Privacy Policy
Privacy Policy
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to do so will have no consequences. This applies only as long as no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Contact
Controller
Contact us if you wish. The controller for data processing is: YOVANA GmbH, Ruhrorter Str. 112, 45478 Mülheim an der Ruhr Germany, 0208 - 444 78 98 1, info@yogabox.de
Customer’s proactive contact via email
If you proactively contact us by email for business purposes, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves to process and respond to your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
For the technical provision and management of the revocation function on our online presence, we use a software solution from the third-party provider Händlerbund Legal GmbH, Kohlgartenstraße 11-13, 04315 Leipzig, as part of order processing. The plugin allows you to submit your declaration of revocation directly via the revocation button if you have concluded a contract with us via our website. For this purpose, technically necessary cookies are used and the following information is collected: encrypted session ID.
Your data may be transferred to third countries such as the USA. For the USA, an adequacy decision by the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). If the providers have not certified themselves under the TADPF, the data transfer to the USA is based on standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de.
Your collected personal data will be transmitted to the servers of the aforementioned third-party providers when using the revocation function.
The use of cookies or similar technologies is based on § 25 para. 2 TDDDG. Further information on data protection can be found at: https://www.haendlerbund.de/de/datenschutzerklaerung
Use of address validation by Endereco
We use the address validation service from Endereco UG (haftungsbeschränkt) (Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany; “Endereco”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real-time, and, if necessary, supplementing missing data. In case of incorrectly entered data, alternative suggestions for correcting the data will be displayed.
Among other things, the following information may be transmitted to and processed by Endereco: postal addresses (country, city, postal code, street, house number), email address, telephone number.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in accurate data for the fulfillment of our contractual obligations. You have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on data protection at Endereco can be found at: https://www.endereco.de/datenschutzerklaerung/.
If you contact us via WhatsApp for business purposes, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you reside outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile phone number stored on WhatsApp, your name if provided, and other data to the extent provided by you. We use a mobile device for the service, whose address book only stores data of users who have contacted us via WhatsApp. No personal data is therefore transferred to WhatsApp without your prior consent to WhatsApp.
Your data will be transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA. For the USA, an adequacy decision by the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and thus committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, offer preparation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in providing quick and easy contact and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.
Reviews Advertising
Data collection when submitting a comment or review
When you comment on or review an article or post, we only collect your personal data (name, email address, comment text) to the extent provided by you. The processing serves the purpose of enabling commenting/reviewing and displaying comments/reviews.
For the purpose of verifying your review/comment, we also collect the following data: order number, , invoice number, .
By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your personal data will then be deleted.
When your comment/review is published, only the name you provided will be published.
We use your email address, which we received in the context of the sale of goods or services, for the electronic sending of advertising for our own goods or services that are similar to those you have already purchased from us, provided you have not objected to this use. The provision of the email address is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. Processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your email address at any time by notifying us. You can find the contact details for exercising your right to object in the imprint. You can also use the corresponding link in the advertising email. No costs other than the transmission costs according to the basic rates will be incurred for this.
Disclosure of email address to shipping companies for information on shipping status
We pass on your email address to the transport company as part of contract processing, provided you have expressly agreed to this in the order process. The purpose of the transfer is to inform you about the shipping status by email. The processing is based on Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Use of an external inventory management system
We use an inventory management system for contract processing within the framework of order processing. For this purpose, your personal data collected during the order process will be transmitted to
plentysystems AG, Johanna-Waescher-Straße 7, 34131 Kassel.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Payment service providers
Use of PayPal Express
We use the payment service PayPal Express of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of being able to offer you payment via the PayPal Express payment service.
To integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
By selecting and using PayPal Express, the data necessary for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Use of PayPal Checkout
We use the payment service PayPal Checkout from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR.
Cookies may be stored, which enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offering of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay Later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematically statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) calculated on the basis of scientifically recognized mathematically statistical procedures, and their calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. Data processing serves the purpose of credit assessment for contract initiation. Processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when PayPal advances payment.
