Data protection

 

This data protection declaration clarifies the type, scope and purpose of the processing of personal data (hereinafter referred to as “data”) in the context of the provision of our services as well as within our online offer and the associated websites, functions and content as well as external online presences, such as our social media profile (hereinafter jointly referred to as “online offer”). With regard to the terms used, such as “processing” or “person responsible”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Responsible person

Marc Schwiening
Paracelsusstr. 84
53177 Bonn

Germany

Telephone: +49 (0) 228 387 555 26
E-Mail: info@llifeoils.shop

Types of data processed

– Inventory data (e.g., personal master data, names or addresses).
– Contact details (e.g., email, phone numbers).
– Content data (e.g., text input, photographs, videos).
– Usage data (e.g. websites visited, interest in content, access times).
– Meta / communication data (e.g. device information, IP addresses).

Categories of data subjects

Visitors and users of the online offer (in the following we also refer to the persons concerned as “users”).

Purpose of processing

– Provision of the online offer, its functions and content.
– Answering contact requests and communicating with users.
– Safety measures.
– Reach measurement / marketing

Terms used

“Personal data” is all information that relates to an identified or identifiable natural person (hereinafter “data subject”); A natural person is regarded as identifiable who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or one or more special features, which express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

“Processing” is any process carried out with or without the aid of automated processes or any such series of processes in connection with personal data. The term goes far and includes practically every handling of data.

“Pseudonymisation” is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organizational measures that ensure that the personal data cannot be assigned to an identified or identifiable natural person.

“Profiling” means any type of automated processing of personal data that consists of using this personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal To analyze or predict the preferences, interests, reliability, behavior, whereabouts or relocation of this natural person.

The “person responsible” is the natural or legal person, authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data.

“Processor” means a natural or legal person, authority, institution or other body that processes personal data on behalf of the person responsible.

Relevant legal bases

In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. For users from the scope of the General Data Protection Regulation (GDPR), i.e. the EU and the EEC, unless the legal basis is mentioned in the data protection declaration, the following applies:
The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art 7 GDPR;
The legal basis for processing in order to fulfill our services and carry out contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR;
The legal basis for processing in order to fulfill our legal obligations is Article 6 (1) lit. c GDPR;
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis.
The legal basis for the processing required to perform a task that is in the public interest or is carried out in the exercise of official authority that has been transferred to the person responsible is Article 6 (1) (e) GDPR.
The legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) lit.f GDPR.
The processing of data for purposes other than those for which they were collected is determined in accordance with the provisions of Art. 6 Para. 4 GDPR.
The processing of special categories of data (in accordance with Art. 9 Paragraph 1 GDPR) is based on the requirements of Art. 9 Paragraph 2 GDPR.

Safety measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk.

The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, forwarding, ensuring availability and their separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, deletion of data and reaction to data threats. Furthermore, we already consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly default settings.

Cooperation with contract processors, jointly responsible persons and third parties

If we disclose data to other persons and companies (contract processors, jointly responsible persons or third parties) in the course of our processing, transmit them to them or otherwise grant them access to the data, this is only done on the basis of legal permission (e.g. if the data is transmitted to third parties, such as payment service providers to fulfill the contract), users have consented, a legal obligation provides for this or based on our legitimate interests (e.g. when using agents, web hosts, etc.).

If we disclose, transmit or otherwise grant access to data to other companies in our group of companies, this is done in particular for administrative purposes as a legitimate interest and, furthermore, on a legal basis.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or in the context of the use of third-party services or disclosure or transmission of data to other persons or companies happens, this only happens if it is done to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to express consent or contractually required transmission, we process or allow the data only in third countries with a recognized level of data protection, to which the US processors certified under the “Privacy Shield” belong or on the basis of special guarantees, such asInformation page of the EU Commission ).

Rights of data subjects

Right to information: You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with the legal requirements.

Right to rectification: You have accordingly. the legal requirements to request the completion of the data concerning you or the correction of the incorrect data concerning you.

Right to deletion and restriction of processing: In accordance with the legal requirements, you have the right to demand that the relevant data be deleted immediately or, alternatively, to request a restriction on the processing of the data in accordance with the legal requirements.

Right to data portability: You have the right to receive data relating to you that you have provided to us in accordance with the legal requirements in a structured, common and machine-readable format or to request that it be transmitted to another person responsible.

Complaint to the supervisory authority: In accordance with the legal requirements, you also have the right to lodge a complaint with the responsible supervisory authority.

Right of withdrawal

You have the right to revoke your consent with effect for the future.

Right to object

Right of objection: You have the right to object at any time to the processing of your personal data based on Art. 6 Paragraph 1 lit. e or f GDPR for reasons that arise from your particular situation; this also applies to profiling based on these provisions. If the personal data concerning you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

Cookies and right to object to direct mail

“Cookies” are small files that are stored on the users’ computers. Various information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his browser. Such a cookie can, for example, store the contents of a shopping cart in an online shop or a login status. Cookies are referred to as “permanent” or “persistent” and remain stored even after the browser is closed. For example, the login status can be saved, when users visit it after several days. The interests of users can also be stored in such a cookie, which is used for range measurement or marketing purposes. “Third-party cookies” are cookies that are offered by providers other than the person responsible for operating the online offer (otherwise, if it is only their cookies, they are referred to as “first-party cookies”).

We can use temporary and permanent cookies and clarify this as part of our data protection declaration.

If we ask the user for consent to the use of cookies (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) (a). GDPR. Otherwise, the personal cookies of users are stored in accordance with the following explanations in the context of this data protection declaration on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR) or if the use of cookies is necessary for the provision of our contract-related services, in accordance with Article 6 Paragraph 1 lit. GDPR, or if the use of cookies is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority, according to Art. 6 Paragraph 1 lit.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

A general objection to the use of cookies used for online marketing purposes can be made for a large number of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/be explained. Furthermore, cookies can be saved by deactivating them in the browser settings. Please note that you may then not be able to use all the functions of this online offer.

Deletion of data

The data processed by us will be deleted or restricted in their processing in accordance with the legal requirements. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention requirements.

If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.

Changes and updates to the privacy policy

We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your participation (e.g. consent) or other individual notification.

 

Business related processing

 

In addition, we process
– contract data (e.g., subject of the contract, duration, customer category).
– Payment data (e.g. bank details, payment history)
from our customers, interested parties and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.

 

Order processing in the online shop and customer account

 

We process the data of our customers as part of the order processes in our online shop, in order to enable them to select and order the selected products and services, as well as their payment and delivery or execution.

The processed data includes inventory data, communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing takes place for the purpose of providing contractual services in the context of the operation of an online shop, billing, delivery and customer services. We use session cookies to store the contents of the shopping cart and permanent cookies to store the login status.

The processing takes place in order to fulfill our services and to carry out contractual measures (e.g. carrying out order processes) and insofar as it is required by law (e.g. legally required archiving of business transactions for commercial and tax purposes). The information marked as necessary is required for the establishment and fulfillment of the contract. We disclose the data to third parties only in the context of delivery, payment or in the context of legal permits and obligations, as well as if this is based on our legitimate interests, which we inform you about in this data protection declaration (e.g. to legal and tax advisors, Financial institutions, freight companies and authorities).

Users can optionally create a user account in which they can see their orders in particular. As part of the registration, the required mandatory information is communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention is necessary for commercial or tax reasons. Information in the customer account remains until it is deleted with subsequent archiving in the event of a legal obligation or our legitimate interests (e.g. in the event of legal disputes). It is up to the users to save their data before the end of the contract if they cancel.

