Policies | About Art

Legal Information

Right of Withdrawal

A consumer is any natural person who enters into a legal transaction for purposes that are predominantly neither commercial nor self-employed.

Right of Withdrawal

You have the right to withdraw from this contract within fourteen days without providing any reason. The withdrawal period is fourteen days from the day on which you or a third party designated by you, who is not the carrier, takes possession of the goods. To exercise your right of withdrawal, you must inform us (Ms. Kleinunternehmer, Mustakorventie 8, 34800 Virrat, +358 40 87 39 702, email: info@aboutart.fi) of your decision to withdraw from this contract by means of a clear statement (e.g., a letter sent by post or an email). You may use the attached model withdrawal form, but it is not mandatory. To meet the withdrawal deadline, it is sufficient for you to send the notification of the exercise of the right of withdrawal before the withdrawal period has expired.

Consequences of Withdrawal

If you withdraw from this contract, we will reimburse all payments received from you, including delivery costs (except for additional costs resulting from your choice of a delivery method other than the least expensive standard delivery offered by us), without undue delay and no later than fourteen days from the day we receive notification of your withdrawal from this contract. We will use the same means of payment for the reimbursement that you used for the original transaction, unless expressly agreed otherwise; in no case will you be charged fees for this reimbursement. We may withhold reimbursement until we have received the goods back or you have provided proof that you have sent the goods back, whichever is earlier. You must send back or hand over the goods to us without undue delay and in any event no later than fourteen days from the day you inform us of the withdrawal from this contract. The deadline is met if you dispatch the goods before the period of fourteen days has expired. You will bear the direct costs of returning the goods. You are only liable for any diminished value of the goods if the loss in value is due to handling of the goods that is not necessary for checking their nature, characteristics, and functioning.

Exclusion or Premature Expiration of the Right of Withdrawal

The right of withdrawal does not apply to contracts

for the delivery of goods that are not pre-fabricated and for the manufacture of which an individual choice or specification by the consumer is essential or which are clearly tailored to the personal needs of the consumer;
for the delivery of goods that are perishable or whose expiration date would quickly be exceeded;
for the delivery of alcoholic beverages, the price of which was agreed upon at the conclusion of the contract, but which cannot be delivered before 30 days after the conclusion of the contract and whose current value depends on fluctuations in the market which the entrepreneur cannot influence;
for the delivery of newspapers, magazines, or illustrated periodicals, except for subscription contracts.

The right of withdrawal expires prematurely for contracts

for the delivery of sealed goods that are not suitable for return due to health protection or hygiene reasons if their seal was removed after delivery;
for the delivery of goods if these are, due to their nature, inseparably mixed with other goods after delivery;
for the delivery of sound or video recordings or computer software in a sealed package if the seal was removed after delivery.

Model Withdrawal Form

(If you wish to withdraw from the contract, please complete this form and send it back.)

To: Ms. Kleinunternehmer
Mustakorventie 8
34800 Virrat
Email: info@aboutart.fi

I/We () hereby withdraw from the contract concluded by me/us () for the purchase of the following goods (*)
Ordered on ()/received on ()
Name of the consumer(s)
Address of the consumer(s)
Signature of the consumer(s) (only if sent by mail)
Date --------------------------------------- (*) Delete as applicable.

Source: Kanzlei Plutte

Privacy Policy

Data Protection at a Glance

General Information The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any information that can be used to identify you personally. For detailed information on data protection, please refer to our privacy policy listed below this text.

Data Collection on This Website
- Who is responsible for data collection on this website? The data processing on this website is carried out by the website operator. You can find their contact details in the section "Note on the Responsible Entity" in this privacy policy.
- How do we collect your data? Your data is collected in part by you providing it to us. This may include data you enter into a contact form. Other data is collected automatically or with your consent when you visit the website through our IT systems. This primarily includes technical data (e.g., internet browser, operating system, or time of page access). The collection of this data occurs automatically as soon as you access this website.
- What do we use your data for? Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior.
- What rights do you have regarding your data? You have the right to obtain information about the origin, recipients, and purpose of your stored personal data at any time and free of charge. You also have the right to request the correction or deletion of this data. If you have given consent for data processing, you can withdraw this consent at any time for the future. Additionally, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.
For further questions regarding data protection, you can always contact us.

