Privacy policy

1. Privacy at a glance

General Notes

The following notices provide a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration below this text.

Data collection on this website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the "Note on the responsible body" section of this data protection declaration.

How do we collect your data?

On the one hand, your data is collected when you communicate it to us. This can be z. B. be data that you enter in a contact form.

Other data is collected by our IT systems automatically or with your consent when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.

What are your rights regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right, under certain circumstances, to request that the processing of your personal data be restricted. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time about this and other questions on the subject of data protection.

Analysis tools and third-party tools

When you visit this website, your surfing behavior can be statistically evaluated. This is mainly done with so-called analysis programs.

Detailed information on these analysis programs can be found in the following data protection declaration.

2. hosting

We host the content of our website with the following provider:

Shopify

Provider is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify").

Shopify a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address and information about the device and browser you are using. Shopify also analyzes visitor numbers, visitor sources and customer behavior and creates user statistics. When you make a purchase on our website, Shopify also collects your name, email address, shipping and billing addresses, payment information, and other information related to the purchase (eg.telephone number, amount of sales made, etc.). Shopify stores cookies in your browser for analytics.

Details can be found in Shopify's privacy policy: https://www.shopify.de/legal/datenschutz.

Shopify is used on the basis of Article 6 (1) (f) GDPR. We have a legitimate interest in our website being displayed as reliably as possible. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

3. General information and mandatory information

Privacy Policy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. She also explains how and for what purpose this happens.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

Note on the responsible body

The responsible body for data processing on this website is:

Ellenity GmbH
Albisblick 51
6319 Allenwinden (Baar) – Switzerland

Email: info@ellenity.com

Responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Storage time

Unless a specific storage period has been specified in this data protection declaration, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); in the latter case, deletion takes place after these reasons no longer apply.

General information on the legal basis for data processing on this website

If you have consented to the data processing, we process your personal data on the basis of Article 6 Paragraph 1 Letter a GDPR or Article 9 Paragraph 2 Letter a GDPR, provided that special data categories pursuant to Article 9 Paragraph 1 GDPR are processed. In the event of express consent to the transfer of personal data to third countries, data processing is also based on Article 49 (1) (a) GDPR. If you have consented to the storage of cookies or to access information on your end device (e.g. via device fingerprinting), data processing is also based on Section 25 (1) TTDSG. The consent can be revoked at any time. If your data is required to fulfill the contract or to carry out pre-contractual measures, we process your data on the basis of Article 6 (1) (b) GDPR. Furthermore, we process your data if they are required to fulfill a legal obligation on the basis of Article 6 (1) (c) GDPR.Data processing can also take place on the basis of our legitimate interest in accordance with Article 6 (1) (f) GDPR. The following paragraphs of this data protection declaration provide information on the relevant legal bases in each individual case.

Note on data transfer to the USA and other third countries

We use tools from companies based in the USA or other non-safe data protection countries. If these tools are active, your personal data can be transferred to these third countries and processed there. We would like to point out that in these countries no level of data protection comparable to that of the EU can be guaranteed. For example, US companies are obliged to release personal data to security authorities without you as the person concerned being able to take legal action against this. It cannot therefore be ruled out that US authorities (e.g. secret services) will process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH A PROCESSING IS BASED CAN BE FOUND IN THIS DATA PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR CONCERNED PERSONAL DATA UNLESS WE CAN PROVE COMPREHENSIVE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOM OBJECTION ACCORDING TO ARTICLE 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION ACCORDING TO ART. 21 (2) GDPR).

Right of appeal to the competent supervisory authority

In the event of violations of the GDPR, the data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.

Information, deletion and correction

Within the scope of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data at any time. You can contact us at any time with regard to this and other questions on the subject of personal data.

Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You can contact us at any time for this. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the examination, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need them to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
If you have lodged an objection in accordance with Art. 21 (1) GDPR, your interests and ours must be weighed up. As long as it has not yet been determined whose interests prevail, you have the right to demand that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or processed for reasons of important public interest of the European Union or a Member State.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Encrypted payment transactions on this website

If there is an obligation to send us your payment data (e.g. account number for direct debit authorization) after the conclusion of a fee-based contract, this data will be required for payment processing.

Payment transactions using the usual means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Objection to promotional emails

The use of contact data published as part of the imprint obligation for sending unsolicited advertising and information material is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails .

4. Data collection on this website

Cookies

Our website uses so-called "cookies". Cookies are small data packages and do not damage your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit. Permanent cookies remain stored on your end device until you delete them yourself or until your web browser automatically deletes them.

In some cases, cookies from third-party companies can also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have different functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.

