Preserving your privacy is very important to us. We therefore proceed in all processes of data processing (such as collection, processing and transmission) in accordance with the statutory provisions of European and German data protection law. Note the German data protection law!
The following statement gives you an overview of which of your data on our websites are inquired, how this data is used and shared, how you can obtain information about the information given to us and what security measures we take to protect your data take.
1. Who is your contact person (responsible person) for your data protection concerns?
The responsible entity as defined in data protection regulations for all data processing processes taking place on our web pages is:
Telefon: +49(0)931-4678 64 68
We have appointed a data protection officer in accordance with legal requirements. You can reach it at: email@example.com
2. What data do we need from you to use our web pages? What data is collected and stored during use?
Personal data is any information related to an identified or identifiable natural person (“data subject”), such as a person, such as your name, address, phone number, date of birth, bank details and IP address.
In general, we collect and use our user’s personal data only insofar as this is necessary to provide a functional website of our content and services. Collecting and using our users’ personal data regularly occurs, but only with the user’s consent. An exception applies to cases in which prior consent is not possible for reasons of fact and the processing of the data is permitted by law.
a) Usage Data
When using our web pages, the following data are logged, whereby its storage serves exclusively for internal system-related and statistical purposes—“usage data”:
- Website visited
- Date and time of access
- Amount of data sent in bytes
- Websites that the user’s system uses to access our website
- Browser used
- Operating system used
- IP address used
The log files contain IP addresses or other data that allow an assignment to a user. This could be the case, for example, if the link to the website from which the user accesses the website or the link to the website to which the user is switching contains personal data.
The data is also stored in the log files of our system. We do not store this data together with other personal user data.
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f Data Protection Basic Regulation.
Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. We do not evaluate the data for marketing purposes in this context.
For these purposes, our legitimate interest in the processing of data according to Art. 6 para. 1 lit. f Data Protection Basic Regulation.
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. In the case of collecting data for the provision of the website, this is the case when the respective session has ended.
The log files are collected and stored to maintain server operation and statistical evaluation. Stored IP addresses are anonymized after 24 hours; to do this, the last octet is zeroed out. Deletion takes place at the latest after 7 days. The log files are collected and stored to maintain server operation and statistical evaluation. An additional storage is possible.
In this case, IP addresses are deleted or alienated so that it is no longer possible to assign the calling client.
Collecting data for the provision of the website and for storing the data in log files is essential for operating the website. There is consequently no possibility of contradiction on the part of the user.
On our website, we offer users the opportunity to register by providing personal information. The data is entered into an input mask and transmitted to us and stored. A transfer of data to third parties does not occur. The following data is processed as part of the registration process:
At the time of registration, the following data will be stored:
- Email address
The following data is stored when registering via the order form and when entering further data after registration via the email address:
- Full name
- Company name (optional)
- Phone number (optional)
- Email address
Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a Data Protection Basic Regulation.
Art. 6 para. 1 lit. b Data Protection Basic Regulation serves as an additional legal basis for processing this data if the registration fulfills a contract of which the user is a party or the registration implements pre-contractual measures.
User registration is required to fulfill a contract with the user or to carry out pre-contractual measures.
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was originally collected.
Such is the case during the registration process for executing a contract or for performing pre-contractual measures when the data is no longer necessary for executing the contract. Even after the contract has been concluded, there may be a need to store the contracting party’s personal data in order to comply with contractual or legal obligations.
As a user, you have the option of canceling your registration at any time. The data stored about you can be changed at any time.
Data required for fulfilling the contract or for executing pre-contractual measures can only be deleted prematurely if deleting them is not precluded due to contractual or legal obligations.
c) Contact Form
We have prepared a contact form for you on our website so that you can contact us electronically if you have any requests or concerns. We only use the contact form to submit your name and your e-mail address. The following data will be stored once you have created your account:
- Email address
- Phone number
- Entered message
You can also contact us using the email provided. If you do use the email provided, contact us, then we will store the user’s personal data that is transmitted along with the email.
