Privacy Policy
*Last updated: July 11, 2025
1. Basic Information
Caring for pets since 1955, Rolf C. Hagen Inc. (doing business as Hagen Group), is a family company founded by Rolf C. Hagen which has grown to become the world’s largest privately-owned, multi-national pet products manufacturer and distributor. Driven by a common bond of love and compassion for animals, we are dedicated to creating practical and innovative products that enhance the health and welfare of pets worldwide.
We are delighted to have you visit our website, and we would like to thank you for your interest. In the following, we would like to inform you about how we handle your personal data when you use our website. The following information also relates to the use of our websites on mobile devices, e.g. smartphones or tablets. Personal data includes all data which could be used to identify you personally, or which make you identifiable via a username or identification code, such as your IP address.
This Privacy Statement explains the legal basis and the purpose for this collection or processing of your data. We would like to inform you of your rights regarding the use of your personal data. If you have any questions regarding our use of your personal data, please contact us as the responsible entity — Controller under data protection law (for contact details see Clause 2).
For security reasons and to protect the transfer of personal data and other confidential information, these online services use SSL or TLS encryption. You can identify an encrypted connection by checking that the letters “https://” and a lock symbol appear in your browser address line.
2. Who we are (Controller for Data Privacy)
Hagen has appointed an individual responsible for Privacy and Data Privacy Matters. If you have any questions about your personal information, to make comments or to make a complaint, you may contact the person responsible for ensuring compliance with this Privacy Policy at data_priv@rchagen.com
Or write to:
Rolf C. Hagen Inc.,
20500 Trans-Canada Hwy
Baie d’Urfé, Québec
H9X 0A2
Canada
If you are from the EU or the EEA, the following applies:
-This company is the Controller for the processing of data on our online service pursuant to the General Data Protection Regulation (GDPR).
-Our EU representative pursuant to Art. 27 GDPR is: Kaschae Datenschutz & Compliance GmbH, An der Alster 62, 20099 Hamburg, mail@kaschae.de
Contact information for our company Data Protection Officer (DPO): datenschutzbeauftragter@rchagen.com
You can access the Data Subject Access Request Form here: https://exo-terra.com/dsar
3. Data collection when accessing our online services
Accessing our web pages (without registration) will result in the automatic anonymised collection of the following data on our servers:
- Masked IP address,
- Access date/ time/ time zone,
- Access status,
- Type of access,
- Type of protocol,
- Type and number of pages accessed on our site,
- Name and size of accessed files,
- Referring website,
- Web browser,
- Operating system.
The listed non-personal data is collected automatically as part of the normal operations of our internet services. The information gathered about the use of our pages is not combined with any personal information provided through the online registration form. We do not have any personal references in our usage data.
We use the above data for the purposes of troubleshooting, generating statistics and measuring website activity with the aim of improving the value and use of our services. As such, we have a legitimate interest to justify the data processing activity pursuant to Article 6 (1) (f) GDPR.
Within our company, our IT Administrator is the only person with access to this data for the purposes listed above.
The above data is only collected for the period of use; once the use has ended, the data shall be deleted without delay, after seven days at the latest.
We use cookies and tools to obtain information as soon as your web browser accesses our website. These identifiers enable a range of our website’s service functions and are automatically transferred to the hard drive of your computer or other mobile device via your browser. This function can be deactivated in the settings of your browser. Should cookies be disabled, personalised service will be not available. In this case, your anonymised IP address may be transferred to the USA. For more information on the cookies and tools we use, see the “Use of cookies and tools” section below.
4. Contact
On our pages, we have provided an online form which enables you to contact us electronically. The form requires your first name and family name, your email address and telephone number as well as a box for entering a message to us. We need this data to process your request. You can also choose to provide us with your postal address. Additionally, you can contact us at any time via email. Contacting us is always voluntary.
This data is solely used for the purpose of answering your request or responding to your request for contact, and the technical administration involved. This processing is lawful pursuant to Art. 6 (1) (b) GDPR, as we require the data listed above for the initiation, conduct or termination of a contractual relationship with you.
You request is handled by our internal customer service.
We do not pass on your requests to third-parties or to organisations outside of the EU.
After your request has been processed, we delete your contact information, at the latest, 72 hours after your request has been dealt with. This period of storage may be subject to statutory storage periods, for example, when your request is in connection with the processing of a contract or a warranty or guarantee. In this case, we store your request beyond 72 hours only for the purpose of complying with our legal obligations (Art. 6 (1) (c) GDPR). In this case, we delete your data on termination of the statutory storage period (Section 147 (3) Fiscal Code of Germany (Abgabeordnung – AO)), i.e. after a period of 10 years, beginning at the conclusion of the contract. We will delete your data at the end of this retention period without any request to do so on your part.
5. Hyperlinks and Third Parties
The website may contain sharing or publishing options or links to third-party websites or platforms. By using or activating these links or features, you leave our website, and your browsing becomes subject to the terms of use and privacy policies of those third parties. We have no control over these third-party platforms, and the fact that they are listed on our website does not imply any responsibility on our part.
- With whom do we share your data and why?
We may disclose your Personal Information to the following categories of recipients: (a) to our group companies for purposes consistent with this Policy, and in particular, so that they may contact you regarding products and services that may be of interest to you where you have given your consent. (b) to our third-party vendors, service providers and partners who provide data processing services to us, or who otherwise process Personal Information for purposes that are described in this Policy or notified to you when we collect your Personal Information. We may use external companies and third parties to administer and provide related services, such as data processing and storage, payroll processing, group insurance management, etc. Our third-party vendors, service providers and partners include, without limitation: Sunlife, Dayforce, Inc., Collage HR, LinkedIn. In such cases, we take the necessary measures to ensure that these third parties have access only to the information necessary to carry out the agreed services, that they process your information solely for the purposes we have determined, and that they have in place privacy protection measures that comply with applicable laws and ensure the same conditions and level of protection as outlined in the Policy. We may also disclose the information to fulfil a legal obligation. The company is committed to not specifically selling or renting your personal information to any third party.
- How long do we keep personal information?
Hagen Group retains collected data for different periods depending on their nature and usefulness to our activities. The retention period varies depending on the reason for collecting the information. Once the retention period expires, personal information is destroyed. Only statistics or reports containing depersonalized and anonymized data may be retained for extended periods.
- Age of Consent
We do not knowingly collect information from children or other individuals under the age of 16. If you are a minor under the age of 16, please do not provide us with personal information without the express consent of a parent or guardian. If you are a parent or guardian and know that your children have provided us with personal information, please contact us. If we learn that we have collected personal information from minors without verifying parental consent, we will take steps to delete this information without delay.
- Use of cookies and tools
To improve the look of our website and to enable certain functions, we use cookies on various pages. Cookies are small text files that are stored on your device. These text files are used for the temporary storage of information. Your browser stores cookies in the form of a readable text file once you access our site. If you are registered with us, cookies help us to recognise you, your device (computer, tablet or smart phone) the next time you access one of our pages. Some cookies may contain personal data.
According to function, we classify our cookies as Required, Functional, Analysis & Statistics, and Advertising & Marketing. Some of the cookies we use are required for you to use our web pages (so called session cookies). If you disable this cookie, our pages may not be accessed. The authentication cookie provides you with access to the login page. Without this cookie, you cannot register or access the login page. These session cookies will be deleted when you close your browser.
Other cookies remain on your device and allow us and our partner companies (third-party cookies) to recognise your browser on your next visit (persistent cookies). Persistent cookies are automatically deleted after a certain period of time, which differs from cookie to cookie. For advertising purposes, we use a retargeting cookie which allows us to show you interesting offers, even outside of our web pages. For more information, see the following overview of cookies used.
What is the purpose and the legal basis for using cookies?
Most of the cookies we use do not store any information that can identify you personally or that makes you identifiable. Rather, these cookies provide us with general and anonymised information regarding the use of our websites, the pages that are visited, the browsers and operating systems used and the cities our visitors are located. We only collect masked IP addresses which make it impossible to recognise individual users or be assigned to any one individual.
Some of these cookies make the ordering process easier, by saving specific website settings (e.g. noting the contents of a virtual shopping basket for a subsequent visit to the website). Where our cookies do process personal data, this processing is done in accordance with Art. 6 (1) (b) GDPR to fulfil our contract with you.