As part of the registration and renewed logins as well as the use of our online services, we save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the users in protection against misuse and other unauthorized use. This data will not be passed on to third parties unless it is necessary to pursue our legal claims as a legitimate interest or there is a legal obligation to do so.

The deletion takes place after the expiry of statutory warranty and other contractual rights or obligations (e.g. payment claims or performance obligations from contracts with customers), whereby the need to store the data is checked every three years; in the case of storage due to legal archiving obligations, the deletion takes place after their expiry.

 

Agency services

 

We process our customers’ data as part of our contractual services, which include conceptual and strategic advice, campaign planning, software and design development / advice or maintenance, implementation of campaigns and processes / handling, server administration, data analysis / consulting services and training services.

We process inventory data (e.g., customer master data, such as names or addresses), contact data (e.g., e-mail, telephone numbers), content data (e.g., text entries, photographs, videos), contract data (e.g., subject of the contract, term), payment data (e.g., Bank details, payment history), usage and metadata (e.g. in the context of evaluating and measuring the success of marketing measures). In principle, we do not process special categories of personal data, unless these are part of a commissioned processing. Those affected include our customers, interested parties and their customers, users, website visitors or employees as well as third parties. The purpose of processing is to provide contractual services, billing and our customer service. The legal basis for processing results from Art. 6 Para. 1 lit. b GDPR (contractual services), Art. 6 para. 1 lit.f GDPR (analysis, statistics, optimization, security measures). We process data that are necessary for the establishment and fulfillment of the contractual services and point out the necessity of their disclosure. Disclosure to external parties only takes place if it is necessary in the context of an order. When processing the data provided to us within the framework of an order, we act in accordance with the instructions of the client and the legal requirements for order processing in accordance with Art. 28 GDPR and do not process the data for any purposes other than the purposes of the order. which are necessary for the establishment and fulfillment of the contractual services and indicate the necessity of their specification. Disclosure to external parties only takes place if it is necessary in the context of an order. When processing the data provided to us within the framework of an order, we act in accordance with the instructions of the client and the legal requirements for order processing in accordance with Art. 28 GDPR and do not process the data for any purposes other than the purposes of the order. which are necessary for the establishment and fulfillment of the contractual services and indicate the necessity of their specification. Disclosure to external parties only takes place if it is necessary in the context of an order. When processing the data provided to us within the scope of an order, we act in accordance with the instructions of the client and the legal requirements for order processing in accordance with Art. 28 GDPR and do not process the data for any purposes other than the purposes of the order.

We delete the data after the expiry of statutory warranty and comparable obligations. The necessity of storing the data is reviewed every three years; In the case of the legal archiving obligations, the deletion takes place after their expiry (6 years, according to § 257 paragraph 1 HGB, 10 years, according to § 147 paragraph 1 AO). In the case of data that has been disclosed to us in the context of an order by the client, we delete the data in accordance with the specifications of the order, generally after the end of the order.

 

Google Cloud Services

 

We use the cloud and cloud software services offered by Google (so-called software as a service, e.g. Google Suite) for the following purposes: document storage and management, calendar management, sending e-mails, spreadsheets and presentations, exchanging documents, content and information with specific recipients or publication of websites, forms or other content and information as well as chats and participation in audio and video conferences.

Here, the personal data of the users are processed insofar as they become part of the documents and content processed within the services described or are part of communication processes. This can include, for example, master data and contact details of the users, data on procedures, contracts, other processes and their content. Google also processes usage data and metadata that are used by Google for security purposes and service optimization.

When using publicly available documents, websites or other content, Google can save cookies on the user’s computer for web analysis purposes or to remember user settings.

We use the Google Cloud services on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR in efficient and secure administrative and collaboration processes. Furthermore, the processing takes place on the basis of an order processing contract with Google ( https://cloud.google.com/terms/data-processing-terms ).

Further information can be found in Google’s data protection declaration ( https://www.google.com/policies/privacy ) and the security information on Google Cloud services ( https://cloud.google.com/security/privacy/). You can object to the processing of your data in the Google Cloud in accordance with the legal requirements. Otherwise, the deletion of the data within Google’s cloud services is determined by the other processing processes in which the data is processed (e.g. deletion of data no longer required for contractual purposes or storage of data required for taxation purposes).

The Google Cloud services are offered by Google Ireland Limited. As far as a transfer takes place in the USA, we refer to the certification of Google USA under the Privacy Shield ( https://www.privacyshield.gov/participant?id=a2zt0000000000001L5AAI&status=Aktiv ) and standard protection clauses ( https://cloud.google. com / terms / data-processing-terms).

 

Microsoft cloud services

 

We use the cloud and cloud software services offered by Microsoft (so-called software as a service, e.g. Microsoft Office) for the following purposes: document storage and management, calendar management, sending e-mails, spreadsheets and presentations, exchanging documents, content and information with specific recipients or publication of websites, forms or other content and information as well as chats and participation in audio and video conferences.

Here, the personal data of the users are processed insofar as they become part of the documents and content processed within the services described or are part of communication processes. This can include, for example, master data and contact details of the users, data on procedures, contracts, other processes and their content. Microsoft also processes usage data and metadata that Microsoft uses for security purposes and service optimization.

When using publicly accessible documents, websites or other content, Microsoft can save cookies on the user’s computer for web analysis purposes or to remember user settings.

We use the Microsoft cloud services on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR in efficient and secure administrative and collaboration processes. Furthermore, the processing takes place on the basis of an order processing contract with Microsoft.

Further information can be found in Microsoft’s data protection declaration ( https://privacy.microsoft.com/de-de/privacystatement ) and the security information on Microsoft cloud services ( https://www.microsoft.com/de-de/trustcenter). You can object to the processing of your data in the Microsoft Cloud in accordance with the legal requirements. Otherwise, the deletion of the data within Microsoft’s cloud services is determined by the other processing processes in which the data is processed (e.g. deletion of data that is no longer required for contractual purposes or storage of data required for taxation purposes).

The Microsoft cloud services are offered by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. If data is processed in the USA, we refer to Microsoft’s certification under the Privacy Shield ( https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active ).

 

Amazon affiliate program

 

On the basis of our legitimate interests (i.e. interest in the economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR), we are a participant in the Amazon EU partner program, which was designed to provide a medium for websites the placement of advertisements and links to Amazon.de advertising cost reimbursement can be earned (so-called affiliate system). Ie as an Amazon partner, we earn from qualified purchases.

Amazon uses cookies in order to be able to trace the origin of the orders. Among other things, Amazon can recognize that you clicked the partner link on this website and then purchased a product from Amazon.

Further information on the use of data by Amazon and the possibility of objection can be found in the company’s data protection declaration: https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010 .

Note: Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or one of its affiliates.

 

Registration function

 

Users can create a user account. As part of the registration, the required mandatory information is communicated to the users and processed on the basis of Art. 6 Paragraph 1 lit. b GDPR for the purpose of providing the user account. The processed data includes, in particular, the login information (name, password and an email address). The data entered during registration will be used for the purpose of using the user account and its purpose.

The users can be informed by email about information that is relevant to their user account, such as technical changes. If users have canceled their user account, their data will be deleted with regard to the user account, subject to a statutory retention period. It is up to the users to save their data before the end of the contract if they cancel. We are entitled to irretrievably delete all user data stored during the term of the contract.

As part of the use of our registration and login functions as well as the use of the user account, we save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the users in protection against misuse and other unauthorized use. This data is generally not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Article 6 (1) c. GDPR. The IP addresses are anonymized or deleted after 7 days at the latest.

