This Privacy Notice is intended to provide information about our organisation and our practices with respect to the personal data of individuals in the EEA. (March 1st, 2023)

1. Introduction

In respect of personal data collected or otherwise processed by using our website and/or by using our webshop, Voyetra Turtle Beach Inc. and Turtle Beach Europe Limited will be joint ‘controllers’ (Article 26 GDPR). As described below, there are specific situations where only one of the two companies will be the sole controller.

Contact information:

Voyetra Turtle Beach, Inc.

44 S Broadway, 4th Floor

White Plains, NY 10601, USA

e-mail: privacy@turtlebeach.com

and

Turtle Beach Europe Limited

1st Floor (North Wing), Central 40,
Chineham Park, Basingstoke,
Hampshire,
RG24 8GU, UK

e-mail: privacy@turtlebeach.com

A data controller is responsible for deciding the ways in which and purposes for which personal data about you is processed. We may process your personal data ourselves or through others acting as data processors on our behalf.

Throughout this notice, ‘we’ and ‘us’ means Voyetra Turtle Beach, Inc. and Turtle Beach Europe Ltd., if not otherwise stated in this Policy.

Our representative in the EEA is:

TB Germany GmbH

Otto von Bahrenpark

Gasstrasse 4

22761 Hamburg, Germany

Fax: +49 (0)40 30 99 495 123

Email: privacy@turtlebeach.com

The Data Protection Officer for our representative is:

Dr. Christian Rauda

GRAEF Rechtsanwälte Digital PartG mbB

Jungfrauenthal 8
E-Mail: datenschutzbeauftragter@TBGermany.de

Website: www.graef.eu

‘Personal data’ means any information relating to you, such as your name and contact details, but does not include data where you can no longer be identified from it such as anonymised, aggregated data.

If you have any questions about this Privacy Notice, you can contact us using the details set out in the ‘Contact Us’ section below.

2. What personal data may we process about you and what do we use it for?

The EU General Data Protection Regulation (“GDPR”) specifies certain ‘legal bases’ for the processing of your personal data . The personal data that we may collect about you and the purposes for which such personal data will be used, as well as the legal basis for such processing are explained in this section.

This website is not targeted at users under the age of 18. If you are under the age of 18, you should not visit this site and, in particular, should not submit any personal data to us.

• • If you place an order through our website (webshop)

As mentioned, we (Voyetra Turtle Beach Inc. and Turtle Beach Europe Ltd.), process the data collected when using the webshop as joint controllers within the meaning of Art. 26 GDPR. For this purpose, we have concluded a joint controllership agreement.

When you place an order with us on our website we will request certain information from you. This information is likely to include your name, email address, payment card details, billing address, shipping address and telephone number. This information will be used to process your order, arrange delivery of your order and correspond with you in relation to your order. Our legal basis for using your personal data in this way is to perform the contract we enter into with you and to execute the customer service in respect of your order (Art. 6 (1) (b) GDPR).

This personal data is required in order to place an order with us. If you do not provide this information, we may not be able to accept your order or fulfil your order.

If you buy a Turtle Beach or a Roccat product, we may also use your contact details to ask you if you would like to review the product that you purchased. You do not need to submit a review, but if you do, we may process the personal data that you provide in your review or in connection with your review to publish your review on our website. We will provide you with further information about how we may use your review and associated data when we contact you to ask you to provide a review. Our legal basis for this processing is your consent (Art. 6 (1) (a) GDPR). You can revoke your consent at any time by editing or deleting your review.

• • If you sign up to receive e-mail marketing from us (note that the controller will only be Voyetra Turtle Beach, Inc.)

Our e-mail communications are not targeted at children. By opting in to receive e-mail marketing from us, you confirm that you are aged 18 or over.

When you sign up to receive e-mails from us we will collect your e-mail address for sending you information about our products, services, content and events. We or our authorized service provider will then use your e-mail address to send you e-mails with our latest new releases, deals, events, promotions, gaming articles and other promotional material and information about Turtle Beach or Roccat products. Our legal basis for processing your e-mail address for this purpose is your consent (Art. 6 (1) (a) GDPR). If you do not provide your e-mail address, we will not be able to send you the e-mails that you request. Your consent will remain valid even if you cancel your order, but it is always freely revocable if you click on the unsubscribe link in such marketing email or reply STOP to unsubscribe from our marketing texts.  

