AT BE CH DE FR GB IT LU NL US INT

Shop Online

Explore the brand

Enter

Shop Online

Explore the brand

Enter

Important note:

It appears that your internet browser is out of date. For a better shopping experience,
we recommend an update to the latest version.

You can download browser updates from the official provider page free of charge.

Please select:

Bogner
Back to the shop
Stores
EU
Shopping bag 0

Your shopping bag is empty

Pick your favourite items now!

categories
keywords
products
Show all results
The World of Athluxury
AGB

Privacy Policy

 

Table of contents

 

1. Introduction

2. Person responsible and data protection officer

3. Your rights

4. General data processing on our website
- Server log files
- Contact form, email contact, customer service

5. Promotional communications (newsletteres, email marketing, etc.)

- Newsletter
- Email Marketing (existing customers)
- Advertising by letter post
- Advertising blacklist
- Online surveys

6. Data processing in the context of orders in the online shop
- Registration on our website (creation of a customer account)
- Order (provision of chargeable services)
- Address matching and data up-to-dateness
- Setting up a personal customer profile
- Product availability

7. Payment service providers
- Payment by Paypal
- Payment for purchase on account (BOGNER internal)
- Payment by credit card

8. Cookies

9. Social Media

10. Data security

11. Amendment of our data protection provisions

12. Right to object

 

1.    Introduction

The security of your data and the protection of your privacy is important to us. We are committed to protecting your privacy and to complying with statutory data protection provisions. In the following, we explain how we handle your personal data. Which data is processed in detail and how it is used depends largely on the services requested or agreed in each case.

2.    Person responsible and data protection officer

The person responsible within the meaning of data protection law is

Willy Bogner GmbH & Co. KG a.A.
Sankt-Veit-Straße 4
DE-81673 München
Email: mydata@bogner.com

Bogner homeshopping GmbH & Co. KG
Sankt-Veit-Straße 4
DE-81673 München
Email: mydata@bogner.com

Bogner Sportmoden Vertrieb GmbH
Sankt-Veit-Straße 4
DE-81673 München
Email: mydata@bogner.com

In the following, “BOGNER”, “we”, “us” and “our” refer to the above-mentioned companies.

In many areas, data is processed jointly. The joint responsibility is regulated by an agreement between the companies. The companies use the same database system in the course of their activities and access a common data pool where necessary. The companies are each independently responsible for the lawful processing of personal data and the granting of data subject rights, including the provision of mandatory information. Where necessary, the companies shall support each other in this respect.

We have appointed an external data protection officer for the German companies:

activeMind AG
Management- und Technologieberatung
Potsdamer Straße 3
DE-80802 München
dataprotectionofficer@bogner.com

3.   Your rights

You can exercise the following rights at any time using the contact details provided by our data protection officer or via our customer service at service@bogner.com:

  • Information about your data stored with us and its processing (Art. 15 GDPR),
  • Correction of inaccurate personal data (Art. 16 GDPR),
  • Deletion of your data stored with us (Art. 17 GDPR),
  • Restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR),
  • Objection to the processing of your data stored with us (Art. 21 GDPR) and
  • Data portability, provided you have consented to the data processing or have concluded a contract with us (Art. 20 GDPR).

If you have given us consent, you can revoke this at any time with effect for the future. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

You can contact a supervisory authority at any time with a complaint, e.g. the competent supervisory authority in the federal state of your residence or the authority responsible for us as the responsible body.

A list of the supervisory authorities (for the non-public sector) with the address can be found at: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

 

4.    General data processing on our website

 

Server log files

Nature and purpose of the processing: Information of a general nature is automatically collected when you access our website, i.e. if you do not register or otherwise transmit information. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, your IP address, the date and time of access and similar.

The data are processed for the following purposes in particular:

  • To ensure problem-free connection of the website,
  • To ensure the smooth running of our website,
  • To evaluate system security and stability, and
  • For the technically error-free presentation and optimisation of our website.

We do not use your data to form conclusions about you personally. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

Legal basis and legitimate interest: The processing is carried out in accordance with Art. 6 (1) f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

Recipient: The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website.

Storage period: Data is deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case for data used to access the website when the respective session has ended.

In the case of data stored in log files, this happens no later than 14 days afterwards. Storage beyond this period is possible. In this case, the IP addresses of users are anonymised so that it is no longer possible to assign the calling client.

Provision prescribed or required: The provision of the aforementioned personal data is neither legally nor contractually required. However, without the data, the service and functionality of our website cannot be guaranteed. In addition, individual services and services in general may not be available or may be limited.