 

Comments and contributions

 

If users leave comments or other contributions, their IP addresses can be stored for 7 days on the basis of our legitimate interests within the meaning of Art. 6 Paragraph 1 lit. This is done for our safety if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case we can be prosecuted for the comment or contribution ourselves and are therefore interested in the identity of the author.

Furthermore, we reserve the right to process user information for the purpose of spam detection on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR.

On the same legal basis, we reserve the right to save the IP addresses of users for the duration of surveys and to use cookies in order to avoid multiple votes.

The personal information communicated in the context of the comments and contributions, any contact and website information as well as the content will be stored permanently by us until the user objects.

 

Comment subscriptions

 

The follow-up comments can be subscribed to by users with their consent in accordance with Article 6 (1) (a) GDPR. The users receive a confirmation email to check whether they are the owner of the email address entered. Users can unsubscribe from ongoing comment subscriptions at any time. The confirmation email will contain information on the cancellation options. For the purpose of proving the consent of the user, we save the time of registration along with the IP address of the user and delete this information when users unsubscribe from the subscription.

You can cancel the receipt of our subscription at any time, ie revoke your consent. On the basis of our legitimate interests, we can save the e-mail addresses that have been deleted for up to three years before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

 

Akismet Anti-Spam Check

 

Our online offer uses the “Akismet” service offered by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. The use takes place on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f) GDPR. With the help of this service, comments from real people are distinguished from spam comments. For this purpose, all comments are sent to a server in the USA, where they are analyzed and stored for four days for comparison purposes. If a comment has been classified as spam, the data will be saved beyond this period. This information includes the name entered, the email address, the IP address, the comment content, the referrer, information on the browser used and the computer system and the time of the entry.

Further information on the collection and use of data by Akismet can be found in Automattic’s data protection information: https://automattic.com/privacy/ .

Users are welcome to use pseudonyms or refrain from entering their name or email address. You can completely prevent the transmission of the data by not using our comment system. That would be a shame, but unfortunately we don’t see any other alternatives that work just as effectively.

 

 

Retrieval of emojis and smilies

 

Our WordPress blog uses graphic emojis (or smilies), ie small graphic files that express feelings, which are obtained from external servers. Here, the providers of the servers collect the IP addresses of the users. This is necessary so that the emojie files can be transmitted to the user’s browser. The emojie service is offered by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. Automattic’s privacy policy: https://automattic.com/privacy/. The server domains used are sworg and twemoji.maxcdn.com, which, as far as we know, are so-called content delivery networks, i.e. servers that are only used for the fast and secure transmission of files and the personal data of users be deleted after the transmission.

The use of the emojis is based on our legitimate interests, ie interest in an attractive design of our online offer in accordance with Art. 6 Paragraph 1 lit. f. GDPR.

 

contact

 

When contacting us (e.g. via contact form, email, telephone or via social media), the information provided by the user is used to process the contact request and to process it in accordance with Article 6 Paragraph 1 lit. (in the context of contractual / pre-contractual relationships), Art. 6 Paragraph 1 lit. f. (other inquiries) GDPR processed get saved.

We delete the inquiries if they are no longer required. We review the requirement every two years; The statutory archiving obligations also apply.

 

CRM-System Zendesk

 

We use the CRM system “Zendesk” from the provider Zendesk, Inc., 989 Market Street # 300, San Francisco, CA 94102, USA, in order to be able to process user inquiries faster and more efficiently (legitimate interest according to Art. 6 Paragraph 1 lit.f GDPR).

Zendesk is certified under the Privacy Shield Agreement and thus offers an additional guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000TOjeAAG&status=Active ).

Zendesk only uses user data for the technical processing of inquiries and does not pass them on to third parties. To use Zendesk, at least a correct email address is required. A pseudonymous use is possible. In the course of processing service inquiries, it may be necessary to collect additional data (name, address).

If users do not agree to data being collected and stored in the external Zendesk system, we offer them alternative contact options for submitting service inquiries by email, telephone, fax or post.

Users can find more information in Zendesk’s data protection declaration:  https://www.zendesk.de/company/customers-partners/privacy-policy/ .

 

Communication via WhatsApp messenger

 

We use WhatsApp Messenger for communication purposes and ask you to observe the following information on functionality, encryption, WhatsApp risks, use of metadata within the Facebook group and your options for objection.

You do not have to use WhatsApp and can contact us in alternative ways, e.g. by phone or email. Please use the contact options provided to you or use the contact options provided on our website.
WhatsApp (WhatsApp Inc. WhatsApp Legal 1601 Willow Road Menlo Park, California 94025, USA) is a US service, which means that the data you send via WhatsApp can first be transmitted to WhatsApp in the USA. before they are sent to us.

WhatsApp, however, is certified under the Privacy Shield Agreement and therefore guarantees to comply with European and Swiss data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG&status=Active ).
WhatsApp also guarantees that the content of communication (i.e. the content of your message and attached images) is encrypted end-to-end. This means that the content of the messages cannot be viewed, not even by WhatsApp itself. You should always use the latest version of WhatsApp to ensure that the message content is encrypted.

However, we would like to point out to our communication partners that WhatsApp cannot see the content, but can find out that and when communication partners are communicating with us as well as technical information about the device used by the communication partner and, depending on the settings of their device, location information (so-called metadata) processed. With the exception of the encrypted content, the data of the communication partners within the Facebook group of companies can be transmitted, in particular for the purpose of optimizing the respective services and for security purposes. Communication partners should also assume, at least as long as they have not contradicted this, that their data processed by WhatsApp can be used for marketing purposes or for displaying advertising tailored to users.

If we ask communication partners for consent before communicating with them via WhatsApp, the legal basis for our processing of your data is Article 6 (1) lit. a. GDPR. In addition, if we do not ask for your consent and you contact us, for example, we use WhatsApp in relation to our contractual partners and in the context of contract initiation as a contractual measure in accordance with Art. 6 Para. 1 lit. b. DSGVO and in the case of other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and meeting the needs of our communication partner for communication via messengers in accordance with Art. 6 Para. 1 lit.f GDPR.

Further information on the purposes, types and scope of the processing of your data by WhatsApp, as well as the related rights and setting options to protect your privacy, can be found in WhatsApp’s data protection information: https://www.whatsapp.com/legal .

You can object to communication with us via WhatsApp at any time. If you subscribe to messages (also known as “broadcasts”) via WhatsApp, you can delete our corresponding telephone number from their contacts and ask us to remove your contact from our directory. In the case of ongoing individual inquiries or communications, you can also ask us not to continue communication via WhatsApp and to delete the communication content.

In the case of communication via WhatsApp, we delete the WhatsApp messages as soon as we can assume that we have answered any information from the user, if no reference to a previous conversation is to be expected and the deletion does not conflict with any statutory retention requirements.

Furthermore, we would like to point out that we do not transmit the contact details provided to us to WhatsApp without your consent (e.g. by contacting you via WhatsApp).

Finally, we would like to point out that for reasons of your security we reserve the right not to answer inquiries via WhatsApp. This is the case if, for example, internal contractual matters require special secrecy or a response via the messenger does not meet the formal requirements. In such cases, we refer you to more appropriate communication channels.

 

Communication via Facebook Messenger

 

We use Facebook Messenger for communication purposes and ask you to observe the following information on functionality, encryption, risks of Facebook Messenger, use of metadata within the Facebook group of companies and your options for objection.
You do not have to use the Facebook Messenger and can contact us in alternative ways, e.g. by phone or email. Please use the contact options provided to you or use the contact options given on our website.

The Facebook Messenger is offered by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, whereby the data entered and otherwise collected in the USA by Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA.

However, Facebook is certified under the Privacy Shield Agreement and therefore guarantees to comply with European and Swiss data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).

