Introduction and Overview

We have drafted this privacy policy (version 05.07.2023-112492029) in order to explain to you, in compliance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, what personal data (shortened to "data" below) we collect as a responsible entity, and what legal options you have. The terms used are gender-neutral.

In short: We comprehensively inform you about data that we process about you.

Privacy policies usually sound very technical and use legal terms. This privacy policy, however, aims to describe the most important things to you as simply and transparently as possible. To the extent that this is conducive to transparency, technical terms are explained in a reader-friendly way, links to further information are provided, and graphics are used. In doing so, we explain in clear and simple language that we only process personal data in the course of our business activities if there is a corresponding legal basis. This is certainly not possible if one gives as brief, unclear, and legal-technical explanations as are often standard on the Internet when it comes to data protection. We hope that you find the following explanations interesting and informative, and perhaps there is some information that you did not already know.
If you still have questions, we ask that you contact the responsible party listed below or in the imprint, follow the existing links, and look for further information on third-party sites. Of course, you will also find our contact information in the imprint.

Application area

This privacy policy applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (data processors). By personal data we mean information in the sense of Art. 4 No. 1 GDPR, such as name, email address and postal address of a person. The processing of personal data ensures that we can offer and invoice our services and products, whether online or offline. The application area of ??this privacy policy includes:

• all online presences (websites, online shops) that we operate
• social media presences and email communication
• mobile apps for smartphones and other devices

In short: The privacy policy applies to all areas in which personal data is processed in a structured manner in the company via the channels mentioned. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal bases

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, that allow us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679.

We only process your data if at least one of the following conditions applies:

1. Consent (Article 6(1)(a) GDPR): You have given us consent to process data for a specific purpose. An example would be storing the data you entered in a contact form.
2. Contract (Article 6(1)(b) GDPR): We process your data to fulfill a contract or pre-contractual obligations with you. For example, if we enter into a purchase agreement with you, we need personal information beforehand.
3. Legal obligation (Article 6(1)(c) GDPR): We process your data if we are under a legal obligation to do so. For example, we are legally required to keep invoices for accounting purposes. These usually contain personal data.
4. Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not override your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data to operate our website securely and economically efficiently. This processing is thus a legitimate interest.

Other conditions, such as the exercise of public interest or the exercise of official authority and the protection of vital interests, do not usually apply to us. If such a legal basis should nevertheless be relevant, it will be indicated at the corresponding point.

In addition to the EU regulation, national laws also apply:

• In Austria, this is the Federal Act on the Protection of Individuals with regard to the Processing of Personal Data (Data Protection Act), abbreviated DSG.
• In Germany, the Federal Data Protection Act, abbreviated BDSG, applies.

If further regional or national laws apply, we will inform you in the following sections.

Contact details of the data controller

If you have any questions about data protection or the processing of personal data, you can find the contact details of the responsible person or entity below:

Julia Ivanova
c/o skriptspektor e. U.
Robert-Preuszler-Straße 13 / TOP 1
5020 Salzburg
Austria

E-Mail: webmaster AT juliaredhead.com

Legal notice: https://www.juliaredhead.com/legal/

Storage Duration

Our general criterion is that we only store personal data for as long as it is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for the data processing is no longer present. In some cases, we are legally obliged to store certain data even after the original purpose has ceased, for example for accounting purposes.

If you wish to have your data deleted or revoke your consent to data processing, the data will be deleted as soon as possible and as far as there is no obligation to store it.

We will provide you with information on the specific duration of the respective data processing below, provided we have further information on this.

Rights according to the General Data Protection Regulation

In accordance with Articles 13 and 14 of the GDPR, we inform you of the following rights that you have in order to ensure fair and transparent data processing:

• According to Article 15 of the GDPR, you have the right to know whether we process data about you. If this is the case, you have the right to receive a copy of the data and to know the following information:
  • the purpose for which we carry out the processing;
  • the categories, i.e. the types of data processed;
  • who receives this data and, if the data is transmitted to third countries, how security can be guaranteed;
  • how long the data is stored;
  • the right to rectification, erasure or restriction of processing and the right to object to processing;
  • that you have the right to lodge a complaint with a supervisory authority (links to these authorities can be found below);
  • the origin of the data, if we did not collect it from you;
  • whether profiling is carried out, i.e. whether data is automatically evaluated in order to create a personal profile of you.
• According to Article 16 of the GDPR, you have the right to have your data corrected, which means we must correct any errors you find.
• According to Article 17 of the GDPR, you have the right to erasure ("right to be forgotten"), which means you can request the deletion of your data.
• According to Article 18 of the GDPR, you have the right to restriction of processing, which means we can only store the data but not use it further.
• According to Article 20 of the GDPR, you have the right to data portability, which means we must provide you with your data in a commonly used format upon request.
• According to Article 21 of the GDPR, you have the right to object, which, when enforced, brings about a change in processing.
  • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interests), you can object to the processing. We will then examine as soon as possible whether we can comply with this objection legally.
  • If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may not use your data for direct marketing purposes thereafter.
  • If data is used for profiling, you can object to this type of data processing at any time. We may not use your data for profiling purposes thereafter.
• According to Article 22 of the GDPR, you may, under certain circumstances, have the right not to be subject to a decision based solely on automated processing (such as profiling).
• According to Article 77 of the GDPR, you have the right to lodge a complaint. This means that you can complain to the supervisory authority at any time if you believe that the processing of personal data violates the GDPR.

In short: You have rights - do not hesitate to contact the responsible authority listed above with us!

If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can complain to the supervisory authority. For Austria, this is the Datenschutzbehörde, whose website can be found at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI). The following local data protection authority is responsible for our company:

Austrian Data Protection Authority

Director: Mag. Dr. Andrea Jelinek
Address: Barichgasse 40-42, 1030 Vienna
Telephone: +43 1 52 152-0
Email: dsb@dsb.gv.at
Website: https://www.dsb.gv.at/

Data Transfer to Third Countries

We only transfer or process data to countries outside the EU (third countries) if you consent to this processing, if it is legally required, or contractually necessary and in any case only to the extent generally permitted. Your consent is in most cases the most important reason why we have data processed in third countries. Processing personal data in third countries such as the United States, where many software vendors offer services and have their server locations, may mean that personal data is processed and stored in unexpected ways.

We expressly point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the United States. The processing of data by US services (such as Google Analytics) may result in data being processed and stored non-anonymously. In addition, US government agencies may have access to individual data. Furthermore, it may happen that collected data is linked to data from other services of the same provider, if you have a corresponding user account. Where possible, we try to use server locations within the EU if they are offered.

We will inform you in the appropriate places in this privacy policy in more detail about data transfer to third countries, if applicable.

Security of Data Processing

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible within our capabilities for third parties to draw conclusions about personal information from our data.

Art. 25 GDPR speaks here of "data protection by design and by default" and means that security is always taken into account both in software (e.g. forms) and hardware (e.g. access to the server room) and appropriate measures are taken. Below, if necessary, we will go into specific measures.

TLS Encryption with https

TLS, encryption and https sound very technical, and they are. We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data securely over the Internet.
This means that the entire transmission of all data from your browser to our web server is secure - no one can "listen in".

In this way, we have introduced an additional layer of security and comply with data protection by design (Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission protection by the small lock symbol in the top left corner of the browser, to the left of the internet address (e.g. examplepage.com) and the use of the schema https (instead of http) as part of our internet address.
If you want to learn more about encryption, we recommend searching Google for "Hypertext Transfer Protocol Secure wiki" to find good links to further information.

Communication

Communication Summary 👥 Data subjects: All individuals who communicate with us via phone, email or online form 📓 Processed data: e.g. phone number, name, email address, entered form data. For more details, see the respective contact method used 🤝 Purpose: Handling communication with customers, business partners, etc. 📅 Storage period: Duration of the business case and legal requirements ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract), Art. 6 para. 1 lit. f GDPR (legitimate interests)

If you contact us and communicate with us via phone, email or online form, personal data may be processed.

The data will be processed for the purpose of handling and processing your inquiry and the associated business transaction. The data will be stored for as long as required by law or as long as the business case continues.

Data subjects

All individuals who seek contact with us via the communication channels provided by us are affected by the aforementioned processes.

Phone

If you call us, call data will be pseudonymously stored on the respective end device and at the telecommunication provider used. In addition, data such as name and telephone number can be sent by email and stored to answer the inquiry. The data will be deleted as soon as the business case is completed and legal requirements allow.

Email

If you communicate with us via email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and data may be stored on the email server. The data will be deleted as soon as the business case is completed and legal requirements allow.

Online forms

If you communicate with us via online form, data will be stored on our web server and may be forwarded to one of our email addresses. The data will be deleted as soon as the business case is completed and legal requirements allow.

Legal basis

The processing of the data is based on the following legal bases:

• Art. 6 para. 1 lit. a GDPR (Consent): You give us your consent to store your data and to use it for purposes related to the business case;
• Art. 6 para. 1 lit. b GDPR (Contract): There is a need for the fulfillment of a contract with you or a data processor such as the telephone provider, or we need to process the data for pre-contractual activities, such as preparing an offer;
• Art. 6 para. 1 lit. f GDPR (Legitimate interests): We want to conduct customer inquiries and business communication in a professional setting. For this purpose, certain technical facilities such as e-mail programs, exchange servers, and mobile network operators are necessary in order to operate communication efficiently.

Data processing agreement (DPA)

In this section, we would like to explain what a data processing agreement is and why it is needed. Because the term "data processing agreement" is quite a tongue twister, we will also use the acronym DPA frequently in this text. Like most companies, we do not work alone, but also use services from other companies or individuals. By involving various companies or service providers, it may be necessary for us to disclose personal data for processing. These partners then act as data processors with whom we conclude a contract, the so-called data processing agreement (DPA). For you, the most important thing to know is that the processing of your personal data is carried out exclusively according to our instructions and must be regulated by the DPA.

Who are data processors?

As a company and website owner, we are responsible for all data we process from you. In addition to the responsible parties, there may also be so-called data processors. This includes any company or person who processes personal data on our behalf. More precisely and according to the GDPR definition: any natural or legal person, authority, institution or other body that processes personal data on our behalf is considered a data processor. Data processors can therefore be service providers such as hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

For better understanding of the terminology, here is an overview of the three roles in the GDPR:

Data Subject (you as a customer or prospect)? Controller (us as a company and client)? Processor (service providers such as web hosts or cloud providers)?

Contents of a Data Processing Agreement

As mentioned above, we have concluded a DPA with our partners who act as processors. This states, above all, that the processor processes the data to be processed exclusively in accordance with the GDPR. The contract must be concluded in writing, but the electronic conclusion of the contract is also considered "in writing" in this context. Processing of personal data only takes place on the basis of the contract. The contract must contain the following:

• Binding to us as the controller
• Obligations and rights of the controller
• Categories of data subjects
• Type of personal data
• Nature and purpose of data processing
• Subject matter and duration of data processing
• Location of data processing

Furthermore, the contract contains all obligations of the processor. The most important obligations are:

• Ensuring measures for data security
• Taking possible technical and organizational measures to protect the rights of the data subject
• Keeping a record of processing activities
• Cooperating with the supervisory authority for data protection on request
• Conducting a risk analysis with regard to the personal data received
• Sub-processors may only be commissioned with the written consent of the controller

You can see what such a DPA looks like, for example, at https://www.wko.at/service/wirtschaftsrecht-gewerberecht/eu-GDPR-mustervertrag-auftragsverarbeitung.html. Here a sample contract is presented.

Cookies

Cookies Summary 👥 Data subjects: Visitors of the website 🤝 Purpose: Depending on the respective cookie. More details can be found below or from the software manufacturer that sets the cookie. 📓 Processed data: Depending on the respective cookie. More details can be found below or from the software manufacturer that sets the cookie. 📅 Storage period: Depending on the respective cookie, it can range from hours to years. ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit.f GDPR (Legitimate interests)

What are Cookies?

Our website uses HTTP cookies to store user-specific data.
In the following, we explain what cookies are and why they are used, so that you can better understand the following privacy policy.

Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

There is no denying that cookies are really useful little helpers. Almost all websites use cookies. More specifically, they are HTTP cookies, as there are also other cookies for other application areas. HTTP cookies are small files that are stored by our website on your computer. These cookie files are automatically placed in the cookie folder, which is essentially the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data from you, such as language or personal page settings. When you revisit our site, your browser sends the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie from the server, which the browser reuses when another page is requested.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (such as Google Analytics). Each cookie must be individually evaluated, as each cookie stores different data. The lifespan of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans, or other "malware". Cookies also cannot access information on your PC.

Here is an example of what cookie data can look like:

Name: _ga
Value: GA1.2.1326744211.152112492029-9
Purpose: Distinguishing website visitors
Expiration Date: after 2 years

These are the minimum sizes a browser should be able to support:

• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies total

What types of cookies are there?