If you have signed up to receive communications using one of our websites, we will automatically record which Turtle Beach website you used to join our mailing list. We will use this information to ensure that our communications to you are in the same language as the website that you have used. Our legal basis for processing this information is our legitimate interest (Art. 6 (1) (f) GDPR) in ensuring that the communications we send you are in an appropriate language.

We also collect information about whether you open e-mails sent by us to evaluate the effectiveness of our communication, as well as the effectiveness of time and days of our communications. Our legal basis for this processing is our legitimate interest (Art. 6 (1) (f) GDPR) in evaluating the effectiveness of our communications and our marketing strategy.

• • Text Marketing and notifications

We are using a text messaging platform based in the US operated by SMSBump, a Yotpo company which is US based at Lafayette Street, New York, NY 10003, USA. It provides an app on the Shopify platform for marketing via text messaging. You will find SMSBump’s Privacy Policy and GDPR-related disclosures here: https://smsbump.com/page/privacy-policy. By opting-in for our text marketing and notifications during the ordering process , you agree with this data processing.

By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase.

Your phone number, name and purchase information will be processed on the platform operated by SMSBump. Our data processor SMSBump will use your data sets only for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfill their delivery.

Voyetra Turtle Beach will have access to the data after your opt-in only in the following cases:

• • To respond to your reply messages to us or
  • To send you the text marketing messages.

Our legal basis for processing your personal data for these purposes is your consent (Art. 6 (1) lit a) GDPR) to the text marketing. Voyetra Turtle Beach has entered into EU Standard Contractual Clauses with SMSBump as the data exporter and takes appropriate measures to comply with the GDPR’s provisions for data transfers out of the EU.

If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you with in any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.

If you unsubscribe, SMSBump will continue to store your phone number as required by law. Specifically, this means that SMSBump will then store your phone number on a separate list (blacklist) on its server to ensure that SMSBump no longer contacts this phone number for marketing purposes. SMSBump does not share this phone number. We have access to this list and can add or remove individual entries. The legal basis for this storage is our legitimate interest according to Article 6 Paragraph 1 lit. f DSGVO. As long as the phone number is stored there, you can easily log back in by sending an SMS with "UNSTOP" from this number. You can contact us at any time to have SMSBump delete your phone number from the blacklist. However, it will then no longer be possible to reply with "UNSTOP".

For any questions please text "HELP" to the number you received the messages from. You can also contact us for more information.

• • If you win a prize

From time to time we may engage third parties to conduct social media giveaways and prize promotions or similar activities. If you engage in such activities, the operator of the giveaway or promotion will generally be a data controller in respect of your personal data. If you win a prize and we are responsible for fulfilling your prize, the operator may pass certain personal data that you provided to them (such as your name, address and contact details) on to us so that we can give you your prize. We will only use such personal data to give you your prize but might not be able to do so if we do not receive the relevant information. Our legal basis for this use of your personal data is our legitimate interest (Art. 6 (1) (f) GDPR) in providing prizes to winners in these kinds of promotions.

As part of a social media giveaway or prize promotion, you may be asked to sign up to receive emails from us. Information about signing up to our mailing list is provided above.

When you enter a sweepstake If you enter a sweepstake, we will process your personal data in connection with registration for participation in a sweepstake, the drawing of a winner, the notification of the winner, and the mailing of the prize. We will process the following categories of data: first and last name, address and e-mail address . The data processing is based on Art. 6 para. 1 lit. b) GDPR (the sweepstake agreement). The publication of the winner in advertising media and the transfer and use of such data for advertising purposes is based on Art. 6 para. 1 lit. a) GDPR (consent). The data will be stored by us until a winner has been determined and the prize has been successfully delivered. If you have consented to a transfer of the data for advertising purposes, the data will be stored by us for as long as the consent is valid.

• • If you register your product

If you buy a Turtle Beach or Roccat product, you can register the product with us.

Product registration is carried out by submitting certain information on our applicable online form. This information is likely to include your name, email address, postal address, details about your product (such as the model, serial number, product platform) and information about your purchase (such as where you purchased the product and the date of purchase).