We use your information solely to process your request and may contact you for this purpose using the contact information provided. We will not use this data for advertising purposes or to transfer any of it to third parties.
The legal basis for the processing of data transmitted via the contact form or by e-mail is Art. 6 para. 1 lit. f Data Protection Basic Regulation. If the goal of establishing contact is to conclude a contract, then the legal basis for processing this contact is Art. 6 para. 1 lit. b Data Protection Basic Regulation.
We only process your personal data from the input mask in order to establish contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.
The other personal data processed during the sending process prevents misuse of the contact form and ensures the security of our information technology systems.
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was originally collected. This is the case for that personal data contained on the contact form’s input form and that data sent by e-mail when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the matter in question has been clarified.
The additional personal data collected during the sending process will be deleted within seven days.
You have the right to object to the following:
You have the opportunity to object to the processing of your personal data at any time. In order to object, please use the contact options listed above. Any conversation with us may not continue if you contact us by email and object to the storage of your personal information.
All personal data that was stored throughout the course of contact will be deleted in this case.
3. How will my data be used and, if necessary, passed on to third parties and for what purpose will this be done?
We use the personal data you provide to answer your inquiries and to process your order in our online shop.
Any transfer, sale or other transfer of your personal data to third parties will only take place if such disclosure is required for the purpose of contract execution or for billing purposes or collecting fees, e.g., shipping company or payment service provider fees, or if you have expressly consented to such transfer, sale or other transfer of your personal data to third parties.
The legal basis for transmitting your data to third parties for the purpose of contract execution or for billing purposes is Art. 6 para. 1 lit. b Data Protection Basic Regulation.
Payment via PayPal
We use the external payment service PayPal (Europe) S.à r.l. et Cie, S.C.A.
22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”) to process payments in our online shop. If you want to pay by credit card, direct debit or PayPal, our technical interface will automatically establish a connection to PayPal’s online payment system. The payment data you provide will be transmitted via an encrypted connection to PayPal solely for the purpose of payment processing and this data will be stored and processed there. Processing this data also takes place exclusively for the above-mentioned purpose of payment processing your order, whereby the payment data in PayPal may need to be forwarded to the bank specified by you in order to initiate the payment process and to authorize payment.
Advance payment or prepayment to our account
For the advance payment/prepayment methods on our account, we process your bank details and account data from which you have made the payment as part of the contract and our bookkeeping retention obligations.
4. References to External Services of Social Networks
On our websites, we link to social media platforms such as Facebook, Instagram and YouTube and we use the Whatsapp sharing button. This is done via a corresponding symbol on our website, which is marked with the corresponding logo of the respective social media platform and behind which a corresponding link to our corresponding social media page is hidden. Social plug-ins (like the Facebook “Like” button) are not included.
Our references to the social media services do not transmit any information from you to these services. These are normal hyperlinks that do not regularly transmit data. If you click on the link, you will be redirected to our social media presence at the respective social media service. Data transmission takes place only if you are logged in to your user account on the corresponding social media service. You can then link or share content from our websites directly to the social media service, or in the case of YouTube, watch the videos on our YouTube channel. Under certain circumstances, the respective social media service learns what content you have viewed on our website.
Together with us, the following are responsible for the social media services linked we are linked to:
- Facebook and its website Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA
- Instagram and its website, Instagram, LLC, 1601 Willow Rd. Menlo Park, CA 94025, USA
- YouTube and its website, YouTube, LLC, 901 Cherry Ave., St. Bruno, CA 94066, USA
These links also include information about options for setting up your privacy and about your further rights regarding how the respective social media service collects, processes and uses your data.
You are personally responsible for the data transmission that occurs to the aforementioned social networking services, since you become active by logging in to your respective social network account and are responsible for and the consequences of each link yourself, thereby initiating subsequent data processing by your social networking service.
