Big Summer Sale Up to 65% off. Strike now.

Data protection

Our privacy policy is currently available in German only. These can be found at https://www.tennis-point.de/datenschutz/
A national translation will be added soon. Below you will find a machine translated version in your local language:

I. How to contact with

These instructions apply to the data processing operations by:

Tennis-Point Europe GmbH
Hans-Böckler-Str. 29-35
33442 Herzebrock-Clarholz
Germany
E-Mail: 
info@tennis-point.co.uk
Telefon: 
+44 (0) 2033 182 147
https://www.tennis-point.co.uk/

The data protection officer of Tennis-Point is available at the above address, for the attention of the data protection officer, or by e-mail at datenschutz@tennis-point.de.

If you are located in the United Kingdom, you may also contact our UK data protection representative according to Art. 27 GDPR:

DP Data Protection Services UK Ltd., Attn: Tennis-Point
16 Great Queen Street, Covent Garden, London, WC2B 5AH

https://www.dp-dock.com/

tennis-point@gdpr-rep.com

II. Processing of personal data and the nature and purpose

1. Webhosting

For the provision of this website, we use the web hosting service Salesforce Commerce Cloud of Salesforce.com. Inc, The Landmark @ One Market, Suite 300, San Francisco, CA 94105 (hereinafter "Salesforce").

Salesforce stores this website on its servers (hosting). The provision of this website requires the commissioning of a web hosting service. The use of Salesforce takes place in accordance with Art. 6 para. 1 p. 1 lit. f GDPR due to our legitimate economic interest in making our offer available on this website. 

In connection with the hosting, Salesforce processes personal data on our behalf, which is generated during the following actions of the user:

  • when visiting our website;
  • in the context of an order in our online shop;
  • when creating and using a customer account;
  • when using our re-available function;
  • in connection with the use of the contact form;
  • in connection with our newsletters.

We have entered into a data processing agreement with Salesforce for the use of Commerce Cloud. Through this contract, Salesforce assures that they process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject. For the USA, an adequacy decision of the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this Privacy Policy). Salesforce has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles. Furthermore, the forwarding of personal data to Salesforce takes place on the basis of Salesforce's binding internal data protection regulations pursuant to Art. 46 para. 2 lit. b, 47 GDPR (so-called Corporate Binding Rules) as well as the standard data protection clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR. Both sets of rules are anchored in the Salesforce Data Processing Addendum, which we have concluded with Salesforce. In addition, the Salesforce Commerce Cloud is certified by reliable security standards, including PCI-DSS, SOC2, ISO 27001.

For more information on data protection in relation to Salesforce Commerce Cloud, please see the Salesforce Privacy Statement.

2. When visiting our website

When you visit our website https://www.tennis-point.co.uk/, information is automatically sent to our website server by the browser used on your device. This information is temporarily stored in a so-called log file. The following information is collected and stored without your intervention and deleted from the log files after 14 days:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the file accessed,
  • Website from which access was made (referrer URL),
  • Operating system of the requesting computer,
  • Browser type and version as well as additional information transmitted by the browser (such as the operating system of your computer).

The aforementioned data is processed by us for the following purposes:

  • to ensure of a smooth connection set-up of the website,
  • to ensure of a comfortable use of our website,
  • to evaluate the system security and stability,
  • to the detection and prevention of attacks on our website,
  • for the continuous improvement of the website as well as
  • for other statistical and administrative purposes.

The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data processing purposes listed above. In the event of an attack on our network infrastructure, we will evaluate your collected IP address in order to assert or defend legal claims.
In addition, we use cookies and analysis services when you visit our website. You can find more detailed explanations on this under sections IV and V of this data protection declaration.

3. In the context of an order in our online shop

If you would like to order products as a guest or as a registered customer on our website, we will process the following mandatory information:

  • Salutation, first name, last name,
  • a valid email address,
  • Billing and delivery address
  • Depending on the payment method you have selected, payment data (e.g., credit card number), if applicable.

These data are processed,

  • to identify you as our contract partner;
  • to check the entered data for plausibility;
  • to process payments and ship your order;
  • for advertising purposes and, if necessary, for the personalization of advertising measures;
  • to process any existing warranty claims and to assert any claims against you.

Within the scope of your order we work with

parcelLab GmbH Landwehrstr. 39 80336 Munich as well as Emarsys Interactive Services GmbH, Willi-Schwabe-Str. 1, 12489 Berlin

as a service provider for logistics and transaction notifications, to whom we transmit the data required for shipping and any returns, including your e-mail address for notifications of tracking numbers and, if applicable, receipt of returns, etc. The service provider has been carefully selected and commissioned by us, is bound by our instructions and is regularly checked, in particular with regard to the appropriate technical and organisational measures for data security. No data is transferred to countries outside the EEA.

The data processing is carried out at upon your request and is necessary for the fulfilment of the contract and for other pre-contractual measures as well as our legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. b and lit. f GDPR for the aforementioned purposes.

The personal data processed by us for the order will be stored until the expiry of the legal warranty obligation and then automatically deleted, unless we are obliged to store the data for a longer period of time in accordance with Art. 6 para. 1 p. 1 lit. c GDPR due to tax and commercial law retention and documentation obligations (from German Commercial Code (HGB), German Criminal Code (StGB) or German Tax Code (AO)) or you have consented to storage beyond this in accordance with Art. 6 para. 1 p. 1 lit. a GDPR.

4. When creating a customer account

We offer you the possibility to create a customer account with us. For the registration and the creation of the customer account, we need the following mandatory information:

  • salutation, first name, last name,
  • a valid email address,
  • billing and delivery address
  • password.

In addition, you can voluntarily provide further information (such as your date of birth). These data are processed,

  • to be able to identify you as our customer;
  • to check the entered data for plausibility;
  • to personalize advertising measures;
  • to process any present warranty claims and to assert any claims against you.

We work with

Emarsys Interactive Services GmbH, Willi-Schwabe-Str. 1, 12489 Berlin (hereinafter "Emarsys")

as a specialized service provider for customer relation management to documentation, administrative and marketing purposes together, the we your master data (title, first and last name, postal code, location, email address) send. This service provider was selected by our careful and commissioned, is bound to our instructions and will be checked regularly, particularly with regard to the appropriate technical and organisational measures for data security. A data transmission in non-EEA countries does not take place.