You have the right to object to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying PayPal. The provision of data is required for the conclusion of the contract with your desired payment method. Failure to provide data will result in the contract not being concluded with your chosen payment method.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR. Local third-party providers can be, for example:
Invoice purchase via PayPal
When paying via invoice purchase, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you with the selected payment method. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR. Ratepay may carry out a credit assessment based on mathematically statistical procedures (probability or score values) using credit agencies according to the process already described above. Data processing serves the purpose of credit assessment for contract initiation. Processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Ratepay advances payment. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the corresponding data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
On our website, we use the consent tool "Shopify Privacy & Compliance" from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify"). Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The tool allows you to give consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw consent already given. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations. Cookies may be used for this purpose. User information, including your IP address, is collected and transmitted to Shopify.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. An adequacy decision of the EU Commission exists for Canada. An adequacy decision of the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
Data processing is carried out to fulfil a legal obligation based on Art. 6 (1) lit. c GDPR.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz.
Ad Tracking
Plug-ins and other services
Use of Google reCAPTCHA
On our website, we use the reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") as part of order data processing. The query serves the purpose of distinguishing between input by a human or by automated, mechanical processing. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and possibly other data required by Google for the reCAPTCHA service are transferred to Google. This data is processed by Google within the European Union and, if applicable, also transmitted to servers of Google LLC in the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Use of Google invisible reCAPTCHA
On our website, we use the invisible reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
This serves the purpose of distinguishing between human input and automated, mechanical processing. In the background, Google collects and analyzes usage data, which is used by Invisible reCAPTCHA to distinguish regular users from bots. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
This data is processed by Google within the European Union and, if applicable, also transmitted to servers of Google LLC in the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a DSGVO. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Use of Cloudflare
On our website, we use the Cloudflare CDN (Content Delivery Network) from Cloudflare Inc. (101 Townsend St, San Francisco, CA 94107, USA; "Cloudflare"). This is a trans-regional network of servers in various data centers, with which our web server connects and through which certain content of our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.
Among other things, the following information may be collected: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transmitted to the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudflare has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation, based on Art. 6 (1) lit. f GDPR.
Further information on data protection when using Cloudflare can be found at https://www.cloudflare.com/de-de/privacypolicy/.
On our website, we use the function for embedding Google Maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google").
The function enables the visual display of geographical information and interactive maps. When accessing pages where Google Maps are embedded, Google also collects, processes and uses data from website visitors.
Your data may also be transferred to the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on the collection and use of data by Google can be found in Google's privacy policy at https://www.google.com/privacypolicy.html. There, you also have the option to change your settings in the Privacy Center so that you can manage and protect your data processed by Google.
On our website, we use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube"). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The function displays videos stored on YouTube in an iFrame on the website. The "enhanced privacy mode" option is activated. This means that YouTube does not store any information about visitors to the website. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. An adequacy decision by the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 (1) Sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing carried out on the basis of the consent until withdrawal.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's data protection notices at https://www.youtube.com/t/privacy.
Data Subject Rights and Storage Period
Duration of storage
After complete execution of the contract, the data will initially be stored for the duration of the warranty period, then taking into account statutory, in particular tax and commercial law, retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: right to information, to rectification, to erasure, to restriction of processing, to data portability.
Furthermore, pursuant to Art. 21 (1) GDPR, you have a right to object to processing based on Art. 6 (1) f GDPR, as well as to processing for the purpose of direct marketing.
Right to lodge a complaint with the supervisory authority
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint, among others, with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Tel.: +49 211 384240
Fax: +49 211 38424999
Email: poststelle@ldi.nrw.de
Right to object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 (1) lit. f GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
After an objection has been raised, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.
If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After an objection has been raised, we will stop processing the data concerned for direct marketing purposes.
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to do so will have no consequences. This applies only as long as no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Server log files
You can visit our websites without providing any personal information.
Each time our website is accessed, usage data is transmitted to us or our web host / IT service provider by your internet browser and stored in log files (so-called server log files). This stored data includes, for example, the name of the accessed page, the date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and to improve our offer.
Your data may be transferred to and processed in third countries outside the EU, in particular to Canada and the USA. For Canada, there is an adequacy decision by the EU Commission. For the USA, an adequacy decision by the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to those of the EU Commission's standard contractual clauses.The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and to improve our offer.
Contact
Controller
Contact us if you wish. The controller for data processing is: YOVANA GmbH, Ruhrorter Str. 112, 45478 Mülheim an der Ruhr Germany, 0208 - 444 78 98 1, info@yogabox.de
Customer’s proactive contact via email
If you proactively contact us by email for business purposes, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves to process and respond to your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the revocation button
If you have concluded a contract via our online presence, we provide you with a revocation function (revocation button) through which you can submit your declaration of revocation directly.
