SPECIAL OFFER: With every sauna or sauna house order, we will give you our 6 sauna fragrances (250ml each) worth 100 €. You don't have to do anything else, we'll add these items to your order!
Made in Germany
Over 30 years of experience
Directly from the manufacturer
Free delivery from 99 €
within Germany, excluding islands
Go to homepage

Privacy Policy

§ 1 Preamble

The following provisions serve to provide information about the processing of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR), in particular taking into account the information obligations under Articles 12 to 14 of the GDPR and to provide information about the rights of data subjects under the GDPR in accordance with Articles 15 to 22 and Article 34 of the GDPR.

§ 2 Definitions

With regard to the terms used in this statement, we refer to Art. 4 GDPR.

§ 3 General Data Protection Regulation

The full text of the General Data Protection Regulation is available on the Internet at http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32016R0679&from=DEavailable.

§ 4 Information on the Controller

Karibu Holztechnik GmbH
Eduard-Suling-Straße 17
28217 Bremen

represented by the managing director Jörg Lieders

Phone: 0421 - 38 69 3-0
Fax: 0421 - 38 69 3-950

Email: info@karibu.de

Registered office: Bremen
District Court Bremen HRB 30219

§ 5 Supervisory authority

The State Commissioner for Data Protection and Freedom of Information of the Free Hanseatic City of Bremen Dr. Imke Sommer
Arndtstraße 1
27570 Bremerhaven
Phone: +49 471 596 2010 or +49 421 361 2010
Fax: +49 421 496 18495
E-mail: office@datenschutz.bremen.de

§ 6 Data Protection Officer

Oliver Stutz
Konsul-Smidt-Str. 88
28217 Bremen

Phone: 0421 / 69 66 32 0
E-mail: office@datenschutz-nord.de

 

§ 7 Information on data collection, processing and use

  • Information on data collection, processing and use
    In general, we only process your personal data in order to provide and improve the services we offer you. These purposes include:
  • Provision of requested products and services: We use the information you provide to us to provide the services necessary to perform the contract; This includes, for example: the transmission of your personal data (e.g. name, address) to shipping service providers; The legal basis is then Art. 6 para. 1 sentence 1 lit. b) GDPR.
  • If you send us enquiries via the contact form, we will store your details from the enquiry form, including the contact details you provide there, for the purpose of processing the enquiry and in the event of follow-up questions; The legal basis is then Art. 6 para. 1 sentence 1 lit. b) GDPR. If the request is not directed at the conclusion or performance of a contract, the legal basis is Art. 6 para. 1 sentence 1 lit. f) GDPR. In this case, the processing of your personal data serves to establish contact and communicate, whereby the legitimate interest lies in communication with you.
  • If you contact us by email, your details from the email, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions; The legal basis is then Art. 6 para. 1 sentence 1 lit. b) GDPR. If the request is not directed at the conclusion or performance of a contract, the legal basis is Art. 6 para. 1 sentence 1 lit. f) GDPR. In this case, the processing of your personal data serves to establish contact and communicate, whereby the legitimate interest lies in communication with you.
  • Notification of changes or cancellations in the employment relationship: We will send you information about the services you have requested and changes to them. These communications are not for marketing purposes and it is not possible to unsubscribe; The legal basis is then Art. 6 para. 1 sentence 1 lit. b) GDPR.
  • Marketing and promotional purposes: We will contact you from time to time via email with information about our offers. However, you can decide during the establishment of the contractual relationship whether or not you wish to receive such information. In addition, you can decide at any time whether you wish to continue to receive direct marketing material from us and, if so, unsubscribe from the offer. If we receive your e-mail address in connection with the sale of a product or service and you have not objected to this, we reserve the right to send you regular offers for similar products from our range to those already purchased by e-mail on the basis of § 7 para. 3 UWG. This serves to safeguard our legitimate interests in addressing our customers in an advertising manner, which prevail in the context of a balancing of interests; The legal basis is then Art. 6 para. 1 sentence 1 lit. f) GDPR. You can object to this use of your e-mail address at any time by sending a message to the contact option described below or via a link provided for this purpose in the advertising e-mail, without incurring any costs other than the transmission costs according to the basic rates. We will only process your personal data if we have a legal basis to do so. The legal basis is based on the purposes for which we have collected your personal data and need to use it, cf. Art. 6 GDPR. In most cases, we need your personal data to perform our contract with you, the legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR.