Cookies that are required to carry out the electronic communication process, to provide certain functions you want (e.g. for the shopping cart function) or to optimize the website (e.g. cookies for measuring web audience) (necessary cookies ), are stored on the basis of Art. 6 Para. 1 lit. f GDPR, unless another legal basis is given. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies was requested, processing takes place exclusively on the basis of this consent (Art. 6 Para. 1 lit. a DSGVO and § 25 Para. 1 TTDSG); the consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in this data protection declaration and, if necessary, ask for your consent.

Consent with GDPR/CCPA + Cookie Management

Our website uses the GDPR/CCPA + Cookie Management consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations.

GDPR/CCPA + Cookie Management is installed locally on our servers, so there is no connection to third party servers. GDPR/CCPA + Cookie Management stores a cookie in your browser in order to be able to allocate the consent given or its revocation to you. Otherwise, your data will be stored until you request us to delete it, delete the consent cookie yourself, or the purpose for storing the data no longer applies. Mandatory statutory retention requirements remain unaffected.

CGDPR/CCPA + Cookie Management is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) (c) GDPR.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
operating system used
Referrer URL
Host name of the accessing computer
Time of server request
IP address

This data is not merged with other data sources.

The collection of this data takes place on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - the server log files must be recorded for this purpose.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The processing of this data takes place on the basis of Art. 6 Paragraph 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was queried; the consent can be revoked at any time.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

Inquiry by email or phone

If you contact us by e-mail or telephone, your request including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

The data you sent to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

Registration on this website

You can register on this website to use additional functions on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full.Otherwise we will refuse the registration

In the event of important changes, such as the scope of the offer or technically necessary changes, we will use the e-mail address provided during registration to inform you in this way.

The data entered during registration is processed for the purpose of implementing the user relationship established by registration and, if necessary, initiating further contracts (Art. 6 Para. 1 lit. b DSGVO).

The data collected during registration will be stored by us as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected.

Comment function on this website

For the comment function on this page, in addition to your comment, information about the time the comment was created, your e-mail address and, if you are not posting anonymously, the user name you have chosen will be saved.

Storage of the IP address

Our comment function saves the IP addresses of users who write comments. Since we do not check comments on this website before they are activated, we need this data in order to be able to take action against the author in the event of legal violations such as insults or propaganda.

Storage time for comments

The comments and associated data will be stored and remain on this website until the commented content has been completely deleted or the comments must be deleted for legal reasons (e.g. offensive comments).

Legal basis

The comments are stored on the basis of your consent (Article 6 (1) (a) GDPR). You can revoke any consent you have given at any time. An informal message by e-mail to us is sufficient. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

5. Social Media

Social media elements with Shariff

Elements from social media are used on this website (e.g. Facebook, Twitter, Instagram, Pinterest, XING, LinkedIn, Tumblr).

You can usually recognize the social media elements by the respective social media logos. To ensure data protection on this website, we only use these elements together with the so-called "Shariff" solution. This application prevents the social media elements integrated on this website from transferring your personal data to the respective provider when you first enter the site.

A direct connection to the provider's server is only established (consent) when you activate the respective social media element by clicking on the associated button. As soon as you activate the social media element, the respective provider receives the information that you have visited this website with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to this website to your user account.

Activating the plugin represents consent within the meaning of Article 6(1)(a) GDPR and Article 25(1) TTDSG. You can revoke this consent at any time with effect for the future.

The service is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Article 6 (1) (c) GDPR.

Facebook

Elements of the social network Facebook are integrated on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, however, the data collected is also transferred to the USA and other third countries.

You can find an overview of the Facebook social media elements here: https://developersfacebook.com/docs/plugins/?locale=de_DE.

If the social media element is active, a direct connection is established between your end device and the Facebook server. Facebook receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while you are logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by Facebook. You can find more information on this in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation.

If consent has been obtained, the above-mentioned Service on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 TTDSG. The consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest in the greatest possible visibility in social media.

Insofar as personal data is collected on our website and forwarded to Facebook using the tool described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing ( Art. 26 GDPR). Joint responsibility is limited to collecting the data and passing it on to Facebook. The processing by Facebook after the forwarding is not part of the joint responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for issuing data protection information when using the Facebook tool and for implementing the tool on our website in a secure manner in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert your rights (e.g. requests for information) regarding the data processed on Facebook directly on Facebook. If you assert the rights of the data subject with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

Instagram

Functions of the Instagram service are integrated on this website. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If the social media element is active, a direct connection will be established between your end device and the Instagram server. Instagram receives information about your visit to this website.