Product registration is optional. If you choose to register your product, we will use the information that you provided to assist you with technical support or dealing with problems with your product (such as administering warranty claims), if you request. Our legal basis for processing this information for these purposes is our legitimate interest (Art. 6 (1) (f) GDPR) in assisting you efficiently with issues relating to Turtle Beach and Roccat products where you have chosen to register your product with us. If you do not provide these personal data, we may not be able to assist you in these ways or it may be more difficult for us to do so.

• • If you contact us for technical support

If you contact us for technical support, we may collect certain information from you such as your name, email address, postal address, details about your product (such as the model, serial number, product platform), information about your purchase (such as where you purchased the product and the date of purchase) and other information you provide us in connection with your technical support request. We may also generate certain information such as records of the technical issues with your product and our correspondence with respect to your enquiry.

We use this personal data in order to assist you with technical support, to deal with problems with your product (such as administering warranty claims) and to respond to your enquiry. The legal basis for this processing is that it is in our legitimate interest (Art. 6 (1) (f) GDPR) to assist you efficiently with issues relating to Turtle Beach or Roccat products when you request. If you do not provide this personal data, we may not be able to assist you in these ways.

• • If you contact us in relation to other matters

If you contact us through our website or otherwise, you may provide personal data to us in the course of your correspondence with us. This may include your name, address, email address, other contact details and your opinions. We may also generate personal data about you in connection with the correspondence, such as correspondence records and opinions.

We may process this personal data to correspond with you, respond to your enquiry or address matters raised by your correspondence. We may not be able to do so if you do not provide this personal data. The legal basis for this processing is our legitimate interests in responding to or addressing your enquiry or otherwise communicating with you in the course of our business.

• • Cookies (controller only Voyetra Turtle Beach Inc.)

Our website uses cookies. These cookies collect information about how you use our website, your previous interactions with our website and technical data (such as your IP address, browser type and version, time zone setting and location). Further information about our use of cookies is set out in our Cookie Policy below.

Other purposes of the data processing

In addition to the uses above, we may also process your personal data where required by law to do so or if we reasonably believe that it is necessary to protect our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal process.

We may also process personal data for purposes other than those for which the personal data was originally collected where permitted by applicable data protection laws. Where this is the case, we will provide you with information about that further processing.

Special categories of personal data

There are more limited bases for processing special category personal data. This is personal data which reveals or contains racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, genetic data, biometric data, health data, sex life and sexual orientation.

We do not intend to actively collect such special categories of personal data about you. Whilst we will use reasonable efforts to limit our holding of such data, please be aware that we may hold such data incidentally - for example, where you voluntarily send such special category data in an email to us.

3. 3. With whom will we share your information?
4.  

We may share your personal data with a third party where this is required by law or where we have another legitimate interest (Art. 6 (1) (f) GDPR) in doing so.

We may also need to share your personal data with:

• • other entities within our group, namely Turtle Beach Germany GmbH as our representative, as part of our regular reporting activities, in the context of a business reorganisation or group restructuring exercise, for assistance in relation to marketing and business development or in connection with the operation of group-wide functions and services;
  • professional advisers, including lawyers, bankers, auditors and insurers to the extent such information is relevant to their performance of their services;
  • regulators and government bodies;
  • IT service providers (such as cloud services providers, IT consultants and software-as-a-service providers); and
  • any of our service providers where such information is relevant to their performance of such services.

Examples of who may process your personal data in different scenarios are set out below.

If you place an order through our website

Our website is currently operated by us and uses the Shopify online e-commerce platform. When you place an order, Shopify will process your payment details on our behalf. We neither store credit card details nor do we share financial details with any third parties. Please note that for purposes of processing your transaction for goods and services provided by us, we may share your name, physical and IP address with Shopify. You find Shopify’s Privacy Policy at https://www.shopify.com/legal/privacy. In addition, please note Shopify’s White Paper on its international data transfers (https://help.shopify.com/pdf/cross-border-whitepaper.pdf). As stated in this White Paper, Shopify’s global platform, Shopify International Ltd. (an Irish entity) may transfer EEA personal data to Shopify Inc. (a Canadian entity) that may then share such data sets with sub-processors in Canada and other countries, such as the United States. For these transfers Shopify does not rely on EU Standard Contractual Clauses. Instead, Shopify transfers the relevant data sets pursuant to the requirements of PIPEDA (the Canadian privacy law), which the European Commission has determined provides adequate data protection under the GDPR, and subject to specific contractual agreements. Please consult the mentioned White Paper that also includes FAQ and a diagram illustrating the flow of data of European residents, and how Shopify ensures protection for each step. Please also note that to the extent that you open your own account with Shopify, Shopify may act as its own independent data controller for your personal data and may use such data for other or additional purposes based on their Privacy Policy.