Facebook also guarantees that the communication content (ie the content of your message and attached images) cannot be read and offers end-to-end encryption of the content. This means that the content of the messages cannot be viewed, not even by Facebook itself. The end-to-end encryption, however, requires activation, which you have to activate in your messenger settings under the menu item “Secret conversations”. You should always use the latest version of the Facebook Messenger to ensure that the message content is encrypted.

We would like to point out to our communication partners that, even if encryption is activated, Facebook can find out that and when communication partners are communicating with us, as well as processing technical information about the device used by the communication partner and, depending on the settings of their device, also location information (so-called metadata). With the exception of the encrypted content, the data of the communication partners within the Facebook group of companies can be transmitted, in particular for the purpose of optimizing the respective services and for security purposes. Communication partners should also assume, at least as long as they have not contradicted this,

If we ask communication partners for consent before communicating with them via the Facebook Messenger, the legal basis for our processing of your data is Article 6 (1) (a). GDPR. In addition, if we do not ask for your consent and you contact us, for example, we use WhatsApp in relation to our contractual partners and in the context of contract initiation as a contractual measure in accordance with Art. 6 Para. 1 lit. b. DSGVO and in the case of other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and meeting the needs of our communication partner for communication via messengers in accordance with Art. 6 Para. 1 lit.f GDPR.

Further information on the purposes, types and scope of the processing of your data by Facebook, as well as the related rights and setting options to protect your privacy, can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy .

You can object to communication with us via Facebook Messenger at any time and ask us not to continue communication via Facebook Messenger and to delete the communication content. We delete the Facebook messages as soon as we can assume that we have answered any information from the user, if no reference to a previous conversation is to be expected and the deletion does not conflict with any statutory retention requirements.

Finally, we would like to point out that, for reasons of your security, we reserve the right not to answer inquiries via the Facebook Messenger. This is the case if, for example, internal contractual matters require special secrecy or a response via the messenger does not meet the formal requirements. In such cases, we refer you to more appropriate communication channels.

 

Chatbot in Facebook Messenger

 

We offer a so-called “chatbot” as a communication option. The chatbot is software that answers users’ questions or informs them of messages. Our chat bot can be accessed via the “Facebook Messenger” platform.

If you talk to our chatbot, we can process your personal data. In this case, your Facebook ID is saved in our system and we can see which users interact with our chat bot and when. We also save the content of your conversation exchanged with the chatbot. Furthermore, we automatically receive from Facebook access to your “public information”, which is stored on Facebook. This includes your name, profile and cover picture, gender, networks (e.g. school or job), user name (Facebook URL) and user identification number (Facebook ID). We only use this information to operate our chat bot, e.g. so that it can address you personally.

If you activate the information with regular messages in the chatbot, you have the option at any time to unsubscribe from the information for the future. The chatbot tells you how and with what terms you can unsubscribe from the messages. If you unsubscribe from chatbot messages, your data will be deleted from the directory of message recipients. Chat logs are anonymized by us, ie the user names and user IDs are automatically deleted or anonymized.

We use the above information to operate our chat bot, e.g. to address you personally, to answer your inquiries to the chatbot, to transmit any requested content, and to improve our chat bot (e.g. to give it answers to to “teach” frequently asked questions or to identify unanswered questions).

On the one hand, we use the chatbot on the basis of Article 6 Paragraph 1 lit. GDPR if we obtain the consent of the user to use it (this applies to the cases in which users are asked for consent, e.g. so that the chatbot sends them regular messages). If we use the chatbot to answer user inquiries about our services or our company, this is done in accordance with Article 6 Paragraph 1 lit. GDPR. In addition, we use the chatbot on the basis of our legitimate interests in optimizing the chatbot, addressing users more efficiently and comfortably for information, advertising and marketing purposes and increasing the positive user experience in accordance with Art. 6 Paragraph 1 lit. .

The use of the chatbot requires registration on the Facebook platform and use of the Facebook Messenger communication platform. The Facebook Messenger is offered by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, whereby the data entered and otherwise collected in the USA by Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA.
However, Facebook is certified under the Privacy Shield Agreement and therefore guarantees to comply with European and Swiss data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).

We would like to point out that Facebook can find out that and when users communicate with our chatbot and process technical information about the device used by the user and, depending on the settings of their device, also location information (so-called metadata). It is also possible to transmit user data within the Facebook group of companies, in particular for the purpose of optimizing the respective services and security purposes. Users should also assume that their data processed by the chatbot can be used for marketing purposes or to display advertising tailored to users.

For more information on Facebook’s data usage, we refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy.

 

eKomi reviews

 

We take part in the evaluation process of the provider eKomi Ltd., Markgrafenstr. 11, 10969 Berlin, Germany.

eKomi offers users the opportunity to rate our services. Users who have made use of our services are asked to consent to the sending of the evaluation request. If the users have given their consent (for example by clicking on a check box or a link), you will receive a rating request with a link to a rating page. In order to ensure that the users have actually made use of our services, we transmit to eKomi the data required for this with regard to the customer and the service used (this includes the name, the e-mail address, and the order number or . Item number). These data are used solely to verify the authenticity of the user.

The legal basis for the processing of the user’s data in the context of the evaluation procedure is consent in accordance with Article 6 Paragraph 1 lit. GDPR.

We can also integrate the eKomi widget into our website. A widget is a functional and content element that is integrated into our online offering and that displays variable information. The corresponding content is displayed within our online offer, but it is retrieved from the eKomi servers at this moment. This is the only way to always show the current content, especially the current rating. For this, a data connection must be established from the website called up within our online offer to eKomi and eKomi receives certain technical data (access data, including the IP address) that are necessary so that the content can be delivered. Furthermore, eKomi receives information that users have visited our online offer. This information can be stored in a cookie and used by eKomi to recognize which online offers that participate in the eKomi evaluation process have been visited by the user. The information can be saved in a user profile and used for advertising or market research purposes.

The legal basis for the processing of the user’s data in the context of the integration of the widget are our legitimate interests in informing our users about the quality of our services in accordance with Art. 6 Paragraph 1 lit. If we ask the user for consent to the processing of their data through the use of cookies, the legal basis for processing is Article 6 (1) lit. a. GDPR.

Further information on the processing of their data by eKomi as well as their rights of objection and other rights of data subjects can be found in eKomi’s data protection declaration: http://www.ekomi.de/de/datenschutz/ .

 

Trustedbadge from Trustedshops

 

The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops seal of approval and any reviews collected, as well as to offer Trusted Shops products to buyers after an order has been placed.

This serves to safeguard our predominantly legitimate interests in optimal marketing by enabling safe shopping in accordance with Art. 6 Paragraph 1 Sentence 1 lit. The Trustbadge and the services advertised with it are an offer from Trusted Shops GmbH, Subbelrather Str.15C, 50823 Cologne. The Trustbadge is provided by a CDN provider (Content Delivery Network) as part of order processing. Trusted Shops GmbH also uses service providers from the USA. An adequate level of data protection is ensured. Further information on data protection at Trusted Shops GmbH can be found here: https://www.trustedshops.de/impressum/#datenschutz .

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains the IP address of the user, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data are stored in a security database for the analysis of security issues. The log files are automatically deleted no later than 90 days after creation.

Further personal data is transferred to Trusted Shops GmbH if users decide to use Trusted Shops products after completing an order or if they have already registered for use. The contractual agreement made between the users and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data. Whether a user is already registered as a buyer for a product use is automatically checked on the basis of a neutral parameter, the email address hashed via a cryptological one-way function. The e-mail address is converted into this hash value, which cannot be decrypted for Trusted Shops, before transmission. After checking for a match, the parameter is automatically deleted.

