The protection and security of your personal data are important to us. Our website therefore processes data exclusively in accordance with the EU General Data Protection Regulation (DSGVO), the Data Protection Act (DSG) and the Telecommunications Act (TKG 2003).
TZS FIRST E Commerce GmbH, FN 516011 s, Raimundgasse 1/8, 1020 Vienna, is responsible for ensuring that your personal data is adequately protected. We therefore observe all legal provisions on the protection, lawful handling and confidentiality of personal data, as well as on data security.
TZS FIRST E Commerce GmbH
Raimundgasse 1/8, A-1020 Vienna, Austria,
The data protection declaration of TZS FIRST E Commerce GmbH is based on the terms used by the EU in the adoption of the Data Protection Regulation (DSGVO). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
We use the following terms, among others, in this data protection declaration:
(a) personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
(b) Data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the controllers.
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
Profiling shall mean any automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.
Controllers are the undertakings which jointly determine the purposes and means of the processing of personal data.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of Controllers.
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
(j) Third party
Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller or the processor.
Consent means any expression of will in the form of a statement or other unambiguous affirmative act, freely given by the data subject and revocable at any time, by which the data subject indicates that he or she consents to the processing of his or her personal data.
Collection and processing of personal data
Your personal data will only be processed by us if you have provided it to us voluntarily (Art 6 para 1 lit a DSGVO). The data processing is used, for example, when you register on our website, create a customer account and also when you contact us via forms on our website, by email, post, telephone or other means of remote communication.
In the case of this data communication, we use the following personal data if you have provided it to us: First name, last name, address, e-mail address, date of birth, gender, address, telephone number, payment data, order data. We use this data exclusively for the purposes of order and order processing (including payment processing and credit checks), for processing enquiries and for advertising products that may be of interest to you. This applies regardless of whether you subscribe to the newsletter. You can object to the use of your personal data for advertising purposes at any time. If you register on our website and/or create a customer account, the purpose of processing your data is the technical operation of this website, the operation and administration of your customer account, the processing of your order(s) and the ongoing information about current promotions (in particular by electronic newsletter or e-mail). We use the personal data you provide only insofar as your data is required to fulfil the respective purpose and/or this is permitted by law.
If you order one of our products, the necessary processing of your data is based on the fulfilment of the contractual obligation we have entered into with you and is based on Art. 6 (1) lit. b DSGVO as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures, e.g. the management of your shopping basket or the transmission of data and content in the course of the contact form.
The legal basis for the processing of data in connection with the registration and use of the customer account is Art. 6 para. 1 lit. a DSGVO if the user has given his consent. If the registration serves the fulfilment of a contract to which the user is a contracting party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 (1) lit. b DSGVO.
Your data may also be processed in our interest in accordance with Art. 6 para. 1 lit. f DSGVO, namely for the preparation of statistics, contract management and service provision, event management, customer support including enquiry/complaint management, supplier management, invoicing and accounting purposes, marketing purposes, compliance purposes, processing of claims and insurance cases, ensuring IT security and IT operation, and similar cases.
Transfer of data
Your personal data will only be transferred outside TZS FIRST E Commerce GmbH if:
- you have given your express consent to this in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO
- the disclosure in accordance with Art. 6 Para. 1 lit. f DSGVO, in particular for advertising or marketing purposes in accordance with our trade address publishing and direct marketing company (§151 GewO), is in our legitimate interest and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data. You have the option to object to our interest at any time and thus prevent the use of your data for direct marketing in the future.
- in the event that a legal obligation exists for the disclosure in accordance with Art. 6 Para. 1 Sentence 1 lit. c DSGVO
- in the context of your order, e.g. a shipment by a forwarding or postal service provider is necessary in order to fulfil a contract with you in accordance with Art. 6 Para. 1 lit. b DSGVO.