Any cookies we collect are for the purposes of gathering information for improving the functioning and content of our online services. These functional cookies serve a legitimate interest (Art. 6 (1) (f) GDPR) as they enable the technical adaptation of our service and make it easier for you to use our pages. We also use cookies to measure the success of our online marketing. Using statistical data, we can also identify disruptions and understand cost calculations for advertising media. We only understand this processing when you have granted us consent for the use of these cookies for analysis and statistics or for advertising and marketing (Art. 6 (1) (a) GDPR). You may withdraw your consent at any time with future effect. The processing of your data remains lawful until your consent is withdrawn.
You can set your browser to inform you about the setting of cookies and whether you wish to accept cookies individually, or to accept specific kinds of cookies, or to disable all cookies. Each browser is different in the way it administers its cookie settings. The Help menu of your browser provides information on how to change your cookie settings. You can find this information for your browser using the links below. When following some of these links, you must first select your browser version to see the specific instructions for changing your cookie settings
- Internet Explorer: https://support.microsoft.com/en-gb/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d (if you are still using Internet Explorer, we recommend switching to an up-to-date browser)
- Edge: https://support.microsoft.com/en-gb/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09
- Firefox: https://support.mozilla.org/en-US/kb/trackers-and-scripts-firefox-blocks-
enhanced-track - Chrome: https://support.google.com/chrome/answer/95647?hl=en-GB
- Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/12.0/mac/10.14 (via “Select version” you can request information for your operating system version)
- Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Alternatively, the Digital Advertising Alliance provide information on cookies and settings at www.aboutads.info.
Do we use cookies from third parties?
We sometimes work with web partners who help us to make our web pages more interesting for you. For this purpose, when you access some of our pages online, cookies from our partner companies may also be stored in your device (Third-party Cookies). This section provides more information regarding the use of these kinds of cookies, their scope, and the data they collect.
We use some cookies or tools because they are necessary for us to provide you with our online services. In this case, the legal basis for the processing is the user agreement concluded with you (Art. 6 Para. 1 Letter b GDPR) or our legitimate interest, provided that no conflicting interests are discernible, and no contradiction exists (Art. 6 Para. 1 letter f GDPR). We use all other cookies exclusively on the basis of your consent (Art. 6 para. 1 letter a GDPR).
The third-party cookies used by us partially lead to data processing in the USA. In this case, too, we only use cookies with your consent (Art. 6 para. 1 letter a GDPR). The use of these providers from the USA is permitted under the EU Commission’s adequacy decision (Commission Implementing Decision (EU) 2023/1795 of 10 July 2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequacy of the level of protection of personal data under the EU-U.S. Data Protection Framework (pub-lished under file number C(2023) 4745)). These providers participate in the EU-U.S. Data Privacy Framework (DPF). The EU and the USA have concluded this agreement for the transfer of personal data from the EU and the EEA to organizations in the USA. To the extent that these US organizations participate in the DPF, the level of protection in the USA is considered adequate. Further information on participation in the EU-US data protection framework can be found on the website that the U.S. Department of Commerce has set up to implement the agreement: www.dataprivacyframework.gov.
Cookies Overview
Necessary Cookies
Analytical Cookies
Web analysis services
Google Analytics
We use online services provided by the web analysis service Google Analytics. Google Analytics is a service offered in the EU and EEA by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and in the USA by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies that are stored on your computer to analyse the use of our online web presence.
The information collected by the cookie regarding your use of our online web presence (including your masked IP address) is transferred to and stored in a Google server in the USA. Google uses this information to evaluate the use of our website to prepare reports about the activities in our online presence and provide us with additional services associated with that use. The IP address provided by your browser as part of the Google Analytics service is not added to any other Google data.
We use Google Analytics in our online presence for web analysis purposes exclusively with an add-on that provides an “anonymise IP” function. This setting ensures that Google Analytics erases the last part of your IP address. This anonymisation of your IP address removes any direct trace of you personally. When using this feature, Google masks your IP address within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area prior to transferring that information outside of the EU. The full IP address will only be sent to a Google server for masking in the USA in exceptional cases. In this way, we do not receive data that provides us with a way to identify you personally.
We also use the Universal Analytics function with Google Analytics. Universal Analytics allows us to analyse the use of our online services across devices (e.g. access via a laptop and then later from a tablet). As a user, you will be given a pseudonymous User ID on registration, when you access our site from another device. This is how the system recognises your User ID when you access our site from another device. We do not allocate any names to the User ID. We do not provide Google with any personal data. Privacy measures such as IP masking and Browser Add-ons are not restricted by the use of the Universal Analytics function.
You can prevent the installation of cookies using the settings in your browser software. You can also prevent the collection and processing of the data created by the use of cookies and related to your use of our online services (including your IP address) by Google by downloading and installing the browser plugin available at: https://support.google.com/analytics/
answer/181881?hl=en
This will prevent all future collection of data by Google Analytics within our website. This opt-out cookie only works in this browser and only for this domain.
If you undertake any of the above cookie deactivation measures, you may not be able to use all the functions of our website to their full extent.
Google participates in the EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/
We have concluded a contract with Google in accordance with the EU’s standard contractual clauses.
For more information regarding how Google Analytics deals with user information, please refer to Google’s Privacy Statement: https://policies.google.com/privacy?hl=en
Retargeting / Remarketing / Referral Advertising
Google Tag Manager
We use Google Tag Manager in our online services for the purpose of providing a personalised, interesting, and locally relevant online advertising. This service is operated in the EU, the EEA and Switzerland by Google Ireland Limited Gordon House, Barrow Street Dublin 4., Ireland and in the USA by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Tag Manager allows us to administer website tags using a single interface. Although we use cookies for this, we do not collect any personal data. The Tag Manager was specially developed for retailers and is a system with which elements (tags) from Google and other providers can be marked and administered. In this way, data may be sent to cookies or other tools. Tags can be used for conversion tracking, website analysis, and other purposes.
Google participates in the EU-US Data Privacy Framework: https://www.dataprivacyframe-work.gov/
We have concluded a contract with Google in accordance with the EU’s standard contractual clauses.
More information on Google Tag Manager is available at: https://www.google.com/analytics/
terms/tag-manager/
Further information and the Google Privacy Policy are available at: http://www.google.com/
policies/technologies/ads/ and https://policies.google.com/privacy?gl=en&hl=en.
Google Consent Mode
We use the Google Consent Mode. This is a service that is offered in the EU, EEA and Switzerland by Google Ireland Limited Gordon House, Barrow Street Dublin 4, Ireland. In the USA, this service is offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (together “Google”).
Google Consent Mode introduces two new tag settings, namely: Tags that trigger data transfer to Google when consent to advertising or analytics cookies has been given, and tags that prevent cookies when consent has been denied. Once you have given consent on a website, Google uses the consent mode to manage cookies from Google services for advertising and analysis purposes for all connected advertisers who use the global website tag or the Google Tag Manager. Consent mode is available in the following Google services: Google Tag Manager, Google Analytics, the Google Marketing Platform and Google Ads.
The purpose of the Google consent mode is that a technical interaction takes place between this mode and our cookie consent banner in order to obtain the consent of visitors to our website. We use Google Consent Mode v2 to respect users’ privacy choices and manage how Google services (like Analytics and Ads) behave based on consent. If you give your consent via our cookie consent banner for the Google services mentioned there, Google tags are loaded. Data will only be transmitted to Google on the basis of your consent. The consent status is transmitted to Google via the Google tags as “default status” or “updated status”. This status is retained on all websites that you visit or access after visiting our website. Once consent has been given, Google dynamically adjusts the behavior of its own tools (e.g. Analytics, Google Ads and third-party tags).
If you do not give your consent to the Google services, the Google tags are blocked and no data is transmitted to Google, not even the consent status. Instead, the consent status and user activity are sent to the Google server using tags by sending pings without cookies. Pings are used in Google products to model measurement values in the analysis tools used and thereby close gaps in data collection. Pings are used to request the consent status of other websites that you have visited and on which the Google consent mode is used. If you have given your consent in the cookie consent banner on one of these websites, the consent status for you also changes from “refused” to “granted” for our website. Pings with information on a conversion (information on purchases) can also be transmitted. Google collects the following data:
Function-related information (timestamp, user agent (only web – visit to our website), referrer URL (websites from which our website was accessed).
Summarized (aggregated), non-personal data: References to information about an ad click in the URL of a visited website.
Boolean information on consent status (mathematical algebraic structure that generalizes the properties of the logical operators AND, OR, NOT).
Random number generated each time a page is loaded.
Information about the consent management platform used by the website owner.
