Data protection

Privacy Policy

Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for concluding a contract. You are not obliged to provide the data. Failure to provide it will have no consequences. This applies only as long as no other information is given in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.

Server log files

You can visit our websites without providing any personal information.

Each time our website is accessed, usage data is transmitted by your internet browser to us or our web hoster / IT service provider and stored in log data (so-called server log files). This stored data includes, for example, the name of the accessed page, date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offerings.

Collection and processing when using the cancellation button

If you have concluded a contract via our online presence, we provide you with a cancellation function (cancellation button) through which you can submit your cancellation declaration directly.

When using the cancellation function, we only collect your personal data (name, email address, information for identifying the contract or part of the contract you wish to cancel, as well as the time (date and time) of sending the cancellation declaration) to the extent provided by you. The data processing serves the purpose of providing you with the legally required option to cancel your contract and for the proper processing of your cancellation.

If the contact concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Otherwise, the data processing is carried out on the basis of Art. 6 Para. 1 lit. c GDPR, as we are legally obliged to provide you with a cancellation function on our online presence.

We only use your email address to process your cancellation declaration. Your data will then be deleted in compliance with legal retention periods, unless you have consented to further processing and use.

Disclosure to third-party providers (plugin usage)
For the technical provision and management of the cancellation function on our online presence, we use a software solution from the third-party providerBuschBytes Hofstraße 2-4, Cologne, 51061, DE
Your collected personal data will be transmitted to the servers of the aforementioned third-party providers when using the cancellation function.

The processing of your personal data serves the purpose of legally fulfilling the requirements for the design of the cancellation function and is carried out on the basis of Art. 6 Para. 1 lit. c GDPR. This data processing is also carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in being able to provide you with a user-friendly cancellation option. In this case, you have the right to object at any time to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR for reasons arising from your particular situation.

Customer account Orders

Customer account
When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.

Collection, processing, and transfer of personal data for orders

When placing an order, we collect and process your personal data only to the extent necessary to fulfill and process your order and to handle your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it will result in the inability to conclude a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR and is necessary for the performance of a contract with you.

Your data is transferred, for example, to shipping companies, dropshipping/fulfillment providers, payment service providers, service providers for order processing, and IT service providers. In all cases, we strictly adhere to legal requirements. The scope of data transfer is limited to a minimum.

Your data may be transferred to and processed in third countries outside the EU, particularly Canada and the USA. For Canada, there is an adequacy decision by the EU Commission. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to those of the EU Commission's standard contractual clauses.

Reviews Advertising

Data collection when writing a comment or review
When commenting/reviewing an article or post, we only collect your personal data (name, email address, comment text) to the extent provided by you. The processing serves the purpose of enabling commenting/reviewing and displaying comments/reviews.

For the purpose of verifying your review/comment, we also collect the following data: order number, , , .

By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your personal data will then be deleted.

In addition, when the comment/review is submitted, your IP address is stored for the purpose of preventing misuse of the comment or review function and ensuring the security of our information technology systems. By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your IP address will then be deleted.

Use of Judge.me
On our website, we use the "Judge.me" rating system provided by Judge.me Ltd (c/o Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB; "Judge.me").
Judge.me allows us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After an order, you may receive an invitation from us or Judge.me to submit a review and then submit a review. In doing so, the following data may be processed by us or Judge.me: email address, name, phone number, address, information about your device (IP address, information about your web browser and the operating system used), information about the purchased product or the service used (order number, product details), the content of your review and the star rating you gave, your product photos or videos (if you attached them to your product review). This data may also be used for the purpose of verifying your review.
Judge.me uses technologies such as cookies.
Your data may be transferred outside the EU to the United Kingdom. There is an adequacy decision by the EU Commission for the United Kingdom.
Your data may be transferred to the USA. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Judge.me is not certified under the TADPF. This data transfer is based on special contracts approved for use in the United Kingdom and offering the same protection that personal data has in the United Kingdom.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR, provided you have expressly agreed to the transfer of your data and the receipt of the review invitation. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection when using Judge.me can be found at: https://judge.me/privacy.

Use of email address for sending newsletters
We use your email address to send information and offers via newsletter, provided you have expressly consented to this. The data processing serves exclusively the purpose of advertising. For this purpose, we process your email address and, if applicable, other data that you voluntarily provided when subscribing to our newsletter.
The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list. Despite removal from the distribution list, we may continue to store your email address in a so-called blacklist to prevent you from receiving newsletter emails from us in the future. This storage is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our and your legitimate interest in preventing the renewed use of your email address for sending our newsletter. You have the right to object at any time to this processing of your personal data for reasons arising from your particular situation.

