Personal data is information that relates to an identified or identifiable person. In particular, this includes information that enables us to identify you, such as your name, your telephone number, your address or e-mail address. Statistical data that we collect when you visit our website, for example, that cannot be associated with your person, does not fall under the term "personal data".
The contact person and so-called person responsible for the processing of your personal data when you visit this website, in accordance with the General Data Protection Regulation (GDPR), is
Fax: +49 (0) 30 920 330 81
E-Mail: [email protected]
If you have any questions about data protection in connection with our products or the use of our website, you can also contact our data privacy officer at any time. The officer can be contacted at the above postal address and via the e-mail address previously provided.
Every time you use our website, we collect the access data that your browser automatically transmits to enable you to visit the website. The access data includes:
The data processing of this access data is necessary to enable visits to the website and to guarantee the permanent functionality and security of our systems. The access data is also temporarily stored in internal log files for the purposes described above in order to produce statistical data on the use of our website, to further develop our website with regard to the user behaviour patterns of our visitors (e.g. if the proportion of mobile devices with which the pages are accessed increases) and to generally maintain our website administratively. The legal basis is the above-mentioned legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR
There are several ways to contact us. This includes the contact form, our e-mail addresses or our telephone service. In this context, we process data exclusively for the purpose of communication with you. The legal basis is Art. 6 para. 1 lit. b GDPR. The data collected by us when using the contact form will be automatically deleted after complete processing of your request unless we still need your request to fulfil contractual or legal obligations (see section "Data retention period").
You have the option to register and login to use the full range of functions on our website. The data you are obliged to provide (e-mail address, surname, first name, title) are marked as mandatory fields. Without this data, a registration is not possible. The legal basis for processing is Art. 6 para. 1 lit. b GDPR.
In the case of an order, we collect mandatory information necessary for the execution of the contract:
The personal data collected by us will be passed on to the logistics service provider commissioned for the delivery of the goods, within the scope of the contract, if necessary.
We pass on your payment data to the commissioned financial institution or payment service provider as part of the processing of payments.
We have commissioned the following service providers to process the following payment methods:
You have the option of ordering our newsletters, in which we inform you regularly about new arrivals, offers and promotions.
We use the so-called double opt-in procedure for our newsletter subscriptions, i.e. we will not send you newsletters by e-mail until you confirm in our notification e-mail that you are the owner of the e-mail address provided, by clicking on a link. If you confirm your e-mail address, we will store your e-mail address, the time of registration and the IP address used for registration until you unsubscribe from the newsletter. The sole purpose of the storage is to send you the newsletters and to be able to verify your registration. You can unsubscribe from the newsletter at any time. A corresponding unsubscribe link can be found in every newsletter. A message to the contact data given above or in the newsletter (e.g. by e-mail or post) is of course also sufficient. The legal basis of the processing is based on your consent, in accordance with Art. 6 para. 1 lit. a GDPR.
For our newsletters, we use available technologies that help us measure user interaction (e.g. opening of the e-mail, clicked links etc.) We use this data in pseudonymous form for general statistical evaluations as well as for the optimisation and further development of our content and customer communication. This is done with the help of small graphics embedded in the newsletter (pixels). The data is collected exclusively, pseudonymized and is not linked to your other personal data. The legal basis for this is our above-mentioned legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. Through our newsletter, we want to share content that is as relevant as possible for our customers and get a deeper understanding of what readers are actually interested in. If you do not wish to receive the newsletter, you can unsubscribe anytime or deactivate graphics in your e-mail program by default.
In addition to processing your data during the checkout process, Lesara also uses your data to provide customised product recommendations for you. If you have consented to this, you will receive these recommendations from Lesara regardless of whether you have subscribed to a Lesara newsletter. In this way, Lesara wants to provide you with information about products and current offers that may interest you, based on your recent purchases from Lesara. Lesara adheres strictly to the legal requirements. If you no longer wish to receive product recommendations or any advertising messages from Lesara and/or do not wish your personal data to be used for advertising purposes, you can object to this completely or for specific measures at any time without incurring any costs other than the transmission costs according to the basic tariffs. A message to Lesara via e-mail, fax or post is sufficient. Of course, you will also find an unsubscribe link in every e-mail. The legal basis of the processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR.
If you take part in one of our surveys, we use your data for market and opinion research. We evaluate the data anonymously for internal purposes. If surveys are not evaluated anonymously in exceptional cases, the data will only be collected with your consent. In the case of anonymous surveys, the GDPR is not applicable and in the case of exceptional personal evaluations, the legal basis is the aforementioned consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.