Analysis Tools and Third-Party Tools When visiting this website, your browsing behavior may be statistically evaluated. This is done mainly using analysis programs. Detailed information about these analysis programs can be found in the following privacy policy.
Hosting

External Hosting This website is hosted externally. The personal data collected on this website is stored on the servers of the host. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated through a website.

The external hosting is done for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR). If consent was requested, processing is done exclusively based on Art. 6 (1) (a) GDPR and § 25 (1) TTDSG, as far as the consent covers the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) according to TTDSG. Consent can be withdrawn at any time.

Our host will process your data only to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

We use the following host(s): Webador / JouwWeb B.V. Torenallee 20 5617 BC Eindhoven NETHERLANDS
General Information and Mandatory Information

Data Protection The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this is done.

Please note that data transmission over the internet (e.g., when communicating via email) can have security gaps. A complete protection of data from access by third parties is not possible.

Note on the Responsible Entity The responsible entity for data processing on this website is: Agnieszka Wagenbreth Kunst Onlineshop About ART Mustakorventie 8 34800 Virrat Finland Phone: +358 40 87 39 703 Email: info@aboutart.fi

The responsible entity is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Retention Period Unless a more specific retention period is stated within this privacy policy, your personal data remains with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, deletion will occur after these reasons no longer apply.

General Information on the Legal Basis for Data Processing on This Website If you have given consent for data processing, we process your personal data based on Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, if special categories of data are processed according to Art. 9 (1) GDPR. In the case of explicit consent for the transfer of personal data to third countries, data processing is also based on Art. 49 (1) (a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is additionally based on § 25 (1) TTDSG. Consent can be withdrawn at any time. If your data is required for the performance of a contract or pre-contractual measures, we process your data based on Art. 6 (1) (b) GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation based on Art. 6 (1) (c) GDPR. Data processing may also be based on our legitimate interests according to Art. 6 (1) (f) GDPR. The relevant legal bases for processing are provided in the following paragraphs of this privacy policy.

Note on Data Transfer to Non-Secure Third Countries and Transfer to US Companies Not Certified under the DPF We use tools from companies based in non-secure third countries as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. Please note that in non-secure third countries, no data protection level comparable to that of the EU can be guaranteed.

We point out that the US, as a secure third country, generally has a data protection level comparable to the EU. Data transfer to the US is permitted if the recipient is certified under the "EU-US Data Privacy Framework" (DPF) or has suitable additional guarantees. Information on transfers to third countries, including data recipients, can be found in this privacy policy.

Recipients of Personal Data In the course of our business activities, we work with various external entities. This sometimes requires the transfer of personal data to these external entities. We only disclose personal data to external entities if this is necessary for the performance of a contract, if we are legally required to do so (e.g., transfer of data to tax authorities), if we have a legitimate interest according to Art. 6 (1) (f) GDPR, or if another legal basis permits the data transfer. When using processors, we only transfer personal data to our customers based on a valid contract for processing. In the case of joint processing, a joint processing agreement is concluded.

Revocation of Your Consent to Data Processing Many data processing operations are only possible with your explicit consent. You can withdraw any consent already given at any time. The legality of the data processing carried out up to the withdrawal remains unaffected by the withdrawal.