IP addresses are used to derive the IP country. However, they are not logged by Google Ads and Floodlight systems but are deleted immediately after collection. In Google Analytics, IP addresses are recorded as part of normal internet communication but can be masked here (https://support.google.com/analytics/answer/2763052).
We use the Google consent mode for the purpose of checking and optimizing the Google advertising systems we use. This involves assigning purchase processes to specific advertising campaigns in order to measure the success of the advertising campaigns. Insofar as this assignment is personalized, e.g. by assigning the purchases you have made to specific advertising campaigns, the legal basis for this is the consent you have expressly given. Consent is given via the cookie consent banner and is voluntary. You can withdraw your consent at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
If you do not give your consent, the allocation of the visiting of a landing page to specific advertising campaigns will take place without the use of personal data. In this case, we measure the success of our advertising campaign without cookies or identifiers, using estimates and aggregated data on visiting a landing page. We can use this data, for example, to optimize our landing pages, advertising texts or advertising budgets in order to promote our campaigns. The legal basis for this is our legitimate interest in assigning purchase processes to specific advertising campaigns (so-called conversion modelling) and thus being able to measure the success of our advertising campaigns in order to continuously improve our offer (Art. 6 para. 1 letter f GDPR). We assume that your interest does not conflict with this because no personal or personally identifiable data is collected. You can object to such use of your data for the purpose of the aforementioned statistical analysis at any time by notifying us.
It cannot be ruled out that the aforementioned data will be transmitted to Google LLC in the USA. Google participates in the EU-US data privacy framework: https://www.dataprivacyframework.gov. We have concluded a contract with Google in accordance with the EU standard contractual clauses.
You can obtain further information about Google’s data protection provisions regarding Google Consent Mode at the following Internet address: https://support.google.com/google-ads/answer/10031513
Advanced Custom Fields (ACF)
We use the WordPress plugin Advanced Custom Fields (ACF) to manage and display customized data fields within our website. ACF is developed by WP Engine, 504 Lavaca Street, Suite 1000, Austin, Texas 78701, USA.
ACF itself does not collect or transmit any personal data from visitors of our website. It functions exclusively as a content management and display tool that operates within the WordPress environment. Any data collected or displayed using ACF is strictly limited to the internal use and configuration set by the site administrator.
In some cases, ACF may be used to display user-submitted information (for example, through contact forms or custom post types). This data is handled entirely on our web server and is not shared with WP Engine or third parties via the ACF plugin. ACF does not use cookies, does not track user behavior, and does not embed third-party services that collect user data.
The processing of any personal data submitted through forms or custom fields powered by ACF is governed by our broader privacy practices as outlined in this privacy policy. All such data is stored securely and processed in accordance with applicable data protection regulations.
We regularly review and audit all third-party tools integrated into our website, including ACF, to ensure compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
For more information on Advanced Custom Fields, please refer to their privacy policy:
https://www.advancedcustomfields.com/privacy-policy/
Advanced Woo Search
We use the WordPress plugin Advanced Woo Search to provide a fast and user-friendly product search feature on our website. This plugin is developed by ILLID, based in Ukraine.
Advanced Woo Search operates entirely on the client side and uses data already present in our WordPress database to deliver instant search results. It does not collect or transmit any personal data from website visitors to external servers.
The plugin may utilize browser cookies or local storage solely to improve search speed and responsiveness during a session. However, no data is shared with third parties or tracked across sessions. Advanced Woo Search does not include analytics or profiling functionality by default.
All search queries and related data remain within our website environment and are processed securely on our servers. No user-identifiable information is extracted, stored externally, or used for any other purpose beyond real-time product search functionality.
We regularly review our use of third-party plugins such as Advanced Woo Search to ensure full compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
For more information about this plugin, please refer to:
https://advanced-woo-search.com/
Brain ConKit for Divi
We use the WordPress plugin Brain ConKit for Divi to enhance the design capabilities and layout options of our website built with the Divi theme. This plugin is developed by DiviNext.
Brain ConKit for Divi functions as a front-end design enhancement tool. It does not collect, store, or transmit any personal data from website visitors by default. Its modules are used solely to display content and improve the user interface.
All operations of Brain ConKit occur locally within the WordPress environment. No data is sent to external servers, and the plugin does not use cookies, analytics, or embedded third-party tracking systems.
If custom modules within Brain ConKit are configured to process user data (e.g. forms or dynamic content), those are handled internally on our servers and governed by the broader terms of this privacy policy.
We review all third-party plugins regularly, including Brain ConKit for Divi, to ensure compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
For more information about the plugin, please visit:
https://divinext.com/product/brain-conkit-for-divi/
CookieYes
We use the CookieYes plugin to manage cookie consent and ensure compliance with data protection laws such as the General Data Protection Regulation (GDPR) and the ePrivacy Directive. This service is provided by CookieYes Limited, 3 Warren Yard, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom.
CookieYes displays a cookie consent banner and stores users’ consent preferences. Depending on your interaction with the consent banner, a consent record may be stored in your browser via cookies or local storage.
The plugin may collect anonymized technical data such as the timestamp of consent, the device/browser used, and the user’s country (inferred from IP address) to maintain proper consent logs. No personally identifiable information (PII) is stored or transmitted by CookieYes through our implementation.
The plugin may also be used to conditionally load third-party services (e.g., Google Analytics, YouTube) only after obtaining user consent. This ensures that cookies related to tracking or profiling are not activated unless consent is explicitly given.
You can adjust your cookie preferences or withdraw consent at any time by using the “Cookie Settings” link available on our website.
For more information, please refer to the CookieYes privacy policy:
https://www.cookieyes.com/privacy-policy/
Disable Gutenberg
We use the WordPress plugin Disable Gutenberg to manage the editing experience on our website by disabling the Gutenberg block editor in favor of the Classic Editor. This plugin is developed by Jeff Starr (Specialist Press).
Disable Gutenberg operates entirely within the WordPress admin environment. It does not collect, store, or transmit any personal data from visitors to our website.
The plugin does not use cookies, does not engage in any form of user tracking, and does not communicate with any external servers. Its sole purpose is to modify the administrative interface and editor configuration for site administrators and content editors.
Since it does not interact with front-end user sessions, it has no impact on the data privacy or processing of visitors.
We regularly audit all administrative and content management plugins to ensure full compliance with the General Data Protection Regulation (GDPR) and related privacy laws.
More information about this plugin can be found at:
https://wordpress.org/plugins/disable-gutenberg/
Divi Blog Extras
We use the WordPress plugin Divi Blog Extras to enhance the design and layout of blog listings on our website built with the Divi theme. This plugin is developed by Divi Extended, a brand of Elicus Technologies, India.
Divi Blog Extras is a design module plugin that operates entirely within the WordPress environment. It does not collect, store, or transmit any personal data from website visitors. Its purpose is solely to improve the visual display of blog content through additional layout options.
The plugin does not use cookies, does not track user behavior, and does not include third-party analytics or external data calls. Any data rendered through the plugin is sourced from our own WordPress database and remains entirely within our hosting environment.
Since it does not process visitor data, Divi Blog Extras has no impact on user privacy. We regularly evaluate all third-party plugins to ensure full compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.
More information about Divi Blog Extras can be found at:
https://diviextended.com/product/divi-blog-extras/
Divi Gravity Forms
We use the Divi Gravity Forms plugin to embed and style Gravity Forms within the Divi theme on our website. This plugin is developed by Divi Extended (Elicus Technologies, India) and functions solely as a design integration tool.
Divi Gravity Forms does not collect, store, or transmit any personal data on its own. It simply facilitates the visual display of forms created with Gravity Forms. All data entered into these forms is processed according to the settings and privacy rules of Gravity Forms, as described in the corresponding section of this privacy policy.
The plugin does not use cookies, does not track user behavior, and does not interface with any external services or APIs.
Since Divi Gravity Forms is purely a presentation layer, it does not influence the handling of form submissions or the security of user data.
We routinely audit all third-party integrations to ensure compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.
More information about this plugin can be found at:
https://diviextended.com/product/divi-gravity-forms/
Divi Masonry Gallery
We use the Divi Masonry Gallery plugin to create responsive, masonry-style image galleries within our Divi-powered website. This plugin is developed by Divi Extended (Elicus Technologies, India).
Divi Masonry Gallery does not collect, store, or transmit any personal data from website visitors. It functions purely as a front-end design enhancement and loads image content already stored in our WordPress media library.
The plugin does not use cookies, does not track user behavior, and does not connect to external services or analytics tools.
