Privacy policy
Privacy policy
1. data protection at a glance
General notes
The following
notices
provide a simple overview of what happens to your personal data.
happens when you visit this website. Personal data are all data with which you are
can be personally identified. For detailed information on the subject of data protection
You to our privacy policy listed below this text.
Data collection on this website
Who is responsible for the data collection on this website?
Data processing on this website is carried out by the website operator. Whose contact details
can be found in the section “Notice about the responsible party” in this privacy policy.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be e.g.
data that you enter in a contact form.
Other data is collected automatically or with your consent when you visit the website through our IT systems.
captured These are mainly technical data (e. B. Internet browser, operating system or time of day
of the page call). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure error-free provision of the website. Other
Data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right at any time, free of charge, to obtain information about the origin, recipient and purpose of your
personal data that has been stored. You also have a right to request the correction or
request deletion of this data. If you have given consent for data processing,
you can revoke this consent at any time for the future. In addition, you have the right to request
request the restriction of the processing of your personal data in certain circumstances.
Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time with regard to this and other questions on the subject of data protection.
Third-party analytics and tools
When visiting this website, your surfing behavior can be statistically analyzed. This happens before
especially with so-called analysis programs.
Detailed information on these analysis programs can be found in the following
Privacy Policy.
2. hosting
External hosting
This website is hosted by an external service provider (hoster). The personal data that
collected on this website are stored on the hoster’s servers. Here it can be
IP addresses, contact requests, meta and communication data, contract data, contact data,
names, website accesses and other data generated via a website.
The use of the hoster takes place for the purpose of contract fulfillment towards our potential and
existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient
Provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).
Insofar as a corresponding consent has been requested, the processing is carried out exclusively on
Basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent to the storage
of cookies or access to information in the user’s terminal device (e.g., device fingerprinting) in the
within the meaning of the TTDSG. The consent can be revoked at any time.
Our hoster will process your data only insofar as this is necessary for the fulfillment of his service obligations.
is required and follow our instructions regarding this data.
We use the following hoster:
One.com Group AB
VAT no. SE559205240001
Org. no. 559205-2400
Carlsgatan 3
211 20 Malmö
Job processing
We have concluded an order processing agreement (AVV) with the above-mentioned provider.
This is a contract required by data protection law, which ensures that
this the personal data of our website visitors only according to our instructions and under
Processed in compliance with the GDPR.
3. general notes and mandatory information
Privacy
The operators of these pages take the protection of your personal data very seriously. We treat your
personal data confidentially and in accordance with the statutory data protection regulations as well as
of this privacy policy.
When you use this website, various personal data are collected.
Personal data is data with which you can be personally identified. The present
Privacy Policy explains what data we collect and what we use it for. It also explains how
and for what purpose this is done.
We would like to point out that data transmission via the Internet (e.g. communication by e-mail) is not
may have security vulnerabilities. Complete protection of data against access by third parties is not possible.
possible.
Note on the responsible entity
The responsible party for data processing on this website is:
Patrick Schmidt
Körnerstrasse 90
46047 Oberhausen
Phone: 015778771689
E-mail: schmidt.beratung@ok.de
The responsible entity is the natural or legal person who, alone or jointly with others, has control over
the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.)
decides
Storage duration
Insofar as no more specific storage period has been named within this data protection declaration, the following data will remain
Your personal data with us until the purpose for data processing ceases to apply. If you have a
legitimate request for deletion or revoke consent to data processing,
your data will be deleted, unless we have other legally permissible reasons for storing your
personal data (e.g., retention periods under tax or commercial law); in the
the latter case, the deletion takes place after these reasons cease to exist.
General information about the legal basis of data processing on this
Website
If you have consented to the data processing, we process your personal data on
Basis of Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a GDPR, insofar as special categories of data
according to Art. 9 par. 1 DSGVO are processed. In the event of express consent to the transfer
personal data to third countries, the data processing is also carried out on the basis of Art.
49 para. 1 lit. a GDPR. Insofar as you consent to the storage of cookies or to access to information in
your terminal device (e.g., via device fingerprinting), the data processing is also carried out
on the basis of § 25 para. 1 TTDSG. The consent can be revoked at any time. Are your data for
contract performance or for the execution of pre-contractual measures, we process your
Data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data insofar as these are
are necessary for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
The data processing may further be based on our legitimate interest according to Art. 6 para. 1 lit. f
DSGVO take place. The relevant legal bases in each individual case will be discussed in the following
paragraphs of this privacy policy.
Note on data transfer to the USA and other third countries
Among other things, we use tools from companies based in the USA or other
third countries that are not secure from a data protection perspective. When these tools are active, your
personal data is transferred to and processed in these third countries. We point out
that no level of data protection comparable to that in the EU can be guaranteed in these countries.
For example, U.S. companies are required to disclose personal data to security authorities
without you as the person concerned being able to take legal action against this. It can therefore not
U.S. authorities (e.g., intelligence agencies) cannot use your data stored on U.S. servers for the purpose of
process, evaluate and permanently store data for monitoring purposes. We have responded to this
Processing activities have no influence.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can use a
revoke consent already given at any time. The lawfulness of the actions taken until the revocation
Data processing remains unaffected by the revocation.
Right to object to the collection of data in special cases as well as to
Direct advertising (Art. 21 GDPR)
IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 ABS. 1 LIT. E OR F GDPR
YOU HAVE THE RIGHT TO WITHDRAW FROM THE CONTRACT AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR
SITUATION, OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA
THIS ALSO APPLIES TO AN OBJECTION BASED ON THESE PROVISIONS.
PROFILING. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED,
PLEASE REFER TO THIS PRIVACY POLICY. IF YOU OBJECT,
WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED, IT IS
UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING
DEMONSTRATE THAT THEIR INTERESTS, RIGHTS AND FREEDOMS ARE OVERRIDING OR THAT THE
PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING
LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 DSGVO).
YOUR PERSONAL DATA ARE PROCESSED IN ORDER TO CARRY OUT DIRECT ADVERTISING,
YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR DATA AT ANY TIME.
PERSONAL DATA CONCERNED FOR THE PURPOSE OF SUCH ADVERTISING
THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT ADVERTISING.
CONNECTION. IF YOU OBJECT, YOUR PERSONAL DATA WILL BE
SUBSEQUENTLY NO LONGER USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION
ACCORDING TO ART. 21 ABS. 2 GDPR).
Right of appeal to the competent supervisory authority
In the event of breaches of the GDPR, the data subjects shall have a right of appeal to a
supervisory authority, in particular in the Member State of their habitual residence, place of work
or of the place of the alleged infringement. The right of appeal exists without prejudice to other
administrative or judicial remedies.
Right to data portability
You have the right to withdraw data that we have collected on the basis of your consent or in performance of a contract.
automated, to itself or to a third party in a common, machine-readable format.
to be handed over. Insofar as you request the direct transfer of the data to another responsible
this will only be done insofar as it is technically feasible.
Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right at any time to free of charge
Information about your stored personal data, their origin and recipient and the
Purpose of the data processing and, if applicable, a right to rectify or delete this data. For this and
for further questions on the subject of personal data, you can contact us at any time.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data.
For this purpose, you can contact us at any time. The right to restriction of processing consists in
following cases:
- If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of erasure.
- If we no longer need your personal data, but you need it to exercise defense or assert legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
- If you file an objection pursuant to Art. 21 para. 1 DSGVO, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may – from
only with your consent or for the purpose of asserting, exercising or
defense of legal claims or for the protection of the rights of another natural or
legal person or for reasons of important public interest of the European Union or
of a Member State are processed.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, this site uses
For example, orders or inquiries that you send to us as the site operator use SSL or TLS encryption.
You can recognize an encrypted connection by the fact that the browser’s address bar is filled with
“http://” changes to “https://” and by the lock icon in your browser bar.
When SSL or TLS encryption is enabled, the data that you transmit to us cannot be
be read by third parties.
Encrypted payment on this website
If, after the conclusion of a contract with costs, there is an obligation to provide us with your payment data
(e.g. account number in the case of direct debit authorization), this data will be used for payment processing.
needed.
The payment transactions via the common means of payment (Visa/MasterCard, direct debit) are made
exclusively via an encrypted SSL or TLS connection. Detect an encrypted connection
The address bar of the browser changes from “http://” to “https://” and the lock symbol
in your browser line.
In the case of encrypted communication, your payment data that you transmit to us cannot be read by
third parties can be read.
4. data collection on this website
WordPress
Our website was created with the CMS
WordPress created. Like most website operators collects
WordPress.org non-personally identifiable information in the way that
Web browser and server normally
provide, such as the
Browser type, the language setting, the referring website and the date
and the time of each visitor request. The complete
WP Privacy Policy
can be found at https://de.wordpress.org/about/privacy/.
Cookies
Our Internet pages use so-called “cookies”. Cookies are small text files and are directed to
will not cause any damage to your terminal device. You will either temporarily for the duration of a session
(session cookies) or permanently (permanent cookies) stored on your terminal device. Session cookies
are automatically deleted after the end of your visit. Permanent cookies remain on your terminal device
stored until you delete it yourself or it is automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your end device if you
enter our site (third-party cookies). These enable us or you to use certain
Services of the third party company (e.g. cookies for processing payment services).
Cookies have various functions. Numerous cookies are technically necessary because certain
Website functions would not work without them (e. g. e.g. the shopping cart function or the display
of videos). Other cookies are used to evaluate user behavior or display advertising.
Cookies, which are used to carry out the electronic communication process, to provide
certain functions requested by you (e.g. for the shopping cart function) or for optimizing the
website (e.g. cookies for measuring web audience) are required (necessary cookies), are stored on
Basis of Art. 6 para. 1 lit. f DSGVO, unless another legal basis is specified.
The website operator has a legitimate interest in storing cookies necessary for the
technically error-free and optimized provision of its services. Provided consent to the
storage of cookies and comparable recognition technologies has been queried, the
Processing exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO and § 25 para. 1
TTDSG); the consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and
Allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general
and enable automatic deletion of cookies when closing the browser. At the
Disabling cookies may limit the functionality of this website.
Insofar as cookies are used by third parties or for analysis purposes, we will inform you of this.
inform you separately within the scope of this data protection declaration and, if necessary, request consent.
Contact form
If you send us inquiries via the contact form, the information you provide in the
Inquiry form including the contact details you provide there for the purpose of processing the inquiry.
and stored by us in the event of follow-up questions. We do not disclose this data without your
Consent further.
The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, provided that your request is associated with
related to the performance of a contract or for the performance of pre-contractual measures.
is required. In all other cases, the processing is based on our legitimate interest in the
effective processing of requests sent to us (Art. 6 para. 1 lit. f DSGVO) or based on your
Consent (Art. 6 para. 1 lit. a DSGVO) insofar as this has been requested; the consent can be revoked at any time.
revocable.
The data you enter in the contact form will remain with us until you ask us to delete it.
revoke your consent to the storage or the purpose for storing the data no longer applies.
(e.g. after processing your request has been completed). Mandatory legal provisions –
in particular retention periods – remain unaffected.
WP Indeed Ultimate Membership Pro
To submit and manage written bids, we use WP Indeed Ultimate Membership Pro, which you can use on our website to submit a
Create customer account and submit written bids, view and
can edit. Registration takes place via a
Double opt-in process so that you confirm your registration by e-mail
must. Some areas of our website are restricted to registered customers
reserved. You can also use our website without creating a
Use customer account. You can subsequently enter your customer data
edit, as well as delete your customer account altogether.
You can find more information here:
Request by e-mail, phone or fax
If you contact us by e-mail, phone or fax, your request including all resulting
(name, inquiry) for the purpose of processing your request.
stored and processed by us. We do not share this data without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, provided that your request is associated with
related to the performance of a contract or for the performance of pre-contractual measures.
is required. In all other cases, the processing is based on our legitimate interest in the
effective processing of requests sent to us (Art. 6 para. 1 lit. f DSGVO) or based on your
Consent (Art. 6 para. 1 lit. a DSGVO) insofar as this has been requested; consent can be given at any time.
revocable.
The data you send to us via contact requests will remain with us until you ask us to delete it.
revoke your consent to the storage or the purpose for storing the data no longer applies.
(e.g. after your request has been completed). Mandatory legal provisions –
in particular statutory retention periods – shall remain unaffected.
Registration on this website
You can register on this site to use additional features on the site. The for this
We use the data you enter only for the purpose of using the respective offer or service,
for which you have registered. The mandatory information requested during registration must be complete.
must be specified. Otherwise, we will reject the registration.
For important changes, for example in the scope of the offer or for technically necessary changes, use
we use the e-mail address provided during registration to inform you in this way.
The processing of the data entered during registration is carried out for the purpose of implementing the
the user relationship established by the registration and, if applicable, for the initiation of further contracts (Art.
6 para. 1 lit. b GDPR).
The data collected during registration will be stored by us for as long as you are on this website.
are registered and are subsequently deleted. Statutory retention periods remain unaffected.
Use of chatbots
We use chatbots to communicate with you. Chatbots are able to operate without human assistance
Respond to your questions and other input. For this purpose, the chatbots analyze, in addition to your input
further data in order to provide suitable answers (e. g. B. Names, email addresses, and other contact information,
Customer numbers and other identifiers, orders and chat histories). Furthermore, via the
Chatbot your IP address, log files, location information and other metadata are collected. This
Data is stored on the chatbot provider’s servers.
User profiles can be created based on the data collected. In addition, the data can be used to
advertising may be used, provided that the other legal requirements are met.
prerequisites (in particular consent) exist for this. For this purpose, the chatbots can be equipped with analytics
and advertising tools can be linked.
The collected data can also be used to improve our chatbots and their response behavior (machine learning).
The data entered by you in the course of communication will remain with us or the
Chatbot operator until you request us to delete it, revoke your consent to store it, or
the purpose for storing the data no longer applies (e.g. after processing your request has been completed).
Mandatory legal provisions – in particular retention periods – remain unaffected.
The legal basis for the use of chatbots is Art. 6 para. 1 lit. b GDPR, provided that the chatbot is used to
contract initiation or within the scope of contract performance is used. Provided that a corresponding
consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a
DSGVO and § 25 para. 1 TTDSG, insofar as the consent allows the storage of cookies or access to
information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The
Consent can be revoked at any time. In all other cases, the use is made on the basis of our
legitimate interest in the most effective customer communication possible (Art. 6 para. 1 lit. f DSGVO).
5. analysis tools and advertising
Google Tag Manager
We use the Google Tag Manager. Provider is Google Ireland Limited, Gordon House, Barrow
Street, Dublin 4, Ireland.
Google Tag Manager is a tool that helps us use tracking or statistical tools and other
technologies on our website. The Google Tag Manager itself does not create
User profiles, does not store cookies and does not perform any independent analyses. It serves only the
Management and playout of the tools integrated through it. However, the Google Tag Manager captures
Your IP address, which is also transferred to Google’s parent company in the United States.
can be.
The use of the Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The
Website operator has a legitimate interest in a fast and uncomplicated integration and
Management of various tools on its website. If a corresponding consent is requested
the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1
TTDSG, insofar as the consent allows the storage of cookies or access to information in the
The TTDSG covers the use of the user’s terminal device (e.g. device fingerprinting). The consent is
revocable at any time.
Google Analytics
This website uses functions of the web analysis service Google Analytics. Provider is the Google Ireland
Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyze the behavior of website visitors.
In this context, the website operator receives various usage data, such as page views, dwell time,
operating systems used and origin of the user. This data is assigned to the respective end device of the
Users assigned. There is no assignment to a user ID.
Furthermore, we can use Google Analytics to track your mouse and scroll movements and clicks, among other things.
record Furthermore, Google Analytics uses various modeling approaches to analyze the collected
data sets and uses machine learning technologies in data analysis.
Google Analytics uses technologies that allow the recognition of the user for the purpose of analyzing
of user behavior (e.g. cookies or device fingerprinting). The data collected by Google
Information about the use of this website is usually sent to a Google server in the
USA and stored there.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and §
25 par. 1 TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://privacy.google.com/businesses/controllerterms/mccs/.
Browser plugin
You can prevent the collection and processing of your data by Google by using the link provided under the
download and install the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de.
You can find more information on the handling of user data at Google Analytics in the
Privacy policy of Google:
https://support.google.com/analytics/answer/6004245?hl=de.