5. What security measures have we taken to protect your data?
We have taken a variety of security measures to reasonably and adequately protect personal information.
When collecting and transmitting data via our Internet pages, we use standardized SSL encryption technology. Personal data is transmitted as part of the ordering process via an SSL encryption, recognizable by the lock symbol in the browser and in the address bar with the added “https://”.
You should never share your password for accessing our websites with third parties, and you should change your password regularly. Also, in order to protect access to your email account, online banking account, etc., you should not use the same password for other websites that you use for accessing our websites. If you have left our pages, you should log out and close your browser to prevent unauthorized users from accessing your user account.
When communicating by e-mail, we can not guarantee complete data security.
6. A cookie is stored on your computer when you use our website. What does this mean?
You can decide for yourself whether to allow cookies. By changing your browser settings (usually found under “Options” or “Preferences” in the menus of the browsers), you have the option to accept all cookies, to be informed when a cookie is set, or to reject all cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. It may not be possible to fully use all functions on our website if cookies that are technically necessary for our website are deactivated. When you visit our websites, you may also consent to the use of analytical and remarketing cookies by clicking on our cookie banner.
Our websites use transient cookies, persistent cookies and web bugs.
Transient cookies are automatically deleted when you close the browser. These include, in particular, the session cookies. These store a session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
We use transient cookies to make our website more user-friendly. Some elements on our website require the calling browser to be identified even after a page break. The following data are stored and transmitted in the cookies:
- Language settings
- Item in a shopping cart
- Log-in information
In addition, we use persistent cookies on our website that allow users’ browsing behavior to be analyzed. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. This allows the following data to be transmitted:
- IP address
- Entered search terms
- Use of website functions
Technical precautions pseudonymize the data collected via persistent cookies, which means that it is then no longer possible to assign data to the user visiting the website. The data will not be stored together with other personal data of users.
We also use tracking or web bugs or tracking pixels on our websites. These are mostly snapshots measuring only 1×1 pixel, which are able to identify and recognize your browser type via the browser ID—this acts as the individual fingerprint of your browser. Doing this allows the service provider to see when and how many users have called up the pixel, and if and when an email was opened or a web page visited.
You must actively agree to the use of persistent cookies and web bugs on our websites via the connected cookie banner. Your consent in accordance with Art. 6 para. 1 p. 1 lit. a Data Protection Basic Regulation, Art. 5 (3) ePrivacy Directive is the legal basis for the technical setting of such cookies on your device and the subsequent processing.
7. We use Google Analytics on our websites. What does that mean for you?
Our websites use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies,” which are text files that are stored on your computer that allow your use of the website to be analyzed as described in the section on cookies. The information generated by the cookie about your use of our web pages is usually transmitted to a Google server in the USA and stored there. However, in the case of activation of IP anonymization on our websites, Google will shorten your IP address beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will, however, only be sent to a Google server in the US and shortened there in exceptional cases. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity, and to provide other website activity and Internet-related services to us as website operators. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other data Google provides. You can prevent cookies from being stored by setting your browser software accordingly or by refusing the use of analysis cookies via the cookie banner. You may also prevent Google from collecting data generated by the cookie and related to your use of the website (including your IP address) and also prevent Google from processing this data by downloading and installing the browser plug-in available under the (http://tools.google.com/dlpage/gaoptout?hl=de) link.
The legal basis for using Google Analytics is your consent that you grant via the cookie banner in accordance with Art. 6 para. 1 sentence 1 lit. a Data Basic Protection Regulation, Art. 5 (3) ePrivacy Directive.
Revocation of Consent
You can prevent Google from collecting any information related to your use of our website (including your IP address) and you can also prevent Google from processing this data by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=de).