Data processing is carried out at your request and in the manner. Art. 6 para. 1 S. 1 lit. b and lit. f GDPR for these purposes for the fulfilment of the contract and other pre-contractual measures and because of our legitimate interests required.

We store the personal data collected by us for registration and enrolment until you request the deletion of your account against us. In the case of deletion desire, we only provide the required information about your orders, unless a further storage on basis of art. 6 para. 1 S. 1 lit b GDPR to the performance of the contract is necessary or we referred to in Art. 6 paragraph 1 p. 1 lit. c GDPR due to tax and commercial storage and documentation requirements (from German Commercial Code (HGB), German Criminal Code (StGB) or German Tax Code (AO)) for a longer storage are required.

5. In the context of using the available again function

If your desired item is out of stock, you can use our available again function to be notified as soon as the item is available again. To do this, you have to enter your name and your email address.

The Data processing is carried out in response to your request and is required in accordance with Art. 6 para. 1 p. 1 lit. b GDPR and is necessary as pre-contractual measures.

The personal data collected by us will be deleted after completion of your request, unless we have to retain it due to the nature of your request, or we are obliged to retain it for a longer period of time in accordance with Art. 6 para. 1 p. 1 lit. c GDPR due to tax and commercial law retention and documentation obligations (from German Commercial Code (HGB), German Criminal Code (StGB) or German Tax Code (AO)) for a longer storage are required.

6. In the context of using our contact form / customer service

You can send us general enquiries via the contact form provided on our site. We will ask you for your first and last name and a valid e-mail address. We need this information to be able to answer your enquiry.

Additional personal information, such as your address, an order number or your telephone number, is not collected unless you provide this information voluntarily.

Data processing for the purpose of contacting us is carried out in response to your request and on the basis of Art. 6 para. 1 p. 1 lit. b GDPR or to protect our legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest is to be able to respond to enquiries from our customers and thus to ensure a functioning customer service.

The personal data collected by us for the use of the contact form will be deleted after the enquiry you have made has been dealt with, unless we have to retain it due to the nature of your enquiry or we are obliged to retain it for a longer period pursuant to Art. 6 para. 1 p. 1 lit. c GDPR due to obligations to retain and document data under tax and commercial law (from German Commercial Code (HGB), German Criminal Code (StGB) or German Tax Code (AO)).

a. Freshdesk Service

In order to process your enquiry, we work together with the specialised provider namend below, to whom we transfer the personal data required for this purpose:

Customercare via Freshworks Inc, 2950S. Delaware Street, Suite 201 San Mateo, CA 94403 (hereinafter "Freshdesk").

This service provider was carefully selected and commissioned by us, is bound by our instructions and is regularly monitored, in particular with regard to the appropriate technical and organisational measures for data security. Salesforce uses servers in Europe for this purpose; no data is transferred to the USA. Further information on data protection at Freshdesk can be found at: https://www.freshworks.com/privacy/data-hosting/.

b. Salesupply

For customer support, we work together with the following specialised service provider, to whom we transfer the personal data required for this purpose:

Salesupply Customer Service of Salesupply Deutschland GmbH, Dr.-Detlev-Karsten-Rohwedder-Str. 17, 47228 Duisburg (hereinafter "Salesupply").

We have concluded an order processing contract with Salesupply. Through this contract, Salesupply assures that they process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject.

7. In connection with our newsletters

As a customer or prospect, we would like to send you our newsletter. If you are not a customer of ours but would still like to receive our newsletter, we only need your e-mail address and information about whether you would like to be informed about products for women or for men. In addition, you can voluntarily provide us with your first and last name so that we can address you personally. The newsletter is sent on the basis of your explicit consent (Art. 6 para. 1 p. 1 lit. a GDPR). If you register for our free newsletter, we will regularly inform you about new products, valuable tips and news as well as exclusive offers from the Sport-Point Group. After registering, you will receive an email with a confirmation link, which you click to finalise your registration.
If you already are a customer, we will send you on the basis of Art. 6 para. 1 S. 1 lit. f, GDPR and our legitimate interests, to inform you about current product recommendations (direct marketing).

For the personalisation of the newsletter, we use the following specialized service provider, to whom we transfer the personal data (email address) required for this purpose, as well as customer data if you have created a voluntary customer account with us:

Emarsys Interactive Services GmbH, Willi-Schwabe-Str. 1, 12489 Berlin (hereinafter "Emarsys")

With Emarsys, we can measure and evaluate the behaviour of our registered customers and newsletter recipients. This includes the opening, click, bounce, delivery, unsubscribe and conversion rate. The evaluation also takes place through cookies or pixel tags, which collect information such as the IP address, browser type/version, e-mail client and time of retrieval. This also allows the tracking of who opens the e-mail and clicks on links contained therein. The analysis of user behaviour is carried out for the purpose of recognising reading habits and aligning content accordingly, measuring the success of e-mail campaigns and improving our offering, namely to present you with relevant and targeted offers base on your interests. No data is transferred to countries outside the EEA.

You can contradict the personalisation of the newsletter at any time by sending us an e-mail to datenschutz@tennis-point.de. If you do so, we will no longer carry out any further personalisation, but may continue to send you our general newsletter.

Furthermore, it is also possible to unsubscribe from our newsletters completely at any time, e.g. via a link at the bottom of each newsletter. Alternatively, you can send your unsubscribe request at any time by e-mail to info@tennis-point.com. Your personal data processed in this context, which is exclusively used for sending the newsletter, will be deleted immediately after you unsubscribe, but we retain the fact that you have objected to and your e-mail address so that we do not send you newsletter accidentally in the future.

8. For the prevention and analysis of click fraud

On our website, we use the service Ads Defender of the

Hurra Communications GmbH, Wollgrasweg 27, 70599 Stuttgart, Germany (hereinafter "hurra.com").

Ads Defender is used to analyse and prevent click fraud on our advertisements. Click fraud occurs when clicks on advertisements are generated by automatic tools or multiple clicks on advertisements are probably not due to genuine user interest.

The legal basis for the use of Ads Defender is Art. 6 para. 1 lit. f GDPR. There is a legitimate interest in monitoring and preventing fraudulent activities through click fraud and ensuring the proper functioning of our systems.