Opposition: Please read the information about your right to object according to Art. 21 GDPR.

 

Contact form, email contact, customer service

Nature and purpose of the processing: The data you enter will be stored for the purpose of individual communication with you. To this end, it is necessary to provide a valid email address, order number and your name. This is used for the assignment of the enquiry and the subsequent response to it. The provision of further data is optional.

Our website contains a contact form that can be used for electronic contact. If a user chooses this option, the data entered in the input mask is transmitted to us and stored.

The following data is also stored at the time the message is sent:

  • Date and time of dispatch
  • BOGNER store selected
  • User Agent and User Vendor
  • Selected language

Alternatively, it is possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored. You can also contact our customer service using the telephone number provided. As a matter of principle, we do not record conversations. However, notes about your enquiry may be recorded by our customer service.

 

Legal basis and legitimate interest:

We process data on the basis of our legitimate interest to enable you to contact us easily (Art. 6 (1) f) GDPR). The information you provide will be stored for the purpose of processing the enquiry and for possible follow-up questions.

If you contact us to request a quote, the data entered in the contact form will be processed to carry out pre-contractual measures (Art. 6 (1) b) GDPR).

Recipient: The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website.

Storage period: We only process your personal data for as long as is necessary to fulfil the intended purposes. In addition, we are subject to statutory retention periods resulting from the German Commercial Code (Handelsgesetzbuch) or the German Fiscal Code (Abgabenordnung), which generally last 6 to 10 years.

Provision prescribed or required: The provision of your personal data is voluntary. However, we can only process your enquiry if you provide us with your name, email address and the reason for the enquiry.

Opposition: Please read the information about your right to object according to Art. 21 GDPR.

 

5.    Promotional communications (newsletters, email marketing, etc.)

 

Newsletter

Nature and purpose of the processing: For the delivery of our newsletter, we collect personal data that is transmitted to us via an input mask. We need a valid email address in order to register you successfully.

In order to verify that a registration is actually made by the owner of a particular email address, we use the “double opt-in” (DOI) procedure. This means that you will receive an email after registering for the newsletter in which you must reconfirm your newsletter registration. For this purpose, we log your newsletter registration, as well as the date and the time of the DOI confirmation.

In addition, we evaluate your reading and usage behaviour in order to constantly improve our newsletter and adapt it to your interests and requirements.

Legal basis: We send our newsletter and evaluate it on the basis of your consent (Art. 6 (1) a) GDPR).

Recipient: We use a service provider, who acts as our contract processor, for its dispatch and any evaluations that may take place.

Storage period: The data will only be processed in this context as long as the relevant consent has been given.

Provision prescribed or required: The provision of your personal data is voluntary and based solely on your consent. Unfortunately, we cannot send you our newsletter or make you customised offers without your consent.

Withdrawal of consent: You can withdraw your consent to the storage of your personal data and its use for the dispatch of the newsletter, or the evaluation of the newsletter, at any time with effect for the future. You will find a corresponding unsubscribe link in every newsletter. You can also revoke your consent via the other contact options provided on the website.

 

Email Marketing (existing customers)

Nature and purpose of the processing: If you have provided us with your email address when purchasing goods, we reserve the right to send you regular offers from our range by email. If you have initially objected to the use of your email address for promotional purposes, you will not receive any additional offers by email.

Legal basis and legitimate interest: In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalised direct advertising in accordance with Art. 6 (1) f) GDPR, in conjunction with balancing in accordance with Art. 7 (3) UWG (Unfair Competition Act).

Recipient: We use a service provider, who acts as our contract processor, for its dispatch and any evaluations that may take place.

Storage period: The data will only be processed in this context as long as you have not objected to such processing.

Provision prescribed or required: The provision of your personal data is voluntary. If you object to the use of email marketing, we will not be able to send you any interesting offers by email.

Opposition: You are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future. You will find a link to this effect in every promotional email. You can also revoke your consent via the other contact options provided on the website. We will then include your name and email address in our advertising blacklist.

 

Advertising by letter post

Nature and purpose of the processing: We reserve the right to use your contact data (title, name, address) and customer number - insofar as we have received this additional information from you within the framework of the contractual relationship - as well as your date of birth to send you interesting offers concerning our products by post. If you have initially objected to the use of your data for this purpose, we will not send any mailings.

Legal basis and legitimate interest: The processing for sending advertising by letter post is based on our legitimate interest in personalised direct advertising (Art. 6 (1) f) GDPR).

Recipient: We use a service provider for the dispatch who acts as our contract processor.

Storage period: The data will only be processed in this context as long as you have not objected to such processing.