Since it does not handle or process user data, Divi Masonry Gallery has no impact on data privacy.
For more information, visit:
https://diviextended.com/product/divi-masonry-gallery/
Divi Modules Image Box
We use the Divi Modules Image Box plugin to display image and text combinations in enhanced layouts on our Divi-based website. This plugin is developed by Divi Extended (Elicus Technologies, India).
Divi Modules Image Box does not collect, store, or transmit any personal data from users. It is a visual content module that displays images and accompanying text from content already stored within WordPress.
The plugin does not use cookies, track behavior, or connect to external services.
As it performs purely a front-end display function, it has no impact on user privacy or data protection.
More info:
https://diviextended.com/product/divi-modules-image-box/
Divi Modules Table Maker
We use the Divi Modules Table Maker plugin to create responsive, customizable tables within our Divi-powered website. This plugin is developed by Divi Extended (Elicus Technologies, India).
Divi Modules Table Maker does not collect, store, or transmit any personal data from website visitors. It functions exclusively as a visual module to display static or manually entered table data.
The plugin does not use cookies, does not track user behavior, and does not connect to external services or third-party APIs.
As it does not process user data, this plugin does not impact visitor privacy or data protection compliance.
More info:
https://diviextended.com/product/divi-modules-table-maker/
Gravity Forms
We use the Gravity Forms plugin to collect user-submitted information via forms on our website. This plugin is developed by Rocketgenius, Inc., 1620 Centerville Turnpike, Suite 102, Virginia Beach, VA 23464, USA.
Gravity Forms processes and stores the data entered by users in our WordPress database. This may include personal data such as names, email addresses, phone numbers, or other information provided voluntarily through form fields. The data is stored securely and is not shared with third parties unless explicitly stated or integrated with external services.
The plugin does not set tracking cookies or collect usage data on its own. However, it can be extended with add-ons (e.g., payment gateways, email marketing integrations), which may involve third-party data processing. These integrations are optional and covered under their respective privacy policies.
All data collected through Gravity Forms remains within our infrastructure unless otherwise configured. We ensure that any form submission is processed in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
You may request access to, correction of, or deletion of any personal data submitted via our forms by contacting us.
More info:
https://www.gravityforms.com/privacy/
Gravity Forms Address Enhanced
We use the Gravity Forms Address Enhanced add-on to improve address input accuracy in our Gravity Forms. This extension enhances the default address field by offering dynamic features such as international formatting, autocompletion, and conditional logic. It is typically used with or built upon the core Gravity Forms plugin.
Gravity Forms Address Enhanced does not independently collect or transmit personal data. All address inputs processed through this add-on are handled entirely within the context of the form and stored via Gravity Forms under our server infrastructure.
The add-on does not use cookies, does not track users, and does not establish connections to external APIs unless explicitly configured (e.g., to use services like Google Maps Autocomplete, which are governed by their own privacy policies).
Any address data collected is subject to the same privacy and security controls described in the Gravity Forms section of this privacy policy and processed in accordance with applicable data protection regulations.
Gravity Forms Double Opt-In
We use the Gravity Forms Double Opt-In add-on to require user confirmation before finalizing form submissions. This feature is typically used to verify email addresses and obtain explicit consent for communications such as newsletter subscriptions or gated content access.
The double opt-in process works by sending a confirmation link to the user’s provided email address. No submitted data is processed or stored until the user confirms their intent via that link. This helps prevent unauthorized submissions and supports compliance with data protection requirements such as GDPR.
The add-on stores temporary data (e.g. email address, form token) on our server until confirmation is completed. If the user does not confirm, the data is discarded after a defined expiration period.
The plugin does not track users or set cookies beyond the confirmation workflow. Any personal data handled through this feature is governed by the same policies as the core Gravity Forms plugin.
Gravity Forms reCAPTCHA
We use the Gravity Forms reCAPTCHA integration to protect our forms against spam and automated abuse. This integration connects our site’s Gravity Forms to Google reCAPTCHA, a service provided by Google Ireland Limited (for EU users) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
When a user interacts with a form containing reCAPTCHA, their browser may send technical and behavioral data (e.g., mouse movements, keystrokes, IP address, device/browser info) to Google. This helps determine whether the user is a human or a bot.
This data collection occurs under Google’s own privacy terms and is subject to the Google Privacy Policy and Terms of Use. We do not receive personally identifiable information (PII) from reCAPTCHA, and we do not use the collected data for any other purpose.
Google reCAPTCHA may set cookies as part of its verification process. You can manage consent preferences via our cookie settings interface.
More information:
https://policies.google.com/privacy
https://www.google.com/recaptcha/about/
Enable Media Replace
We use the Enable Media Replace plugin to update or replace media files (such as images, PDFs, or videos) within our WordPress media library without changing the file URL. This plugin is developed by ShortPixel.
Enable Media Replace operates solely within the WordPress admin interface and does not collect, transmit, or store any data from website visitors. It is used only by site administrators or editors during content management tasks.
The plugin does not use cookies, does not track user behavior, and does not integrate with any external services.
Since it does not process user-submitted data or interact with frontend user sessions, it has no impact on user privacy.
More information:
https://wordpress.org/plugins/enable-media-replace/
MapGeo
We use the MapGeo plugin or embed to provide interactive mapping and geospatial visualization services on our website. MapGeo is a product by Applied Geographics, Inc. (AppGeo), headquartered in Boston, MA, USA.
When users interact with MapGeo maps embedded on our site, their browser may send information such as IP address, device/browser data, and location (if location services are enabled) to MapGeo servers. This is required to load and render map data, layers, and user interactions.
MapGeo may use third-party mapping services (e.g., Google Maps, OpenStreetMap) depending on configuration. These services may collect user data under their own privacy policies.
We do not store or process any personal data via MapGeo directly. All geospatial content is displayed for informational or public record purposes. If user location data is accessed, it is anonymized and used solely to improve map functionality.
For more information about MapGeo’s data practices, please visit:
https://www.mapgeo.io/privacy/
PDF Embedder Premium
We use the PDF Embedder Premium plugin to embed and display PDF files directly within pages and posts on our website. This plugin is developed by WP PDF Embedder (Barn2 Plugins Ltd, UK).
PDF Embedder Premium loads PDF files locally from our server and renders them in the user’s browser using JavaScript. It does not send data to external servers and does not collect, store, or transmit any personal information from users viewing embedded PDFs.
The plugin does not set tracking cookies, does not use analytics, and does not interact with third-party services. Any interaction users have with the embedded PDF (e.g., scrolling, zooming, or navigating pages) occurs entirely in-browser without data capture.
If download or print restrictions are enabled, they are enforced via frontend JavaScript and do not involve user identification or behavioral tracking.
More information:
https://wp-pdf.com/premium-pdf-embedder/
PriceSpider
We use the PriceSpider service to display real-time product pricing and availability from third-party retailers. PriceSpider is provided by PriceSpider, Inc., 20 Pacifica, Suite 1000, Irvine, CA 92618, USA.
When users interact with embedded PriceSpider widgets (e.g., “Where to Buy” buttons), certain technical data such as IP address, browser type, device ID, and location (approximate, based on IP) may be collected by PriceSpider to provide localized pricing and retailer options. This data is processed in accordance with PriceSpider’s privacy policy and is not stored or used by us.
PriceSpider may use cookies or similar tracking technologies to optimize performance and provide analytics on widget interactions. Users can manage these cookies through their browser settings or via our cookie consent platform, where applicable. Specific or widgets or content shall be automatically restricted or withheld from display based on the user’s geographic region.
We do not share any personal data with PriceSpider beyond what is technically required for widget functionality. Use of this service helps improve the user experience by showing dynamic pricing without collecting personally identifiable information on our end.
More information: https://www.pricespider.com/privacy-policy/
Rank Math SEO (Pro)
We use the Rank Math SEO (Pro) plugin to manage search engine optimization on our website. This plugin is developed by Rank Math LLC (rankmath.com).
Rank Math operates primarily within the WordPress environment and does not collect personal data from visitors to our website by default. However, certain features—such as content analysis, keyword suggestions, or integration with third-party platforms (e.g., Google Search Console, Google Analytics)—may involve limited data sharing if explicitly enabled.
For logged-in users (e.g., administrators or editors), Rank Math may log metadata such as usernames or post history during SEO optimization tasks. This data remains within our WordPress installation and is not transmitted to Rank Math unless API integrations are used.