If you are logged into your Instagram account, you can click the Instagram button to link the content of this website to your Instagram profile. This allows Instagram to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or how it is used by Instagram.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this Responsible for data processing (Article 26 GDPR). Joint responsibility is limited to collecting the data and passing it on to Facebook or Instagram. The processing by Facebook or Instagram after forwarding is not part of the joint responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for issuing data protection information when using the Facebook or Instagram tool and for implementing the tool on our website in a secure manner in accordance with data protection law. Facebook is responsible for the data security of Facebook and Instagram products. You can assert rights of data subjects (e.g. requests for information) regarding the data processed on Facebook or Instagram directly on Facebook. If you assert the rights of the data subject with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https:// de-de.facebook.com/help/566994660333381.

For more information, see Instagram's privacy policy: https://instagram.com/about/legal/privacy/.

TikTok Ads

The tracking technology of TikTok Technology Limited, 10 Earlsfort Terrace Dublin, D02 T380, Ireland (hereinafter: "TikTok") is integrated on our website. "TikTok" uses technologies such as "tracking pixels" ("TikTok pixels"), "cookies" and "device fingerprinting" to collect information about usage behavior on our website. This allows users of our website and users of “TikTok” to be shown interest-based advertisements when visiting the “TikTok” social network. With the help of the "TikTok pixels" (small graphics that are also integrated on our website and that are loaded automatically when our website is accessed and enable tracking of user behavior), the user's browser automatically establishes a direct connection to the "TikTok" server. on. By integrating the "TikTok-Pixel", "TikTok" uses the information generated by "Cookies" to process information about the use of our website by the user's end device - e.g. that a specific website was accessed - and processes access data, in particular the IP address, Browser information, the previously visited website and the date and time of the server request for the purpose of displaying personalized advertisements across devices. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. These advertising media are delivered by "TikTok" via so-called "ad servers".To do this, we use "ad server cookies" through which certain parameters for range measurement - e.g. Display of the ads, duration of viewing or clicks by the user - can be measured. If users are registered with a "TikTok" service, "TikTok" can also assign the information collected to the respective "TikTok account" of the user. The legal basis for the processing of your data is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR. "TikTok" also processes your data in China and the USA. There is no adequacy decision for data transfer to China or the USA; The legal basis for the transmission to China is your consent in accordance with Article 49 (1) sentence 1 lit. a) GDPR. Further information on data protection and the storage period at "TikTok" can be found at: https://www.tiktok.com/legal/privacy-policy?lang=de.

TikTok Custom Audiences

We also use the online marketing tool "Custom Audiences" from "TikTok". The provider is TikTok Technology Limited, 10 Earlsfort Terrace Dublin, D02 T380, Ireland (hereinafter: "TikTok"). This allows us to display personalized advertising to customers who have a TikTok account when using the social network. For this purpose, we send our own pseudonymised data sets from customers without direct reference to a specific person for the data enrichment and formation of segments (target groups) for the placement of the advertising material in encrypted form to "TikTok". In addition, target groups are created based on the interaction with our advertisements. The legal basis for the processing of your data is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR; otherwise the legal basis is Art. 6 (1) sentence 1 lit. f) GDPR. Our legitimate interests consist in the display of personalized advertising to existing customers. "TikTok" also processes your data in China and the USA. There is no adequacy decision for data transfer to China or the USA. Further information on data protection and the storage period at "TikTok" can be found at: https://www.tiktok.com/legal/privacy-policy?lang=de. You can revoke your consent to processing and transfer to third countries at any time by sending us a message (see section 3 of this data protection declaration, "The responsible body for data processing"). The legality of the processing carried out on the basis of the consent up to the time of revocation is not affected by the revocation. You can object to the processing if it is based on Article 6 (1) sentence 1 lit. f) GDPR. You have the right to object for reasons that arise from your particular situation. You can send us your objection using the contact details given under section 3 of this data protection declaration "The responsible body for data processing".

TikTok Pixels

We use the TikTok pixel on our website. The TikTok Pixel is a TikTok advertiser tool from the two providers

TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and
TikTok Information Technologies UK Limited, WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom (both hereinafter collectively referred to as “TikTok”).

The TikTok Pixel is a snippet of JavaScript code that allows us to understand and track visitor activity on our website. For this purpose, the Tiktok Pixel collects and processes information about the creators of our website or the devices they use (so-called event data).

The event data collected via the TikTok pixel is used to target our ads and to improve ad delivery and personalized advertising.For this purpose, the event data collected on our website using the TikTok pixel is transmitted to TikTok

Some of this event data is information that is stored on the device you are using. In addition, cookies are also used via the TikTok Pixel, via which information is stored on the device you are using. Such storage of information by the TikTok pixel or access to information that is already stored in your end device only takes place with your consent. The legal basis for our collection and transmission of personal data to TikTok is therefore Article 6 (1) (a) GDPR. You can revoke your consent at any time via us (see section 3 of this data protection declaration "The responsible body for data processing").

This collection and transmission of the event data is carried out by us and TikTok as joint controllers. We have entered into a processing agreement with TikTok as joint controllers, which sets out the distribution of data protection obligations between us and TikTok. In this agreement, we and TikTok have agreed, among other things,

that we are responsible for providing you with all information pursuant to Art. 13, 14 GDPR on the joint processing of personal data;
that TikTok is responsible for enabling the rights of data subjects pursuant to Art. 15 to 20 GDPR with regard to the personal data stored by TikTok Ireland after joint processing.

You can view the agreement between us and TikTok at https://ads.tiktok.com/i18n/official/article?aid=300871706948451871

TikTok is solely responsible for the processing of the transmitted event data that follows the transmission. For more information on how TikTok processes personal data, including the legal basis on which TikTok relies and how you can exercise your rights against TikTok, see TikTok's data policy at https://www.tiktok.com/ legal/privacy-policy?lang=de-DE.

This website has also enabled Automatic Advanced Matching as part of the TikTok Pixel feature. This feature of the pixel allows us to send hashed emails, name, gender, city, province, state, zip code and date of birth or phone number to TikTok as additional information, provided the user has provided us with this information. This activation enables us to tailor advertising campaigns on Facebook even more precisely to people who are interested in our products.

On this website we use elements of the Pinterest social network operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

If you call up a page that contains such an element, your browser establishes a direct connection to the Pinterest servers. This social media element transmits log data to the Pinterest server in the USA. This log data may contain your IP address, the address of the websites visited that also contain Pinterest functions, type and settings of the browser, date and time of the request, how you use Pinterest and cookies.

If consent has been obtained, the above-mentioned Service on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 TTDSG. The consent can be revoked at any time.If no consent has been obtained, the service is used on the basis of our legitimate interest in the widest possible visibility on social media

Further information on the purpose, scope and further processing and use of the data by Pinterest as well as your rights in this regard and options for protecting your privacy can be found in Pinterest's data protection information: https://policy.pinterest.com/de /privacy-policy.

Twitter

Functions of the Twitter service are integrated on this website. These functions are offered by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
When the social media element is active, a direct connection is established between your end device and the Twitter server produced. Twitter thereby receives information about your visit to this website. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by Twitter. You can find more information on this in Twitter's data protection declaration at: https://twitter.com/de/privacy.

If consent has been obtained, the above-mentioned Service on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 TTDSG. The consent can be revoked at any time. If no consent has been obtained, the use of the service is based on our legitimate interest in the widest possible visibility on social media. Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
You can change your privacy settings on Twitter in the account settings at https://twitter.com/account/settings.

Tumblr

This website uses buttons and other elements of the Tumblr service. The provider is Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA.

If the social media element is active, a direct connection is established between your end device and the Tumblr -Server established. Tumblr receives information about your visit to this website. The Tumblr buttons allow you to share a post or page on Tumblr or to follow the provider on Tumblr. If you access one of our websites with a Tumblr button, the browser establishes a direct connection to the Tumblr servers. We have no control over the amount of data Tumblr collects and transmits using this plugin. According to the current status, the IP address of the user and the URL of the respective website are transmitted.

If consent has been obtained, the above-mentioned Service on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 TTDSG. The consent can be revoked at any time. If no consent has been obtained, the use of the service is based on our legitimate interest in the widest possible visibility on social media.
Further information on this can be found in Tumblr's data protection declaration at: https://www.tumblr.com/privacy/de.

6. Analysis tools and advertising

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that we can use to integrate tracking or statistical tools and other technologies on our website.The Google Tag Manager itself does not create any user profiles, does not save any cookies and does not carry out any independent analysis. It is only used for the administration and display of the tools integrated via it. However, the Google Tag Manager records your IP address, which can also be transmitted to Google's parent company in the United States.

The Google Tag Manager is used on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the quick and easy integration and management of various tools on its website. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para . B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as B. Page views, length of stay, operating systems used and origin of the user. This data is summarized in a user ID and assigned to the respective end device of the website visitor.

Furthermore, with Google Analytics we can Record your mouse and scroll movements and clicks. Furthermore, Google Analytics uses various modeling approaches to supplement the recorded data sets and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the user to be recognized for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

browser plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de .