Provision prescribed or required: The provision of your personal data is voluntary. If you object to advertising by letter post, we will not be able to send you any interesting offers by letter post.

Opposition: You are entitled to object to the use of your address for the aforementioned advertising purpose at any time with effect for the future. You will find a corresponding contact in each covering letter. You can also revoke your consent via the other contact options provided on the website. We will then include your name and address in our advertising blacklist.

 

Advertising blacklist

Nature and purpose of the processing: After your objection to the processing of your personal data for advertising purposes or the revocation of your consent, we store your email address or your name and address (in the case of postal advertising) in our internal advertising blacklist. We only use your data for matching with our future advertising files. This ensures that your advertising objection or the revocation of your consent is permanently respected.

Legal basis and legitimate interest: The lawfulness of processing personal data provided to us for the purpose of inclusion in our advertising blacklist is based on a legitimate interest (Art. 6 (1) f) GDPR), so that we can exclude you from advertising (by email or letter post) in the future.

Recipient: The recipients of the data may be technical service providers who support the processing of our advertising blacklists as contract processors.

Storage period: Entries in the BOGNER internal advertising blacklist are stored permanently. Deletion of the entry by the person concerned is possible at any time by contacting us by email: mydata@bogner.com.

Provision prescribed or required: The provision of your personal data is voluntary. If you object to the inclusion of your data in our advertising blacklist, we cannot guarantee that you will receive advertising from us at a later date (if the legal basis exists).

Opposition:

Please read the information about your according to Art. 21 GDPR.

 

Online surveys

Nature and purpose of the processing: Your personal data will be processed in a pseudonymised form within the scope of the survey. It is not possible for us to draw any direct conclusions about you as a person. The purpose of processing personal data within the scope of the surveys is, for example, to increase customer satisfaction and optimise the shopping experience.

If the survey is linked to a special offer, a voucher for example, you will receive the relevant voucher code at the end of the survey. On the basis of this voucher code, only your participation in a survey can be traced back to you. A combination with other data does not take place. 

Legal basis and legitimate interest:If you are already a BOGNER customer, or have subscribed to our newsletter and have not objected to the use of your data for advertising purposes, the processing is based on a legitimate interest (Art. 6 (1) f) GDPR). We have a legitimate interest in increasing the satisfaction of our customers and optimising their shopping experience.

Recipient: The recipients of the data may be technical service providers who act as contract processors for the implementation of the survey.  

Storage period: We do not assign answers to you personally, but only record that you have received a corresponding link to the survey. If you have redeemed a voucher, we record that you have taken part in the survey. These characteristics are stored in your customer profile. You can find information on deleting your customer profile .

Provision prescribed or required: The provision of your personal data is voluntary. If you choose not to participate in the customer survey, we will not be able to improve our offer based on your anonymous answers. You may not be able to receive or use any offers, such as vouchers, associated with participation in the customer survey.

Opposition: Please read the information about your right to object according to Art. 21 GDPR.

 

6.   Data processing in the context of orders in the online shop

 

Registration on our website (creation of a customer account)

Nature and purpose of the processing: We offer you the option to register on our website. This has many advantages for you; for example, you can view your order history and the associated order details at any time. If you save your preferred delivery and billing address, you do not have to enter them again when you place a new order. This makes your shopping faster and more convenient.

You can change the data we have on file for you or delete your user account at any time.

In addition to the data you have provided, the following data is stored at the time of registration:

  • Registration date
  • Registration time

Legal basis: As part of the registration process, your consent is obtained for the processing of this data in accordance with Art. 6 (1) a) GDPR.

Recipient: The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website. The data is not passed on to third parties.

Storage period: Your user account will be deleted as soon as you cancel your registration.

Withdrawal of consent: You can cancel your registration at any time by contacting us by email: mydata@bogner.com.

Provision prescribed or required: Registration is voluntary. It is beneficial for the fulfilment of a contract with you (via our online shop), or for the implementation of pre-contractual measures, but not a requirement.

 

Order (provision of chargeable services)

Nature and purpose of the processing: We process the data that you provide as part of your order for the purpose of implementing or processing the contractual relationship.

Furthermore, we are subject to various legal obligations that involve data processing. These include, for example, requirements under tax laws and statutory accounting, the fulfilment of enquiries by external parties, e.g. the requirements of supervisory or law enforcement authorities, as well as the fulfilment of control and reporting obligations under tax law.

Legal basis: The processing of the data required for the conclusion of the contract is based on (Art. 6 (1) b) GDPR).

Recipient: The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website or, for example, for implementing your payment to us.

