top of page

Privacy Policy

Privacy Policy

1. Access data and hosting

2. Data processing for contract fulfillment and contact

2.1 Data processing for contract fulfillment

2.2 Customer account

2.3 Contact

3. Data processing for shipping purposes

4. Data processing for payment processing

4.1 Data processing for transaction processing

4.2 Data processing for fraud prevention and optimization of our payment processes

5. Cookies and other technologies

5.1 General information

5.2 Use of the Usercentrics Consent Management Platform for managing consents

6. Use of cookies and other technologies

7. Social media

7.1 Social buttons from Facebook (by Meta), Instagram (by Meta)

7.2 Our online presence on Facebook (by Meta), Instagram (by Meta)

8. Contact options and your rights

8.1 Your rights

8.2 Contact options

The party responsible for data processing is:

Nikolas Lampmann

Am Meisenring 22

61197 Florstadt

Email: info@lampi-parts.com

We appreciate your interest in our online shop. Protecting your privacy is very important to us. Below, we provide detailed information on how we handle your data.

1. Access data and hosting

You can visit our websites without providing any personal information. Each time a website is accessed, the web server automatically saves a so-called server log file; this documents the access and contains, for example, the name of the requested file, your IP address, the date and time of the request, the volume of data transferred, and the requesting provider (access data). This access data is analyzed solely for the purpose of ensuring the trouble-free operation of the site and improving our services. This serves to safeguard our legitimate interests—which prevail following a balancing of interests—in the correct presentation of our services, in accordance with Art. 6(1)(f) of the GDPR. All access data is processed only for as long as is necessary to achieve the aforementioned processing purposes.

Services related to hosting and displaying the website are provided in part by our service providers acting on our behalf. Unless otherwise stated in this privacy policy, all access data and any data collected via forms on this website are processed on their servers. If you have questions regarding our service providers and the basis of our cooperation with them, please use the contact details provided in this privacy policy.

 

Our service providers are based in and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection via an adequacy decision: Brazil, Israel, the United Kingdom, and the USA.

 

The adequacy decision for the USA serves as the basis for data transfers to a third country, provided the respective service provider is certified. Such certification is in place.

Our service providers are based in and/or use servers in the following countries: Mexico, India, and Ukraine.

There is no adequacy decision from the European Commission for these countries. Our cooperation with them is based on the following safeguards: European Union standard data protection clauses.

2. Data processing for contract fulfillment and contact purposes
 
2.1 Data processing for contract fulfillment​

For the purpose of fulfilling the contract (including inquiries regarding and the handling of any existing claims arising from warranty rights, rights related to performance disruptions, and the right of withdrawal, as well as any statutory obligations to provide updates) pursuant to Art. 6(1)(b) GDPR, we collect personal data when you voluntarily provide it to us as part of your order. Mandatory fields are marked as such because we require this data to fulfill the contract; without this information, we cannot process or ship the order. The specific data collected is evident from the respective input forms.

Further information regarding the processing of your data—particularly its transfer to our service providers for the purpose of processing orders, payments, and shipments—can be found in the subsequent sections of this privacy policy. Once the contract has been fully executed, the processing of your data will be restricted, and the data will be deleted after the expiration of the retention periods required by tax and commercial law, pursuant to Art. 6(1)(c) GDPR, unless you have expressly consented to the further use of your data pursuant to Art. 6(1)(a) GDPR, or unless we reserve the right to use the data further in a manner permitted by law and about which we inform you in this policy.

2.2 Customer account

If you have given your consent pursuant to Art. 6(1)(a) GDPR by choosing to open a customer account, we use your data for the purpose of opening the account and storing your information for future orders on our website. You may delete your customer account at any time; this can be done either by sending a message using the contact details provided in this privacy policy or by using the designated function within the customer account. Once your customer account is deleted, your data will be erased, unless you have expressly consented to the continued use of your data pursuant to Art. 6(1)(a) GDPR, or unless we reserve the right to use the data further as permitted by law and as described in this policy.