Rank Math does not place frontend cookies for visitors unless advanced modules (e.g., Analytics or AI) are activated. All analytics and data sharing features are optional and require explicit configuration and consent.
More information:
https://rankmath.com/privacy-policy/
Really Simple Security
We use the Really Simple Security plugin to strengthen the security of our WordPress website. This plugin is developed by Really Simple Plugins (Netherlands).
Really Simple Security operates within the WordPress backend to monitor login activity, file integrity, and other site-level security events. It does not collect or transmit personal data from public site visitors. However, for logged-in users (e.g., administrators or editors), it may log IP addresses, usernames, timestamps, and login attempts for auditing and protection purposes.
This data is stored locally in our WordPress database and is not shared with third parties. The plugin does not set frontend cookies or track behavior of unauthenticated users.
All security logs and event data are retained for a limited period and managed according to our internal data retention policies. These logs are used exclusively to prevent abuse, detect anomalies, and enhance the security of our website.
More information:
https://really-simple-ssl.com/security/
Regenerate Thumbnails
We use the Regenerate Thumbnails plugin to regenerate media thumbnail sizes for images uploaded to our WordPress site. This plugin is developed by ShortPixel.
Regenerate Thumbnails operates exclusively in the WordPress admin interface and is used by site administrators to adjust or regenerate image sizes when theme settings change or new sizes are registered. It does not collect, process, or transmit any personal data.
The plugin does not set cookies, track users, or interact with frontend visitors. All actions are performed locally on the server and apply only to media files already stored in the WordPress media library.
As it does not interact with user sessions or process any form submissions, this plugin has no privacy impact on website visitors.
More information:
https://wordpress.org/plugins/regenerate-thumbnails/
Smush Pro
We use the Smush Pro plugin to optimize and compress images on our website in order to improve page load speed and reduce storage usage. This plugin is developed by WPMU DEV (Incsub LLC, USA).
Smush Pro processes images either locally on our server or via WPMU DEV’s image optimization API. If cloud optimization is enabled, images may be temporarily transferred to WPMU DEV’s servers for compression and then returned. These transfers do not include personal data or user-identifiable information.
The plugin does not collect or transmit visitor data, does not set frontend tracking cookies, and does not interact with users. All optimization processes are tied to media files, not user sessions.
Any analytics or performance data sent to WPMU DEV is anonymized and used strictly for plugin performance and support. Users viewing the site are not affected in terms of privacy.
More information:
https://wpmudev.com/privacy-policy/
Ultimate Carousel for Divi Premium
We use the Ultimate Carousel for Divi Premium plugin to display images, text, or custom modules in a responsive carousel format on our Divi-based website. This plugin is developed by Divi Gear (a brand of DiviPeople, India).
Ultimate Carousel for Divi operates entirely within the Divi Builder and WordPress environment. It does not collect, store, or transmit personal data from visitors. All content displayed in carousels is managed locally within WordPress and does not rely on external APIs or data sources.
The plugin does not set cookies, does not perform user tracking, and does not connect to any third-party services. It serves purely as a design enhancement and does not process any user-submitted data.
Since it only affects the layout and visual presentation of elements, this plugin does not impact user privacy.
More information:
https://divigear.com/product/ultimate-carousel-for-divi/
Wicked Folders Pro
We use Wicked Folders Pro to organize content within the WordPress admin area using a virtual folder structure. This plugin is developed by Wicked Plugins, USA.
Wicked Folders Pro does not collect, store, or transmit personal data from website visitors. It functions exclusively within the backend for administrators and editors to organize pages, posts, media, and custom post types more efficiently.
The plugin does not set cookies, perform tracking, or interact with the front end of the website. All folder structures and assignments are stored locally in the WordPress database.
As it does not process visitor data or interact with public-facing elements of the site, Wicked Folders Pro has no impact on user privacy.
More information:
https://wickedplugins.com/plugins/wicked-folders/
WooCommerce
We use WooCommerce to manage the e-commerce functionality of our website, including product listings, customer accounts, cart processing, and order fulfillment. This plugin is developed by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.
WooCommerce collects and processes personal data provided by users during the checkout or registration process, including name, billing/shipping address, email, payment details (via integrated gateways), and order history. This data is stored securely on our server and used solely for transaction processing, account management, and legal compliance (e.g., tax, refunds).
WooCommerce does not share this data with third parties unless integrated with payment providers, shipping carriers, or analytics tools—each governed by its own privacy policy. The plugin may set essential cookies for session management (e.g., cart contents or logged-in status).
All data processing through WooCommerce is conducted in compliance with the General Data Protection Regulation (GDPR) and applicable privacy laws.
More information:
https://woocommerce.com/document/woocommerce-security-faq/
https://automattic.com/privacy/
WooCommerce Builder for Divi
We use WooCommerce Builder for Divi to customize the design and layout of WooCommerce-related pages (such as product, cart, and checkout pages) using the Divi Builder interface. This plugin is developed by Divi Kingdom.
WooCommerce Builder for Divi operates entirely within the WordPress and Divi environments and does not collect, transmit, or process personal data from website visitors. It serves as a visual layout enhancement layer over WooCommerce functionality.
The plugin does not place cookies, does not perform user tracking, and does not interact with third-party services. All customer data collected through WooCommerce remains governed by WooCommerce’s own privacy practices, not this builder plugin.
Since it does not handle form inputs or transactional data directly, WooCommerce Builder for Divi does not impact user privacy.
More information:
https://divikingdom.com/product/woocommerce-builder-for-divi/
WP Activity Log Premium
We use WP Activity Log Premium to monitor and log user activity within the WordPress admin area, including logins, content changes, plugin activations, user role modifications, and other security-relevant events. This plugin is developed by WP White Security (Malta).
WP Activity Log Premium records actions performed by logged-in users such as administrators, editors, and authors. The plugin logs metadata such as username, role, IP address, timestamp, and the nature of the change or action taken. This data is stored locally in our WordPress database and is used strictly for audit, troubleshooting, and security purposes.
The plugin does not collect any data from public (unauthenticated) visitors. It does not share log data with third parties unless explicitly configured with external logging services (e.g., email, syslog, or third-party storage). It does not use frontend cookies or track browsing behavior.
All data logged by WP Activity Log Premium is managed in accordance with our internal retention policies and applicable data protection laws, including the GDPR.
More information:
https://wpactivitylog.com/privacy-policy/
WP All Import (Premium)
We use WP All Import to import and update content such as posts, products, users, or custom fields from XML, CSV, or Excel files into our WordPress site. This plugin is developed by Soflyy, the company behind WP All Import and WP All Export.
WP All Import processes the data contained in uploaded files within the WordPress backend. Depending on the configuration, imported data may include personal information (e.g., names, emails, product-related metadata) if such data is present in the file provided by administrators. This data is handled internally and stored in our WordPress database.
The plugin does not collect or transmit data to external servers unless integrations (e.g., Zapier, API connectors, third-party webhooks) are explicitly configured. It does not track users, does not place cookies, and does not interact with website visitors.
All imports are managed locally and are subject to our internal data processing and retention policies, which are compliant with applicable data protection laws such as the GDPR.
More information:
https://www.wpallimport.com/privacy-policy/
WPCode Pro
We use WPCode Pro to manage custom code snippets (HTML, PHP, JavaScript, CSS, etc.) across our WordPress website without directly editing theme or plugin files. This plugin is developed by WPCode (formerly Insert Headers and Footers), a product of WPBeginner / Awesome Motive Inc., USA.
WPCode Pro operates within the WordPress admin environment and is used by site administrators to inject or manage custom scripts for functionality, design, or third-party integrations. The plugin itself does not collect, store, or transmit personal data from site visitors.
However, depending on the custom code added (e.g., marketing pixels, analytics scripts), third-party services may process user data. In such cases, those services are governed by their respective privacy policies, and user consent is managed through our cookie consent system.
WPCode Pro does not set any frontend cookies or track users on its own. All data control and privacy responsibilities for injected code lie with the site administrator.
More information:
https://wpcode.com/privacy-policy/
WP Gravity Forms Salesforce Pro
We use WP Gravity Forms Salesforce Pro to integrate Gravity Forms submissions with our Salesforce CRM system. This plugin is developed by CRM Perks.
When a user submits a form on our website that includes this integration, the entered data—such as name, email, phone number, and any custom form fields—may be transmitted securely to our connected Salesforce account. The specific data transmitted depends on the form configuration and the mapped fields in Salesforce.