With regard to the transfer of data to recipients outside our company, it should first be noted that we only transfer necessary personal data in compliance with the applicable data protection regulations.

In order to fulfil our contract with you, we pass on your name and address to shipping and logistics service providers commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.

Depending on the payment method you select during the order process, we will pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to commissioned by us or to the payment service selected by you during the order process.

Other recipients of your personal data are, for example, public bodies and institutions (e.g. tax authorities, law enforcement agencies) in the event of a legal or official obligation, accountants, business and payroll tax auditors (statutory audit mandate).

Storage period: We store this data in our systems until the statutory retention periods have expired. These are generally 6 or 10 years for the purpose of proper accounting and tax law requirements.

Provision prescribed or required: The provision of your personal data is contractually necessary in order for us to be able to carry out our purchase contract with you. Without the provision of your personal data, we cannot complete your order.

 

Address matching and data up-to-dateness

Nature and purpose of the processing: Regardless of whether you order from us as a guest or as a registered customer, the addresses you provide while placing your orders or in your membership account are passed to a contract processor who uses the Deutsche Post street catalogue to check the completeness and accuracy of your details. We only use the address in question for this purpose, without your name, for comparison with the street directory.

To ensure that your data is up to date, we use a contract processor to correct, update, cleanse and enrich customer addresses. In the course of this process, the customer information you provide (first name, last name and address) is imported into a Black Box system. The Black Box is an encapsulated on-site system that does not allow access to BOGNER customer data.

Legal basis: The legal basis for the processing of your data is Art. 6 (1) b) GDPR, namely for the fulfilment of contractual obligations or for the performance of pre-contractual measures.

Recipient: The recipients of the data are service providers who act as contract processors for the maintenance of your address data, as well as for the optimisation of dispatch.

Storage period: After matching, the data is stored exclusively for the ordering and invoicing process. We store this data in our systems until the statutory retention periods have expired. These are generally 6 or 10 years for the purpose of proper accounting and tax law requirements.

Provision prescribed or required: The provision of your personal data is contractually necessary in order for us to be able to carry out our purchase contract with you. Without the provision of your personal data, we cannot complete your order.

 

Setting up a personal customer profile

Nature and purpose of the processing: We create a customer profile for you for better consideration of your wishes and preferences. To this end, we analyse your purchase and contract processing data and combine them in a customer profile. Purchase and contract implementation data include all kinds of data collected as part of an order or a purchase from BOGNER (e.g. purchase value, returns and product interests). This also includes the contact information you have given (e.g. your first and last name, your address, etc.).

Legal basis and legitimate interest: The legal basis for the evaluation of your purchase and contract data is based on our legitimate interest (Art. 6 (1) f) GDPR) to optimise and personalise our advertising activities.

Recipient: Recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website and for retail support.

Storage period: The data will only be processed in this context as long as you have not objected to such processing.

Provision prescribed or required: The provision of your personal data is neither legally nor contractually required. Without this data, we cannot optimise our offer and adapt it to your personal preferences.

Opposition: You can object to processing for the purpose of advertising at any time by contacting us by email: mydata@bogner.com.

 

Product availability

Nature and purpose of the processing: If a product is sold out in your size, you can choose to be informed by email as soon as the item becomes available again in the requested size. We need the size you requested as required information as well as a valid email address in order to send you this information. As soon as the item is available again, you will receive a notification of availability via email.

Legal basis and legitimate interest: The processing of your data is necessary for the implementation of pre-contractual measures (Art. 6 (1) b) GDPR).

Storage period: Your email address will be stored for 30 days exclusively for this purpose. If the item does not become available again after 30 days, your email address will be automatically deleted.

Recipient: The recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our website and for the use of this service.

Provision prescribed or required: The provision of your personal data is contractually necessary in order to be able to follow up on your request. Without the provision of your personal data, we cannot send you a notification as soon as the requested item is available again.

 

7.        Payment service providers

You have a choice of different payment service providers for the processing of your payment.

Payment by PayPal

We give you the option of processing the payment using the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg).

The transfer of your payment data to PayPal is necessary in the context of contract processing (Art. 6 (1) b) GDPR).