By clicking on the following link, you can also prevent Google Analytics from collecting data on your website visits by installing this browser plug-in, especially in Internet browsers for mobile devices:
This will install an opt-out cookie on your device, which prevents Google Analytics from collecting your data in the future whenever you visit this website. You must perform this procedure independently for each device.
Please note that if you delete cookies in your browser settings, Google Analytics might delete the opt-out cookie, and you might have to re-activate it
By default, cookies from Google Analytics are stored on your computer for 13 months, unless you revoke your consent beforehand.
8. We use Facebook remarketing on our websites. What does that mean?
For our purposes of retargeting or remarketing, we use “Custom Audiences,” a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). This service lets us target you with advertising by displaying Facebook ads for visitors to our websites when you visit the social network Facebook.
To do this, we have implemented Facebook remarketing pixels on our websites. A direct connection to the Facebook servers is established via the Pixel when you visit our websites. Facebook is able to identify you by the browser ID, since it is linked to other data stored on your Facebook user account. Facebook then delivers individualized ads tailored to your needs from us in your Facebook streaming or elsewhere on Facebook.
We ourselves are not able to personally identify you via the Facebook pixel, because apart from your browser ID, no further personal data is saved via Facebook’s remarketing pixel.
The legal basis for using Facebook Custom Audiences is your consent that you grant via the cookie banner in accordance with Art. 6 para. 1 sentence 1 lit. a Data Basic Protection Regulation, Art. 5 (3) ePrivacy Directive.
Revocation of Consent:
If you do not want to see advertisements generated by Facebook Custom Audiences, you can revoke your consent at any time by clicking on the following link:
This will install an opt-out cookie on your device, which prevents Facebook Custom Audiences from collecting your data in the future whenever you visit this website. You must perform this procedure independently for each device.
Please note that if you delete cookies in your browser settings, Facebook Custom Audiences might delete the opt-out cookie, and you might have to re-activate it.
9. We use Google Tag Manager. What does that mean for you?
10. We use Hotjar Analytics. What does that mean for you?
You can object to Hotjar storing a user profile and information about your visit to our website and to Hotjar Tracking Cookies being set on other websites by clicking this opt-out link.
11. Affected rights
If personal data from you is processed, you are affected as defined in the
Data Protection Basic Regulation and you have the following rights with respect to the controller person:
Information, correction, limitation of processing and deletion
At any time, you have the right to free-of-charge information on the data we store with respect to your person, the origin of the data and recipient as well as the purpose of data processing via our websites. In addition, you have the right to correct, delete and restrict the processing of your personal data, provided that the legal requirements for doing so are met.
Right to data portability
You have the right to receive personally identifiable information you have provided to us in a structured, customary and machine-readable format. We may fulfill this right by providing a csv export of the customer data processed about you.
Right to information
If you have asserted your right to rectification, erasure or restriction of the processing vis-a-vis the controller, then he/she is obligated to notify all recipients to whom the personal data concerning you have been disclosed of the need for correction, deletion or restricted processing, unless this proves to be impossible or involves a disproportionate amount of effort.
You have the right to be informed about these recipients.
Right to objection
You have the right at any time, for reasons that arise from your particular situation, to object to your personal data being processed, pursuant to Art. 6 para. 1 lit. e or lit. f Data Protection Basic Regulation; this also applies to profiling based on these provisions.
The controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to your data being processed for direct marketing purposes, your personal data will no longer be processed for these purposes.
Regardless of Directive 2002/58 / EC, you have the option, in the context of the use of information society services, of exercising your right to opt out by means of automated procedures that use technical specifications.
Revocation of data privacy-related declarations of consent
In addition, you may revoke your consent at any time with effect for the future to us under the contact details above. This revocation does not affect the legality of the data processing carried out on the basis of consent up until revocation was expressed.
Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your place of residence, employment or the place of the alleged infringement, if you believe that the processing of the personal data concerning you violates the EU General Data Protection Regulation.
The supervisory authority to which the complaint is submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the Data Protection Basic Regulation.