Legal basis for our services and basic information on the use and disclosure of data.
The terms used, such as: "personal data" or their "processing" are explained in the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Within this offer processed personal user data are ip-addresses, as well as data on use and customer input within the offering.
Persons affected by data processing include all visitors or users of our offer, including business partners, interested parties and customers, hereinafter referred to as "users".
The terms used, such as "User", "Customer" or "Service Provider" are to be understood as gender-neutral.
All personal user data will be processed in compliance with the relevant data protection regulations. The basis for this is the existence of a legal permit and the consent of the user. The data processing is for the performance of our contractual services (eg order processing) or the online service (eg to ensure and comply with legal regulations), or due to our legitimate interest (eg for the security of our online offer within the meaning of Art. 6 (1) lit. GDPR, analysis to optimize the safety and efficiency of our business, including profiling for advertising and marketing purposes, collection of reach and access data and third-party services), we will use the data in accordance with the legal permission framework.
Art. 6 para. 1 lit. a. and Art. 7 GDPR form the legal basis for the consent, Art. 6 para. 1 lit. b. GDPR serves as the legal basis for the processing of contracts and services. The legal basis for the processing of the data to fulfill our legal obligations is Art. 6 (1) lit. c. GDPR, and as a basis for the processing of the data to safeguard our legitimate interests, Art. 6 para. 1 lit. f. GDPR.
Disclosure of data to third parties and third party providers
A transfer of data to third parties takes place exclusively in accordance with legal requirements. It only takes place if this is necessary for the purpose of the contract (in accordance with Article 6 (1) (b) GDPR) or because of legitimate interests in our economic and effective business operations (pursuant to Article 6 (1) lit. GDPR).
In order to comply with the legal requirements and for the protection of personal data, we also take appropriate legal, technical and organizational measures when using subcontractors.
If third-party services, tools or other means are used and the named seat of this provider is located in a third country, data transfer to that country is also likely. The GDPR is an EU regulation and applies to all member states. Transmission to countries outside the EU or the European Economic Area is only permitted with legal permission, consent of the users, or at an adequate level of data protection in the respective third country.
Measures for protection and safety
In order to protect the data processed by us from accidental or intentional manipulation, destruction, loss or access by unauthorized persons, and to comply with the provisions of data protection laws, we make technical, organizational and contractual security arrangements according to the state of the art. The encrypted transmission of data between our server and your browser is one of the security measures used.
Fulfillment of contractual services
In order to fulfill our contractual and service obligations and to protect against misuse or unauthorized use and to protect our legitimate interests, we store the IP address and time when registering, re-registering and using online services. Basically, this data is not passed on to third parties in on a personalised level, exceptions are the pursuit of our claims or a legal obligation under Art. 6 para. 1 lit. c GDPR.
For advertising purposes, we create a user profile based on the usage data (eg visits to web pages with our offer or specific product interests) in order to be able to show users interesting product hints and offers.
Contact by the user
To process user requests (via email or contact form), the information of the user in accordance with. Art. 6 para. 1 lit. b) GDPR processed.
Cookies are small files that are stored on users' media.
If users want to avoid storing cookies, this option can be disabled in the browser settings themselves. Already stored cookies can also be deleted there, however, the exclusion of cookies can lead to functional restrictions of our online offer.
Collection of access data and records (log files)
Any access to our servers is subject to our legitimate interest within the meaning of Art. 6 para. 1 lit. f. GDPR, corresponding data (so-called server log files), including date and time, amount of data, name of the accessed website, success report on the call, the operating system including browser type and version, the previously visited websites, the IP address and the provider.
For the purpose of fraud or misuse the logfile information is stored for security reasons for a maximum of seven days and then deleted. If certain data is necessary for evidence purposes, the deletion will be postponed until the final clarification of the incident.
Use Google Analytics
Google provides a guarantee for compliance with European data protection law and is certified under the Privacy Shield Agreement (https://www.privacyshield.gov/participant).
Google produces reports on the use of our online offer on our behalf. For this and for further services on our behalf, information about the activities of the users are collected within our offer. This information can also be used to create pseudonymous usage profiles.
In general, Google shortens the user's IP address within the EU or the EEA (IP anonymization enabled). In exceptional cases, however, the full IP address can be transferred to a Google server in the US and shortened there.
A combination of the IP address of the user and other Google data does not take place. Users can prevent the collection and processing of user data by downloading and installing the browser plug-in available at this link: http://tools.google.com/dlpage/gaoptout?hl=en The storage of cookies can also be done by Settings in the respective browsers are avoided.
In addition to the browser settings and Google's additional software, we offer another function to prevent data collection. Here you can see if the collection of your views via Google Analytics is activated on our website. You can also prevent capture by clicking "Disable Now". If you click the button, an HTML5 storage object is saved on your computer, which then ensures that no script is loaded by Google Analytics. If the site data is deleted in this browser, the link must be clicked again. Furthermore, the opt-out applies only within the browser you use and only within our respective webdomain, on which the link was clicked.