 

2.3 Contacting us

 

As part of customer communication, we collect personal data to process your inquiries pursuant to Art. 6(1)(b) GDPR if you voluntarily provide such data when contacting us (e.g., via contact form, live chat tool, or email). Mandatory fields are marked as such because the data requested therein is essential for us to process your inquiry. The specific data collected is evident from the respective input forms. Once your inquiry has been fully processed, your data will be erased, unless you have expressly consented to the continued use of your data pursuant to Art. 6(1)(a) GDPR, or unless we reserve the right to use the data further as permitted by law and as described in this policy.

3. Data processing for the purpose of shipping

To fulfill the contract pursuant to Art. 6(1)(b) GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. If you have questions regarding our service providers and the basis of our cooperation with them, please use the contact details provided in this privacy policy.

4. Data processing for payment processing

When processing payments in our online shop, we work with the following partners: technical service providers, financial institutions, and payment service providers.

4.1 Data processing for transaction handling

Depending on the selected payment method, we pass on the data necessary to process the payment transaction to our technical service providers, the commissioned financial institutions, or the selected payment service provider, insofar as this is required for payment processing. This serves the purpose of contract fulfillment pursuant to Art. 6(1)(b) GDPR. In some cases, the payment service providers collect the data required for payment processing themselves—for example, on their own websites or via a technical integration within the ordering process. In this regard, the privacy policy of the respective payment service provider applies.

Depending on the selected payment method, data may be transferred to third countries outside the EU/EEA for which the European Commission has determined, via an adequacy decision, that an adequate level of data protection exists. Where data is transferred to third countries outside the EU/EEA for which the European Commission has not issued an adequacy decision, the cooperation is based on the European Commission’s standard data protection clauses.

If you have questions regarding our payment processing partners or the basis of our cooperation with them, please use the contact details provided in this privacy policy. 4.2 Data processing for the purpose of fraud prevention and the optimization of our payment processes

 

Where applicable, we provide the aforementioned service providers with additional data. They use this data—in conjunction with the information necessary for processing payments—for the purpose of fraud prevention and optimizing our payment processes (e.g., invoicing, handling disputed payments, and accounting support). This processing is carried out pursuant to Art. 6(1)(f) GDPR to safeguard our legitimate interests—which prevail following a balancing of interests—in protecting ourselves against fraud and ensuring efficient payment management.

5. Cookies and other technologies
5.1 General information

To make visiting our website attractive and to enable the use of certain functions, we use technologies—including so-called cookies—on various pages. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session—i.e., after you close your browser (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser upon your next visit (persistent cookies). You can view the storage duration in the overview within your web browser's cookie settings.

Protection of privacy regarding devices

When you use our online services, we employ strictly necessary technologies to provide the digital service you have expressly requested. Storing information on your device or accessing information already stored on your device does not require your consent in these cases.

For functions that are not strictly necessary, storing information on your device or accessing information already stored on your device requires your consent. Please note that if you do not grant consent, parts of the website may not be fully usable. Any consent you have granted remains valid until you adjust or reset the relevant settings on your device.

Subsequent data processing via cookies and other technologies

We use technologies that are strictly necessary for the use of certain functions on our website (e.g., the shopping cart function). These technologies collect and process your IP address, the time of your visit, device and browser information, and information regarding your use of our website (e.g., details about the contents of the shopping cart). This processing is based on a balancing of interests, serving our overriding legitimate interest in the optimized presentation of our services pursuant to Art. 6 (1) sentence 1 (f) of the GDPR. In addition, we use technologies to fulfill the legal obligations to which we are subject (e.g., to demonstrate consent for the processing of your personal data) as well as for web analytics and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the subsequent sections of this privacy policy. We may also use technologies that are not individually listed in this privacy policy. Detailed information regarding these technologies, including the respective legal basis for data processing, can be found on the Usercentrics platform. You can access it via this link: .

Cookie Settings

You can find the cookie settings for your browser on the cookies-site.

If you have consented to the use of technologies pursuant to Art. 6 (1) sentence 1 (a) GDPR, you may withdraw your consent at any time by sending a message using the contact details described in the privacy policy. Alternatively, you can visit the following link: www.lampi-parts-com/cookies. If cookies are not accepted, the functionality of our website may be limited.

