Privacy Policy 11/2022

  1. Definitions

Our data protection declaration is based on the terms used by the European legislator in the context of the data protection regulation (DSGVO). Our data protection declaration should be legible and understandable for the general public, but also for our customers and business partners. To ensure this, we would first like to explain some of the terms used.

Personal Data

Personal data is any information about a specific or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or by one or more specific characteristics of the physical, physiological, genetic, mental , economic, cultural or social identity of that natural person.

Affected Persons/r

Any identified or identifiable natural person whose personal data has been processed by the person responsible for processing is affected.

Processing

Processing is any operation or set of operations carried out on personal data, whether automatically collected, recorded, organized, structured, stored, adapted or modified, accessed, consulted, used, transmitted, disseminated or otherwise accessible made, aligned or combined, restricted, deleted or destroyed.

Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain aspects of a natural person, in particular to analyze or predict aspects of work performance, economic situation, health, personal preferences, interests , reliability, conduct, location or movements of that natural person.

Pseudonymization

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific person without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not assigned to a specific or identifiable natural person.

Responsible Person (=Controller)

The person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for their nomination may be determined by Union or Member State law.

Processor

Processor is a natural or legal person, authority, authority or other body that processes personal data on behalf of the person responsible or controller.

Recipient

Recipient is a natural or legal person, public authority, agency or other body to which the personal data is passed on, regardless of whether it is a third party or not. However, authorities that may receive personal data in the context of a specific investigation under Union or Member State law are not considered recipients; the processing of this data by these authorities is carried out in accordance with the applicable data protection regulations, according to the purposes of the processing.

Third Parties

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons authorized to process personal data under the direct supervision of the controller or processor.

Consent

The consent of the data subject is any freely given, specific, informed and unambiguous statement of the wishes of the data subject, through which they declare their consent to the processing of their personal data by means of a statement or a clear affirmation.

 

  1. Name of person(s) responsible

The person responsible within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations

ZeoBent Handels GmbH

Weißen 2

07407 Uhlstädt-Kirchhasel

GERMANY

E-Mail: info@zeolith-bentonit-versand.at | Website: www.zeolith-bentonit-versand.eu | www.zeolite-bentonite.com

 

  1. Data protection officer

You can reach our data protection officer as follows:

ZeoBent Handels GmbH

Mario Markotic

Weißen 2

07407 Uhlstädt-Kirchhasel

GERMANY

E-Mail:info@zeolith-bentonit-versand.de

 

  1. General information on the collection and processing of your data

Scope of Processing

In principle, we only process the personal data of our website visitors and users to the extent that this is necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in such cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by statutory provisions.

Legal Basis

Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) GDPR serves as the legal basis. Article 6 (1) (b) GDPR serves as the legal basis for the processing of personal data required to fulfill a contract to which the data subject is a party. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 (1) (c) GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 Paragraph 1 lit. d GDPR serves as the legal basis. If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first interest, Article 6 Paragraph 1 Letter f GDPR serves as the legal basis for the processing .

Storage and Deletion of your data

We delete or block personal data of the person concerned as soon as the purpose of storage no longer applies. Deletion can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which our company is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

Notice

Your consent data will be processed for the use of this website and the use of the integrated consent management platform. We use OneDrive Personal Cloud Storage from Microsoft OneDrive. The server locations are within the European Union. Due to the judgment of the ECJ of July 16, 2020 (Case C311/18), the transfer of personal data to the USA was declared unlawful on the basis of the Privacy Shield. We would like to inform you that it cannot be ruled out that the data will be transmitted to the USA and accessed there by the security authorities in accordance with 50 U.S.C. §1881(b)(4), 50 U.S.C. § 1881a (= FISA 702) could be exposed.

 

  1. Provision of the website and Creation of log files

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. This is e.g. information such as information about the type and version of your internet browser, the operating system of your computer or smartphone, your internet service provider, your IP address, date and time of your access, websites from which you came to us arrived, Internet pages which you visit from our side. The legal basis for temporary storage is Art. 6 (1) (f) GDPR. We record such technical information in so-called "log files" (log files) so that our website is displayed correctly and we can determine the causes of any technical problems, for the technical optimization of our website and for the purpose of security of our computer systems and networks. Our legitimate interest in data processing in accordance with Article 6 (1) (f) GDPR also lies in these purposes. The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Typically, this technical information is deleted or made unrecognizable after seven days at the latest. The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

 

  1. Contact requests for product information or other matters

Description and Scope of data processing

You can contact us in various ways on our website (including the contact form) and request product information. If you take advantage of this option, the data entered in the input mask will be transmitted to us and saved. In addition to the specific input mask data, the IP address and the date and time of the request are collected and stored. You give your consent to the processing of the data by sending it. Alternatively, you can contact us by email. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties, unless this is necessary to process the query (e.g. demo booking tool). In any case, the data will only be used to process the conversation.

Legal basis for Processing

The legal basis for processing the data is Article 6(1)(a) GDPR if the user has given their consent. The legal basis for the processing of data transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

Purpose of Data Processing

The processing of the personal data from the input mask serves us solely to process your request. If contact is made by e-mail, this is also the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of storage

If you have requested product information or an offer, we reserve the right to store the data for two years in order to measure the profitability of our sales and marketing. Otherwise, we will delete the data as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the facts in question have been finally clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

Possibility of objection and elimination

The user(s) have the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, he/she can object to the storage of his/her personal data at any time. In such a case, the conversation cannot be continued. All personal data that was saved in the course of making contact will be deleted in this case.

 

  1. You become a customer, reseller, recommender or partner 

Description and Scope of data processing

We offer the option of becoming a customer or partner by providing personal data. The data is collected and stored in the contract process. A transfer of data to third parties does not take place. The following data is collected as part of the registration process:

Your Email-Adresse,

first name and last name,

possibly company affiliation,

Payment information (of the company, if applicable),

other data that we request from you and

possibly data that we receive as part of the business relationship.

Legal basis for processing

The legal basis for processing the data is Article 6(1)(a) GDPR and Article 6(1)(b) GDPR if the user has given their consent, since registration is part of the fulfillment of a contract or the implementation of pre-contractual measures he follows.

Purpose of Data Processing

Registration is required to fulfill the customer or partner contract or to carry out pre-contractual measures.

Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case during the registration process to fulfill a contract or to carry out pre-contractual measures if the data is no longer required for the execution of the contract. Even after the conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to comply with contractual or legal obligations. In particular, our company has to observe the storage obligations of tax law (§257 dHGB, §132 öBAO) in this context.

Possibility of objection and elimination

As a user, you have the option to close your account at any time. You can have the data stored about you changed at any time. If the data is required to fulfill a contract or to carry out pre-contractual measures, the data can only be deleted prematurely if there are no contractual or legal obligations to the contrary.

Credit Check

If we pay in advance, e.g. when purchasing on account, we obtain identity and credit information from service companies specializing in this (credit agencies). For this purpose, we transmit your personal data required for a credit check to the following company(ies): ​​​​​​​ â€‹â€‹â€‹â€‹â€‹â€‹â€‹

SCHUFA Holding AG
Kormoranweg 5
65201 Wiesbaden
​​​​​​​GERMANY

CRIF Bürgel GmbH
Radlkoferstraße 2
81373 München
​​​​​​​GERMANY

Universum Business GmbH
Hanauer Landstraße 164
60314 Frankfurt am Main
GERMANY

arvato infoscore GmbH
Rheinstraße 99
76532 Baden-Baden
GERMANY

This serves to safeguard our overriding legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR in assessing the creditworthiness and willingness to pay of our potential customers prior to the conclusion of the contract and thus avoiding purchase price losses, and is Conclusion of contract required in accordance with Article 22 (2) (a) GDPR. Appropriate measures to protect your rights, freedoms and legitimate interests are taken into account. You have the option of expressing your point of view and contesting the decision by contacting the contact option described in this data protection declaration. After the contract has been fully processed, your data processed for this purpose will be deleted, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we will inform you in this declaration.

Collection Service Provider

We will pass on your data to a commissioned debt collection service provider if our payment claim has not been settled despite a previous reminder. In this case, the claim will be collected directly by the debt collection service provider. This serves to fulfill the contract in accordance with Article 6 Paragraph 1 Sentence 1 lit. b GDPR and to safeguard our legitimate interests in an effective assertion or enforcement of our payment claim in accordance with Article 6 Paragraph 1 Sentence 1 lit. f GDPR.

Shipping Service Provider

In order to fulfill the contract in accordance with Article 6 Paragraph 1 Sentence 1 lit. b GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of the goods ordered.

Data transfer to shipping service providers for the purpose of shipping notification

If you have given us your express consent to this during or after your order, we will pass on your e-mail address and telephone number to the selected shipping service provider in accordance with Article 6 Paragraph 1 Sentence 1 lit Delivery can contact you for the purpose of delivery notification or coordination. The consent can be revoked at any time by sending a message to the contact option described in this data protection declaration or directly to the shipping service provider at the contact address listed below. After revocation, we will delete the data you have provided for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data that goes beyond this, which is permitted by law and about which we will inform you in this declaration.

DHL Paket GmbH
Sträßchensweg 10
53113 Bonn
GERMANY

 

  1. Cookies and Tracking Technologies

What are cookies & Co.?

Web-Browser-Cookies

A web browser cookie is a small text file that is sent from a website to your computer or mobile device, where it is stored by your web browser. Web browser cookies may store information such as your IP address or other identifier, browser type, and information about the content you view and interact with on the Digital Services. By storing such information, web browser cookies can store your preferences and settings for online services and analyze how you use online services.

Tracking-Technologies: Web Beacons/Gifs, Pixels, Page-Tags, Script

Email and mobile applications may contain small, transparent image files or lines of code to record how you interact with them. This information is used to help website and app publishers better analyze and improve their services.

Use, Legal Basis and Purpose

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. 2 functional cookies are set before consent is given. The "PHPSESSID" cookie is used to recognize the browser language and thus display the language of the website appropriately. After closing the browser, this cookie is deleted again. The "wBounce" cookie only contains the value "true". This value is used to recognize whether the user has seen a pop-up before or not. If they've already interacted with it, we don't want to show it to them again for a period of time. In addition, we set the two IAB cookies "euconsent" and "eupubconsent". These cookies are used to store information if a user does not want to be tracked. The same applies to storing data in local storage. This only serves to remind us if a user has not given his consent. Otherwise we would have to query this again with every page view. The cookies mentioned and the storage of the data in local storage only enable functionalities that are intended to contribute to a positive user experience on our website. We do not set cookies with personal data without consent. We also use cookies on our website, which enable an analysis of the surfing behavior of users. When accessing our website, the user is informed about the use of cookies for analysis purposes and their consent to the processing of the personal data used in this context is obtained. In this context, there is also a reference to this data protection declaration. The legal basis for the processing of personal data using technically necessary cookies is Article 6 (1) (f) GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is Article 6(1)(a) GDPR if the user has given their consent. The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change. We need cookies for the following applications: Acceptance of language settings. The user data collected by technically necessary cookies are not used to create user profiles. Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer.

