The following data protection declaration applies to the processing of personal data processed by BUY MY BOOKS LDA, info (at) kamuicosplay.com, as data protection officer in the context of the initiation of contracts and the fulfillment of services from the online shop at https://www.kamuicosplay.com/.

The BUY MY BOOKS LDA can be reached via the e-mail address info@kamuicosplay.com

1. We process the following data to fulfill our obligations:

• inventory data (e.g. names, addresses).
• Contact details (e.g. e-mail, telephone numbers).
• Contract data (e.g. subject matter of the contract, duration, customer category).
• Payment data (for example, bank details, invoices, payment history).

2. We process these data for the following purposes:

• Office and organizational procedures.
• Contact requests and communication.
• Contractual performance and service.
• Management and response to requests.

The following legal bases from the basic data protection regulation apply to the processing of personal data: Art. 6 para. 1 sentence 1 lit. a DSGVO, Art. 6 para. 1 sentence 1 lit. b. DSGVO, Art. 6 para. 1 sentence 1 lit. c. DSGVO and Art. 6 para. 1 sentence 1 lit. f. DSGVO

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to achieve an adequate level of data protection.

In order to fulfill our own obligations, such as the preparation of tax returns, we transfer data to persons who are expressly bound to secrecy and who guarantee the same level of data protection as we ourselves contractually guarantee. For this purpose, transfers of data from our shop system can be transferred in CSV format.

We do not pass on data to third parties, unless we are expressly entitled to do so without the user’s consent or the user expressly agrees to this.

We are entitled to use your data, as far as permitted, for our own marketing purposes and to contact you, for example, for further services or our own marketing. In this case you have the right to object to further use for marketing purposes.

3. Revocation and Opposition (opt-out)

Depending on whether the processing takes place on the basis of consent or legal permission, you have the possibility to revoke a given consent at any time, provided that permission does not entitle us to further storage.

4. Commercial and business services

We process the data of contractual and business partners, e.g. customers and interested parties within the scope of contractual and comparable legal relationships as well as associated measures and within the scope of communication with the contractual partners (or pre-contractual), e.g. to answer enquiries.

We process these data for the fulfillment of our contractual obligations, for securing our and the purposes of the administrative tasks associated with these data as well as for the business organization.

We delete data after expiry of legal warranty and comparable obligations or as long as they have to be kept for legal reasons of archiving. We shall delete data that is disclosed to us by the contractual partner within the scope of an order after the end of the order.

5. Data processing

5.1 Making Contact

When contacting us, the data of the inquiring persons will be processed to the extent necessary to answer the contact requests and possible requested measures.

The answering of contact requests within the framework of contractual or pre-contractual relations is carried out in order to fulfill our contractual obligations or to answer (pre)contractual requests and otherwise on the basis of the legitimate interest in answering the requests.

• Processed data types: inventory data such as name or address, contact data such as e-mail or telephone numbers and content data.
• Persons concerned: Communication partners.
• Purposes of the processing: contact requests and communication.
• Legal bases: Fulfillment of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b. DSGVO), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. DSGVO)

5.2 Payment Providers

For the purpose of contract processing we offer the payment option via the provider PayPal.  This provider provides its own privacy policy, which can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Personal data is only stored on the server and system of PayPal. On our system there is only a message by automated system that a payment was successfully made.

• Purposes of processing: fulfillment of contractual obligations
• Legal bases: Fulfillment of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b. DSGVO), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. DSGVO)

5.3 Social Media Plugins

Facebook plugins

Plugins of the social network Facebook (Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA) are integrated on our pages in order to share content.

When you visit our pages and shop, the plugin may establish a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our site with your IP address. You can find further information on this in the facebook privacy policy at http://de-de.facebook.com/policy.php.

If you do not want Facebook to be able to assign visits to our pages to your Facebook user account, please log out of your Facebook user account.

Twitter plugins

Functions of the Twitter service are integrated on our pages. These functions are offered by Twitter Inc, Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transferred to Twitter.

We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. Further information on this can be found in the Twitter privacy policy at http://twitter.com/privacy.

You can change your privacy settings on Twitter in the account settings at http://twitter.com/account/settings

Integration of YouTube videos

We integrate the videos of the platform “YouTube” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Integration of Instagram

Within our online offer, functions and contents of the service Instagram can be integrated, offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. This may include, for example, content such as images, videos or text and buttons that allow users to express their favorites regarding the content, to notify the authors of the content or to subscribe to our articles. If users are members of the Instagram platform, Instagram may associate the access to the above content and features with the user’s profile. Instagram Privacy Policy: http://instagram.com/about/legal/privacy/.

