The GDPR is out now

The basic general data protection regulation will enter into force tomorrow. But don't panic, together we can do this! We want you to have a little countdown today: The GDPR is coming.

If you are now thinking: "GDPR, uh what?", here is a short summary of what this is all about.

Starting tomorrow, companies will face essential changes. On 25 May 2018, the new General Data Protection Regulation (GDPR) will also enter into force in Germany. This means that data protection law within the EU will be harmonised and the same standards will apply everywhere. This also applies to companies based outside the EU if they process data from persons from the EU. The aim is to make data protection law clearer for users.

Data protection has played an important role for years. For customer orders, newsletters or cookies - data is processed everywhere.

What changes with Shirtee?
Of course, we have also been dealing with the new data protection regulation and its implementation for some time. You may not have noticed many of the changes that have already been implemented, as they all run in the background and no points of contact arise. Of course, this is not the case with all changes. Some of them are more obvious, such as our privacy policy. Whether and what exactly will change for you now, we have summarized here once again.

Sale on the Shirtee Marketplace
We adapt the data protection declaration and take care of the rest as usual. In the future, we will inform our users even more comprehensively about personal data that we process. Please enter in the course of the GDPR in your Dashboard the data, which should appear in the shop Impressum. You can find the options for this in your dashboard under "Settings" when you scroll down to the bottom of the page.

Sale via Shirtee Shops
Even if you have created a Shirtee Shop there will be no changes. On your shop page is the imprint and the privacy policy linked, which are adapted by us accordingly. There we also store tracking information via Facebook Pixel, Google Analytics and the option that your customers can communicate with you via the product page via Facebook Messenger.

Dropshipping via API connection (Amazon, Shopify, WooCommerce etc.)
If you sell your Shirtee products via an API connection on your own website or in an external shop, then you will also have to make a few small changes.
The requirements of the new GDPR must be implemented by adapting and changing your imprint, the general terms and conditions and the data protection declaration. The extent to which these need to be adjusted depends on the content and actions on your website or shop. Unfortunately, there is no generally valid answer here.

Use of <i frame> or JavaScript
If you use the <i frame> or the JavaScript to integrate your product or your Shirtee shop on your website, there are some things to consider.
We have already taken some precautions and integrated the imprint, the general terms and conditions and the data protection declaration into the respective integrations. Furthermore, you should read the note "Powered by Shirtee" in the footer to inform the users of your website that they are on a website other than your own. It is important at this point that you indicate the use of the i frame or JavaScripts in your data protection declarations despite our references and point out how we process data (more information in our data protection explanation).

If third-party content is displayed via iframes or JavaScript, this should be clearly marked. In addition, an indication should be added that the integration of the respective contents will be removed if knowledge of legal infringements becomes known.

If you refer to our privacy policy, please use the following link (https://www.shirtee.de/datenschutz) to ensure that you always have the latest version. If you should save the text as such only at another place, the topicality of this is not guaranteed.

Your privacy policy
An order data processing contract is not necessary, as we do not traditionally act according to the instructions of the customer (i.e. you), especially in the production and delivery of the goods. In cooperation with our lawyer we have also worked out two suggestions for you, which you can integrate into your data protection declaration using iFrame and Dropshipping:

Passing on of data to Shirtee for the purpose of ordering via online shop
For the operation of our shop we work together with shirtee.com. For the purpose of ordering a product we use an iFrame for the purpose of integrating our shop at shirtee.com. This establishes a connection to Shirtee's servers and website, resulting in data being exchanged. For more information about Shirtte's privacy policy, the iFrame includes the privacy policy, which also allows you to administer cookies that are used on Shirtee's site. Furthermore, the order process is carried out at our partner Shirtee, so that in case of an order the necessary data are handed over to Shirtee and processed. The processing is carried out to fulfil our contractual obligations and in our legitimate interest, as this allows us to keep our business processes lean and to fall back on a more experienced operator of our web shop.

Disclosure of data to Shirtee for production and fulfillment
We work together with Shirtee.com for the purpose of contract fulfilment, especially for the production of goods and for the dispatch of the goods. There your order data will be processed. This includes data on order production and delivery. Shirtee processes the data exclusively for the fulfilment of the contract. Legal basis is Art. 6 Asb. 1 b GDPR