Easy Returns.
Black Friday deal is liveZeus Arc at Lowest Price EverUse the code BFCM to get a 15% off*
Black Friday deal is liveZeus Arc at Lowest Price EverUse the code BFCM to get a 15% off*
Black Friday deal is liveZeus Arc at Lowest Price EverUse the code BFCM to get a 15% off*
Black Friday deal is liveZeus Arc at Lowest Price EverUse the code BFCM to get a 15% off*
Black Friday deal is liveZeus Arc at Lowest Price EverUse the code BFCM to get a 15% off*
Toggle Nav
Trustpilot  4.5
Google rating badge showing 4.7 out of 5 starsGoogle rating badge showing 4.7 out of 5 starsGoogle rating badge showing 4.7 out of 5 stars 4.7
Cancel
customer service
Customer Support +49(0)71138934024
Customer SupportCustomer Support
+49(0)71138934024
trackTrack Your Order
ReturnStart a return
ChatChat
0 Compare
My Cart £0.00 0
  • Home
  • Privacy Policy

DATA PROTECTION

Download

With this data protection declaration, we explain to you as the person responsible for data processing in accordance with the provisions of Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR) about the type, scope and purpose of the processing of personal data in connection with our website.

We want to inform you about how your personal data is managed. This Data Privacy page will list the collection, processing, and use of personal data on TVAPE's websites.. We gather, process, and use personal data to complete orders, provide marketing services, and enhance the content and functions of our products and websites. We also collect, process, and use this data for advertising and market research purposes, as long as you have given consent.

If you consent to this Data Privacy Declaration (by checking the box on our website referring to this declaration), you allow the responsible party to use the data collected on this website for advertising and market research purposes..

1. Contact Information

This data privacy information pertains to data processing by:

[Thermodyne Systems] GmbH

Esperantostraße 8B, 70197 Stuttgart, Germany.

For any questions regarding data privacy, please contact us cs@tvape.de

2. Collecting and Saving Personal Data, and the Type and Purpose of Data Usage

  • When You Visit Our Website:

    • Information is automatically sent to our servers by your browser. This information includes: IP address of the requesting computer, date and time of access, name and URL of the accessed page, referrer URL if applicable, browser type and operating system, status codes and amount of data transferred, type of terminal device used, search terms that led to the website, your access provider's name.
  • This data is temporarily saved in a log file and used to:
    • Ensure smooth connection to the website
    • Facilitate comfortable use of the website
    • Assess system security and stability
    • Anonymized statistical evaluation of accesses
    • Optimization of the website
    • Disclosure to law enforcement authorities if there has been an unlawful intrusion/attack on our systems
    • Other administrative purposes
  • The legal basis for this data processing is Art. 6(1)(f) GDPR, as we have a legitimate interest in ensuring website functionality and security. We do not use this data to identify you personally unless illegal use of our services is suspected.

  • When You Sign Up for Our Newsletter:

    With your express consent per Art. 6(1)(a) GDPR, when you sign up for our newsletter we will use your email address to send you exclusive Email promotions, purchase order information, abandoned cart information, viewed product promotions and other Marketing Communications. You only need to provide your email address to receive it by signing up in the footer of our website or in the popup. You can unsubscribe at any time by clicking the link in all of our emails (at the bottom) or you can email cs@tvape.de and request it.

  • When Registering or Placing an Order in Our Online Shops:

    To place an order or create an account, you need to provide personal data such as your name, cart data, age, delivery and billing addresses, and payment information. This data is necessary to complete the purchase agreement. Additionally information about said order will also be sent via email, used for Marketing Programs based on Implied Consent.

  • Contract data:

    In connection with and for the purpose of fulfilling pre-contractual measures and contractual obligations via our website, which are carried out at the request of the data subject, we process the data from the data subject required to fulfill the contract. This includes:
    • Data of the contractual partner, such as name, address and contact details, if applicable different delivery or billing addresses or recipients and date of birth;
    • Contract data, such as contract subject matter, term, customer category.
    • Payment data such as bank details, credit card details, payment history.
    • The data will only be passed on to third parties to the extent that this is necessary to fulfill pre-contractual measures and contractual obligations, e.g. to banks, payment service providers, credit card companies to process payments and to shipping service providers to send goods.
    • The legal basis for this data processing is Art. 6(1)(f) GDPR, as we have a legitimate interest in ensuring website functionality and security. We do not use this data to identify you personally unless illegal use of our services is suspected.

  • Reviews:

    If you leave reviews on our website, your IP address will be stored on the basis of our legitimate interests within the meaning of Article 6 (1) (f) GDPR and then anonymized. The purpose of storing your IP address is so that we can take action against spam in order to protect our website.

