Data protection is important to us. With the following information we would like to inform you about the use of your data in the Tom Tailor CLUB.
1. RESPONSIBLE PARTY
If you register for the CLUB in the Tom Tailor online store or place an order in the online store or in the retail store using the CLUB ID, the controller responsible for processing your data within the meaning of the General Data Protection Regulation (GDPR) is
Tom Tailor E-Commerce GmbH
e Shop
Postbox 1700
31817 Springe
E-Mail: e-shop.eu@tom-tailor.com
Phone: +49 (0) 40-180 472 37* Mon. - Fri.: 09:00 to 17:00 CET/CEST
If you shop in the Tom Tailor Store using the CLUB ID, the controller responsible for processing your data within the meaning of the General Data Protection Regulation is
The two aforementioned controllers are subsidiaries of
Tom Tailor GmbH Garstedter Weg 14 22453 Hamburg E-Mail: e-shop.eu@tom-tailor.com Phone: +49 (0) 40-180 472 37* Mon. - Fri.: 09:00 to 17:00 CET/CEST
All three companies (hereinafter: Tom Tailor) are joint controllers within the meaning of Article 26 GDPR as far as the processing of personal data in connection with the CLUB is concerned. This information on data protection also reflects the essence of the agreement reached between the controllers (Art. 26 para. 2 sentence 2 GDPR).
In principle, the controllers have designated Tom Tailor E-Commerce GmbH as the common point of contact for data subjects and we would be pleased if you would contact them to exercise your data protection rights. However, you are free to contact any of the controllers individually (Art. 26 (3) GDPR).
2. DATA PROTECTION OFFICER
The data protection officer of all three controllers can be contacted at
c/o migosens GmbH Wiesenstr. 35 45473 Mülheim an der Ruhr E-Mail: dsb-tom-tailor@migosens.net Tel: 0208 99395110
3. LEGAL BASIS OF THE PROCESSING
Insofar as we obtain your consent for the processing of your personal data, Art. 6 para. 1 sentence 1 lit. a) GDPR serves as the legal basis.
When processing your personal data to fulfill our contract, Art. 6 para. 1 sentence 1 lit. b) GDPR serves as the legal basis.
Insofar as the processing of your personal data is necessary to fulfill a legal obligation to which we are subject, Art. 6 para. 1 sentence 1 lit. c) GDPR serves as the legal basis.
If the processing of your personal data is necessary to protect our legitimate interests, Art. 6 para. 1 sentence 1 lit. f) GDPR serves as the legal basis.
4. REGISTRATION FOR THE CLUB
You can register for the CLUB as part of the online registration process in the Tom Tailor online store or in a participating Tom Tailor store.
Data such as your title, your name, your e-mail address and, if applicable, your address will be collected, Your date of birth, your telephone number/mobile phone number. We also process other contract master data such as notices of termination, customer number, loyalty points, consents given, etc.
The processing of your personal data is necessary for participation in the CLUB, e.g. for setting up and providing your CLUB account.
The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. b) GDPR.
5. MANAGEMENT OF THE CLUB ACCOUNT
When you shop in the Tom Tailor online store or in a Tom Tailor store, we process personal data such as place and date of purchase, information on purchased/returned goods including their individual and total prices, participation in promotions and use of vouchers.
The processing of your personal data is necessary for the operation of the CLUB, e.g. the management of your CLUB account, and also includes your customer history, such as transaction data, sales figures, location of the transaction, receipt contents, time of purchase, use of points (benefits, vouchers, etc.), level.
The processing of this data is also used to inform you about your points balance, level information (promotion or relegation, etc.), impending expiry of points and similar contract-relevant information by email or, if applicable, by app or SMS (so-called push messages).
The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. b) GDPR.
6. NEWSLETTER
When you register for the CLUB in the Tom Tailor online store or in the Tom Tailor stores, you have the option of receiving general advertising tailored to your individual purchasing behavior, in particular newsletters by e-mail, SMS and telephone promotions from Tom Tailor.
Data such as your name, your e-mail address or your telephone number/mobile phone number will be used to send you advertising and to contact you.
This data is processed on the basis of your consent. Consent is obtained as part of the registration process with reference to this privacy policy. If you withdraw your consent, the data will be deleted unless there is a need for further storage of the data, e.g. due to legal requirements.