In the context of contests and competitions, we use your data for the purpose of conducting the contest and notifying you of the results and rewards. You will find detailed information in the terms and conditions of participation for the relevant competition. The legal basis of the processing is the lottery agreement pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.
You can apply to open positions at Lesara via our application management system. The purpose of the data collection is the selection of applicants for a potential employment relationship. We collect the following data in particular for the receipt and processing of your application: First and last name, e-mail address, application documents (e.g. certificates, curriculum vitae), date of earliest possible start and salary expectations. The legal basis for processing your application documents is Art. 6 para. 1 sentence 1 b and Art. 88 para. 1 GDPR in conjunction with § 26 para. 1 sentence 1 BDSG.
For some of our services it is necessary that we use so-called cookies. A cookie is a small text file that is stored by the browser on your device. Cookies are not used to run programs or download viruses onto your computer. The main purpose of our cookies is to provide an offer tailored to your needs and to make the use of our services as time-saving as possible.
We use our own cookies in particular:
We want to facilitate a comfortable and individual use of our website. These services are based on our aforementioned interests; the legal basis is Art. 6 Par. 1 S. 1 lit. f GDPR.
The legal basis for the data processing described in the following section is Art. 6 para. 1 sentence 1 f GDPR, based on our interest in the demand-oriented design and continuous optimisation of our website.
In the following list of technologies we use, you will also find information on the possible contradictions with regard to our analysis measures using an opt-out cookie. Please note that after deleting all cookies in your browser or later use of another browser and/or profile, an opt-out cookie must be set again.
The following information is NOT transferred to Hotjar: login & registration data (e-mail, name, password), billing and delivery address, personal master data such as
e.g. name & phone number and details of your chosen payment method (including all other fields to be filled in for payment, e.g. name and credit card number).
The collection of data by Hotjar can be deactivated if you wish (so-called opt-out) on all websites operated by us or other providers that use Hotjar. For more information and an explanation of your objection refer to Hotjar's opt-out page. Hotjar also supports the so-called Do-Not-Track function of your browser. If you enable it in your browser, Hotjar will not collect any data. Instructions for the different browsers can be found on the Hotjar website (https://www.hotjar.com/legal/compliance/opt-out)
The legal basis for the data processing described in the following section is Art. 6 para. 1 sentence 1 f GDPR based on our interest in providing you with personalised advertising.
In the following section, we would like to explain these technologies and their providers in more detail.
The following data may be included:
In the following descriptions of the technologies we use, you will also find information on the possible contradictions regarding our analysis and advertising measures by means of a so-called opt-out cookie. Alternatively, you can exercise your objection by making appropriate settings on the Truste, Your Online Choices or YourAdChoices websites, which offer bundled possibilities for objections from many advertisers. Both sites allow the listed providers to deactivate all ads at once by means of opt-out cookies or alternatively to make the settings for each provider individually. Please note that after deleting all cookies in your browser or later use of another browser and/or profile, an opt-out cookie must be set again.
For marketing purposes, our websites use so-called conversion and retargeting tags (also "Facebook pixels") of the social network Facebook, a service of Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA ("Facebook"). We use Facebook pixels to analyze the general use of our websites and to track the effectiveness of Facebook advertising ("conversion"). In addition, we use the Facebook pixels to show you individualized advertising messages based on your interests ("retargeting"). Facebook processes data that the service collects via cookies and similar technologies on our websites.
The data arising in this context can be transferred by Facebook to a server in the USA for evaluation and stored there. In the event that personal information is transferred to the United States, Facebook has submitted to the EU-US Privacy.
If you are a Facebook member and have allowed Facebook through your account's privacy settings, Facebook may link the information we collect from your visit to your member account and use it to target Facebook ads. You can access and change the Privacy Settings of your Facebook profile at any time. If you are not a Facebook member, you can stop Facebook from processing your information by clicking the "Facebook" opt-out button on the TRUSTe Web site mentioned above.
If you use a Google Account, depending on the settings in your Google Account, Google can link your web and app browsing history to your Google Account and use information from your Google Account to personalize ads. If you don't want this association with your Google Account, you'll need to log out of Google before you can access our contact page.
Google will process the information obtained by the cookies in order to evaluate your use of the website, to compile reports on the website activities for the website operators and to provide further services associated with the use of the website and the Internet.
You can configure your browser to reject cookies as described above, or you can prevent the collection of data generated by cookies and related to your use of our website under Google's Cookie Settings. Alternatively, you can prevent Google from processing this data by downloading and installing the Browser-Add-On (the latter does not work on mobile devices).
Our website uses the service "Google Customer Match", a remarketing tool of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). You can use it to suggest specific results regarding Lesara to you on Google search queries. Lesara gives Google a non-reversible, non-personal checksum (hash value) from your usage data. Your data cannot be identified by this hashing process.