Similarly, we may process your personal data for one or more of the following reasons:

  • To comply with a legal obligation, Art. 6 para. 1 sentence 1 lit. c) GDPR
  • You have given us your consent to the use of your personal data (e.g. for marketing-related purposes), Art. 6 para. 1 sentence 1 lit. a) GDPR
  • It is in our legitimate interest (e.g. for administrative purposes), Art. 6 para. 1 sentence 1 lit. f) GDPR.

We will not keep your data for longer than is necessary for the purpose for which it is processed. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purpose for which we process your personal data and whether we can achieve this purpose by other means.

We also need to consider the periods for which we may need to retain your personal data in order to comply with our legal obligations or to deal with complaints and enquiries, as well as to protect our legal rights in the event of a claim.

When we no longer need your personal data, we will delete or destroy it irretrievably. We will also consider whether and how we can minimise the personal data we use over time and whether we can anonymise your personal data so that it can no longer be associated with you or identify you. In this case, we may use this information without prior notice to you.

§ 8 Rights of data subjects

As a data subject, you have the following rights in particular under the General Data Protection Regulation (hereinafter also referred to as "data subject rights"): You have the right

  • request information, Art. 15 GDPR,
  • Request rectification of your data, Art. 16 GDPR
  • Request deletion of your personal data, Art. 17 GDPR
  • have the processing of your personal data restricted, Art. 18 GDPR
  • to demand the release of data concerning you in a common electronic, machine-readable data format, Art. 19 GDPR
  • object to the processing of your personal data with effect for the future, Art. 21 GDPR
  • not to be subject exclusively to automated processing, including profiling, Art. 22 GDPR

We must notify you immediately of any data breach that may result in a high risk to your personal rights and freedoms.

To exercise the rights of the data subject, please contact the office mentioned under § 4. Enquiries submitted electronically will usually be answered electronically, unless you have stipulated otherwise in your enquiry. If we have disclosed personal data to other bodies or recipients, we are obliged, within the scope of what is technically possible and reasonable, to notify the recipients of the data of any correction, deletion and/or restriction of processing. On request, we will inform you about the respective recipients of the data.

§ 9 Use of the Website

  1. When you access our website, information of a general nature is automatically collected. This information (server log files) includes the type of web browser, the operating system used, the domain name of your Internet service provider and the like. This is exclusively information that does not allow any conclusions to be drawn about your person. This information is technically necessary in order to correctly deliver the content of websites requested by you and is mandatory when using the Internet. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
  2. You can decide whether a unique web analytics cookie may be stored in your browser to enable the website operator to collect and analyze various statistical data. Like many other websites, we also use so-called "cookies". The legal basis is Art. 6 (1) (a) GDPR because you have consented to the data processing or Art. 6 (1) sentence 1 (f) GDPR, because the use of cookies serves our overriding legitimate interest in the optimized presentation of our offer. Cookies are small text files that are transferred from a website server to your hard drive. This automatically provides us with certain information such as your IP address, browser used, operating system about your computer, and your connection to the Internet. The information contained in cookies allows us to make it easier for you to navigate and to enable the correct display of our websites. Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent.
  3. Our website uses Google (Universal) Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as so-called "cookies", text files that are stored on your computer. The legal basis is Art. 6 (1) (a) GDPR because you have consented to the data processing or Art. 6 (1) sentence 1 (f) GDPR, because the use of Google Analytics serves to safeguard our legitimate interest in an optimized presentation of our offer, which prevails in the context of a balancing of interests. What you can do if you don't want this:
    You can prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout/eulahtml?hl=de.
  4. Our website uses Google Tag Manager, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We use Tag Manager to integrate and manage Google analytics and marketing services on our website. The Google Tag Manager is supposed to be a so-called "cookieless tool", so that no unnecessary cookies are set by the Tag Manager. Therefore, a reference in the privacy policy would be obsolete. However, according to the Google Tag Manager Use Policy, it cannot be ruled out that data is collected. Cookies are apparently set for this purpose, which is why we would like to inform you about the use of Google Tag Manager. Cookies are small text files that are transferred from a website server to your hard drive. This automatically collects certain data such as IP address, browser used, operating system. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR because/if you have consented to the data processing. Data will not be passed on to third parties without your consent.
  5. Our website uses the functions of Google Ads (formerly Google AdWords) conversion tracking, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We use it to advertise this website in Google search results, as well as on third-party websites. The legal basis is Art. 6 para. 1 lit. a) GDPR because you have consented to the data processing or Art. 6 para. 1 sentence 1 lit. f) GDPR, because the use of Google Ads serves to safeguard our legitimate interest in an optimized presentation of our offer and services, which prevails in the context of a balancing of interests. For this purpose, Google places a cookie in the browser of your device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and based on the pages you visit. Conversion cookies expire after 30 days. Any further data processing will only take place if you have given Google your consent to Google linking your internet and app browsing history to your Google account and to use information from your Google account to personalize ads you visit on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google to Google Analytics data in order to form target groups. You can permanently disable the setting of cookies for ad preferences by downloading and installing the browser plug-in available at the following link: https://www.google.com/settings/ads/onweb/Further information and the privacy policy regarding advertising and Google can be found here: https://www.google.com/policies/technologies/ads/. For more information about Google's privacy policy, please visit: https://policies.google.com/privacy; You can find an objection option under (Opt-Out): Opt-Out Plugin: https://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertisements can be viewed at: https://adssettings.google.com/authenticatedhttps://www.google.de/intl/de/privacyor https://www.google.com/intl/de/policies/privacy/