5.4 Amazon Partner Program

We are entitled to make use of our online offer on the basis of our legitimate interests (i.e. interest in the economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO), we are participants in the Amazon US partner programme, which was designed to provide a medium for websites, by means of which advertising costs can be earned by placing advertisements and links to Amazon.de (so-called affiliate system). Amazon uses cookies to track the origin of orders. Among other things, Amazon can recognize that you clicked the affiliate link on this website and then purchased a product from Amazon.

For more information about Amazon’s use of data and how to opt-out, please see the company’s privacy policy:

https://www.amazon.com/gp/help/customer/display.html?nodeId=468496.

5.5 User tracking

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) we use Google Analytics, a web analysis service of Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the website by the user is usually transferred to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAItatus=Active).

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. The processed data can be used to create pseudonymous user profiles of the users.

We only use Google Analytics with activated IP anonymisation. This means that the IP address of users is shortened by Google within member states of the European Union or in other states that are parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there.

The IP address transmitted by the user’s browser is not merged with other data from Google. Users can prevent the storage of cookies by adjusting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

5.6 Cookies

Cookies” are small files that are stored on the user’s computer. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after his visit to an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example, the contents of a shopping cart in an online shop or a login jam can be stored.

If you do not want users to have cookies stored on your computer, you are asked to deactivate the corresponding option in the system settings of your browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional limitations of this online offer.

We inform you about cookies by means of a cookie banner and give you the possibility to deactivate or activate not purely functional cookies before visiting our pages. If you select the option that only functional cookies should be set, our website does not set any marketing cookies.

5.7 Third party services

Within our online offer, we set the following priorities on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO), we use content or service offers from third parties in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).

This always assumes that the third party providers of this content are aware of the IP address of the users, as without the IP address they would not be able to send the content to their browsers. The IP address is therefore necessary for the display of this content. We make every effort to use only such content whose respective providers use the IP address only to deliver the content. Third party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain technical information on the browser and operating system, referring web pages, visiting time and other details on the use of our online offer, as well as being linked to such information from other sources.

5.8 Newsletter

We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter “newsletters”) only with the consent of the recipients or a legal permission. If the contents of the newsletter are specifically described in the context of a registration for the newsletter, they are decisive for the consent of the users. Furthermore, our newsletters contain information about our services and us.

The registration to our newsletter is done in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with foreign e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the time of registration and confirmation as well as the IP address. Changes to your data stored with the delivery service provider are also logged.

To subscribe to the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to enter a name for personal contact in the newsletter.

Germany: The dispatch of the newsletter and the associated measurement of success is based on the consent of the recipients in accordance with Art. 6 Para. 1 lit. a, Art. 7 DSGVO in conjunction with § 7 Para. 2 No. 3 UWG or on the basis of the legal permission in accordance with § 7 Para. 3 UWG.

The registration procedure is recorded on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f DSGVO. We are interested in the use of a user-friendly and secure newsletter system that serves our business interests and meets the expectations of the users and also allows us to prove that they have given their consent.

Cancellation/revocation – You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them for the purpose of sending the newsletter, in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of a consent is confirmed at the same time.

You can cancel your subscription to the newsletter at any time. Please send your cancellation to the following e-mail address: Info@kamuicosplay.com or use the “unsubscribe” function at the end of the newsletter. We will then immediately delete your data in connection with the newsletter dispatch.

5.9 Comments

If you leave comments or other contributions, your IP addresses may be stored based on our legitimate interests. This is done for our security, you leave in illegal content. Furthermore, we reserve the right to process the information provided by users for the purpose of spam detection on the basis of our legitimate interests.

On the same legal basis, we reserve the right to store the IP addresses of users for the duration of surveys and to use cookies to avoid multiple voting.

5.10 User account

You can create a user account. During the registration process, you will be provided with the required mandatory data and processed for the purpose of providing the user account on the basis of contractual obligations. The processed data includes in particular the login information (name, password and an e-mail address). The data entered during registration is used for the purpose of using the user account and its purpose.

When using our online accounts, the IP address and other necessary data are saved. The storage is based on our legitimate interests and for the purpose of contract processing. 

5.11 Hosting

The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical maintenance services which we use for the purpose of operating this online offer.

In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO (conclusion of contract processing agreement).

6. Modification and updating of the data protection declaration

We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes make it necessary for you to cooperate (e.g. consent) or to receive other individual notification.

If we provide addresses and contact information of companies and organizations in this privacy policy, please note that the addresses may change over time and please check the information before contacting us.

7. Rights in the USA

The law of the European Union is exclusively applicable to Kamui Cosplay GbR.