For its European customers Turtle Beach cooperates with Klarna Bank AB with its principal place of business at Sveavägen 46, 111 34 Stockholm, Sweden (“Klarna”) as a provider of solutions for checkouts, such as Klarna’s Shopping Solution. For instance, Klarna processes your personal data when you use one of Klarna's payment methods, log in to a merchant website connected with Klarna, or choose to pay by debit or credit card during the payment process in Klarna's checkout with a merchant. In all these cases Klarna acts as a separate and independent data controller and not as our data processor for the personal data it receives via the platform for these purposes. Klarna may also use these personal data in order to send newsletters, to conduct product surveys, to advertise similar products or services of Klarna and for event invitations, provided that Klarna has the right to do so pursuant to applicable laws. The services provided by Klarna are subject to separate Klarna privacy policies, prompted before the first use of such service that also list your rights under applicable laws. You find a list of the relevant Klarna privacy policies per country here: https://www.klarna.com/international/privacy-policy/. Also please note that Klarna Bank may set cookies for their site as you check out on a Klarna webpage.

When you place an order, we may share your name, physical and email address and order details (date, amount, product) with Signifyd for fraud prevention services. Signifyd is located at 99 Almaden Blvd., 4th floor, San Jose, CA 95113, USA (www.signifyd.com) and is responsible for performing its service as set forth in an agreement with us, as an independent controller and not as a processor, namely for the purposes of fraud identification, prevention, dispute and monitoring, and to analyze data for the purpose of building, maintaining and improving Signifyd’s predictive models and fraud-related services through Signifyd’s own AI model for the same purposes. We have Module 1 EU Standard Contractual Clauses with Signifyd (controller-to-controller) with UK and Swiss addenda with Signifyd in place. Signifyd has a separate legitimate interest to process these sets data as Signifyd is independently endorsing an order, and it is in Signifyd’s sole discretion to approve a transaction/provide a financial guarantee to us for the order amount. Signifyd has received and actively maintains SOC 2, Type 2 and PCI compliance certifications from an independent third-party auditor. Signifyd’s privacy policy is available here https://www.signifyd.com/privacy/

The legal basis for this sharing of the mentioned personal data with Signifyd as an independent controller is that it is in our legitimate interest (Art. 6 (1) (f) GDPR) to discover fraud and to protect ourselves against fraudulent orders. The GDPR recognizes fraud identification, prevention, dispute and monitoring in Recitals 47 and 71 as legitimate interests that provide a legal basis for a controller to process personal data.

If you sign up to receive e-mail marketing from us (controller only Voyetra Turtle Beach, Inc.)

When you sign up for our e-mail communications, your personal data is processed by Klaviyo, an email service provider, with its corporate address at 125 Summer St, 6^th floor, Boston MA 02110, United States. ( https://www.klaviyo.com/and its privacy policy at https://www.klaviyo.com/legal/privacy-policy). Klaviyo stores and administers your consent and acts as data processor on our behalf and processes your personal data on our instructions. We have enabled website tracking, so that Klaviyo identifies individuals that click through a Klaviyo email and browse our website. Klaviyo will not track anonymous browsers. If you have questions how your consent is processed, please contact at privacy@klaviyo.com. Klaviyo has implemented EU Standard Contractual Clauses and other appropriate measures to comply with the EU data transfer rules (Art. 46 GDPR). The European Commission has certified that the EU Standard Contractual Clauses, in addition with other measures to safeguard the data, provide an adequate level of protection in respect of personal data.

We may also share your personal data with third parties in the context of the possible sale or restructuring of our business. We may also need to share your personal data with a regulator or to otherwise comply with applicable law or judicial process or if we reasonably believe that disclosure is necessary to protection our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal inquiries.

4. 4. Where your personal data may be processed.
5.  