On our website we use the "Yieldlab" service of Yieldlab AG (Colonnaden 41, 20354 Hamburg) to optimise the output of advertising content on our website. Cookies are also used here. You can object to the use of Yieldlab by opting out. This can be done via the following link:
This sets an opt-out cookie. This cookie prevents a cookie with an advertising ID from being stored in your browser or otherwise being assigned to advertising categories. You can find relevant information and further information on personal data processing at Yieldlab here:
This website uses the Smartclip Holding AG service (Kleiner Burstah 12, Nikolaikontor 20457 Hamburg). This is a service company specially focused on the moving image sector, which focuses on marketing and marketing technology and brings together potential advertising partners and advertisers for the placement of video advertising. Marketing by the smartclip service covers both web-based moving image presentations and the mobile sector (websites optimized for mobile use, apps on smartphones and tablets, independent of the iOS, Android or Windows 8 operating system). Smartclip uses usage-based data with the help of third party providers for the playout of video advertising. Here you can find out how you can object to the use of marketing by smartclip adapted to the user:http://www.smartclip.com/privacy-policy/.
Our website gives you the opportunity to log in to the website with your existing Facebook profile information. We use Facebook Connect, a service of Facebook Inc, 1601 Willow Road, Menlo Park, California, 94025, USA ("Facebook"). Once you have logged in with Facebook Connect, no additional registration is required.
If you want to use this function, you will first be forwarded to Facebook. There you will be asked to log in with your user name and password. Of course, we do not take note of your registration data. If you are already logged in to Facebook, this step will be skipped. Your e-mail address and your public profile information (in particular name, profile picture, date of birth, gender, language and country, list of friends and personal details) will then be transmitted to us when you confirm the process with the "Log in with Facebook" button. In the event that personal information is transferred to the United States, Facebook has submitted to the EU-US Privacy Shield. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.
Our website uses social media plug-ins (such as the Like button) from the social network Facebook Inc, 1601 Willow Road, Menlo Park, California, 94025, USA ("Facebook"). The legal basis is Art. 6 Par. 1 S. 1 lit. f GDPR, based on our legitimate interest that you share our content via social networks and that we thereby extend our reach.
In the event that personal information is transferred to the United States, Facebook has submitted to the EU-US Privacy Shield. Facebook receives the information that you have called up the corresponding subpage of our online offer. This is regardless of whether you have a Facebook account and are logged in. When you are logged in to Facebook, this information is directly associated with your account. If you activate the activated plug-in and, for example, link to the page, Facebook also stores this information, including the date and time, in your user account and notifies your contacts publicly. If you do not wish to be associated with your profile on Facebook, you must log out before activating the plug-in.
Facebook stores these data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation takes place in particular (also for not logged in users) for the representation of demand-fair advertisement and in order to inform other users of the social network about your activities on our web page. You have the right to object to the creation of these user profiles, as Facebook members you can disable advertising based on social actions in the advertising preferences. You can also completely prevent the Facebook Social Media Plug-ins from loading with additional programs for your browser, e.g. the Facebook Blocker.
Our website uses so-called social plugins ("plugins") of the social network Google+, which is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). The plugins can be identified, for example, by buttons with the "+1" character on a white or colored background. An overview of the Google plugins and their appearance can be found here: https://developers.google.com/+/plugins .
When you access a page of our website that contains such a plugin, your browser establishes a direct connection to Google's servers. The content of the plugin is transmitted by Google directly to your browser and integrated into the page. The integration gives Google the information that your browser has called up the corresponding page of our website, even if you do not have a Google+ profile or are not currently logged in to Google+. This information (including your IP address) is transmitted directly from your browser to a Google server in the USA and stored there.
If you are logged in to Google+, Google can immediately associate your visit to our website with your Google+ profile. If you interact with the plugins, for example by pressing the "+1" button, the corresponding information is also transmitted directly to a Google server and stored there. The information is also published on Google+ and displayed to your contacts.
The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights and setting options for the protection of your privacy can be found in Google's data protection information: https://www.google.com/intl/policies/privacy/
If you do not want Google to associate the data collected via our website directly with your profile on Google+, you must log out of Google+ before visiting our website. You can also completely prevent the Google plugins from loading with add-ons for your browser, e.g. with the script blocker "NoScript" (http://noscript.net/). The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.
Our website uses so-called social plugins ("plugins") of the microblogging service Twitter, which is operated by Twitter Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The plugins are marked with a Twitter logo, for example in the form of a blue "Twitter bird".