Duration

Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

 

  1. Implemented Technologies

  • Google Ads Remarketing

Service Description

This is a remarketing service. By means of remarketing, the user can show interest-based advertisements to users of the website on other websites within the Google Display Network (e.g. in Google search or on YouTube). For this purpose, the interactions of the users are analyzed, eg which products and services a user is interested in. This allows the user to display targeted advertising to the user on other websites even after visiting the website.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

data processing purposes

This list represents the purposes of data collection and processing.

  • remarketing
  • advertisement
  • tracking user action

Technologies used

This list includes all technologies used by this service to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Collected Data

This list contains all (personal) data collected by or through the use of this service.

  • visit duration
  • IP adress
  • visited pages
  • Content the user is interested in
  • website usage
  • Referrer URL
  • advertising identifier
  • Date and time of visit
  • device information
  • browser informationen

Legal basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

Place of Processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

European Union

Duration to save the data

The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes.

Data will be deleted as soon as they are no longer required for the processing purposes.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Taiwan
  • Chile
  • Data Receiver

The recipients of the collected data are listed below.

  • Google Ireland Limited
  • Google LLC Alphabet Inc.

Click here to read the data processor's privacy policy

https://policies.google.com/privacy

Click here to read the data processor's cookie policy

https://policies.google.com/technologies/cookies

Click here to revoke on all domains of the processing company

https://safety.google/privacy/privacy-controls/

Storage Information

  • Maximum limit for storing cookies: 1 year

Saved Information

  • name: IDE; Contains a randomly generated user ID. Using this ID, Google can recognize the user across different websites and show them personalized advertising.; type: cookies; Duration: 1 year; Domain: doubleclick.net;
  • name: test_cookie; Set as a test to check whether the browser allows cookies to be set. Contains no identifiers.; type: cookies; Duration: 15 minutes; Domain: doubleclick.net;

 

  • Facebook Pixels

Service Description

This is a tracking technology offered by Facebook and used by other Facebook services. It is used to track visitor interactions with websites ("events") after clicking on an ad served on Facebook or other services provided by Meta ("conversion").

Processing Company

Meta Platforms

Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

Data Processing Purposes

This list represents the purposes of data collection and processing.

  • analysis
  • marketing
  • retargeting
  • advertising
  • conversion tracking
  • personalization

Technologies used

This list includes all technologies used by this service to collect data. Typical technologies are cookies and pixels placed in the browser.

  • cookies
  • pixel

Collected Data

This list contains all (personal) data collected by or through the use of this service.

  • viewed ads
  • viewed content
  • device information
  • geographic location
  • HTTP header
  • interactions with advertising, services and products
  • IP address
  • clicked items
  • marketinginformation
  • visited pages
  • pixel ID
  • Referrer URL
  • user data
  • user behavior
  • facebook cookie information
  • facebook user ID
  • usage/click behavior
  • browser Information
  • device operating system
  • device ID
  • user agent
  • browser type

Legal basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

european union

Duration to save the data

The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. The user interactions recorded on the websites are not stored for longer than two years.

However, the data will be deleted as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • Singapore
  • United States of America
  • Worldwide

Data Receiver

The recipients of the collected data are listed below.

  • Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the data processor's privacy policy

https://www.facebook.com/privacy/explanation

Click here to read the data processor's cookie policy

https://www.facebook.com/policies/cookies

storage information

  • Maximum limit for storing cookies: 1 year

Saved Information

  • Name: _fbp; Cookie from Facebook used for website analytics, ad targeting and ad measurement.; type: cookies; Duration: 3 months; Domain: facebook.com;

 

  • Facebook Social Plugins

Service Description

This is a social plugin from Facebook that enables users to connect their website to the social network Facebook.

processing company

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

data processing purposes

This list shows the purposes of data collection and processing. Integration of Facebook functions Optimization Marketing Technologies used This list contains all technologies with which this service collects data. Typical technologies are cookies and pixels placed in the browser.

  • cookies

Collected Data

This list contains all (personal) data collected by or through the use of this service.

  • browser information
  • Date and time of visit
  • Facebook User ID
  • Websites visited
  • HTTP Headers
  • Interaction Data
  • Browser type
  • IP address

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

European Union

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. The data will be deleted as soon as they are no longer required for the processing purposes.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America
  • Singapore

Data Receiver

The recipients of the collected data are listed below.

  • Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the data processor's privacy policy

https://www.facebook.com/privacy/explanation

Click here to read the data processor's cookie policy

https://www.facebook.com/policies/cookies/

Click here to revoke on all processor domains

https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

 

  • Google Ads Conversion

Service Description

This is a conversion marketing service for measuring the success of advertising campaigns.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data processing purposes

This list represents the purposes of data collection and processing.

  • Advertising
  • Conversion Tracking

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • CookieID
  • Date and time of visit
  • Device Information
  • IP address
  • Information about the operating system
  • Referrer URL
  • Web request
  • Browser Information

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

Data will be deleted as soon as they are no longer required for processing purposes.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America
  • Chile
  • Singapore
  • Taiwan

Data Receiver

The recipients of the collected data are listed below.

  • Alphabet Inc. Google LLC Google Ireland Limited

Click here to read the data processor's privacy policy

href="https://policies.google.com/privacy?hl=en-US">https://policies.google.com/privacy?hl=en-US

Click here to read the data processor's cookie policy

href="https://policies.google.com/technologies/cookies?hl=en-US">https://policies.google.com/technologies/cookies?hl=en-US

Storage Information

  • Maximum storage of cookies: 1 year

Stored Information

  • Name: test_cookie; Set as a test to check whether the browser allows cookies to be set. Contains no identifiers.; type: cookies; Duration: 15 minutes; Domain: doubleclick.net;
  • Name: IDE; Contains a randomly generated user ID. Using this ID, Google can recognize the user across different websites and show them personalized advertising.; type: cookies; Duration: 1 year; Domain: doubleclick.net;

 

  • Google Ads Conversion Tracking

Service Description

This is a conversion tracking service. This service records what happens after a click on an ad placed by us via Google Ads when users subsequently visit the website. With conversions, we measure whether users perform a specific action on the website that we have specified (e.g. whether they order services) after clicking on an ad placed by us via Google Ads. In this way, the user can understand which keywords, ads, ad groups or campaigns lead to the desired user interaction.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data processing purposes

This list represents the purposes of data collection and processing.

  • Conversion Tracking
  • Analysis
  • Measuring the success of marketing campaigns

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • tracking
  • pixels
  • Tracking code
  • Data collected

This list contains all (personal) data collected by or through the use of this service.

  • Browser language
  • Browser type
  • Clicked Ads
  • CookieID
  • Date and time of visit
  • IP address
  • Referrer URL
  • Web request
  • User behavior

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

Data will be deleted as soon as they are no longer required for processing purposes.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Taiwan
  • Chile

Data Receiver

The recipients of the collected data are listed below.

  • Google Ireland Limited, Google LLC, Alphabet Inc

Click here to read the data processor's privacy policy

href="https://policies.google.com/privacy?hl=en">https://policies.google.com/privacy?hl=en

Click here to read the data processor's cookie policy

href="https://policies.google.com/technologies/cookies?hl=en">https://policies.google.com/technologies/cookies?hl=en

Click here to revoke on all processor domains

href="https://safety.google/privacy/privacy-controls/">https://safety.google/privacy/privacy-controls/

Storage Information

Maximum storage time for cookies: 1 year

Stored Information

  • Name: test_cookie; Set as a test to check whether the browser allows cookies to be set. Contains no identifiers.; type: cookies; Duration: 15 minutes; Domain: doubleclick.net;
  • Name: IDE; Contains a randomly generated user ID. Using this ID, Google can recognize the user across different websites and show them personalized advertising.; type: cookies; Duration: 1 year; Domain: doubleclick.net;
  • Name: _gcl_aw; This cookie is set when a user clicks on a Google ad to go to the website. It contains information about which ad was clicked on, so that successes achieved, such as orders or contact requests, can be assigned to the ad.; type: cookies; Duration: 2 months, 29 days;
  • Name: _gcl_dc_; This cookie is set when a user clicks on a Google ad to go to the website. It contains information about which ad was clicked on, so that successes achieved, such as orders or contact requests, can be assigned to the ad.; type: cookies; Duration: 2 months, 29 days;

 

  • Google Analytics

Service Description

This is a web analytics service. This allows the user to measure the return of interest "ROI" of advertising and track user behavior with Flash, video, websites and applications.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

ref="https://support.google.com/policies/contact/general_privacy_form">https://support.google.com/policies/contact/general_privacy_form

Data processing purposes

This list represents the purposes of data collection and processing.

  • Marketing Analysis

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • pixels
  • JavaScript
  • Device fingerprint

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Click path
  • Date and time of visit
  • Device Information
  • Location Information
  • IP address
  • Visited pages
  • Referrer URL
  • Browser Information
  • hostname
  • Browser language
  • Browser type
  • Screen resolution
  • Device operating system
  • Interaction data user behavior
  • Visit URL

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

The retention period depends on the type of data stored. Each customer can choose how long Google Analytics stores data before it is automatically deleted.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Chile
  • Taiwan

Data Receiver

The recipients of the collected data are listed below.

  • Google Ireland Limited, Alphabet Inc., Google LLC

Click here to read the data processor's privacy policy

href="https://policies.google.com/privacy?hl=en">https://policies.google.com/privacy?hl=en

Click here to read the data processor's cookie policy

href="https://policies.google.com/technologies/cookies?hl=en">https://policies.google.com/technologies/cookies?hl=en

Click here to revoke on all processor domains

href="https://tools.google.com/dlpage/gaoptout?hl=en">https://tools.google.com/dlpage/gaoptout?hl=en

Storage Information

Maximum limit for storing cookies: 2 years

Stored Information

  • Name: _ga; This cookie is used to distinguish users.; type: cookies; Duration: 2 years;
  • Name: _gid; This cookie is used to distinguish users.; type: cookies; Duration: 1 day;
  • Name: _gat_gtag_xxx; This cookie is used to distinguish users.; type: cookies; Duration: 1 minute;
  • Name: _gac_xx; This cookie contains information about which ad was clicked on.; type: cookies; Duration: 2 months, 29 days

 

  • Google Ad Services

Service Description

This is an advertising service.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?

Data processing purposes

This list represents the purposes of data collection and processing.

  • Advertising
  • Targeting

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Click path
  • Events
  • IP address
  • Referrer URL
  • Touchpoint to the advertising material
  • Transactions
  • User Agent
  • Pages viewed

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

The data will be deleted as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Chile
  • Taiwan

Data Receiver

The recipients of the collected data are listed below.