5.2 Use of the Usercentrics Consent Management Platform to manage consents

 

We use the Usercentrics Consent Management Platform (“Usercentrics”) on our website to inform you about the cookies and other technologies we employ, and to obtain, manage, and document any legally required consent for the processing of your personal data via these technologies. This is necessary pursuant to Art. 6(1) sentence 1(c) GDPR to fulfill our legal obligation under Art. 7(1) GDPR to demonstrate that we have obtained consent for the processing of your personal data. Usercentrics is a service provided by Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, which processes your data on our behalf. When you visit our website, the Usercentrics web server stores a so-called server log file containing your anonymized IP address, the date and time of the visit, device and browser information, and details regarding your consent choices. Your data will be deleted after three years unless you have expressly consented to further use of your data pursuant to Art. 6(1) sentence 1(a) GDPR, or unless we reserve the right to use the data beyond this period as permitted by law and as described in this statement.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined, via an adequacy decision, that an adequate level of data protection exists: USA.

 

The adequacy decision for the USA serves as the basis for the transfer of data to a third country, provided the respective service provider is certified. Such certification is in place.

6. Use of cookies and other technologies

We use the following cookies and other third-party technologies on our website. Unless otherwise specified for individual technologies, this is done based on your consent pursuant to Art. 6 (1) sentence 1 (a) of the GDPR. Once the purpose has been fulfilled and we have ceased using the respective technology, the data collected in this context will be deleted. You may revoke your consent at any time with effect for the future. Further information regarding your options for revocation can be found in the "Cookies and other technologies" section. Further information, including the basis for our cooperation with the individual providers, can be found in the details for each specific technology. If you have questions regarding the providers and the basis of our cooperation with them, please use the contact details provided in this privacy policy.

Use of Wix statistics for web analysis

For the purpose of website analysis, data (IP address, time of visit, device and browser information, location information, and information regarding your use of our website) is automatically collected and stored using technologies provided by Wix Ltd., 40 Nemal St., Tel Aviv 6350671, Israel ("Wix"); this data is used to create usage profiles under a pseudonym. Cookies may be used for this purpose. Without separate, explicit consent, the pseudonymized usage profiles are not combined with personal data relating to the person behind the pseudonym. Wix acts on our behalf.

Our service providers are based in and/or use servers in the following countries, for which the European Commission has determined—via an adequacy decision—that an adequate level of data protection exists: Brazil, Israel, the United Kingdom, and the USA.

 

The adequacy decision for the USA serves as the basis for the transfer to a third country, provided the respective service provider is certified. Such certification is in place.

 

Our service providers are based in and/or use servers in the following countries: Mexico, India, and Ukraine.

There is no adequacy decision from the European Commission for these countries. Our cooperation with you is based on the following safeguards: European Union Standard Contractual Clauses.

Use of Visitor Analytics for web analytics

We employ so-called fingerprinting technology to achieve the purposes mentioned above. This involves analyzing technical characteristics of your device or internet browser to enable reliable analysis. Pseudonymized usage profiles are not combined with personal data relating to the holder of the pseudonym without separate, explicit consent. Visitor Analytics acts on our behalf as a data processor. The Visitor Analytics "Visitor Recording" tool allows for the generation of statistics regarding where you have scrolled and what you have clicked on the website. This feature helps us make the website more user-friendly and resolve technical errors.

7. Social Media
7.1 Social buttons from Facebook (by Meta) and Instagram (by Meta)

Our website uses social buttons from social networks. These are integrated into the page merely as HTML links, meaning that no connection to the respective provider's servers is established when you visit our website. If you click on one of the buttons, the respective social network's website opens in a new browser window. There, you can, for example, use the "Like" or "Share" button.

