Data protection
We are pleased that you visit our website. The protection and safety of your personal information when using our website is very important for us. We would therefore like to inform you at this point which of your personal data we collect when visiting our website and for what purposes they are used. Personal data is individual information about personal or factual conditions of a certain or determinable natural person (affected), e.g. B. name, address, email addresses, user behavior. So these are data with which we can identify you. In addition, you can also find information about data processing processes outside of this website (e.g. video conferences or newsletter).
Responsible for data processing
Responsible
For the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
In & out house GmbH
Landrat-Kaptain-Straße 51
52372 Kreuzau
De
08000008209
info@in-out-house.de
Data protection officer
Exkulpa GmbH
Wald dehuchter Str. 266
52525 Heinsberg
Telephone: 02452/99 33 11
E-mail: datenschutz@in-out-house.de
General
This data protection declaration meets the legal requirements for transparency in the processing of personal data. These are all information that relates to an identified or identifiable natural person. This includes, for example, information such as your name, your age, address, your telephone number, date of birth, your email address, your IP address or user behavior when visiting a website. Information in which we cannot provide any (or only with a disproportionate effort) to your person, e.g. through anonymization, is not a personal data. The processing of personal data (e.g. lifting, querying, using, storing or transmitting) always requires a legal basis and a defined purpose.
Stored personal data will be deleted as soon as the purpose of processing has been achieved and there are no legal reasons for further storage of the data. In the individual processing processes, we inform you about the specific storage periods or criteria for storage. Regardless of this, we store your personal -related cases in individual cases to assert, exercise or defend legal claims and in the event of legal retention obligations.
Information according to Art. 13 GDPR
This information is aimed at customers, interested parties, suppliers and employees. Your personal data will be processed by us for the following purposes:
Categories of recipients of personal data
Within our company, only those employees have access to the data that they absolutely need to fulfill their tasks (need-to-know-Know principle). Individual processes and services are carried out by carefully selected and data protection -compliant service providers who are based within the EEA. If service providers commissioned by us receive access to personal data when carrying out your services, these order processing contracts according to Art. 28 Para. 3 GDPR have been concluded.
Duration of data storage
The data we process are saved for the duration of the existence and the processing of the contractual relationship as well as in compliance with legal retention periods. These are, in particular, commercial and tax law retention obligations according to the Commercial Code (HGB) and the Tax Code (AO). The regular retention or documentation periods are up to ten years. If there is no contractual relationship, we only process the data as long as the specific purpose requires.
Your rights of affected rights
As a person concerned, you have the following rights regarding the personal data relating to you:
Of course, you can also object to the processing of your personal data for advertising purposes at any time. Subject your contradiction to our address given in the imprint or send us an email to the address given in the imprint.
If you have any questions about data protection, please feel free to contact an address given by email at the Imprint.
Cookies
Cookies are small text files that are sent by us to the browser of your end device during your visit to our website and stored there. As an alternative to the use of cookies, information can also be stored in the local memory (local storage) of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to find different analyzes, so that we are able to recognize the browser you used, for example, to recognize the browser you used when visiting our website again and send various information to us (non -necessary cookies). With the help of cookies, we can make our website more user-friendly and effective for you, for example by understanding your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information about cookies, it will collect the information directly via your browser. Cookies do not do any damage on your device. You cannot carry out any programs and do not contain viruses.
We inform about the respective services for which we use cookies in the individual processing processes. You can find detailed information about the cookies used in the cookie settings or in the Consent Manager on this website.
Consent with usercentrics
We use the CONSENT technology of usercentrics to obtain your consent to store certain cookies on your device or to use certain technologies and to document it in accordance with data protection. The provider is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich (hereinafter "Usercentrics").
If our website is accessed, the following personal data will be transferred to Usercentrics:
In order to be able to assign and document your consent or revocation, the provider sets a cookie in your browser. This data is saved until you delete the cookie, request us to delete the data or the purpose for data processing is no longer necessary. Statutory retention obligations remain unaffected.