When using the revocation function, we collect your personal data (name, email address, information to identify the contract or part of the contract that you wish to revoke, as well as the time (date and hour) of sending the declaration of revocation) only to the extent provided by you. The data processing serves the purpose of providing you with the legally required option to revoke your contract and for the proper processing of your revocation.
If the contact concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR. Otherwise, the data processing is based on Art. 6 para. 1 lit. c GDPR, to fulfill a legal obligation to provide you with a revocation function on our online presence.
We only use your email address to process your declaration of revocation. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Disclosure to third-party providers (plugin usage)For the technical provision and management of the revocation function on our online presence, we use a software solution from the third-party provider Händlerbund Legal GmbH, Kohlgartenstraße 11-13, 04315 Leipzig, as part of order processing. The plugin allows you to submit your declaration of revocation directly via the revocation button if you have concluded a contract with us via our website. For this purpose, technically necessary cookies are used and the following information is collected: encrypted session ID.
Your data may be transferred to third countries such as the USA. For the USA, an adequacy decision by the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). If the providers have not certified themselves under the TADPF, the data transfer to the USA is based on standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de.
Your collected personal data will be transmitted to the servers of the aforementioned third-party providers when using the revocation function.
The processing of your personal data serves the purpose of legally complying with the requirements for the design of the revocation function and is based on Art. 6 para. 1 lit. c GDPR. This data processing is also based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in providing you with a user-friendly revocation option. In this case, you have the right to object at any time to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
Use of address validation by Endereco
We use the address validation service from Endereco UG (haftungsbeschränkt) (Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany; “Endereco”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real-time, and, if necessary, supplementing missing data. In case of incorrectly entered data, alternative suggestions for correcting the data will be displayed.
Among other things, the following information may be transmitted to and processed by Endereco: postal addresses (country, city, postal code, street, house number), email address, telephone number.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in accurate data for the fulfillment of our contractual obligations. You have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on data protection at Endereco can be found at: https://www.endereco.de/datenschutzerklaerung/.
Use of address validation by Google Maps API
We use the address validation service from Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland “Google”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real-time, and, if necessary, supplementing missing data. In case of incorrectly entered data, alternative suggestions for correcting the data will be displayed. For this purpose, the address data entered by you will be transmitted to the provider, stored and evaluated there.
Among other things, the following information may be transmitted to and processed by Google: postal addresses (country, city, postal code, street, house number), email address, telephone number.
Your data may also be transmitted to the USA. For the USA, an adequacy decision by the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in an accurate data basis for the fulfillment of our contractual obligations. You have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on terms of use and data protection at Google can be found at: https://cloud.google.com/maps-platform/terms or https://www.google.de/policies/privacy/.
WhatsApp BusinessWe use the address validation service from Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland “Google”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real-time, and, if necessary, supplementing missing data. In case of incorrectly entered data, alternative suggestions for correcting the data will be displayed. For this purpose, the address data entered by you will be transmitted to the provider, stored and evaluated there.
Among other things, the following information may be transmitted to and processed by Google: postal addresses (country, city, postal code, street, house number), email address, telephone number.
Your data may also be transmitted to the USA. For the USA, an adequacy decision by the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in an accurate data basis for the fulfillment of our contractual obligations. You have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on terms of use and data protection at Google can be found at: https://cloud.google.com/maps-platform/terms or https://www.google.de/policies/privacy/.
If you contact us via WhatsApp for business purposes, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you reside outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile phone number stored on WhatsApp, your name if provided, and other data to the extent provided by you. We use a mobile device for the service, whose address book only stores data of users who have contacted us via WhatsApp. No personal data is therefore transferred to WhatsApp without your prior consent to WhatsApp.
Your data will be transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA. For the USA, an adequacy decision by the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and thus committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, offer preparation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in providing quick and easy contact and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.
Collection, processing and transfer of personal data for orders
When placing an order, we collect and process your personal data only to the extent necessary for the fulfillment and processing of your order and for processing your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it means that no contract can be concluded. The processing is based on Art. 6 para. 1 lit. b GDPR and is necessary for the performance of a contract with you.
Your data is transferred, for example, to shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly adhere to legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to and processed in third countries outside the EU, particularly in Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission exists, namely the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission's standard contractual clauses.Reviews Advertising
Data collection when submitting a comment or review
When you comment on or review an article or post, we only collect your personal data (name, email address, comment text) to the extent provided by you. The processing serves the purpose of enabling commenting/reviewing and displaying comments/reviews.
For the purpose of verifying your review/comment, we also collect the following data: order number, , invoice number, .
By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your personal data will then be deleted.
When your comment/review is published, only the name you provided will be published.
Shopauskunft customer review
We use the review tool "shopauskunft.de" from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; "Shopauskunft") for our website.
After your order, we would like to ask you to rate and comment on your purchase with us. For this purpose, we will contact you by e-mail, using the technical system "Legal review request (RBA)". In doing so, we process your order data (order number/invoice number, purchase value and shipping costs) as well as your e-mail address. If necessary, we may also use this data for the purpose of verifying your review.
We use the review tool "shopauskunft.de" from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; "Shopauskunft") for our website.
After your order, we would like to ask you to rate and comment on your purchase with us. For this purpose, we will contact you by e-mail, using the technical system "Legal review request (RBA)". In doing so, we process your order data (order number/invoice number, purchase value and shipping costs) as well as your e-mail address. If necessary, we may also use this data for the purpose of verifying your review.
The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent, provided that you have expressly agreed to the transfer of your data and the receipt of the review request.
You can revoke your consent at any time using the corresponding link in the e-mail or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz.
You can revoke your consent at any time using the corresponding link in the e-mail or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz.
Shopauskunft Widget
The Shopauskunft widget is integrated into our website. This serves the purpose of displaying and advertising the number and results of our reviews received via Shopauskunft so far.
To display the widget, it is technically necessary for your internet browser to transmit usage data to the Shopauskunft server and to store it in log data (so-called server log files) for 7 days. This stored data includes the name and URL of the retrieved file, date and time of retrieval, the IP address of the requesting computer, the website from which access is made (referrer URL), the browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.
Processing is based on Art. 6 Para. 1 lit. f GDPR from our overriding legitimate interest in promoting our offers by displaying the customer reviews already received. This data is not stored together with other personal data.
Use of the email address for sending direct advertising We use your email address, which we received in the context of the sale of goods or services, for the electronic sending of advertising for our own goods or services that are similar to those you have already purchased from us, provided you have not objected to this use. The provision of the email address is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. Processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your email address at any time by notifying us. You can find the contact details for exercising your right to object in the imprint. You can also use the corresponding link in the advertising email. No costs other than the transmission costs according to the basic rates will be incurred for this.
Use of the email address for availability notifications
We offer a product availability notification service on our website. If an item is temporarily unavailable, you have the option to enter your email address for the respective item and be informed by email when it becomes available, provided you have consented to this. You will receive a one-time email notification about the availability of the respective item when it becomes available. Processing is based on Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the distribution list.
Shipping service providers Inventory managementWe offer a product availability notification service on our website. If an item is temporarily unavailable, you have the option to enter your email address for the respective item and be informed by email when it becomes available, provided you have consented to this. You will receive a one-time email notification about the availability of the respective item when it becomes available. Processing is based on Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the distribution list.
Disclosure of email address to shipping companies for information on shipping status
We pass on your email address to the transport company as part of contract processing, provided you have expressly agreed to this in the order process. The purpose of the transfer is to inform you about the shipping status by email. The processing is based on Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Use of an external inventory management system
We use an inventory management system for contract processing within the framework of order processing. For this purpose, your personal data collected during the order process will be transmitted to
plentysystems AG, Johanna-Waescher-Straße 7, 34131 Kassel.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Payment service providers
Use of PayPal Express
We use the payment service PayPal Express of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of being able to offer you payment via the PayPal Express payment service.
To integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
By selecting and using PayPal Express, the data necessary for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Use of PayPal Checkout
We use the payment service PayPal Checkout from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR.
Cookies may be stored, which enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offering of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay Later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematically statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) calculated on the basis of scientifically recognized mathematically statistical procedures, and their calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. Data processing serves the purpose of credit assessment for contract initiation. Processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when PayPal advances payment.
You have the right to object to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying PayPal. The provision of data is required for the conclusion of the contract with your desired payment method. Failure to provide data will result in the contract not being concluded with your chosen payment method.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR. Local third-party providers can be, for example:
- Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
Invoice purchase via PayPal
When paying via invoice purchase, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you with the selected payment method. This processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR. Ratepay may carry out a credit assessment based on mathematically statistical procedures (probability or score values) using credit agencies according to the process already described above. Data processing serves the purpose of credit assessment for contract initiation. Processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Ratepay advances payment. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the corresponding data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of the payment service provider Mollie
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. Data processing serves the purpose of being able to offer you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g. bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, your address data and information about the product or service you purchased from us. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated data protection declaration https://www.mollie.com/de/legal/privacy
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. Data processing serves the purpose of being able to offer you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g. bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, your address data and information about the product or service you purchased from us. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated data protection declaration https://www.mollie.com/de/legal/privacy
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and the transmission of the data contained therein. Cookies that have already been stored can be deleted at any time. However, we would like to point out that in this case you may not be able to fully use all functions of this website.
You can find information on how to manage (including deactivate) cookies in the most common browsers using the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Technically necessary cookies
Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies to make our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognise your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised again even after a page change.
The use of cookies or comparable technologies is based on Section 25 (2) TDDDG. The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.
You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation.
Use of the Shopify Consent Tool (Shopify Privacy & Compliance)On our website, we use the consent tool "Shopify Privacy & Compliance" from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify"). Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The tool allows you to give consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw consent already given. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations. Cookies may be used for this purpose. User information, including your IP address, is collected and transmitted to Shopify.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. An adequacy decision of the EU Commission exists for Canada. An adequacy decision of the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
Data processing is carried out to fulfil a legal obligation based on Art. 6 (1) lit. c GDPR.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz.
Ad Tracking
Use of Google Inc.'s remarketing or "similar audiences" function
We use the remarketing or "similar audiences" function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The application serves the purpose of analyzing visitor behavior and visitor interests. To carry out the analysis of website usage, which forms the basis for creating interest-based advertisements, Google uses cookies. The cookies record website visits and anonymized data about website usage. No personal data of website visitors is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously accessed product and information areas.
Your data may be transferred to Google LLC servers in the USA. An adequacy decision of the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on Google Remarketing and the associated privacy policy can be found at: https://www.google.com/privacy/ads/ and https://business.safety.google/privacy/
We use the remarketing or "similar audiences" function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The application serves the purpose of analyzing visitor behavior and visitor interests. To carry out the analysis of website usage, which forms the basis for creating interest-based advertisements, Google uses cookies. The cookies record website visits and anonymized data about website usage. No personal data of website visitors is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously accessed product and information areas.
Your data may be transferred to Google LLC servers in the USA. An adequacy decision of the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on Google Remarketing and the associated privacy policy can be found at: https://www.google.com/privacy/ads/ and https://business.safety.google/privacy/
Use of customer retention via uptain
On our website, we use the uptain plugin from the provider uptain GmbH, (Obergrünewalder Str. 8 a, 42103 Wuppertal; “uptain”). Data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes and improving customer engagement (e.g., through a dialog box). For this purpose, uptain will, on behalf of the operator of this website, use the information obtained to evaluate your use of the website and to compile reports on website activities.
Uptain uses technologies such as cookies. Among other things, the following information may be collected: IP address, date and time of page view, mouse movement and click path, cursor movement, dwell time, visited pages.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection at uptain can be found at: https://uptain.de/datenschutz/
Further information on data protection at uptain can be found at: https://uptain.de/datenschutz/
Plug-ins and other services
Use of Google reCAPTCHA
On our website, we use the reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") as part of order data processing. The query serves the purpose of distinguishing between input by a human or by automated, mechanical processing. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and possibly other data required by Google for the reCAPTCHA service are transferred to Google. This data is processed by Google within the European Union and, if applicable, also transmitted to servers of Google LLC in the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Use of Google invisible reCAPTCHA
On our website, we use the invisible reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
This serves the purpose of distinguishing between human input and automated, mechanical processing. In the background, Google collects and analyzes usage data, which is used by Invisible reCAPTCHA to distinguish regular users from bots. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
This data is processed by Google within the European Union and, if applicable, also transmitted to servers of Google LLC in the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a DSGVO. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Use of Cloudflare
On our website, we use the Cloudflare CDN (Content Delivery Network) from Cloudflare Inc. (101 Townsend St, San Francisco, CA 94107, USA; "Cloudflare"). This is a trans-regional network of servers in various data centers, with which our web server connects and through which certain content of our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.