The service providers we use (e.g. payment service providers for processing payment and checking creditworthiness, shipping or logistics companies for processing delivery, IT companies for technical support of order processing, etc.) receive the data in order to perform the contracts concluded with you. The service providers we use may only use the data to fulfil their task. In these cases, a contract processing agreement has been concluded with the service providers in accordance with Art. 28 DSGVO, which precisely sets out the obligations and individual processing steps, as well as all categories of data processed. The adequacy of the safeguards and the qualification of the service provider is regularly reviewed by us.
Although these service providers act on our behalf, they are themselves responsible for the security and processing of your data, partly for legal or procedural reasons (delivery and postal services as well as payment service providers). We also regularly review the data protection policies of these service providers to ensure that your data is adequately protected.
We use the following payment service providers:
When paying via the payment method "Klarna", Klarna Bank AB Sveavägen 46, 111 34 Stockholm, Sweden, handles the online payment.
In order to offer you Klarna’s payment methods, we might in the checkout pass your personal data in the form of contact and order details to Klarna, in order for Klarna to assess whether you qualify for their payment methods and to tailor those payment methods for you. Your personal data transferred is processed in line with Klarna’s own privacy notice.
The integration of Klarna in our website is based on a contract or pre-contractual measures in the context of your order. The legal basis for data processing is therefore Art. 6 Para. 1 b) DSGVO.
Here you can find more details about Klarna Payment.
When paying via the payment method "PayPal", PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg takes over the online payment. The forwarding of your data (name, address, email) to PayPal is part of the contract or pre-contractual measures in the context of your order. The legal basis for the data processing is therefore Art. 6 Para. 1 b) DSGVO.
Based on your contract with VISA or Mastercard providers, you can make payment directly with your credit card company. In this case, we do not store any data beyond the order and receive a transfer credit from the credit card company upon successful transaction.
In accordance with the Second EU Payment Services Directive, a so-called "credit card acquiring" company is also involved in the settlement - in this case Global Payments.
More details on data protection can be found at:
Transfer of data abroad
Data is transferred to third countries if the respective third country has been confirmed by the European Commission to have an adequate level of data protection or if other suitable data protection guarantees are in place (e.g. binding internal company data protection regulations or EU standard data protection clauses). With your express consent, data may be transferred to a third country (Art 49 para 1 lit a DSGVO). We hereby inform you about possible risks in the event of an intended data transfer and the lack of suitable data protection guarantees. We use various cookies and similar technologies on our website, with which we and third-party providers sometimes also process personal data. These third-party providers also include Google LLC and YouTube LLC, which are based in the USA and carry out data processing there. The European Court of Justice has not certified the USA as having an adequate level of data protection. In particular, there is a risk that your data may be accessed by US authorities for control and monitoring purposes and that no effective legal remedies are available against this. Before we set cookies and transfer your data to these companies, we ask you for your express consent (Art 6 (1) (a) DSGVO in conjunction with Art 49 (1) (a) DSGVO) and inform you accordingly. You can revoke your consent at any time with effect for the future. The use of Facebook results in the transmission of data to non-EU countries. The data is transmitted in anonymised or pseudonymised form.
Deletion of personal data and storage period
If you register on our website and/or create a customer account and have provided us with personal data in this regard as part of our user agreement, we will generally store this data until three years after your last contact with us, unless you revoke your consent beforehand. In the event of a contract being concluded, we are obliged to store your personal data after the contract has been fully processed until the expiry of the applicable guarantee, warranty, limitation and retention periods in accordance with the Federal Tax Code, and beyond this until the end of any legal disputes in which the data is required as evidence. If you contact us via the contact form on the website or by e-mail, the data you provide will be stored by us for 18 months for the purpose of processing the enquiry and in case of follow-up questions.
Sending of advertising material
In accordance with §107 TKG (Telecommunications Act), we also use your email address, which was collected in the course of a sale, to send you information about products that are similar to those you have already purchased.
You have the option to object to the use of your email address for this individual advertising when your data is collected and each time it is sent.