For further information on setting and contradictory possibilities as well as for data collection by Google, please contact Google directly: https://www.google.com/intl/de/policies/privacy/partners, https://www.google.com/policies/technologies/ads and https://www.google.com/settings/ads You can also view and edit your ad settings here, https://adssettings.google.com/authenticated. You can opt-out of interest-based advertising through Google Marketing Services by using Google's recruitment and opt-out options: https://www.google.com/ads/preferences.
Integration and use of Facebook marketing services (Facebook and Custom Audiences)
Due to our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR we use for our online offer the so-called "Facebook Pixel", which is from Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are located in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland is operated ("Facebook").
Facebook provides a guarantee that it complies with European data protection law, as evidenced by certification under the Privacy Shield Agreement (https://www.privacyshield.gov/participant).
The Facebook Pixel is used by us to display the Facebook ads we have posted only to those Facebook users who have also shown an interest in our online offer, certain products or themes. In addition, with the help of the Facebook pixel, we want to make sure that our ads on Facebook meet the potential interest of users and not be annoying. The Facebook Pixel enables us to determine the effectiveness of our Facebook Ads and to compile statistics on how many users visit our online offer via an advertisement.
If one of our web pages is called up, the Facebook pixel is automatically integrated into the page and a cookie can be stored on the device of the user. If the user is logged in to Facebook or log in later, the visit to our online offer will also be saved in the corresponding Facebook profile. The data collected are anonymous and do not allow any conclusions about the user identity by us. However, Facebook itself stores and processes the data, however, and as a result of the connection to the respective Facebook profile, Facebook's own use is also possible for advertising or market research purposes. Should a comparison of the data on our part be necessary with Facebook, these are first encrypted within the browser and only then sent by us via a secure connection to Facebook.
In order for users, in particular, to see our advertisements, which are also interested in our online offerings, we (also based on our legitimate interests) use "Custom Audiences from File" from Facebook. The email addresses of our newsletter recipients are encrypted and transferred to Facebook. This way, a targeted display of our switched Facebook Ads can be guaranteed for these users.
The scope and processing of the data are enshrined in Facebook's Data Usage Policy. You can also find basic tips for Facebook adverts at: https://www.facebook.com/policy.php. For more information about Facebook Pixel and how it works, visit the help section of Facebook: https://www.facebook.com/business/help/.
A contradiction against the data collection by the Facebook pixel and against the use of your data to display Facebook ads is possible. To do this, visit the page set up by Facebook and follow the instructions for the usage-based advertising settings: https://www.facebook.com/settings?tab=ads. All settings are platform independent, the application is thus on all devices (such as mobile or desktop devices).
Whether the collection of your data via the Facebook pixel on our website is activated, you can see here. You can also prevent capture by clicking "Disable Now". When you click the button, an HTML5 storage object is stored on your computer. If the site data is deleted in this browser, the link must be clicked again. Furthermore, the opt-out applies only within the browser you use and only within our respective webdomain, on which the link was clicked.
Our offer also includes offers from third-party providers. This is also based on our legitimate interest within the meaning of Art. 6 para. 1 lit. f. GDPR. Content and its presentation (such as videos or fonts) require that third parties recognize the user's IP address. For the transmission of the contents to the browser this is unavoidable. When selecting third-party vendors, we take care to only use those vendors who use the IP address only for delivery of the content. In addition, third parties may use web beacons or pixel tags to collect data for statistics and marketing. As a result, z. B. Information about the visitors of the website will be evaluated. All data may be stored in cookies on the device used by the user, pseudonymised. These data include technical information about the operating system and browser, as well as data on the use of the offer. This data can also be linked to data from other sources.
Below you will find an overview of some of the third-party providers we include, including links to the corresponding data protection statements. These also contain further information on possibilities of objection, as well as opt-out options, if these are possible.
- For the integration and administration of the various analysis and marketing services we can use the "Google Tag Manager".
Personal Rights of Users
Upon request, every user can obtain information about their personal data stored by us, if technically possible.
In addition, users have the right to have incorrect data rectified and to limit the processing and deletion of their personal data. In addition, the right to data portability can be invoked. A complaint to the competent supervisory authority is possible at any time.
Any consent given by the user can always be revoked at any time, only with future effect.
Data that is not subject to a statutory retention period will be deleted as soon as it is no longer necessary for your purpose. If the deletion is not possible due to its purpose or other provisions, its processing will be restricted. Blocking the data thus prevents processing for other purposes.
The storage takes place in accordance with § 257 exp. 1 HGB (for trading books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc.) for 6 years, as well as § 147 Abs. 1 AO (for books, records, management reports, accounting documents, trading and business letters, documents relevant to taxation, etc.) for 10 years.
Right to object
Users may object to the processing of their personal data in accordance with legal requirements at any time. The objection may in particular be made against processing for direct marketing purposes.