This is necessary for the fulfillment of our and Trusted Shops’ overriding legitimate interests in the provision of the buyer protection linked to the specific order and the transactional evaluation services in accordance with Art. 6 Para. 1 S. 1 lit.f GDPR. Further details, including the objection, can be found in the Trusted Shops data protection declaration linked above and in the Trustbadge.

 

Trustpilot reviews

 

We take part in the evaluation process of the provider Trustpilot A / S, Pilestræde 58, 5, 1112 Copenhagen, Denmark.

Trustpilot offers users the opportunity to rate our services. Users who have made use of our services are asked to consent to the sending of the evaluation request. If the users have given their consent (for example by clicking on a check box or a link), you will receive a rating request with a link to a rating page. In order to ensure that the users have actually used our services, we transmit the necessary data to Trustpilot with regard to the user and the service used (this includes the name, the e-mail address and a reference number). These data are used solely to verify the authenticity and address the user.

The legal basis for the processing of the user’s data in the context of the evaluation procedure is consent in accordance with Article 6 (1) (a). GDPR.

In order to submit a review, it is necessary to open a customer account with Trustpilot. In this case, Trustpilot’s terms and conditions and privacy policy apply. In order to maintain the neutrality and objectivity of the ratings, we have no direct influence on the ratings and cannot delete them ourselves. For this purpose, we ask users to contact Trustpilot.

We can also integrate the Trustpilot widget into our website. A widget is a functional and content element that is integrated into our online offering and that displays variable information. The corresponding content is displayed within our online offer, but it is currently being accessed by the Trustpilot servers. This is the only way to always show the current content, especially the current rating. For this, a data connection must be established from the website called up within our online offer to Trustpilot and Trustpilot receives certain technical data (access data, including the IP address) that are necessary so that the content can be delivered. Furthermore, Trustpilot receives information that users have visited our online offer. This information can be stored in a cookie and used by Trustpilot to identify which online offers that participate in the Trustpilot evaluation process have been visited by the user. The information can be saved in a user profile and used for advertising or market research purposes.

The legal basis for the processing of the user’s data in the context of the integration of the widget are our legitimate interests in informing our users about the quality of our services in accordance with Art. 6 Para. 1 lit. f. GDPR. If we ask the user for consent to the processing of their data through the use of cookies, the legal basis for processing is Article 6 (1) lit. a. GDPR.

Further information on the processing of their data by Trustpilot as well as their rights of objection and other data subject rights can be found in the Trustpilot data protection declaration: https://de.legal.trustpilot.com/end-user-privacy-terms.

 

Newsletter

 

With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you declare that you agree to the receipt and the procedures described.

Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipient or with legal permission. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the consent of the user. In addition, our newsletters contain information about our services and us.

Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in process. Ie after registration you will receive an e-mail in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with someone else’s email address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation times as well as the IP address. Changes to your data stored by the shipping service provider are also logged.

Registration data: To register for the newsletter, it is sufficient to provide your email address. Optionally, we ask you to provide a name for the purpose of addressing you personally in the newsletter.

The dispatch of the newsletter and the associated performance measurement are based on the consent of the recipient in accordance with Art. 6 Paragraph 1 lit. a, Art. 7 GDPR in conjunction with Section 7 Paragraph 2 No. 3 UWG or if consent is not required , on the basis of our legitimate interests in direct marketing in accordance with Art. 6 Paragraph 1 according to f. GDPR in conjunction with Section 7 Paragraph 3 UWG.

The logging of the registration process is based on our legitimate interests in accordance with Art. 6 Paragraph 1 lit. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves our business interests as well as the expectations of users and also allows us to prove consent.

Cancellation / Revocation – You can cancel the receipt of our newsletter at any time, ie revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. On the basis of our legitimate interests, we can save the e-mail addresses that have been deleted for up to three years before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

 

Newsletter – Mailchimp

 

The newsletter is sent via the mailing service provider “MailChimp”, a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA. You can view the data protection provisions of the shipping service provider here: https://mailchimp.com/legal/privacy/ . The Rocket Science Group LLC d / b / a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European level of data protection ( https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active ). The shipping service provider is used on the basis of our legitimate interests in accordance with Art. 6 Paragraph 1 lit. f. GDPR and an order processing contract in accordance with Art. 28 Paragraph 3 S. 1 GDPR.

The shipping service provider can use the recipient’s data in pseudonymous form, ie without being assigned to a user, to optimize or improve its own services, e.g. for the technical optimization of shipping and the presentation of the newsletter or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

 

Newsletter – success measurement

 

The newsletters contain a so-called “web beacon”, ie a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, its server. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of retrieval, are initially collected.

This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our aim nor, if used, that of the shipping service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

A separate revocation of the success measurement is unfortunately not possible, in this case the entire newsletter subscription must be canceled.

 

Sweepstakes and competitions

 

We process personal data of the participants in sweepstakes and competitions only in compliance with the relevant data protection regulations and only for the provision, implementation and processing of sweepstakes and competitions (6 para. 1 lit.b GDPR).

The data of the participants will only be transmitted to other bodies if this is necessary for the implementation of the sweepstakes and competitions (e.g. for the purpose of sending prizes) or if a participant has consented to the transmission.

If contributions by the participants are published as part of the sweepstakes or competitions (e.g. in the context of a vote or presentation of the sweepstakes or competition entries, or the winners or reporting on the sweepstakes or competition), we point out that the names of the participants in this Context can also be published. Participants can object to this at any time

If the sweepstakes and competitions take place within an online platform or within a social network (e.g. Facebook or Instagram, hereinafter referred to as “online platform”), the usage and data protection provisions of the respective platforms also apply. In these cases, we would like to point out that we are responsible for the information provided by the participants in the context of the sweepstakes and competitions and that inquiries regarding the sweepstakes and competitions must be directed to us.

The data of the participants will be deleted as soon as the competition or competition is over and the data is no longer required to inform the winners or because queries about the competition are to be expected. In principle, the data of the participants will be deleted no later than 6 months after the end of the competition. The winners’ data can be kept longer, for example to answer questions about the prizes or to fulfill the prizes; In this case, the retention period depends on the type of profit and is, for example, up to three years for items or services, in order to be able to process warranty cases, for example. Furthermore, the data of the participants can be stored for a longer time, for example in the form of reporting on the competition in online and offline media.

If data were also collected for other purposes within the framework of the competition, their processing and the retention period are based on the data protection information for this use (e.g. in the case of a registration for the newsletter as part of a competition).

 

Hosting and e-mailing

 

The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, sending e-mails, security services and technical maintenance services that we use for the purpose of operating this online offer.

We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data from customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 lit.f GDPR in conjunction with Art. 28 GDPR (conclusion of an order processing contract).

 

Collection of access data and log files

 

We, or our hosting provider, collect data on every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 Paragraph 1 lit. The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider .

Log file information is stored for security reasons (e.g. to investigate acts of abuse or fraud) for a maximum of 7 days and then deleted. Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.

 

Cloudflare’s content delivery network

 

We use a so-called “Content Delivery Network” (CDN), offered by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active ).

A CDN is a service with the help of which the contents of our online offer, in particular large media files such as graphics or scripts, are delivered more quickly with the help of regionally distributed servers connected via the Internet. The processing of user data takes place solely for the aforementioned purposes and to maintain the security and functionality of the CDN.

The use is based on our legitimate interests, ie interest in a secure and efficient provision, analysis and optimization of our online offer in accordance with Art. 6 Paragraph 1 lit. f. GDPR.

For more information, see the Cloudflare privacy policy:  https://www.cloudflare.com/security-policy .