Job processing
We have concluded an order processing contract with Google and implement the strict
We fully comply with the requirements of the German data protection authorities when using Google Analytics.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program of the Google
Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites.
when the user enters certain search terms on Google (keyword targeting). Furthermore
can target advertisements based on the user data available at Google (e. g. B.
location data and interests) can be played (target group targeting). We as website operator
can evaluate this data quantitatively by analyzing, for example, which search terms lead to the
how many ads led to clicks on our ads and how many clicks on our ads led to clicks on our ads.
have led.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and §25 par. 1 TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://policies.google.com/privacy/frameworks and
https://privacy.google.com/businesses/controllerterms/mccs/.
6. newsletter
Newsletter data
If you would like to receive the newsletter offered on the website, we require an email address from you.
address and information that allows us to verify that you are the owner of the
e-mail address provided and agree to receive the newsletter. More data
are not collected or only on a voluntary basis. For the handling of the newsletter we use
Newsletter service providers, which are described below.
MailPoet
This website uses MailPoet for sending newsletters. Provider is Aut O’Mattic A8C Ireland
Ltd, Business Centre, No.1 Lower Mayor Street, International Financial Services Centre, Dublin 1, Ireland,
whose parent company is located in the USA (hereinafter MailPoet).
MailPoet is a service that can be used, among other things, to organize and analyze the sending of newsletters.
The data you enter for the purpose of subscribing to the newsletter will be stored on our servers
stored but sent via MailPoet’s servers, so that MailPoet can access your newsletter-related data.
processed (MailPoet Sending Service). Details can be found here:
https://account.mailpoet.com/.
Data analysis by MailPoet
With the help of MailPoet, we are able to analyze our newsletter campaigns. For example, we can
see whether a newsletter message has been opened and which links, if any, have been clicked. On this
In this way, we can determine, among other things, which links have been clicked on particularly often.
In addition, we can detect whether after opening / clicking certain previously defined actions
were carried out (conversion rate). For example, this allows us to recognize whether you have clicked on the
newsletter have made a purchase.
MailPoet also allows us to sort newsletter recipients based on different categories of
subdivide (“cluster”). The newsletter recipients can be selected, for example, by age, gender or
Subdivide place of residence. In this way, the newsletters can be better adapted to the respective target groups.
Customize. If you do not want MailPoet to analyze your data, you must unsubscribe from the newsletter. For this
we provide a corresponding link in every newsletter message.
For detailed information about MailPoet’s features, please refer to the following link:
https://account.mailpoet.com/ and
https://www.mailpoet.com/mailpoet-features/.
You can find MailPoet’s privacy policy at:
https://www.mailpoet.com/privacy-notice/.
Legal basis
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can use these
Revoke consent at any time for the future.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://automattic.com/de/privacy/.
Storage duration
The data you provide us with for the purpose of receiving the newsletter will be stored by us until your
unsubscribe from the newsletter will be stored by us and, after unsubscribing from the newsletter, removed from the
Newsletter distribution list or deleted after expiry of the purpose. We reserve the right to delete e-mail addresses from
our newsletter distribution list at our own discretion within the scope of our legitimate interest according to Art.
6 para. 1 lit. f DSGVO to delete or block. Data stored by us for other purposes
remain unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by us in a
Blacklist stored if this is necessary to prevent future mailings. The data from the
Blacklist are used only for this purpose and are not merged with other data. This
serves both your interest and our interest in complying with legal requirements in the
Dispatch of newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO). The storage in
of the blacklist is not limited in time. You can object to the storage if your interests
outweigh our legitimate interest.
Job processing
We have concluded an order processing agreement (AVV) with the above-mentioned provider.
This is a contract required by data protection law, which ensures that
this the personal data of our website visitors only according to our instructions and under
Processed in compliance with the GDPR.
6. eCommerce and payment providers
Processing of customer and contract data
We collect, process and use personal customer and contract data for justification,
content and amendment of our contractual relationships. Personal data about the
(usage data) we collect, process and use only insofar as it is necessary for the
is necessary to enable the user to use the service or to charge for it.
The legal basis for this is Art. 6 para. 1 lit. b GDPR.
The collected customer data will be deleted after completion of the order or termination of the
The data will be deleted after the end of the business relationship and expiry of any statutory retention periods.
