Person responsible / data protection officer
Is the website owner: See imprint
Types of data processed
- Inventory data (name, addresses, etc.).
- Contact information (email, phone number, etc.).
- Content data (text details, media, etc.).
- Usage data (web pages visited, interest in content, access time, etc.).
- Meta/communication data (device properties, IP address, etc.).
Visitors and users of the online offer (hereinafter we also refer to the data subjects collectively as “users”).
Purpose of processing
- Provision of the online offer, with functions and content.
- Responding to contact requests and communication.
- Security measures.
- Measurement of page views and marketing.
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). Natural persons may be considered as identifiable individuals and may be identified, directly or indirectly, in particular through dissemination name, identification number, location data, online identifiers (such as cookies) or one or more specific characteristics indicating the physical, physiological, genetic, psychological, economic, cultural or social identity of the natural person.
“Processing” refers to any process performed with or without automated processes or such series of processes in connection with Personal Data. The term applies to a wide range, including almost all data processing.
The “controller” is a natural or legal person, public authority, institution or other organization which alone or jointly with others determines the purposes and methods of the processing of personal data.
In accordance with Article 13 of the GDPR, we will inform you about the legal basis for our data processing. If the legal basis is not mentioned in the privacy statement, the following provisions apply: The legal basis for obtaining consent is GDPR Article 6(1a) and Article 7, i.e. the legal basis for the performance of the services we provide and the enforcement of contractual measures. The request is GDPR Article 6(1)(b), the legal basis for processing to comply with our legal obligations is GDPR Article 6(1)(c) and the legal basis for processing to protect rights and interests is GDPR Article 6(1f). If the vital interests of the data subject or other natural persons require the processing of personal data, the legal basis is GDPR Article 6(1)(d).
Cooperation with processors and third parties
If we disclose data to other persons and companies (contract processors or third parties) during processing, transfer it to them or otherwise grant them access to the data only if permitted by law (for example, if the data is transferred to third parties in). For example, under Article 6(1b), payment service providers b must comply with the GDPR in order to perform the contract. You have consented to this or established legal obligations based on our legitimate rights and interests (for example, when using a proxy, web host, etc.).
If we entrust a third party with the processing of data pursuant to the so-called “Order Processing Agreement”, this is done in accordance with Article 28 of the GDPR.
Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this happens when a third-party service is used or data is disclosed or transferred to third parties, Only if you do so, this will only happen if we fulfill our (pre-contractual) obligations based on consent, legal obligations or our legitimate interests. According to laws or contracts, we can only process or process data if a third party meets the specific requirements of Article 44 of the GDPR and beyond. This means that the processing is based on specific safeguards, such as: B. The level of data protection officially recognized by the European Union (e.g. by the “Privacy Shield” in the USA) or the officially recognized special requirements. Contractual obligations (so-called “standard contractual clauses”).
Rights of the data subjects
You have the right to request confirmation as to whether the data is being processed and to receive information about the data and other information and copies of the data in accordance with Article 15 of the GDPR.
You have the corresponding. Article 16 of the GDPR has the right to request the entry of data relating to you or the correction of incorrect data relating to you.
In accordance with Article 17 of the GDPR, you have the right to demand that the data in question be deleted without delay or, alternatively, to demand restriction of the processing of the data in accordance with Article 18 of the GDPR.
Pursuant to Article 17 of the GDPR, you have the right to request the immediate erasure of the relevant data or, pursuant to Article 18 of the GDPR, you have the right to request restriction of data processing.
In accordance with Article 77 of the GDPR, you also have the right to lodge a complaint with the competent supervisory authority.
Right of withdrawal
You have the right to withdraw your consent in accordance with Article 7(3) of the GDPR, and it will take effect in the future.
Right of objection
You can object to the future processing of data in accordance with Article 21 of the GDPR at any time. It is possible to object specifically for the purpose of direct marketing.
According to the German legal regulations, the storage period is 6 years according to Article 1 of HGB § 257 in particular (transaction books, inventory, opening balance, annual financial statements, business letters, accounting documents, etc.) and can be stored for 10 years years according to AO Article 147 paragraph 1 (business books, records, management reports, accounting documents, business and business letters, tax documents, etc.).
The hosting service we use provides the following services: Infrastructure and platform services, computing power, storage space and database services, security services and technical maintenance services, with which we operate this online product.