Usercentrics is used in order to obtain the statutory consent for the use of certain technologies. The legal basis for this is Art. 6 Para. 1 lit. c GDPR.
Order processing
To ensure that personal data is processed according to our requirements and in compliance with the GDPR, we have concluded a contract for order processing (AVV) with the provider.
Your rights
Under the conditions of the legal provisions of the General Data Protection Regulation (GDPR), as a data subject, you have the following rights:
Data processing in detail
In the following, we will inform you about the individual processing processes, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective memory duration. An automated decision in individual cases, including profiling, does not take place.
Provision of the website
If our website is accessed and used, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily saved in a so -called log file:
Our website is not hosted by ourselves, but at a service provider who processes the previously mentioned data on the purpose of providing the website in accordance with Art. 28 GDPR.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 Lit. B GDPR) and in the interest of a safe, fast and efficient provision of our online offer by a professional provider (Art. 6 ABS 1 lit. f GDPR).
We use the following host:
Shopify International Limited
Victoria Buildings, 2nd floor
1-2 Haddington Road
Dublin 4, D04 XN32, Ireland
contact form
Type and scope of processing
If you send us inquiries (e.g. using the contact form, email or phone), we store all the data that can be seen from this (e.g. name, email address, topic of the request, etc.). We need this data to edit your request and to be able to answer follow -up questions. We do not pass on this data without your consent.
Purpose and legal basis
This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, provided that your request is related to the fulfillment of a contract or is necessary to carry out pre -contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if you handed it out beforehand have.
Memory duration
The data you enter in the contact form remains with us until you ask us for deletion, revoke your consent to storage or the purpose for data storage is no longer necessary (e.g. after processing your request). Mandatory legal provisions - especially retention periods - remain unaffected.
Contact form for applicants
Type and scope of processing
You have the opportunity to apply from us on our website (e.g. by email, postal or via online applicant form).
Purpose and legal basis
We process the personal data of the applicants in accordance with the legal requirements for the purpose of processing the application process and for the implementation of pre -contractual measures within the meaning of Art. 6 Para. 1 lit. b. GDPR and § 26 BDSG under German law (initiation of an employment relationship) and - if you have given consent - Art. 6 Para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on to people who are involved in processing your application within our company.
If the application is successful, the data you submit will be saved on the basis of Section 26 BDSG and Art. 6 Para. 1 Lit. B GDPR for the purpose of carrying out the employment relationship in our data processing systems.
Memory duration
Your data will be saved over a period of 6 months beyond the termination of the application process. This is usually made to fulfill legal obligations or to defend any claims from legal regulations. Then we are obliged to delete or anonymize your data. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (e.g. women's or men's share of applications, number of applications per period, etc.).
If it can be seen that the data will be necessary after the 6-month period (e.g. due to an impending or pending legal dispute), there is only a deletion if the purpose for further storage is no longer necessary.
Admission to the applicant pool
As part of the application, we offer applicants the opportunity to get into our "talent pool" for a period of 12 months based on consent within the meaning of Art. 6 Para. 1 lit. a. GDPR to be accepted.
The application documents in the talent pool are processed solely within the framework of future job advertisements and the search for employees and are destroyed at the latest after the deadline. Applicants are instructed that their consent to admission to the talent pool is voluntary, has no influence on the current application process and that they can revoke this consent at any time for the future.
If you receive an offer for a job as part of the application process and accept it, we save the personal data collected as part of the application process at least for the duration of the employment relationship.
Registration of a customer account
Processing of data (customer and contract data)
We only collect, process and use your personal data insofar as you are required for the reason, change or fulfillment of a legal relationship. This is done to fulfill a contract or pre -contractual measures in accordance with Art. 6 Para. 1 lit. b GDPR.
The customer data collected will be deleted after the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transmission when the contract is concluded for online shops, retailers and shipping
We only transmit personal data if this is necessary in the context of the contract processing, for example to shipping service providers or the credit institution commissioned with the payment processing. In addition, the data is not transmitted or only if you have expressly approved the transmission.