In the analysis by Ads Defender, the following personal data is collected and stored when advertisements are clicked: IP address, information on the browser used, information on the operating system, location information, referrer URL, further online identifiers such as click and cookie IDs, duration of use as well as time of access and information on interactions with advertising material and our website.

If Ads Defender detects conspicuous behaviour and there is a suspicion of click fraud, these IP addresses may be transmitted to Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). In the case of Google services, data may be transmitted to the USA.

Further information on data protection at hurra.com can be found at: https://privacy.hurra.com.

III. Disclosure of data to third parties

Insofar as this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 p. 1 lit. b GDPR, your personal data is passed on to third parties.

1. For payment processing

This includes the transfer of payment data to payment service providers or credit institutions in order to carry out a payment transaction. For the processing, it may be necessary for us to forward the personal data collected in the payment process, such as name, address, telephone number, e-mail address, credit card or bank account data and transaction data to the payment service provider. However, payment service providers usually collect this data themselves. The data passed on may be used by the third party exclusively for the purposes stated.

In the context of the fulfilment of the contract pursuant to Art. 6 para. 1 p. 1 lit. b GDPR, we use the payment service provider listed below for the processing of payments.

a. Credit card payments

When paying by credit card (Visa/MasterCard), the payment data you enter will be collected and stored in accordance with Art. 6 para. 1 p. 1 lit. b GDPR by

Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereafter “Stripe”)

and only passed on to the companies involved in the payment process. By paying by credit card, you accept the terms and conditions of the payment provider. In this case, we do not collect or store the payment data.

Further information on this can be found in the data protection regulations of your credit card company.

b. Payment with PayPal

We offer payment processing by means of the payment service provider

PayPal PayPal (Europe) S. s.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, l 2449 Luxembourg (hereinafter "PayPal")

If you pay with your PayPal account, you will be redirected to the PayPal website. There you can log in with your account details and instruct the payment. If you choose the payment options "Debit", "Credit card" or "Purchase on account", you will also be redirected to the PayPal website. There you can instruct the payment with or without a PayPal account by providing the payment information. We have no access to the personal data collected by PayPal. PayPal is responsible for their processing.
Further information on data protection in connection with PayPal, in
PayPal’s privacy policy.

 

c. Payment via Klarna

i. Klarna Pay Later

If you pay your order on account via Klarna, we will make an advance payment. When you select this payment option, your personal data will therefore be passed on by Stripe to:

Klarna GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "Klarna").

(see Klarna's privacy policy at: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy) for the purpose of assessing our credit risk.

Klarna has the credit risk assessed by credit agencies and receives information and, if necessary, creditworthiness information based on mathematical-statistical methods (scoring), the calculation of which includes, among other things, address data and your date of birth. Klarna works together with the following credit agencies:

  • Deltavista GmbH, Freisinger Landstraße 74, 80939 Munich, Germany, tel.: +49 (0)721-25511-777
  • Creditreform Boniversum GmbH, Hellersbergstraße 11, D-41460 Neuss, Germany, tel.: +49 (0)2131-109-501, Fax: -557
  • infoscore Consumer Data GmbH, Rheinstrasse 99, D-76532 Baden-Baden, Germany, tel.: +49 (0)7221-5040-1000, Fax: -1001
  • Bürgel Business Information GmbH & Co. KG, Gasstrasse 18, D-22761 Hamburg, Germany, tel.: +49 (0)40-89803-0, Fax: -777
  • Deutsche Post Direkt GmbH, Junkersring 57, 53844 Troisdorf, Germany
  • Regis24 GmbH, Wallstrasse 58, D-10719 Berlin, Germany, tel.: +49 (0)30 44350-240, Fax: -249
  • CRIF Bürgel GmbH, Radlkoferstrasse 2, D-81373 Munich, Germany, tel.: +49 40 89803-0, Fax: -777/ 778
  • SCHUFA Holding AG, Kormoranweg 5, D-65201 Wiesbaden, Germany,  (information about your stored data can be obtained from SCHUFA Holding AG, Consumer Service, P.O. Box 5640, 30056 Hannover, Germany).

The collection, storage and forwarding is therefore carried out for the purpose of checking your creditworthiness and in our interest in preventing payment default as well as fraud prevention on the basis of Art. 6 para. 1, p. 1 lit. f GDPR. Based on this information, a statistical probability of a credit default and thus your solvency (credit rating) is calculated. If the creditworthiness check is positive, an order on account is possible. If the creditworthiness check is negative, our shop system will not allow you to pay on account. The decision as to whether an order is also possible on account is based solely on an automated decision by our online shop system, which is carried out by Klarna or the credit agencies commissioned by it, so that a manual check of your documents by one of our employees does not take place separately.

Insofar as we make automated decisions with legal effect, you have the right to receive information about the logic involved, as well as the scope and intended effects of this data processing. You can have the automated decision reviewed against us, stating your point of view, and have the right to human intervention by us. To do so, please contact shop@klarna.com.

ii. Klarna Pay Now

1. Klarna Sofort – direct payment

If you pay your order by “Sofort”, you only need your account number, BIC or bank code, and the PIN and TAN of your online banking account. During the order process you will be automatically redirected to a secure payment form of Klarna Bank AB ("Klarna"). Immediately afterwards, you will receive confirmation of the transaction. Thereupon, we directly receive the transfer credit. Anyone who has an activated online banking account can use “Sofort” as a payment method. Please note that a few banks do not yet support payment by “Sofort”.

2. Klarna direct debit

If you select the direct debit payment method when placing your order, you must provide your account details (IBAN and BIC), which will be passed on to Klarna. The payment amount is due for payment by direct debit upon conclusion of the contract and will be debited by Klarna from your specified account. The debit will take place after the goods have been dispatched. You will be informed of the date by e-mail. The direct debit payment method requires, among other things, a successful identity and credit check (see III. 1. e. i.).

iii. Klarna Pay over time ("Payment by instalment")

If you select payment by instalment as a payment option for your order, your personal data will be passed on by Stripe to Klarna for the purpose of identity and credit checks.

Klarna has an assessment of the credit risk carried out by credit agencies and receives information and, if necessary, creditworthiness information based on mathematical-statistical methods (scoring), the calculation of which includes, among other things, address data and your date of birth. For the exact procedure, please see III. 1. e. i. There you will find a list of credit agencies with which Klarna cooperates.