We or our hosting provider process inventory data, contact data, content data, contract data, usage data, metadata as well as visitor metadata and communication data from this online offer in accordance with our legitimate interests to ensure that we are effective. Make this online offering available securely in accordance with GDPR Article 6(1)(f) and GDPR Article 28 (including order processing contracts).
Collection of access data and log files
We or our hosting service provider collect data (so-called server log files) from each visit to the server on which the service is located, in accordance with the legitimate rights and interests referred to in Article 6(1). The access data includes the name of the website visited, the file, the date and time of the visit, the amount of data transferred, the notification of a successful visit, the browser type and version, the user’s operating system and the referrer URL (previously visited page) and IP address and request provider.
For security reasons (e.g. to investigate abuse or fraud) log file information is stored for up to 7 days and then deleted. Data (further storage is required for evidence purposes) is excluded from deletion until the respective event has been completed.
When contacting us (e.g. via contact form, email, telephone or via social media), the information provided by the user is processed in accordance with Article 6(1) in order to process and respond to the contact request. User information may be stored in a customer relationship management system (“CRM system”) or similar requesting software.
When it is no longer needed, we delete the query. We review the requirements every two years, legal filing requirements also apply.
Through the newsletter we will inform you about us and our offer. If you want to receive the newsletter, we need your valid e-mail address and information that allows us to confirm that you are the owner of the specified e-mail address or that the owner agrees to receive the newsletter. No more data will be collected.
This data is only used to send newsletters and is not passed on to third parties. When you sign up for the newsletter, we store your IP address and registration date. If a third party abuses the email address and registers to receive the newsletter and knows the unauthorized person, this memory is used only as evidence.
You can revoke your consent to the data, email address and their use to send newsletters at any time. You can revoke by the link in the newsletter itself, the link in your profile area or by sending a message to the contact information above.
Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf for the purpose of evaluating users’ use of our online services, compiling reports on their activities in this online service, and providing us with other services relating to the use of this online service and the Internet. In this way, anonymous user profiles can be created from the processed data.
We use Google Analytics only in connection with activated IP anonymization. This means that Google shortens the user’s IP address in EU member states or other states party to the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened under special circumstances.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent cookies from being stored by setting their browser software accordingly. Users can also prevent Google from collecting data generated by cookies and data related to their use of online goods by downloading and installing the browser plug-in at the following link the processing of this data: https://tools.google.com/dlpage/gaoptout?hl=de.
You can find out more information about Google’s use of data, setting options and objection options on Google’s websites: https://www.google.com/intl/de/policies/privacy/partners („Data use by Google when you use our partners’ websites or apps“), https://www.google.com/policies/technologies/ads („Data use for advertising purposes“), https://www.google.de/settings/ads („Manage information that Google uses to display advertisements to you“).
Google Tag Manager
Google may ask you to allow certain product data (for example, your account information) to be shared with other Google products in order to enable certain features, such as B. This is how you simplify adding a new conversion tracking code to AdWords. In addition, Google developers review product usage information from time to time to further optimize the product. However, Google will never share this data with other Google products without your consent.
Online presence in social media
We maintain an online status in social networks and platforms so that we can communicate with customers, interested parties and users who are active here and inform them about our services. When calling up the respective networks and platforms, the terms and conditions of the respective operators and the data processing policies apply.
Integration of third-party services and content
We will use third-party content or service offerings in online offerings based on our legitimate interests (i.e., the interest in the analysis, optimization and economic functioning of our online offerings pursuant to Article 6(1)). Services such as videos or fonts (hereinafter collectively referred to as “content”).
This always assumes that the third-party content provider is aware of the user’s IP address. If there is no IP address, it cannot send the content to its browser. Therefore, an IP address is required to display this content. We strive to use only the respective providers and only IP addresses to provide content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. “Pixel tag” may be used to analyze information on the pages of this website, such as the number of visits by visitors. The pseudonym information may also be stored in a cookie on the user’s device and contains, among other things, technical information about the browser and operating system, referring websites, access times and other information about the use of our online services and linked information. Obtain such information from other sources.
We use Google Fonts to display fonts on our website. Google Fonts is a service that provides access to a font library and is provided by the company Google LLC , 1600 Amphitheatre Parkway in Mountain View, California, USA. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. In the course of providing the Google Fonts service, no cookies are placed or used to provide the fonts. In order to provide the Google Fonts service, Google may collect information about the font, which is used to identify the website itself.