We are based in the USA (Voyetra Turtle Beach, Inc.) and in the UK (Turtle Beach Europe Ltd.). Your personal data may be held by us or our service providers in the USA or in the UK. Sometimes we may also transfer your personal data to other jurisdictions outside the European Economic Area (‘EEA’). For example, we may use cloud service providers who store personal data on servers in jurisdictions outside the EEA.

The European Commission has not finally determined that the laws of the USA and of the UK generally provide an adequate level of protection in respect of personal data. Other non-EEA jurisdictions may similarly not provide the same level of protection in respect of personal data as in the EEA. Where required by the GDPR, we will (or will require a processor to) put in place appropriate safeguards such as the Standard Contractual Clauses approved by the European Commission. We also use EU Standard Contractual Clauses to protect your personal data that Turtle Beach Germany may share with Turtle Beach Europe after BREXIT.

5. 5. Right to withdraw your consent
6.  

As indicated above, we rely on your consent as our legal basis to send you e-mail marketing. You have the right to withdraw your consent to this processing at any time.

To withdraw your consent where you have previously consented to direct marketing, you can unsubscribe from direct marketing communications from us by:

• • clicking the ‘unsubscribe’ link in any e-mail communication that we send you; or
  • contacting us using the contact details listed below.

Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose to which you originally consented unless we now have an alternative legal basis for doing so.

6. 6. How long will we retain your information?
7.  

We will retain your personal data and other information for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements and our legitimate interests in maintaining such personal information in our records. For this we will consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

For example, we may retain the personal data we use for sending direct marketing email to you for so long as you subscribe to our e-mail mailing list. You can unsubscribe from direct marketing communications from us at any time as explained in Section 5 above. We may also remove such personal data in circumstances where you have not unsubscribed, such as where our e-mails to you are failing to deliver to your e-mail address or if you consistently do not open the e-mails that we send.

Once we no longer require your personal data for the purposes for which it was collected, we will securely destroy your personal data or anonymize them in accordance with applicable laws and regulations. Alternatively, the information may be anonymised so that it can no longer be associated with you, in which case it is no longer personal data.

7. 7. Your rights in relation to your personal data
8.  

To the extent your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights:

1. a) Right of access

You have the right to obtain a confirmation from us whether we process personal data concerning you , and, where that is the case, access to the personal data and the following information:

• (1) the purposes of the processing;

•  

• (2) the categories of personal data concerned;

•  

  (3) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;

•  

  (4) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

•  

  (5) the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data or to object to such processing;

•  

  (6) the right to lodge a complaint with a supervisory authority;

•  

  (7) where the personal data are not collected from you, any available information as to their source;

•  

  (8) the existence of automated decision-making, including profiling, referred to in Art. 22 para. 1 and 4 GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

You have the right to request information whether the personal data concerning you are transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR for such data transfer.

1. b) Right of rectification

It is important that the personal data we hold about you is accurate and current. Please let us know if your personal data which we process change during your relationship with us.

1. c) Right to restriction of processing

You shall have the right to obtain from us restriction of processing where one of the following applies:

• (1) the accuracy of the personal data is contested by yourself, for a period enabling us to verify the accuracy of the personal data;

•  

  (2) the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

•  

  (3) we no longer need the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;

•  

  (4) You have objected to processing pursuant to Art. 21 para. 1 GDPR pending the verification whether the legitimate grounds override those of the data subject.

Where the processing has been restricted, such personal data shall, with the exception of storage, will only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of an EU Member State.

1. d) Right to erasure (‘right to be forgotten’)

You shall have the right to obtain from us the erasure of personal data concerning you. In this case, we have the obligation to erase your personal data without undue delay where one of the following grounds applies:

• (1) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

•  

  (2) you withdraw consent on which the processing is based according to Art. 6 para.1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, and where there is no other legal ground for the processing;

•  

  (3) you object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para 2 GDPR;

•  

  (4) the personal data have been unlawfully processed;

•  

  (5) the personal data must be erased for compliance with a legal obligation in the European Union, or

•  

  (6) the personal data have been collected in relation to the offer of information society services referred to in Article 8 para.1 GDPR.