If you would like to receive further information on other products, competitions, prize draws and surveys, we must ask you to subscribe to our newsletter (https://www.firstaustria.eu/newsletter). You will only receive newsletters from us with your consent or on the basis of legal permission. Within the scope of the newsletter registration, we use the so-called double opt-in procedure. This means that after registration you will receive an e-mail to the e-mail address you provided and only after confirmation of this e-mail will your registration become effective. In order to comply with our verification obligations, the registration is logged. If you no longer wish to receive our newsletter, you can unsubscribe at any time by clicking on the unsubscribe link in the newsletter or at firstname.lastname@example.org or directly in your customer account.
Provision of the website and creation of log files
1. description and scope of data processing
Each time our website is called up, our system automatically records data and information from the computer system of the calling computer or from the browser of the end device used (in log files). This data is stored until it is automatically deleted. The following data is collected
- Information about the type of browser and the version used
- screen resolution
- each page view
- Operating system of the user
- Information about the category of the terminal device (mobile phone, desktop PC, tablet) as well as terminal device information
- IP address assigned by the user's Internet provider
- date and time of access
- Websites from which the user's system accesses our website.
This data will not be merged with other data sources; moreover, the data will be deleted after a statistical evaluation that can no longer be traced back to the website visitor, but at the latest after one year.
2. purpose of data processing
The storage of data in log files is part of the normal operation of any website on the Internet and is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security and stability of our information technology systems. Furthermore, the log files are used to restore lost entries in your shopping cart (e.g. in the event of a session loss).
Furthermore, we collect IP addresses in order to identify from where our servers may be attacked. We store these for a maximum of seven days, as is customary in the industry. After that, they are anonymised. For data protection reasons, you do not have access to these IP addresses.
1. description and scope of data processing
- language settings
- Articles in a shopping cart
- Log-in information
2 Duration of storage, possibility of objection and elimination
Scope of the processing of personal data
When the newsletter is sent, your user behaviour is evaluated. The evaluation is carried out by a tracking pixel. We record when you read our newsletter and which link you click on. This information is used in the form of pseudonymous user profiles to improve our website and our newsletter and related marketing measures, in particular to adapt offers and information to the interests and wishes of users. Cookies may be stored on your computer for this purpose.
2. legal basis for the processing of personal data
The legal basis for the processing of data after the user has registered for the newsletter is Art. 6 (1) lit. a DSGVO if the user has given his or her consent.
3 Purpose of the data processing
We use the collected data to create a user profile in order to provide you with a newsletter tailored to your interests. Only in this way is it possible for us to offer you a newsletter tailored to your interests.
4 Duration of storage, possibility of objection and elimination
If you do not wish to receive personalised advertising, you can object at any time. A message in text form to the contact details given at the end is sufficient for this. Alternatively, you can unsubscribe via the unsubscribe link at the end of each newsletter. We will store your data until the revocation is made.
Further processing operations
1. Google analytics
The information is used to carry out analyses of internet and website use, such as anonymised evaluations and graphics on page views and visits. The data is processed exclusively for market research, optimisation of the website and the provision of other services associated with internet use. This information may also be transferred to third parties if required by law or if third parties process the data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an allocation is not possible (IP masking).
Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics help https://support.google.com/analytics/answer/6004245?hl=de.
The legal basis for the processing is your consent, taking into account the lower level of data protection in the USA and follows Art. 49 para. 1 lit. a DSGVO.
2 Google Tag Manager
On our website, we use the "Google Tag Manager" from "Google". Through this service, website tags can be managed via an interface. Tags are small code elements on a website that are used, among other things, to measure traffic and visitor behaviour, to record the impact of online advertising and social channels, to use remarketing and targeting and to test and optimise the website. The Google Tag Manager only implements tags. Google Tag Manager follows a set of trigger rules that determine when these tags should be deployed on a website. When a user visits the website, the tags are triggered according to the configuration and the corresponding cookies are loaded into their browser. It contains instructions on which tags should be triggered. Using Google Tag Manager makes your use of our website more efficient and faster by managing the correct tags. If a deactivation of the Google Tag Manager has been made at domain or cookie level, it will remain in place for all tracking tags insofar as they are implemented with the Google Tag Manager.
