Guitars
Shapes
Series
Basses
Shapes
Series
Acoustic Guitars
Guitar shapes
Guitar series
Acoustic Guitars
Acoustic Basses
Bass shapes
Ukuleles
Series
Highlights
Amps
Types
Highlights
Search on Harley Benton
This Privacy Policy describes how Thomann GmbH (also called "Musikhaus Thomann" or "we") processes and protects the data you provide us with when using our website, according to the General Data Protection Regulation (GDPR) and the relevant German data protection laws, in particular the German Telecommunications Digital Services Data Protection Act (TDDDG) and the German Federal Data Protection Act (BDSG).
The security of personal data such as name, address, telephone number or email, is a serious and important concern for our company. Therefore, we conduct our online activities in compliance with the respective statutory provisions relating to data protection and data security. The following sets out the data and information we process as well as the purposes and legal bases for this processing.
The responsible authority within the meaning of the data protection regulations for all data processing through our website is:
Thomann GmbH, Hans-Thomann-Strasse 1, 96138 Burgebrach, Germany
In the event of any questions, comments, complaints or to exercise your rights as a data subject in connection with our Privacy Notice and the processing of your personal data by our websites, you can contact our Data Protection Officer directly by email: privacy@thomann.de. They will gladly take care of your data protection concerns.
If your personal data is processed, you are a data subject as defined in the GDPR and you have the following rights with regard to the controller:
You have the right to access the data stored about you and information concerning its origin, recipient and the purpose of data processing free of charge at any time. In addition, you have the right to rectify, delete or restrict the processing of your personal data, provided the legal requirements to do so are met. Details can be found in the relevant statutory provisions, Articles 15 to 19 GDPR.
You have the right to receive the personal data concerning you that you have provided to us as the controller, in a structured, commonly used and machine-readable format. We can comply with this right by providing a csv export of the customer data processed about you.
If you have exercised your right to rectification, deletion or restriction of processing against the controller, the controller is obliged to notify all recipients to whom your personal data has been disclosed of this rectification or deletion of data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the controller.
You may also revoke your consent with regard to us at any time with effect for the future using the contact details below, or with regard to cookie-based processing, via our cookie pop-up.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.
Cookies are used as part of our website services. Cookies are text files that are stored in the Internet browser or come from the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive string that allows the browser to be uniquely identified when the website is visited again. Cookies and other similar identifiers (e.g. web beacons) enable us to provide the information on our websites better and more efficiently, and to optimise your user experience on our websites.
Most cookies do not save a user’s personal data.
When you use our website, cookies are placed in your Internet browser, without which our websites would not operate or be displayed properly (“strictly necessary cookies”). Non-essential cookies are also used and which are mainly set by third parties to compile statistics on the use of our website or to adapt the information delivered to your individual needs and interests (“analysis and marketing cookies”).
The specific tools and applications used that store cookies on your device can be found in the relevant sections of this Privacy Policy and the application descriptions in our cookie pop-up.
The legal basis for processing personal data using technically necessary cookies is § 25(2)(2) TDDDG for the setting of such cookies on your device, as well as Article 6(1)(1)(f) GDPR, e.g. for any subsequently necessary processing on our systems.
The purpose of using technically essential cookies is to facilitate the use of websites for users. Some features of our website cannot be provided without the use of cookies. For these features, the browser must be recognised, even after moving to a different page; the same applies to individual settings you have made in your browser (e.g. language selection, volume). The usage data collected through technically necessary cookies is not used to create user profiles.
Analysis and marketing cookies are used to improve the quality of our website and its contents. Analysis cookies allow us to ascertain how the website is used and thus constantly optimise our service. To perform processing functions on your end device that are based on cookies or other identifiers (e.g. browser fingerprints, pixels) and are not technically necessary for our website to function, we first require your consent, which you can give using the cookie pop-up that appears when you access our website. The legal basis for this cookie-based processing is § 25(1)(1) TDDDG for the setting of cookies on your device, and Article 6(1)(a) GDPR for the subsequent processing outside of your device on our systems or the systems of our technology partners. These types of cookies are not necessary for our website to function and will not be placed until you give your consent.
On our websites, you have the option of contacting us via various communication channels. In this case, the personal data relevant to the respective communication channel and to be provided by you will be processed by us. For information on the type and scope of processing and the individual personal data concerned, please refer to the section on the communication channels relevant to this website.