WP Gravity Forms Salesforce Pro does not store or process data independently. It functions as a bridge between Gravity Forms and Salesforce. The plugin does not set frontend cookies, track users, or store submission data beyond the scope of its integration role.
All transmitted data is subject to our data protection practices and Salesforce’s own privacy policy. Transmission occurs over secure channels (SSL), and no data is shared with third parties other than Salesforce.
More information:
https://crmperks.com/privacy-policy/
WP Rocket
We use WP Rocket to improve our website’s performance through caching, file optimization, and speed enhancements. This plugin is developed by WP Media SAS, France.
WP Rocket works automatically to generate cached versions of our pages, optimize CSS and JavaScript delivery, enable lazy loading for images, and improve browser caching. It does not collect or transmit personal data from website visitors.
The plugin may set functional cookies (e.g., wp_rocket_cache_uses_mobile) to detect device types or cache variations. These cookies do not track behavior or identify users and are used solely for performance purposes.
WP Rocket does not use external APIs or third-party integrations unless optional add-ons (e.g., CDN integrations) are enabled. It is fully compliant with data protection regulations including the GDPR.
More information:
https://wp-rocket.me/privacy-policy/
WPMU DEV Dashboard
We use the WPMU DEV Dashboard plugin to manage and update WPMU DEV plugins and services installed on our WordPress website. This plugin is developed by Incsub, LLC (USA), the creators of WPMU DEV.
The WPMU DEV Dashboard allows authorized administrators to connect the site to their WPMU DEV account to activate licenses, receive plugin updates, access support, and manage performance, security, and SEO tools provided by WPMU DEV.
The plugin may transmit administrative metadata such as site URL, plugin versions, license status, and server IP to WPMU DEV’s servers. This data is used solely for account management and product functionality and is not shared with third parties.
No personal data from website visitors is collected or transmitted. The plugin does not set frontend cookies or perform any user tracking.
More information:
https://wpmudev.com/privacy-policy/
WPCode Pro
We use WPCode Pro (by Awesome Motive) to safely insert custom code snippets (e.g., for analytics, meta tags, or tracking scripts) into our WordPress site. The plugin itself is developed and maintained by Awesome Motive Inc., 801 Northpoint Pkwy, West Palm Beach, FL 33407, USA.
WPCode Pro does not independently collect personal data from visitors. However, snippets added via this tool (e.g., Google Analytics, Meta Pixel) may load third-party scripts that perform data collection. Any such behavior is governed by the privacy policies of the respective third parties.
We only add vetted and necessary scripts through WPCode Pro and do so in alignment with our internal privacy and compliance guidelines.
For more information, refer to WPCode’s privacy policy:
🔗 https://wpcode.com/privacy-policy/
WP Activity Log
We use WP Activity Log to monitor and log administrative actions within our WordPress website. This plugin helps us improve security and accountability by recording changes made by logged-in users. It is developed by WP White Security, 37 St Barbara Bastion, Valletta, VLT1961, Malta.
WP Activity Log collects and stores internal admin and user activity data (e.g., logins, content updates, plugin changes) locally on our server. It does not collect or transmit personal data from public site visitors or send any information to the plugin’s developers or third parties.
We configure WP Activity Log to ensure it aligns with data minimization principles and applicable data protection laws.
More information is available in the developer’s privacy policy:
🔗 https://wpactivitylog.com/privacy-policy/
Facebook Pixel
We use Facebook Pixel, a tracking tool provided by Meta Platforms, Inc. (1 Hacker Way, Menlo Park, CA 94025, USA), to measure and improve the effectiveness of our Facebook advertising campaigns.
Facebook Pixel collects data about user interactions on our website (such as page views and conversions) and sends this data to Facebook to help us better target ads and understand visitor behavior. This may include information such as IP address, browser type, pages visited, and actions taken. The data collected is pseudonymized and processed according to Facebook’s data handling practices.
We only enable Facebook Pixel through tools like WPCode Pro and in accordance with user consent where legally required (e.g., via cookie consent banners). Data collected through Facebook Pixel is governed by Meta’s privacy policy.
For more information, refer to Facebook’s privacy policy:
🔗 https://www.facebook.com/privacy/policy/
Google reCAPTCHA
We use Google reCAPTCHA to protect our website from spam and abuse. This service is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
reCAPTCHA analyzes user interactions (such as mouse movements or time spent on a page) to determine whether an input is made by a human or an automated program. This analysis takes place in the background and helps us secure our forms and prevent fraudulent submissions.
The service may collect and process technical data, including your IP address and browser details, which may be transmitted to Google. This is necessary to fulfill the purpose of the tool and is done in accordance with Google’s privacy policy.
For more information, please refer to Google’s privacy policy: https://policies.google.com/privacy
We use CRM Perks plugins to integrate our website forms with third-party CRM systems. These plugins are developed and maintained by CRM Perks LLC.
Depending on the configuration, the plugin may collect and transmit form submissions (such as name, email, and message content) to a CRM system selected by us. The data transmitted is limited to what the user voluntarily provides through the form and is used solely for communication and customer service purposes.
CRM Perks itself does not store or use this data beyond what is necessary for form transmission, and data handling is governed by the privacy practices of the connected CRM platform.
For more information, please refer to CRM Perks’ privacy policy:
https://www.crmperks.com/privacy-policy/
10. Use of your data for advertising purposes (product recommendations to existing customers/ newsletter subscription)
Recommending products to existing customers
If you have ordered products from us and provided your email address, we allow ourselves under the law to send you product recommendations for similar products which could be of interest to you, where you have not objected this use during the purchase process. This form of contact will only occur for the purpose of sending product recommendations via email to you as an existing customer. In this, we are pursuing our legitimate interest in sending personalised direct advertising to existing customers. This is consistent with our legitimate interest in direct advertising to existing customers under Art. 6 (1) (f) GDPR in conjunction with Section 7 (3) German Unfair Competition Act (Gesetz gegen den unlauteren Wettbewerb – UWG). If you have initially objected to this use of your email address, we will not send this information to you via email. You may withdraw your consent to the use of your email address to receive such messages from us at any time and with future effect. After receipt of your withdrawal of consent, we will cease the use of your email address for this purpose without delay.
Newsletter subscription
You can register for our email newsletter on our website. Our newsletter provides regular updates on new items, interesting offers and new promotions and campaigns. To receive our newsletter, you must only provide your email address. You may also choose to provide your name, to allow us to address you personally. We use the double opt-in process for our newsletter subscription. For this purpose, we will send you a confirmation email after we have received your consent to a newsletter subscription. In this email, we will ask you to confirm your subscription via a provided link. You will only receive our newsletter after this (second) activation of the service.
Consent to newsletter subscription
The address you provided for our newsletter subscription and any other data you provided such as your name will solely be used for the purposes of sending advertisements to you via electronic mail. This sending of electronic advertising is lawful pursuant to Art. 6 (1) (a) GDPR.
You can withdraw your consent to the use of your email to receive newsletters at any time with future effect by sending an email or using our online contact form, or the link provided in the email. After cancellation of this service, we will delete your email address without delay from our distribution list, unless you have expressly consented to another use of your data, or we reserve the right to use your data for lawful purposes and of which you have been informed appropriately.
Your declaration of consent will be recorded electronically for the purposes of verification. You can see your declarations of consent at any time online in your account. On registration for the newsletter, we also store the IP address provided by your Internet Service Provider (ISP) as well as the date and time of your subscription to trace any potential misuse of your email address at a later date.
If you have not consented to the newsletter subscription or withdrawn said consent, you will only receive electronic mail from us in connection with the processing of orders you have placed with us.
Service providers for sending electronic advertising
We use the Email Studio software, which is part of the Marketing Cloud of the service provider Salesforce Canada Corporation, 10 Bay Street, Suite 400, Toronto, ON, M5J 2R8, Canada (hereinafter referred to as “Salesforce”), to send the aforementioned product recommendations and newsletters by electronic mail. This service provider acts on our behalf strictly in accordance with our instructions and obtains knowledge of your email address and, if applicable, your name for this purpose.
We have concluded a data processing agreement with Salesforce. Data processing generally takes place on Salesforce servers in Canada. This data transfer is justified by the EU Commission’s adequacy decision for Canada. It cannot be ruled out that data may also be transferred to Salesforce, Inc. in the USA. This data transfer is permitted by the adequacy decision of the EU Commission for the USA. Salesforce, Inc. participates in the EU-US data privacy framework: https://www.dataprivacyframework.gov/
In addition, Salesforce has binding internal data protection regulations or Binding Corporate Rules (BCR) in accordance with Art. 47 GDPR. Salesforce’s EU Binding Corporate Rules (“Salesforce EU Processor BCR”) were approved by the European data protection authorities in 2015 and the UK Binding Corporate Rules (“Salesforce UK Processor BCR”) were approved by the Information Commissioner’s Office in the UK in 2023.
