Cookies Policy

Cookie policy

SellerX Commerce GmbH (“we”, “us”, “our” or “kwmobile”) operates cookies and other similar technologies on our websites and in our marketing communications in order to provide you with access to our website with a tailored experience and relevant marketing communications as well as to carry out analytics.

What are cookies and other similar technologies we use?

Cookies are small text files containing small amounts of information and they are placed on your device by websites that you visit. In general, the data processed in this context does not directly identify you, but it can give you a more personalized experience by providing information about you, your preferences or your device.

In addition to cookies, we use pixels to learn more about your interactions with our email or web content, such as whether you interacted with ads or posts. A pixel is a tiny image that may be embedded within websites and emails, requiring a call (which provides device and visit information) to our servers in order for the pixel to be rendered in those websites and emails. Where required, tracking pixels in marketing emails are used only with your consent and in accordance with your marketing preferences.

Why are cookies and other similar technologies used?

Cookies are divided into four categories based on the purpose for which they are used:

Strictly necessary cookies (technically essential cookies)

These cookies are necessary for the website to function securely and cannot be switched off. Strictly necessary cookies are set on the basis of Regulation 6(4) of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”) in the United Kingdom (no consent required) as they are necessary for the technical provision and security of the website. This includes cookies from our store platform (e.g., shopping cart cookies, recording the consent status, securing sessions, security of the store system, payment processing), cookies from the content delivery networks used (e.g., playing out certain content via external networks to optimize loading speed, stability and correct display of content) as well as cookies used for security purposes (e.g., Google reCAPTCHA to keep malicious software from engaging in abusive activities on the website). You can set your browser to block or alert you about these cookies, but then it is not possible to use our webstore or certain functions.

Performance cookies (analytics)

These cookies are optional and allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site (e.g., through click paths, mouse movements and heat maps).

Functional cookies

These cookies are optional and enable the website to provide enhanced functionality and personalization. If you do not allow these cookies, then some or all of these services may not function properly.

Targeting cookies (advertisement)

These cookies are optional and may be set through our site by us or our advertising partners. They may be used by us or by our partners to build a profile of your interests and show you relevant adverts on other sites or to merge and link data (possibly involving other parties such as publishers in advertising networks) to guarantee commission claims for advertising material. If you do not allow these cookies, you may experience less relevant advertising. Non-essential (optional) cookies and similar technologies are only used after you have given your consent via our cookie consent mechanism. You may withdraw or adjust your consent at any time with effect for the future via the cookie consent mechanism on our website.

The pixels are used in order to analyze the performance of our marketing campaigns and their relevance for you. This is done by observing your interactions with our content (e.g., if you open a marketing email) and help us to understand your interests and preferences.

What kind of data is processed by the cookies and similar functions?

The cookies and other functions may process the following categories of (personal) data as specified in the cookie consent mechanism:

  • Content data: (e.g., text entries, photographs, videos, contents of documents/files);
  • Usage data: (e.g., history on our website, use of certain content, access times, contact or order history);
  • Connection data: (e.g., device information, IP addresses, URL referrer);
  • Location data: (e.g., GPS data, IP geolocalization, access points); and
  • Diagnostic data: (e.g., crash logs, website/app performance data, other technical data for analyzing malfunctions and errors).

Non-essential cookies are stored or accessed on your device only on the basis of your consent pursuant to Regulation 6(1) PECR in the United Kingdom.

Any subsequent processing of personal data collected through such cookies is carried out on the applicable legal basis under the GDPR, typically your consent (Art. 6(1)(a) GDPR).

Processing related to strictly necessary cookies may be based on our legitimate interests in operating and securing our website (Art. 6(1)(f) GDPR) or, where relevant, on the performance of a contract (Art. 6(1)(b) GDPR).

For the data categories processed by each cookie, kindly see the cookies specified in the cookie consent mechanism. The cookies listed there may change over time, for example if services are updated or new functionalities are implemented. For more information regarding our personal data processing operations please see our Privacy Policy.

Where personal data is transferred to the United States, such transfers may be based on the EU-U.S. Data Privacy Framework (where applicable) and/or Standard Contractual Clauses pursuant to Art. 46 GDPR, together with the UK IDTA / UK Addendum and with any necessary supplementary measures.

What are the data processing operations related to cookies and similar functions?

  • Advertising and personalized marketing measures: Includes, for example, the opening of public and possibly access-restricted websites, apps and/or external pages for general information about our products/services (e.g. general website about our company, press pages, social media pages), personalized communication with users, interested parties and/or customers (e.g. newsletters), playout of (personalized) recommendations and advertising measures (e.g. personalized newsletters, display of advertising on other websites, search engines, social media pages and/or apps and generally in advertising networks), merging and linking of data (possibly involving other parties such as publishers in advertising networks) to guarantee commission claims for advertising material;
  • Analysis and performance measurement as well as optimization of products and/or services: Includes, for example, opinion polls and voting, comparative tests (so-called A/B testing), analysis and (usually aggregated) evaluation of user, prospect and/or customer behavior in the online and/or offline area (e.g. through click paths, mouse movements and heat maps), analysis and evaluation of the success of general and, if applicable, personalized marketing measures, needs-based design of our (digital) products and services based on the analyzed demand and/or usage behavior;
  • Information security: Processing operations are recorded that serve to protect against dangers and to secure IT systems, as well as to achieve the protection goals of confidentiality, availability and integrity of data, systems and processes (e.g. differentiation between human and bot access, detection and defense against abusive access, security-relevant analysis of the use of digital products and services); and
  • User and/or customer support: Includes, for example, contact forms, chat systems including chat bots.

When do the cookies expire?