3. Transmission of Data

Your personal data is only transmitted to third parties if:

  • You have given explicit consent (Art. 6(1)(a) GDPR)
  • It is necessary for legal claims (Art. 6(1)(f) GDPR)
  • We have a legal obligation (Art. 6(1)(c) GDPR)
  • It is necessary to fulfill contractual relationships (Art. 6(1)(b) GDPR)

4. Cookies

We use cookies to improve your experience on our website. Cookies are small files stored on your device when you visit our site. They help with website functionality, remembering your preferences, and analyzing website use. You can manage or disable cookies through your browser settings. Note that disabling cookies may limit website functionality.

Current Cookies include: Essential (cookies needed for website to function)l, Klaviyo, OneSignal, Google Analytics, Vimeo and YouTube. Optional Cookies for a better User Experience include: Klevu, Olark. Clarity

5. Tracking and Analytic Tools:

  1. We use tracking measures per Art. 6(1)(f) GDPR to design our website according to user needs and optimize it continuously. This includes tools like Google Analytics and Klaviyo Analytics for analysis

  2. Google Services & Analytics:

    collects data such as browser type, operating system, referrer URL, IP address, and time of server inquiry. This information is used to analyze website use and improve our services. You can opt out of data collection by installing a browser add-on from Google.

    The provider of the following Google services is Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google").

    Google has joined the EU / US Privacy Shield Agreement, has committed itself to complying with European data protection standards and thus fulfills the requirements of the EU to legitimize the transfer of personal data to the USA. For information on Google's commitment, see

    https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

    Further information on how Google handles your personal data can be found in Google's data protection declaration: https://www.google.com/intl/de/policies/privacy/ You can find information on the use of data for advertising purposes by Google, setting and objection options on this website:

  3. Klaviyo:

    Functions as processor for “controllers” in this case TVAPE of the following data, that transfers on a continuous basis.

    The categories of data subjects whose personal data are transferred:

    Customer and Customer Affiliate subscribers who after providing consent receive marketing communications.

    Categories of personal data such as abandon cart data, viewed products, pages and purchase order data.

    Determined by Customer’s configuration of the Services, and may include name, phone number, email address, address data, IP address, device identifiers, purchases (and other actions that imply consent) viewed products, abandon cart data and usage data (such as interactions between a user and Klaviyo’s online system, website or email, used browser, used operating system, referrer URL.)

    Read Klaviyo's data processing agreement for more information https://www.klaviyo.com/legal/data-processing-agreement

  4. Clarity:

    Clarity is GDPR-compliant as a data controller is used to improve Microsoft products and advertising by using Microsoft Clarity to see how you use our website. By using our site, you agree that we and Microsoft can collect and use this data. For more information on Microsoft’s privacy statement

    https://privacy.microsoft.com/en-US/privacystatement has more details. For more information on Clarity - visit https://learn.microsoft.com/en-us/clarity/faq

  5. Cloudflare:

    TVAPE utilizes Cloudflare services as part of its website infrastructure. The types of personal data processed by Cloudflare on our behalf depend on the specific Cloudflare services we have implemented. For the primary Core Application Layer Services, Cloudflare does not store customer content nor exercises any control over the data transmitted, routed, switched, or cached through their Global Network. In limited cases, Cloudflare products may be employed for content storage. Regardless of the Cloudflare services in use, TVAPE remains fully responsible for ensuring compliance with applicable laws and any independent contractual arrangements related to the data transmitted, routed, switched, cached, or stored through Cloudflare's Global Network.

    With respect to the Core Application Layer Services, the majority of data passing through Cloudflare’s network is retained on Cloudflare’s Edge servers. Metadata associated with this activity is processed in Cloudflare’s data centers located in the United States and Europe.

    Cloudflare retains log data regarding events on their network, some of which may include information about visitors to and/or authorized users of TVAPE’s domains, networks, websites, application programming interfaces (APIs), or applications, including the Cloudflare Zero Trust product where applicable. This metadata contains minimal personal data, typically in the form of IP addresses. Cloudflare processes this information on our behalf within their data centers in the U.S. and Europe for a limited duration.