Right to Object to Data Collection in Specific Cases and to Direct Marketing (Art. 21 GDPR) IF THE DATA PROCESSING IS BASED ON ART. 6 (1) (E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE LEGAL BASIS FOR PROCESSING IS PROVIDED IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION UNDER ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING PURPOSES; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21 (2) GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority In the event of violations of the GDPR, affected individuals have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or the location of the alleged infringement. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to Data Portability You have the right to receive data that we process based on your consent or in fulfillment of a contract in an automated format, and to transfer it to yourself or to a third party in a common, machine-readable format. If you request the direct transfer of data to another controller, this will only be done if technically feasible.

Access, Correction, and Deletion You have the right, under applicable law, to request information about your stored personal data, its origin, recipients, and the purpose of data processing, and if necessary, to request correction or deletion of this data at any time. For this purpose, as well as for further questions about personal data, you can contact us at any time.

Right to Restriction of Processing You have the right to request the restriction of processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:
- If you contest the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data is unlawful, you may request the restriction of data processing instead of deletion.
- If we no longer need your personal data, but you need it to assert, exercise, or defend legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
- If you have objected under Art. 21 (1) GDPR, a balance must be struck between your and our interests. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of processing of your personal data.
If you have restricted the processing of your personal data, such data may – apart from storage – only be processed with your consent or for the assertion, exercise, or defense of legal claims or to protect the rights of another natural or legal person or for reasons of significant public interest of the European Union or a member state.

SSL and TLS Encryption For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the change in the browser’s address bar from "http://" to "https://" and the lock symbol in your browser's address bar.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data Collection on This Website

Cookies

Our website uses so-called "cookies." Cookies are small data packets that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies can be set by us (first-party cookies) or by third parties (third-party cookies). Third-party cookies allow the integration of specific third-party services within web pages (e.g., cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., shopping cart functionality or video display). Other cookies can be used to analyze user behavior or for advertising purposes.

Cookies that are necessary for conducting electronic communication processes, providing specific functions you have requested (e.g., for the shopping cart function), or optimizing the website (e.g., cookies for measuring web audience) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to provide their services in a technically error-free and optimized manner. If consent for storing cookies and similar recognition technologies has been requested, processing is carried out solely based on this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); consent can be withdrawn at any time.

You can configure your browser to notify you when cookies are set and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or generally, and activate the automatic deletion of cookies when closing the browser. Deactivating cookies may limit the functionality of this website.

You can find out which cookies and services are used on this website in this privacy policy.

Contact Form

When you send us inquiries via the contact form, we store the information from the inquiry form, including the contact details you provided, for the purpose of processing the inquiry and for follow-up questions. We do not share this data without your consent.

Processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if it was requested; consent can be withdrawn at any time.

The data you enter in the contact form remains with us until you request its deletion, withdraw your consent for storage, or the purpose for data storage no longer applies (e.g., after the completion of your inquiry). Mandatory legal provisions—especially retention periods—remain unaffected.

5. Social Media

Social Media Elements with Shariff

This website uses elements from social media (e.g., Facebook, X, Instagram, Pinterest, XING, LinkedIn, Tumblr).

You can usually recognize the social media elements by their respective logos. To ensure data protection on this website, we use these elements only together with the so-called "Shariff" solution. This application prevents the social media elements integrated on this website from transmitting your personal data to the respective provider upon your first visit to the site.

Only when you activate the social media element by clicking the corresponding button is a direct connection to the provider's server established (consent). Once you activate the social media element, the respective provider receives the information that you have visited this website with your IP address. If you are also logged into your social media account (e.g., Facebook) at the same time, the respective provider can associate your visit to this website with your user account.

Activating the plugin constitutes consent in the sense of Art. 6(1)(a) GDPR and § 25(1) TTDSG. This consent can be withdrawn at any time with effect for the future.

The use of the service is to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6(1)(c) GDPR.

Facebook

This website integrates elements from the social network Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.

An overview of Facebook's social media elements can be found here: Facebook Plugins.

When the social media element is active, a direct connection is established between your device and Facebook's server. Facebook receives information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the contents of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. Please note that as the provider of the site, we do not have knowledge of the content of the transmitted data or how Facebook uses it. For more information, see Facebook's privacy policy at: Facebook Privacy Policy.