The right to erasure shall not apply to the extent that processing is necessary:

• (1)   for exercising the right of freedom of expression and information;

•  

  (2)   for compliance with a legal obligation which requires processing by the European Union or for the performance of a task carried out in the public interest

•  

  (3) for archiving, scientific or historical research purposes in the public interest or for statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to make it impossible or seriously impede the attainment of the objectives of such processing, or

   

  (4)   for the establishment, exercise or defense of legal claims.

1. e) Notification regarding rectification or erasure of personal data or restriction of processing

We will communicate any rectification or erasure of personal data or restriction of processing carried to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves a disproportionate effort. We will inform you about those recipients if you request it.

1. f) Right to data portability

You have the right to receive the personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:

>

• (1) the processing is based on consent pursuant to Art. 6 para 1 lit. a or Art. 6 para 1 lit. b or Art. 2 para 2 lit. a GDPR, or

•  

  (2) the processing is carried out by automated means.

The right shall not adversely affect the rights and freedoms of others.

In exercising your right to data portability, you shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

The exercise of this right shall be without prejudice to the right of erasure. That right shall not apply to any processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

1. g) Right to object

You shall have the right to object, at any time to processing of your personal data under the GDPR. We will no longer process the personal data, unless there are legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

1. h) Right to revoke the declaration of consent

You have the right to revoke your data protection declaration of consent at any time. Your revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until your revocation.

1. i) Right of complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the European Member State where you reside, work or suspect an infringement if you believe that the processing of personal data concerning you is not in compliance with GDPR.

8. 8. Changes to this Privacy Notice and additional privacy notices

Our practices with respect to personal data may vary from time to time and we may update this Privacy Notice at any time.

When you visit our website, we collect and process information about your usage of our websites (for example, the pages you visit and how you have navigated through our website) using cookies and other similar technologies. This helps us to provide you with a good experience when you browse our website. It also allows us to improve our site.

A cookie is a small file of letters and numbers that is stored on a user’s device. This Cookies Policy describes the cookies we use on our website and what they are used for.

The cookies that are not “strictly necessary” will not be pre-enabled and will only be placed if you opt-in (where required under applicable data privacy and electronic communications laws). These cookies can be removed at any time by using the OneTrust Cookie Management tool on the site. The tool allows you to block or modify all non-essential cookies. Strictly necessary cookies (cookies that are essential for the operation of our website and for us to provide services requested by you) cannot be removed. They include, for example, cookies that enable you to log into certain areas of our website or enable products to be kept in your online basket.

The types of cookies we use are set out below.

We use so-called session or flash cookies on our website and in our application. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified the next time the website is accessed. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change. The user data collected with those technically necessary cookies is not used to determine the identity of the user or to create user profiles. The legal basis for the processing of personal data by means of technically necessary cookies is Art. 6 para. 1 lit. f) GDPR.  

Shopify: We use strictly necessary cookies to distinguish users who visit our website or opt in for our service and for the Shopify online e-commerce platform of Shopify Inc., 151 O’Connor Street, Ground floor, Ottawa, Ontario, K2P 2L8, Canada so that our website runs smoothly. Please note the description on Shopify in our Privacy Policy.

If you access our services, your behavior can be statistically evaluated with the help of certain analytics tools for advertising and market research purposes or to improve our services by the use of cookies When using external service providers, we have appropriate contracts with the service providers in place so that the data processing complies with European data protection standards. The data processing via analytic cookies and the use of those analysis tools is based on your consent (Art. 6 para. 1 lit. a) DSGVO). You can revoke your consent at any time by changing the cookie-settings in the box at the top of this privacy policy.

You can also manage or disable cookies at any time by adjusting your browser settings. Please refer to the settings menu of your browser for instructions on how to change your cookie preferences. If you choose to disable cookies, the Turtle Beach website may not function properly, and certain content may not be available. While browsers vary, the following links may be helpful:

(a) Cookie settings in Internet Explorer

(b) Cookie settings in Firefox

(c) Cookie settings in Chrome

(d) Cookie settings in Safari on Mac and Safari on iPhone, iPad, or iPod touch.

If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.

1. 1. Shopify

We also use the analytical and performance recognition services of Shopify Inc. For this purpose, Shopify uses analytical cookies. Please note our Privacy Policy for more details on Shopify.

Shopify uses the following cookies: