Privacy Policy
Privacy Policy
Revision 22.11.2023
This Privacy Policy explains how we, Green Cloud Nine E.U., collect, use, share, and protect personal information about you in connection with your use of our e-commerce shop: Green Cloud Nine, in compliance with the European Union’s General Data Protection Regulation (GDPR).
If you have any questions or comments about this data protection declaration, you can send them to the email address given in the contact section.
Table of contents
1. General Information
a. Scope
b. How you can contact us
c. Definitions
d. Updates to this policy
2. What information do we collect?
3. How do we process your information?
4. What legal bases do we rely on to process your personal information?
5. When and with whom do we share your personal information?
6. Do we use cookies and other tracking technologies?
7. How long do we keep your information?
8. How do we keep your information safe?
9. What are your privacy rights?
10. How can you review, update, or delete the data we collect from you?
1. General Information
a) Scope
Data protection is of a particularly high priority for Green Cloud Nine. If the processing of personal data is necessary and there is no statutory basis for such processing, we obtain consent from the data subject.
The handling of personal data, including but not limited to the individual's name, address, email address, or phone number, will consistently adhere to the principles outlined in the General Data Protection Regulation (GDPR). Additionally, it will comply with the specific data protection regulations that are applicable within the respective country.
By means of this data protection declaration, we inform you about the type, scope and purpose of the personal data collected by Green Cloud Nine, which are processed both when you visit our website and during the processing of other data under our responsibility that is not related to this website. Furthermore, we inform data subjects about the rights to which they are entitled.
b) Contac: Name and address of the controller
The person responsible for data processing - i.e., the person who decides on the purpose and means of processing personal data in connection with the processing is:
You can also address any questions or comments about this privacy notice to: support@greencloudnine.com.
c) Definitions
The data protection declaration of Green Cloud Nine is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection policy aims to be clear and comprehensible to the general public, as well as our valued customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, among others, the following terms:
Personal data
Personal data refers to any information that pertains to an identified or identifiable individual ("data subject"). An identifiable individual is someone who can be directly or indirectly recognized by factors such as their name, identification number, location data, online identifier, or other specific elements related to their physical, physiological, genetic, mental, economic, cultural, or social identity.
Data subject
A data subject refers to any identified or identifiable natural person whose personal data is being processed by the responsible controller.
Processing
Processing encompasses any operation or set of operations performed on personal data or sets of personal data, whether automated or not. It includes collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or making available in any other way, alignment or combination, restriction, erasure, or destruction.
Restriction of processing
Restriction of processing involves marking stored personal data with the intention of limiting its processing in the future.
Profiling
Profiling encompasses any form of automated processing of personal data used to assess specific aspects related to a natural person. This includes analyzing or predicting aspects concerning the individual's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Pseudonymisation
Pseudonymisation refers to the processing of personal data in such a way that it can no longer be attributed to a specific data subject without additional information. This additional information must be kept separately and subject to technical and organizational measures to ensure that the personal data cannot be attributed to an identified or identifiable natural person.
Controller or person responsible for the processing
The controller, or person responsible for the processing, is the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of processing personal data. If the purposes and means of processing are determined by Union or Member State law, the controller may be designated by Union or Member State law..
Processor
A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
Recipient
A recipient refers to a natural or legal person, public authority, agency, or other body to which the personal data is disclosed. This can include third parties. However, public authorities receiving personal data in the context of a specific inquiry, in accordance with Union or Member State law, are not considered recipients. The processing of such data by these public authorities must adhere to applicable data protection rules according to the purposes of the processing.
Third party
A third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent
Consent of the data subject is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
d) Updates to this policy
We might change this Privacy Policy sometimes to stay compliant with applicable laws. The new version will have a new 'Revised' date, and it will start working from the moment it is published. If we make important changes, we might let you know by putting a prominent notice up or sending you a direct message. Please check this Privacy Policy often so you know how we are protecting your information
2. What information do we collect?
We collect personal information provided by you when you use our e-commerce shop, including but not limited to your name, email address, billing and shipping addresses, phone number, and payment information.
We also collect information automatically about your device and your use of our e-commerce shop or navigate any of our services, such as your IP address, browser type, and the pages you visit.
This information does not disclose your specific identity (such as your name or contact information), but it may include device and usage details, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, or information about how and when you use our services, and other technical information. This information is primarily necessary to maintain the security and functionality of our services, as well as for internal analytics and reporting purposes.
We do not process sensitive information.
3. How do we process your information?
We use your personal information to process and fulfil your orders, to communicate with you about your orders, and to provide you with customer service. We may also use your personal information to send you marketing communications about our products and services, but only if you have opted in to receive such communications.
We process your personal information for a variety of reasons, depending on how you interact with our Services. This includes but it is not limited to:
§ To respond to user inquiries and to support users. We may process your information to respond to your inquiries and solve any issues you might potentially have with our services.
§ To send administrative information to you. We may process your information to inform you about changes to our terms and conditions, policies or about our products and services,
§ To fulfil and manage your orders. We may process your information to fulfil and manage your orders, payments, returns, and exchanges made through our Services.
§ To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
§ To send you marketing and promotional communications. We may process the personal information you send to us for our marketing purposes, and always in accordance with your marketing preferences. You can opt out of our marketing emails at any time (see your privacy rights in section 9 below).
§ To identify trends about usage. We may process information about how you use our Services to better understand how they are being used so we can improve them.
§ To determine the effectiveness of our marketing and promotional campaigns. We may analyze your information to gain a better understanding of how to deliver marketing and promotional campaigns that are highly relevant to your interests.
§ To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm (see section 4 below).
§ To enable user-to-user communications. We may process your information if you choose to use offerings that allow for communication with another user.
4. What legal basis do we rely on to process your personal information?
We process your personal information for the purposes described above based on your consent, which you may withdraw at any time, or based on our legitimate interests in operating our e-commerce shop, fulfilling orders or other contractual obligations, and providing customer service.
Art. 6 (1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose.
§ Consent. We may process your information if you have given us permission to use it for a specific purpose. You can withdraw your consent at any time. Please review the section “withdrawing consent” in section 9.g)
§ Performance of a Contract. In order to successfully fulfill a contract with you, there may be instances where it is necessary for you to provide us with personal data that we will subsequently process. Failure to provide the required personal data may result in the inability to conclude the contract with you.
§ You have no obligation to provide data but failure to provide required data (data that are marked as mandatory or required information when entered), will lead to the impossibility to provide the relevant service or to our services not being provided in the same form and quality.
§ Legitimate Interests. Our legitimate interest is to conduct our business keeping in mind the well-being of all our employees, users, and shareholders. We process your data only to the extent allowed by the law according to the Art. 6 Para. 1 GDPR.
we may process your information when we believe it is reasonably necessary to pursue our legitimate business interests, provided that these interests do not override your interests, fundamental rights, and freedoms. For example, we may process your personal information to:
o Send users information about special offers and discounts on our products and services
o Analyse how our products and services are used in order to improve them to engage, retain users or to improve user experience
o Support our marketing activities.
§ Legal Obligations. We may process your information when we deem it necessary to comply with our legal obligations, such as cooperating with law enforcement or regulatory agencies, exercising or defending our legal rights, or disclosing your information as evidence in legal proceedings in which we are involved.
§ Vital Interests. In rare cases, processing of your information may be necessary to protect your vital interests or those of another natural person, such as potential threats to the safety of any person.
5. When and with whom do we share your personal information?
We may share your personal information with third-party service providers that help us operate our e-commerce shop, such as payment processors and shipping providers. We may also share your personal information as required by law or to protect our rights, property, or safety, or the rights, property, or safety of others.
§ Sellers, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services on our behalf and require access to such information to carry out their work. These third parties, cannot process your personal information unless instructed by us. Also, contractually they are not allowed to share your personal information with any organisation apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct.
Third party providers with whom we share personal data include, but are not limited to the following categories:
o Payment Processors
o Order Fulfilment Service Providers
o Testing Tools
o Data Analytics Services
o Data Storage Service Providers
o Retargeting Platforms
o Website Hosting Service Providers
o Finance & Accounting Tools
o Cloud Computing Services
o Communication & Collaboration Tools
o Performance Monitoring Tools
o Sales & Marketing Tools
o User Account Registration & Authentication Services
§ Your personal information may be shared in the following situations:
o If there is a merger, sale of company assets, financing, or acquisition of all or part of our business by another company, we may need to share or transfer your information.
o Furthermore, We may share your information with our affiliates. This might include our parent company, subsidiaries, joint venture partners, or other companies that are under common control with us. We will ensure that these affiliates abide by our Privacy Policy.
o We may also share your information with our business partners to provide you with specific products, services, or promotions.
o Transmission to government authorities Personal data will only be transmitted to state authorities (including law enforcement authorities) if deemed necessary to fulfil a legal obligation to which we are subject or to assert, exercise or defend against Legal claims as required (as per Art. 6 Para. 1 GDPR)
o International Data Transfers. Your personal information may be transferred to and processed in countries outside the European Economic Area (EEA), which may not have the same data protection laws as the country in which you reside. In such cases, we will ensure that appropriate safeguards are in place to protect your personal information, such as standard contractual clauses approved by the European Commission.
6. Cookies and other tracking technologies
We may use cookies and similar tracking technologies (like pixels and web beacons) to collect, store, and/or share information about our users’ activities. Our cookie Policy below, sets out information about how we use such technologies and how you can refuse certain cookies.
7. How long do we keep your information?
We will retain your data only for the duration necessary to fulfill the specific processing purposes stated in this Privacy Policy, unless otherwise mandated by law.
Data will be regularly deleted every 2 years unless there is a reason to keep it for a longer period. For example:
§ The fulfilment of commercial and tax retention obligations
§ Obtaining evidence for legal disputes within the framework of the statutory statute of limitations
We can also store your data longer if you have expressly given your consent for this or if the data has been anonymized or sufficiently pseudonymized.
8. How do we keep your information safe?
To ensure the utmost protection of personal data processed through this website, Green Cloud Nine has implemented a variety of technical and organizational measures. These precautions relate to protection against unauthorised, illegal, or accidental access, processing, loss, use and manipulation.
Notwithstanding our efforts, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. Please note that we therefore assume no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and / or unauthorised access by third parties (e.g., hacking attacks on e-mail accounts or telephone, interception of faxes, etc.).
Therefore, every data subject has the option to transfer personal data to us via alternative methods, such as by telephone.
9. What are your privacy rights?
a) Right to information and to access
In accordance with Art. 13, 14 and 15 GDPR, you have the right to know whether we are processing personal data concerning you, which personal data this may be, as well as further information, such as whether your personal data are transferred to a third country or to an international organisation.
You also have the right to access all personal data belonging to you that we are processing.
If you would like information about your personal data at Green Cloud Nine (e.g., categories of personal data, who sees the data how long it is stored, etc.), please contact us at: support@greencloudnine.com.
b) Right to rectification
You have the right to request us “without delay” to correct any inaccurate or out-of-date personal data concerning you (Art. 16 GDPR). The data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If you believe that any information we hold is incorrect or incomplete, you can:
§ Log in your user profile on our website and modify you details or contact preferences.
§ Contact us to request the correction or completion at support@greencloudnine.com
c) Right to erasure ("right to be forgotten")
You have the right to demand that we delete personal data concerning you “without undue delay” in the cases stated in Art. 17 Paragraph 1. GDPR and if the processing is not required for one of the purposes regulated in Art. 17 Paragraph 3 GDPR.
When we delete your data, we will also share your erasure request with other controllers or processors with whom we have a contract so they can also erase any links to, or copy or replication of your personal data, as far as processing is not required.
d) Right to restriction of processing
You have a right to request a restriction in the processing of your personal data under certain conditions, as stipulated in Art. 18 Para. 1 a) to d) GDPR.
For instance, if you request us to verify the accuracy of your data or if you have objected to the use of your data, we may need to assess whether there are compelling legitimate grounds that override your objections. In the cases where processing is restricted, we are allowed to retain sufficient information about you to ensure that the restriction is respected in the future.
e) Right to data portability
As stated in Article 20 of the GDPR, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. Additionally, you have the right to transmit this data to another data controller without any hindrance from our side. This should only apply if the processing is based on consent pursuant to point Article 6 Paragraph1 a) of the GDPR or Article 9 Paragraph 2 a) of the GDPR, or on a contract pursuant to point (b) of Article 6 Paragraph 1 of the GDPR, and the data is processed automatically.
f) Right to object
You have the right to object, at any time, to your data processing, including profiling, when it is on grounds relating to your situation (Art. 21 GDPR and Art. 6 Para.1 e) and f)). This also applies to profiling based on these provisions. We will cease processing your data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if it is proven necessary for the establishment, exercise, or defense of legal claims.
You have the right to object at any time to our using your personal information to send you marketing information. You also have the right, for reasons that arise from your situation, to object at any time with future effect to the processing of personal data relating to you, which is carried out in accordance with Art. 6 Paragraph 1 e) and f) GDPR. This also applies to profiling based on these provisions.
You can exercise your right of objection free of charge. You can contact us using the contact details given under Section 1.b)
Hyperlinks and iFrames
Our website may contain hyperlinks to websites of other providers. If you call up such a hyperlink, you will be redirected from our website directly to the website of the other provider. Since we have no influence or insight into whether these companies comply with data protection regulations, we cannot accept any responsibility for the handling of your personal data on those websites.
g) Right to withdraw data protection consent.
If the processing is based on your consent, you have the right to withdraw your consent at any time. This does not affect the legality of the processing conducted based on the consent up to the point of revocation. There are several ways you can withdraw your consent:
§ Click the unsubscribe link in any of our email communications.
§ Change your preferences from your user account on our website.
§ Contact us to request the removal at support@greencloudnine.com
h) Right to lodge a complaint.
You have the right to lodge a complaint with the relevant supervisory authority in the event you consider that the processing of your personal data infringes existing data protection regulations.
The contact details for such complaints can be found here: .
The national supervisory authority for data protection in the Republic of Austria is the Austrian Data Protection Authority
10. How can you review, update, or delete the data we collect from you?
Based on applicable laws of your country, you may have the right to request to review, update, or delete your personal information. If you wish to do so, please submit a request to support@greencloudnine.com.
Cookies Policy
This Cookie Policy explains what cookies are, how we use them, and what choices you have regarding their use on our Green Cloud Nine e-commerce store, which is hosted on Shopify. This policy is in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.
We also include information on how you can prevent or object to data processing. Please note that the so-called "opt-out", i.e., the rejection of processing, is usually saved via cookies. If you use our services via a new device or in a different browser, or if you have deleted the cookies set by your browser, you must declare your rejection again.
The tracking procedures used by us, only process personal data in pseudonymous form. A connection with a specific, identified natural person, i.e., a merging of the data with information about the bearer of the pseudonym, does not take place.
What are Cookies?
Cookies are small text files that are placed on your device when you visit a website. They are used to collect information about your browsing behaviour, such as your preferences and activities on the site.
Types of Cookies
We use the following types of cookies on our e-commerce store:
§ Strictly necessary cookies: These are essential cookies that enable you to use our website's features and services, such as shopping cart and checkout. They do not require your consent, and you cannot opt-out of them.
§ Performance cookies: These cookies collect anonymous data about how you use our website, such as which pages you visit and any errors you encounter. They help us improve our website's performance and provide a better user experience. These cookies require your consent, which you can withdraw at any time.
§ Functionality cookies: These cookies remember your preferences and settings on our website, such as your language and currency preferences. They enhance your user experience by personalizing your visit. These cookies require your consent, which you can withdraw at any time.
§ Targeting cookies: These cookies track your browsing behaviour across websites to deliver personalized ads and content based on your interests. We do not use targeting cookies on our website.
How We Use Cookies
We use cookies to:
§ Analyse and improve our website's performance and functionality.
§ Personalize your browsing experience by remembering your preferences and settings.
§ Facilitate your use of our shopping cart and checkout.
§ Provide anonymized data to third-party analytics tools.
Third-Party Cookies
We use third-party services, such as Google Analytics and Facebook Pixel, to analyse our website's traffic and improve its performance. These services may also place cookies on your device to track your browsing behaviour across websites. We do not control these cookies and their data collection practices. Please refer to their respective privacy policies for more information.
Your Choices
You can control cookies on our website through your browser settings. Most browsers allow you to block or delete cookies entirely or selectively. However, please note that blocking or deleting cookies may affect your browsing experience and prevent you from using certain features on our website.
You can also withdraw your consent to non-essential cookies at any time by clicking on the "cookie settings" link on our website's footer.
Contact Us
If you have any questions or concerns about our Cookie Policy, please contact us at support@greencloudnine.com.