The personal data transmitted to Klarna are usually first name, last name, address, date of birth, gender, e-mail address, IP address, telephone number, mobile phone number and other data necessary for the processing of an instalment purchase. In order to decide on the establishment, execution or termination of a contractual relationship, Klarna collects and uses data and information about the past payment behaviour of the data subject as well as probability values for this behaviour in the future (so-called scoring). The scoring is calculated on the basis of scientifically recognized mathematical-statistical methods.

Insofar as we make automated decisions with legal effect, you have the right to receive information about the logic involved, as well as the scope and intended effects of this data processing. You can have the automated decision reviewed against us, stating your point of view, and have the right to human intervention by us. To do so, please contact shop@klarna.com. 

2. For the dispatch of your order

In order to be able to dispatch your order in our shop (Art. 6 para. 1 p. 1 lit. b GDPR) as well as due to our legitimate interests in making the delivery as uncomplicated and smooth as possible for you (Art. 6 para. 1 p. 1 lit. f GDPR), we transmit your data which you have given as the delivery address as well as your e-mail address to delivery service providers who transport your consignment, exclusively for the purpose of delivering the goods and for the purpose of individualised notification of the delivery of goods. If it is necessary to coordinate a delivery date, for example in the case of forwarding goods (Art. 6 para. 1 p. 1 lit. b GDPR) and you have provided us with your telephone number, we will also transmit this to the delivery service providers who transport your consignment, solely for the purpose of coordinating a delivery date. These service providers are subject to postal secrecy.

3. For customer evaluation requests

a. Trusted Shops ratings

The Trusted Shops trust badge is integrated on this website to display our Trusted Shops seal of approval and the Trusted Shops products for buyers after an order.

This serves to protect our legitimate interests in the optimal marketing of our offer (Art. 6 para 1 p. 1 lit. f GDPR). The trust badge and the services advertised with it are an offer of the

Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany (hereinafter “Trusted Shops”).

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which contains, for example, your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. This access data is not evaluated and is automatically overwritten at the latest seven days after the end of your visit to the site.

Further personal data is only transferred to Trusted Shops if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. In this case, the contractual agreement between you and Trusted Shops applies.

b. Google reviews

You have the opportunity to evaluate the purchase process on our website through the survey by Google Customer Reviews. If you expressly agree to participate in Google Customer Reviews (Art. 6 para. 1 p. 1 lit. a GDPR), a survey will be sent to you by Google after delivery of the order. To do this, we provide the following information about your order

  • Order ID
  • Your e-mail address
  • The country to which the order will be delivered
  • The delivery date of your order, as well as
  • The global trade item number to assign the review data to one of our articles

to

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (hereinafter “Google”).

For the USA, an adequacy decision of the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this privacy policy). Google has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles. Furthermore, the processing of personal data by Google takes place under Google’s own responsibility on the basis of the standard data protection clause of the European Commission in accordance with Art. 46 para. 2c GDPR. Google has also implemented extensive technical and organisational measures designed to protect personal data against accidental or unlawful destruction or accident loss, damage, alteration, unauthorised disclosure or access. These Google measures are certified in accordance with the ISO/IEC 27001:2013 standard.

You can withdraw your consent once given to us at any time. This has the consequence that we may  no longer continue the data processing described above, which is based on this consent, in the future. Further information on Google’s data protection in connection with the Google Customer Reviews programme can be found here.

c. Trustpilot

To improve our service, we use the review  portal Trustpilot, operated by:

Trustpilot A/S, Pilestraede 58, 5th floor, 1112 Copenhagen, Denmark (hereinafter “Trustpilot”).

For each order placed via our website, an invitation to submit a review is generated. For this purpose, your surname, first name, e-mail address and a reference number (order number for unique assignment) are transmitted to Trustpilot. This data is neither used by Trustpilot itself nor passed on to third parties. The verification of the review is carried out on the basis of the reference number (order number) by means of a specially generated link. The submission of a review is voluntary.

In order to submit a review or to record customer feedback, it is necessary to create/open a user profiler on Trustpilot. In addition to a review for the inviting company, reviews can then also be entered for any company on the Trustpilot review portal.

If a review is submitted by clicking on the link contained in the invitation, a user profile is automatically created on Trustpilot after entering the personal data (name and e-mail address for verification). This is accompanied by agreement to the data protection provisions and general terms and conditions of Trustpilot. These can be viewed on the Trustpilot website at:

https://uk.legal.trustpilot.com/for-reviewers/end-user-privacy-terms

The transmission of your personal data for the delivery of evaluation e-mails after ordering in our online shop is carried out in order to protect our legitimate interests on the basis of Art. 6 para. 1 p. 1 lit. f GDPR.

d. Product reviews via Bazaarvoice

We use the services of Bazaarvoice Inc. 10901 Stonelake Blvd. Austin, Texas 78759, USA (www.bazaarvoice.com) in order to determine your product satisfaction. We also process your e-mail address and purchase details to send you an e-mail in which we ask you to review your purchase. This data processing is necessary for the protection of our legitimate interests of the product evaluation within the meaning of Art. 6 para. 1 p. 1 lit f GDPR.

Bazaarvoice is certified in accordance with the TADPF and is therefore committed to complying with European data protection principles. There is also a contract in place in accordance with the EU standard contractual clauses to ensure an appropriate level of data protection when transferring personal data to third countries.

4. For voucher offers of Sovendus GmbH

In order to select a voucher offer that is currently of interest to you, we will send the hash value of your e-mail address and your IP address in pseudonymised and encrypted form to

Sovendus GmbH, Moltkestr. 11, 76133 Karlsruhe, Germany (hereinafter “Sovendus”),

according to Art. 6 para. 1 lit. f GDPR.

The pseudonymous hash value of the e-mail address is used by Sovendus to take into account any objection to advertising (Art. 21 para. 3, Art. 6 para. 1 p. 1 lit. c GDPR). The IP address is used by Sovendus exclusively for data security purposes and is usually anonymized after seven days (Art. 6 para. 1 p. 1 lit. f GDPR). In addition, we transmit the order number, order value with currency, session ID, coupon code and timestamp to Sovendus in pseudonymised form for billing purposes (Art. 6 para. 1 p. 1 lit. f GDPR). If you are interested in a voucher offer from Sovendus, if there is no advertising objection to your e-mail address and if you click on the voucher banner that is only displayed in this case, we will transmit your title, name and e-mail address in encrypted form to Sovendus for the preparation of the voucher (Art. 6 para. 1 lit. b, f GDPR).