The question of which cookies we specifically use depends on the services used and will be clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Essential Cookies
These cookies are necessary to ensure basic functionality of the website. For example, these cookies are needed when a user adds a product to their shopping cart, then continues to browse other pages, and later goes to the checkout. These cookies ensure that the shopping cart is not deleted even if the user closes their browser window.

Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies also measure the loading time and behavior of the website on different browsers.

Targeted Cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes, or form data are stored.

Advertising Cookies
These cookies are also called targeting cookies. They are used to deliver individually tailored advertising to the user. This can be very practical, but also very annoying.

Typically, when you visit a website for the first time, you will be asked which of these types of cookies you want to allow. And of course, this decision is also saved in a cookie.

If you want to know more about cookies and don't mind technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments by the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".

Purpose of Processing through Cookies

The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.

What data is processed?

Cookies are little helpers for many different tasks. Unfortunately, it is not possible to generalize what data is stored in cookies, but we will inform you about the processed or stored data as part of the following privacy policy.

Storage duration of cookies

The storage duration depends on the respective cookie and is specified in more detail below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.

You also have an influence on the storage duration. You can manually delete all cookies at any time through your browser (see also below "Right to object"). Furthermore, cookies based on consent are deleted no later than upon revocation of your consent, while the legality of the storage remains unaffected until then.

Right to object - how can I delete cookies?

How and whether you want to use cookies is up to you. Regardless of which service or website the cookies originate from, you always have the option to delete, deactivate, or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, change or delete cookie settings, you can find this in your browser settings:

Chrome: Clear, enable, and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove the information websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you generally do not want cookies, you can set up your browser to always notify you when a cookie is to be set. This way, you can decide for each individual cookie whether to allow it or not. The procedure varies depending on the browser. It's best to search for the instructions on Google with the search term "Delete cookies Chrome" or "Disable cookies Chrome" in the case of a Chrome browser.

Cookie Consent Management / Cookie Banner

On our website you have full control over the non-essential cookies you'd like to allow to be set via the cookie consent management tool (cookie banner). This tool is provided by CookieYes, and lets you opt in or out of technically non-essential cookies at any time via the cookie-settings-button on the left. CookieYes is operated by CookieYes Limited, 3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom. You can learn more about their data policies and usage of cookies in their privacy policy and their cookie policy.

For keeping track of the visitors' cookie consent decissions, CookieYes keeps an anonymized consent log and sets a consent cookie to remember the users' preferences:

Name: cookieyes-consent
Category: Necessary
Purpose: CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors.
Expiration date: after 1 year

Legal basis

Since 2009, there have been the so-called "cookie guidelines". It is stipulated therein that the storage of cookies requires your consent (Article 6 (1) (a) GDPR). However, there are still very different reactions to these guidelines within the EU countries. In Austria, however, this directive was implemented in § 96 (3) of the Telecommunications Act (TKG). In Germany, the cookie guidelines were not implemented as national law. Instead, the implementation of this directive largely took place in § 15 (3) of the Telemedia Act (TMG).

For strictly necessary cookies, even where no consent is given, there are legitimate interests (Article 6 (1) (f) GDPR), which are usually of an economic nature. We want to provide visitors to the website with a pleasant user experience and certain cookies are often absolutely necessary for this purpose.

To the extent that non-essential cookies are used, this only happens with your consent. The legal basis is therefore Article 6 (1) (a) GDPR.

In the following sections, you will be informed in more detail about the use of cookies, if the software used uses cookies.

Web hosting introduction

Webhosting Summary 👥 Affected: Visitors to the website 🤝 Purpose: Professional hosting of the website and securing its operation 📓 Processed data: IP address, time of website visit, browser used and other data. More details can be found below or with the respective web hosting provider. 📅 Storage duration: dependent on the respective provider, but usually 2 weeks ⚖️ Legal basis: Art. 6 para. 1 lit.f GDPR (legitimate interests)

What is Web Hosting?

When you visit websites these days, certain information - including personal data - is automatically created and stored, just like on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages on a domain, i.e. everything from the home page (homepage) to the very last subpage (like this one). By domain, we mean, for example, example.com or sampleexample.com.

To view a website on a computer, tablet, or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We refer to them as browser or web browser.

To display the website, the browser must connect to another computer where the code of the website is stored: the web server. Running a web server is a complex and time-consuming task, which is why it is usually taken over by professional providers, the providers, who offer web hosting and thus ensure reliable and error-free storage of website data. A lot of technical terms, but please stay with us, it gets better!

When the browser on your computer (desktop, laptop, tablet, or smartphone) connects and during the data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server also has to store data for a while to ensure proper operation.

A picture is worth a thousand words, so the following graphic illustrates the interaction between browser, the internet, and the hosting provider.

Why do we process personal data?

The purposes of data processing are:

1. Professional hosting of the website and ensuring its operation
2. Maintaining operational and IT security
3. Anonymous analysis of access behavior to improve our offerings and potentially for criminal prosecution or enforcement of claims

What data is processed?

Even while you are currently visiting our website, our web server (the computer on which this website is stored) usually automatically stores data such as:

• the complete internet address (URL) of the accessed website
• browser and browser version (e.g. Chrome 87)
• the operating system used (e.g. Windows 10)
• the address (URL) of the previously visited page (referrer URL) (e.g. https://www.example-source-site.com/where-i-came-from/)
• the hostname and IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
• date and time
• in files, the so-called web server log files

How long will data be stored?

Generally, the data mentioned above is stored for two weeks and then automatically deleted. We do not share this data, but we cannot rule out the possibility that it may be viewed by authorities in the event of unlawful behavior.

In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not share your data without your consent!

Legal basis

The lawfulness of processing personal data in the context of web hosting arises from Art. 6 para. 1 lit. f GDPR (protection of legitimate interests), because the use of professional hosting with a provider is necessary to present the company safely and user-friendly on the internet and to be able to pursue attacks and claims resulting from it if necessary.

There is usually a contract between us and the hosting provider for order processing in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.

Webhosting Provider External Privacy Policy

Below you will find the contact details of our external hosting provider, where you can find out more about data processing, in addition to the information above:

Namecheap, Inc.
4600 East Washington Street, Suite 305, Phoenix, AZ 85034, USA

You can learn more about data processing at this provider in the Privacy Policy.

You can find details about the order processing agreement with our hosting provider on this page.

Web Analytics Introduction

Web Analytics Privacy Policy Summary 👥 Concerned persons: Visitors of the website 🤝 Purpose: Analysis of visitor information for optimizing the website 📓 Processed data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. More details can be found in the respective Web Analytics tool used. 📅 Storage duration: Depends on the Web Analytics tool used ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is Web Analytics?

We use software on our website to analyze visitor behavior, commonly known as web analytics. Data is collected by the respective analytics tool provider (also known as tracking tool), who then stores, manages and processes the data. The data is analyzed to provide us, as the website operator, with information about user behavior on our website. In addition, most tools offer various testing options, allowing us to test which offers or content are most popular with our visitors. For these testing procedures, as well as other analytics procedures, user profiles can be created and data can be stored in cookies.

Why do we conduct Web Analytics?

Our website has a clear goal: we want to provide the best web offering on the market for our industry. To achieve this goal, we aim to offer the best and most interesting content, while ensuring that you feel comfortable on our website. By using web analytics tools, we can examine the behavior of our website visitors in greater detail and use that information to improve our website for both you and us. For example, we can determine the average age of our visitors, where they come from, when our website is most frequently visited, or which content or products are most popular. All of this information helps us optimize the website to better suit your needs, interests, and wishes.

What data is processed?

The exact data that is stored depends on the analytics tools used. Typically, however, data such as which content you view on our website, which buttons or links you click on, when you visit a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to visit the website, or which computer system you use is saved. If you have given permission for location data to be collected, the web analytics tool provider may also process that data.

By using our website, you consent to the use of cookies and to the processing of personal data collected through cookies in accordance with our privacy policy.

We would like to inform you about the use of cookies and web analytics services to optimize our website and to offer you the best possible service. The use of cookies and web analytics services is in our legitimate interest according to Art. 6 para. 1 lit. f GDPR. Detailed information on the use of cookies and web analytics services can be found in our privacy policy.

Please note that your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address is usually stored in pseudonymised form (i.e. in unrecognisable and abbreviated form). Direct data such as your name, age, address or e-mail address are not generally stored for the purpose of testing, web analytics and web optimisation. If such data is collected, it is stored in pseudonymised form. This means that you cannot be identified as a person.

The following example shows the functionality of Google Analytics as an example of client-based web tracking with Java-Script code.

The duration of data storage always depends on the provider. Some cookies store data for only a few minutes or until you leave the website, while others can store data for several years.

Duration of data processing

We will inform you below about the duration of data processing, if we have any further information on this. Generally, we process personal data only as long as it is absolutely necessary for the provision of our services and products. If it is required by law, such as in the case of accounting, this storage period may also be exceeded.

Right to object

You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser.

Legal basis

The use of web analytics requires your consent, which we obtained through our cookie popup. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent is the legal basis for the processing of personal data, as may occur when collecting data through web analytics tools.

In addition to consent, we also have a legitimate interest in analyzing the behavior of website visitors in order to improve our offering technically and economically. With the help of web analytics, we can identify website errors, detect attacks, and improve efficiency. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). However, we only use the tools if you have given your consent.

Since cookies are used in web analytics tools, we also recommend that you read our general privacy policy on cookies. To find out exactly what data is stored and processed about you, you should read the privacy policies of the respective tools.

If available, you can find information on specific web analytics tools in the following sections.

Google Analytics Privacy Policy

Google Analytics Privacy Policy Summary 👥 Affected: Visitors to the website 🤝 Purpose: Evaluation of visitor information to optimize the web offering. 📓 Processed data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior and IP addresses. More details on this can be found below in this privacy policy. 📅 Storage period: Depends on the properties used. ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests).

What is Google Analytics?

We use the Google Analytics (GA) analysis tracking tool of the American company Google Inc. on our website. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is stored in a cookie and sent to Google Analytics. With the reports we receive from Google Analytics, we can better tailor our website and service to your needs. In the following, we will provide more detailed information about the tracking tool, especially about which data is stored and how you can prevent this.

Google Analytics is a tracking tool that serves to analyze the traffic on our website. In order for Google Analytics to work, a tracking code is integrated into the code of our website. When you visit our website, this code records various actions that you perform on our website. Once you leave our website, this data is sent to the Google Analytics servers and stored there.

Google processes the data and we receive reports about your user behavior. These reports may include, among other things:

• Audience reports: Through audience reports, we get to know our users better and have a better understanding of who is interested in our service.
• Ad reports: Ad reports make it easier for us to analyze and improve our online advertising.
• Acquisition reports: Acquisition reports give us helpful information on how to get more people interested in our service.
• Behavior reports: Here we learn about how you interact with our website. We can see which pages you visit and which links you click on.
• Conversion reports: A conversion refers to an action where you perform a desired action as a result of a marketing message. For example, when you go from being just a website visitor to a buyer or newsletter subscriber. Through these reports, we can learn more about how our marketing efforts are resonating with you and aim to increase our conversion rate.
• Real-time reports: Here we always get immediate information about what is happening on our website. For example, we can see how many users are currently reading this text.

Why do we use Google Analytics on our website?

Our goal with this website is clear: We want to provide you with the best possible service. The statistics and data from Google Analytics help us achieve this goal.

The statistically evaluated data shows us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it is more easily found by interested people on Google. On the other hand, the data helps us to better understand you as a visitor. We therefore know very precisely what we need to improve on our website to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?

Google Analytics creates a random, unique ID that is associated with your browser cookie using a tracking code. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This is the only way to evaluate pseudonymous user profiles.

To analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. The Google Analytics 4 property is standard for every newly created property. Alternatively, you can also create the Universal Analytics property. Depending on the property used, data is stored for different periods of time.

Your interactions on our website are measured through identifiers such as cookies and app instance IDs. Interactions include all types of actions that you perform on our website. If you also use other Google systems (such as a Google account), data generated by Google Analytics can be linked to third-party cookies. Google does not share Google Analytics data unless we as website operators approve it. Exceptions may occur if it is legally required.

The following cookies are used by Google Analytics:

Name: _ga_* (_ga_442V5D74PV)
Category: Analytics
Purpose: Google Analytics sets this cookie to store and count page views.
Expiration date: after 1 year 1 month 4 days

Name: _ga
Value: 2.1326744211.152112492029-5
Category: Analytics
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. Essentially, it is used to differentiate website visitors. Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
Expiration date: after 1 year 1 month 4 days

Name: _gid
Value: 2.1687193234.152112492029-1
Purpose: The cookie is also used to differentiate website visitors.
Expiration date: after 24 hours

Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose: Used to reduce request rate. If Google Analytics is provided via Google Tag Manager, this cookie is named _dc_gtm_<property-id>.
Expiration date: after 1 minute

Name: AMP_TOKEN
Value: no information
Purpose: The cookie has a token with which a user ID can be retrieved from the AMP client ID service. Other possible values indicate a logout, request, or error.
Expiration date: after 30 seconds up to 1 year

Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: This cookie allows tracking of your behavior on the website and measures performance. The cookie is updated every time information is sent to Google Analytics.
Expiration date: after 2 years

Name: __utmt
Value: 1
Purpose: The cookie is used to throttle request rate. It is like _gat_gtag_UA_<property-id> cookie.
Expiration: after 10 minutes

Name: __utmb
Value: 3.10.1564498958
Purpose: This cookie is used to determine new sessions/visits. It is updated every time data is sent to Google Analytics.
Expiration: after 30 minutes

Name: __utmc
Value: 167421564
Purpose: This cookie is used to determine new sessions for returning visitors. It is a session cookie and is only stored until you close your browser.
Expiration: after browser is closed

Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: This cookie is used to identify the source of traffic to our website. It stores where you came from, which can be a different page or an advertising campaign.
Expiration: after 6 months

Name: __utmv
Value: not specified
Purpose: This cookie is used to store custom user data. It is updated every time information is sent to Google Analytics.
Expiration: after 2 years

Note: This list cannot claim to be complete, as Google may change their choice of cookies from time to time.

Here we show you an overview of the most important data collected with Google Analytics:

Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly which areas you click on. This gives us information about where you are "moving around" on our site.

Session duration: Google refers to the time you spend on our site without leaving as session duration. If you have been inactive for 20 minutes, the session ends automatically.

Bounce rate: Bounce rate is when you only view one page on our website and then leave.

Account creation: When you create an account or make an order on our website, Google Analytics collects this data.

IP address: The IP address is only displayed in abbreviated form so that no clear assignment is possible.

Location: The IP address can be used to determine the country and approximate location. This process is also referred to as IP location determination.

Technical information: Technical information includes your browser type, your internet service provider, or your screen resolution.

Source: Google Analytics, or we are naturally interested in which website or advertising brought you to our site.

Other data includes contact information, possible ratings, playing media (e.g. if you play a video on our site), sharing content on social media, or adding it to your favorites. The list is not exhaustive and serves only as a general orientation for data storage by Google Analytics.

How long and where will the data be stored?

Google has distributed their servers around the world. Most servers are located in America, and as a result, your data is usually stored on American servers. You can read exactly where the Google data centers are located here: https://www.google.com/about/datacenters/locations/?hl=en

Your data is distributed on different physical storage devices. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Each Google data center has appropriate emergency programs for your data. For example, if hardware fails at Google or natural disasters disable servers, the risk of service interruption at Google remains low.

The retention period of the data depends on the properties used. When using the newer Google Analytics 4 properties, the retention period for your user data is fixed at 14 months. For other so-called event data, we have the option of choosing a retention period of 2 months or 14 months.

For Universal Analytics properties, Google Analytics has a standardized retention period of your user data of 26 months. Then your user data will be deleted. However, we have the option of choosing the retention period of usage data ourselves. For this, we have five options available:

• Deletion after 14 months
• Deletion after 26 months
• Deletion after 38 months
• Deletion after 50 months
• No automatic deletion

In addition, there is also the option that data will only be deleted if you do not visit our website within the time frame we have chosen. In this case, the retention period will be reset each time you visit our website within the specified period.

If the specified time period has expired, the data will be deleted once a month. This retention period applies to your data that is linked to cookies, user recognition, and advertising IDs (e.g. cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is a fusion of individual data into a larger unit.

How can I delete my data or prevent data storage?

Under the data protection law of the European Union, you have the right to obtain information about your data, to update, delete or restrict it. By using the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js), you can prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=en. Please note that this add-on only deactivates data collection by Google Analytics.

If you want to deactivate, delete, or manage cookies in general, you will find the corresponding links to the instructions of the most common browsers under the section "Cookies".

Legal basis

The use of Google Analytics requires your consent, which we obtained through our cookie popup. This consent constitutes the legal basis for the processing of personal data that may occur during the collection of web analytics tools, according to Art. 6 Abs. 1 lit. a GDPR (consent).

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors to improve our offering technically and economically. With the help of Google Analytics, we can identify website errors, detect attacks, and improve efficiency. The legal basis for this is Art. 6 Abs. 1 lit. f GDPR (legitimate interests). However, we only use Google Analytics if you have given your consent.

Google processes data from you, among others, in the United States. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This can be associated with various risks for the legality and security of data processing.

As the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or for data transfers to these countries, Google uses so-called standard contractual clauses (= Art. 46. Abs. 2 and 3 GDPR). Standard contractual clauses (Standard Contractual Clauses - SCC) are model templates provided by the European Commission and are intended to ensure that your data also comply with European data protection standards when transferred and stored in third countries (such as the USA). Through these clauses, Google undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

We hope we have provided you with the most important information about the data processing of Google Analytics. If you want to learn more about the tracking service, we recommend these two links: https://marketingplatform.google.com/about/analytics/terms/en/ and https://support.google.com/analytics/answer/6004245?hl=en.

Data processing agreement (DPA) with Google Analytics

In accordance with Article 28 of the General Data Protection Regulation (GDPR), we have concluded a data processing agreement (DPA) with Google. You can read about what a DPA is exactly and what it must contain in our general section on "Data Processing Agreements (DPA)".

This contract is legally required because Google processes personal data on our behalf. It clarifies that Google may only process data received from us according to our instructions and must comply with the GDPR. You can find the link to the data processing terms and conditions at https://business.safety.google/intl/de/adsprocessorterms/.

Google Analytics Reports on Demographic Features and Interests

We have enabled the advertising reporting features in Google Analytics. The demographic features and interests reports contain information about age, gender, and interests. This allows us to better understand our users without being able to identify individual people. Learn more about the advertising features at https://support.google.com/analytics/answer/3450482?hl=en&utm_id=ad.

You can opt-out of the activities and information on your Google Account by checking the “Ads Personalization” box in “Ad Settings” at https://adssettings.google.com/authenticated.

Google Analytics in Consent Mode

Depending on your consent, personal data about you is processed by Google Analytics in so-called consent mode. You can choose whether to agree to Google Analytics cookies or not. This also determines which data Google Analytics may process from you. This data is mainly used to conduct measurements on user behavior on the website, display targeted advertising, and provide us with web analytics reports. Typically, you consent to data processing by Google through a cookie consent tool. If you do not consent to data processing, only aggregated data will be collected and processed. This means that data cannot be attributed to individual users and thus no user profile of you is created. You can also only consent to statistical measurement. No personal data is processed and therefore not used for advertising or advertising success.

Google Analytics IP Anonymization

We have implemented IP address anonymization from Google Analytics on this website. This function was developed by Google so that this website can comply with applicable data protection regulations and recommendations of local data protection authorities that prohibit the storage of complete IP addresses. The anonymization or masking of the IP takes place as soon as the IP addresses arrive in the Google Analytics data collection network and before any storage or processing of the data takes place.

For more information on IP anonymization, please visit https://support.google.com/analytics/answer/2763052?hl=en.

Messenger & Communication Introduction

Messenger & Communication Privacy Policy Summary 👥 Affected persons: Visitors to the website 🤝 Purpose: Contact requests and general communication between us and you 📓 Processed data: Data such as name, address, email address, telephone number, general content data, possibly IP address More details on this can be found in the respective tools used. 📅 Storage period: Depending on the messenger and communication functions used ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests), Art. 6 para. 1 sentence 1 lit. b. GDPR (contractual or pre-contractual obligations)

What are messenger and communication functions?

On our website, we offer various ways to communicate with us (such as messenger and chat functions, online or contact forms, email, and telephone). Your data will be processed and stored to the extent necessary for responding to your inquiry and any subsequent actions.

In addition to traditional communication methods such as email, contact forms, or telephone, we also use chats or messengers. The most commonly used messenger function at present is WhatsApp, but there are, of course, many different providers that offer messenger functions, specifically for websites. If content is end-to-end encrypted, this is indicated in the respective privacy policies or in the privacy statement of the respective provider. End-to-end encryption simply means that the content of a message is not visible to the provider. However, information about your device, location settings, and other technical data can still be processed and stored.

Why do we use messenger and communication functions?

Communication with you is of great importance to us. After all, we want to talk to you and answer any questions you may have about our service to the best of our ability. Good communication is an important part of our service. With the practical messenger and communication functions, you can choose the ones that suit you best at any time. In exceptional cases, however, we may not be able to answer certain questions via chat or messenger. This is the case, for example, when it comes to internal contractual matters. In such cases, we recommend using other communication options such as email or telephone.

In general, we assume that we remain responsible for data protection even when using the services of a social media platform. However, the European Court of Justice has decided that in certain cases, the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we will inform you separately and work on the basis of an agreement in this regard. The essential provisions of the agreement are outlined below for the affected platform.

Please note that when using our built-in features, data from you may also be processed outside the European Union, as many providers, such as Facebook Messenger or WhatsApp, are American companies. As a result, you may no longer be able to easily assert or enforce your rights with regard to your personal data.

What data is processed?

The specific data stored and processed depends on the respective provider of the messenger and communication functions. In general, this includes data such as name, address, telephone number, email address, and content data, such as all information you enter in a contact form. Usually, information about your device and IP address are also stored. Data collected through a messenger and communication function is also stored on the servers of the providers.

If you want to know exactly what data is stored and processed by each provider, and how you can object to the data processing, you should carefully read the respective company's privacy policy.

How long will data be stored?

The length of time data is processed and stored primarily depends on the tools we use. Further down, you will learn more about the data processing of individual tools. The privacy policies of providers usually specify exactly what data is stored and processed, as well as how long. Personal data is generally only processed for as long as it is necessary to provide our services. When data is stored in cookies, the storage duration can vary greatly. The data can be deleted immediately after leaving a website, but it can also be stored for several years. Therefore, if you want to know more about data storage, you should examine each individual cookie in detail. In most cases, the privacy policies of individual providers also provide informative information about individual cookies.

Right to object

You also have the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can prevent data collection through cookies by managing, disabling, or deleting cookies in your browser. For more information, please refer to the consent section.

Since cookies may be used for messenger and communication functions, we also recommend that you read our general privacy policy on cookies. To find out exactly what data is being stored and processed about you, you should read the privacy policies of the respective tools.

Legal basis

If you have consented to the processing and storage of data about you through integrated messenger and communication functions, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). We process your request and manage your data in the context of contractual or pre-contractual relationships to fulfill our pre-contractual and contractual obligations or to answer inquiries. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b. GDPR. In general, your data is also stored and processed based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners if you have given your consent.

WhatsApp Privacy Policy

We use the instant messaging service WhatsApp on our website. The service provider is the American company WhatsApp Inc., a subsidiary of Meta Platforms Inc. (until October 2021 Facebook Inc.). For the European region, the responsible company is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

What is WhatsApp?

Presumably, we don't need to introduce WhatsApp to you. The likelihood that you yourself use this well-known messaging service on your smartphone is relatively high. For many years, there have been voices that criticize WhatsApp or its parent company Meta Platforms regarding the handling of personal data. The main criticism in recent years has been about the merging of WhatsApp user data with Facebook. Facebook responded to this in 2021 by adjusting the terms of use. Facebook stated that currently (as of 2021) no personal data of WhatsApp users is shared with Facebook.
Nevertheless, several personal data of yours are processed on WhatsApp if you use WhatsApp and have agreed to data processing. These include not only your phone number and chat messages, but also sent photos, videos, and profile data. However, photos and videos should only be temporarily cached, and all messages and calls are encrypted with end-to-end encryption. Therefore, they should not be viewable by Meta itself. In addition, information from your address book and other metadata is stored on WhatsApp.

Why do we use WhatsApp?

We want to stay in touch with you, and WhatsApp is the best way to do that. On the one hand, because the service works flawlessly, and on the other hand, because WhatsApp is still the most used instant messaging tool worldwide. The service is practical and enables uncomplicated and fast communication with you.

How secure is data transfer on WhatsApp?

WhatsApp processes data from you, among other things, in the USA. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can entail various risks for the legality and security of data processing.
As a basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, and especially in the USA) or for data transfers there, WhatsApp uses so-called Standard Contractual Clauses (= Art. 46. para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are template agreements provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards when they are transferred to and stored in third countries (such as the USA). Through these clauses, WhatsApp undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en
You can find information on data transfers at WhatsApp that comply with the Standard Contractual Clauses at https://www.whatsapp.com/legal/business-data-transfer-addendum-20210927

We hope we have provided you with the most important information about the use and processing of data by WhatsApp. To learn more about the data processed through the use of WhatsApp, please refer to the Privacy Policy at https://www.whatsapp.com/privacy.

Introduction to Social Media

Summary of Social Media Privacy Policy 👥 Concerned parties: Visitors to the website 🤝 Purpose: Presentation and optimization of our service, contact with visitors, interested parties, among others, advertising 📓 Processed data: Data such as phone numbers, email addresses, contact details, user behavior data, information about your device, and your IP address. More details can be found with the respective social media tool in use. 📅 Storage period: dependent on the social media platforms used ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is Social Media?

In addition to our website, we are also active on various social media platforms. User data can be processed so that we can target users who are interested in us through social networks. In addition, elements of a social media platform may be directly embedded into our website. This is the case, for example, when you click on a so-called social button on our website and are directly redirected to our social media presence. Websites and apps that allow registered members to produce content, exchange content openly or in certain groups, and network with other members are called social media.

Why do we use Social Media?

For years, social media platforms have been the place where people communicate and connect online. With our social media presence, we can introduce our products and services to interested parties. The social media elements integrated into our website help you quickly and easily switch to our social media content.

The data stored and processed through your use of a social media channel is primarily intended to enable web analyses. The aim of these analyses is to develop more precise and personalised marketing and advertising strategies. Depending on your behaviour on a social media platform, suitable conclusions can be drawn about your interests with the help of the evaluated data, and so-called user profiles can be created. This allows the platforms to present you with tailored advertisements. Usually, cookies are set in your browser for this purpose, which store data about your usage behaviour.

We generally assume that we remain legally responsible for data protection even if we use services of a social media platform. However, the European Court of Justice has ruled that in certain cases, the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we will separately point this out and work on the basis of an agreement in this regard. The essential part of the agreement is then reproduced below for the respective platform.

Please note that when using social media platforms or our embedded elements, data from you can also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. This may make it more difficult for you to assert or enforce your rights with regard to your personal data.

Which data is processed?

The data that is stored and processed depends on the respective provider of the social media platform. However, it usually includes data such as phone numbers, email addresses, data that you enter in a contact form, user data such as which buttons you click, whom you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Especially if you have your own profile on the visited social media channel and are logged in, data can be linked to your profile.

All data collected through a social media platform is also stored on the providers' servers. Thus, only the providers have access to the data and can provide you with the appropriate information or make changes.

If you want to know exactly what data is stored and processed by social media providers and how to object to data processing, you should carefully read the respective company's privacy policy. If you have any questions about data storage and data processing, or if you want to assert corresponding rights, we recommend that you contact the provider directly.

Duration of Data Processing

Below, we will inform you about the duration of data processing if we have further information. For example, the social media platform Facebook stores data until it is no longer needed for its own purposes. Customer data that is compared with the user's own data is deleted within two days. In general, we process personal data only for as long as it is absolutely necessary for the provision of our services and products. If, for example, it is legally required, such as in the case of accounting, this storage period can also be exceeded.

Right to Object

You also have the right and the opportunity to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent the collection of data through cookies by managing, deactivating, or deleting cookies in your browser.

Since cookies may be used in social media tools, we also recommend that you read our general privacy policy on cookies. To find out exactly what data is being stored and processed from you, you should read the privacy policies of the respective tools.

Legal basis

If you have given consent to the processing and storage of data from you through embedded social media elements, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Generally, your data will also be stored and processed based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners, if consent has been given. However, we only use the tools to the extent that you have given consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our privacy text on cookies carefully and view the privacy policy or cookie policies of the respective service provider.

If available, you can find information on specific social media platforms in the following sections.

AddToAny Privacy Policy

We use a GDPR and CCPA-compliant social media plugin (social sharing buttons) from AddToAny on our website. The provider does not store or sell any personal data. One component of the AddToAny plugin includes the ability to share website content via email. When using the corresponding button, the respective data protection regulations of your own email provider apply. The official applications of social media platforms available through AddToAny fall within the scope of the individual data protection declarations of the respective providers. These will be explained in more detail below.

Learn more about data processing at AddToAny in the privacy policy.

Facebook Privacy Policy

Facebook Privacy Policy Summary 👥 Data subjects: Visitors to the website 🤝 Purpose: Optimization of our service performance 📓 Processed data: Data such as customer data, user behavior data, information about your device, and your IP address. More details can be found in the privacy policy below. 📅 Storage period: until the data is no longer useful for Facebook's purposes ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are Facebook tools?

We use selected tools from Facebook on our website. Facebook is a social media network of the company Meta Platforms Inc. or, for the European area, the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. With the help of these tools, we can offer you and people who are interested in our products and services the best possible offer.

If data is collected and forwarded from you via our embedded Facebook elements or via our Facebook page (fan page), both we and Facebook Ireland Ltd. are responsible for this. Facebook alone is responsible for the further processing of this data. Our joint obligations have also been enshrined in a publicly accessible agreement at https://www.facebook.com/legal/controller_addendum. This includes, for example, the requirement that we must clearly inform you about the use of Facebook tools on our site. Furthermore, we are also responsible for ensuring that the tools are securely integrated into our website in terms of data protection. Facebook is responsible, for example, for the data security of Facebook products. If you have any questions about data collection and processing by Facebook, you can contact the company directly. If you ask us the question, we are obliged to forward it to Facebook.

Below is an overview of the various Facebook tools, the data sent to Facebook, and how to delete this data.

In addition to many other products, Facebook also offers the so-called "Facebook Business Tools." This is Facebook's official designation. However, since the term is hardly known, we have decided to simply call them Facebook tools. These include:

• Facebook Pixel
• Social plugins (such as the "Like" or "Share" button)
• Facebook Login
• Account Kit
• APIs (Application Programming Interfaces)
• SDKs (Software Development Kits)
• Platform integrations
• Plugins
• Code
• Specifications
• Documentation
• Technologies and services

Through these tools, Facebook expands its services and has the ability to obtain information about user activities outside of Facebook.

Why do we use Facebook tools on our website?

We want to show our services and products only to people who are really interested in them. With the help of advertising (Facebook Ads), we can reach exactly these people. However, in order to show users appropriate ads, Facebook needs information about people's wishes and needs. Thus, information about user behavior (and contact information) is provided to the company on our website. This way, Facebook collects better user data and can show interested people the appropriate advertising for our products or services. The tools enable customized advertising campaigns on Facebook.

Facebook refers to data about your behavior on our website as "event data." This data is also used for measurement and analysis services. Facebook can create "campaign reports" on the impact of our advertising campaigns on our behalf. In addition, through analysis, we gain better insight into how you use our services, website, or products. With some of these tools, we optimize your user experience on our website. For example, you can use social plug-ins to share content on our site directly on Facebook.

What data is stored by Facebook tools?

Using individual Facebook tools can send personal information (customer data) to Facebook. Depending on the tools used, customer data such as name, address, phone number, and IP address can be sent.

Facebook uses this information to match it with the data it already has about you (if you are a Facebook member). Before customer data is transmitted to Facebook, a process called "hashing" is performed. This means that a dataset of any size is transformed into a character string. This also serves to encrypt the data.

In addition to contact details, "event data" is also transmitted. "Event data" refers to the information we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally required to do so. "Event data" can also be linked to contact data, allowing Facebook to offer better personalized advertising. After the aforementioned matching process, Facebook deletes the contact data again.

In order to deliver optimized advertisements, Facebook uses event data only if it has been combined with other data collected by Facebook through other means. Facebook also uses this event data for security, protection, development, and research purposes. Many of these data are transferred to Facebook via cookies. Cookies are small text files used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, different numbers of cookies are created in your browser. In the descriptions of the individual Facebook tools, we provide more information about specific Facebook cookies. You can also learn general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.

How long and where are the data stored?

Facebook generally stores data until it is no longer needed for its own services and Facebook products. Facebook has servers located all over the world where its data is stored. However, customer data is deleted within 48 hours after being compared with its own user data.

How can I delete my data or prevent data storage?

According to the General Data Protection Regulation, you have the right to access, correct, transfer, and delete your data.

A complete deletion of data only occurs if you completely delete your Facebook account. Here's how to delete your Facebook account:

1) Click on Settings on the right-hand side of Facebook.

2) Then click on "Your Facebook Information" in the left-hand column.

3) Now click on "Deactivation and Deletion".

4) Select "Delete Account" and then click on "Continue and Delete Account".

5) Enter your password, click "Continue" and then click "Delete Account".

The storage of data that Facebook receives through our site is done through cookies (e.g. with social plugins). In your browser, you can disable, delete, or manage individual or all cookies. Depending on which browser you use, this works differently. Under the "Cookies" section, you will find the corresponding links to the instructions for the most popular browsers.

If you do not want any cookies at all, you can set up your browser to always inform you when a cookie is about to be set. This way, you can decide whether to allow each individual cookie or not.

Legal Basis

If you have given your consent to the processing and storage of data about you through embedded Facebook tools, this consent is the legal basis for the data processing (Art. 6 para. 1 lit. a GDPR). Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners. However, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. Therefore, we recommend that you read our privacy text about cookies carefully and view Facebook's privacy policy or cookie policy.

Facebook processes data from you, among others, in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of data processing.

As the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, and in particular in the USA) or for data transfer to such countries, Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard contractual clauses (Standard Contractual Clauses - SCC) are model templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when they are transferred to and stored in third countries (such as the USA). Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en

You can find the Facebook data processing terms that correspond to the standard contractual clauses at https://www.facebook.com/legal/terms/dataprocessing.

We hope to have provided you with the most important information about the use and processing of data by Facebook tools. If you want to learn more about how Facebook uses your data, we recommend that you read the data policy at https://www.facebook.com/about/privacy/update.

Facebook Social Plugins Privacy Policy

Our website features so-called social plugins from the company Meta Platforms Inc. You can recognize these buttons by the classic Facebook logo, such as the "like" button (the hand with the raised thumb) or a unique "Facebook plugin" label. A social plugin is a small part of Facebook that is integrated into our site. Each plugin has its own function. The most commonly used functions are the well-known "like" and "share" buttons.

The following social plugins are offered by Facebook:

• Save button
• Like button, share, send, and quote
• Page plugin
• Comments
• Messenger plugin
• Embedded posts and video players
• Group plugin

On https://developers.facebook.com/docs/plugins, you can find more information on how the individual plugins are used. We use the social plugins on the one hand to offer you a better user experience on our site, and on the other hand because Facebook can use them to optimize our advertisements.

If you have a Facebook account or have ever visited https://www.facebook.com/, Facebook has already set at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our site or interact with social plugins (such as the "like" button).

The information received will be deleted or anonymized within 90 days. According to Facebook, this data includes your IP address, which website you visited, the date, the time, and other information related to your browser.

To prevent Facebook from collecting a lot of data during your visit to our website and connecting it with Facebook data, you must log out of Facebook during your website visit.

If you are not logged in to Facebook or do not have a Facebook account, your browser sends less information to Facebook because you have fewer Facebook cookies. However, data such as your IP address or which website you visit can still be transmitted to Facebook. We would like to expressly point out that we do not know exactly the contents of the data. However, we try to inform you as well as possible about the data processing based on our current knowledge. You can also read how Facebook uses the data in the company's data policy at https://www.facebook.com/about/privacy/update.

The following cookies are set in your browser at least when you visit a website with Facebook social plugins:

Name: dpr
Value: not specified
Purpose: This cookie is used to make social plugins on our website work.
Expiration date: after the end of the session

Name: fr
Value: 0jieyh4112492029c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: This cookie is also necessary for the plugins to function properly.
Expiration date: after 3 months

Note: These cookies were set after a test even if you are not a Facebook member.

If you are logged in to Facebook, you can change your ad preferences settings at https://www.facebook.com/adpreferences/advertisers/. If you are not a Facebook user, you can manage your usage-based online advertising in general at https://www.youronlinechoices.com/de/praferenzmanagement/?tid=112492029. There you have the option to deactivate or activate providers.

If you want to learn more about Facebook's privacy policy, we recommend reading the company's data policy at https://www.facebook.com/policy.php?tip=112492029.

Facebook Fanpage Privacy Policy

We also have a Facebook fanpage for our website. The service provider is the American company Meta Platforms Inc. For the European region, the responsible company is Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).

Facebook processes data from you, among other things, also in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

As a basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, in particular in the USA) or data transfers to such countries, Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard contractual clauses (Standard Contractual Clauses - SCC) are template agreements provided by the European Commission and are intended to ensure that your data also comply with European data protection standards when they are transmitted to third countries (such as the USA) and stored there. Through these clauses, Facebook commits to complying with the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Facebook data processing terms that correspond to the standard contractual clauses can be found at https://www.facebook.com/legal/terms/dataprocessing.

To learn more about the data processed by using Facebook, please consult the Privacy Policy at https://www.facebook.com/about/privacy.

Instagram Privacy Policy

Instagram Privacy Policy Summary 👥 Data subjects: Visitors of the website 🤝 Purpose: Optimization of our service 📓 Processed data: Data such as user behavior data, information about your device, and your IP address. Further details can be found below in the Privacy Policy. 📅 Storage duration: Until Instagram no longer needs the data for its purposes ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate interests)

What is Instagram?

We have integrated functions from Instagram on our website. Instagram is a social media platform operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Since 2012, Instagram has been a subsidiary of Meta Platforms Inc. and is part of the Facebook products. Embedding Instagram content on our website is called embedding. This allows us to display content such as buttons, photos, or videos from Instagram directly on our website. When you access web pages of our web presence that have integrated an Instagram function, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is therefore processed across all Facebook companies.

Below, we would like to give you a more detailed insight into why Instagram collects data, what data is involved, and how you can largely control data processing. Since Instagram is part of Meta Platforms Inc., we obtain our information from both the Instagram policies and the Meta privacy policies.

Instagram is one of the most well-known social media networks worldwide. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to "Insta" (as many users casually call the platform), edit them with various filters, and also share them on other social networks. And if you don't want to be active yourself, you can also just follow interesting users.

Why do we use Instagram on our website?

Instagram is the social media platform that really took off in recent years. And of course, we have also reacted to this boom. We want you to feel as comfortable as possible on our website. Therefore, a varied presentation of our content is a matter of course for us. Through the embedded Instagram functions, we can enrich our content with helpful, funny, or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be useful for personalized advertising on Facebook. This way, our ads only reach people who are really interested in our products or services.

Instagram also uses the collected data for measurement and analysis purposes. We receive summarized statistics and thus gain more insight into your wishes and interests. It is important to mention that these reports do not identify you personally.

What data is stored by Instagram?

If you come across one of our pages that have embedded Instagram functions (such as Instagram images or plugins), your browser automatically connects to Instagram's servers. Data is sent, stored, and processed by Instagram. Regardless of whether you have an Instagram account or not. This includes information about our website, your computer, purchases made, ads you see, and how you use our offering. In addition, the date and time of your interaction with Instagram are also stored. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.

Facebook distinguishes between customer data and event data. We assume that this is also the case with Instagram. Customer data includes, for example, name, address, phone number, and IP address. This customer data will only be transmitted to Instagram after being "hashed". Hashing means that a data set is transformed into a character string. This makes it possible to encrypt the contact data. In addition, the aforementioned "event data" is also transmitted. Facebook - and therefore Instagram - understands event data to be data about your user behavior. It can also happen that contact data is combined with event data. The collected contact data is compared with the data that Instagram already has from you.

The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram features used and whether you have an Instagram account yourself, different amounts of data are stored.

We assume that data processing works the same way on Instagram as it does on Facebook. This means that if you have an Instagram account or have visited www.instagram.com, Instagram has at least set a cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. These data are deleted or anonymized at the latest after 90 days (after comparison). Although we have intensively dealt with Instagram's data processing, we cannot say exactly which data Instagram collects and stores.

Below we show you cookies that are set in your browser at a minimum when you click on an Instagram function (such as a button or an Insta image). In our test, we assume that you do not have an Instagram account. If you are logged into Instagram, significantly more cookies will of course be set in your browser.

These cookies were used in our test:

Name: csrftoken
Value: “”
Purpose: This cookie is most likely set for security reasons to prevent forgery of requests. However, we could not find out more information about it.
Expiration date: after one year

Name: mid
Value: “”
Purpose: Instagram sets this cookie to optimize its own services and offerings within and outside of Instagram. The cookie sets a unique user ID.
Expiration date: after the session ends

Name: fbsr_112492029124024
Value: no information
Purpose: This cookie stores the login request for users of the Instagram app.
Expiration date: after the session ends

Name: rur
Value: ATN
Purpose: This is an Instagram cookie that ensures functionality on Instagram.
Expiration date: after the session ends

Name: urlgen
Value: “{”194.96.75.33”: 1901}:1iEtYv:Y833k2_UjKvXgYe112492029”
Purpose: This cookie is used for Instagram marketing purposes.
Expiration date: after the session ends

Note: We cannot claim completeness here. The cookies that are set in individual cases depend on the embedded functions and your use of Instagram.

How long and where are the data stored?

Instagram shares the information it receives between Facebook companies, external partners, and people you connect with worldwide. Data processing is carried out in compliance with its own data policy. Your data is distributed, among other things for security reasons, on Facebook servers all over the world. Most of these servers are located in the United States.

How can I delete my data or prevent data storage?

Thanks to the General Data Protection Regulation, you have the right to information, portability, correction, and deletion of your data. You can manage your data in the Instagram settings. If you want to completely delete your data on Instagram, you must permanently delete your Instagram account.

And this is how you delete your Instagram account:

First, open the Instagram app. On your profile page, scroll down and click on "Help Center." Now you will be taken to the company's website. Click on "Managing Your Account" on the website and then click on "Delete Your Account."

If you delete your account completely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and will therefore not be deleted.

As already mentioned above, Instagram primarily stores your data through cookies. You can manage, disable or delete these cookies in your browser. Depending on your browser, the management works a bit differently. Under the "Cookies" section, you will find the corresponding links to the instructions for the most well-known browsers.

You can also generally set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Legal Basis

If you have consented to the processing and storage of data from you through embedded social media elements, this consent shall be considered as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In general, your data is also stored and processed on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) in a fast and good communication with you or other customers and business partners. However, we only use the embedded social media elements if you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our privacy text on cookies carefully and view the privacy policy or cookie guidelines of the respective service provider.

Instagram or Facebook processes data, among other things, in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks for the legality and security of data processing.

As a basis for data processing for recipients located in third countries (outside of the European Union, Iceland, Liechtenstein, Norway, and especially in the United States) or for data transfers to such countries, Facebook uses EU Commission approved standard contractual clauses (= Art. 46. Abs. 2 and 3 GDPR). These clauses oblige Facebook to comply with EU data protection standards for the processing of relevant data outside of the EU as well. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses, among other things, here: https://germany.representation.ec.europa.eu/index_de.

We have tried to provide you with the most important information about data processing by Instagram. You can learn more about Instagram's data policies at https://help.instagram.com/519522125107875.

Pinterest Privacy Policy

Summary of the Pinterest Privacy Policy 👥 Data subjects: Visitors of the website 🤝 Purpose: Optimization of our service performance 📓 Processed data: Data such as data on user behavior, information about your device, your IP address and search terms. You can find more details about this in the privacy policy below. 📅 Storage period: Until Pinterest no longer needs the data for its purposes ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate interests)

What is Pinterest?

We use buttons and widgets from the social media network Pinterest, owned by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA, on our website. For the European region, the Irish company Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) is responsible for all data protection-related aspects.

Pinterest is a social network that specializes in graphical representations or photographs. The name is a combination of the words "pin" and "interest." Users can exchange information about various hobbies and interests on Pinterest and view each other's profiles with pictures openly or in defined groups.

Why do we use Pinterest?

Pinterest has been around for several years and is still one of the most visited and respected social media platforms. Pinterest is particularly suitable for our industry because the platform is primarily known for beautiful and interesting pictures. Therefore, we are also represented on Pinterest and want to showcase our content appropriately off our website as well. The collected data can also be used for advertising purposes so that we can show advertising messages to those who are interested in our services or products.

What data is processed by Pinterest?

Protocol data may be stored, including information about your browser, IP address, the address of our website, and the activities performed on it (such as clicking the save or pin button), search history, date and time of the request, and cookie and device data. When you interact with an embedded Pinterest function, cookies may also be set in your browser, storing various data. Typically, the aforementioned protocol data, preset language settings, and clickstream data are stored in cookies. Clickstream data refers to information about your website behavior on Pinterest.

If you have a Pinterest account and are logged in, the data collected through our site may be added to your account and used for advertising purposes. When you interact with our embedded Pinterest functions, you will typically be redirected to the Pinterest site. Here is a representative selection of cookies that may be set in your browser:

Name: _auth
Value: 0
Purpose: The cookie is used for authentication. For example, a value such as your "username" can be stored in it. 
Expiration Date: after one year

Name: _pinterest_referrer
Value: 1
Purpose: The cookie stores that you reached Pinterest via our website. The URL of our website is therefore stored.
Expiration Date: after the end of the session

Name: _pinterest_sess
Value: …9HRHZvVE0rQlUxdG89
Purpose: The cookie is used for logging into Pinterest and contains user IDs, authentication tokens, and timestamps.
Expiration Date: after one year

Name: _routing_id
Value: “8d850ddd-4fb8-499c-961c-77efae9d4065112492029-8”
Purpose: The cookie contains an assigned value used to identify a specific routing target.
Expiration Date: after one day

Name: cm_sub
Value: denied
Purpose: This cookie stores a user ID and timestamp.
Expiration Date: after one year

Name: csrftoken
Value: 9e49145c82a93d34fd933b0fd8446165112492029-1
Purpose: This cookie is likely set for security reasons to prevent forgery of requests. However, we could not find more detailed information about it.
Expiration Date: after one year

Name: sessionFunnelEventLogged
Value: 1
Purpose: We could not find more information about this cookie.
Expiration date: after one day

How long and where will the data be stored?

Pinterest generally stores the collected data until it is no longer needed for the purposes of the company. Once data retention is no longer necessary, for example to comply with legal requirements, the data will be deleted or anonymized so that you cannot be identified as an individual. The data may also be stored on American servers.

Right of objection

You also have the right and the option to revoke your consent to the use of cookies or third-party providers such as Pinterest at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent the collection of data by cookies by managing, disabling, or deleting cookies in your browser.

As cookies may be used in embedded Pinterest elements, we also recommend reading our general privacy policy on cookies. To find out exactly what data about you is being stored and processed, you should read the privacy policies of the respective tools.

Legal basis

If you have given consent for data about you to be processed and stored through embedded social media elements, this consent serves as the legal basis for data processing (Art. 6(1)(a) GDPR). Generally, your data is also stored and processed based on our legitimate interest (Art. 6(1)(f) GDPR) in communicating quickly and effectively with you or other customers and business partners. However, we only use the tool if you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our cookie privacy text carefully and view the privacy policy or cookie policies of the respective service providers.

Pinterest also processes data from you, among other places, in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks for the legality and security of data processing.

As the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. especially in the USA) or for data transfers to these countries, Pinterest uses so-called standard contractual clauses (= Art. 46(2) and (3) GDPR). Standard contractual clauses (SCCs) are template agreements provided by the European Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to third countries (such as the USA) and stored there. Through these clauses, Pinterest undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision by the European Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

For more information on the standard contract clauses at Pinterest, please visit https://policy.pinterest.com/en/privacy-policy#section-residents-of-the-eea.

We have attempted to provide you with the most important information about data processing by Pinterest. You can learn more about Pinterest's data policies at https://policy.pinterest.com/en/privacy-policy.

Twitter Privacy Policy

Twitter Privacy Policy Summary 👥 Data subjects: Website visitors 🤝 Purpose: Optimization of our service 📓 Processed data: Data such as user behavior data, information about your device, and your IP address. You can find more details on this in the privacy policy below. 📅 Storage period: Twitter deletes collected data from other websites no later than 30 days ⚖️ Legal basis: Art. 6 para. 1 lit. a DSGVO (Consent), Art. 6 para. 1 lit. f DSGVO (Legitimate interests)

What is Twitter?

On our website, we have integrated features of Twitter, such as embedded tweets, timelines, buttons, or hashtags. Twitter is a short message service and social media platform operated by Twitter Inc., One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.

To our knowledge, no personal data or data about your web activities is transferred to Twitter merely by integrating Twitter functions in the European Economic Area and Switzerland. Only when you interact with Twitter functions, such as clicking on a button, data can be sent to Twitter, stored and processed there. We have no influence on this data processing and bear no responsibility. Within this privacy policy, we want to provide you with an overview of what data Twitter stores, what Twitter does with this data, and how you can protect yourself from data transfer.

For some, Twitter is a news service, for others, a social media platform, and for others still, a microblogging service. All of these designations have their justification and mean more or less the same thing.

Both individuals and businesses use Twitter to communicate with interested parties through short messages. Twitter allows only 280 characters per message, which are called "tweets." Unlike Facebook, for example, the service does not focus on building a network of "friends" but wants to be understood as a global and open news platform. On Twitter, one can also maintain an anonymous account, and tweets can be deleted by both the company and the users themselves.

Why do we use Twitter on our website?

Like many other websites and businesses, we try to offer our services and communicate with our customers through various channels. Specifically, Twitter has become a useful "little" news service for us. We tweet or retweet exciting, funny, or interesting content again and again. We understand that you can't follow every channel individually. After all, you have other things to do. That's why we have incorporated Twitter functions on our website. You can witness our Twitter activity "on site" or come to our Twitter page through a direct link. By incorporating it, we want to strengthen our service and user-friendliness on our website.

What data is stored by Twitter?

On some of our sub-pages, you will find the built-in Twitter functions. If you interact with the Twitter content, such as clicking on a button, Twitter can capture and store data. Even if you do not have a Twitter account yourself, Twitter calls this data "log data". This includes demographic data, browser cookie IDs, the ID of your smartphone, hashed email addresses, and information about which pages you visited on Twitter and which actions you took. Twitter naturally stores more data if you have a Twitter account and are logged in. This storage usually happens via cookies. Cookies are small text files that are usually set in your browser and transmit different information to Twitter.

We will now show you which cookies are set when you are not logged into Twitter but visit a website with built-in Twitter functions. Please consider this list as an example. We cannot guarantee completeness here because the choice of cookies is always changing and depends on your individual actions with the Twitter content.

These cookies were used in our test:

Name: personalization_id
Value: “v1_cSJIsogU51SeE112492029”
Purpose: This cookie stores information about how you use the website and which ads you may have clicked on to get to Twitter.
Expiration date: after 2 years

Name: lang
Value: de
Purpose: This cookie stores your default or preferred language.
Expiration date: after the end of the session

Name: guest_id
Value: 112492029v1%3A157132626
Purpose: This cookie is set to identify you as a guest. 
Expiration date: after 2 years

Name: fm
Value: 0
Purpose: Unfortunately, we could not determine the purpose of this cookie.
Expiration date: after the end of the session

Name: external_referer
Value: 1124920292beTA0sf5lkMrlGt
Purpose: This cookie collects anonymous data, such as how often you visit Twitter and how long you visit Twitter.
Expiration date: after 6 days

Name: eu_cn
Value: 1
Purpose: This cookie stores user activity and serves various advertising purposes for Twitter.
Expiration date: after one year

Name: ct0
Value: c1179f07163a365d2ed7aad84c99d966
Purpose: Unfortunately, we could not find any information about this cookie.
Expiration date: after 6 hours

Name: _twitter_sess
Value: 53D%253D–dd0248112492029-
Purpose: This cookie allows you to use features within the Twitter website.
Expiration date: after session ends

Note: Twitter also works with third-party providers. That's why during our test we also identified the three Google Analytics cookies _ga, _gat, _gid.

Twitter uses the collected data to better understand user behavior and thus improve its own services and advertising offers, as well as for internal security measures.

How long and where are the data stored?

When Twitter collects data from other websites, it is deleted, aggregated, or otherwise obscured after a maximum of 30 days. The Twitter servers are located in various server centers in the United States. Therefore, it can be assumed that the collected data is collected and stored in America. According to our research, we could not definitively determine whether Twitter also has its own servers in Europe. In principle, Twitter can store the collected data until it is no longer useful to the company, you delete the data, or there is a legal retention period.

How can I delete my data or prevent data storage?

Twitter emphasizes in its privacy policy that it does not store data from external website visits if you or your browser are located in the European Economic Area or Switzerland. However, if you interact directly with Twitter, Twitter will of course also store data from you.

If you have a Twitter account, you can manage your data by clicking on the "More" button under the "Profile" button. Then click on "Settings and Privacy". Here you can manage data processing individually.

If you do not have a Twitter account, you can go to twitter.com and click on "Customization". Under the "Customization and Data" section, you can manage your collected data.

As mentioned above, most data is stored via cookies, which you can manage, deactivate or delete in your browser. Please note that you can only "edit" cookies in the browser you have chosen. That means: if you use a different browser in the future, you will have to manage your cookies there again according to your wishes. Under the "Cookies" section, you will find the corresponding links to the instructions for the most popular browsers.

You can also manage your browser so that you are informed about each individual cookie. Then you can always decide individually whether to allow a cookie or not.

Twitter also uses the data for personalized advertising both on and off Twitter. In the settings under "Personalization and Data", you can turn off personalized advertising. If you use Twitter on a browser, you can disable personalized advertising at https://optout.aboutads.info/?c=2&lang=EN.

Legal basis

If you have consented to the processing and storage of data from you through integrated social media elements, this consent constitutes the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in quick and effective communication with you or other customers and business partners. However, we only use integrated social media elements if you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our privacy policy on cookies carefully and review the privacy policy or cookie policy of the respective service provider.

Twitter also processes data from you in the USA, among other places. We would like to point out that according to the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can entail various risks for the lawfulness and security of data processing.

Twitter uses so-called standard contractual clauses (= Art. 46 para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or for data transfers to such countries. Standard contractual clauses (SCC) are model contracts provided by the European Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to third countries (such as the USA) and stored there. Through these clauses, Twitter commits to complying with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en

You can find more information about the standard contractual clauses at Twitter under https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

We hope we have given you a basic overview of data processing by Twitter. We do not receive any data from Twitter and do not assume any responsibility for what Twitter does with your data. If you have further questions on this topic, we recommend consulting Twitter's privacy policy at https://twitter.com/de/privacy.

Blogs and Publications Privacy Policy Summary

Blogs and Publications Privacy Policy Summary 👥 Data Subjects: Visitors of the website 🤝 Purpose: Display and optimization of our services, communication between website visitors, security measures, and administration 📓 Processed Data: Data such as contact information, IP address, and published content. More details can be found in the tools used. 📅 Storage Period: Depends on the tools used ⚖️ Legal Bases: Art. 6 (1) lit. a GDPR (Consent), Art. 6 (1) lit. f GDPR (Legitimate Interests), Art. 6 (1) sentence 1 lit. b GDPR (Contract)

What are blogs and publication media?

We use blogs or other communication tools on our website to communicate with you and for you to communicate with us. In this process, data from you may be stored and processed by us. This may be necessary to display content appropriately, to enable communication, and to increase security. In our privacy policy, we generally describe which data from you may be processed. Exact information about data processing always depends on the tools and features used. The privacy policies of individual providers provide precise information about data processing.

Why do we use blogs and publication media?

Our primary goal with our website is to provide you with interesting and exciting content while also valuing your opinions and contributions. Therefore, we want to create a good interactive exchange between us and you. With various blogs and publication options, we can achieve just that. For example, you can write comments on our content, comment on other comments, or even write your own contributions in some cases.

What data is processed?

What data is exactly processed always depends on the communication functions we use. Very often, the IP address, username, and published content are stored. This is primarily done to ensure security, prevent spam, and take action against illegal content. Cookies may also be used for data storage. These are small text files stored with information in your browser. For more information on the data collected and stored, please refer to our individual sections and the privacy policy of the respective provider.

Duration of data processing

We will inform you below about the duration of data processing, provided that we have further information on this. For example, post and comment functions store data until you revoke the data storage. In general, personal data is only stored for as long as it is absolutely necessary to provide our services.

Right to object

You also have the right and the possibility to revoke your consent to the use of cookies or third-party communication tools at any time. This can be done either via our cookie management tool or other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

As cookies may also be used in publishing media, we also recommend our general privacy policy on cookies. To find out exactly what data about you is stored and processed, you should read the privacy policies of the respective tools.

Legal basis

We primarily use communication tools based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers, business partners, and visitors. To the extent that the use serves the processing of contractual relationships or their initiation, the legal basis is also Art. 6 para. 1 sentence 1 lit. b GDPR.

Certain processing, especially the use of cookies as well as the use of comment or messaging functions, requires your consent. If and to the extent that you have consented to data about you being processed and stored by embedded publishing media, this consent shall be the legal basis for the data processing (Art. 6 para. 1 lit. a GDPR). Most of the communication functions we use set cookies in your browser to store data. Therefore, we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policies of the respective service provider.

You will find information about specific tools in the following sections, if available.

Online Marketing Introduction

Online Marketing Privacy Policy Summary 👥 Data subjects: visitors to the website 🤝 Purpose: Evaluation of visitor information to optimize the web offering. 📓 Processed data: Access statistics containing data such as locations of access, device data, access duration and time, navigation behavior, click behavior and IP addresses. Personal data such as name or email address can also be processed. More details can be found in the respective online marketing tool in use. 📅 Storage period: depends on the online marketing tools used ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests)

What is online marketing?

Online marketing refers to all measures taken online to achieve marketing goals such as increasing brand awareness or closing a business deal. Furthermore, our online marketing measures aim to draw attention to our website. Therefore, we conduct online marketing to showcase our offer to many interested people. Most often, this involves online advertising, content marketing, or search engine optimization. To efficiently and purposefully use online marketing, personal data is also stored and processed. On the one hand, the data helps us to only show our content to those people who are actually interested in it, and on the other hand, we can measure the advertising success of our online marketing measures.

Why do we use online marketing tools?

We want to show our website to everyone who is interested in our offer. We are aware that this is not possible without consciously set measures. That is why we do online marketing. There are various tools that make our work on our online marketing measures easier and also provide improvement suggestions through data. This way, we can target our campaigns more precisely to our target group. The purpose of these used online marketing tools is ultimately to optimize our offer.

What data is processed?

In order for our online marketing to work and the success of the measures to be measured, user profiles are created and data is stored, for example, in cookies (which are small text files). With the help of this data, we can not only display advertising in a classical sense, but also display our content on our website as you prefer it. There are various third-party tools that offer these functions and accordingly also collect and store data from you. For example, the named cookies store which pages you have visited on our website, how long you have viewed these pages, which links or buttons you click, or from which website you came to us. In addition, technical information can also be stored. For example, your IP address, which browser you are using, from which end device you are visiting our website or the time when you accessed and left our website. If you have agreed that we may also determine your location, we can also store and process this.

Your IP address is stored in pseudonymized form (i.e. shortened). Unique data that directly identifies you as a person, such as name, address, or email address, are also only stored in pseudonymized form as part of advertising and online marketing procedures. So we cannot identify you as a person, but we only have the pseudonymized information stored in the user profiles.

The cookies can also be used, analyzed and used for advertising purposes on other websites that use the same advertising tools. The data can then also be stored on the servers of the advertising tool providers.

In exceptional cases, unique data (names, email addresses, etc.) can also be stored in user profiles. This storage occurs, for example, if you are a member of a social media channel that we use for our online marketing measures and the network links previously received data with the user profile.

With all advertising tools that store data from you on their servers, we always receive only aggregated information and never data that identifies you as an individual. The data only shows how well-placed advertising measures worked. For example, we see which measures prompted you or other users to come to our website and purchase a service or product there. Based on the analyses, we can improve our advertising offer in the future and adapt it even more precisely to the needs and wishes of interested parties.

Duration of data processing

We will inform you below about the duration of data processing, if we have further information on this. In general, we process personal data only as long as it is absolutely necessary for the provision of our services and products. Data that is stored in cookies is stored for different periods of time. Some cookies are deleted as soon as you leave the website, while others can be stored in your browser for several years. In the respective data protection declarations of each provider, you will generally find detailed information about the individual cookies used by the provider.

Right to object

You have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser. The lawfulness of processing prior to revocation remains unaffected.

Since cookies are typically used in online marketing tools, we also recommend that you read our general privacy policy on cookies. To find out exactly what data is stored and processed about you, you should read the privacy policies of the respective tools.

On our website the following optional cookies in the category "Advertisement" are set after your consent:

Name: test_cookie
Category: Advertisement
Domain: .doubleclick.net
Purpose: doubleclick.net sets this cookie to determine if the user's browser supports cookies.
Expiration date: after 15 minutes

Name: __gads
Category: Advertisement
Purpose: Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.
Expiration date: after 1 year 24 days

Name: __gpi
Category: Advertisement
Purpose: Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.
Expiration date: after 1 year 24 days

Name: GoogleAdServingTest
Category: Advertisement
Purpose: Google sets this cookie to determine what ads have been shown to the website visitor.
Expiration date: after session

Legal basis

If you have consented to the use of third-party providers, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent represents the legal basis for the processing of personal data, as it may occur when using online marketing tools.

From our side, there is also a legitimate interest in measuring online marketing measures in an anonymized form in order to optimize our offer and measures using the data obtained. The corresponding legal basis is Art. 6 para. 1 lit. f GDPR (Legitimate interests). However, we only use the tools if you have given your consent.

Information about specific online marketing tools can be found - if available - in the following sections.

Adcash Privacy Policy

On our website we utilize the services from the online-advertising-network Adcash OÜ for displaying advertisements. The provider is registered at Kentmanni 4, 10116 Tallinn, Estonia. As a third-party-webservice, Adcash may use cookies on publisher sites displaying ads or use web beacons to collect information, for example to measure usage statistics, over which we have no control.

According to Adcash's privacy policy, no personally identifiable information is collected or used. Information that is collected may include session data, geography, browser information, IP address, operating system type, content preferences or website usage behavior and frequency. Adcash may share the data which is collected using IP tracking, cookies and pixel tags to their customers only in the form of anonymous statistics so that it contains no personally identifiable information.

PayPal Marketing Solutions Privacy Policy

We use PayPal Marketing Solutions, a sales optimization tool, on our website. The service provider is the American company PayPal Pte. Ltd, 2211 North First Street, San Jose, California 95131, USA.

PayPal processes data from you, among other things, in the USA. We would like to point out that in the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This can be associated with various risks for the legality and security of data processing.

As a basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or for data transfers to such countries, PayPal uses so-called standard contractual clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard contractual clauses (Standard Contractual Clauses - SCC) are sample templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards when they are transferred to and stored in third countries (such as the USA). Through these clauses, PayPal undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

For more information on the standard contractual clauses and the data processed through the use of PayPal Marketing Solutions, please see the privacy policy at https://www.paypal.com/webapps/mpp/ua/privacy-full.

Content Delivery Networks Introduction

Content Delivery Networks Privacy Policy Summary 👥 Data subjects: Visitors to the website 🤝 Purpose: Optimization of our service performance (to be able to load the website faster) 📓 Processed data: Data such as your IP address For more details on this, please see the individual privacy policies below. 📅 Storage period: Most data will be stored until they are no longer needed to provide the service. ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is a Content Delivery Network?

We use a Content Delivery Network (CDN) on our website. A CDN helps us load our website quickly and easily regardless of your location. In doing so, personal data about you is stored, managed, and processed on the servers of the CDN provider used. Below, we provide general information on the service and its data processing. For detailed information on how your data is handled, please refer to the privacy policy of the provider.

Each Content Delivery Network (CDN) is a network of regionally distributed servers connected to each other via the Internet. This network enables content from websites (especially very large files) to be delivered quickly and smoothly, even during high traffic peaks. The CDN creates a copy of our website on its servers. As these servers are distributed worldwide, the website can be delivered quickly. As a result, data transmission to your browser is significantly reduced by the CDN.

Why do we use a Content Delivery Network for our website?

A fast loading website is part of our service. We know how annoying it is when a website loads at a snail's pace. Usually, one loses patience and leaves before the website has fully loaded. We want to avoid that, of course. Therefore, a fast loading website is a natural part of our website offering. With a Content Delivery Network, our website loads significantly faster in your browser. The use of CDN is particularly helpful when you are abroad because the website is delivered from a server near you.

Which data is processed?

When you request a website or its contents and they are cached in a CDN, the CDN forwards the request to the server closest to you, which then delivers the content. Content Delivery Networks are built to download JavaScript libraries and host them on npm and Github servers. Alternatively, most CDNs can also load WordPress plugins if they are hosted on WordPress.org. Your browser may send personal data to the Content Delivery Network we use. This includes data such as IP address, browser type, browser version, which website is being loaded, or the time and date of the page visit. This data is collected and stored by the CDN. Whether cookies are used for data storage depends on the network used. Please read the privacy policies of the respective services for more information.

Right to object

If you want to completely block this data transfer, you can install a JavaScript blocker (see, for example, https://noscript.net/) on your PC. Of course, our website can no longer provide the usual service (such as fast loading speed).

Legal basis

If you have consented to the use of a Content Delivery Network, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent is the legal basis for the processing of personal data that may occur when collected by a Content Delivery Network.

From our side, there is also a legitimate interest in using a Content Delivery Network to optimize and make our online service more secure. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate interests). However, we only use the tool if you have given your consent.

Information about specific Content Delivery Networks is available - if available - in the following sections.

Cloudflare Privacy Policy

Cloudflare Privacy Policy Summary 👥 Data subjects: Visitors to the website 🤝 Purpose: Optimization of our service performance (to be able to load the website faster) 📓 Processed data: Data such as IP address, contact and protocol information, security fingerprints, and performance data for websites For more details, see below in this privacy policy. 📅 Storage duration: most data is stored for less than 24 hours ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate interests)

What is Cloudflare?

On this website, we use Cloudflare from the company Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) to make our website faster and more secure. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an American company that provides a content delivery network and various security services. These services are located between the user and our hosting provider. We'll explain exactly what all this means below.

A content delivery network (CDN), like the one provided by Cloudflare, is nothing more than a network of connected servers. Cloudflare has distributed such servers around the world to bring websites to your screen faster. Simply put, Cloudflare creates copies of our website and places them on its own servers. When you visit our website, a load balancing system ensures that the bulk of our website is delivered by the server that can display our website to you the fastest. The distance of data transmission to your browser is significantly reduced by a CDN. Therefore, Cloudflare delivers the content of our website not only from our hosting server but also from servers around the world. The use of Cloudflare is particularly helpful for users abroad, as the page can be delivered from a server nearby. In addition to fast delivery of web pages, Cloudflare also provides various security services such as DDoS protection or web application firewall.

Why do we use Cloudflare on our website?

Of course, we want to offer you the best possible service with our website. Cloudflare helps us to make our website faster and more secure. Cloudflare offers us both web optimizations and security services such as DDoS protection and web firewall. This includes a reverse proxy and the content distribution network (CDN). Cloudflare blocks threats and limits abusive bots and crawlers that waste our bandwidth and server resources. By caching our website on local data centers and blocking spam software, Cloudflare enables us to reduce our bandwidth usage by about 60%. Providing content through a data center near you and some web optimizations performed there reduces the average load time of a website by about half. By enabling "I'm Under Attack Mode," Cloudflare claims that additional attacks can be mitigated by displaying a JavaScript calculation that the user must solve before accessing a website. Overall, this makes our website significantly more powerful and less vulnerable to spam or other attacks.

What data is processed by Cloudflare?

Generally, Cloudflare only forwards data that is controlled by website operators. The content is therefore not determined by Cloudflare, but always by the website operator themselves. In addition, under certain circumstances, Cloudflare may collect certain information about the use of our website and process data that we have sent or for which Cloudflare has received appropriate instructions. In most cases, Cloudflare receives data such as IP address, contact and protocol information, security fingerprints, and performance data for websites. Log data, for example, helps Cloudflare detect new threats. This enables Cloudflare to provide a high level of security protection for our website. Cloudflare processes this data in the context of its services in compliance with applicable laws, including the General Data Protection Regulation (GDPR). Cloudflare also works with third parties who may only process personal data on behalf of the company and in accordance with its privacy policies and other confidentiality and security measures. Without explicit consent from us, Cloudflare does not disclose any personal data.

How long and where is the data stored?

Cloudflare primarily stores your information in the United States and the European Economic Area. Cloudflare may transfer and access the above-described information from around the world. In general, Cloudflare stores data on a user level for domains in the Free, Pro, and Business versions for less than 24 hours. For Enterprise domains that have enabled Cloudflare Logs (formerly Enterprise LogShare or ELS), data can be stored for up to 7 days. However, if IP addresses trigger security alerts at Cloudflare, exceptions to the storage period mentioned above may occur.

How can I delete my data or prevent data storage?

Cloudflare only keeps data logs for as long as necessary, and in most cases, this data is deleted within 24 hours. Cloudflare also does not store any personally identifiable information, such as your IP address. However, there is some information that Cloudflare stores indefinitely as part of its permanent logs in order to improve the overall performance of Cloudflare Resolver and to detect any security risks. You can read about the specific permanent logs that are stored on https://www.cloudflare.com/application/privacypolicy/. All data that Cloudflare collects (temporary or permanent) is scrubbed of any personally identifiable information. Additionally, all permanent logs are anonymized by Cloudflare.

In its privacy policy, Cloudflare states that it is not responsible for the content it receives. For example, if you ask Cloudflare to update or delete your content, Cloudflare will generally refer you back to us as the website operator. You can also completely prevent the collection and processing of your data by Cloudflare by disabling script code execution in your browser or by using a script blocker in your browser.

Legal basis

If you have consented to the use of Cloudflare, the legal basis for the corresponding data processing is this consent. This consent represents the legal basis for the processing of personal data, as may occur when collected by Cloudflare, according to Art. 6 (1) (a) GDPR (Consent).

Furthermore, we have a legitimate interest in using Cloudflare to optimize and secure our online service. The corresponding legal basis for this is Art. 6 (1) (f) GDPR (Legitimate interests). However, we only use Cloudflare to the extent that you have given your consent.

Cloudflare also processes data in the USA, among other places. We point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks for the lawfulness and security of data processing.

As a basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. especially in the USA) or for data transfers to such countries, Cloudflare uses standard contractual clauses approved by the European Commission (= Art. 46 (2) and (3) GDPR). These clauses oblige Cloudflare to comply with the level of data protection in the EU when processing relevant data outside the EU. These clauses are based on an implementing decision of the European Commission. You can find the decision and the clauses, among other things, here: https://germany.representation.ec.europa.eu/index_de.

For more information on data protection at Cloudflare, please visit https://www.cloudflare.com/privacypolicy/.

Imagekit.io Privacy Policy

We use Imagekit.io's image and media CDN on this website for storage, optimized delivery, and quick distribution of images. The provider is headquartered at 1201, Lords CGHS, Plot -7 Sector-19B, Dwarka, New Delhi- 110075, India.

Learn more about data processing at Imagekit.io in the Privacy Policy and in the GDPR Statement.

Audio & Video Introduction

Summary of Audio & Video Privacy Policy 👥 Affected parties: Website visitors 🤝 Purpose: Optimization of our service performance 📓 Processed data: Data such as contact information, user behavior data, information about your device, and your IP address may be stored. More details can be found in the corresponding privacy texts below. 📅 Storage period: Data is generally stored for as long as it is necessary for the service purpose ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are audio and video elements?

We have integrated audio and video elements on our website to allow you to directly watch videos or listen to music/podcasts. The contents are provided by service providers and are also sourced from their servers.

These are embedded functional elements from platforms such as YouTube, Vimeo, or Spotify. The use of these platforms is usually free, but paid content can also be published. With the help of these embedded elements, you can listen to or watch the respective content on our website.

When you use audio or video elements on our website, personal data about you may be transmitted, processed, and stored by the service providers.

Why do we use audio and video elements on our website?

Of course, we want to provide you with the best content on our website. And we are aware that content is no longer conveyed in just text and static images. Instead of simply providing you with a link to a video, we offer you audio and video formats directly on our website that are entertaining, informative, and ideally both. This expands our service and makes it easier for you to access interesting content. Therefore, we offer video and/or audio content in addition to our texts and images.

What data is stored through audio and video elements?

When you access a page on our website that has, for example, an embedded video, your server connects to the server of the service provider. Data from you is also transmitted to the third-party provider and stored there. Some data is collected and stored regardless of whether you have an account with the third-party provider or not. This usually includes your IP address, browser type, operating system, and other general information about your device. Most providers also gather information about your web activity. This includes session duration, bounce rate, which button you clicked on, or which website you used the service on. All of this information is usually stored using cookies or pixel tags (also called web beacons). Pseudonymized data is typically stored in cookies in your browser. You can always find out exactly which data is stored and processed in the privacy policy of the respective provider.

Duration of data processing

You can find out exactly how long the data is stored on the servers of the third-party providers either further down in the data protection text of the respective tool or in the data protection declaration of the provider. In general, personal data is always processed only for as long as it is absolutely necessary to provide our services or products. This usually also applies to third-party providers. You can usually assume that certain data will be stored on the servers of third-party providers for several years. Data can be stored in cookies for different lengths of time. Some cookies are deleted as soon as you leave the website, while others may be stored in your browser for several years.

Right to Object

You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either through our cookie management tool or through other opt-out functions. For example, you can prevent data collection by cookies by managing, disabling, or deleting cookies in your browser. The lawfulness of the processing until revocation remains unaffected.

Since cookies are usually also used through the integrated audio and video functions on our site, you should also read our general privacy policy regarding cookies. You can find out more about the handling and storage of your data in the privacy policies of the respective third-party providers.

Legal Basis

If you have consented to the processing and storage of data about you through integrated audio and video elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. However, we only use the integrated audio and video elements if you have given your consent.

Spotify Privacy Policy

We use Spotify, a tool for music and podcasts, on our website. The service provider is the Swedish company Spotify AB, Regeringsgatan 19, SE-111 53 Stockholm, Sweden. You can find out more about the data processed by using Spotify in the Privacy Policy at https://www.spotify.com/de/legal/privacy-policy/.

The following cookies are used by Spotify:

Name: sp_t
Category: functional
Purpose: The sp_t cookie is set by Spotify to implement audio content from Spotify on the website and also registers information on user interaction related to the audio content.
Expiration date: after 1 year

Name: sp_landing
Category: functional
Purpose: The sp_landing is set by Spotify to implement audio content from Spotify on the website and also registers information on user interaction related to the audio content.
Expiration date: after 1 day

Name: loglevel
Category: uncategorized
Purpose: No description available.
Expiration date: never

YouTube Privacy Policy

YouTube Privacy Policy Summary 👥 Affected persons: Visitors to the website 🤝 Purpose: Optimization of our service 📓 Processed data: Data such as contact details, user behavior data, information about your device and IP address may be stored. More details on this can be found further down in this privacy policy. 📅 Storage duration: Data is generally stored as long as it is necessary for the service purpose. ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is YouTube?

We have embedded YouTube videos on our website. This allows us to present interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you access a page on our website that has embedded a YouTube video, your browser automatically connects to the servers of YouTube or Google. Depending on the settings, various data is transmitted. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in the European Union.

Below we will explain in more detail which data is processed, why we have embedded YouTube videos, and how you can manage or delete your data.

On YouTube, users can watch, rate, comment on, and upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. In order to display videos on our website, YouTube provides a code snippet that we have embedded on our page.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to provide you with the best possible user experience on our website, and interesting videos are certainly a part of that. With our embedded videos, we provide you with additional helpful content in addition to our texts and images. In addition, our website is more easily found on the Google search engine thanks to the embedded videos. Even if we run Google Ads advertisements, Google can - thanks to the collected data - show these advertisements only to people who are interested in our offers.

What data is stored by YouTube?

When you visit one of our pages that has an embedded YouTube video, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually associate your interactions on our website with your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution, or your internet service provider. Additional data may include contact information, any ratings, sharing of content on social media, or adding to your favorites on YouTube.

If you are not signed in to a Google Account or a YouTube account, Google stores data with a unique identifier that is associated with your device, browser, or app. For example, your preferred language settings are maintained. However, many interaction data cannot be stored because fewer cookies are set.

In the following list, we show cookies that were set in a browser test. We show cookies that are set without a signed-in YouTube account, on the one hand, and cookies that are set with a signed-in account, on the other hand. The list cannot claim to be complete because user data always depends on interactions on YouTube.

Name: yt-remote-device-id
Category: Advertisement
Domain: youtube-nocookie.com
Purpose: YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
Expiration Date: never

Name: yt.innertube::nextId
Category: Advertisement
Domain: youtube-nocookie.com
Purpose: YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
Expiration Date: never

Name: yt-remote-connected-devices
Category: Advertisement
Domain: youtube-nocookie.com
Purpose: YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
Expiration Date: never

Name: yt.innertube::requests
Category: Advertisement
Domain: youtube-nocookie.com
Purpose: YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
Expiration Date: never

Name: YSC
Value: b9-CV6ojI5Y112492029-1
Purpose: This cookie registers a unique ID to store statistics of the viewed video.
Expiration Date: after session end

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics through PREF on how you use YouTube videos on our website.
Expiration Date: after 8 months

Name: GPS
Value: 1
Purpose: This cookie registers a unique ID on mobile devices to track GPS location.
Expiration date: after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie attempts to estimate the user's bandwidth on our websites (with embedded YouTube videos).
Expiration date: after 8 months

Additional cookies set when you are logged in with your YouTube account:

Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7112492029-
Purpose: This cookie is used to create a profile about your interests. The data is used for personalized advertising.
Expiration date: after 2 years

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Category: Analytics
Purpose: The cookie stores the user's consent status for the use of various Google services. CONSENT also serves security purposes to verify users and protect user data against unauthorized attacks. YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
Expiration date: after 2 years

Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile about your interests. This data helps to display personalized advertising.
Expiration date: after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information about your login data.
Expiration date: after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile about your interests.
Expiration date: after 2 years

Name: SID
Value: oQfNKjAsI112492029-
Purpose: This cookie stores your Google account ID and last login time in digitally signed and encrypted form.
Expiration date: after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information about how you use the website and what ads you may have seen before visiting our site.
Expiration date: after 3 months

How long and where are the data stored?

The data that YouTube receives and processes from you is stored on Google's servers. Most of these servers are located in America. You can see exactly where the Google data centers are located at https://www.google.com/about/datacenters/locations/?hl=en. Your data is distributed across the servers, making it faster to access and better protected against manipulation.

Google stores the collected data for different lengths of time. Some data can be deleted at any time, while other data is automatically deleted after a limited time, and still other data is stored by Google for a longer period of time. Some data (such as items from "My Activity", photos or documents, products) that are stored in your Google Account remain stored until you delete them. Even if you are not signed in to a Google Account, you can delete some data that is associated with your device, browser, or app.

How can I delete my data or prevent data storage?

Basically, you can manually delete data in your Google Account. With the automatic deletion function of location and activity data introduced in 2019, information is stored for either 3 or 18 months depending on your decision and then deleted.

Regardless of whether you have a Google Account or not, you can configure your browser to delete or disable cookies from Google. Depending on which browser you use, this works in different ways. Under the "Cookies" section, you will find the corresponding links to the instructions for the most popular browsers.

If you generally do not want cookies, you can set up your browser so that you are always informed when a cookie is to be set. This way you can decide for each individual cookie whether to allow it or not.

Legal basis

If you have consented to data about you being processed and stored by integrated YouTube elements, this consent shall constitute the legal basis for data processing (Art. 6 (1) (a) GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) in quick and good communication with you or other customers and business partners. Nevertheless, we only use the integrated YouTube elements if you have given your consent. YouTube also sets cookies in your browser to store data. Therefore, we recommend that you read our privacy policy on cookies carefully and view the privacy policy or cookie policies of the respective service provider.

YouTube also processes data, among other places, in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the lawfulness and security of data processing.

YouTube uses EU Commission-approved standard contract clauses (= Art. 46 para. 2 and 3 GDPR) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, in particular in the USA) or data transfers to such countries. These clauses oblige YouTube to comply with the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses, among other things, here: https://germany.representation.ec.europa.eu/index_de.

As YouTube is a subsidiary of Google, there is a joint privacy policy. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=de.

Web Design Introduction

Web Design Privacy Policy Summary 👥 Data subjects: visitors to the website 🤝 Purpose: Improving the user experience 📓 Processed data: The data processed largely depends on the services used. Typically, this includes IP address, technical data, language settings, browser version, screen resolution, and browser name. More details can be found in the privacy policies of the respective web design tools. 📅 Storage period: depends on the tools used ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate interests)

What is web design?

We use various tools on our website that serve our web design. Web design is not just about making our website look pretty, as is often assumed, but also about functionality and performance. However, of course, appropriate aesthetics are also one of the major goals of professional web design. Web design is a subfield of media design and deals with both the visual and structural and functional design of a website. The goal is to improve your experience on our website through web design. In web design jargon, this is referred to as user experience (UX) and usability. User experience encompasses all impressions and experiences that the website visitor experiences on a website. One sub-point of user experience is usability, which deals with the user-friendliness of a website. The focus is primarily on ensuring that content, sub-pages, or products are clearly structured and that you can easily and quickly find what you are looking for. In order to provide you with the best possible experience on our website, we also use so-called third-party web design tools. In this privacy policy, the category "web design" includes all services that improve the design of our website. These can be, for example, fonts, various plugins, or other embedded web design functions.

Why do we use web design tools?

How you perceive information on a website depends heavily on the structure, functionality, and visual perception of the website. Therefore, good and professional web design has become increasingly important for us. We are constantly working to improve our website and see this as an extended service for you as a website visitor. Furthermore, a beautiful and functioning website also has economic benefits for us. After all, you will only visit us and take advantage of our offers if you feel completely comfortable.

What data is stored by web design tools?

When you visit our website, web design elements may be integrated into our pages that can also process data. The exact data involved depends on the tools used. Below you can see exactly which tools we use for our website. We recommend that you also read the privacy policy of the tools used for more information about data processing. You will usually find information there about which data is processed, whether cookies are used, and how long the data is stored. For example, font styles like Google Fonts automatically transmit information such as language settings, IP address, browser version, browser screen resolution, and browser name to Google servers.

Duration of data processing

The duration of data processing is very individual and depends on the web design elements used. If cookies are used, for example, the retention period can last for only one minute or several years. Please inform yourself about this. We recommend that you read both our general section on cookies and the privacy policies of the tools used. There, you will usually find information about which cookies are used and what information is stored in them. For example, Google font files are stored for one year to improve website loading times. In general, data is only stored for as long as it is necessary to provide the service. Data can be stored longer in accordance with legal requirements.

Right of objection

You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. You can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. However, with web design elements (usually fonts), there are also data that cannot be easily deleted. This is the case when data is automatically collected and transmitted to a third-party provider (such as Google) directly when a page is called up. In this case, please contact the support of the corresponding provider. In the case of Google, you can reach support at https://support.google.com/?hl=de.

Legal basis

If you have consented to the use of web design tools, the legal basis for the corresponding data processing is this consent. This consent constitutes the legal basis for the processing of personal data, as may occur when web design tools are used, in accordance with Art. 6 para. 1 lit. a GDPR (consent). We also have a legitimate interest in improving the web design on our website. After all, we can only provide you with a beautiful and professional web offer. The corresponding legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interests). However, we only use web design tools if you have given your consent. We want to emphasize this again here.

You will find information on special web design tools in the following sections.

Web Design Tools Provider Privacy Policy

Below you will find the contact details of our external provider, whose web design tools were used to create this website. In addition to the information above, you can learn more about data processing here:

Namecheap, Inc.
4600 East Washington Street, Suite 305, Phoenix, AZ 85034, USA

Learn more about data processing at this provider in the privacy policy.

Explanation of Terms Used

We always strive to make our privacy policy as clear and understandable as possible. However, this is not always easy, especially when it comes to technical and legal topics. It often makes sense to use legal terms (such as personal data) or certain technical terms (such as cookies, IP address). But we don't want to use them without explanation. Below is an alphabetical list of important terms we have used in our privacy policy that we may not have adequately explained before. If these terms are taken from the GDPR and are definitions, we will also provide the GDPR texts here and may add our own explanations.

Supervisory Authority

Definition according to Article 4 of the GDPR

For the purposes of this Regulation:

"Supervisory authority" means an independent public authority which is established by a Member State in accordance with Article 51;

Explanation: "Supervisory authorities" are always independent state institutions, which in certain cases are also authorized to issue instructions. They serve to carry out the so-called state supervision and are located in ministries, special departments or other authorities. For data protection in Austria, there is an Austrian Data Protection Authority, and for Germany, each federal state has its own data protection authority.

Processor

Definition according to Article 4 of the GDPR:

For the purposes of this Regulation:

"processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Explanation: As a company and website owner, we are responsible for all data we process from you. In addition to controllers, there may also be so-called processors. This includes any company or person who processes personal data on our behalf. Processors can therefore include service providers such as tax consultants, as well as hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

Consent

Definition according to Article 4 of the GDPR:

For the purposes of this Regulation:

"Consent" of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

Explanation: Typically, such consent is obtained through a cookie consent tool on websites. You are probably familiar with this. Whenever you visit a website for the first time, you are usually asked through a banner whether you agree to data processing or consent. Usually, you can also make individual settings and thus decide for yourself which data processing you allow and which you do not. If you do not consent, no personal data about you may be processed. In principle, consent can also be given in writing, i.e., not through a tool.

Personal Data

Definition according to Article 4 of the GDPR

For the purposes of this Regulation:

"personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Explanation: Personal data are all those data that can identify you as a person. These are usually data such as:

• Name
• Address
• Email address
• Postal address
• Phone number
• Date of birth
• Identification numbers such as social security number, tax identification number, identity card number or student ID number
• Bank details such as account number, credit information, account balances, and more.

According to the European Court of Justice (ECJ), your IP address is also considered personal data. IT experts can use your IP address to at least determine the approximate location of your device and subsequently identify you as the connection holder. Therefore, the storage of an IP address also requires a legal basis in accordance with the GDPR. There are also so-called "special categories" of personal data that are particularly worthy of protection. These include:

• racial and ethnic origin
• political opinions
• religious or philosophical beliefs
• membership in trade unions
• genetic data such as data obtained from blood or saliva samples
• biometric data (information on psychological, physical or behavioral characteristics that can identify a person).
  health data
• Data on sexual orientation or sexual life

Profiling

Definition according to Article 4 of the GDPR

The term is defined in this regulation as:

"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

Explanation: Profiling involves gathering various information about a person to learn more about them. In the web domain, profiling is often used for advertising purposes or for credit checks. Web or ad analysis programs collect data on your behavior and interests on a website. This creates a specific user profile that can be used to target advertising to a specific audience.

 

Pseudonymisation

Definition according to Article 4 of the GDPR

The term is defined in this regulation as:

"Pseudonymisation" means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person;

Explanation: In our privacy policy, there is often talk of pseudonymized data. Through pseudonymized data, you as a person can no longer be identified, unless other information is added. However, you should not confuse pseudonymization with anonymization. With anonymization, all personal reference is eliminated, so that it can only be reconstructed through a disproportionately large technical effort.

 

Controller

Definition according to Article 4 of the GDPR

For the purposes of this Regulation:

‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

Explanation: In our case, we are responsible for the processing of your personal data and therefore the "controller". If we pass on collected data to other service providers for processing, they are "processors". An "order processing agreement (AVV)" must be signed for this.

 

Processing

Definition according to Article 4 of the GDPR

The term means:

"Processing" any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Note: When we talk about processing in our privacy policy, we mean any kind of data processing. This includes, as mentioned in the original GDPR statement above, not only collecting but also storing and processing data.

All texts are protected by copyright.

Source: Created with the Privacy policy generator from AdSimple

Translated. You can find the german version of our privacy policy here (Datenschutzerklaerung).