  6. We use the platform YouTube.comto post your own videos and make them publicly accessible. YouTube is the service of a third party not affiliated with us, namely YouTube LLC.

    Some pages of our offer contain links or links to the offer of YouTube. In general, we are not responsible for the content of websites to which links are provided. In the event that you follow a link on YouTube, however, we would like to point out that YouTube stores the data of its users (e.g. personal information, IP address) in accordance with its own data usage guidelines and uses it for business purposes.

    We also directly embed videos stored on YouTube on some of our (sub)pages. With this integration, content from the YouTube website is displayed in parts of a browser window. However, the YouTube videos are only accessed by clicking on them separately. This technique is also called "framing". If you call up a (sub-)page of our website on which YouTube videos are integrated in this form, a connection to the YouTube servers is established and the content is displayed on the website by means of a message to your browser. We have implemented a process that prevents YouTube from storing cookies on your device while you are on our site.

  7. Our website uses the so-called Facebook pixel of the social network Facebook of Meta Platforms Ireland Limited., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use the Facebook Pixel to enable the analysis, optimisation and economic operation of our online offer. The aim is to display Facebook ads placed by us only to those Facebook users who are interested in our offer. In addition, the effectiveness of Facebook ads can be tracked for statistical purposes by evaluating the data collected on the question of whether users were redirected to our website after clicking on a Facebook ad. The legal basis for our use of the Facebook pixel is Art. 6 (1) (a) GDPR, because/if you have consented to the data processing, or Art. 6 (1) (f), because with the use of the Facebook pixel we pursue the legitimate purpose of analyzing and optimizing our online offer. When you visit our website, the Facebook pixel is directly integrated by Facebook and can store a so-called cookie on your device. If you have not agreed to the setting of a cookie, no cookie will be set. Facebook notes the visit to our page and assigns it in your profile if you log in to Facebook or are logged in while visiting our site. The data collected about you is anonymous to us. If we transmit data to Facebook for comparison purposes, it will be encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done for the sole purpose of comparing the data with the data that is also encrypted by Facebook. You can object to the use of the Facebook pixel at any time: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices. You can also opt out of the use of cookies that, like the Facebook pixel, are used for reach measurement and advertising purposes via the deactivation page of the network advertising initiative ( http://optout.networkadvertising.org/) and, in addition, the United States website ( http://www.aboutads.info/choices) or the European website ( http://www.youronlinechoices.com/uk/your-ad- choices ).
    Further information and Facebook's privacy policy can be found here: https://de-de.facebook.com/policy.php.
  8. Our website uses Userlike a live chat software provided by Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Cologne, Germany. Userlike uses cookies, which are small text files that are transferred from a website server to your hard drive. The setting of the cookie enables the Userlike chat widget to function, which is the source code that runs on the computer and enables the chat function. This automatically provides us with certain information such as your IP address, browser used, operating system about your computer, and your connection to the Internet. By using Userlike, we enable you to communicate with our employees in real time. Under no circumstances will the data we collect be passed on to third parties. Without your consent, we will not link to personal data or identify you personally, unless you provide us with your personal data such as e.g. Name, address and email address - e.g. in the course of the conversation - yourself. The processing of any data collected in the course of the conversation serves to provide you with a quick and efficient contact option and thus to improve our customer service, the legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR if the data processing is necessary for the performance of the contract concluded between us or for the implementation of pre-contractual measures that are taken at your request. In other cases, Art. 6 para. 1 sentence 1 lit f) GDPR is the legal basis, because the processing is in our legitimate interest, because the data is collected in order to spare you extensive information on the history of your enquiry and to constantly monitor the quality of our offer. For more information, see https://www.userlike.com/de/terms#privacy-policy%22%3EDatenschutzbestimmungen%20der%20Userlike%3C/a%3E%20UG(haftungsbeschr%C3%A4nkt).