  • Google LLC Google Ireland Limited Alphabet Inc

Click here to read the data processor's privacy policy

https://policies.google.com/privacy?hl=en

Click here to read the data processor's cookie policy

https://policies.google.com/technologies/cookies?hl=en

Click here to revoke on all processor domains

https://safety.google/privacy/privacy-controls/

Storage Information

Maximum storage time for cookies: 1 year

Stored Information

  • Name: test_cookie; Set as a test to check whether the browser allows cookies to be set. Contains no identifiers.; type: cookies; Duration: 15 minutes; Domain: doubleclick.net;
  • Name: IDE; Contains a randomly generated user ID. Using this ID, Google can recognize the user across different websites and show them personalized advertising.; type: cookies; Duration: 1 year; Domain: doubleclick.net;

 

  • gstatic.com

Service Description

This is a domain used by Google to offload static content to another domain name to reduce bandwidth usage and increase network performance for the end user.

Processing company

Alphabet Inc.

1600 Amphitheater Parkway, Mountain View, CA 94043-1351, United States of America

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data processing purposes

This list represents the purposes of data collection and processing.

  • Boost network performance
  • Reduce bandwidth usage

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • JavaScript

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Images
  • CSS

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. f GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • United States of America

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

Requests for CSS assets are cached for 1 day, font files are cached for 1 year. Some information is stored until removed by the user, some expires after a certain period of time, some is stored until the user's Google account is deleted.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • Worldwide

Data Receiver

The recipients of the collected data are listed below.

  • Alphabet Inc., Google LLC, Google Ireland Limited

 

 

  • Google Ads

Service Description

This is an advertising service.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data processing purposes

This list represents the purposes of data collection and processing.

  • Advertising
  • Analysis
  • Provision of Services
  • Statistics

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Ads viewed
  • CookieID
  • Date and time of visit
  • Device Information
  • Geographical location
  • IP address
  • Search terms
  • Ads displayed
  • Customer ID
  • Impressions
  • Online identifiers
  • Browser Information
  • Hash contact info
  • Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 para. 1 sec. 1 lit. a GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

The data will be deleted as soon as they are no longer required for the purposes of processing. Log data is anonymized after 9 months and cookie information after 18 months.

Data Receiver

The recipients of the collected data are listed below.

  • Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the data processor's privacy policy

https://policies.google.com/privacy?

Click here to revoke on all processor domains

https://safety.google/privacy/privacy-controls/"

Storage Information

Maximum storage time for cookies: 1 year

Stored Information

  • Name: test_cookie; Set as a test to check whether the browser allows cookies to be set. Contains no identifiers.; type: cookies; Duration: 15 minutes; Domain: doubleclick.net;
  • Name: IDE; Contains a randomly generated user ID. Using this ID, Google can recognize the user across different websites and show them personalized advertising.; type: cookies; Duration: 1 year; Domain: doubleclick.net;

 

  •  

    Stripe

Service Description

This service provides technology for operating online payment systems.

Processing company

Stripe, Inc.

3180 18th Street, San Francisco, CA 94110, United States of America

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

privacy@stripe.com

Data processing purposes

This list represents the purposes of data collection and processing.

  • Payment

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Date of purchase
  • Payment Information
  • Purchase activity
  • Payment card information

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. b GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • United States of America

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

Data will be deleted as soon as they are no longer required for processing purposes.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America

Data Receiver

The recipients of the collected data are listed below.

  • Stripe, Inc

Click here to read the data processor's privacy policy

 https://stripe.com/us/privacy/

Click here to read the data processor's cookie policy

 https://stripe.com/cookies-policy/legal

Storage Information

Maximum limit for storing cookies: 2 years

Stored Information

  • Name: __stripe_mid; fraud prevention and detection; type: cookies; duration: session; Domain: stripe.com;
  • Name: __stripe_sid; fraud prevention and detection; type: cookies; duration: session; Domain: m.stripe.com;
  • Name: m; fraud prevention and detection; type: cookies; duration: session; Domain: m.stripe.com;
  • Name: session; Login session for Stripe Dashboard; type: cookies; Duration: 2 months, 29 days; Domain: stripe.com;
  • Name: lsession ; Stripe Express Dashboard login session for Stripe Express users; type: cookies; Duration: 7 days; Domain: stripe.com; Name: stripe.csrf ; Protection against counterfeiting through cross-site requirements for Stripe Dashboard users; type: cookies; Duration: 1 year; Domain: stripe.com;
  • Name: cliauth_secret; To confirm authentication for the Stripe CLI; type: cookies; duration: session; Domain: stripe.com;
  • Name: art_token, cbt_token, cct_token, cdt_token, ect_toksvt_token, lc_token, prt_token, act_token ; To verify authentication for account recovery, bank account changes, login prompts, password resets, support requests, adding an email or a new device; type: cookies; duration: session; Domain: stripe.com;
  • Name: NID ; Used by reCAPTCHA, an additional security measure sometimes used when logging into Stripe.; type: cookies; duration: session; Domain: google.com;
  • Name: locale; localization setting for the language used on the website and in the documents; type: cookies; duration: session; Domain: stripe.com;
  • Name: country ; Country localization settings to customize product and feature availability; type: cookies; duration: session; Domain: stripe.com;
  • name: long; Programming language for the code examples in Stripe documents; type: cookies; duration: session; Domain: stripe.com;
  • Name: has_intentionally_selected_curl ; Shows the code examples in Curl in Stripe documents; type: cookies; duration: session; Domain: stripe.com;
  • Name: persisted-tab-#{id} ; When the page refreshes, it remembers which document tab you're on; type: cookies; duration: session; Domain: stripe.com;
  • Name: disable_cmd_f_override ; Disables the search shortcut cmd + f / Ctrl + f for Stripe documents and uses the default browser behavior instead (searches the current page only); type: cookies; duration: session; Domain: stripe.com;
  • Name: double_cmd_f_uses ; Tracks cmd + f / ctrl + f hotkey usage in stripe documents; to improve user experience by not showing the user again a feature they have already used; type: cookies; duration: session; Domain: stripe.com;
  • Name: expanded-topics ; Remembers which topics have been expanded in Stripe documents on page updates; type: cookies; duration: session; Domain: stripe.com;
  • Name: checkout-test-session, checkout-live-session; To provide legacy checkout storage functionality; type: cookies; duration: session; Domain: stripe.com;
  • Name: _ga, _gat, _gat_UA-12675062-5, _gid; Google Analytics cookies to analyze and improve the services; type: cookies; duration: session; Domain: stripe.com;
  • Name: cid; Stripe Analytics "Client ID" to improve the Services; type: cookies; duration: session; Domain: stripe.com;
  • Name: site_sid, __stripe_id ; Stripe's "Session ID" for analytics and to improve the Services; type: cookies; Duration: 2 hours, 30 minutes; Domain: stripe.com;
  • Name: __stripe_orig_props ; To evaluate the effectiveness of marketing campaigns; type: cookies; duration: session; Domain: stripe.com;

 

  • Google Fonts

Service Description

This is a collection of fonts for commercial and personal use.

Processing company

Google Ireland Limited

Gordon House, 4 Barrow St, Dublin 4, Ireland

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data processing purposes

This list represents the purposes of data collection and processing.

  • Font Provision
  • Service improvement

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • API

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • IP address
  • Aggregated usage figures
  • Font request
  • Referrer URL
  • CSS requests
  • User Agent
  • Browser Information

Legal Basis

The required legal basis for the processing of data is mentioned below

  • 6 paragraph 1 sentence 1 lit. a GDPR

Place of processing

This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

European Union

Duration to save the data

The retention period is the length of time the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the specified processing purposes.

Data will be deleted as soon as they are no longer required for processing purposes.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Taiwan
  • Chile

Data Receiver

The recipients of the collected data are listed below.

  • Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the data processor's privacy policy

https://policies.google.com/privacy?hl=en

Click here to read the data processor's cookie policy

https://policies.google.com/technologies/cookies?hl=e

 

  • Hotjar

Service Description

This is a web analytics service. It is used to collect data about user behavior. Hotjar may also process information you provide as part of surveys and feedback features embedded on our website.

Processing company

Hotjar Limited

Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

dpo@hotjar.com

Data processing purposes

This list represents the purposes of data collection and processing.

  • Analysis
  • Feedback

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Date and time of visit
  • Device Type
  • Geographical location
  • IP address
  • Mouse movements
  • Visited pages
  • Referrer URL
  • Screen resolution
  • Unique device identifier
  • Language information
  • Device operating system
  • Browser type
  • Clicks
  • domain name
  • Unique user identifier
  • Responses to surveys

Legal basis

The required legal basis for the processing of data is mentioned below: Article 6 (1) sentence 1 lit. a GDPR Place of processing This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately. European Union Data retention period The retention period is the length of time the collected data is retained for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. Data about your visit and your activities on the website are usually stored for 365 days and then automatically deleted. This does not apply to information collected through surveys and incoming feedback.

However, the data will be deleted in any case as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred.

For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

United States of America

Data Receiver

The recipients of the collected data are listed below.

Hotjar Ltd., Amazon Web Services EMEA SARL, Datadog Inc., Functional Software Inc.