Further information on data processing in the Salesforce Marketing Cloud can be found here: https://help.salesforce.com/s/articleView?id=sf.mc_overview_data_protection_privacy.htm&type=5. You can view Salesforce’s privacy policy here https://www.salesforce.com/company/privacy/.
If you have given us your consent to receive newsletters and to evaluate the interaction with our newsletters (so-called conversion tracking) (Article 6 (1) (a) GDPR, Section 25 (1) TTDSG), Salesforce uses this information on our behalf to send and statistically evaluate the newsletters. For the evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This enables us to determine whether you have opened a newsletter message, and which links you may have clicked on. With the help of conversion tracking, we can also analyze whether a certain action (e.g. the purchase of a product on our online pages), which we have determined in advance, has taken place after clicking on the link in the newsletter. In addition, we collect further technical information, namely the time of access, the shortened IP address, browser type and operating system. We only collect this technical data in pseudonymized form and do not link it to your personal data or your customer account. We therefore exclude the possibility of the data being directly linked to a person. We use this data exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses enable us to better adapt future newsletter offers to the interests of our customers.
The legal basis for this data processing is your consent (Art. 6 para. 1 letter a GDPR,
§ 25 TTDSG). You can withdraw your consent at any time with effect for the future. The lawfulness of the processing carried out on the basis of the consent until revocation remains unaffected.
We will store your email address, your name (if applicable) and the consent you have given for sending the newsletter and conversion tracking for the duration of the newsletter subscription or until you withdraw your consent (unsubscribe from the newsletter). Any other data collected in the course of sending the newsletter will be deleted after seven days.
Consent to newsletter tracking
In addition to sending newsletters, it is also possible to evaluate your interaction with the newsletter. This involves the evaluation of delivery, engagement and contact history. We gain insight into whether the newsletter was read/opened (including times of opening), clicks (including visits to our websites, links called up and other web interactions) and undeliverability processes. If you follow a link, we can clearly attribute it to you. The newsletter and contact IDs are logged in the newsletter tool we use. This enables us to create target group profiles and constantly improve the effectiveness of our newsletters.
In order to be able to analyze these interactions, a unique web beacon is integrated into each newsletter. Web beacons are a technique for carrying out the aforementioned analyses inconspicuously (usually invisible to you). Our web beacons are small digital image files that are embedded in the e-mail newsletter. They are the size of a few pixels and can have the same colour as the background or be transparent. As the recipient, you activate the web beacon by loading the images and thus start the analysis.
We only use this technology if you have given us your prior consent to tracking (Art. 7 GDPR). When you subscribe to the newsletter, we ask you separately for your consent to newsletter tracking. You can revoke this consent to newsletter tracking at any time with effect for the future by sending us an email or using our online contact form or the corresponding link in the newsletter. After such a cancellation, we will immediately tag your e-mail address in our newsletter distribution list so that no newsletter tracking takes place in the future.
However, you also have the option of preventing newsletter tracking to a certain extent: You can configure your email reading software to prevent access to remote images. Another option is to disconnect from the Internet before reading the newsletter after you have download-ed it. However, this requires that you use an e-mail reader on your computer and download all e-mails from the server to your own computer. The web beacons contained cannot then trigger any requests to the host server and tracking is prevented. If you delete the messages, the web beacons are also deleted, which means that they cannot perform any activities. It is also possible to filter out web beacons completely at server level.
We have set up the data processing in the newsletter tool we use in such a way that tracking of newsletter interaction is kept to a minimum.
11. Automated decision-making and profiling
We do not use automated decision-making. Profiling only takes place in the cases described in this privacy policy if you have given us your consent to do so. You may revoke your consent at any time with future effect. Processing of your data which occurred prior to the withdrawal of consent is not affected. No further profiling will take place.
12. Tools and Services we use
We use online services provided by the web analysis service Google Analytics. Google Analytics is a service offered in the EU and EEA by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and in the USA by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies that are stored on your computer to analyse the use of our online web presence.
The information collected by the cookie regarding your use of our online web presence (including your masked IP address) is transferred to and stored in a Google server in the USA. Google uses this information to evaluate the use of our website to prepare reports about the activities in our online presence and provide us with additional services associated with that use. The IP address provided by your browser as part of the Google Analytics service is not added to any other Google data.
We use Google Analytics in our online presence for web analysis purposes exclusively with an add-on that provides an “anonymise IP” function. This setting ensures that Google Analytics erases the last part of your IP address. This anonymisation of your IP address removes any direct trace of you personally. When using this feature, Google masks your IP address within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area prior to transferring that information outside of the EU. The full IP address will only be sent to a Google server for masking in the USA in exceptional cases. In this way, we do not receive data that provides us with a way to identify you personally.
We also use the Universal Analytics function with Google Analytics. Universal Analytics allows us to analyse the use of our online services across devices (e.g. access via a laptop and then later from a tablet). As a user, you will be given a pseudonymous User ID on registration, when you access our site from another device. This is how the system recognises your User ID when you access our site from another device. We do not allocate any names to the User ID. We do not provide Google with any personal data. Privacy measures such as IP masking and Browser Add-ons are not restricted by the use of the Universal Analytics function.
You can prevent the installation of cookies using the settings in your browser software. You can also prevent the collection and processing of the data created by the use of cookies and related to your use of our online services (including your IP address) by Google by downloading and installing the browser plugin available at: https://support.google.com/analytics/answer/
181881?hl=en
This will prevent all future collection of data by Google Analytics within our website. This opt-out cookie only works in this browser and only for this domain.
If you undertake any of the above cookie deactivation measures, you may not be able to use all the functions of our website to their full extent.
Google participates in the EU-US Data Privacy Framework: https://www.dataprivacyframe-work.gov/
We have concluded a contract with Google in accordance with the EU’s standard contractual clauses.
For more information regarding how Google Analytics deals with user information, please refer to Google’s Privacy Statement: https://policies.google.com/privacy?hl=en
Google Tag Manager
We use Google Tag Manager in our online services for the purpose of providing a personalised, interesting, and locally relevant online advertising. This service is operated in the EU, the EEA and Switzerland by Google Ireland Limited Gordon House, Barrow Street Dublin 4., Ireland and in the USA by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Tag Manager allows us to administer website tags using a single interface. Although we use cookies for this, we do not collect any personal data. The Tag Manager was specially developed for retailers and is a system with which elements (tags) from Google and other providers can be marked and administered. In this way, data may be sent to cookies or other tools. Tags can be used for conversion tracking, website analysis, and other purposes.
Google participates in the EU-US Data Privacy Framework: https://www.dataprivacyframe-work.gov/
We have concluded a contract with Google in accordance with the EU’s standard contractual clauses.
More information on Google Tag Manager is available at: https://www.google.com/analytics/
terms/tag-manager/
Further information and the Google Privacy Policy are available at: http://www.google.com/
policies/technologies/ads/ and https://policies.google.com/privacy?gl=en&hl=en.
13. Integration of social media
On our website we refer to our accounts in social networks. The use of these providers from the USA is permitted on the basis of the EU Commission’s adequacy decision. The providers referred to by us participate in the EU-U.S. Data Privacy Framework (DPF). The EU and the USA have concluded this agreement for the transfer of personal data from the EU and the EEA to organizations in the USA. Insofar as these US organizations participate in the DPF, the level of protection in the USA is deemed adequate. Further information on participation in the EU-US data privacy framework can be found on the website that the U.S. Department of Commerce has set up to implement the agreement: www.dataprivacyframework.gov.
14. Your rights as a data subject as enforceable in the EU
Please read the following information about your rights as a data subject regarding the processing of your personal data.
The right of access
You have the right to request a confirmation whether your personal data is being processed. Should this be the case, you have the right to be informed of the personal data that has been collected, stored or processed, as well as to the following information:
- The processing purpose,
- The recipients or categories of recipients to whom this data has been disclosed or will be disclosed,
- if possible, the intended duration of storage of your personal data or if this is not possible the criteria for determining that duration,
- Your additional rights (see below),
- If the personal data has not been collected from you, all available information regarding its source,
- The existence of automated decision-making, including profiling, and where existent, further relevant information.