The expiration of the cookies depends on whether they are so called session cookies or fall within the category of persistent cookies. Session cookies expire at the end of a browser session i.e., normally when you exit your browser while persistent cookies are stored in your browser in-between sessions unless you manually remove them. For specific information on the expiration per each cookie, please see the information listed in the cookie consent mechanism.

What are first-party and third-party cookies?

Cookies can be categorized into first- and third-party cookies depending on the domain setting them. First-party cookies are placed directly by us on our website you are visiting. Third-party cookies are set by a domain other than our website when your browser fetches elements from such third-party websites e.g., images, social media plugins or advertising.

How can you change your cookies settings or disable pixels?

You can change your preferences regarding optional cookies and other similar technologies on our website by using the cookie consent mechanism. By using the toggles in the provided mechanism, you can, at any time, enable or disable all or some of the optional cookies and other similar technologies in accordance with your preferences. You can also change the cookie settings directly in your browser, for further instructions please see here (third-party website).

If you wish to disable pixels included in our marketing emails, you can do so by blocking your email from automatically downloading images. You can also unsubscribe from our marketing communications at any time by using the link provided in the communication or by contacting us in accordance with the Privacy Policy.

Details on optional cookies

Marketing services

Facebook Custom Audiences ("Facebook Pixel")

Purpose of processing: Advertising and personalized marketing measures, analysis and performance measurement as well as optimization of products and/or services
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data and usage data, possibly location data
Recipient of the data: Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland
Intended third country transfer: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: _fbp

Google Ads (Google Marketing)

Purpose of processing: Advertising and personalized marketing measures, analysis and performance measurement as well as optimization of products and/or services
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, possibly location data
Recipient of the data: Google Ireland Ltd, Gordon House, Barrow Street Dublin 4 Ireland
Intended third country transfer: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: NID, IDE, _gcl_au, CONSENT, test_cookie

LinkedIn Conversion Tracking (LinkedIn Ads)

Purpose of processing: Advertising and personalized marketing measures, analysis and performance measurement as well as optimization of products and/or services
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, possibly location data
Recipient of the data: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn")
Intended third country transfer: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: UserMatchHistory, lang, lidc, ln_or, li_gc, AnalyticsSyncHistory, li_sugr

TikTok Pixel (analysis and advertising)

Purpose of processing: Advertising and personalized marketing measures, analysis and performance measurement as well as optimization of products and/or services
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, content data, if applicable
Recipient of the data: TikTok Information Technologies UK Limited, WeWork, 125 Kingsway, London, WC2B 6NH, London, England ("TikTok UK") and TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok Ireland")
Intended third country transfer: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: _ttp, _tt_enable_cookie

Klaviyo (analysis and marketing campaigns)

Purpose of processing: Advertising and personalized marketing measures, analysis and performance measurement as well as optimization of products and/or services
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, content data, if applicable
Recipient of the data: Klaviyo, Inc, 125 Summer Street, Floor 6, Boston, MA, 02110, USA ("Klaviyo")
Intended transfer to third countries: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: __kla_id

Pinterest

Purpose of processing: Advertising and personalized marketing measures
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, possibly location data
Recipient of the data: Pinterest Europe Ltd. Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland ("Pinterest")
Intended transfer to third countries: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: _pinterest_ct_ua, _pin_unauth, ar_debug

Analysis and performance measurement

Google Analytics

Purpose of processing: Analysis and performance measurement as well as optimization of products and/or services, advertising and personalized marketing measures. We use Google Analytics with IP anonymization enabled.
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, content data, location data
Recipient of the data: Google Ireland Ltd, Gordon House, Barrow Street Dublin 4 Ireland
Intended third country transfer: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: __Host-GAPS, _gid, _ga_xxxxxxxxxx, FPLC, _gclxxxx, _ga, _ga_xxxxxxx, _gat, _gid, FPID, VISITOR_INFO1_LIVE, YSC, FPAU, FPGSID, receive-cookie-deprecation

Shopify Analytics

Purpose of processing: Analysis and performance measurement as well as optimization of products and/or services, advertising and personalized marketing measures
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, possibly content data, possibly location data
Recipient of the data: Shopify International Ltd, 2nd Floor 1-2 Victoria Buildings Haddington Road Dublin 4, D04 XN32 Ireland and, where applicable, Shopify Inc, 151 O'Connor Street, Ground floor, Ottawa, ON, K2P 2L8, Canada
Intended transfer to third countries: In individual cases, USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: _landing_page, _s, _shopify_s, _shopify_sa_p, _shopify_sa_t, _shopify_y, _y, _checkout_queue_checkout_token, _checkout_queue_token, _orig_referrer, _pay_session, _shopify_d, snize-recommendation, epb_previous_pathname

Hotjar

Purpose of processing: Analysis and performance measurement as well as optimization of products and/or services
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, location data
Recipient of the data: Hotjar Ltd, Level 2, St Julian's Business Center, 3, Elia Zammit Street, St Julian's STJ 1000, Malta
Intended third country transfer: None
Information on cookies and similar technologies: _hjSessionUser_xxxxxx, hjIncludedInPageviewSample, _hjAbsoluteSessionInProgress, _hjFirstSeen, _hjIncludedInSessionSample, _hjSession_xxxxxx, _hjTLDTest, _hjIncludedInSessionSample_753566, _hjIncludedInSessionSample_xxx

Cloudflare

Purpose of processing: Analysis and performance measurement as well as optimization of products and/or services
Legal basis: Regulation 6(1) PECR (United Kingdom), Art. 6 para. 1 sentence 1 letter a GDPR
Data categories: Connection data, usage data, possibly location data
Recipient of the data: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA
Intended third country transfer: USA and other third countries (standard data protection clauses of the EU Commission, adequacy decisions)
Information on cookies and similar technologies: cf_use_ob