Click here to read the data processor's privacy policy

https://www.hotjar.com/legal/policies/privacy

Click here to read the data processor's cookie policy

https://help.hotjar.com/hc/en-us/articles /115011789248-Hotjar-Cookies

Click here to revoke on all processor domains

https://www.hotjar.com/legal/compliance/opt-out

Storage Information

  • Maximum storage of cookies: 1 year

Stored Information

  • Name: _hjClosedSurveyInvites; Hotjar cookie that is set once a visitor interacts with an external link survey invitation modal. It is used to ensure that the same invitation is not displayed again if it has already been displayed.; type: cookies; Duration: 1 year;
  • Name: _hjDonePolls; Hotjar cookie that is set once a visitor fills out a survey using the onsite survey widget. It is used to ensure that the same survey does not appear again if it has already been completed.; type: cookies; Duration: 1 year;
  • Name: _hjMinimizedPolls; Hotjar cookie that is set when a visitor minimizes an onsite survey widget. It is used to ensure that the widget stays minimized when the visitor navigates through your website.; type: cookies; Duration: 1 year;
  • Name: _hjShownFeedbackMessage; Hotjar cookie set when a visitor minimizes or completes incoming feedback. This is done so that the incoming feedback loads minimized immediately when the visitor navigates to another page where it should be displayed.; type: cookies; Duration: 1 year;
  • Name: _hjid; Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to store the Hotjar user ID unique to this website in the browser. This ensures that behavior on subsequent visits to the same website is attributed to the same user ID.; type: cookies; Duration: 1 year;
  • Name: _hjTLDTest; When the Hotjar script runs, we try to get the most generic cookie path, which we should use instead of the page's hostname. This is done so that cookies (where applicable) can be shared across subdomains. To determine this, we try to save the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.; type: cookies; Duration: Session;
  • Name: _hjUserAttributesHash; User attributes sent via Hotjar Identify API are cached for the duration of the session to know when an attribute has changed and needs to be updated.; type: cookies; duration: session; Name: _hjCachedUserAttributes; This cookie stores user attributes sent via the Hotjar Identify API when the user is not in the sample. These attributes are only saved when the user interacts with a Hotjar feedback tool.; type: cookies; Duration: Session;
  • Name: _hjLocalStorageTest; This cookie is used to check if the Hotjar tracking script can use local storage. If possible, the value 1 is set in this cookie. The data stored in_hjLocalStorageTest has no expiration time, but is deleted almost immediately after it is created.; type: cookies; Duration: Session;
  • Name: _hjIncludedInPageviewSample; This cookie is set to tell Hotjar whether this visitor is included in the data sample defined by your site's page view limit.; type: cookies; Duration: 30 minutes; Name: _hjIncludedInSessionSample; This cookie is set to let Hotjar know if this visitor is included in the data collection defined by your site's daily session limit.; type: cookies; Duration: 30 minutes;
  • Name: _hjAbsoluteSessionInProgress; This cookie is used to recognize a user's first page view session. This is a true/false flag set by the cookie.; type: cookies; Duration: 30 minutes;
  • Name: _hjFirstSeen; This is set to identify a new user's first session. It stores a true/false value indicating whether Hotjar saw this user for the first time. It is used by recording filters to identify new user sessions.; type: cookies; Duration: Session;
  • Name: hjViewportId; This is where information about the user view area such as size and dimensions is stored.; type: cookies; Duration: Session;
  • Name: _hjRecordingEnabled; This is added when a recording starts and is read when the recording module is initialized to see if the user is already in a recording in a given session.; type: cookies; Duration: Session;
  • Name: _hjSessionUser {site_id}; This cookie is set when a user first lands on a page containing the Hotjar script. It is used to store the Hotjar user ID unique to this website in the browser. This ensures that behavior on subsequent visits to the same website is attributed to the same user ID.; type: cookies; Duration: 1 year;
  • Name: _hjSession{site_id}; This cookie contains the current session data. This ensures that subsequent requests within the session window are mapped to the same Hotjar session.; type: cookies; Duration: 30 minutes;
  • Name: _hjSessionTooLarge; This cookie causes Hotjar to stop collecting data when a session gets too large. This is automatically detected by a signal from the WebSocket server when the session size exceeds the limit.; type: cookies; Duration: Session;
  • Name: _hjSessionRejected; If present, this cookie is set to "1" for the duration of a user session when Hotjar has refused to connect the session to the WebSocket due to server overload. This cookie is only applied in extremely rare situations to avoid serious performance issues.; type: cookies; Duration: Session;
  • Name: _hjSessionResumed; This cookie is set when a session/recording is reconnected to Hotjar servers after a disconnection.; type: cookies; Duration: Session;

 

  • LogRocket

Service Description

This is a web analytics service. It is used to collect data about user behavior, JavaScript errors, stack traces, browser metadata, etc. LogRocket may also process information you provide as part of surveys and feedback features embedded on our website.

Processing company

LogRocket Inc

87 Summer St., Boston, Massachusetts 02110, United States of America

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

support@logrocket.com

Data processing purposes

This list represents the purposes of data collection and processing.

  • Analysis
  • Feedback

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • Web logs
  • Web beacons

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Date and time of visit
  • Device Type
  • Geographical location
  • IP address
  • Mouse movements
  • Visited pages
  • Referrer URL
  • Screen resolution
  • Unique device identifier
  • Language information
  • Device operating system
  • Browser type
  • Clicks
  • domain name
  • Unique user identifier

Legal basis

The required legal basis for the processing of data is mentioned below: Article 6 (1) sentence 1 lit. a GDPR Place of processing This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately. European Union Data retention period The retention period is the length of time the collected data is retained for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. Data about your visit and your activities on the website are usually stored for 365 days and then automatically deleted. This does not apply to information collected through surveys and incoming feedback.

However, the data will be deleted in any case as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred.

For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

United States of America

Data Receiver

The recipients of the collected data are listed below.

LogRock Inc., Amazon Web Services EMEA SARL, Datadog Inc.

Click here to read the data processor's privacy policy

https://logrocket.com/privacy/

Click here to read the data processor's cookie policy

https://logrocket.com/privacy/

Click here to revoke on all processor domains

https://logrocket.com/terms-and-conditions

Storage Information

  • Maximum storage of cookies: 1 year

 

  • Amazon Pay

Service Description

This is an online payment method service.

Processing company

Amazon Payments Europe S.C.A.

38 Avenue J.F. Kennedy, 1855 Luxembourg

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

  • Amazon Europe Core S.à.r.l.
  • Amazon EU S.à.r.l.
  • Amazon Services Europe S.à.r.l.
  • Amazon Media EU S.à.r.l.

all four located at 38, avenue John F. Kennedy, L-1855 Luxembourg

  • Amazon Digital Germany GmbH

Domagkstr. 28, 80807 München, GERMANY

Data processing purposes

This list represents the purposes of data collection and processing.

  • Analysis
  • Purchase and delivery of products
  • Feedback
  • Show
  • Fraud Prevention
  • Compliance with legal obligations
  • Communication

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Date and time of visit
  • Device Type
  • Geographical location
  • IP address
  • Mouse movements
  • Visited pages
  • Referrer URL
  • Screen resolution
  • Unique device identifier
  • Language information
  • Device operating system
  • Browser type
  • Clicks
  • domain name
  • Unique user identifier
  • Payment Information
  • Transaction Data
  • Any entered user data

Legal basis

The required legal basis for the processing of data is mentioned below: Article 6 (1) sentence 1 lit. a GDPR Place of processing This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately. European Union Data retention period The retention period is the length of time the collected data is retained for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. Data about your visit and your activities on the website are usually stored for 365 days and then automatically deleted. This does not apply to information collected through surveys and incoming feedback.

However, the data will be deleted in any case as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred.

For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

United States of America

Data Receiver

The recipients of the collected data are listed below.

Amazon Web Services EMEA SARL

Click here to read the data processor's privacy policy

https://www.amazon.de/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ#GUID-9DFA0CFF-9E83-4207-8EE5-5B1B8CFC3F4A__SECTION_59D17962BEAC4806A83E752ECC5FC54D

Click here to read the data processor's cookie policy

https://www.amazon.de/gp/help/customer/ display.html/?nodeId=GVASXV5UZ64R4Y25

Click here to revoke on all processor domains

https://www.amazon.de/cookieprefs/partners

Storage Information

  • Maximum storage of cookies: 1 year

 

  • PayPal Express

Service Description

This is an online payment method service.

Processing company

PayPal (Europe) S.à.r.l. et Cie, S.C.A., Inc. Pte. Ltd

22-24 Boulevard Royal, 2449 Luxembourg

Data protection officer of the processing company

Below you will find the contact details of the data protection officer of the processing company.

PayPal (Europe) S.à.r.l. et Cie, S.C.A., Inc. Pte. Ltd

22-24 Boulevard Royal, 2449 Luxembourg

Data processing purposes

This list represents the purposes of data collection and processing.

  • Analysis
  • Purchase and delivery of products
  • Feedback
  • Show
  • Fraud Prevention
  • Compliance with legal obligations
  • Communication

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Date and time of visit
  • Device Type
  • Geographical location
  • IP address
  • Mouse movements
  • Visited pages
  • Referrer URL
  • Screen resolution
  • Unique device identifier
  • Language information
  • Device operating system
  • Browser type
  • Clicks
  • domain name
  • Unique user identifier
  • Payment Information
  • Transaction Data
  • Any entered user data

Legal basis

The required legal basis for the processing of data is mentioned below: Article 6 (1) sentence 1 lit. a GDPR Place of processing This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately. European Union Data retention period The retention period is the length of time the collected data is retained for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. Data about your visit and your activities on the website are usually stored for 365 days and then automatically deleted. This does not apply to information collected through surveys and incoming feedback.

However, the data will be deleted in any case as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred.

For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

United States of America

Data Receiver

The recipients of the collected data are listed below.

Governments, Credit Bureaus, Acquirers, Financial Institutions

Click here to read the data processor's privacy policy

https://www.paypal.com/de /webapps/mpp/ua/privacy-full?locale.x=de_DE#2

Click here to read the data processor's cookie policy

https://www.paypal.com/de /webapps/mpp/ua/privacy-full?locale.x=de_DE#2

Click here to revoke on all processor domains

https://www.paypal. com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#2

Storage Information

  • Maximum storage of cookies: 1 year

 

  • Trusted Shops

Service Description

This is a service for companies and their customers for services relating to seals of approval, buyer protection procedures and customer reviews.

Processing company

Trusted Shops GmbH

Subbelrather Strasse 15c, 50823 Cologne, Germany

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

service@trustedshops.de

Data processing purposes

This list represents the purposes of data collection and processing.

  • Analysis
  • Purchasing products
  • Feedback
  • Fraud Prevention
  • Compliance with legal obligations
  • Communication

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Date and time of visit
  • Device Type
  • Geographical location
  • IP address
  • Mouse movements
  • Visited pages
  • Referrer URL
  • Screen resolution
  • Unique device identifier
  • Language information
  • Device operating system
  • Browser type
  • Clicks
  • domain name
  • Unique user identifier
  • Payment Information
  • Transaction Data
  • Any entered user data

Legal basis

The required legal basis for the processing of data is mentioned below: Article 6 (1) sentence 1 lit. a GDPR Place of processing This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately. European Union Data retention period The retention period is the length of time the collected data is retained for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. Data about your visit and your activities on the website are usually stored for 365 days and then automatically deleted. This does not apply to information collected through surveys and incoming feedback.

However, the data will be deleted in any case as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred.

For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

United States of America, Israel

Data Receiver

The recipients of the collected data are listed below.

  • Amazon Web Services, 410 Terry Avenue North, Seattle,USA
  • Timme Hosting GmbH & Co.KG, Ovelgönner Weg 43, 21335 Lüneburg, Germany
  • com Ltd., Namal 40, 6350671 Tel Aviv, Israel
  • Raidboxes GmbH, Friedrich-Ebert-Strasse 7, 41853 Munster, Germany

Click here to read the data processor's privacy policy

https://www.trustedshops.at/impressum-datenschutz/

Click here to read the data processor's cookie policy

https://www.trustedshops.at/impressum-datenschutz/

Click here to revoke on all processor domains

https://www.trustedshops.at/impressum-datenschutz/

  • Maximum storage of cookies: 1 year

 

  • SendinBlue

Service Description

This is a multichannel marketing platform for businesses.

Processing company

Sendinblue GmbH

Köpenicker Strasse 126, 10179 Berlin, Germany

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

support@sendinblue.com

Data processing purposes

This list represents the purposes of data collection and processing.

  • Analysis
  • Feedback
  • Communication
  • Advertisements

Technology used

This list includes all technologies used by this service to collect information. Typical technologies are cookies and pixels placed in the browser.

  • Cookies

Data Collected

This list contains all (personal) data collected by or through the use of this service.