Statutory retention periods remain unaffected.
Data transmission at the conclusion of a contract for online stores, merchants and shipment of goods
When you order goods from us, we pass on your personal data to the company entrusted with delivery.
transport company as well as to the payment service provider commissioned with the payment processing.
more. Only such data will be released that the respective service provider needs to fulfill its
Task needed. The legal basis for this is Art. 6 para. 1 lit. b GDPR, which regulates the processing of data for the purpose of
fulfillment of a contract or pre-contractual measures. Provided you have a corresponding
Consent according to Art. 6 para. 1 lit. a DSGVO, we will forward your e-mail address to the company associated with the
delivery so that they can inform you by e-mail about the status of the shipment.
of your order; you can revoke this consent at any time.
Data transfer upon conclusion of a contract for services and digital content
We transmit personal data to third parties only if this is necessary within the scope of the
contract processing is necessary, for example to the credit institution commissioned with the payment processing.
A further transmission of the data does not take place or only if you agree to the transmission of the data.
have expressly agreed to. A transfer of your data to third parties without explicit consent,
for advertising purposes, for example, does not take place.
The basis for the data processing is Art. 6 para. 1 lit. b GDPR, which governs the processing of data for the
fulfillment of a contract or pre-contractual measures.
Payment services
We include third-party payment services on our website. When you make a purchase from us
your payment data (e.g. name, payment amount, bank account details, credit card number) will be stored.
processed by the payment service provider for the purpose of payment processing. For these transactions
the respective contractual and data protection provisions of the respective providers apply. The use of the
payment service provider is carried out on the basis of Art. 6 para. 1 lit. b DSGVO (contract processing) and in the
Interest of a smooth, convenient and secure payment process (Art. 6 para. 1 lit. f
GDPR). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR
Legal basis for data processing; consents can be revoked at any time for the future.
We use the following payment services / payment service providers within the scope of this website:
PayPal
Provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449
Luxembourg (hereinafter “PayPal”).
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
For details, please refer to PayPal’s privacy policy:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Stripe
The provider for customers within the EU is Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower,
Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://stripe.com/de/privacy and
https://stripe.com/de/guides/general-data-protection-regulation.
You can read details about this in Stripe’s privacy policy at the following link:
https://stripe.com/de/privacy.
Klarna
The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Klarna”). Klarna
offers various payment options (e.g. installment purchase). If you choose to pay with Klarna
(Klarna checkout solution), Klarna will collect various personal data from you.
raise. Klarna uses cookies to optimize the use of the Klarna checkout solution. Details about the
Use of Klarna cookies can be found at the following link:
https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.
You can read details about this in Klarna’s privacy policy at the following link:
https://www.klarna.com/de/datenschutz/.
Instant bank transfer
The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter referred to as “Sofort”).
“Sofort GmbH”). With the help of the procedure “Sofortüberweisung” we receive in real time a
confirmation of payment from Sofort GmbH and can immediately begin with the fulfillment of our
Start liabilities. If you have chosen the payment method “Sofortüberweisung”,
transmit the PIN and a valid TAN to Sofort GmbH, which will use it to log in to your online banking account.
account can log in. Sofort GmbH automatically checks your account balance after logging in and performs
the transfer to us with the help of the TAN you have transmitted. It then transmits to us
a transaction confirmation without delay. After logging in, you will also see your sales, the
Credit limit of the overdraft facility and the existence of other accounts and their balances.
checked automatically. In addition to the PIN and the TAN, the payment data you enter is also
as well as data about your person to Sofort GmbH. The data concerning your person are
first and last name, address, telephone number(s), e-mail address, IP address and, if applicable, other data required for
Data required for payment processing. The transmission of this data is necessary to verify your identity.
to be determined beyond doubt and to prevent attempts at fraud. Details about payment with
Immediate transfer can be found in the following links:
https://www.sofort.de/datenschutz.html and
https://www.klarna.com/sofort/.
Mastercard
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410
Waterloo, Belgium (hereinafter “Mastercard”).
Mastercard may transfer data to its parent company in the USA. The data transfer to the
USA is based on Mastercard’s Binding Corporate Rules. Details can be found here:
https://www.mastercard.de/de-de/datenschutz.html and
https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
VISA
The provider of this payment service is Visa Europe Services Inc, London Branch, 1 Sheldon
Square, London W2 6TT, United Kingdom (hereinafter “VISA”).