 

Google Tag Manager

 

Google Tag Manager is a solution with which we can manage so-called website tags via an interface (and thus, for example, integrate Google Analytics and other Google marketing services into our online offer). The Tag Manager itself (which implements the tags) does not process any personal user data. With regard to the processing of users’ personal data, reference is made to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html .

 

Google Analytics

 

We use Google Analytics, a web analysis service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transferred to a Google server in the USA and stored there.

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. In doing so, pseudonymous user profiles can be created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases.

The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by downloading and installing the browser plug-in available under the following link:  http: // tools .google.com / dlpage / gaoptout? hl = de .

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ) .

For more information on the use of data by Google, setting and objection options, see Google’s data protection declaration ( https://policies.google.com/privacy ) and the settings for the display of advertisements by Google (https: // adssettings. google.com/authenticated ).

The personal data of users are deleted or anonymized after 14 months.

 

Google Universal Analytics

 

We use Google Analytics in the form of ” Universal Analytics “. “Universal Analytics” refers to a process from Google Analytics in which the user analysis is carried out on the basis of a pseudonymous user ID and a pseudonymous profile of the user is created with information from the use of different devices (so-called “cross-device tracking”) .

 

Target group formation with Google Analytics

 

We use Google Analytics to only display the advertisements placed within Google’s advertising services and its partners to users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products that are based on the visited Websites) that we transmit to Google (so-called “remarketing” or “Google Analytics audiences”). With the help of remarketing audiences, we would also like to ensure that our ads correspond to the potential interest of the users.

 

Google Adsense with personalized ads

 

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

We use the AdSense service, with the help of which advertisements are displayed on our website and we receive remuneration for their display or other use. For these purposes, usage data such as the click on an advertisement and the IP address of the user are processed, whereby the IP address is shortened by the last two digits. Therefore, the processing of the user data is pseudonymised.

We use Adsense with personalized ads. In doing so, Google draws conclusions about their interests based on the websites visited by users or apps used and the user profiles created in this way. Advertisers use this information to align their campaigns with these interests, which is beneficial for users and advertisers alike. For Google, ads are personalized when recorded or known data determine or influence the ad selection. This includes previous searches, activities, website visits, the use of apps, demographic and location information. In detail, this includes: demographic targeting, targeting on interest categories, remarketing and targeting on lists for customer comparison and target group lists,

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ) .

You can find more information on the use of data by Google, setting and objection options in Google’s data protection declaration ( https://policies.google.com/technologies/ads ) as well as in the settings for the display of advertisements by Google (https: // adssettings.google.com/authenticated ).

 

Google Adsense with non-personalized ads

 

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

We use the AdSense service, with the help of which advertisements are displayed on our website and we receive remuneration for their display or other use. For these purposes, usage data such as the click on an advertisement and the IP address of the user are processed, whereby the IP address is shortened by the last two digits. Therefore, the processing of the user data is pseudonymised.

We use Adsense with non-personalized ads. The ads are not displayed on the basis of user profiles. Non-personalized ads are not based on previous user behavior. When targeting, context information is used, including rough (e.g. at the location level) geographic targeting based on the current location, the content on the current website or app, and current search terms. Google prevents any personalized targeting, including demographic targeting and targeting based on user lists.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ) .

You can find more information on the use of data by Google, setting and objection options in Google’s data protection declaration ( https://policies.google.com/technologies/ads ) as well as in the settings for the display of advertisements by Google (https: // adssettings.google.com/authenticated ).

 

Google AdWords and Conversion Measurement

 

We use the online marketing process Google “AdWords” to place advertisements in the Google advertising network (e.g. in search results, in videos, on websites, etc.) so that they are displayed to users who have a presumed interest in the advertisements. This allows us to display advertisements for and within our online offer in a more targeted manner in order to only present users with advertisements that potentially correspond to their interests. If, for example, a user is shown advertisements for products that he was interested in on other online offers, this is called “remarketing”. For these purposes, when our and other websites on which the Google advertising network is active, a Google code is immediately executed by Google and so-called (re) marketing tags (invisible graphics or code, also known as “Web Beacons”) integrated into the website. With their help, an individual cookie, ie a small file, is saved on the user’s device (comparable technologies can also be used instead of cookies). This file records which websites the user has visited, which content he is interested in and which offers the user has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer.

We also receive an individual “conversion cookie”. The information obtained with the help of the cookie is used by Google to create conversion statistics for us. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.

The data of the users are processed pseudonymously within the framework of the Google advertising network. This means that Google does not store and process the name or email address of the user, for example, but processes the relevant data on a cookie-related basis within pseudonymous user profiles. In other words, from Google’s point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected about the users is transmitted to Google and stored on Google’s servers in the USA.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ) .

You can find more information on the use of data by Google, setting and objection options in Google’s data protection declaration ( https://policies.google.com/technologies/ads ) as well as in the settings for the display of advertisements by Google (https: // adssettings.google.com/authenticated ).

 

Google Doubleclick

 

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

We use the online marketing process Google “Doubleclick” to place advertisements in the Google advertising network (e.g. in search results, in videos, on websites, etc.). Double Click is characterized by the fact that ads are displayed in real time based on the presumed interests of the users. This allows us to display advertisements for and within our online offer in a more targeted manner in order to only present users with advertisements that potentially correspond to their interests. If, for example, a user is shown advertisements for products that he was interested in on other online offers, this is called “remarketing”. For these purposes, when our and other websites on which the Google advertising network is active are accessed, Google immediately executes a Google code and so-called. (Re) marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. With their help, an individual cookie, ie a small file, is saved on the user’s device (comparable technologies can also be used instead of cookies). This file records which websites the user has visited, which content he is interested in and which offers the user has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer. a small file is saved (instead of cookies, comparable technologies can also be used). This file records which websites the user has visited, which content he is interested in and which offers the user has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer. a small file is saved (comparable technologies can also be used instead of cookies). This file records which websites the user has visited, which content he is interested in and which offers the user has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer.

The IP address of the user is also recorded, although it is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only transferred in full to a Google server in the USA and shortened there in exceptional cases. The aforementioned information can also be combined by Google with information from other sources. If the user then visits other websites, they can be shown advertisements tailored to them according to their presumed interests on the basis of their user profile.

The data of the users are processed pseudonymously within the framework of the Google advertising network. This means that Google does not store and process the name or email address of the user, for example, but processes the relevant data on a cookie-related basis within pseudonymous user profiles. In other words, from Google’s point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected by Google Marketing Services about users is transmitted to Google and stored on Google’s servers in the USA.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ) .

You can find more information on the use of data by Google, setting and objection options in Google’s data protection declaration ( https://policies.google.com/technologies/ads ) as well as in the settings for the display of advertisements by Google (https: // adssettings.google.com/authenticated ).

 

Google-Firebase

 

We use the developer platform “Google Firebase” and the functions and services associated with it, offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Firebase is a platform for developers of applications (“apps” for short) for mobile devices and websites. Google Firebase offers a variety of functions, which are shown on the following overview page: https://firebase.google.com/products/ .

The functions include, among other things, the storage of apps including personal data of the application users, such as the content they have created or information relating to their interaction with the apps (so-called “cloud computing”). Google Firebase also offers interfaces that allow interaction between the users of the app and other services, e.g. authentication using services such as Facebook, Twitter or an email password combination.

The evaluation of the interactions of the users can be done with the help of the analysis service “Firebase Analytics”. Firebase Analytics is aimed at recording how users interact with an app. Events are recorded, such as opening the app for the first time, deinstallation, update, crash or frequency of use of the app. The events can also be used to record other user interests, e.g. for certain functions of the applications or certain subject areas. In this way, user profiles can also be created that can be used, for example, as a basis for displaying advertising information tailored to users.