Your data will be passed on to an email marketing service provider as part of order processing. No disclosure to other third parties takes place.

Use of mobile phone number for sending SMS advertising
Regardless of contract processing, we use your mobile phone number exclusively for our own advertising purposes to send SMS advertising, provided you have expressly consented to this.
The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your mobile phone number will then be removed from the distribution list.

Your mobile phone number will be passed on to an SMS sending service provider as part of order processing.

Use of email address for availability notifications
We offer an availability notification service on our website. If an item is temporarily unavailable, you have the option to enter your email address for the respective item and be informed by email by us when it is available, provided you have consented to this. You will receive a one-time email notification about the availability of the respective item when it becomes available. The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the distribution list.

Inventory Management

Use of an external inventory management system
We use an inventory management system for contract processing as part of order processing. For this purpose, your personal data collected during the order process will be transmitted to
PULPO WMS 2810 N Church St Wilmington, Delaware, 19802 USA
.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

Payment service providers Credit check

Use of PayPal Express
We use the payment service PayPal Express of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the PayPal Express payment service. To integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when the website is called up. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The processing of your personal data is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time to this processing of your personal data for reasons arising from your particular situation.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you with the chosen payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS.

Use of PayPal Checkout
We use the PayPal Checkout payment service from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you with the chosen payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

Cookies may be stored, which enable the recognition of your browser. The data processing taking place as a result is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time to this processing of your personal data for reasons arising from your particular situation.

Credit card via PayPal, direct debit via PayPal & "Pay Later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematically-statistical procedures using credit agencies if necessary. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information obtained about the statistical probability of a payment default for a balanced decision on the establishment, implementation or termination of the contractual relationship. The credit report may include probability values (score values) which are calculated on the basis of scientifically recognized mathematically-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for initiating a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when PayPal advances payment.
You have the right to object at any time to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR by notifying PayPal for reasons arising from your particular situation. The provision of the data is required for the conclusion of the contract with your desired payment method. Failure to provide it will result in the inability to conclude the contract with the payment method you have chosen.

Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. For the implementation of this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Local third-party providers can be, for example:

Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)

Invoice purchase via PayPal
When paying via invoice purchase, the data required for payment processing is first transmitted to PayPal. For the implementation of this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you with the chosen payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Ratepay may carry out a credit assessment based on mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit assessment for initiating a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Ratepay advances payment. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.

Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Use of Klarna payment options

We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna") on our website. By selecting and using payment via Klarna, the data required for payment processing is transmitted to Klarna in order to fulfill the contract with you with the chosen payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

Cookies may be stored, which enable the recognition of your browser. The data processing taking place as a result is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time to this processing of your personal data for reasons arising from your particular situation.

"Pay Later" (invoice), "Pay Now" (payment by direct debit, credit card, instant transfer), "Financing" (instalment purchase)

For individual payment methods such as "Pay Later" (invoice), "Pay Now" (payment by direct debit, credit card, instant transfer), "Financing" (instalment purchase), Klarna reserves the right to obtain a credit report based on mathematically-statistical procedures using credit agencies if necessary.

For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, email address, IP address, and data related to the order, to a credit agency for the purpose of identity and credit assessment and uses the information obtained about the statistical probability of a payment default for a balanced decision on the establishment, implementation or termination of the contractual relationship. The credit report may include probability values (score values) which are calculated on the basis of scientifically recognized mathematically-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for initiating a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Klarna advances payment. You have the right to object at any time to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR by notifying Klarna for reasons arising from your particular situation. The provision of the data is required for the conclusion of the contract with your desired payment method. Failure to provide it will result in the inability to conclude the contract with the payment method you have chosen.

Further information, especially about which credit agencies Klarna passes on your personal data to, can be found for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies.

General information about Klarna can be found for Germany at: https://www.klarna.com/de/ and for Austria at https://www.klarna.com/at/. Your personal data will be handled by Klarna in accordance with the applicable data protection regulations and according to the information in Klarna's data protection regulations for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy.