For further information on the processing of your data by Sovendus, please see the online data protection information here.

5. For the integration of the trusted shops Trustbadge

The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops Trustmark and the collected reviews as well as to offer Trusted Shops products to buyers after they have placed an order.

This serves to protect our legitimate prevailing interests in the context of a balancing of interest in optimal marketing by enabling secure shopping in accordance with Art. 6 para. 1 lit. f GDPR. The Trustbadge and the services advertised with it are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany (hereinafter “Trusted Shops”). The Trustbadge is made available by a CDN provider (Content-Delivery-Network) as part of data processing. Trusted Shops also uses service providers from the USA. An adequate level of data protection is ensured. Further information to the data protection of Trusted Shops can be found here: https://www.trustedshops.co.uk/imprint/.

When the Trustbadge is called up, the web server automatically saves a server so-called log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. Individual access data are stored in a security database for the analysis of security anomalies. The log files are automatically deleted 90 days after creation at the latest.

Further personal data is transferred to Trusted Shops if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. The contractual agreement between you and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data. Whether you are already registered as a Trusted Shops customer is automatically checked using a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted to this hash value, which cannot be decrypted by Trusted Shops before it is transmitted. After checking for a match, the parameter is deleted automatically.

This is necessary for the fulfilment of our and Trusted Shops' legitimate prevailing interests in the provision of the buyer protection linked to the specific order and the transactional review services in accordance with Art. 6 para. 1 p. 1 lit. f GDPR. Further details, including your right to object, can be found in the Trusted Shops Privacy Policy linked above and within the Trustbadge.

6. If you click on embedded YouTube videos

We use components (videos) of the company YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, United States (hereinafter “YouTube”), a company of the

Google LLC, Amphitheatre Parkway, mountain view, CA 94043, United States (hereinafter "Google"),

on our website on the basis of Art. 6 para. 1 p. 1 lit. f GDPR and our legitimate interests in making our website presence interesting for you.

We use the “Privacy Enhanced Mode” option provided by YouTube: when you access a page that has an embedded video, a connection is established to the YouTube servers and the content is displayed on the website by informing your browser. According to YouTube’s information, in “Privacy Enhanced Mode” your data – in particular which of our Internet pages you have visited as well as device-specific information including the IP address – is only transmitted to the YouTube server in the USA when you watch the video. You trigger this transmission by clicking on the video.

If you are logged in to YouTube at the same time, this information is assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website.

For the USA, an adequacy decision of the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this privacy policy). Google has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles. Furthermore, the processing of personal data by Google is carried out on the basis of the standard data protection clauses of the European Commission in accordance with Art. 46 para. 2c) GDPR. Google has also implemented extensive technical and organisational measures designed to protect personal data against accidental or unlawful destruction or accidental loss, damage alteration, unauthorised disclosure or access. These Google measures are certified to the ISO/IEC 27001:2013.

For more information on data protection in the context of YouTube, in the Google privacy policy.

7. For booking request for travels

Provided you have given us your express consent in accordance with Art. 6 para 1 lit. a GDPR, we will transmit the following data from the booking form to the tour operator Patricio Travel GmbH, Am Hafen 8, 94130 Obernzell, Germany, by e-mail:

  • Hotel details
  • Details of catering, travel duration, travel dates, number of persons and tennis courts
  • Details of travel protection

In addition, we will transmit the following data provided by you:

  • Salutation
  • First and last name
  • Club
  • Address (street, postcode, town, country)
  • Telephone number
  • A valid e-mail address
  • Remarks

The transmission of your data in the booking form is for the purpose of providing you with travel offers and information material tailored to your personal interests by Patricio Travel GmbH and to ensure that you can be contacted for a possible booking of a trip with Patricio Travel GmbH.

Patricio Travel GmbH may only use the data provided for the aforementioned purposes.

8. For other purposes

In addition, we disclose your personal data to third parties only, if:

  • You have given your express consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR,
  • in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 p. 1 lit. c GDPR, and
  • the disclosure is necessary in accordance with Art. 6 para. 1 p. 1 lit. f GDPR for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.

9. Information on possible risks of data transfers to insecure third countries, in particular to the USA

A "third country" is a country outside the European Economic Area (EEA) in which the GDPR is not directly applicable. A third country is considered "unsafe" if the EU Commission has not issued an adequacy decision for this country in accordance with Art. 45 para. 1 GDPR, which confirms that there is adequate protection for personal data in the country. On 10 July 2023, the EU Commission adopted the Trans-Atlantic Data Privacy Framework (TADPF), a new adequacy decision within the meaning of Art. 45 para. 1 GDPR for the secure transfer of data between the EU and the USA. The USA is therefore considered a so-called safe third country.

In this data protection information, we inform you when and how we transfer personal data to the USA or other unsafe third countries. We only transfer your personal data if the recipient is certified under the TADPF or if

  • the recipient provides sufficient guarantees in accordance with Art. 46 para. 1 GDPR for the protection of personal data; or
  • you have expressly consented to the transfer after we have informed you of the risks in accordance with Art. 49 para. 1 lit. a GDPR; or
  • the transfer is necessary for the performance of contractual obligations between you and us (Art. 49 para. 1 lit. b GDPR); or
  • another exception from Art. 49 GDPR applies.

Guarantees according to Art. 46 para. 1 GDPR ca be so-called Binding Corporate Rules, i.e. binding internal data protection regulations of a provider agreed with the supervisory authorities, according to Art. 46 para. 2 lit. b GDPR, so-called standard data protection clauses issued by the European Commission pursuant to Art. 93 para. 2 GDPR may be considered as suitable safeguards. In these standard data protection clauses, the recipient assures to sufficiently protect the data and thus to guarantee a level of protection comparable to the GDPR. We ensure beforehand that the recipient can also fulfil the agreed guarantees.

IV. Cookies and pixel tags

1. What are cookies and pixel tags?

We use our cookies on our site. These are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.), when you visit our site. Cookies do not cause any damage to your device and do not contain any viruses, trojans or other malware.