You have the right to be informed of the appropriate safeguards available pursuant to Art. 46 GDPR against the transfer of your data to a third country or international organisation.
The right to rectification
You have the right to request the correction without delay of incorrect or incomplete personal data.
Right to erasure (right to be forgotten)
You have the right to request that we delete the personal data concerning you without delay. We are obliged to delete your personal data without delay where one of the following grounds applies:
- Your personal data are no longer required for the purpose for which they were collected or otherwise processed.
- You are withdrawing your consent and there are no other legal grounds for processing that data.
- You are filing an objection (see below) to the data processing.
- Your personal data were unlawfully processed.
- The deletion of your personal data is necessary to fulfil an obligation under EU law or the law of the Member States.
- A child has provided consent to the collection of personal data.
Right to restriction of processing:
You have the right to request a restriction of our data processing when one of the following conditions is met:
- You are contesting the accuracy of the personal data,
- The data processing is unlawful, but you do not agree to the deletion of the personal data, instead requesting a restriction of its use,
- We no longer need the personal data for the purposes of processing, but you need the data to establish, exercise or defend legal claims; or
- You have objected to processing (see below) and it is not yet clear whether our legitimate interest will prevail.
Right to notification
If you have exercised you’re right to rectification, erasure or restriction of processing against us, we are obliged to inform all recipients to whom personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed of those recipients.
Right to data portability
You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another controller without interference on our part provided that:
- The processing is based on consent granted pursuant to Art. 6 (1) (a) GDPR or Art.9 (2) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR; and
- The processing is carried our using automated methods.
In exercising this right, you may request that personal data related to you be transferred directly from us to another controller insofar as this is technically feasible and does not infringe on the freedoms and rights of any other person. The right to data portability does not apply to the processing of personal data required for fulfilling a task carried out in the public interest or in the exercise of an official authority invested in the controller.
Right to object
You have the right, based on grounds relating to your particular personal situation to object at any time to the processing of your personal data, unless it is based on one of the following grounds:
- The processing of your personal data by us is required for the fulfilment of a task that lies in the public interest or in the exercise of public authority that has been delegated to us; or
- The processing is necessary to safeguard our legitimate interest or the legitimate interest of a third-party, in so far as your interests or basic rights require that protection of your personal data prevail.
The right to object also applies to profiling based on these processes.
If the personal data that concerns you is being processed for direct marketing purposes, you have the right to object to the processing of your personal data for such marketing purposes. This also applies to profiling insofar as it is associated with such direct marketing.
You also have the right, on grounds arising from your particular personal situation to object to the processing of your personal data undertaken by us for scientific or historical research purposes or for statistical purposes, unless such processing is necessary for the performance of a task in the public interest.
Right to withdraw consent and data protection law
You may revoke your consent at any time with future effect. The revocation may be simply sent to us at any time, e.g., an informal email. Processing of your data which occurred prior to the withdrawal of consent is not affected.
Right of appeal to the supervisory authority
Do you think that the processing of your personal data was illegal? Then you have the right to lodge a complaint with a supervisory authority, particularly in your country of residence or country of work, or at the location the alleged breach took place. If you are in doubt, contact the agency responsible for us at Marit Hansen, ULD – Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein, (E-Mail: mail@datenschutzzentrum.de, Holstenstraße 98, 24103 Kiel, telephone: 0431 988-1200, fax: 0431 988-1223). Other administrative or judicial remedies are not affected by the exercise of these rights.
- Newsletter
Recommending products to existing customers
If you have ordered products from us and provided your email address, we are permitted by law to send you product recommendations for similar products which could be of interest to you, where you have not objected this use during the purchase process. This form of contact will only occur for the purpose of sending product recommendations via email to you as an existing customer. In this, we are pursuing our legitimate interest in sending personalised direct advertising to existing customers (permissible within the EU pursuant to: Art. 6 (1) (f) GDPR). If you have initially objected to this use of your email address, we will not send this information to you via email. You may withdraw your consent to the use of your email address to receive such messages from us at any time and with future effect. After receipt of your withdrawal of consent, we will cease the use of your email address for this purpose without delay.
Newsletter subscription
You can register for our email newsletter on our website. Our newsletter provides regular updates on new items, interesting offers and new promotions and campaigns. To receive our newsletter, you must only provide your email address. You may also choose to provide your name, to allow us to address you personally. We use the double opt-in process for our newsletter subscription. For this purpose, we will send you a confirmation email after we have received your consent to a newsletter subscription. In this email, we will ask you to confirm your subscription via a provided link. You will only receive our newsletter after this (second) activation of the service.
We store your email address and name if provided along with the declaration of consent for newsletter delivery for the period of your subscription, or until you withdraw your consent (cancel subscription). Any other data collected as part of newsletter delivery will be deleted after seven days.
Consent to newsletter subscription within the EU
The address you provided for our newsletter subscription and any other data you provided such as your name will solely be used for the purposes of sending advertisements to you via electronic mail. This sending of electronic advertising is lawful pursuant to Art. 6 (1) (a) GDPR.
You can withdraw your consent to the use of your email to receive newsletters at any time with future effect by sending an email or using our online contact form, or the link provided with the newsletter. After cancellation of this service, we will delete your email address without delay from our distribution list, unless you have expressly consented to another use of your data, or we reserve the right to use your data for lawful purposes and of which you have been informed appropriately. Data processing is legal until you withdraw your consent.
Your declaration of consent will be recorded electronically for the purposes of verification. On registration for the newsletter, we also store the IP address provided by your Internet Service Provider (ISP) as well as the date and time of your subscription to trace any potential misuse of your email address at a later date.
If you have not consented to the newsletter subscription or have withdrawn said consent, you will only receive electronic mail from us in connection with the processing of orders you have placed with us.
Service providers for sending electronic advertising
Product recommendations and our newsletter are sent via email using the services provided by the following service provider: Mailchimp, a platform of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. This service provider acts on our behalf and strictly on our instructions and is provided with your email address and your name (where provided) for this purpose. These data are processed on the service provider’s servers.
This service provider, acting on our behalf, will only use this information for delivery purposes and for the statistical assessment of the newsletter. For the purposes of this assessment, the emails contain web beacons or tracking pixels. This allows us to ascertain whether a newsletter has been opened, and which links you may have clicked. Using conversion tracking, we can then also analyse whether a certain action (e.g. the purchase of a product on our online pages) has taken place after clicking the link in the newsletter. Additionally, we collect further technical information, namely the time of access, the masked IP address, browser type and operating system. This technical information is exclusively collected in an anonymised form and is not linked to your personal data or your customer account, making it impossible for us to link that information back to you. In this way, we can rule out any connection of the data with your person. The data are only utilised for statistical analysis of our newsletter campaigns. The results of this analysis assist us in adapting our newsletter to customise future offers better to our customers’ interests. This analysis is lawful pursuant to Art. 6 (1) (f) GDPR as a legitimate interest in the optimisation and adaptation of our newsletter to better meet demand (permissible within the EU pursuant to: Art. 6 (1) (f) GDPR).
If you wish to reject the use of these data for analytical purposes, you must unsubscribe from the newsletter. We have entered into a Data Processing Agreement with the service provider to protect our customers’ data and to not disclose that data to third parties. This service provider is also registered with the “Privacy Shield” Program of the US Department of Commerce. The service provider is also obliged to observe the privacy protection provisions of the EU-US Privacy Shield, the legal framework for transatlantic transfer of data agreed between the European Commission and the United States of America.
Available here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2016.207.01.0001.01.ENG
More information on data processing by the service provider is available here: https://mailchimp.com/legal/privacy/
How to contact us
Hagen has appointed an individual responsible for Privacy and Data Privacy Matters. If you have any questions about your personal information, to make comments or to make a complaint, you may contact the person responsible for ensuring compliance with this Privacy Policy at data_priv@rchagen.com
Or write to:
Rolf C. Hagen Inc.,
20500 Trans-Canada Hwy
Baie d’Urfé, Québec
H9X 0A2
Canada
If you are from the EU or the EEA, the following applies:
-This company is the Controller for the processing of data on our online service pursuant to the General Data Protection Regulation (GDPR).
-Our EU representative pursuant to Art. 27 GDPR is: Kaschae Datenschutz & Compliance GmbH, An der Alster 62, 20099 Hamburg, mail@kaschae.de
Contact information for our company Data Protection Officer (DPO): datenschutzbeauftragter@rchagen.com