookies that are required, e.g. to display the website correctly for you and to store certain settings temporarily)
  • functional and performance-related cookies (cookies that help us improve our website, e.g. to evaluate technical data of your visit and avoid error messages)
  • advertising and analytics cookies (cookies that provide analytics and personalized ads, e.g. advertising for shoes is displayed if you have previously searched for shoes)
    You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. Helpful information and instructions for the most common browsers can be found here: allaboutcookies.org/manage-cookies/stop-cookies-installed.html

Date of the privacy policy: June 2021