Thank you for your interest in our website. The protection of your privacy is very important to us. Below please find detailed information on how your data will be handled.
1. Who is the controller of my data and who is the data protection officer?
The Controller within the meaning of Art. 4(7) General Data Protection Regulation (GDPR) is:
Birkenstock Group B.V. & Co. KG
You may contact our Data Protection Officer at:
Birkenstock Group B.V. & Co. KG
Data Protection Officer
Harry Blum Platz
50678 Köln (Cologne)
For general questions regarding data protection issues please contact us via
2. Which categories of data are we processing and where do they come from?
Personal data are information referring to an identified or identifiable natural person (hereinafter referred to as “Data”). By using our website, we process the following categories of data in particular:
Data that you make available to us: When you contact us (e.g., via contact form or email), you provide us with data. The exact data that you provide are shown in the respective data entry forms. For example, the following data may be included: Your name, email address, telephone number, your other contact information including your address.
The relevant data entry form will tell you whether you are contractually or legally obligated to provide us with the relevant data or what consequences it may have if you do not provide us with the data.
Data we collect about you: We may also collect information about you from third parties. If you visit our website, we may also store access data in server log files.
Special categories of personal data: We do not collect and process any special categories of personal data.
3. On what legal basis will my data be processed?
We process your data only in accordance with the relevant statutory provisions and only if permissible by an applicable legal regulation (in particular from the GDPR). Should we wish to process your data for purposes other than those originally collected, we will ensure that we have a sufficient legal basis to do so. In particular, we will base processing of your data on the following legal basis. Please note that these examples are only intended to make the legal basis more transparent and are not an exhaustive list.
Consent (Art. 6(1)(a), Art. 7 GDPR): We will only process certain data if you have given us your express and voluntary consent in advance. You have the right to revoke your consent at any time with effect for the future.
Performance of a contract / precontractual measures (Art. 6(1)(b) GDPR): In the course of the performance or initiation of your sales contract or any other contract with us, we must process certain data.
Compliance with a legal obligation (Art. 6(1)(c) GDPR): We need to process some of your data in order to comply with legal obligations to which we are subject.
Protection of legitimate interests (Art. 6(1)(f) GDPR): We also process some of your data to protect our legitimate interests or the legitimate interests of third parties, unless your interests are overriding in individual cases.
4. For which purposes will we process your data?
Among other things, we will process your data for the following purposes:
- Contract-related processing purposes
Opening of a customer account: To open a customer account, you must first register with us. In the course of registration, we process certain of your data, such as your name and your address. The respective data entry forms will show which data we collect.
Data collection and use for contract performance: We collect and process personal data voluntarily provided to us when registering or maintaining your customer account. The respective data entry forms will show which data we collect. We use the data provided by you to meet our contractual obligations towards you and to process your inquiries.
Data processing on the basis of consents
- Data processing for compliance with legal obligations
We are subject to certain legal obligations when operating the web shop. This includes, among others, the obligation to ensure the security of your data when using the web shop. For this purpose, we may process your data as part of measures to ensure data security.
- Data processing on the basis of legitimate interests
Storage of access data in server log files: When you visit our web shop, we may store access data in server log files, such as the name of the requested file, date and time of access, the transferred data volume, and the requesting provider. We use these data exclusively to ensure an efficient operation of the site and to improve our offering.
5. With whom will my data be shared?
6. Will my data be transferred to a third country?
7. how long will my data be stored?
In accordance with Art. 17 GDPR, your data will be stored for as long as we are legally obligated to do so or as long as we need your data for the purposes stated under Section 4. Your data will then be deleted in order to comply with the principle of data minimization.
For example, after complete performance of the contract or erasure of your customer account, your data will be blocked for further use and erased after the expiry of statutory retention periods, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this scope, which is permitted by law and about which we will notify you. Deletion of your customer account is possible at any time either via a message to our Customer Service department or via a function provided in the customer account.
8. Which data protection rights may I assert as data subject?
Right of access
You may request information about the personal data stored about you (Art. 15 GDPR). This information includes the categories of data processed by us, the purposes of the processing, the origin of the data where we have not collected them directly from you, and, if applicable, the recipients to whom we have transmitted your data. You may receive from us a free copy of your data, which are the subject matter of the agreement. If you are interested in further copies, we reserve the right to invoice you for any additional copies.
Right to rectification and erasure
You may request the rectification of inaccurate personal data and the completion of incomplete personal data concerning you. (Art. 16 GDPR). In addition, you may also request the erasure of your data under the conditions of Art. 17 GDPR. This may be the case, for example, if
- the data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdraw consent on which the processing is based and where there is no other legal ground for the processing;
- you object to the processing of your data and there are no overriding legitimate grounds for the processing or you object to the processing of your data for direct marketing purposes;
- the data have been unlawfully processed
unless processing is necessary
- to ensure compliance with a legal obligation that requires us to process your data;
- especially with regard to legal retention periods;
- to assert, exercise, or defend legal claims.
Right to restriction of processing
You may also have the right to restrict the processing of your data, i.e., to mark the stored personal data with the aim of restricting their future processing. For this purpose, one of the conditions specified in Art. 18 GDPR must be met, i.e.,
- you contest the accuracy of the data for a period enabling us to verify the accuracy of the personal data;
- the processing is unlawful and you oppose the erasure of your personal data and request the restriction of their use;
- we no longer need your personal data, but they are required by you for the establishment, exercise, or defense of legal claims;
- you have objected to processing pending the verification whether our legitimate grounds override yours.
Right to data portability
Finally, you may also have a right to receive the personal data concerning you, which you have provided to us in a structured, commonly used, and machine-readable format. You may transfer these data to another controller without hindrance. You may also request that we transmit your data directly to another controller, where technically feasible (Art. 20 GDPR).
Right to object
You may object to processing of your personal data at any time on grounds relating to your particular situation, provided that the data processing is based on your consent or on our legitimate interests or those of a third party. In this case, we will no longer process your data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims s. If we process your data for direct marketing purposes, you may object to the processing at any time (Art. 21 GDPR). Your right to revoke your consent to the processing remains freely revocable at any time, regardless of your right of objection.
Right of lodging a complaint with a data protection authority
You have the right of lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data by us is in breach of applicable data protection law.
The data protection supervisory authority responsible for us is:
The Data Protection Official for the State of Rhineland-palatinate
9. How are my data protected?
We have taken appropriate technical and organizational security measures to ensure the protection of your data. We have developed an internal security concept for this purpose. This includes
10. Relevant legal texts
The provisions of the GDPR are available at:
Last update: 25.05.2018
 In accordance with Art. 9(1) GDPR, special categories of personal data are data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
 An updated list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection_en.