    For full information on Cloudflare’s Privacy Policy Click Here https://www.cloudflare.com/privacypolicy/

  6. Klevu Search:

    is committed to maintaining the highest standards of data protection and privacy. In accordance with GDPR guidelines, Klevu stores your data in GDPR-compliant data centers, ensuring that all personal data is handled with the utmost care and security. Personal data refers to any information relating to an identified or identifiable natural person, which can include details such as your name, email address, and other identifiers. The processing of this data, which encompasses activities such as collection, recording, transmission, storage, and use, is carried out in strict compliance with GDPR standards. As a processor, Klevu operates solely to provide the agreed-upon services and does not utilize your data for any other purposes. For comprehensive information on Klevu's GDPR compliance and its commitment as a data controller, please click here https://www.klevu.com/gdpr/

  7. Olark:

    According to Article 6 of the GDPR, the legal bases for processing include consent, contract, legal obligation, vital interests, public tasks, and legitimate interest. Please be aware that some data from the chat is processed and stored according to GDPR guidelines. Olark is GDPR compliant and ensures that all personal data handled through its services adheres to these regulations. However, as a data processor, Olark does not and cannot determine the legal basis for processing visitor personal data on behalf of its customers. https://www.olark.com/help/gdpr

  8. Sendcloud:

    processes the Usage Data to enable you to use the Website and to ensure the functionality of the Website. In addition, we process Usage Data in order to analyze the performance of the Website, to continuously improve the Website and to correct errors or to personalize the content on the Website for you. We also process the Usage Data to ensure IT security and the operation of our systems and to prevent or detect misuse, in particular, fraud. These server log files are deleted after a maximum of 7 days. Our legal basis for the processing of this data is Art. 6 (1) lit. f) GDPR.

    For full information on Sendclouds Privacy Policy Click Here https://www.sendcloud.com/privacy-policy/

  9. Oracle NetSuite’s:

    compliance with the EU Cloud Code of Conduct (CoC) has been verified (Verification ID: 2021LVL02SCOPE218) and is listed in the monitoring body’s public registry (opens in a new tab). The CoC outlines general requirements for cloud service providers acting as processors, ensuring they provide sufficient guarantees as stipulated under Article 28.1-4 of the EU General Data Protection Regulation (GDPR).

    For more Information check out the Link Here https://www.netsuite.com/portal/platform/infrastructure/operational-security.shtml

  10. DHL:

    This website utilizes DHL age verification to ensure the recipient's age is in compliance with statutory provisions, particularly the Youth Protection Act (JuSchG). The service is provided by Deutsche Post DHL Group, located at Charles-de-Gaulle-Str. 20, 53113 Bonn, Germany (hereinafter referred to as "DHL"). When offering goods or services, we conduct an age verification with DHL. The recipient and buyer must be identical and of legal age.

    During the age verification process, the deliverer will check the recipient's age (whether the recipient or another person authorized to receive the goods) using an official photo ID. This requirement can be waived if the deliverer can clearly assume, based on the overall circumstances, that the recipient has reached the minimum age. Deliveries are not made to neighbors or house residents. The legal basis for this data processing is Art. 6 Paragraph 1 Clause 1 Letters b and c of the GDPR.

    Please have a photo ID (ID card or driving license) ready upon delivery. For more information on how DHL handles your personal data, please refer to their privacy policy: DHL Privacy Policy.

    In addition, we collect and store data in accordance with GDPR compliance to complete your shipment. For full information on our data processing practices, please click the link here: GDPR Compliance Information.

  11. GLS:

    Performs and IdentCheck to confirm the identity and age of the recipient - you can see full information here https://www.gls-pakete.de/glossar/identpinservicecollects and stores Data in accordance to GDPR Compliance for shipment, click the link for full information https://gls-group.eu/GROUP/en/privacy-policy/

  12. UPS:

    Provides an Adult Signature required program, to comply with only Legal Adults receiving their package, it is confirmed by UPS upon delivery. Additionally UPS collects and stores Data in accordance to GDPR Compliance for shipment, click the link for full information on their GDPR Data Policies here https://www.ups.com/de/en/support/shipping-support/legal-terms-conditions/privacy-notice.page

  13. Youtube:

    Our website uses media content from the YouTube platform. The provider is Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”). The purpose is to display content from the YouTube platform as part of our website. This service records your IP address and possibly other data required by Google for YouTube. The information generated about your use of this website is stored on a server in the USA. This information may also be passed on to third parties if this is required by law or if third parties process this data on behalf of us or Google. If you are logged in to YouTube at the same time, Google can assign your visit to the page on our website directly to your user account there.

  14. Crazy Egg:

    We also use Crazy Egg to track Snapshots, Recordings and Advanced Tracking Options in accordance with GDPR. Read the full information here https://support.crazyegg.com/hc/en-us/articles/360056916293-Crazy-Egg-Privacy

  15. reCAPTCHA

    This website uses reCAPTCHA from Google. reCAPTCHA serves to ensure that the forms made available are used by a natural person and not misused by machine or automated processes. This service records your IP address and possibly other data required by Google for reCAPTCHA. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google.

    Google has joined the EU / US Privacy Shield Agreement, has committed itself to complying with European data protection standards and thus fulfills the requirements of the EU to legitimize the transfer of personal data to the USA. For information on Google's commitment, see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

6. Security & Encryption

We use SSL encryption for secure data transmission. You can verify encryption by the lock symbol in your browser's address bar. Our security measures are continuously updated to protect your data from unauthorized access.