Information is stored in the cookie that is related to the specific device used. However, this does not mean that we gain direct knowledge of your identity.

We use pixel tags (also called as web beacons or tracking pixels) as part of our online services. Pixels are small graphics that are integrated into the HTML code of our site. The pixel tag itself does not store or change any information on your device, so pixels do not cause any damage to your device and do not contain viruses, trojans or other malware.

Pixel can send personal data such as your IP address, the referrer URL of the visited site, the time at which the pixel was viewed, the browser used, as well as previously set cookie information to a web server. This makes it possible to carry out range measurements and other statistical evaluations, which serve the optimisation of our offer.

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. Thus, we use so-called session cookies, to recognise that you have already visited individual pages of our website, that you have already logged into your user account or to display the shopping cart. These are automatically deleted after you leave our site.

Furthermore, in order to optimise the user experience, we also use temporary, so-called comfort cookies, which are stored on your device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognised that you have already been to our site and which entries and settings you have made so that you do not have to enter them again. As a rule, these are deleted after a maximum of 30 days. Only those comfort cookies that relate to language settings are stored for 365 days.

On the other hand, we use cookies and pixel tags within the framework of third-party tools to statistically record the use of our website and to evaluate it for the purposes of optimising our offer for you (see V.). These analysis, tracking-and targeting cookies enable us to automatically recognise that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time.

2. What is the legal basis for processing using cookies and pixel tags?

The legal basis for processing personal data using cookies and pixel tags depends on the category of cookies and pixel tags used. The use of cookies that are necessary to maintain the functions of the website are used by us to protect our legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f GDPR; our legitimate interest is to offer a website that functions smoothly and is appealing in terms of design. All other cookies that are not required to maintain the functions of the website are only used by us with your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can give this consent via our cookie consent tool or revoke it at any time with effect for the future. You have the option of either agreeing to the use of all cookie categories or making an individual selection.

3. Consent management with OneTrust

Our website uses the consent managent service OneTrust of OneTrust LLC, Dixon House, 1 Lloyd’s Avenue, Loncon EC3N 3DQ, United Kingdom (hereinafter “OneTrust”). In this context, the date and time of the visit, browser information, consent information, device information and the IP address of the requesting device are processed. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR (legitimate interest). Obtaining and managing legally required consents is considered a legitimate interest in the sense of the aforementioned provision, as the interference with the rights of users as a result of the use of anonymised IP addresses and the involvement of a service provider based in Germany is very low. OneTrust stores consents and revocations on our behalf and on our instructions. The storage is based on Art. 6 para. 1 lif. F GDPR. Being able to comply with the accountability obligation pursuant to Art. 5 para. 2 GDPR is a legitimate interest. Further information on data protection at OneTrust can be found here.

V. Tracking and targeting

The tracking and targeting measures listed below and used by us are carried out if you have given us your consent for this (see IV. 3).

With the tracking measures used, we want to ensure a demand-oriented design and the continuous optimisation of our website. In addition, we use the tracking measures to statistically record the use of our website. Through the targeting measures used, we also want to ensure that you are only shown advertising on your terminal devices that is oriented to your actual or presumed interests.

The respective purposes of the data processing and data categories can be found in the description of the appropriate tracking tools.

1. AWIN

The advertising network of AWIN AG, Eichhornstraße 3, 10785 Berlin, Germany (hereinafter "AWIN") is used on our website based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Through AWIN, we can deliver advertising content and analyse the success of the campaigns.

Within this service, AWIN stores cookies on devices of users who visit our website for the purpose of documenting transactions (e.g., leads and sales). These cookies serve the sole purpose of correctly assigning the success of an advertisement medium and the corresponding billing within the advertising network. Only the information about when a particular advertising medium was clicked on by a device is place in a cookie and, in the case of an order, the order total, order ID, whether it is a new or existing customer and the time of the order are processed. In the tracking cookies, an individual sequence of numbers is stored, which cannot be assigned to the individual user, and with which

  • the affiliate program of an advertiser,
  • the publisher and
  • the time of the user’s action (click or view)

are documented.

Please note that after a possible deactivation of the display of personalised advertisements from AWIN and other advertising partners, you will continue to receive advertisements that are, however, less precisely tailored to your interests/your surfing behaviour. You can find more information on this in AWINs privacy policy.

2. Microsoft Advertising

We use conversion tracking from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This enables us to track the activities of users on our website if they have reached our website via adverts from Microsoft Advertising.

If you reach our website via a Microsoft Advertising advert, a cookie is placed on your computer. Microsoft stores data about the use of the website (e.g. length of visit, which areas of the website were accessed and which advert brought you to our website) and, in the case of an order based on this, the order value and the time of the order. Information about your identity is not recorded.

For the USA, an adequacy decision of the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this privacy policy). Microsoft has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles. In the event that personal data is transferred from Microsoft to the USA, this is also done on the basis of the standard data protection clauses of the European Commission in accordance with Art. 46 (2c) GDPR. Microsoft has also implemented extensive technical and organisational measures designed to protect personal data from accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access. These Microsoft measures are certified in accordance with the ISO/IEC 27001:2013 standard.

In addition, we have concluded an order processing contract with Microsoft for the use of Microsoft Advertising. Through this contract, Microsoft ensures that it processes the data in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the data subject.

If you do not wish to participate in the tracking process, you can also reject the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies. Further information on data protection and the cookies used by Microsoft Advertising can be found on the Microsoft website.

3. Econda Web Analytics

To optimise the website and the databases in the background, we use web analysis solutions from econda GmbH, Eisenlohrstr. 43, 76135 Karlsruhe (hereinafter "econda").

In the processes used, user profiles are created under a pseudonym. Cookies are also used for this purpose. Econda is authorised to use the "Certified Data Protection" seal of approval for the area of "Web Shop Controlling". The data collected using econda technology will not be used to personally identify you as a visitor to this website without your separate consent and will not be merged with directly personal data about the bearer of the pseudonym. For more information, please visit http://www.econda.de/.