  9. Our website uses the Doofinder search technology of Doofinder S.L., Madrid 28037, Rufino González 23 bis, 1º 1, Spain, with which we provide you with the search function on our website. Your browser connects to Doofinder's servers. As a result, data is transmitted to the provider by retrieving the content from the provider's server and is usually stored there, e.g. Your IP address, product and version information about the browser and operating system you are using, the website from which you accessed, the date and time of the request, and possibly your Internet service provider. The legal basis is Art. 6 para. 1 lit. a) GDPR because/if you have consented to the data processing or Art. 6 para. 1 sentence 1 lit. f) GDPR, because the use of Doofinder serves to safeguard our legitimate interest in an optimized presentation of our offer as well as a functional and appealing website, which prevails in the context of a balancing of interests.
    For more information, please refer to Doofinder's privacy policy: https://www.doofinder.com/de/privacy-policyor at https://www.doofinder.com/de/.
  10. Our website uses the analysis service Hotjar, provided by Hotjar Limited, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta. We use Hotjar to better understand the needs of our users and to optimize the offer and experience on this website. With the help of Hotjar's technology, we get a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click, what they like and dislike, etc.) and this helps us to align our offer with feedback from our users. Hotjar works with cookies and other technologies to collect data about the behavior of our users and about their devices, in particular IP address of the device (collected and stored during your website use only in anonymized form), screen size, device type (unique device identifiers), information about the browser used, location (country only), preferred language to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually prohibited from selling the data collected on our behalf. The data is transferred to Hotjar's server in Ireland (EU). Hotjar will delete your data after 365 days. The legal basis is Art. 6 para. 1 lit. a) GDPR because/if you have consented to the data processing or Art. 6 para. 1 sentence 1 lit. f) GDPR, because the use of Hotjar serves to safeguard our legitimate interest in an optimized presentation of our offer as well as a functional and appealing website, which prevails in the context of a balancing of interests.
    For more information, please refer to Hotjar's privacy policy at https://www.hotjar.com/legal/policies/privacy/de/
    If you do not want Hotjar to collect data: Click on the following link and follow the instructions there: https://www.hotjar.com/opt-out

§ 10 Communication / Newsletter

  1. If you contact us by e-mail or contact form, the personal data you voluntarily provide will be stored. The data you provide will only be used to process your enquiries as well as for possible follow-up questions and for any contract fulfilment and contract processing. In this case, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR. After the contract has been fully processed, your data will of course be blocked for further use. After expiry of the retention periods under tax and commercial law, your data will be deleted by us, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this period that is permitted by law and about which we will inform you.
  2. If you subscribe to our e-mail newsletter, we will send you regular information about our offers. As a technical service provider, we have chosen sendinblue, a shipping service of Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin. The only mandatory information for sending the newsletter is your e-mail address, you can also voluntarily provide further information such as e.g. Make your name. We use the so-called double opt-in procedure for sending the newsletter. You must therefore expressly declare your consent to receive the newsletter by clicking on a verification link sent to the e-mail address provided.
    The legal basis for the use of your personal data is Art. 6 (1) (a) GDPR. By activating the confirmation link, you give us your consent. We store your IP address as well as the date and time of registration. In addition, we store the information you provide during registration. We will forward the information provided during registration to sendinblue. The legal basis is Art. 6 para. 1 lit. f GDPR, because the newsletter dispatch serves our legitimate interest in using an advertising-effective, secure and user-friendly newsletter system. Sendinblue uses this information to send the newsletters on our behalf. You can view Sendinblue's privacy policy here: https://de.sendinblue.com/legal/privacypolicy/
    You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending us a corresponding message. After unsubscribing, your e-mail address will be deleted immediately from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this statement.