The legal basis for this processing activity lies in your consent, taking into account the lower level of data protection in the USA, and follows Art. 49 (1) lit. a DSGVO. You can object to the collection and storage of data at any time with effect for the future.
3 Google Ads Conversion Tracking
We use the online advertising programme "Google Ads" from Google and, within the framework of this, the conversion tracking offered by Google. A cookie for conversion tracking is stored on your computer when you click on an ad placed by us in the Google search or advertising network. These cookies expire after 30 days and are not used for personal identification. If you visit certain pages of our website while the cookie is valid, both we and Google will be able to recognise that you clicked on an ad and were redirected to that page.
Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across Ads customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for us as an Ads customer. We learn the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that personally identifies you as a user.
The legal basis for the data processing is your consent, taking into account the lower level of data protection in the USA and follows Art. 49 (1) lit. a DSGVO.
4 Google Remarketing (Adwords)
When you perform search queries, visit other websites or use other mobile apps, the use of Google Remarketing enables us to offer you targeted advertising that is tailored to your interests and needs. As a user, you benefit from personalised advertising on other websites. This is the only way we can continuously optimise our offer to you.
The legal basis for this processing activity is your consent, taking into account the lower level of data protection in the USA, and follows Art. 49 (1) lit. a DSGVO.
5. data protection provisions on the use and application of Facebook
We have integrated components of the company Facebook on our website on the basis of legitimate interest in order to present customers with up-to-date information on products, events and offers. Facebook is a social network that provides so-called "page insights" in a joint processing.
"Page insights" are page statistics on "likes", post reach and other topics that we use primarily on an anonymised basis. You can find more information about this under the following link: https://www.facebook.com/business/a/page/page-insights
Details of the joint processing can be found at: https://www.facebook.com/legal/terms/page_controller_addendum.
This agreement states that Facebook has primary responsibility for the processing. However, if you have concerns about security on our TZS FIRST E Commerce Facebook page, you can always contact us at our privacy contact address and we will forward your request to Facebook.
As Facebook is a global social network, we have no control over the technical and organisational aspects and can only influence the content relating to TZS FIRST E Commerce products and events.
A social network is a social meeting place operated on the Internet, an online community that generally enables users to communicate with each other and interact in virtual space. A social network can serve as a platform for sharing opinions and experiences, or enables the internet community to provide personal or company-related information. Facebook allows users of the social network, among other things, to create private profiles, upload photos and network via friend requests.
Facebook's operating company is Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website operated by the responsible person(s) is called up and on which a Facebook component (Facebook plug-in) has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. Within the scope of this technical procedure, Facebook receives information about which specific sub-page of our website is visited by the data subject.
If the data subject is logged in to Facebook at the same time, Facebook recognises which specific sub-page of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated on our website, for example the "Like" button, or if the data subject posts a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.
Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is simultaneously logged into Facebook at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, he or she can prevent the transmission by logging out of his or her Facebook account before accessing our website.
The data policy published by Facebook, which can be accessed at https://de-de.facebook.com/about/privacy/, provides information on the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.
6 Facebook Conversion Pixels
By using the service of Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA) Facebook Conversion Pixels, statistical data is collected that can be used to measure the success of a Facebook advertisement. In addition, anonymous data about your usage behaviour is collected on the website in order to create usage-based online advertising for you. As a user, you benefit from personalised advertising on other websites. This is the only way we can continuously optimise our offer to you. Here you can access the data protection conditions of Facebook Inc: https://www.facebook.com/about/privacy.
If you are logged in to Facebook, you can object to the use of the conversion pixel under the following link: https://www.facebook.com/settings?tab=ads.
Data processing is based on your consent, taking into account the lower level of data protection in the USA and follows Art. 49 (1) lit. a DSGVO.
You can object to the collection and storage of data at any time with effect for the future.
Data generated when downloading the web fonts at fonts.googleapis.com or fonts.gstatic.com are not linked to data from other Google services.
If you do not wish to download web fonts, you can also install browser extensions (e.g. NoScript or Ghostery). In this case, the web fonts will be replaced by standard fonts of your browser.