4. Emarsys Webextend

Webextend tracking cookies/pixel tag: We use the cookie/pixel tag from Emarsys Interactive Services GmbH, Willi-Schwabe-Straße 1, 12489 Berlin, Germany (hereinafter "Emarsys Webextend") to create newsletters tailored to you and your interests. For this purpose, we use existing information, such as confirmation of receipt and reading of e-mails, information about your computer and connection to the Internet, operating system and platform, your surfing history, date and time of your visit to the homepage, products/articles you have viewed. We generally use this information in pseudonymised form, but may also use it to send you newsletters that correspond to your areas of interest.

If you do not wish to receive personalised advertising by newsletter, you can object to this at any time by sending an email to datenschutz@tennis-point.de. Alternatively, you can unsubscribe via the unsubscribe link at the bottom of each newsletter.

5. Meta Retargeting

We use advertising services from Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter "Meta"). A pixel tag from Meta is integrated on our website. This is a Java Script code that is used to store data about the use of the website. This includes your IP address, the browser used and the source and target pages. This information is transferred to Meta servers in the USA. There it is automatically checked whether you have saved a Meta cookie. During this process, neither we nor Meta will identify you personally by comparing the data. This enables us to display customised and interest-based advertising on the Meta services to certain groups of pseudonymised visitors to our website who also use Meta services.

For the USA, an adequacy decision of the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this data protection declaration). Meta has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles. The transfer of this information to the USA is also based on the standard data protection clauses of the European Commission pursuant to Art. 46 para. 2c) GDPR. Meta has also implemented extensive technical and organisational measures designed to protect personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access.

For more information about Meta's privacy, see the privacy policy of Meta.

Disable Meta tracking: Click here.

6. New Relic

We use the web analysis service New Relic for the statistical evaluation of visitor access, operated by New Relic, Inc, 188 Spear St, San Francisco, CA 94105, USA. New Relic collects and stores data from which user profiles are created under a pseudonym for the purpose of analysing visitor behaviour and improving the design of the website, as well as for optimisation and marketing purposes. New Relic uses cookies. These cookies are used to recognise the browser and thus enable a more precise determination of statistical data. New Relic will use this information to analyse your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage. New Relic will not associate your directly personal data with any other data held by New Relic. If you do not wish to participate in the tracking process, you can also reject the setting of a cookie required for this - for example, by changing your browser settings to generally deactivate the automatic setting of cookies.

An adequacy decision of the EU Commission is in place for the USA, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this privacy policy). New Relic has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles. Further details and information can be found in New Relic's privacy policy.

7. Tradedoubler

This website participates in partner programmes of Tradedoubler GmbH, Herzog-Wilhelm-Straße 26, 80331 Munich (hereinafter "TradeDoubler"), a service for integrating advertisements in the form of text links, image links, advertising banners or input masks. TradeDoubler uses cookies, which are stored on your computer, as well as pixel tags, which enable your use of the website to be analysed. This allows information such as visitor traffic on these pages to be analysed.

The information generated by cookies and pixel tags about the use of this website (including obfuscated IP addresses) and the delivery of advertising formats is transmitted to a TradeDoubler server and stored there. This information may be passed on by TradeDoubler to TradeDoubler's contractual partners. However, TradeDoubler will not merge your IP address with other data stored by you.

Further information on the use of data can be found in TradeDoubler's privacy policy.

8. Criteo

We use Criteo Remarketing. These are the services of Criteo (registration number: 484786249), registered at 32 Rue Blanche, 75009 Paris. Our website uses cookies/advertising IDs for advertising purposes. This allows us to show our adverts to visitors who are interested in our products on partner websites, apps and emails. Re-targeting technologies use cookies or advertising IDs and display advertising based on your previous browsing behaviour. To opt out of this interest-based advertising, please visit the following websites:

www.networkadvertising.org/choices
www.youronlinechoices.com

We may share information such as technical identifiers from your login information on our website or our CRM system with trusted advertising partners. This allows us to link your devices and/or environments and offer you a seamless experience with the devices and environments you use. For more details on these linking capabilities, please refer to the privacy policy found in the aforementioned platforms or the explanations below.

Criteo's privacy policy: https://www.criteo.com/privacy/.

9. Google Ads (with Remarketing)

We use Google Conversion Tracking and the Remarketing Pixel of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google") on our website. The service enables us to design, statistically record, optimise and display advertising content in line with requirements. We rely on such advertising content to ensure the visibility of our website.

Google Ads places a cookie on your computer if you have reached our website via a Google advert. These cookies lose their validity after 30 days. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognise that you have clicked on the ad and have been redirected to this page. In addition, we use information about your use of this website, which Google collects and analyses on our behalf (see here for more details). This enables us to address you on other websites with content that is relevant to you.

We also use the remarketing pixel, which collects and analyses information about your use of this website. This enables us to address you on other websites with content that is relevant to you. According to Google, the data collected during remarketing is not merged with personal data that may be stored by Google. Google also pseudonymises this data.

Each Ads customer receives a different cookie. Cookies can therefore not be tracked via the websites of Ads customers. The information collected using the conversion cookie is used to create conversion statistics for Ads customers who have opted for conversion tracking. As an Ads customer, we learn the total number of users who clicked on an advert and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which we can identify you personally.

The information generated by the cookie about your use of this website, such as click behaviour on texts and products or interactions with videos, is transmitted to a Google server in the USA and stored there.

For the USA, an adequacy decision of the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this privacy policy). Google has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles. Furthermore, the processing of personal data by Google is carried out on the basis of the standard data protection clauses of the European Commission in accordance with Art. 46 para. 2c) GDPR. Google has also implemented extensive technical and organisational measures designed to protect personal data against accidental or unlawful destruction or accidental loss, damage alteration, unauthorised disclosure or access. These Google measures are certified to the ISO/IEC 27001:2013.

For more information on data protection, check Google privacy policy.

10. Google Analytics

We use Google Analytics on our website, a web analysis and advertising service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google"). In this context, pseudonymised user profiles are created and cookies and pixel tags (see IV above) are used. The information processed in this way about your use of this website such as

  • Browser type /-version.
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of the server request

as well as other information about the use of our website. The IP addresses are anonymised so that they cannot be associated with you personally (IP masking).

are transmitted to a server of Google in the USA and stored there. Google complies with the data protection provisions of the "US-Privacy-shield" and is registered with the "US-Privacy shield" program of the U.S. Department of Commerce.