Use of the payment service provider Mollie
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. The data processing serves the purpose of being able to offer you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g., bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, address data, and information about the product or service you purchased from us. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated privacy policy https://www.mollie.com/de/legal/privacy

Use of Shopify Payments
We use the "Shopify Payments" payment service from Shopify International Limited (2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website. In this case, payment processing is carried out by the payment service provider Stripe Payments Europe, Ltd. (1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland; "Stripe"). The data processing serves the purpose of being able to offer you payment via the Shopify Payments service. By selecting and using an appropriate "Shopify Payments" payment method, the data required for payment processing is transmitted to Stripe in order to fulfill the contract with you with the chosen payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Stripe reserves the right to obtain a credit report based on mathematically-statistical procedures using credit agencies if necessary. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the information obtained about the statistical probability of a payment default for a balanced decision on the establishment, implementation or termination of the contractual relationship. The credit report may include probability values (score values) which are calculated on the basis of scientifically recognized mathematically-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for initiating a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Stripe advances payment.
You have the right to object at any time to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR by notifying Stripe for reasons arising from your particular situation. The provision of the data is required for the conclusion of the contract with your desired payment method. Failure to provide it will result in the inability to conclude the contract with the payment method you have chosen.
Further information on data processing when using the Shopify Payments service can be found in Shopify's privacy policy at: https://www.shopify.com/de/legal/datenschutz.
Further information on data processing when payment is processed via the payment service provider Stripe can be found in Stripe's privacy policy at: https://stripe.com/de/privacy.

Cookies

Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and the transmission of the data they contain. Already stored cookies can be deleted at any time. However, we would like to point out that you may then not be able to use all functions of this website to their full extent.

You can find out how to manage cookies (including disabling them) in the main browsers via the following links:

Chrome: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/cookies-in-microsoft-edge-delete-63947406-40ac-c3b8-57b9-2a946a29ae09

Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac

Technically necessary cookies

Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized again after a page change.

The use of cookies or comparable technologies takes place on the basis of § 25 Para. 2 TDDDG. The processing of your personal data takes place on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.

You have the right to object at any time to this processing of your personal data for reasons arising from your particular situation.

Analysis Ad tracking

Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities and to provide other services related to website use and internet use to the website operator.
The following information may be collected, among others: IP address, date and time of page view, click path, information about the browser you are using and the device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data that Google has about you.

Your IP address will be shortened by us on our own servers beforehand. Google thus only receives pseudonymized data.

Google uses technologies such as cookies, browser web storage and tracking pixels, which enable an analysis of your use of the website. The use of cookies or similar technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR.

The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.

The information generated by these about your use of this website is usually transmitted to a Google server in the USA and stored there. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles. Both Google and US government authorities have access to your data.

Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=en&gl=en.

Use of Shopify statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses, and statistics. Among other things, the following device information is collected and processed: information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate the website, information about visited web pages or products, the referrer URL (website from which you accessed our website), and information about how you interact with the website are also collected. Technologies such as cookies, web beacons, tags, and pixels (electronic files for recording information about how you navigate the website) are used for this purpose.
Your data may be transferred to and processed in third countries outside the EU, particularly Canada and the USA. For Canada, there is an adequacy decision by the EU Commission. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
You can find more information about data protection at Shopify at https://www.shopify.com/en/legal/privacy, information about the data processing agreement at https://www.shopify.com/en/legal/dpa as well as information about the cookies used at https://www.shopify.com/en/legal/cookies.

Use of Microsoft Clarity
We use the analytics tool "Microsoft Clarity" from Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland; "Microsoft") on our website. Microsoft is an affiliated company of Microsoft Corporation (One Microsoft Way, Redmond, Washington 98052, USA).
The data processing serves the purpose of designing, optimizing, and analyzing our website according to demand. With the tool, movements of page visitors on the website are recorded randomly. This creates a log of mouse movements, scrolling behavior, dwell time, and clicks on the website (so-called heatmap).
For this purpose, cookies or similar technologies are used. The following information may be collected, among others: IP address, time of access, click path, information about the device you are using (device type, screen size and resolution, unique device identifier, operating system), information about the browser you are using (browser type and browser version), location data, preferred language for displaying the website, visited subpages, dwell time, viewed content, requested website or file.
User profiles are created from this data under a pseudonym. The data is not used to personally identify the visitor to the website and is not merged with personal data of the person holding the pseudonym. Microsoft is contractually prohibited from selling the collected data to other third parties.
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Microsoft has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
Detailed information on the cookies used and their function can be found at https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-list. Information on the storage duration of the collected information can be found at https://learn.microsoft.com/en-us/clarity/setup-and-installation/data-retention. Further information on data protection when using Microsoft Clarity can be found at https://learn.microsoft.com/en-us/clarity/faq#privacy, https://learn.microsoft.com/en-us/clarity/setup-and-installation/clarity-data and https://clarity.microsoft.com/terms. General information on data protection at Microsoft can be found at https://privacy.microsoft.com/en-us/privacystatement.