Here you can find the data protection declaration of Google WebFonts: https://developers.google.com/fonts/faqPrivacy.
The data processing is based on our legitimate interest in the use of synergies, the efficient design of our websites and follows Art.6 para.1 lit.f DSGVO.
Our website uses plugins from the YouTube website, which is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA ("YouTube").
On our website, we show videos from the YouTube channel of TZS FIRST E Commerce.tv. These are displayed in the YouTube video player. TZS FIRST E Commerce has no access or control over these cookies or the data processed by YouTube. Additional cookies may be set by YouTube to enable the use of YouTube features on our website. For more information about these cookies, please visit YouTube's website https://policies.google.com/privacy?hl=de.
The legal basis for this processing activity is your consent, taking into account the lower level of data protection in the USA, and follows Art. 49 (1) lit. a DSGVO.
The data processing is based on your consent, taking into account the lower level of data protection in the USA and follows Art. 49 para. 1 lit. a DSGVO.
A pixel (Pinterest tag) of Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) is integrated into this website. Through this pixel, information about the use of this website (e.g. about products viewed) is collected jointly by Pinterest Europe Limited and TZS FIRST E Commerce and transmitted to Pinterest Europe Limited. The further processing of the data transmitted to Pinterest Europe Limited is the sole responsibility of Pinterest Europe Limited under data protection law. The information transmitted to Pinterest Europe Limited can be assigned to your person with the help of further information that Pinterest Europe Limited has stored about you, e.g. due to your ownership of an account on the social network "Pinterest". The information collected via the pixel can be used to display interest-based advertisements on our offers to you in your Pinterest account (retargeting). The information collected via the pixel may also be aggregated by Pinterest Europe Limited and the aggregated information may be used by Pinterest Europe Limited for its own advertising purposes as well as for advertising purposes of third parties. For example, Pinterest Europe Limited may infer certain interests from your browsing behaviour on this website and use this information, for example, to promote third party offers. Pinterest Europe Limited may also combine the information collected via the pixel with other information that Pinterest Europe Limited has collected about you via other websites and/or in connection with the use of the social network "Pinterest", e.g. in order to store a profile about you. This profile may be used for advertising purposes. The data processing is based on your consent, taking into account the lower level of data protection in the USA and follows Art. 49 para. 1 lit. a DSGVO.
You can find more information on data protection at Pinterest Europe Limited here: https://policy.pinterest.com/de/privacy-policy.
Here you can also assert your data subject rights (e.g. right to deletion) with regard to the data that Pinterest Europe Limited processes about you as a data controller. You can revoke your consent given with regard to the use of Pinterest Retargeting at any time or refuse to give your consent to the use of Pinterest Retargeting.
Rights of the data subject
Under the application of the GDPR, you are entitled to the following statutory data subject rights, provided that their conditions are met:
Right to information about your data stored by us in accordance with Art. 15 DSGVO.
Right to correction of inaccurate data in accordance with Art. 16 DSGVO
Right to delete the data stored by us in accordance with Art. 17 DSGVO
Right to restrict the processing of data stored by us pursuant to Art. 18 DSGVO
Right to revoke at any time, pursuant to Art. 7 (3) DSGVO, any consent given to us; this has the consequence that we may no longer continue the data processing based on this consent in the future.
Right to data portability pursuant to Art. 20 DSGVO
Right to lodge a complaint with a competent supervisory authority pursuant to Art. 77 DSGVO if you believe that the processing of personal data concerning you infringes provisions of the DSGVO.
Right to object
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so which arise from your particular situation.
If you wish to exercise your right of objection, simply send an e-mail to email@example.com.
Your personal data is transferred via the Internet on our website using the so-called SSL security system (Secure Socket Layer). This technology offers a high level of security and is therefore also used, for example, by banks for data protection in online banking. We secure our website and other systems with appropriate and state-of-the-art technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons.
Actuality and change of this data protection declaration
This data protection declaration is currently valid and has the status May 2021. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://www.firstaustria.com/informationen/datenschutz.