More information on how Google Analytics handles user data can be found in Google's data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Analytics E-Commerce Measurement

This website uses the Google Analytics e-commerce measurement feature. With the help of e-commerce measurement, the website operator can analyze the purchasing behavior of website visitors to improve their online marketing campaigns. Information such as the orders placed, average order values, shipping costs and the time from viewing a product to purchasing it are recorded.This data can be summarized by Google under a transaction ID that is assigned to the respective user or their device.

WP Statistics

This website uses the analysis tool WP Statistics to statistically evaluate visitor access. Provider is Veronalabs, ARENCO Tower, 27th Floor, Dubai Media City, Dubai, Dubai 23816, UAE (https://veronalabs.com).

With WP Statistics we can analyze the use of our website. WP Statistics records e.g. Log files (IP address, referrer, browsers used, origin of the user, search engine used) and actions taken by website visitors on the site (e.g. clicks and views).

The data collected with WP Statistics is stored exclusively on our own server.

This analysis tool is used on the basis of Article 6 (1) (f) GDPR. We have a legitimate interest in the anonymous analysis of user behavior in order to optimize both our website and our advertising. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para . B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program from Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available from Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively, for example by analyzing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Google Conversion Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, we and Google can recognize whether the user has carried out certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to generate conversion statistics. We learn the total number of users who have clicked on our ads and what actions they have taken. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification.

The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. The consent can be revoked at any time.

You can find more information about Google conversion tracking in Google's data protection regulations: https://policies.google.com/privacy?hl=de.

Facebook pixels

This website uses Facebook visitor action pixels to measure conversion. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, however, the data collected is also transferred to the USA and other third countries.

In this way, the behavior of site visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage guideline. This enables Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.

The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Facebook's data protection information contains further information on protecting your privacy: https://de-de.facebook.com/about/privacy/.

You can also disable the "Custom Audiences" remarketing feature in the Ads Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook.

If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
This website has also activated Automatic Advanced Matching as part of the Facebook pixel feature.This function of the pixel enables us to send hashed e-mails, name, gender, city, canton, state, zip code and date of birth or telephone number to Facebook as additional information, provided that the user has made this data available to us. This activation enables it us to tailor advertising campaigns on Facebook even more precisely to people who are interested in our products.

Pinterest tag

We have embedded Pinterest tags on this website. The provider is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

Pinterest tag is used to record certain actions that you take on our website. The data can then be used to show you interest-based advertising on our website or on another page of the Pinterest tag advertising network.

For this purpose, the Pinterest tag records i.a. a tag ID, your location and the referrer URL. Furthermore, action-specific data such as order value, order quantity, order number, category of the purchased items and video views can be recorded.

Pinterest tag uses technologies that enable cross-site recognition of the user to analyze user behavior (e.g. cookies or device fingerprinting).

If consent has been obtained, the above-mentioned Service exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 TTDSG. The consent can be revoked at any time. Unless consent has been obtained, this service is used on the basis of Article 6 (1) (f) GDPR; the website operator has a legitimate interest in marketing measures that are as effective as possible.

Pinterest is a global company, so data can also be transferred to the USA. According to Pinterest, this data transfer is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policy.pinterest.com/de/privacy-policy.

You can find more information about the Pinterest tag here: https://help.pinterest.com/de/business/article/track-conversions-with-pinterest-tag.

Order processing

We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.

7. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you are authorized to receive the newsletter agree. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

Mailchimp with success measurement disabled

This website uses the services of Mailchimp to send newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

Mailchimp is a service that can be used, among other things, to organize the sending of newsletters. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), this will be stored on Mailchimp's servers in the USA. We have disabled Mailchimp's success measurement, so Mailchimp will not evaluate your behavior when opening our newsletters.

If you do not want your data to be transferred to Mailchimp, you must unsubscribe from the newsletter. We provide a corresponding link in every newsletter message.

The data is processed on the basis of your consent (Article 6 (1) (a) GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remains unaffected.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/# Annex_C_-_Standard_Contractual_Clauses.

After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests.

For more information, see Mailchimp's privacy policy at: https://mailchimp.com/legal/terms/.

Order processing

8. Plugins and Tools

YouTube

This website embeds videos from the YouTube website. The website operator is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

If you visit one of our websites on which YouTube is integrated, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited.

In addition, YouTube can store various cookies on your end device or use comparable technologies for recognition (e.g. device fingerprinting). In this way, YouTube can receive information about visitors to this website. This information is used i.a. used to collect video statistics, improve user experience and prevent fraud attempts.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 Paragraph 1 Letter a GDPR and Article 25 Paragraph1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

For more information on how to handle user data, see YouTube's privacy policy at: https://policies.google.com/privacy?hl=de.