  • Date and time of visit
  • Device Type
  • Geographical location
  • IP address
  • Mouse movements
  • Visited pages
  • Referrer URL
  • Screen resolution
  • Unique device identifier
  • Language information
  • Device operating system
  • Browser type
  • Clicks
  • domain name
  • Unique user identifier
  • Any entered user data

Legal basis

The required legal basis for the processing of data is mentioned below: Article 6 (1) sentence 1 lit. a GDPR Place of processing This is the primary place where the collected data is processed. If the data is also processed in other countries, you will be informed separately. European Union Data retention period The retention period is the length of time the collected data is retained for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes. Data about your visit and your activities on the website are usually stored for 365 days and then automatically deleted. This does not apply to information collected through surveys and incoming feedback.

However, the data will be deleted in any case as soon as they are no longer required for the purposes of processing.

Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred.

For more information on the security guarantees, please refer to the website provider's privacy policy or contact the website provider directly.

United States of America

Data Receiver

The recipients of the collected data are listed below.

  • Amazon Web Services, 5895 Houchard Road, Dublin, Ireland
  • Google Cloud, 1600 Amphitheater Pkwy, Mountain View, California, USA

Click here to read the data processor's privacy policy

https://help.sendinblue.com/hc/en/categories/360000229110-GDPR

Click here to read the data processor's cookie policy

https://help.sendinblue.com/hc/en/categories/360000229110-GDPR

Click here to revoke on all processor domains

https://help.sendinblue.com/hc/en/categories/360000229110-GDPR

  • Maximum storage of cookies: 1 year

 

  • Google reCaptcha

For the purpose of protecting against misuse of our web forms and against spam from automated software (so-called bots), Google collects reCAPTCHA data (IP address, time of visit, browser information and information on your use of our website) and leads An analysis of your use of our website is carried out by means of a so-called JavaScript and cookies. In addition, other cookies stored by Google services in your browser are evaluated. A reading or saving of personal data from the input fields of the respective form does not take place.

YouTube Video Plugin

In order to integrate third-party content, data (IP address, time of visit, device and browser information) is collected via the YouTube video plugin in the extended data protection mode we use, transmitted to Google and then processed by Google, only when playing a video.

 

  • AWIN

We use our advertising partner AWIN AG, Eichhornstraße 3, 10785 Berlin, Germany ("AWIN") to market space for ads third party providers. These advertisements will be shown to you in various places on this website. AWIN can use cookies to track the course of the respective order and, in particular, to understand that you clicked on the respective ad and then ordered the product. For this purpose, data (IP address, time of visit, device and browser information as well as information on your use of our website) is collected, transmitted to AWIN and processed by AWIN. We have no influence on this data processing. The data processing takes place on the basis of an agreement between jointly responsible persons according to Art. 26 DSGVO.

 

Status: 21.11.2022

 

Privacy policy

1. Introduction and contact details of the responsible person

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we will inform you about how we handle your personal data when you use our website. Personal data is any data with which you can be personally identified.

1.2 The controller of data processing on this website within the meaning of the General Data Protection Regulation (DSGVO) is ZeoBent Handels GmbH, Weißen 2, 07407 Uhlstädt-Kirchhasel, Germany, Tel.: +49 (0)371 820 59 75, e-mail: info@zeolith-bentonit-versand.de. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 The data controller has appointed a data protection officer, who can be contacted as follows: "Mario Markotic, Weißen 2, 07407 Uhlstädt-Kirchhasel, Germany, Tel.: +49 (0)371 820 59 75, e-mail: info@zeolith-bentonit-versand.de.

1.4 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the person responsible). You can recognise an encrypted connection by the string "https://" and the lock symbol in your browser line.

2. Terms of the data protection regulation

Our data protection declaration is based on the terms used by the European legislator within the framework of the Data Protection Regulation (DSGVO). Our data protection declaration should be readable and understandable for the public, but also for our customers and business partners. To ensure this, we would first like to explain some of the terms used.

  • Personal data

Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Affected person

The data subject is any identified or identifiable natural person whose personal data have been processed by the controller.

  • Processing

Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such data is collected, recorded, organised, structured, stored, adapted or altered, retrieved, consulted, used, made available by transmission, dissemination or otherwise, aligned or combined, restricted, erased or destroyed.

  • Profiling

Profiling shall mean any form of automated processing of personal data which consists of the use of personal data to evaluate certain aspects relating to a natural person, in particular to analyse or predict aspects of that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

  • Pseudonymisation

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific person without the use of additional information, provided that this additional information is kept separate and is subject to technical and organisational measures to ensure that the personal data cannot be attributed to an identified or identifiable natural person.

  • Controller (responsible person)

The controller shall be the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where Union or Member State law determines the purposes and means of such processing, Union or Member State law may specify the controller or the specific criteria for their designation.

  • Processor

Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.

  • Recipient

A recipient is a natural or legal person, public authority, agency or other body to whom the personal data are disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the framework of a specific investigation under Union or Member State law shall not be considered as recipients and the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules, in line with the purposes of the processing.

  • Third

Third parties are natural or legal persons, public authorities, agencies or bodies other than the data subject, the controller, the processor and the persons authorised to process personal data under the direct supervision of the controller or the processor.

  • Consent 

The data subject's consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she signifies, by a statement or by an unequivocal affirmative action, his or her agreement to the processing of personal data relating to him or her.

3. Data collection when visiting our website

During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to the page server (so-called "server log files"). When you call up our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you reached the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

We delete or block personal data of the data subject as soon as the purpose of the storage no longer applies. Deletion may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which our company is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a necessity for the continued storage of the data for the conclusion or fulfilment of a contract.

4. Hosting & Content Delivery Network

4.1 Magento

For the hosting of our website and the display of the page content, we use the system of the following provider: Adobe Inc., as owner of Magento, 345 Park Avenue, San Jose, CA 95110-2704, USA ("Magento").

Data will also be transferred to: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland, as the European representative of Adobe Inc.

All data collected on our website is processed on the provider's servers. We have concluded an order processing contract with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

When data is transferred within the European Union, such as to Ireland, an adequate level of data protection is guaranteed by the applicable data protection laws of the European Union.

For the transfer of data to the USA, the provider invokes standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

4.2 Cloudflare

We use a content delivery network of the following provider: Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA

This service enables us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. The processing is carried out to protect our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6 (1) lit. f DSGVO. We have concluded an order processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

4.3 OneDrive Personal Cloud Storage

In the course of using this website and the integrated content management platform, we process certain personal data with your consent pursuant to Art. 6 (1) lit. a DSGVO. This data includes, for example, contact information, IP addresses, etc. We use the OneDrive personal cloud storage service from Microsoft, whose servers are localised within the European Union.

We have entered into an order processing agreement with the provider, which is set out in the document "Microsoft Products and Services Data Protection Addendum". This ensures the protection of your data and prohibits unauthorised disclosure to third parties.

Despite the local server locations, we would like to point out that it cannot be ruled out that your data will be transferred to the USA. In particular, in light of the EU Court of Justice ruling of 16 July 2020 (Case C311/18) that declared data transfers based on the Privacy Shield unlawful, your data could be subject to access by U.S. security authorities under 50 U.S.C. §1881(b)(4), 50 U.S.C. § 1881a (= FISA 702). This could mean that your data can be accessed and used without your knowledge or consent and that you may not be able to fully exercise your rights as a data subject.

You can withdraw your consent at any time. To do so, send us an email to the email address above. Please note that the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

As a data subject, you have the right to information, correction, deletion, restriction of processing and data portability. You also have the right to object to the processing of your personal data at any time on grounds relating to your particular situation.

5. Cookies

5.1 What are Cookies & Co?

Web browser cookies
A web browser cookie is a small text file sent from a website to your computer or mobile device, where it is stored by your web browser. Web browser cookies can store information such as your IP address or other identifier, your browser type and information about the content you view and interact with on the Digital Services. By storing such information, web browser cookies can store your preferences and settings for online services and analyse how you use online services.

Tracking technologies: Web Beacons/Gifs, Pixel, Page Tags, Script

Emails and mobile apps may contain small, transparent image files or lines of code to record how you interact with them. This information is used to help website and app publishers better analyse and improve their services.

5.2 Use, legal basis and purpose

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. Before consent is given, 2 functional cookies are set. The "PHPSESSID" cookie is used to recognise the browser language and thus display the language of the website appropriately. After closing the browser, this cookie is deleted again. The "wBounce" cookie only contains the value "true". This value is used to recognise whether or not the user has already seen a pop-up. If he/she has already interacted with it, we do not want to show it to him/her again for a certain period of time. In addition, we set the two IAB cookies "euconsent" and "eupubconsent". These cookies store when a user does not want to be tracked. The same applies to the storage of data in the local storage. This only serves to remind us if a user has not given their consent. Otherwise, we would have to ask for this every time the page is called up. The aforementioned cookies and the storage of data in the local storage thus only enable functionalities that are intended to contribute to a positive user experience on our website. We do not set cookies with personal data without consent. 

We also use cookies on our website that enable an analysis of the user's surfing behaviour. When calling up our website, the user is informed about the use of cookies for analysis purposes and his or her consent to the processing of personal data used in this context is obtained. In this context, a reference to this data protection declaration is also made. The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1) lit. f DSGVO. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a DSGVO if the user has given his or her consent in this regard. The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change. We require cookies for the following applications: Acceptance of language settings. The user/inside data collected through technically necessary cookies are not used to create user profiles. Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus continuously optimise our offer.

5.3 Duration

Cookies are stored on the user's computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

6. Contact

6.1 When contacting us (e.g. via contact form or e-mail), personal data is processed - exclusively for the purpose of processing and answering your request and only to the extent necessary for this purpose.
The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted when the circumstances indicate that the matter concerned has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

The processing of the personal data from the input mask serves us solely to process your enquiry. In the case of contacting us by e-mail, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

If you have requested product information or a quotation, we reserve the right to store the data for two years in order to measure the efficiency of our sales and marketing. Otherwise, we delete the data as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

The user(s) have the option to revoke their consent to the processing of personal data at any time. If the user contacts us by e-mail, he/she can object to the storage of his/her personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.

6.2 Trusted Shops

For rating reminders we use the services of the following provider: Trusted Shops AG, Subbelrather Str. 15c, 50823 Cologne, Germany

Exclusively on the basis of your express consent pursuant to Art. 6 para. 1 lit. a DSGVO, we transmit your e-mail address and, if applicable, other customer data to the provider so that the provider can contact you by e-mail with an evaluation reminder.

You can revoke your consent at any time with effect for the future vis-à-vis us or the provider.

A special contract for order processing is not required, as Trusted Shops is based in Germany. Nevertheless, we have made agreements with Trusted Shops to ensure the data protection of our visitors and to prevent the unauthorised disclosure of data to third parties.

7. Data processing when opening a customer account

In accordance with Art. 6 para. 1 lit. b DSGVO, personal data will continue to be collected and processed to the extent necessary in each case if you provide us with this data when opening a customer account. The data required for opening an account can be found in the input mask of the corresponding form on our website.