7.2 Our online presence on Facebook (by Meta) and Instagram (by Meta)

Provided you have given your consent to the respective social media operator in accordance with Art. 6 (1) sentence 1 (a) GDPR, your data will be automatically collected and stored when you visit our online presence on the aforementioned social media platforms for market research and advertising purposes; usage profiles are created from this data using pseudonyms. These profiles may be used, for instance, to display advertisements—both within and outside the platforms—that are likely to match your interests. Cookies are generally used for this purpose. Please refer to the providers' privacy policies linked below for detailed information regarding the processing and use of data by the respective social media operator, as well as contact details and information on your rights and privacy settings. Should you require further assistance in this regard, please feel free to contact us.

Facebook (by Meta) is a service provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). Information automatically collected by Meta Platforms Ireland regarding your use of our online presence on Facebook (by Meta) is generally transmitted to and stored on a server belonging to Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA. Data processing in connection with visiting a Facebook (by Meta) fan page takes place based on a joint controllership agreement pursuant to Art. 26 GDPR. Further information (information regarding Insights data) can be found here.

Our service providers are based in and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection via an adequacy decision: Brazil, USA, Canada, Japan, South Korea, New Zealand, the United Kingdom, and Argentina.

The adequacy decision for the USA serves as the basis for the transfer to a third country, provided the respective service provider is certified. Such certification is in place.

Our service providers are based in and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, and Mexico.

There is no adequacy decision from the European Commission for these countries. Our cooperation with them is based on the following safeguards: Standard Contractual Clauses of the European Commission.

Instagram (by Meta) is a service provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). Information regarding your use of our online presence on Instagram, which is automatically collected by Meta Platforms Ireland, is generally transmitted to and stored on a server belonging to Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. Data processing in connection with visiting an Instagram (by Meta) fan page takes place based on a joint controllership agreement pursuant to Art. 26 GDPR. Further information (information regarding Insights data) can be found here.

Our service providers are based in and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection via an adequacy decision: Brazil, USA, Canada, Japan, South Korea, New Zealand, the United Kingdom, and Argentina. The adequacy decision for the USA serves as the basis for transfers to a third country, provided the respective service provider is certified. Such certification is in place.

Our service providers are based in and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, and Mexico.

There is no adequacy decision from the European Commission for these countries. Our cooperation with them relies on the following safeguards: standard data protection clauses adopted by the European Commission.

8. Contact details and your rights
8.1 Your rights

As a data subject, you have the following rights:

  • pursuant to Art. 15 GDPR, the right to request information about the personal data concerning you that we process, to the extent specified therein;

  • pursuant to Art. 16 GDPR, the right to demand the immediate rectification of incorrect personal data or the completion of personal data concerning you that is stored by us;

  • pursuant to Art. 17 GDPR, the right to demand the erasure of personal data concerning you that is stored by us, unless further processing is necessary:​

- for exercising the right of freedom of expression and information;

- for compliance with a legal obligation;

- for reasons of public interest; or

- for the establishment, exercise, or defense of legal claims;

  • pursuant to Art. 18 GDPR, the right to demand the restriction of the processing of your personal data where:

 

- the accuracy of the data is contested by you;

- the processing is unlawful but you oppose the erasure of the data;

- we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims; or

- you have objected to the processing pursuant to Art. 21 GDPR;

  • pursuant to Art. 20 GDPR, the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format or to request its transmission to another controller;

  • pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a general rule, you may contact the supervisory authority at your habitual residence, your place of work, or our company headquarters. Right to Object

Where we process personal data as explained above to safeguard our legitimate interests—which prevail following a balancing of interests—you may object to this processing with effect for the future. If the processing is for direct marketing purposes, you may exercise this right at any time as described above. Where processing takes place for other purposes, you have the right to object only on grounds relating to your particular situation.

Once you have exercised your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.

This does not apply if the processing is for direct marketing purposes. In that case, we will no longer process your personal data for that purpose.

8.2 Contact Details

For questions regarding the collection, processing, or use of your personal data, for information, correction, restriction, or deletion of data, as well as to revoke consent or object to a specific use of data, please contact us directly using the contact details provided in our legal notice (Impressum).

Data Protection Officer:

Nikolas Lampmann

Am Meisenring 22

61197 Florstadt

Germany

 

info@lampi-parts.com

bottom of page