The United Kingdom is considered a safe third country under data protection law. This means that Great Britain is a
has a level of data protection that corresponds to the level of data protection in the European Union.
VISA may transfer data to its parent company in the United States. Data transmission to the USA is
based on the standard contractual clauses of the EU Commission. Details can be found here:
https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zuzustandigkeitsfragen-
for-the-evr.html.
For more information, please refer to VISA’s privacy policy:
https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
WooCommerce
We have integrated the open source store system WooCommerce as a plugin on our website. This WooCommerce plugin is based on the WordPress content management system, which is a subsidiary of Automattic Inc. (60 29th Street #343, San Francisco, CA 94110, USA) is. Through the implemented functions, data is transferred to Automattic Inc. sent, stored and processed. In this privacy policy, we inform you what data is involved, how the network uses this data and how you can manage or prevent data storage.
What is WooCommerce?
WooCommerce is an online store system that has been part of the WordPress directory since 2011 and was developed specifically for WordPress websites. It is a customizable, open source eCommerce platform based on WordPress and also integrated into our website as a WordPress plugin.
Why do we use WooCommerce on our website?
We use this convenient online store solution to offer you our physical or digital products or services in the best possible way on our website. The aim is to provide you with simple and easy access to our range of products, so that you can get what you want quickly and easily. With WooCommerce we have found a good plugin here that meets our requirements for an online store.
What data is stored by WooCommerce?
Information that you actively enter into a text field in our online store may be collected and stored by WooCommerce or Automattic. So when you register with us or order a product, Automattic may collect, process and store this data. This may include credit card or billing information in addition to email address, name or address. Automattic can subsequently use this information for its own marketing campaigns.
In addition, there is also information that Automattic automatically collects from you in so-called server log files:
- IP address
- Browser information
- Preset language setting
- Date and time of the web access
WooCommerce also sets cookies in your browser and uses technologies such as pixel tags (web beacons), for example, to clearly identify you as a user and possibly offer interest-based advertising. WooCommerce uses a number of different cookies that are set depending on the user action. This means that when you add a product to your shopping cart, for example, a cookie is set so that the product remains in the shopping cart when you leave our website and return at a later time.
Here we show you an example list of possible cookies that can be set by WooCommerce:
Name: woocommerce_items_in_cart
Value: 1
Purpose: The cookie helps WooCommerce determine when the content in the shopping cart changes.
Expiration date: after end of session
Name: woocommerce_cart_hash
Wert: 447c84f810834056ab37cfe5ed27f204311246121-7
Purpose: This cookie is also used to recognize and save the changes in your shopping cart.
Expiration date: after end of session
Name: wp_woocommerce_session_d9e29d251cf8a108a6482d9fe2ef34b6
Wert:%7C%
Purpose: This cookie contains a unique identifier for you so that the shopping cart data can also be found in the database.
Expiration date: after 2 days
How long and where is the data stored?
Unless there is a legal obligation to keep data for a longer period of time, WooCommerce will delete the data when it is no longer needed for its own purposes for which it was stored. For example, server log files that contain technical data about your browser and IP address are deleted after about 30 days. Until then, Automattic uses the data to analyze the traffic on its own websites (for example, all WordPress sites) and fix potential problems. The data is stored on American servers by Automattic.
How can I delete my data or prevent data storage?
You have the right to access and object to the use and processing of your personal data at any time. You may also file a complaint with a state regulatory agency at any time.
In your browser, you also have the option to individually manage, delete or disable cookies. However, please note that disabled or deleted cookies have possible negative effects on the functions of our WooCommerce online store. Depending on which browser you use, managing cookies works slightly differently. Below you can see links to the instructions for the most popular browsers:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete and manage cookies
Automattic is an active participant in the EU-U.S. Privacy Shield Framework, which governs the accurate and secure transfer of personal data. For more information, visit https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC.
More details about the privacy policy and what data is collected by WooCommerce and in what way can be found at https://automattic.com/privacy/ and general information about WooCommerce can be found at https://woocommerce.com/.