Registration is necessary for the fulfilment of the customer or partner contract or for the implementation of pre-contractual measures.

Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. After deletion of your customer account, your data will be deleted, provided that all contracts concluded via it have been fully processed, no legal retention periods are opposed and no legitimate interest on our part in the continued storage exists.

8. Use of customer data for direct marketing

8.1 Subscribe to our e-mail newsletter

If you subscribe to our e-mail newsletter, we will send you information about our offers on a regular basis. The only mandatory data for sending the newsletter is your e-mail address. The provision of further data is voluntary and is used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you will only receive newsletters if you have expressly confirmed your consent to receive the newsletter by clicking on a verification link sent to the specified e-mail address.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 Para. 1 lit. a DSGVO. We store your IP address entered by your internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your email address at a later date. The data we collect when you register for the newsletter is used strictly for the intended purpose.

You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the responsible person named at the beginning. After unsubscribing, your email address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use your data in a way that goes beyond this, and is permitted by law and about which we inform you in this declaration.

8.2 Klaviyo

Our e-mail newsletters are sent via this provider: Klaviyo, 225 Franklin St, Boston, MA 02110, USA

On the basis of our legitimate interest in effective and user-friendly newsletter marketing, we pass on the data you provided when registering for the newsletter to this provider in accordance with Art. 6 Para. 1 lit. f DSGVO so that they can send the newsletter on our behalf.

Subject to your express consent pursuant to Art. 6 (1) lit. a DSGVO, the provider also carries out a statistical evaluation of the success of newsletter campaigns by means of web beacons or tracking pixels in the emails sent, which can measure opening rates and specific interactions with the contents of the newsletter. In the process, end device information (e.g. time of call-up, IP address, browser type and operating system) is also collected and evaluated, but not merged with other data sets.

You can revoke your consent to newsletter tracking at any time with effect for the future.

We have concluded an order processing contract with the provider, which protects the data of our site visitors and prohibits a transfer to third parties.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

8.3 In the event that you cancel your purchase with us prior to completing your order, you will have the option of receiving a one-time email reminder of the contents of your virtual shopping cart.
The only mandatory information for sending this reminder is your e-mail address. The provision of further data is voluntary and may be used to address you personally. We use the so-called double opt-in procedure for sending e-mails, which ensures that you will only receive a notification if you have expressly confirmed your consent to this by clicking on a verification link sent to the e-mail address provided.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 para. 1 lit. a DSGVO for the sending of a shopping basket reminder. In doing so, we store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data we collect when you register for our

e-mail notification service are used strictly for the intended purpose.

You can unsubscribe from the shopping basket reminders at any time by sending a message to the responsible person named at the beginning. After unsubscribing, your e-mail address will be deleted immediately from our mailing list set up for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

8.4 Goods availability notification by e-mail

For items that are temporarily unavailable, you can sign up to receive email product availability notifications. In this case, we will send you a one-time e-mail message about the availability of the item you have selected. Only your e-mail address is required for sending this notification. The provision of further data is voluntary and may be used to address you personally. We use the so-called double opt-in procedure for sending e-mails, which ensures that you will only receive a notification if you have expressly confirmed your consent to this by clicking on a verification link sent to the e-mail address provided.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 Para. 1 lit. a DSGVO. We store your IP address entered by your internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data we collect when you register for our e-mail notification service on the availability of goods is used strictly for the intended purpose.

You can unsubscribe from the availability notifications at any time by sending a corresponding message to the responsible person named at the beginning. After unsubscribing, your e-mail address will be deleted immediately from our mailing list set up for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

9. Data processing for order handling

9.1 Insofar as necessary for the processing of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 Para. 1 lit. b DSGVO.

If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we will process the contact data (name, address, email address) provided by you when placing the order in order to inform you personally about upcoming updates within the legally stipulated period within the scope of our statutory duty to inform pursuant to Art. 6 (1) lit. c DSGVOby suitable means of communication (e.g. by post or email). Your contact details will be used strictly for the purpose of informing you about updates owed by us and will only be processed by us for this purpose to the extent necessary for the respective information.

In order to process your order, we also work together with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

9.2 Odoo

For order processing, financial accounting as well as for marketing purposes and customer relationship management (CRM), we use the provider Odoo S.A., Chaussée de Namur 40, 1367 Grand-Rosière, Belgium. Name, address and, if applicable, other personal data are passed on to Odoo S.A. in accordance with Art. 6 Para. 1 lit. b DSGVO. This transfer takes place exclusively for the purpose of processing the online order, marketing measures, product recommendations and maintaining our customer relationships and only to the extent necessary for these purposes.

Odoo S.A. is also used to process incoming and outgoing invoices and, where applicable, bank transactions of our company in order to enable efficient invoice processing, transaction reconciliation and financial accounting. Should personal data be processed as part of these processes, this is done on the basis of Art. 6 (1) lit. f DSGVO, in accordance with our legitimate interest in the efficient organisation and documentation of our business transactions.

We have concluded an order processing agreement with Odoo S.A., which ensures the protection of your personal data.

Please note that you have the right to object to this processing of your personal data based on Art. 6(1)(f) DSGVO at any time on grounds relating to your particular situation.

The data will only be stored for as long as is necessary for the performance of the contract, the fulfilment of legal retention obligations and the implementation of our marketing and CRM measures.

9.3 Credit check

If we make advance payments, e.g. in the case of purchase on account, we obtain information on identity and creditworthiness from specialised service providers (credit agencies). For this purpose, we transmit your personal data required for a credit assessment to the following company(ies): 

SCHUFA Holding AG
Cormorant Way 5
65201 Wiesbaden
Germany

CRIF Bürgel GmbH
Radlkoferstrasse 2
81373 Munich
Germany

Universum Business GmbH
Hanauer Landstrasse 164
60314 Frankfurt am Main
Germany

arvato infoscore GmbH
Rhine road 99
76532 Baden-Baden
Germany

This serves to protect our legitimate interests, which prevail in the context of a balancing of interests pursuant to Art. 6 (1) sentence 1 lit. f DSGVO, in assessing the creditworthiness and willingness to pay of our potential customers in the run-up to the conclusion of the contract and thus avoiding purchase price defaults, and is necessary for the conclusion of the contract pursuant to Art. 22 (2) lit. a DSGVO. Appropriate measures to protect your rights, freedoms and legitimate interests will be taken into account. You have the opportunity to express your point of view and contest the decision by contacting the contact option described in this data protection declaration. After the contract has been fully processed, your data processed for this purpose will be deleted, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

9.4 Transfer of personal data to shipping service providers

DHL
We use the following provider as transport service provider: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

We pass on your e-mail address and/or telephone number to the supplier in accordance with Art. 6 Para. 1 lit. a DSGVOprior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, provided you have given your express consent for this in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b DSGVO. The disclosure will only take place insofar as this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.

The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.

DHL Express

We use the following provider as transport service provider: DHL Express Germany GmbH, Heinrich-Brüning-Str. 5, 53113 Bonn, Germany

We pass on your e-mail address and/or telephone number to the supplier in accordance with Art. 6 Para. 1 lit. a DSGVO prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, provided you have given your express consent for this in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b DSGVO. The disclosure will only take place insofar as this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.

The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.

9.5 Use of payment service providers (payment services)

Amazon Pay

One or more online payment methods from the following provider are available on this website: Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg

If you select a payment method from the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) lit. b DSGVO. In this case, your data will only be passed on for the purpose of processing payment with the provider and only insofar as it is necessary for this purpose.

Paypal

One or more online payment methods of the following provider are available on this website: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

If you select a payment method from the provider where you make an advance payment, your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 Para. 1 lit. b DSGVO. In this case, your data will only be passed on for the purpose of processing payment with the provider and only insofar as it is necessary for this purpose.

If you select a payment method for which we make advance payments, you will also be asked to provide certain personal data (first and last name, street, house number, postcode, town, date of birth, e-mail address, telephone number and, if applicable, data on an alternative means of payment) during the ordering process.

In order to safeguard our legitimate interest in determining your solvency in such cases, this data will be forwarded by us to the provider for the purpose of a credit check in accordance with Art. 6 Para. 1 lit. f DSGVO. On the basis of the personal data provided by you and other data (such as shopping basket, invoice amount, order history, payment experience), the provider checks whether the payment option selected by you can be granted with regard to payment and/or bad debt risks.

The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.

You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

Klarna

One or more online payment methods from the following provider are available on this website: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden

If you select a payment method from the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) lit. b DSGVO. In this case, your data will only be passed on for the purpose of processing payment with the provider and only insofar as it is necessary for this purpose.

If you select a payment method for which the supplier makes an advance payment (e.g. invoice or instalment purchase or direct debit), you will also be asked to provide certain personal data (first and last name, street, house number, postcode, town, date of birth, e-mail address, telephone number and, if applicable, data on an alternative means of payment) during the ordering process.

In order to safeguard our legitimate interest in determining the solvency of our customers, we forward this data to the provider for the purpose of a credit check in accordance with Art. 6 Para. 1 lit. f DSGVO. The provider checks on the basis of the personal data provided by you as well as further data (such as shopping cart, invoice amount, order history, payment experience) whether the payment option selected by you can be granted with regard to payment and/or bad debt risks.

In addition to internal provider criteria, identity and creditworthiness information from the following credit agencies may also be included in the decision-making process as part of the application review in accordance with Art. 6 Para. 1 lit. f DSGVO:

https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies 

The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.

You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

Unzer

One or more online payment methods of the following provider are available on this website: Payolution GmbH Columbusplatz 7-8, Stiege 1 / 5th floor, 1100 Vienna, Austria

If you select a payment method from the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) lit. b DSGVO. In this case, your data will only be passed on for the purpose of processing payment with the provider and only insofar as it is necessary for this purpose.

If you select a payment method for which the supplier makes an advance payment (e.g. invoice or instalment purchase or direct debit), you will also be asked to provide certain personal data (first and last name, street, house number, postcode, town, date of birth, e-mail address, telephone number and, if applicable, data on an alternative means of payment) during the ordering process.

In order to safeguard our legitimate interest in determining the solvency of our customers, we forward this data to the provider for the purpose of a credit check in accordance with Art. 6 Para. 1 lit. f DSGVO. The provider checks on the basis of the personal data provided by you as well as further data (such as shopping cart, invoice amount, order history, payment experience) whether the payment option selected by you can be granted with regard to payment and/or bad debt risks.