7. Payment service providers

  • PaySafe

    This website uses Paysafe, Paysafe Holdings UK Limited as a payment service provider. When paying via Paysafe, your name, the products or services purchased, the invoice amount and the billing and delivery address may be forwarded to Paysafe as part of the payment processing. The legal basis for the processing is Art. 6 Para. 1 lit. b GDPR. Further information on data collection by Paysafe and Skrill and the legal notices can be found here https://www.paysafe.com/gb-en/paysafegroup/comprehensive-privacy-notice/

    For more information, see this section from PaySafe:

    Paysafe Holdings UK Limited. Paysafe Financial Services Limited (FRN: 900015), Skrill Limited (FRN: 900001) and Prepaid Services Company Limited (FRN: 900021) are all authorised by the Financial Conduct Authority under the Electronic Money Regulations 2011 to issue electronic money and payment instruments. Paysafe Payment Solutions Limited, trading as Paysafe, NETELLER, Skrill, Rapid Transfer and Skrill Money Transfer, is regulated by the Central Bank of Ireland. Paysafe Prepaid Services Limited, trading as paysafecard, my paysafecard, paysafecard Mastercard and Paysafecash, is regulated by the Central Bank of Ireland. The NETBANX® brand is owned by Paysafe Holdings UK Limited. Paysafe Payment Processing Solutions, LLC is a registered Independent Sales Organisation/MSP of Deutsche Bank AG, New York, NY; Citizens Bank, NA, Providence, RI; PNC Bank, NA, Pittsburgh, PA; Wells Fargo Bank, NA, Concord, CA; Woodforest National Bank, Houston, TX; BMO Harris Bank, NA, Chicago, IL; and Merrick Bank, South Jordan, UT. Paysafe Merchant Services Corp. is a registered Independent Sales Organization/MSP of Fifth Third Bank, NA, Cincinnati, OH, USA; Citizens Bank, NA, Providence, RI; PNC Bank, NA, Pittsburgh, PA; and Merrick Bank, South Jordan, UT. NETELLER and Net+ are registered trademarks of Skrill Limited. Skrill is a registered trademark of Skrill Limited. The Paysafe® brand is the registered property of Paysafe Holdings UK Limited. paysafecard is a registered trademark of Paysafecard.com Werkarten GmbH. Net+ and Skrill Prepaid Mastercards are issued by Paysafe Financial Services Limited and paysafecard Mastercard cards are issued in the EEA by Paysafe Prepaid Services Limited as an affiliate member of Prepaid Services Company Limited and in the UK by Prepaid Services Company Limited, each pursuant to licenses from Mastercard International. Mastercard is a registered trademark of Mastercard International. The Paysafe logo is a registered trademark in the United States.

  • Klarna

    This website also offers Klarna as a payment method. By using Klarna you agree that Klarna may provide all notices, payment information, terms and conditions. For more information about Klarna's various programs, please visit the Terms and Conditions here https://docs.klarna.com/policies/payment-solutions-guidelines/eu/

    It is your responsibility to ensure that Klarna has your current email address and mobile phone number so that Klarna can communicate with you electronically.

8. Rights of Data Subjects

You have the right to

  1. Request information on your personal data (Art. 15 GDPR),
  2. Request rectification of incorrect data (Art. 16 GDPR),
  3. Request deletion of your data (Art. 17 GDPR),
  4. Request restricted processing (Art. 18 GDPR),
  5. Receive your data in a portable format (Art. 20 GDPR),
  6. Revoke consent at any time (Art. 7(3) GDPR),
  7. Submit complaints to a supervisory authority (Art. 77 GDPR).

9. Third Party Countries

The transfer of personal data to a country or an international organization outside the European Union (EU) or the European Economic Area (EEA) is subject to legal or contractual permissions only in accordance with the requirements of Art. 44 ff. GDPR. This means that the EU Commission has issued an adequacy decision in accordance with Art. 45 GDPR for the country in question, there are suitable guarantees for data protection under Art. 46 GDPR or binding internal data protection regulations under Art. 47 GDPR.

10. Retention Periods

Business-related data is archived according to legal requirements. Application documents are retained for up to six months after the application process. For more information, contact cs@tvape.de or a formal request of your data.

11. Right to Object

You can object to data processing based on legitimate interest (Art. 6(1)(f) GDPR) at any time if it affects your personal situation. For objections, email us at cs@tvape.de

12. Updates and Changes to This Data Privacy Declaration

This Data Privacy Declaration is current as of July 19th 2024. Future updates will be posted on our website here.