It is possible to contact us via the email addresses provided on our website. In this case, the user's personal data transmitted by email will be stored.
We provide a contact form on our website that you can use to get in touch with us electronically and let us know what we can help you with. If a user takes advantage of one of these options, the data entered on the input screen will be transmitted to us and stored. This data includes:
No data is passed on to third parties in this context. The data is used exclusively for processing the conversation.
The legal basis for processing the data transmitted via the contact form or in the course of sending an email is Article 6 (1)(f) GDPR. If the purpose of the contact is to conclude a contract, the additional legal basis for the processing shall be Article 6(1)(b) GDPR.
The processing of the personal data transmitted in the course of making contact serves us solely to process the contact. This also constitutes the necessary legitimate interest in processing the data.
We process the personal data transmitted by email solely for establishing contact with you. This is also the basis for the required legitimate interest in the processing of data.
Any other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data sent by email, this is the case if the respective conversation with the user has ended. The conversation is deemed to be ended if it can be inferred from the circumstances that the relevant facts have been conclusively clarified.
We use Google Tag Manager to manage “website tags”. Tags are small code elements on our website that run upon certain interactions with the website and send measured data to the third party programs used (e.g. Google Analytics). The Tag Manager itself does not use cookies and does not collect any personal data. The Tag Manager triggers other tags that collect data and place cookies under certain circumstances (e.g. the third party programs used). The Tag Manager does not access this data.
Further information about Google Tag Manager, the details of data processing through these services and Google’s privacy policy can be found by visiting the links above.
The services described below are used for marketing, analysis and reach measurement purposes with the aim of making our offering more attractive. The legal basis for the data processing operations via these services is your consent given via our cookie pop-up (see above in the section Purposes and legal bases for the use of cookies and other identifiers), unless another legal basis is expressly stated in the following sections.
We use Meta Pixel on our website. With the help of this service, we can reach our customers directly via the social media platforms in the Meta network (particularly Facebook and Instagram) by showing ads to visitors to our websites when they visit one of the Meta platforms.
Meta Pixel implemented on our websites is a code snippet that is able to identify your browser via the browser ID – your browser’s individual fingerprint – and detect that you visited our website and what exactly you viewed there. A direct connection to the Meta servers is made when you visit our website. Meta can identify you by your browser ID because it is linked to other data about you stored by the Meta platform on your user account. Meta then delivers custom ads from us, tailored to your needs, on the timeline of your Meta platform or elsewhere on the respective Meta platform.
We cannot personally identify you via Meta Pixel, because we do not save personal data other than your browser ID using Meta Pixel.
Further information about Meta Pixel, the details of data processing through this service and Meta’s privacy policy can be found by visiting the links above.
Meta Platforms Ireland Ltd. is a subsidiary of Meta Platforms, Inc., based in the USA. It cannot be excluded that the data collected by Meta will also be sent to the USA.
Our website utilises Google Analytics, a web analytics tool from Google. Google Analytics uses “cookies”, text files stored on your computer that enable analysis of how you use the website. The cookie-generated information about your use of this website is usually transmitted to and stored on a Google server in the United States.
Google will use this information on our behalf for the purposes of analysing how you use the website, compiling reports on website activity and providing further services related to website and internet use to the website operator. Google will not combine the IP address transmitted by your browser via Google Analytics with other Google data. We would also like to point out that our website uses Google Analytics with the anonymizeIP extension so that IP addresses are only processed further in an abbreviated form to prevent them being directly linked to a particular individual.
You can disable cookies by setting your browser accordingly; however, if you do this you may not be able to use the full functionality of this website. Furthermore, you can prevent collection and transfer of the data generated by cookies and relating to your use of the website (including your IP address) to Google, as well as the processing of such data by Google, by downloading and installing the browser plug-in available from the following link: https://tools.google.com/dlpage/gaoptout/eula.html?hl.
More detailed information about how Google Analytics works and the terms of use and privacy policy relevant to this service can be found in the links provided above in this section.
Google Ireland Ltd. is a subsidiary of Google LLC, based in the USA. It cannot be excluded that the data collected by Google will also be sent to the USA.
We use Microsoft Clarity (“Clarity”) on our website. Clarity is a comprehensive analysis and evaluation tool that helps us record and evaluate user activities on our website. Through clarity, for example, we can create “heat maps” of the webpages and view and analyse them via dashboards to identify and optimise content and product offers in less frequently visited areas. In addition, by recording user actions, particularly during the checkout process, we can determine the areas in which users may have difficulties getting to the next order step or performing certain actions to successfully complete the checkout process. Other purposes are listed in the table below. Your personal account data will not be processed, nor will this data be linked to the data processed via Clarity. Any other relevant personal information will be masked using appropriate settings. Clarity uses an ID (Clarity ID) to target users of our website, but no personal data is processed via this ID.
The following data is processed via the service:
Further information on the data processed can be found at https://learn.microsoft.com/en-us/clarity/setup-and-installation/clarity-data.
| Processing purposes | Process |
|---|---|
| Tracking using Clarity ID | ID-related analysis of user behaviour based upon the usage data mentioned above |
| Analysis | Evaluating user behaviour and user interaction primarily with content on our website and the products in our webshop by processing predominantly technical user data, interaction data (e.g. device, browser, OS, IP addresses) |
| Heat mapping | Aggregation of usage data to determine the areas of our websites that are used and visited particularly frequently or rarely |
| Recording of user behaviour on specific areas of our websites, in particular the checkout process | Recording of user behaviour on our webpages (e.g. clicks, scrolls, mouse movements) in pseudonymised sessions while masking numerical shop data (such as prices) and personal form fields. |
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. Data on Clarity servers, including backups, is deleted after the retention period expires and cannot be recovered. Below is an overview of the retention periods (storage duration) of the different data types:
| Clarity data type | Retention period |
|---|---|
| Click data (data on the Clarity portal or aggregated data per page such as URL, user ID and pointer distance) | 13 months |
| Playback data (recording playback data) | 30 days |
| Sessions that have been marked or favoured | 13 months |
It cannot be excluded that Microsoft, as our technology partner, also operates via server locations in the USA in order to make its cloud services available to Clarity. Microsoft Ireland Operations Limited is a subsidiary of the Microsoft Corporation, based in the USA. Therefore, it also cannot be excluded that the data collected by Microsoft will also be sent to the USA. Data transfers to the USA are secured in accordance with Article 45 GDPR via the EU-US Data Privacy Framework (DPF). For further information on Clarity, please see https://learn.microsoft.com/en-us/clarity/setup-and-installation/about-clarity.
Multimedia content from third parties (e.g. videos, music as streams, social media posts, maps) may be integrated into our website using technical processes (usually iFrame or JavaScript). To ensure greater data protection, we have opted for a 2-click procedure for integrating this content; this means that the content is only reloaded on the web page after a first click with your consent and is only then available to you. With a second click, you can access the content, for example, play an embedded music track or a video. Only after the first click will any data processing be triggered via our servers or those of the third-party provider. For each item of integrated content, we also point out any additional data processing that may take place by the third-party provider when the content is accessed by linking to their respective relevant data protection notices.
In addition, some of our embedded content is only available once you have given your consent via our cookie pop-up. Information about the relevant services can be found in the information provided in our cookie pop-up.
You give your consent either via our cookie dialog or directly where the respective content is accessed on our website. The legal basis is your consent in accordance with § 25(1)(1) TDDDG, if activating the embedded content requires information (e.g. cookies) to be stored on your device or if information stored on your device needs to be accessed. The relevant legal basis for subsequent processing via our servers is Article 6(1)(a) GDPR; subsequent processing by the third-party provider, which we are not responsible for, is subject to the purposes and legal bases specified by the respective third-party provider in its privacy notice.
The following content ("embeds") is integrated on our website under the responsibility of the respective companies named as third-party providers:
Facebook: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; https://www.facebook.com/privacy/policy/
Instagram: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland; https://privacycenter.instagram.com/policy
Google Maps, YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; https://policies.google.com/privacy
Under the links mentioned above, you will also find information regarding settings for the protection of your privacy and regarding your further rights concerning the processing of your data by the respective third-party provider.
We may update this Privacy Notice from time to time. Please check our websites regularly for our current Privacy Notice.
If you have any comments or questions regarding this Privacy Notice or any other directives on this website, please contact us using the contact channels available on our website.
Last updated: 03/2025