In addition to internal provider criteria, identity and creditworthiness information from the following credit agencies may also be included in the decision-making process as part of the application review in accordance with Art. 6 Para. 1 lit. f DSGVO:

  • SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany
  • CRIF GmbH, Diefenbachgasse 35, 11 50 Vienna, Austria
  • CRIF AG, Hagenholzstrasse 81, 8050 Zurich, Switzerland
  • CRIF GmbH, Leopoldstraße 244, 80807 Munich, Germany
  • SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany
  • KSV1870 Information GmbH, Wagenseilgasse 7, 1100 Vienna, Austria
  • Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss, Germany
  • infoscore Consumer Data GmbH, Rheinstrasse 99, 76532 Baden-Baden, Germany
  • ProfileAddress Direktmarketing GmbH, Altmannsdorfer Strasse 311, 1230 Vienna, Austria
  • Emailage LTD, 1 Fore Street Ave, London, EC2Y 5EJ, United Kingdom
  • ThreatMetrix, The Base 3/F, Tower C, Evert van de Beekstraat 1, 1118 CL Schiphol, The Netherlands
  • payolution GmbH, Columbuscenter, Columbusplatz 7-8, 1100 Vienna, Austria
  • Universum Business GmbH, Hanauer Landstr. 164, 60314 Frankfurt am Main, Germany

The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.

You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

9.6 Collection service provider

We reserve the right to pass on your data to the collection service provider INKASSO24 AG, Markt 4, 09111 Chemnitz, Germany, insofar as our payment claim has not been settled despite a previous reminder. In this case, the debt will be collected directly by the collection service provider.

The disclosure of your data serves the fulfilment of the contract according to Art. 6 para. 1 p. 1 lit. b DSGVO as well as the protection of our legitimate interests in an effective assertion or assertion of claims, which outweigh our interests in the context of a balancing of interests.

Enforcement of our payment claim pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO.

10. Online marketing

10.1 Facebook Pixel for the creation of Custom Audiences

As part of our online marketing efforts, we use technology from Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Meta"), specifically the so-called "Meta Pixel". This tool enables us to place tailored advertising messages on Facebook and Instagram ("Facebook Ads" and "Instagram Ads") and to measure and optimise their effectiveness ("Conversion Tracking"). The implementation of the "Meta Pixel" and the associated data processing are based on your express consent pursuant to Art 6 para 1 lit a DSGVO.

When you visit our website, your web browser initiates direct communication with Meta's servers, regardless of whether you have an account with Meta or are currently logged into one. During this process, Meta may collect your IP address and other identifiers that may be used for profiling purposes. The extent and use of this data is beyond our control.

The information collected may be stored on Meta servers, including those in the US. Despite the removal of the EU-US Privacy Shield, Meta has pledged to comply with applicable data protection laws when transferring data internationally and has taken measures that meet a comparable standard. In addition, we have agreed standard data protection clauses with Meta to ensure an adequate level of data protection.

You can withdraw your consent at any time without affecting the lawfulness of the previous data processing. The easiest way to do this is via our consent management platform. Logged-in users can also object via the provider's platform, under the following links: www.facebook.com/settings/?tab=ads# possible or https://privacycenter.instagram.com/policy/?subpage=7.subpage.5-WithdrawConsentWhereWe

In addition, we use the remarketing function "Custom Audiences". This feature also uses the Meta Pixel to present you with relevant advertisements on our website and on other websites that use the Meta Pixel. Through these personalised ads, we aim to provide you with a more engaging online experience and effectively promote our services.

For more information on the Meta Pixel and how it works, please refer to Meta's help section at https://www.facebook.com/business/help/742478679120153? id=1205376682832142 and Meta's privacy policy at https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0.

10.1 Google AdSense

This website uses Google AdSense, a web advertising service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google AdSense uses cookies, which are text files placed on your computer, to help the website analyse how users use the site. In addition, Google AdSense also uses so-called "web beacons" (small invisible graphics) to collect information, through the use of which simple actions such as visitor traffic on the website can be recorded, collected and evaluated. The information generated by the cookie and/or web beacon (including your IP address) about your use of this website is usually transmitted to a Google server and stored there. This may also involve transmission to the servers of Google LLC. in the USA.

Google uses the information obtained in this way to carry out an evaluation of your usage behaviour with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense will not be merged with other Google data. The information collected by Google may be transferred to third parties if this is required by law and/or if third parties process this data on behalf of Google.

All processing described above, in particular the reading of information on the end device used via cookies and/or web beacons, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. Without this consent, Google AdSense will not be used during your visit to our website.

You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Google's privacy policy can be viewed here: https://www.google.de/policies/privacy/Drittlandtransfer

Third country transfer

The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not have any legal remedies against access by authorities.

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. 

Additional information on the purpose and scope of data processing as well as further information on your rights and settings options for protecting your privacy can be obtained from Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland. Accessible at https://policies.google.com/privacy?hl=de&gl=de, https://policies.google.com/technologies/ads?hl=de and https://business.safety.google/adsservices/.

11. Web analytics services

11.1 Google (Universal) Analytics

This website uses Google (Universal) Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables an analysis of your use of our website.

Google (Universal) Analytics is used on this website exclusively without the use of cookies, which means that the service does not set cookies on your terminal device at any time.

Instead, the local memory of your browser is used to store an individual ID assigned by Google (Universal) Analytics, which enables an analysis of your use of the website. For this purpose, certain user information is processed via the ID. The scope of this information also includes your IP address, which is, however, shortened by Google by the last digits in order to exclude a direct personal reference.

The information is transferred to Google servers and processed there. In the process, transfers to Google LLC, based in the USA, are also possible.

Google uses the information collected on our behalf to evaluate your use of the website, compile reports on website activity for us and provide other services relating to website activity and internet usage. The IP address transmitted and shortened by your browser as part of Google Analytics will not be merged with other Google data. The data collected in the context of the use of Google (Universal) Analytics will be stored for a period of two months and then deleted.

All processing described above, including the storage of information on the terminal device used in the form of the ID, only takes place if you have given us your express consent for this in accordance with Art. 6 Para. 1 lit. a DSGVO.

Without your consent, Google (Universal) Analytics will not be used during your visit to the site. You can revoke your consent at any time with effect for the future.

To exercise your revocation, you can download and install the browser plugin available at the following link:

https://tools.google.com/dlpage/gaoptout?hl=de

As an alternative to the browser plug-in or within browsers on mobile devices, you can revoke your consent by clicking on the following link to set an opt-out cookie that will prevent the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain. If you delete your cookies in this browser, you must click this link again):

Deactivate Google Analytics

 

We have concluded an order processing agreement with Google, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

Further legal information on Google (Universal) Analytics can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.

Demographic characteristics

Google (Universal) Analytics uses the special function "demographic characteristics" and can use this to create statistics that make statements about the age, gender and interests of site visitors. This is done by analysing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the collected data cannot be assigned to a specific person and is deleted after being stored for a period of two months.

Third country transfer

The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not have any legal remedies against access by authorities.

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out.

Further legal information on Google (Universal) Analytics, including a copy of the aforementioned standard contractual clauses, can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.

Google Signals

As an extension to Google (Universal) Analytics, Google Signals can be used on this website to have cross-device reports generated. If you have activated personalised ads and linked your devices to your Google account, Google may, subject to your consent to the use of Google Analytics pursuant to Art. 6 (1) lit. a DSGVO, analyse your usage behaviour across devices and create database models, including on cross-device conversions. We do not receive any personal data from Google, only statistics. If you would like to stop the cross-device analysis, you can disable the "Personalised advertising" function in the settings of your

Deactivate Google account. To do so, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de For more information on Google Signals, see the following link: https://support.google.com/analytics/answer/7532985?hl=de 

UserIDs

As an extension to Google (Universal) Analytics, the "UserIDs" function can be used on this website. If you have consented to the use of Google (Universal) Analytics pursuant to Art. 6 (1) lit. a DSGVO, have set up an account on this website and log in with this account on various devices, your activities, including conversions, can be analysed across devices.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Hotjar

This website uses the web analytics service of the following provider: Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta.

With the help of cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading terminal device and browser information), the service collects and stores pseudonymised visitor data, including information on the terminal device used such as the IP address and browser information, in order to evaluate them for statistical analyses of user behaviour on our website and to create pseudonymised user profiles. Among other things, this enables the evaluation of movement patterns (so-called heat maps), which show the duration of page visits and interactions with page content (e.g. text entries, scrolling, clicks and mouse-overs). Pseudonymisation fundamentally excludes the possibility of direct personal reference. A combination with clear personal data collected in any other way does not take place.

All processing described above, in particular the reading or saving of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded an order processing contract with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

11.2 Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables an analysis of your use of our website.

By default, Google Analytics sets 4 cookies when you visit the website, which are stored as small text modules on your end device and collect certain information. The scope of this information also includes your IP address, which is, however, shortened by Google by the last digits in order to exclude a direct personal reference.

The information is transferred to Google servers and processed there. In the process, transfers to Google LLC, based in the USA, are also possible.

Google uses the information collected on our behalf to evaluate your use of the website, compile reports on website activity for us and provide other services relating to website activity and internet usage. The IP address transmitted and shortened by your browser as part of Google Analytics will not be merged with other Google data. The data collected in the context of the use of Google Analytics 4 will be stored for a period of two months and then deleted.

All processing described above, in particular the setting of cookies on the terminal device used, only takes place if you have given us your express consent for this in accordance with Art. 6 Para. 1 lit. a DSGVO.

Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service via the "Cookie Consent Tool" provided on the website.

We have concluded an order processing agreement with Google, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.

Demographic characteristics

Google Analytics 4 uses the special "demographic characteristics" function and can use this to create statistics that make statements about the age, gender and interests of site visitors. This is done by analysing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the collected data cannot be assigned to a specific person and is deleted after being stored for a period of two months.

Google Signals

As an extension to Google Analytics 4, Google Signals can be used on this website to have cross-device reports generated. If you have activated personalised ads and linked your devices to your Google account, Google may, subject to your consent to the use of Google Analytics pursuant to Art. 6 (1) lit. a DSGVO, analyse your usage behaviour across devices and create database models, including on cross-device conversions. We do not receive any personal data from Google, only statistics. If you would like to stop the cross-device analysis, you can deactivate the "Personalised advertising" function in the settings of your Google account. To do so, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de You can find more information about Google Signals at the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs

As an extension to Google Analytics 4, the "UserIDs" function can be used on this website. If you have consented to the use of Google Analytics 4 pursuant to Art. 6 (1) lit. a DSGVO, have set up an account on this website and log in with this account on different devices, your activities, including conversions, can be analysed across devices.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

11.3 Google Tag Manager

This website uses the "Google Tag Manager", a service of the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google").

The Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analysis services, and for calibrating, controlling and attaching conditions to them via a uniform user interface. The Google Tag Manager itself does not store any information on user devices or read them out. The service also does not carry out any independent data analyses. However, the Google Tag Manager transmits your IP address to Google when you access a page and may store it there. Transmission to Google LLC. servers in the USA is also possible. In the USA is possible.

This processing is only carried out if you have given us your express consent to do so in accordance with Art. 6 (1) a DSGVO. Without this consent, Google Tag Manager will not be used during your visit to the website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.

We have concluded an order processing contract with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

11.4 LogRocket

LogRocket is a specialised web analytics service operated by LogRocket Inc. based in Boston, Massachusetts. It is designed to collect a wealth of data about user behaviour, including JavaScript errors, stack traces and browser metadata. It is also capable of processing feedback and survey information.