Google Firebase and the users’ personal data processed by Google Firebase can also be used together with other Google services, such as Google Analytics and Google Marketing Services and Google Analytics (in this case device-related information such as “Android Advertising ID “and” Advertising Identifier for iOS “processed to identify users’ mobile devices).

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ) .

Google’s privacy policy is available athttps://policies.google.com/privacy available. Users can find more information about the use of data for marketing purposes by Google on the overview page: https://policies.google.com/technologies/ads?hl=de ,

If users want to object to interest-based advertising by Google marketing services, users can Use the setting and opt-out options provided by Google: https://adssettings.google.com/

 

LinkedIn Marketing Services

 

We use the marketing services of the social network LinkedIn. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Mit Hilfe der Marketing-Dienste von LinkedIn können wir innerhalb des sozialen Netzwerks und der Angebote der Werbepartner von LinkedIn Anzeigen gezielter anzeigen oder um Nutzern nur Anzeigen präsentieren, die potentiell deren Interessen entsprechen. Falls einem Nutzer z.B. Anzeigen für Produkte angezeigt werden, für die er sich auf anderen Onlineangeboten interessiert hat, spricht man hierbei vom „Remarketing“. Ferner können wir nachhalten, welchen Erfolg unsere Anzeigen erzielt haben (sog “Conversion-Messung”). Wir erfahren jedoch nur die anonyme Gesamtanzahl der Nutzer, die auf unsere Anzeige geklickt haben und zu einer mit einem Conversion-Tracking-Tag versehenen Seite weitergeleitet wurden. Wir erhalten jedoch keine Informationen, mit denen sich Nutzer persönlich identifizieren lassen.

Zu den vorgenannten Zwecken wird bei Aufruf unserer und anderer Webseiten, auf denen die Marketing-Dienste von LinkedIn aktiv sind, ein Code von LinkedIn ausgeführt und es werden sog. “Insights-Tags” (unsichtbare Grafiken oder Code, auch als “Web Beacons” bezeichnet) in die Webseiten eingebunden. Mit deren Hilfe wird auf dem Gerät der Nutzer ein individuelles Cookie, d.h. eine kleine Datei abgespeichert (statt Cookies können auch vergleichbare Technologien verwendet werden). In dieser Datei wird vermerkt, welche Webseiten der Nutzer aufgesucht, für welche Inhalte er sich interessiert und welche Angebote der Nutzer geklickt hat, ferner technische Informationen zum Browser und Betriebssystem, verweisende Webseiten, Besuchszeit sowie weitere Angaben zur Nutzung des Onlineangebotes.

Die Daten der Nutzer werden im Rahmen der Marketing-Dienste von LinkedIn pseudonym verarbeitet. D.h. LinkedIn speichert und verarbeitet z.B. nicht den Namen oder die E-Mailadresse der Nutzer, sondern verarbeitet die relevanten Daten cookie-bezogen innerhalb pseudonymer Nutzerprofile. D.h. aus der Sicht von LinkedIn werden die Anzeigen nicht für eine konkret identifizierte Person verwaltet und angezeigt, sondern für den Cookie-Inhaber, unabhängig davon wer dieser Cookie-Inhaber ist. Dies gilt nicht, wenn ein Nutzer LinkedIn ausdrücklich erlaubt hat, die Daten ohne diese Pseudonymisierung zu verarbeiten. Auch wenn Sie bei LinkedIn registriert sind, ist es LinkedIn möglich, Ihrer Interaktion mit unserem Onlineangebot Ihrem Benutzerkonto zuzuordnen.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

The information collected about the users is transmitted to LinkedIn and stored on LinkedIn servers in the USA, whereby LinkedIn is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/ participant? id = a2zt0000000L0UZAA0 & status = Active ).

You can find more information about data usage by LinkedIn in the data protection declaration ( https://www.linkedin.com/legal/privacy-policy ) and the cookie policy of LinkedIn ( https://www.linkedin.com/legal/cookie_policy ) . You can object to the aforementioned use of your data on LinkedIn: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out .

 

Jetpack (WordPress Stats)

 

We use the Jetpack plug-in (here the sub-function “Wordpress Stats”), which integrates a tool for statistical analysis of visitor access and is provided by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. Jetpack uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analyzed.

The information generated by the cookie about your use of this online offer is stored on a server in the USA. Usage profiles of the users can be created from the processed data, whereby these are only used for analysis and not for advertising purposes. Further information can be found in Automattic’s privacy policy: https://automattic.com/privacy/and information on Jetpack cookies:  https://jetpack.com/support/cookies/ .

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users are processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR).

 

Facebook pixels, custom audiences and Facebook conversion

 

The so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”), is used within our online offer.

With the help of the Facebook pixel, Facebook is on the one hand able to determine the visitors of our online offer as a target group for the presentation of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to only display the Facebook ads placed by us to Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products that are based on the visited Websites) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and are not annoying.

The processing of the data by Facebook takes place within the framework of Facebook’s data usage guidelines. Accordingly, general information on the presentation of Facebook ads can be found in Facebook’s data usage guidelines:  https://www.facebook.com/policy . Special information and details about the Facebook pixel and how it works can be found in the Facebook help section: https://www.facebook.com/business/help/651294705016616 .

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

Facebook is certified under the Privacy Shield Agreement and thereby guarantees to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).

You can object to the collection by the Facebook pixel and the use of your data to display Facebook ads. To set which types of advertisements are shown to you within Facebook, you can call up the page set up by Facebook and follow the instructions there on the settings for usage-based advertising:  https://www.facebook.com/settings?tab=ads . The settings are platform-independent, ie they are adopted for all devices such as desktop computers or mobile devices.

You can also use cookies for range measurement and advertising purposes via the deactivation page of the network advertising initiative ( http://optout.networkadvertising.org/ ) and the US website (http://www.aboutads.info/choices ) or the European website ( http://www.youronlinechoices.com/uk/your-ad-choices/ ).

 

Microsoft Advertising

 

We use the conversion and tracking services “Microsoft Advertising” from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, within our online offer. Microsoft stores cookies on the users’ devices in order to enable an analysis of the use of our online offer by the user, provided that users have reached our online offer via a Microsoft advertisement (so-called “conversion measurement”). Microsoft and we can recognize in this way that someone clicked on an advertisement, was forwarded to our online offer and reached a previously determined target page (so-called “conversion page”). We only find out the total number of users who clicked on a Microsoft ad and were then redirected to the conversion page. No IP addresses are saved. No personal information about the identity of the user is given.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

Microsoft is certified under the Privacy Shield Agreement and thereby guarantees to comply with European and Swiss data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active ).

If users do not want to participate in Microsoft Advertising’s tracking process, they can also deactivate the required setting of a cookie via their browser settings or use the Microsoft opt-out page: http://choice.microsoft.com/de -DE / opt-out .

Users can find more information on data protection and the cookies used by Microsoft Advertising in Microsoft’s data protection declaration: https://privacy.microsoft.com/de-de/privacystatement .

 

Visual Website Optimizer

 

The Visual Website Optimizer service (an offer from Wingify Software Private Limited, 404, Gopal Heights, Netaji Subhash Place, Pitam Pura, Delhi 110034, India) is used within our online offer.