Use of the Meta Pixel

We use the Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.

Meta and we are joint controllers for the collection of your data and the transfer of this data to Meta when the service is integrated. This is based on an agreement between us and Meta on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/terms/businesstools. Accordingly, we are particularly responsible for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection concerns our obligations under the joint processing agreement. Meta is responsible for enabling the rights of data subjects pursuant to Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection concerns Meta's obligations under the joint processing agreement.

The application serves the purpose of specifically targeting website visitors with interest-based advertising on the social networks Facebook and Instagram. For this purpose, Meta's remarketing tag has been implemented on the website. This tag establishes a direct connection to Meta's servers when the website is visited. This transmits to Meta's server which of our pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalized, interest-based ads.

The application also serves the purpose of generating conversion statistics. Here, we learn the total number of users who have clicked on one of our ads and been redirected to a page with a conversion tracking tag, and what actions are taken after being redirected to this website. However, we do not receive any information that personally identifies users.

Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
You can deactivate the "Custom Audiences" remarketing function here. Further information on the collection and use of data by Meta, your rights in this regard and options for protecting your privacy can be found in Meta's privacy policy at https://www.facebook.com/about/privacy/.

Use of Google Ads Conversion Tracking
We use the online advertising program "Google Ads" on our website and, within this framework, conversion tracking (visitor action evaluation). Google Conversion Tracking is an analysis service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
If you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and therefore do not serve for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. Thus, there is no possibility that cookies can be tracked across Ads customers' websites.
The information obtained with the help of the conversion cookie serves the purpose of creating conversion statistics. Here we learn the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that personally identifies users.
Your data may be transmitted to Google LLC servers in the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

The use of cookies or similar technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information and Google's privacy policy can be found at: https://www.google.de/policies/privacy/

Use of Google Inc.'s remarketing or "similar audiences" function
We use the remarketing or "similar audiences" function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The application serves the purpose of analyzing visitor behavior and visitor interests. To carry out the analysis of website usage, which forms the basis for the creation of interest-based advertisements, Google uses cookies. The cookies record website visits and anonymized data about website usage. No personal data of website visitors is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously viewed product and information areas.
Your data may be transmitted to Google LLC servers in the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on Google Remarketing and the associated privacy policy can be found at: https://www.google.com/privacy/ads/

Plug-ins and other

Use of Google Tag Manager
We use Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of designing and optimizing our website according to demand.
Google Tag Manager itself neither stores cookies nor processes personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.

Use of social plugins
We use social network plugins on our website. The integration of social plugins and the data processing that takes place serves the purpose of optimizing the advertising for our products.
When social plugins are integrated, a connection is established between your computer and the servers of the social network providers, and the plugin is then displayed on the page by notification to your browser, provided you have expressly consented to this. Both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered or logged in to the social network. Even for unregistered or logged out users, a transmission takes place. If you are simultaneously logged in to one or more of your social network accounts, the collected information can also be assigned to your corresponding profiles. When using the plugin functions (e.g., by pressing the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
The social networks listed below are integrated into our website via social plugins. Further information on the scope and purpose of the collection and use of data, as well as your rights and options for protecting your privacy in this regard, can be found in the linked privacy policies of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are joint controllers for the collection of your data and the transfer of this data to Facebook when the service is integrated. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. Accordingly, we are particularly responsible for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection concerns our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects pursuant to Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection concerns Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.
Further information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/en/privacy-policy
Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