Google Fonts

This page uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. When you call up a page, your browser loads the required fonts into your browser cache in order to display text and fonts correctly.

For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that this website was accessed via your IP address. Google Fonts are used on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on his website. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para . B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

If your browser does not support Google Fonts, a default font will be used by your computer.

You can find more information about Google Fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/ privacy?hl=de.

Font Awesome

This site uses Font Awesome for consistent display of fonts and icons. The provider is Fonticons, Inc., 6 Porter Road Apartment 3R, Cambridge, Massachusetts, USA.

When you call up a page, your browser loads the required fonts into your browser cache in order to display text, fonts and symbols correctly. For this purpose, the browser you are using must connect to the Font Awesome servers. This gives Font Awesome knowledge that this website was accessed via your IP address. Font Awesome is used on the basis of Article 6 (1) (f) GDPR. We have a legitimate interest in the uniform representation of the typeface on our website. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para . B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

If your browser does not support Font Awesome, a standard font will be used by your computer.

More information about Font Awesome can be found in Font Awesome's privacy policy at: https://fontawesome.com/privacy.

Wordfence

We have integrated Wordfence on this website. Provider is Defiant Inc., Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”).

Wordfence is used to protect our website from unwanted access or malicious cyber attacks. For this purpose, our website establishes a permanent connection to the Wordfence servers so that Wordfence can compare and, if necessary, block its databases with the access made to our website.

Wordfence is used on the basis of Article 6 (1) (f) GDPR.The website operator has a legitimate interest in protecting its website against cyber attacks as effectively as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 Paragraph 1 lit. a DSGVO and Article 25 Paragraph 1 TTDSG, insofar as the consent the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.

Order processing

Spotify

Functions of the music service Spotify are integrated on this website. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm in Sweden. You can recognize the Spotify plugins by the green logo on this website. You can find an overview of the Spotify plugins at: https://developer.spotify.com.

This means that when you visit this website, a direct connection can be established between your browser and the Spotify server via the plugin. Spotify receives the information that you have visited this website with your IP address. If you click the Spotify button while logged into your Spotify account, you can link the content of this website to your Spotify profile. This allows Spotify to associate your visit to this website with your user account.

We would like to point out that when using Spotify, cookies are used by Google Analytics so that your usage data can also be passed on to Google when using Spotify. Google Analytics is a tool from the Google group based in the USA to analyze user behavior. Spotify alone is responsible for this integration. As the website operator, we have no influence on this processing.

The data is stored and analyzed on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the appealing acoustic design of his website. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para . B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

For more information, see Spotify's privacy policy: https://www.spotify.com/de/legal/privacy-policy/.

If you do not want Spotify to associate your visit to this website with your Spotify user account, please log out of your Spotify user account.

ManageWP

We manage this website using the ManageWP tool. The provider is GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter ManageWP).

With ManageWP we can e.g. monitor the security and performance of our website and make automatic backups. ManageWP thus has access to all content of the website including our databases. ManageWP is hosted on the provider's servers.

ManageWP is used on the basis of Article 6(1)(f) GDPR.The website operator has a legitimate interest in the most effective and secure operation of his website(s). If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 Paragraph 1 lit. a DSGVO and § 25 Paragraph 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Order processing

Transcy: AI Language Translate, Geolocation, Product Reviews

We translate this website using Transcy: AI Language Translate tool. The country is recognized - also known as geolocation - on this website based on the IP address of the customer, which is done using the geolocation tool. Customer reviews of products are created on this website using the Product Reviews tool. The provider of these tools is the US company Shopify Inc. The company Shopify International Limited, 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, Dublin, D04 Xn32, Ireland is responsible for Europe.

Details about the data processed by Shopify and how it is processed can be found in Shopify's privacy policy: https://www.shopify.com/de/legal/datenschutz.

Vimeo

This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of our pages featuring a Vimeo video, a connection to the Vimeo servers will be established. The Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged into Vimeo or do not have a Vimeo account. The information recorded by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.

Vimeo uses cookies or similar recognition technologies (e.g. device fingerprinting) to recognize website visitors. Vimeo is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 Paragraph 1 Letter a GDPR and Article 25 Paragraph 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on "legitimate business interests". Details can be found here: https://vimeo.com/privacy.

You can find further information on how to handle user data in Vimeo's data protection declaration at: https://vimeo.com/privacy.

Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether data entry on this website (e.g. in a contact form) is done by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the website visitor spent on the
website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.