We would like to point out the following in purely declaratory terms:

7.1 California Online Privacy Protection Act

CalOPPA is the first state law in the nation that requires commercial websites and online services to publish a privacy policy. The scope of the law extends well beyond California and requires any person or company in the United States (and possibly worldwide) that operates Web sites that collect personal information from California consumers to post a prominent privacy policy on their Web site that clearly states the information collected and the individuals or companies with whom it is shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

7.2 According to CalOPPA, we agree with the following:

Users can visit our website anonymously.

Once this privacy policy is created, we will add a link to it on our home page, or at least on the first important page after you enter our site.

Our privacy policy link contains the word “privacy” and can be easily found on the page above.

You will be notified of any changes to the privacy policy:

       – On our data protection page

You can change your personal data:

       – By e-mail to us

       – By logging into your account

How does our website deal with the “Don’t Track” signals?

We honor “Don’t Track” signals and “Don’t Track”, implant cookies or use advertising when a “Don’t Track” browser mechanism (DNT) is present.

Does our website allow third parties to track behavior?

It is also important to note that we do not allow any third party tracking of behavior.

7.2 COPPA (Children’s Internet Privacy Protection Act)

When it comes to collecting personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) has parental control. The Federal Trade Commission, the United States consumer protection agency, enforces the COPPA rule, which sets out what operators of websites and online services must do to protect the privacy and safety of children online.

We do not market specifically to children under the age of 13.

7.3 Fair information practices

The Principles for Fair Information Practices are the backbone of data protection law in the United States, and the concepts contained therein have played an important role in the development of data protection legislation worldwide. Understanding the principles of fair information practices and how they should be implemented is critical to compliance with the various privacy laws that protect personal information.

In order to comply with the principles of fair information practice, we will take the following measures in the event of a data breach:

We will notify you by e-mail

       – Within 1 working day

We notify users via on-site notification

       – Within 1 working day

We also agree with the principle of individual redress, which requires that individuals have the right to enforce enforceable rights against data collectors and processors who fail to comply with the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals take legal action in the courts or government agencies to investigate and/or prosecute non-compliance by data processors.

7.4 Can-Spam Act

The CAN-SPAM Act is a law that sets the rules for commercial e-mail, sets requirements for commercial messages, gives recipients the right to stop sending e-mail, and provides severe penalties for violations.

We collect your e-mail address to record it:

       – send information, respond to inquiries and/or answer other inquiries or questions

       – process orders and send information and updates regarding the orders

       – send you additional information about your product and/or service

       – Promote to our mailing list or continue to send emails to our customers after the original transaction has taken place.

To be in accordance with CANSPAM, we agree to the following:

       – Not to use false or misleading subject lines or email addresses.

       – To reasonably identify the message as advertising.

       – To indicate the physical address of our office or location.

       – Monitor third party email marketing services for compliance if one is used.

       – Respond quickly to requests to unsubscribe or cancel subscriptions.

       – Allow users to unsubscribe using the link at the bottom of each email.

8. Your data subject rights

As data subjects, they are entitled to various rights under the DSGVO, which result in particular from Art. 15 to 18 and 21 DSGVO:

• Right of objection: You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 paragraph 1 letter e or f of the DPA; this also applies to profiling based on these provisions. If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is linked to such direct marketing.
• Right of withdrawal in case of consent: You have the right to revoke consents given at any time.
• Right of access: You have the right to obtain confirmation as to whether or not data in question are being processed and to be given access to such data and to receive further information and copies of the data in accordance with the law.
• Right of rectification: You have the right to request the completion of data concerning you or the rectification of incorrect data concerning you, in accordance with the law.
• Right to erasure and restriction of processing: You have the right to request that data concerning you be erased immediately in accordance with the law or, alternatively, to request a restriction of processing of the data in accordance with the law.
• Right to data transferability: You have the right to receive data concerning you which you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements or to request that it be transferred to another responsible party.
• Complaining to the supervisory authority: You also have the right, in accordance with the law, to complain to a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you is in breach of the DPA.

9. Google AdSense

Our website uses Google AdSense. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google AdSense integrates advertisements and sets cookies. Cookies are small text files that your web browser stores on your device in order to analyze the use of the website. Google AdSense also uses web beacons. Web beacons are invisible graphics that allow an analysis of visitor traffic on our website.

Information generated by cookies and web beacons is transmitted to Google servers and stored there. The server is located in the USA. Google can pass this information on to contractual partners. However, Google will not merge your IP address with other data stored about you.

The storage of AdSense cookies takes place on the basis of Art. 6 Para. 1 lit.f GDPR. As a website operator, we have a legitimate interest in analyzing user behavior in order to optimize our website and advertising.

With a modern web browser you can monitor, restrict and prevent the setting of cookies. Deactivating cookies can restrict the functionality of our website. By using our website, you declare that you consent to the processing of the data collected about you by Google in the manner described above and for the purpose stated above.