§ 11 Data Transmission

  1. The transfer of personal data to third parties is only permissible on the basis of legal permission or the consent of the data subject, cf. Art. 6 GDPR.
  2. Insofar as this is necessary to provide our services, we will pass on your data to third parties for the performance of the contract. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b) GDPR.
  3. Depending on which payment method you choose, different data will be transmitted to the respective payment service provider. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b) GDPR, as the processing is carried out for the performance of a contract, Art. 6 para. 1 sentence 1 lit. a GDPR if you have given consent, and Art. 6 para. 1 sentence. 1 lit. f GDPR in the interest of a payment process that is as smooth, convenient and secure as possible.

We offer you the option of making your payment via the payment service provider Mollie. Mollie is an online payment service provider that integrates various payment providers. The provider of this payment service is Mollie B.V, Keizersgracht 313, 1016 EE Amsterdam, The Netherlands. We offer the following payment options via Mollie: iDEAL, PayPal, Klarna, Apple Pay, EPS and prepayment. If you choose a payment method from the payment service provider Mollie, the information you enter during the order process, together with the information about your order (name, address, IBAN, BIC, invoice amount, currency and transaction number), will be transmitted to Mollie and the payment provider selected accordingly. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b) GDPR, as the processing is carried out for the performance of a contract, and Art. 6 para. 1 sentence 1 lit. a GDPR if you have given your consent. Mollie's privacy policy can be found at https://www.mollie.com/de/privacy

Payment service provider PayPal: PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which are virtual private or business accounts. The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. The personal data transmitted to PayPal may be transmitted by PayPal to credit reference agencies. The purpose of this transfer is to check identity and creditworthiness. PayPal may pass on the personal data to affiliated companies and service providers or subcontractors insofar as this is necessary for the fulfilment of contractual obligations or the data is to be processed on behalf of the customer. You have the option of revoking your consent to the handling of personal data at any time vis-à-vis PayPal. A revocation does not affect personal data that must be processed, used or transmitted for the purpose of (contractually compliant) payment processing. PayPal's applicable privacy policy can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-fullcan be retrieved.

Payment service provider Klarna: Klarna is an online payment service provider that enables purchase on account/installment purchase, instant bank transfer and financing purchase. Klarna also offers other services, such as buyer protection or an identity and credit check. Klarna's operating company is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden. The personal data transmitted to Klarna will be processed if necessary. from Klarna to credit agencies. The purpose of this transfer is to check identity and creditworthiness. Klarna also passes on the personal data to affiliated companies (Klarna Group) and service providers or subcontractors to the extent that this is necessary for the fulfilment of contractual obligations or the data is to be processed on behalf of Klarna. You have the option of revoking your consent to the handling of personal data at any time vis-à-vis Klarna. A revocation does not affect personal data that must be processed, used or transmitted for the purpose of (contractually compliant) payment processing. Klarna's applicable data protection regulations can be found at https://cdn.klarna.com/1.0/shared/content/policy/data/de_de/data_protection.pdfcan be retrieved. Payment service provider Apple Pay: Apple Pay is a service of Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Republic of Ireland. Payment is processed via the "Apple Pay" function of your iOS, watchOS or macOS device by debiting a payment card stored with "Apple Pay". When you use Apple Pay on your iPhone or Apple Watch to complete a purchase you made through Safari on your Mac, your Mac and the authorization device communicate through an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can be used to identify you. You can disable the ability to use Apple Pay on your Mac in your iPhone's settings. Go to "Wallet & Apple Pay" and uncheck "Allow Payments on Mac". For more information on Apple Pay privacy, please visit the following web address: support.apple.com/de-de/HT203027 .
Payment via iDEAL: iDEAL is an online payment system of the service provider Currence Holding B.V., Gustav Mahlerplein 33-35, 1082 MS Amsterdam, The Netherlands. iDEAL forwards customers to their banks. We do not transmit any personal data to iDEAL or your bank. The applicable data protection regulations of iDEAL can be found at https://www.ideal.nl/en/disclaimer-privacy-statement/can be retrieved. Payment by eps bank transfer: eps is an online payment system of the service provider PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna. eps forwards customers to their banks. We do not transmit any personal data to eps or your bank. eps' applicable privacy policy can be found at https://zv.psa.at/de/datenschutzerklaerung.htmlcan be retrieved.

§ 12 Adaptation of the Privacy Policy

We reserve the right to amend this privacy policy from time to time. The new privacy policy will then apply to your return visit.

§ 13 Legal protection options

In the event of complaints, you can always contact the competent supervisory authority of the Union or the Member States. The supervisory authority mentioned in § 5 (above) is responsible for us.


As of April 2023