Among other things, the following information may be collected: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transmitted to the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudflare has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation, based on Art. 6 (1) lit. f GDPR.
Further information on data protection when using Cloudflare can be found at https://www.cloudflare.com/de-de/privacypolicy/.
Use of Cloudfront
On our website, we use the Cloudfront CDN (Content Delivery Network) from Amazon Web Services EMEA SARL (38 avenue John F. Kennedy, L-1855, Luxembourg; "Cloudfront").
This is a trans-regional network of servers in various data centers, with which our web server connects and through which certain content of our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.Among other things, the following information may be collected: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transmitted to the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudfront has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation, based on Art. 6 (1) lit. f GDPR.
Further information on data protection when using Cloudfront can be found at https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html and at https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf.
Use of Google MapsThis is a trans-regional network of servers in various data centers, with which our web server connects and through which certain content of our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.Among other things, the following information may be collected: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transmitted to the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudfront has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation, based on Art. 6 (1) lit. f GDPR.
Further information on data protection when using Cloudfront can be found at https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html and at https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf.
On our website, we use the function for embedding Google Maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google").
The function enables the visual display of geographical information and interactive maps. When accessing pages where Google Maps are embedded, Google also collects, processes and uses data from website visitors.
Your data may also be transferred to the USA. For the USA, an adequacy decision of the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on the collection and use of data by Google can be found in Google's privacy policy at https://www.google.com/privacypolicy.html. There, you also have the option to change your settings in the Privacy Center so that you can manage and protect your data processed by Google.
Use of OpenStreetMap
On our website, we use the open-source mapping service from the OpenStreetMap Foundation (St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom; "OpenStreetMap"). Data processing serves the purpose of visually displaying geographical information and maps to show you our location.
Cookies may be used for this purpose. Among other things, the following information may be collected and processed: date and time of access, IP address, and information about the browser and device you are using. This information will be assigned to your personal user account if you have an OpenStreetMap user account and are logged in when visiting the website. In that case, the following additional information will be collected and processed: user ID, email address associated with the user account, and content blocked by the user.
Your data may also be transferred outside the EU to the United Kingdom. An adequacy decision by the EU Commission exists for the United Kingdom.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 (1) Sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing carried out on the basis of the consent until withdrawal.
Further information on data processing and data protection can be found at https://wiki.osmfoundation.org/wiki/Privacy_Policy?tid=331640695983.
Use of MS Bing Maps
We use the open-source mapping service of Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA "Bing Maps") on our website. The data processing serves the purpose of visually displaying geographical information and maps to show you our location.
Cookies may be used for this purpose. Among other things, the following information may be collected and processed: date and time of access, IP address, and information about the browser and device you are using. Your data may be transferred to third countries, such as the USA. An adequacy decision by the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Microsoft has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 (1) Sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing carried out on the basis of the consent until withdrawal.
Further information on data processing and data protection can be found at https://www.microsoft.com/en-us/maps/product and https://privacy.microsoft.com/de-de/privacystatement/.
Use of YouTube On our website, we use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube"). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The function displays videos stored on YouTube in an iFrame on the website. The "enhanced privacy mode" option is activated. This means that YouTube does not store any information about visitors to the website. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. An adequacy decision by the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 (1) Sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing carried out on the basis of the consent until withdrawal.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's data protection notices at https://www.youtube.com/t/privacy.
Data Subject Rights and Storage Period
Duration of storage
After complete execution of the contract, the data will initially be stored for the duration of the warranty period, then taking into account statutory, in particular tax and commercial law, retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: right to information, to rectification, to erasure, to restriction of processing, to data portability.
Furthermore, pursuant to Art. 21 (1) GDPR, you have a right to object to processing based on Art. 6 (1) f GDPR, as well as to processing for the purpose of direct marketing.
Right to lodge a complaint with the supervisory authority
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint, among others, with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Tel.: +49 211 384240
Fax: +49 211 38424999
Email: poststelle@ldi.nrw.de
Right to object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 (1) lit. f GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
After an objection has been raised, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.
If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After an objection has been raised, we will stop processing the data concerned for direct marketing purposes.