In addition, we have completed a job processing contract for the use of Google Analytics about the usage. Through this agreement, Google assures that they process the data in accordance with the data protection regulation and ensure the protection of the rights of the person concerned.

The information will be used to evaluate the use of the website, to reports on website activity to assemble and more with the use of the website and the use of the Internet related services for purposes of market research and to provide need-based design of these Internet pages.
Also, they will transmit information to third parties unless this is required by law or insofar as third parties process this data on behalf of. It merges your IP address with other data from Google in any case. The IP addresses are made anonymous so that an association is not possible (IP masking).

For the USA, an adequacy decision of the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (hereinafter "TADPF", further information on this under III. 9. of this privacy policy). Google has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles. Furthermore, the processing of personal data by Google is carried out on the basis of the standard data protection clauses of the European Commission in accordance with Art. 46 para. 2c) GDPR. Google has also implemented extensive technical and organisational measures designed to protect personal data against accidental or unlawful destruction or accidental loss, damage alteration, unauthorised disclosure or access. These Google measures are certified to the ISO/IEC 27001:2013.

For more information on data protection, check Google privacy policy.

By using Google Analytics, Google processes the information on our behalf to analyse the use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage for the purposes of market research and the needs-based design of this website.

We only use Google Analytics with activated IP anonymisation. This means that the IP address of users is truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

We have activated the advertising functions of Google Analytics. This generates reports on target groups, demographic characteristics such as age, gender and interests of site visitors, as well as on our marketing campaigns. The data for this comes from campaigns carried out via Google services, interest-based advertising from Google, the Google Display Network and visitor data from third-party providers. This does not directly reveal your identity to us. With the help of these reports, we can better evaluate user behaviour in connection with our online offerings and optimise the way we address target groups.

If you do not want your user behaviour to be taken into account in these reports, you can deactivate this via the ad settings in your own Google account or prevent the collection of data by Google Analytics as described below. You can also restrict the collection of data by not logging into your own Google account when you visit our website.

We do not use the Universal Analytics with User ID offered by Google.

The data collected may be transferred to third parties if this is required by law or if third parties process the data on our behalf.

The user data collected via cookies is automatically deleted after 14 months.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics help centre. You can find information on Google's use of data in their privacy policy.

11. Ladenzeile

We use technology (e.g. tracking pixels) from Ladenzeile GmbH, Zimmerstraße 50, 10888 Berlin, Germany (hereinafter "Ladenzeile") on our website. It operates the Ladenzeile and ShopAlike portals. This technology is executed on your device when you complete an order process. In the process, anonymous data about your order process (e.g. the value of the shopping basket) and your IP address are collected by Ladenzeile in pseudonymised form. This is done on the basis of your consent in order to allocate sales, for marketing purposes and for the verifiability of civil law claims. Ladenzeile deletes the data as soon as it is no longer required for these purposes. Please refer to Ladenzeile's privacy policy: https://www.ladenzeile.de/datenschutzerklaerung.html. If you do not agree with the tracking, you can prevent this in the browser via the do-not-track setting.

12. ProductsUp

We use conversion tracking from ProductsUp on our website. This is a software for optimising feed management. The provider is Products Up GmbH, Bahnhofstr. 5, 91425 Simmelsdorf, Germany (hereinafter referred to as "Products Up"). Products Up's conversion tracking enables us to analyse the behaviour of our website visitors. For this purpose, the pages you visit and your purchasing activity, which your browser transmits to our web servers when you visit the website, are recorded. This allows us to measure website interactions such as dwell time, conversions, scroll events, clicks and page views of website visitors. The IP address is anonymised as early as possible during the analysis with ProductsUp so that the interactions can be assigned to the website visitor for no longer than the duration of the current day so that they can be recognised on subsequent visits. The data is deleted as soon as it is no longer required for this purpose.

Without your consent, no cookies will be stored in your browser and no information will be read from the memory of your end device. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. You can prevent tracking in your browser using the do-not-track setting.

Further information can be found in Products Up's privacy policy at: https://www.productsup.com/privacy-policy/.

13. Dynamic Yield

We use the personalisation software of Dynamic Yield GmbH, Unter den Linden 26-30, 10117 Berlin (hereinafter referred to as "Dynamic Yield") on our website to personalise the user experience by creating individual product recommendations and to monitor results through A/B tests and real-time analyses. Cookies and local storage are used for this purpose. The data analysed by Dynamic Yield helps us to understand which pages and products are of particular interest to website visitors.

The data processing takes place on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. IP addresses, user IDs, pages accessed, referrers, URL parameters, search queries/terms, information on search results, membership of target groups, interactions, geographical location and technical, non-behavioural information about your end device and browser are processed. The data is deleted 12 months after collection.

If you have also given your consent in Google Analytics, Google will receive data/segments processed by Dynamic Yield for further use. Information on Google Analytics and Google can be found in this privacy policy.

In exceptional cases, the data collected may be transmitted to Dynamic Yield's headquarters in Israel for technical support measures. These are secured by an adequacy decision within the meaning of Art. 45 GDPR.

We have concluded an order processing agreement with Dynamic Yield in accordance with Art. 28 GDPR. Further information on data protection at Dynamic Yield can be found at https://www.dynamicyield.com/de/gdpr-and-privacy/ and in Dynamic Yield's privacy policy: https://www.dynamicyield.com/privacy-policy/.

VI. Data subject rights

You have the right:

  • in accordance with Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future;
  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • to demand the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller, and
  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

To exercise of their affected rights compared to us, contact datenschutz@tennis-point.de.

VII. Right of objection according to Art. 21 GDPR

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.

If you wish to exercise your right to object, simply send an email to datenschutz@tennis-point.de.

VIII. Data security

All data transmitted by you personally is encrypted using the common and secure TLS (Transport Layer Security) standard. TLS is a secure and tried-and-tested standard that is also used in online banking, for example. You can recognise a secure TLS connection by the s appended to the http (i.e. https://..) in the address bar of your browser or by the lock symbol at the top of your browser.

We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

IX. Actuality and changing this privacy policy

This privacy policy is currently valid and was last updated in February 2024.

It may become necessary to amend this privacy policy as a result of the further development of our website and offers on it or due to changes in legal or official requirements. You can access and print out the current privacy policy at any time on the website at https://www.tennis-point.co.uk/data-protection/.