Use of Social Plug-ins via "Shariff"
We use social network plugins on our website. To ensure you retain control over your data, we use privacy-safe "Shariff" buttons.
Without your express consent, no links are established to the social network servers, and consequently no data is transmitted.
"Shariff" is a development by the specialists of the computer magazine c't. It allows for more privacy on the web and replaces the usual "share" buttons of social networks. More information about the Shariff project can be found here https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.
When you click the buttons, a pop-up window appears where you can log in with your data to the respective provider. Only after this active login by you is a direct connection to the social networks established.
By logging in, you give your consent to the transfer of your data to the respective social media provider. Among other things, your IP address and information about which of our pages you have visited will be transmitted. If you are simultaneously connected to one or more of your social network accounts, the collected information will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks listed below are integrated using the "Shariff" function.
Further information on the scope and purpose of the collection and use of data, as well as your rights and options for protecting your privacy in this regard, can be found in the linked privacy policies of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388.
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/en/privacy-policy
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

X, formerly known as Twitter, (X Corp., 1355 Market Street, Suite 900 San Francisco, CA 94103, USA)

https://twitter.com/privacy
https://twitter.com/personalization
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Use of Social Plug-ins via the "2-click solution"
We use social network plugins on our website via the "2-click solution". This means that no connections to the servers of the social networks are established and consequently no data is transmitted without your explicit consent.
With the standard integration of plugins, when you visit pages of our website that contain such a plugin, a connection is established between your computer and the servers of the social network providers, and the plugin is then displayed on the page by notification to your browser. Both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered or logged in to the social network. Even for unregistered or logged out users, a transmission takes place. If you are also logged in to the social network Facebook, this information is assigned to your personal user account. When using the plugin functions (e.g. by pressing the button), this information is also assigned to your user account, which you can only prevent by logging out before using the plugin. To ensure you retain control over your data, we have decided to initially deactivate the corresponding button. You can recognize this by the greyed-out button. Without your explicit consent - in the form of activating the button - no connection to the social network's server is established and consequently no data is transmitted.
Only when you activate the button does it become active (colored) and a direct connection to the social network's servers is established.
By activating it, you give your consent to the transfer of your data to the respective social network provider. Among other things, your IP address and information about which of our pages you have visited will be transmitted. If you are simultaneously connected to one or more of your social network accounts, the collected information will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your social network user accounts before visiting our website and before activating the buttons.
The social networks listed below are integrated using the "2-click function". Further information on the scope and purpose of the collection and use of data, as well as your rights and options for protecting your privacy in this regard, can be found in the linked privacy policies of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
http://instagram.com/legal/privacy/
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA):
https://policy.pinterest.com/en/privacy-policy
https://help.pinterest.com/en/articles/personalization-and-data
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

X, formerly known as Twitter, (X Corp., 1355 Market Street, Suite 900 San Francisco, CA 94103, USA)

https://twitter.com/privacy
https://twitter.com/personalization
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF).X has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Use of Google reCAPTCHA

We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The query serves the purpose of distinguishing between input by a human or by automated, mechanical processing. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and, if applicable, other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and, if applicable, also transmitted to Google LLC servers in the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.

Further information on Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy.

Use of Google Maps
We use the function for embedding Google Maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google") on our website.
The function enables the visual representation of geographical information and interactive maps. When pages with embedded Google Maps are accessed, data of website visitors is also collected, processed, and used by Google.
Your data may also be transferred to the USA. For the USA, an adequacy decision by the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 Para. 1 S. 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on the collection and use of data by Google can be found in Google's privacy policy at https://www.google.com/privacypolicy.html. There you also have the option in the privacy center to change your settings so that you can manage and protect your data processed by Google.

Data Subject Rights and Storage Duration

Duration of storage
After complete contract processing, the data will first be stored for the duration of the warranty period, then taking into account legal, particularly tax and commercial law, retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.

Rights of the data subject
Subject to the legal requirements, you have the following rights under Art. 15 to 20 GDPR: right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, you have a right to object to processing based on Art. 6 para. 1 f GDPR, as well as to processing for the purpose of direct marketing, in accordance with Art. 21 para. 1 GDPR.

Right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.

You can lodge a complaint, among other places, with the supervisory authority responsible for us, which you can reach at the following contact details:

Unabhängiges Datenschutzzentrum Saarland
Fritz-Dobisch-Str. 12
66111 Saarbrücken
Tel.: +49 681 947810
Fax: +49 681 9478129
Email: poststelle@datenschutz.saarland.de

Right to object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR, you have the right to object to these processing operations at any time with future effect for reasons arising from your particular situation.
After a successful objection, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing serves the assertion, exercise or defense of legal claims.

last updated: 22.10.2024

```