Visual Website Optimizer allows in the context of so-called “A / B-Testings”, “Click tracking” and “Heatmaps” to understand how different changes of a website affect (eg changes of the input fields, the design, etc.). A / B tests serve to improve the usability and performance of online offers. For example, users are shown different versions of a website or its elements, such as input forms, on which the placement of the content or the labeling of the navigation elements can differ. Subsequently, on the basis of the behavior of the users, for example lingering longer on the website or more frequent interaction with the elements, it can be determined which of these websites or elements correspond more to the needs of the user. “Click tracking” allows users to keep track of their movements within an entire online offering. Since the results of these tests are more accurate if the user interaction can be tracked over a certain period of time (e.g. can see whether a user would like to return), cookies are usually stored on the users’ computers for these test purposes. “Heatmaps” are mouse movements by the user, which are combined to form an overall picture, with the help of which it can be recognized, for example, which website elements are preferred and which website elements users prefer less. whether a user would like to return), cookies are usually stored on the user’s computer for these test purposes. “Heatmaps” are mouse movements by the users, which are combined to form an overall picture, with the help of which it can be recognized, for example, which website elements are preferred and which website elements users prefer less. whether a user would like to return), cookies are usually stored on the user’s computer for these test purposes. “Heatmaps” are mouse movements by the user, which are combined to form an overall picture, with the help of which it can be recognized, for example, which website elements are preferred and which website elements users prefer less.

Cookies are only stored on users’ devices for these test purposes. Only pseudonymous user data is processed. For further information we refer to the data protection declaration of Visual Website Optimizer: https://vwo.com/privacy-policy/ .

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 (1) lit. a. GDPR. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. f. GDPR).

If you do not want the Visual Website Optimizer to record your usage behavior, you can object to the data collection using this link: https: // [PLEASE-YOUR DOMAIN-INSERT] /? Vwo_opt_out = 1 .

 

Online presence in social media

 

We maintain an online presence within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services.

We would like to point out that user data can be processed outside of the European Union. This can result in risks for the user because it could make it more difficult to enforce the users’ rights, for example. With regard to US providers who are certified under the Privacy Shield, we would like to point out that they undertake to comply with the data protection standards of the EU.

In addition, user data is usually processed for market research and advertising purposes. For example, user profiles can be created from user behavior and the interests of the user resulting from this. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the usage behavior and the interests of the user are stored. Furthermore, data can be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

The processing of the personal data of the users takes place on the basis of our legitimate interests in an effective information of the users and communication with the users according to Art. 6 Abs. 1 lit. If the users are asked by the respective providers of the platforms for their consent to the data processing described above, the legal basis for processing is Article 6 (1) (a), Article 7 GDPR.

For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the information provided by the providers linked below.

Also in the case of requests for information and the assertion of user rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information. If you still need help, you can contact us.

– Facebook, pages, groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland) on the basis of an agreement on joint processing of personal data – data protection declaration: https://www.facebook.com / about / privacy / , especially for pages: https://www.facebook.com/legal/terms/information_about_page_insights_data, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status= Active .

– Google / YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) – Data protection declaration:   https://policies.google.com/privacy , Opt-Out: https://adssettings.google.com/authenticated , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active .

– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – data protection declaration / opt-out: http://instagram.com/about/legal/privacy/ .

– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data protection declaration: https://twitter.com/de/privacy , Opt-Out: https://twitter.com/personalization , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active .

– Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – data protection declaration / opt-out: https://about.pinterest.com/de/privacy-policy .

– LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – privacy policy https://www.linkedin.com/legal/privacy-policy , opt-out: https://www.linkedin.com/psettings/guest -controls / retargeting-opt-out, Privacy Shield:  https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active .

– Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) – Data protection declaration / opt-out: https://privacy.xing.com/de/datenschutzerklaerung .

– Wakalet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom) – Privacy Policy / Opt-Out: https://wakelet.com/privacy.html .

– Soundcloud (SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany) – Privacy Policy / Opt-Out: https://soundcloud.com/pages/privacy .

 

Integration of services and content from third parties

 

We use content or service offers from third-party providers within our online offer on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. Integrate services such as videos or fonts (hereinafter uniformly referred to as “content”).

This always presupposes that the third-party providers of this content perceive the IP address of the users, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and, among other things, technical information about the browser and operating system,

 

Youtube

 

We embed the videos from the platform “YouTube” from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Data protection declaration: https://www.google.com/policies/privacy/ , Opt-Out: https://adssettings.google.com/authenticated .

 

Google Fonts

 

We integrate the fonts (“Google Fonts”) from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. According to Google, the user data is used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform presentation and consideration of possible licensing restrictions for their integration. Data protection declaration: https://www.google.com/policies/privacy/ .

 

Google ReCaptcha

 

We integrate the function for recognizing bots, e.g. when entering online forms (“ReCaptcha”) from the provider GGoogle Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Data protection declaration: https://www.google.com/policies/privacy/ , Opt-Out: https://adssettings.google.com/authenticated .

 

Google Maps

 

We integrate maps from the “Google Maps” service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The processed data may include, in particular, the users’ IP addresses and location data, which, however, are not collected without their consent (usually in the context of the settings of their mobile devices). The data can be processed in the USA. Data protection declaration: https://www.google.com/policies/privacy/ , Opt-Out: https://adssettings.google.com/authenticated .

 

Typekit fonts from Adobe

 

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR), we use external “Typekit” fonts from the provider Adobe Systems Software Ireland Limited, 4 -6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. Adobe is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active).

 

Use of Facebook social plugins

 

On the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR), we use social plugins (“plugins”) from the social network facebook.com, which operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”).
This may include, for example, content such as images, videos or texts and buttons with which users can share content from this online offer within Facebook. The list and the appearance of the Facebook social plugins can be viewed here:  https://developers.facebook.com/docs/plugins/ .

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).

When a user calls up a function of this online offer that contains such a plugin, his device establishes a direct connection with the Facebook servers. The content of the plug-in is transmitted from Facebook directly to the user’s device, which integrates it into the online offer. In doing so, user profiles can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore informs users according to our level of knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged into Facebook, Facebook can assign the visit to their Facebook account. When users interact with the plugins, for example by pressing the Like button or making a comment, the corresponding information is transmitted directly from your device to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out his IP address and save it. According to Facebook, only an anonymized IP address is saved in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options to protect the privacy of users can be found in Facebook’s data protection information:  https://www.facebook.com/about/privacy/ .

If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link it to his member data stored on Facebook, he must log out of Facebook before using our online offer and delete his cookies. Further settings and contradictions to the use of data for advertising purposes are possible within the Facebook profile settings:  https://www.facebook.com/settings?tab=ads  or via the US website  http://www.aboutads.info/choices/  or the EU website  http://www.youronlinechoices.com/ . The settings are platform-independent, ie they are adopted for all devices such as desktop computers or mobile devices.

 

Twitter

 

Functions and contents of the Twitter service, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, can be integrated into our online offer. This can include, for example, content such as images, videos or texts and buttons with which users can share content from this online offer within Twitter.
If the users are members of the Twitter platform, Twitter can assign the above-mentioned content and functions to the profiles of the users there. Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active ). Data protection:https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.

 

Instagram

 

Functions and contents of the Instagram service, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated into our online offer. This may include, for example, content such as images, videos or texts and buttons with which users can share content from this online offer within Instagram. If the users are members of the Instagram platform, Instagram can assign the access to the above contents and functions to the profiles of the users there. Instagram data protection declaration: http://instagram.com/about/legal/privacy/ .

 

Xing

 

Functions and contents of the Xing service, offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, can be integrated into our online offer. This can include, for example, content such as images, videos or texts and buttons with which users can share content from this online offer within Xing. If the users are members of the Xing platform, Xing can assign the access to the above content and functions to the profiles of the users there. Xing’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung .

Created with Datenschutz-Generator.de by RA Dr. Thomas Schwenke