If you are already a CLUB member or would like to become one in the future, we would like to tailor this advertising approach to your individual interests and product preferences and create a personal user profile for this purpose based on the personal data provided by you and stored in your CLUB account.
If you give your consent to the above processing, you agree that Tom Tailor may create and use the aforementioned personal user profile to send you individualized advertising. In order to recognize which of our offers are of particular interest to you, we analyze and process all of the above-mentioned information, in particular your customer history. The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. a) GDPR.
You can revoke your consent to the processing of your data at any time by sending a message to
e-shop@tom-tailor.de
or to
Tom Tailor E-Commerce GmbH eShop Postbox 170031817 Springe
with effect for the future. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
7. ADVERTISING BY POST
We use the data you provide when registering for the CLUB to send you advertising (e.g. information about special offers, discount promotions, etc.) by post.
The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. f) GDPR. The direct advertising sent by us, e.g. in the form of discount promotions or special offers, represents an economic interest for us and thus a legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.
8. OPTIMIZATION OF OUR OFFER
We want to constantly improve our offer and tailor it to your needs. We therefore also use the above-mentioned information to measure reach and improve our product and service offering. Your profile is analyzed together with all other profiles, but without being able to draw any direct conclusions about your person.
The legal basis for this type of processing of your personal data is Art. 6 para. 1 sentence 1 lit. f) GDPR, whereby our legitimate interest lies in the economic optimization of our processes and our product range.
9. SOURCE OF THE PERSONAL DATA
If we have not collected your personal data directly from you, it comes exclusively from one of the above-mentioned companies involved in the implementation of the CLUB.
10. RECIPIENTS OF THE PERSONAL DATA
Your personal data will only be processed by the above-mentioned joint controllers of the Tom Tailor Group for internal administrative purposes and by processors commissioned by us. The personal data will not be transferred to recipients in a third country. The loyalty management software we use is operated exclusively within the EU and data storage takes place on EU servers. However, in unintended exceptional cases of a technical nature, Tom Tailor may have to submit a support request to the software manufacturer, a processor in the USA. If, in exceptional cases, a personal reference cannot be avoided, Tom Tailor has concluded so-called EU standard data protection clauses with this service provider, which is also certified according to the Transatlantic Data Privacy Framework (TA DPF), so that your data remains protected by suitable guarantees within the meaning of the GDPR in this case as well.
11. DURATION OF DATA STORAGE
Your personal data will be deleted as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which we are subject. The data will also be deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
12. RIGHT OF ACCESS, RIGHT TO RECTIFICATION, RESTRICTION OF PROCESSING, DATA PORTABILITY, ERASURE, OBJECTION AND WITHDRAWAL OF CONSENT
You have various rights under the GDPR, which arise in particular from Art. 15 to 18, 21 GDPR.
You can request information about your personal data processed by us in accordance with Art. 15 GDPR. In your request for information, you should specify your request in order to make it easier for us to compile the necessary data. Please note that your right to information may be restricted under certain circumstances in accordance with the statutory provisions (in particular Section 34 BDSG).
If the information concerning you is not (or no longer) correct, you can request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
You can request the erasure of your personal data under the conditions of Art. 17 GDPR. Your right to erasure depends, among other things, on whether the data concerning you is still required by us to fulfill our legal obligations.
Within the framework of the provisions of Art. 18 GDPR, you have the right to request that the processing of the data concerning you be restricted.
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format within the scope of data portability in accordance with Art. 20 GDPR.
In accordance with Art. 21 GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. However, we cannot always comply with this, e.g. if legal regulations oblige us to process data as part of our task fulfillment.
To exercise your rights, please contact Tom Tailor E-Commerce GmbH, as your rights are also to be implemented there. You can also contact the data protection officer directly, especially if your request requires a higher level of confidentiality.
13. EXISTENCE OF A RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection regulations. The data protection supervisory authority responsible for us is
The Hamburg Commissioner for Data Protection and Freedom of Information Ludwig-Erhard-Str 22, 7. OG 20459 Hamburg Tel.: 040 428544040 Fax: 040 428544000 E-Mail: mailbox@datenschutz.hamburg.de