The purpose of data collection by LogRocket is to analyse user behaviour and collect feedback. The technologies used to transmit data include cookies, web logs and web beacons. With regard to the data collected, various information is gathered, including the date and time of the visit, device type, geographical location, IP address, mouse movements, pages visited, screen resolution and others.

Legally, the processing of the data is based on Art. 6 para. 1 p. 1 lit. a DSGVO. The data is processed and stored in the European Union, but may also be transferred to third countries, including the United States. It is important to note that in the case of a transfer to the USA, there are risks associated with processing by US authorities. The data is stored for a period of 365 days and then deleted if it is no longer needed.

LogRocket Inc, Amazon Web Services EMEA SARL and Datadog Inc are listed as recipients of the data. Further information, including the privacy policy and cookie policy, can be found on the LogRocket website. There is also the possibility to revoke the processing of data by LogRocket.

Finally, it should be noted that cookies from LogRocket have a maximum storage period of one year.

12.5 AdCell

Adcell is an affiliate marketing network operated by Firstlead GmbH, based in Berlin, Germany. It is designed to enable website operators to earn commissions through advertising links. Adcell may collect a variety of data about user behaviour, including clicks on advertising links, website visits and purchasing behaviour.

The purpose of data collection by Adcell is to measure the effectiveness of affiliate advertising and to generate commissions for website operators. The technologies used to transfer data include cookies, web logs and similar technologies. With regard to the data collected, various information is collected, including the date and time of the click, device type, IP address, pages visited and purchasing behaviour. Legally, the processing of the data is based on Art. 6 (1) p. 1 lit. a DSGVO. The data is processed and stored in the European Union.

Firstlead GmbH is listed as the recipient of the data. It is possible that data may also be shared with third parties in order to analyse and optimise advertising activities. Further information, including the privacy policy, can be found on the Adcell website.

It is also possible to revoke the processing of data by Adcell by restricting the use of cookies in your browser settings.

Finally, it should be noted that cookies from Adcell may have a variable storage period, depending on the website operator's settings and legal requirements.

12. Retargeting/ Remarketing and Conversion Tracking

12.1 Google Ads Remarketing

This website uses retargeting technology from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

For this purpose, Google sets a cookie in the browser of your terminal device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you have visited. Further data processing will only take place if you have consented to Google linking your internet and app browsing history to your Google Account and using information from your Google Account to personalise the ads you see on the web. In this case, if you are logged into Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data will be temporarily linked by Google with Google Analytics data in order to form target groups. The use of Google Ads Remarketing may also involve the transmission of personal data to the servers of Google LLC. in the USA.

All of the processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. Without this consent, retargeting technology will not be used during your visit to the website.

You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

12.2 Google Ads Conversion Tracking

This website uses the online advertising programme "Google Ads" and, within the framework of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). We use Google Ads to draw attention to our attractive offers on external websites with the help of advertising media (so-called Google Adwords). We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. In this way, we pursue the aim of displaying advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of the advertising costs incurred.

The conversion tracking cookie is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your terminal device. These cookies usually lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across Google Ads clients' websites. The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. The use of Google Ads may also result in the transmission of personal data to the servers of Google LLC. in the USA.

Details on the processing triggered by Google Ads Conversion Tracking and on Google's handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites

All processing described above, in particular the setting of cookies for reading out information on the end device used, is only carried out if you have given us your express consent to do so in accordance with Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

You can also permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the Google browser plug-in available at the following link:

https://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.

Google's privacy policy can be viewed here: https://www.google.de/policies/privacy/

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

12.3 Facebook Pixel for the creation of Custom Audiences

Within our online offer, we use the "Facebook Pixel" service of the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook").

When a user clicks on an advertisement placed by us on Facebook, a parameter is added to the URL of our linked page with the help of "Facebook Pixel". This URL parameter is then entered into the user's browser after the redirection by a cookie that our linked page sets itself.

On the one hand, this enables Facebook to determine the visitors to our online offer as the target group for the display of advertisements (so-called "Facebook ads"). Accordingly, we use the service to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Facebook (so-called "Custom Audiences").

On the other hand, "Facebook Pixel" can be used to track whether users have been redirected to our website after clicking on a Facebook ad and which execution actions they take there (so-called "conversion tracking").

The data collected is anonymous for us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes.

All processing described above, in particular the setting of cookies for reading out information on the end device used, is only carried out if you have given us your express consent to do so in accordance with Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded an order processing contract with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

The information generated by Facebook is usually transmitted to a Facebook server and stored there; in this context, it may also be transmitted to servers of Meta Platforms Inc. in the USA.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

13. Page functionalities

13.1 Youtube

To improve our online presence, components from YouTube ("YouTube plugin") are integrated on our website. YouTube is an internet video portal where video clips can be viewed, rated, commented on and uploaded free of charge. The processing of personal data when using YouTube is carried out by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as the responsible party. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/.

When you visit a website that contains a YouTube video, the corresponding video is loaded from YouTube. By visiting our website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the above-mentioned basic data such as IP address and time stamp are transmitted. We have no influence on this data transmission. The legal basis for the display of the videos is Art. 6 para. 1 lit. a DSGVO, i.e. the integration only takes place after your consent.

This takes place regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is carried out in particular (also for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.

The information collected is stored on Google servers, including in the USA. According to its own information, the provider has committed to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out.

The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not have any legal remedies against access by authorities.

Further information on the use of user data can be found in YouTube's privacy settings at https://www.youtube.com/intl/ALL_at/howyoutubeworks/user-settings/privacy/, in the "Privacy basics in YouTube apps" in the YouTube help at https://support.google.com/youtube/answer/10364219?hl=de and in Google's privacy policy at https://policies.google.com/privacy?hl=de&gl=de. Information on the possible opt-out can be found at https://adssettings.google.com/authenticated.

13.2 Vimeo

This website uses plugins for the display and playback of videos from the following provider: Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA

When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the provider's servers in order to load the plugin. In this process, certain information, including your IP address, is transmitted to the provider.

If the playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behaviour, create playback statistics and prevent abusive behaviour.

If you are logged into a user account with the provider during your visit to the site, your data will be directly assigned to your account when you click on a video. If you do not want this to be assigned to your account, you must log out before clicking the play button.

All of the aforementioned processing, in particular the setting of cookies for reading out information on the end device used, only takes place if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service via the "Cookie Consent Tool" provided on the website.

For the transfer of data to the USA, the provider invokes standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

13.3 Trusted Shops Trustbadge

Graphic elements of the following provider are integrated on our website to display external customer ratings and/or an externally awarded quality mark: Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne, Germany

When you access a page of our website that contains such graphic elements, your browser establishes a direct connection to the provider's servers in order to load the elements properly. In this process, certain browser information, including your IP address, is transmitted to the provider.

Insofar as personal data is also processed in the process, this is done in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in the optimal marketing of our offer and the appealing design of our website.

13.4 Google Maps

This website uses an online mapping service provided by the following provider: Google Maps (API) by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Maps is a web service for displaying interactive (land) maps in order to visually present geographical information. By using this service, you will be shown our location and it will be easier for you to find us.

Information about your use of our website (such as your IP address) is transmitted to Google servers and stored there when you call up those sub-pages in which the Google Maps map is integrated; this information may also be transmitted to Google LLC servers in the USA. This occurs regardless of whether Google provides a user account via which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish to have your data associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

The collection, storage and analysis are carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of Google's legitimate interest in displaying personalised advertising, market research and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus also the map display on this website can then not be used.

Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. In order to exercise your revocation, please follow the option described above for making an objection.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

13.5 Google reCAPTCHA

On this website we use the CAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Data may also be transmitted to: Google LLC, USA. For the visual design of the captcha window, the provider uses "Google Fonts", i.e. fonts loaded from the Internet by Google. No information other than that mentioned above, which is already transmitted to Google via the functionality of ReCaptcha, is processed in this case.

The service checks whether an input is made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks and similar automated malicious access. To ensure that an action is performed by a human being and not by an automated bot, Cloudflare Turnstile collects the IP address of the end device used, recognition data of the browser and operating system type used, as well as the date and duration of the visit, and transmits these to servers of the provider for evaluation.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission

13.6    Google Web Fonts

This site uses so-called web fonts from the following provider for the uniform display of fonts: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly and establishes a direct connection to the provider's servers. In the process, certain browser information, including your IP address, is transmitted to the provider.

Data may also be transmitted to: Google LLC, USA

The processing of personal data in the course of establishing a connection with the provider of the fonts is only carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service via the "cookie consent tool" provided on the website. If your browser does not support web fonts, a standard font will be used by your computer.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

14. Tools and miscellaneous

Cookie consent tool

This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "cookie consent tool" is displayed to users in the form of an interactive user interface when they access the page, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user gives the corresponding consent by ticking the corresponding box. This ensures that such cookies are only set on the respective end device of the user if consent has been granted.

The tool sets technically necessary cookies to save your cookie preferences. Personal user data is not processed in this process.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

Further legal basis for the processing is Art. 6 para. 1 lit. c DSGVO. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

To the extent necessary, we have concluded an order processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties. Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.

15. Rights of the data subject

15.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective prerequisites for exercising these rights:

  • Right to information pursuant to Art. 15 DSGVO;
  • Right to rectification pursuant to Art. 16 DSGVO;
  • Right to erasure pursuant to Art. 17 DSGVO;
  • Right to restriction of processing pursuant to Art. 18 DSGVO;
  • Right to information pursuant to Article 19 of the DSGVO;
  • Right to data portability pursuant to Art. 20 DSGVO;
  • Right to revoke consent given in accordance with Art. 7 (3) DSGVO;
  • Right to lodge a complaint pursuant to Article 77 of the DSGVO.

15.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

16. Duration of the storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and - if relevant - additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, the data concerned will be stored until you revoke your consent.

If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 Para. 1 lit. b DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfilment of the contract or the initiation of the contract and/or there is no justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6(1)(f) DSGVO, this data is stored until you exercise your right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing based on Art. 6 (1) lit. f DSGVO, this data will be stored until you exercise your right to object in accordance with Art. 21 (2) DSGVO.

Unless otherwise indicated in the other information in this statement on specific processing situations, stored personal data are otherwise deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

17. Security of your personal data

The protection of your personal data is important to us. However, please note that no transmission method over the Internet or electronic storage method is completely secure. Therefore, we unfortunately cannot guarantee the absolute security of your personal data.

During your visit to the website, we use the common SSL/TLS procedure (Secure Socket Layer / Transport Layer Security) in conjunction with the highest encryption level supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology. You can recognise an encrypted transmission of an individual page of our website by the closed display of the key or lock symbol in the status bar of your browser.

In addition, we use appropriate technical and organisational security measures to protect your data from accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. We continuously adapt our security measures to technical progress.

Status August 2023