Depending on the payment method selected, PayPal reserves the right to conduct a credit check. Further information on this and on data processing by PayPal can be found in PayPal’s applicable data protection provisions at https://www.paypal.com/webapps/mpp/ua/privacy-full

Payment for purchase on account (BOGNER internal):

In the event that BOGNER makes advance payments (in the case of purchase on account for example), we transmit your data (name, address and, if applicable, date of birth) to infoscore Consumer Data GmbH, Rheinstrasse 99, DE-76532 Baden-Baden for the purpose of checking your creditworthiness, obtaining information for assessing the risk of non-payment on the basis of mathematical-statistical procedures using address data, and for verifying your address (checking for deliverability). The legal basis for these data transfers is Art. 6 (1) b) and Art. 6 (1) f) GDPR. Transmissions on the basis of these provisions may only be made insofar as this is necessary to safeguard the legitimate interests of our company or third parties, and does not override the data subject’s interests in their fundamental rights and freedoms, which require the protection of their personal data. Detailed information on the business purpose, for the purposes of the Basic Data Protection Regulation (EU GDPR), i.e. information on the business purpose, purposes of data storage, data recipients, the right to self-disclosure, the right to erasure or rectification, etc. can be found under the following link: https://finance.arvato.com/icdinfoblatt

Payment by credit card

When you pay by credit card, we collect and process personal data and forward it to the card-issuing institution for payment processing and to our payment service provider Computop (Computop Paygate GmbH, Schwarzenbergstr. 4 D-96050 Bamberg) in compliance with legal requirements, such as customer authentication in accordance with the EU Payment Services Directive PSD2. This includes the name of the credit card holder, credit card number, terminal number, expiry date of the credit card (month and year), country of origin of the credit card, date of birth of the ordering customer, order number, email address of the customer, customer number, address data (street, address suffix, postcode, city and country) and, in the case of commercial customers, the VAT ID and the company name.


As the merchant, we also cooperate with one or more merchant acquirers in the case of credit card payments. Acquirers are payment service providers regulated in accordance with the German Payment Services Supervision Act (Zahlungsdienstaufsichtsgesetz, ZAG), which carry out the acceptance and settlement of payment transactions for us. We and the acquirer are separately responsible for the processing, each in our own technical sphere of data influence, i.e. we are responsible for our internal network up to the secured transmission via the internet.
We currently work with the following payment service providers (acquirers), among others:


Payone:
PAYONE GmbH
Lyoner Straße 9
60528 Frankfurt am Main
info@payone.com
www.payone.com
Legal information
District Court Frankfurt am Main HRB 116860
VAT ID: DE185996311
Managing Directors: Niklaus Santschi, Frank Hartmann, Björn Hoffmeyer, Roland Schaar
Chairman of the Supervisory Board: Ottmar Bloching

PAYONE GmbH is authorised and supervised as a payment institution by the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht), Graurheindorfer Straße 108 in 53117 Bonn.

American Express Payment Services Limited:
Branch office Frankfurt a. M.
Theodor-Heuss-Allee 112
60486 Frankfurt
Competent supervisory authority: Hessian Commissioner for Data Protection and Freedom of Information (Hessische Beauftragte für Datenschutz und Informationsfreiheit )
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Telephone: 0611-1408 0
poststelle@datenschutz.hessen.de

 

8.         Cookies

Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. In this way, we automatically receive certain data about your computer and your connection to the internet such as your IP address, the browser used and operating system. Detailed information on the subject of cookies, and which cookies are used on this website (after consent), can be found at Cookie Policy.

 

9.         Social Media

You will find links to the websites of various social networks in the footer of our website. For information on the storage and use of your  data, as well as on your rights and options for setting your privacy protection, please refer to the Privacy Policy of the respective network operator:

 

10.     Data security

We only handle personal data insofar as data protection regulations allow. In so doing, we also strive to use all the necessary technical and organisational security measures to adequately protect your personal data from unauthorised access and misuse at all times.

Your data will only be passed on to service providers (contract processors) if it is necessary for the fulfilment of our contractual duties. All service providers are obliged to treat your data confidentially on the basis of an order processing agreement.

Insofar as we store or process personal data, this is done within a secure data centre. To protect the security of your data during transmission, we use encryption procedures (e.g. SSL) via HTTPS. Our servers are secured by means of a firewall and virus protection. Back-up and recovery procedures, as well as role and authorisation concepts, are standard for us.

Our employees are obliged to observe the regulations of the GDPR and the BDSG (Federal Data Protection Act) when handling data.

 

11.     Amendment of our data protection provisions

We reserve the right to adapt this data protection statement so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection statement, such as when introducing new services. The new data protection statement will then apply to your next visit.

 

12.     Right to object

Right to object on a case-by-case basis

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Art. 4 (4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

 

Recipient of an objection

The objection can be made informally with the subject “Objection”, stating your name, address or other identification to: mydata@bogner.com

 

 

Version: August, 2021

PDF Download