The data is stored and analyzed on the basis of Article 6 (1) (f) GDPR. The
website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para B. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

For more information about Google reCAPTCHA, see the Google data protection regulations and the Google terms of use under the following links: https://policies.google.com/privacy?hl=de and https:/ /policies.google.com/terms?hl=de.

9. Online Marketing and Affiliate Programs

Affiliate programs on this site

We participate in affiliate partner programs. With affiliate partner programs, advertisements from one company (advertiser) are placed on the websites of other companies in the affiliate partner network (publisher). If you click on one of these affiliate ads, you will be taken to the advertised offer. If you then carry out a specific transaction (conversion), the publisher will receive a fee for this. In order to calculate this remuneration, it is necessary for the affiliate network operator to be able to understand which advertisement brought you to the respective offer and carried out the predefined transaction. Cookies or comparable recognition technologies (e.g. device fingerprinting) are used for this.

The data is stored and analyzed on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the correct calculation of its affiliate remuneration. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para . B. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

We participate in the following affiliate programs:

Amazon Affiliate Program

The provider is Amazon Europe Core S.à.r.l. Details can be found in Amazon's data protection declaration at: https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010.

10. eCommerce and Payment Providers

Processing of customer and contract data

We collect, process and use personal customer and contract data to establish, structure and change our contractual relationships.We collect, process and use personal data about the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill the user. The legal basis for this is Article 6 Paragraph 1 lit. b GDPR.

The collected customer data will be deleted after completion of the order or termination of the business relationship and expiry of any statutory retention periods. Statutory retention periods remain unaffected.

Data transmission upon conclusion of contract for online shops, dealers and goods dispatch

If you order goods from us, we will pass on your personal data to the transport company responsible for the delivery and to the payment service provider responsible for processing the payment. Only data that the respective service provider needs to fulfill its task will be released. The legal basis for this is Article 6 (1) (b) GDPR, which permits the processing of data to fulfill a contract or to take steps prior to entering into a contract. If you have given your consent in accordance with Article 6 Paragraph 1 Letter a GDPR, we will pass on your e-mail address to the transport company responsible for the delivery so that they can inform you by e-mail about the shipping status of your order ; You can withdraw consent at any time.

Data transmission when concluding a contract for services and digital content

We only transmit personal data to third parties if this is necessary in the context of contract processing, for example to the bank commissioned with payment processing.

There is no further transmission of the data or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The basis for data processing is Art. 6 Paragraph 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.

Credit checks

In the case of a purchase on account or another payment method for which we pay in advance, we can carry out a credit check (scoring). To do this, we transmit the data you have entered (e.g. name, address, age or bank details) to a credit agency. The probability of a payment default is determined on the basis of this data. If there is an excessive risk of non-payment, we can refuse the relevant payment method.

The credit check is carried out on the basis of contract fulfillment (Art. 6 Para. 1 lit. b GDPR) and to avoid payment defaults (legitimate interest according to Art. 6 Para. 1 lit. f GDPR). If consent has been obtained, the credit check is carried out on the basis of this consent (Art. 6 Para. 1 lit. DSGVO); the consent can be revoked at any time.

Payment Services

We integrate payment services from third party companies on our website. If you make a purchase from us, your payment data (e.g. name, payment amount, account details, credit card number) will be processed by the payment service provider for the purpose of payment processing. The respective contract and data protection provisions of the respective provider apply to these transactions. The payment service providers are used on the basis of Art. 6 Para. 1 lit. b GDPR (contract processing) and in the interest of a payment process that is as smooth, convenient and secure as possible (Art. 6 Para. 1 lit. f GDPR). Insofar as your consent is requested for certain actions, Article 6 (1) (a) GDPR is the legal basis for data processing; Consent can be revoked at any time for the future.

We use the following payment services / payment service providers on this website:

Apple Pay

The provider of the payment service is Apple Inc, Infinite Loop, Cupertino, CA 95014, USA. You can find Apple's privacy policy at: https://www.apple.com/legal/privacy/de-ww/.

Google Pay

Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. You can find Google's privacy policy here: https://policies.google.com/privacy.

Shop Pay by Shopify

This website uses Shop Pay as a service for online payments. The provider is the US company Shopify Inc. The company Shopify International Limited, 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, Dublin, D04 Xn32, Ireland is responsible for the European area.

Note: According to the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. Most of the data is processed by Shop Pay. This can result in data not being processed and stored anonymously in individual cases. There is also the possibility that state authorities in the USA and their agents may access and inspect individual data or data sets. It is also possible that this data is linked to data/records from other Shop Pay services for which the user has a user account.

Details about the data that is processed through the use of Shop Pay and how it is processed can be found in Shopify's data protection declaration: https://www.shopify.com/de/legal/datenschutz.