When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to Twitter. The content of the plugin is transmitted directly from Twitter to your browser and integrated into the page. The integration gives Twitter the information that your browser has called up the corresponding page of our website, even if you do not have a Twitter profile or are not currently logged in to Twitter. This information (including your IP address) is transmitted directly from your browser to a Twitter server in the USA and stored there. If you are logged in to Twitter, Twitter can immediately associate your visit to our website with your Twitter account. If you interact with the plugins, for example by pressing the "Twitter" button, the corresponding information is also transmitted directly to a Twitter server and stored there. The information will also be published on your Twitter account and displayed to your contacts. The purpose and scope of the data collection and the further processing and use of the data by Twitter as well as your relevant rights and setting options for the protection of your privacy can be found in the Twitter data protection information: https://twitter.com/privacy. If you do not want Twitter to associate the data collected via our website directly with your Twitter account, you must log out of Twitter before visiting our website. You can also completely prevent the Twitter plugins from loading with add-ons for your browser, e.g. with the script blocker "NoScript" (http://noscript.net/).
The legal basis for the use of the service is Art. 6 para. 1 sentence 1 lit. b GDPR.
The legal basis for the use of the service is Art. 6 para. 1 sentence 1 lit. b GDPR.
The website uses push notifications, which you can deactivate at any time.
The push notifications are used to draw your attention to certain offers. The legal basis is Art. 6 para. 1, lit. f. GDPR, based on our interest in making users aware of our content.
To personalize your shopping experience and enable you to use certain features, we use WonderPush's Web push service, which is operated through https://www.wonderpush.com/. You may have been asked to enable this service. You can freely revoke/activate this setting in your local Internet settings (Chrome, Firefox, Safari) at any time. For further questions regarding the processing of your personal data, please contact the WonderPush web service directly at https://www.wonderpush.com/contact .
A transfer of data collected by us takes place only if:
Part of the data processing can be done by our service providers. In addition to the service providers mentioned in this privacy statement, this may include, but is not limited to, data centres that store our app and databases, IT service providers who maintain our systems, and consulting firms. If we pass on data to our service providers, they may only use the data to fulfil their tasks. The service providers were carefully selected and commissioned by us. They are contractually bound by our instructions, have appropriate technical and organisational measures to protect the rights of the persons concerned and are regularly monitored by us.
In addition, it may be disclosed in connection with government inquiries, court orders and legal proceedings if required for prosecution or enforcement.
As a matter of principle, we store personal data only as long as necessary to fulfil the contractual or legal obligations for which we have collected the data. We then delete the data immediately, unless we need the data until the end of the statutory limitation period as evidence for civil claims or due to legal retention requirements.
For evidence, we must retain contract information for three years from the end of the year in which our business relationship has ended with you. Any claims become statute-barred after the legal limitation period at the earliest at this time.
Even after that, we sometimes have to save your data for accounting reasons. We are obliged to do this for legal documentation obligations that may arise from the Commercial Code, the Tax Code, the Banking Act, the Money Laundering Act and the Securities Trading Act. The deadlines for storing documents are between two and ten years.
You have the right to request information regarding the processing of your personal data by us at any time. As part of the provision of information, we will explain how we process your data and provide you with an overview of the data we store on you.
If data stored by us is incorrect or out of date, you have the right to have this information corrected.
You may also request the deletion of your data. If deletion is not possible due to regulations, the data will be blocked so that they are only available for this legal purpose. You can also limit the processing of your data, for example, if you believe that the information we hold is incorrect.
You also have the right to data portability, i.e. we will send you a digital copy of the personal data you provide on request.
To exercise your rights as described here, you can always contact us. This also applies if you wish to receive copies of warranties to demonstrate adequate data protection.
In addition, you have the right to object to data processing, which is based on Art. 6 para. 1 lit. e or f GDPR. Finally, you have the right to complain to the Data Protection Inspectorate responsible for us. You can assert this right with a supervisory authority in the Member State of your country of residence, your place of work or the place of the alleged breach. In Berlin, the responsible supervisory authority is: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin
In accordance with Art 7. Para. 2 GDPR, you have the right to revoke a consent once given to us at any time. As a result, we will not continue to process data based on this consent in the future. Revoking the consent shall not affect the lawfulness of the processing effected on the basis of the consent until the revocation.
If we process your data on the basis of legitimate interests according to Art. 6 para. 1 lit. f GDPR, you have the right under Art. 21 GDPR to object to the processing of your data and to give us reasons which arise from your particular situation and which in your opinion indicate that your interests worthy of protection predominate. If you object to data processing for direct marketing purposes, you have a general right of objection, which we will implement without you having to give reasons.
If you would like to exercise your right of revocation or objection, it is sufficient to send an informal message to the contact details above.
Version: 1.0 / Status: May 2018