The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be withdrawn at any time.

To the extent that personal data is collected on our website and forwarded to Facebook using the tools described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited to the collection of data and its transfer to Facebook. The processing by Facebook after forwarding is not part of this joint responsibility. Our joint obligations are detailed in a joint processing agreement. You can find the text of the agreement here: Controller Addendum. According to this agreement, we are responsible for providing privacy information when using the Facebook tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. Data subject rights (e.g., access requests) regarding data processed by Facebook can be asserted directly with Facebook. If you assert data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: EU Data Transfer Addendum, Facebook Help, and Facebook Policy.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Each company certified under the DPF commits to adhering to these data protection standards. Further information can be obtained from the provider at the following link: DPF Certification.

X (formerly Twitter)

This website incorporates functions from the X service (formerly Twitter). These functions are provided by the parent company X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. For data processing of individuals living outside the USA, the responsible entity is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

When the social media element is active, a direct connection is established between your device and the X server. X (formerly Twitter) receives information about your visit to this website. By using X (formerly Twitter) and the "Re-Tweet" or "Repost" function, the websites you visit are linked to your X (formerly Twitter) account and disclosed to other users. Please note that as the provider of the site, we do not have knowledge of the content of the transmitted data or how X (formerly Twitter) uses it. For more information, see X (formerly Twitter)’s privacy policy at: X Privacy Policy.

The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be withdrawn at any time.

Data transfer to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: Twitter GDPR Transfers.

You can change your privacy settings on X (formerly Twitter) in your account settings at Twitter Account Settings.

Instagram

This website incorporates functions of the Instagram service, provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When the social media element is active, a direct connection is established between your device and the Instagram server. This allows Instagram to obtain information about your visit to this website. If you are logged into your Instagram account, you can link the contents of this website to your Instagram profile by clicking the Instagram button. This enables Instagram to associate your visit to this website with your user account. Please note that as the website provider, we do not have knowledge of the content of the transmitted data or how Instagram uses it.

The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be withdrawn at any time.

Insofar as personal data is collected on our website and forwarded to Facebook or Instagram using the tools described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited to the collection of the data and its transfer to Facebook or Instagram. The processing of the data by Facebook or Instagram after transfer is not part of this joint responsibility. The joint obligations we have are detailed in a joint processing agreement. You can find the text of the agreement here: Controller Addendum. According to this agreement, we are responsible for providing privacy information when using the Facebook or Instagram tools and for the data protection-compliant implementation of the tools on our website. Facebook is responsible for the data security of the Facebook or Instagram products. You can directly assert data subject rights (e.g., access requests) regarding data processed by Facebook or Instagram with Facebook. If you assert data subject rights with us, we are obligated to forward them to Facebook.

Data transfer to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: EU Data Transfer Addendum, Instagram Privacy Policy, and Facebook Help.

For more information, see Instagram's privacy policy: Instagram Privacy Policy.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that ensures adherence to European data protection standards for data processing in the USA. Each company certified under the DPF commits to adhering to these data protection standards. Further information can be obtained from the provider at the following link: DPF Certification.

Pinterest

This website uses elements of the Pinterest social network, operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

When you visit a page that contains such an element, your browser establishes a direct connection to Pinterest’s servers. This social media element transmits log data to Pinterest’s servers in the USA. This log data may include your IP address, the addresses of the visited websites that also contain Pinterest functions, the type and settings of your browser, the date and time of the request, your use of Pinterest, and cookies.

The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be withdrawn at any time.

Further information about the purpose, scope, and further processing and use of the data by Pinterest, as well as your rights and options for protecting your privacy, can be found in Pinterest’s privacy policy: Pinterest Privacy Policy.

https://policy.pinterest.com/de/privacy-policy.

Source: https://www.e-recht24.de