Klarna

Provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). Klarna offers various payment options (e.g. installment purchase). If you decide to pay with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. Klarna uses cookies to optimize the use of the Klarna checkout solution. Details on the use of Klarna cookies can be found at the following link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

You can read details about this in Klarna's data protection declaration under the following link: https://www.klarna.com/de/datenschutz/.

In order to be able to offer you Klarna's payment options and to be able to assess whether you are eligible for their payment options and to tailor the payment options for you, it may be that we process your personal data in the form of of contact and order data to Klarna and Billpay. Your personal data will be processed in accordance with the applicable data protection laws and in accordance with the information in Klarna's data protection declarations (de, fr , it or en versions ) and Billpay (de, fr, it or en versions).

instant transfer

The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich (hereinafter “Sofort GmbH”). With the help of the "Sofortüberweisung" procedure, we receive a payment confirmation from Sofort GmbH in real time and can immediately start fulfilling our obligations.If you have decided to use the "Sofortüberweisung" payment method, send the PIN and a valid TAN to Sofort GmbH, which they can use to log into your online banking account. Sofort GmbH automatically checks your account balance after logging in and manages the Transfer to us using the TAN you sent. It then immediately sends us a transaction confirmation. After logging in, your sales, the credit limit of the overdraft facility and the existence of other accounts and their balances are automatically checked. In addition to the PIN and the TAN, the payment data you enter as well as personal data are transmitted to Sofort GmbH. Your personal data includes first and last name, address, telephone number(s), e-mail address, IP address and any other data required for payment processing. The transmission of this data is necessary to establish your identity beyond doubt and to prevent attempts at fraud. Details on payment with immediate transfer can be found in the following links: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.

Amazon Pay

The provider of this payment service is Amazon Payments Europe S.C.A., 38 avenue J.F. Kennedy, L-1855 Luxembourg.

Details on how your data is handled can be found in the Amazon Pay data protection declaration under the following link: https://pay.amazon.de/help/201212490?ld=APDELPADirect.

Mastercard

The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter "Mastercard").

Mastercard may transfer data to its parent company in the United States. Data transmission to the USA is based on Mastercard's Binding Corporate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/ documents/mastercard-bcrs.pdf.

VISA

The provider of this payment service is Visa Europe Services Inc., London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter “VISA”).

Great Britain is considered a secure third country in terms of data protection. This means that Great Britain has a data protection level that corresponds to the data protection level in the European Union.

VISA may transfer data to its parent company in the United States. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.visa.de/bedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-srechtigkeitsfragen-fur-den-ewr.html.

For more information, see VISA's data protection declaration: https://www.visa.de/bedingungen/visa-privacy-center.html.

PayPal

PayPal components are integrated on this website. PayPal is an online payment service provider. Payments are processed through PayPal accounts, which represent virtual personal or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, so there is no classic account number. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If the person concerned selects "PayPal" as the payment option during the ordering process in our online shop, the data of the person concerned is automatically transmitted to PayPal. By selecting this payment option, the person concerned consents to the transmission of personal data required for payment processing Data.

The personal data transmitted to PayPal is usually first name, last name, address, email address, IP address, telephone number, mobile phone number or other data that is necessary for payment processing. Personal data related to the respective order is also required to process the purchase contract.

The transmission of the data is intended for payment processing and fraud prevention. The person responsible for processing will transmit personal data to PayPal in particular if there is a legitimate interest in the transmission. The personal data exchanged between PayPal and the person responsible for processing may be transmitted by PayPal to credit agencies. The purpose of this transmission is to check identity and creditworthiness.

PayPal may pass on the personal data to affiliated companies and service providers or subcontractors insofar as this is necessary to fulfill the contractual obligations or the data is to be processed in the order.
The data subject has the option to revoke their consent to the handling of personal data from PayPal at any time. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.

The applicable data protection regulations of PayPal can be found at https://www.paypal.com/de/ webapps/mpp/ua/privacy-full.

Twint

The provider of this payment service is TWINT AG, Stauffacherstrasse 41, CH-8004 Zurich. TWINT AG collects and uses data to provide and improve the TWINT system. On the one hand, this involves data that the TWINT app may access according to the customer's settings on the smartphone (e.g. reception of BLE signals, geo-location, etc.), and on the other hand technical data and information that is collected as part of the use of the TWINT app.

TWINT AG never passes on this personal data to business customers and/or third parties without the express consent of the customer in the TWINT app, but only uses it to provide and improve its own service.

For more information, see TWINT's data protection declaration: https://www.twint.ch/datenschutz-website/

Source: https://www.e-recht24.de