Data protection intro
Canyon Bicycles GmbH (hereinafter called CANYON) is pleased that you are visiting our website. Data protection and data safety while using our website are very important for us. Therefore, we would like to inform you at this point about which of your personal details we record at the time of your visit to our website and for what purposes these data are used.
Since changes in laws or changes in our internal company procedures may make amendments to this data protection statement necessary, we ask you to read through this data protection statement on a regular basis. The data protection statement can be called up on the data protection navigation area on our website, and it can be stored and printed out at any time.
§ 1 Responsible party and scope of validity.
The responsible party as defined in the EU General Data Protection Regulation (hereinafter GDPR) and other national data protection laws of the member states as well as other legal data protection specifications is:
Canyon Bicycles GmbH
Tel.: +49 261 9490 3000
This data protection statement is valid for the Internet offer of Canyon Bicycles GmbH, which can be found at the domain www.canyon.com and www.career.canyon.com as well as the different sub-domains (hereinafter called ‘our website’).
§ 2 Data protection officer
The external data protection officer of the responsible party is:
Attorney Dr. Karsten Kinast, LL.M.
KINAST Rechtsanwaltsgesellschaft mbH
Tel.: +49 (0)221 – 222 183 – 0
§ 3 Data processing principles
All items of information that refer to an identified or identifiable natural person constitute personal details. For example, this includes information such as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address or the user behaviour. Information, with which we can make no reference (or only at disproportionately great expense) to your person, e.g. by anonymising the information, does not constitute personal data. The processing of personal data (for example, collecting, questioning, using, storing, or transmitting) always requires a legal basis or your consent. Processed personal data are erased as soon as the purpose of the processing has been achieved and legally stipulated retention obligations are no longer in effect. If we process your personal data for preparing specific offers, we will subsequently inform you about the specific procedures, the scope, and the purpose of the data processing, the legal basis for the processing and the respective storage duration.
§ 4 Individual processing procedures
1. Preparing and using the website
A. Type and scope of the data processing
Whenever you call up and use our website, we collect the personal data automatically. Your browser then transmits this to our server. This information is temporarily stored in a so-called log file. When you use our website, we collect the following data, which are technically necessary for us in order to display our website to you and to assure stability and reliability.
- IP address of the requesting computer,
- Date and time of the access,
- Name and URL of the requested file,
- Website, from which the access takes place (referrer URL),
- Browser used, terminal used, and, if appropriate, the operating system as well as the name of your access provider
B. Legal basis
Article 6, paragraph 1, (f) GDPR serves as the legal basis for the specified type of data processing. The processing of specified data is necessary for preparing a website and thus serves for supporting a justified interest of our company.
C. Storage duration
As soon as the specified data are no longer necessary for displaying the website, they are deleted. The recording of the data for preparing the website and the storage of the data in logfiles is absolutely required for the operation of the website. Consequently, there is no possibility of objection on the part of the user. Further storage can take place in individual cases, if this is legally stipulated.
2. Registration/User account
A. Type and scope of the data processing
On our website, we offer you the possibility of registeringThis involves you in providing us with your personal details.
We use the processed data to create a customised user account for you where you can create certain content and services including a wish list, order overview, list of preferred delivery addresses, message preferences etc. in partial self-administration. This way, you can use the content on our website.
We process your e-mail so that we can send you new login details in the event you forget them or the information required to create your account.
When you set your preferences in message settings and areas of interest, you consent to the e-mail address provided being used to send messages relevant to the information you provided. This consent can be withdrawn at any time by e-mailing firstname.lastname@example.org.
When you add products to your wish list, you consent that we send you e-mail reminders of the products saved on your wish list or information about them.
When you enable the reminder function for unavailable items, you consent that we send you e-mail reminders as soon as they become available again in our shop.
After initial registration, you must log in to your user account for future orders so that we can allocate your order to an existing account. You can of course place all your orders as guest orders, although you will not benefit from a range of services only available with user accounts.
The following overview shows the personal details we process during registration:
- e-mail address
- Date of birth (optional)
- Country and language
- IP address
The following overview shows you the type of details we process from your information in a user account or via orders placed from a user account.
- Different delivery addresses, if applicable
- Order overview