Privacy Notice

Privacy Policy
1) Introduction and Contact Details of the Controller
1.1 Below we inform you about the processing of your personal data when using our website. Personal data means all data with which you can be personally identified.
1.2 The controller within the meaning of the General Data Protection Regulation (GDPR) for the processing of data on this website is:
Becom S.àr.l.
2, op Huefdréisch
6871 Wecker
Luxembourg
Tel.: +352 278744
E-mail: info@cableshop.lu
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data Collection when Visiting our Website
2.1 When using our website for purely informational purposes (no registration or other transmission of information), we only collect the data that your browser transmits to our server (“server log files”):

visited website
browser used
referrer URL (the page from which you came)
date and time of access
amount of data transmitted
operating system used
IP address used (possibly anonymised)

Processing is carried out on the basis of Art. 6(1)(f) GDPR in our legitimate interest in ensuring the stability and functionality of the website. Data is not passed on or used for other purposes. However, we reserve the right to check server log files retrospectively if there are concrete indications of unlawful use.
2.2 For security reasons and to protect the transmission of confidential content (e.g. orders, inquiries), this website uses SSL or TLS encryption. You can recognise an encrypted connection by “https://” and the lock symbol in your browser line.

3) Cookies
We use cookies to make visiting our website attractive and to enable certain functions.

Session cookies: deleted automatically after closing the browser.
Persistent cookies: stored longer and enable, for example, saving of preferences.

Processing is carried out on the basis of Art. 6(1)(b) GDPR (contract fulfilment), Art. 6(1)(a) GDPR (consent), or Art. 6(1)(f) GDPR (legitimate interest in functionality and user-friendliness).
You can configure your browser to be informed about the setting of cookies, to decide individually or to exclude acceptance. If cookies are rejected, functionality of the website may be limited.

4) Contacting Us
When contacting us (e.g. via form or e-mail), we collect the data you provide exclusively for the purpose of processing your request and for the related technical administration.
Legal basis:

Art. 6(1)(f) GDPR (legitimate interest in answering your request),
Art. 6(1)(b) GDPR (if the request is related to contract conclusion).

Your data will be deleted after final processing of the request unless statutory retention obligations require otherwise.

5) Comment Function
When using the comment function, we store:

your comment,
the pseudonym used,
date of the comment,
your IP address (for security and traceability in case of legal violations),
your e-mail address (for contact in case of complaints).

Legal basis: Art. 6(1)(b) and (f) GDPR.
We reserve the right to delete unlawful comments.

6) Customer Account & Contract Processing
When opening a customer account, we collect personal data in accordance with Art. 6(1)(b) GDPR, insofar as this is necessary for contract processing.
The customer account can be deleted at any time. Data will be deleted once all contracts have been fulfilled and there are no statutory retention obligations.

7) Order Processing
We pass on personal data to the transport company insofar as this is necessary for delivery.
For payment processing, data is passed on to the bank.
Legal basis: Art. 6(1)(b) GDPR.

8) Use of Your Data for Advertising Purposes
Newsletter:

Sent only with express consent (double opt-in).
Required: your e-mail address (other details optional).
We also store your IP address and date/time of registration for abuse prevention.
You can unsubscribe at any time via the link or by contacting the controller.

Legal basis: Art. 6(1)(a) GDPR.

9) Website Functions
Google reCAPTCHA
Provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, Ireland.
Data may also be transmitted to Google LLC in the USA.
Purpose: Protection against misuse (e.g. bots, spam, DDoS attacks). Data collected includes IP address, browser and system information, and date/time of use.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in protecting our website).
For data transfers to the USA, the EU-US Data Privacy Framework applies.
Privacy notice: [Google Privacy]

10) Tools & Miscellaneous
10.1 Cookie Consent Tool
When visiting the site, a pop-up window appears allowing users to consent to cookies. Cookies requiring consent are only set after approval.
Legal bases:

Art. 6(1)(f) GDPR (legitimate interest in legally compliant consent collection),
Art. 6(1)(c) GDPR (legal obligation).

10.2 Gambio – Error Reports
Provider: Gambio GmbH, Parallelweg 30, 28219 Bremen, Germany.
In the event of technical errors, the system automatically sends error reports (including IP address, browser, timestamp, URL). These may also contain personal data if the error relates to customer data.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in analysing and improving reliability).

11) Rights of the Data Subject
According to GDPR, you have the following rights:

Access (Art. 15)
Rectification (Art. 16)
Erasure (“Right to be Forgotten”, Art. 17)
Restriction of Processing (Art. 18)
Notification Obligation (Art. 19)
Data Portability (Art. 20)
Withdrawal of consent (Art. 7(3))
Right to lodge a complaint with a supervisory authority (Art. 77)

Right to Object (Art. 21 GDPR):

You may object at any time, for reasons arising from your particular situation, to the processing of your personal data.
In the case of direct marketing, you may object at any time without giving reasons.

12) Storage Period

With consent (Art. 6(1)(a) GDPR): until withdrawal.
With statutory retention obligations (e.g. commercial and tax law): deletion after expiry of the period.
With processing based on legitimate interests (Art. 6(1)(f) GDPR): storage until objection, unless overriding reasons apply.
For direct marketing: until objection.
Otherwise: deletion as soon as the purpose of processing no longer applies.