The basis for data processing is the fulfillment of a contract or pre -contractual measures according to Art. 6 Para. 1 lit. b GDPR.
Data transmission when the contract is concluded for services and digital content
We only transmit personal data if this is necessary in the context of the contract processing, for example to the credit institution commissioned with the payment processing. In addition, the data is not transmitted or only if you have expressly approved the transmission.
The basis for data processing is the fulfillment of a contract or pre -contractual measures according to Art. 6 Para. 1 lit. b GDPR.
Credit checks
If we buy on account or any other payment method in which we go in advance, we can carry out a credit check procedure (scoring). To do this, we transmit your entered data (e.g. name, address, age or bank details) to an information egg. Based on this data, the probability of a default is determined. In the event of an excessive risk of payment, we can refuse the payment method in question.
We or the payment service provider may carry out a credit check. The payment service provider uses the result of the credit check in relation to the statistical default probability for the purpose of deciding on the provision of the respective payment method. The credit information can contain probability values (so-called score values). Insofar as score values flow into the result of the credit information, they have their basis in a scientifically recognized mathematical-statistical process. For example, the name, address, age or bank details flow into the calculation of the score values.
The basis for data processing is the fulfillment of a contract or pre -contractual measures in accordance with Art. 6 Para. 1 lit. b GDPR, as well as to avoid payment defaults (legitimate interest according to Art. 6 Para. 1 lit. f GDPR). If you have previously given consent to data processing, the processing of your data takes place solely on the basis of Art. 6 Para. 1 lit. a GDPR; The consent can be revoked at any time.
Payment services
We bind payment services from third -party providers on our website. If you make a purchase from us, your payment data (e.g. name, payment amount, account connection, credit card number) will be processed by the payment service provider for the purpose of payment processing, the respective contract and data protection regulations of the respective provider apply. The basis for data processing is the fulfillment of a contract or pre -contractual measures in accordance with Art. 6 Para. 1 lit. b GDPR as well as in the interest of a smooth, comfortable and secure payment process (Art. 6 Para. 1 lit. f GDPR). If you have previously given consent to data processing, the processing of your data takes place solely on the basis of Art. 6 Para. 1 lit. a GDPR; The consent can be revoked at any time.
We use the following payment service providers:
PayPal
The provider of this payment service is PayPal (Europe) S.à.r.l. et cie, s.c.a., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
Details can be found in PayPal's data protection declaration:https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Apple Pay
The provider of the payment service is Apple Inc., Infinite Loop, Cupertino, CA 95014, USA. The Apple data protection declaration can be found at:https://www.apple.com/legal/privacy/de-ww/.
Google Pay
The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. You can find Google's data protection declaration here:https://policies.google.com/privacy.
Clear
The provider is the Klarna, Sveafen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). Klarna offers various payment options (e.g. purchase in installments). If you choose the payment with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. Klarna uses cookies to optimize the use of the Klarna checkout solution. Details on the use of Klarna cookies can be found in the following link:https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.
You can read details about this in the data protection declaration of Klarna at the following link:https://www.klarna.com/de/datenschutz/.
Instant bank transfer
The provider of this payment service is SOFORT GmbH, Theresienhöhe 12, 80339 Munich (hereinafter referred to as "Immediate GmbH"). With the help of an “Sofortüberweisung”, we receive a payment confirmation from Sofort GmbH in real time and can immediately start fulfilling our liabilities.
In the case of an “Sofortüberweisung”, send the PIN and a valid TAN to the Sofort GmbH, with which it can log into your online banking account. Immediate GmbH automatically checks your account balance, your sales, the credit frame of the overdraft facility and the presence of other accounts after logging in and carry out the transfer to us with the help of the TAN you transmit. Then she immediately sends us a transaction confirmation. In addition to the PIN and the TAN, the following data is also transmitted to the immediate GmbH: first and last name, address, telephone number (s), email address, IP address and, if necessary, further data required for payment processing. The transmission of this data is necessary in order to determine your identity without doubt and to prevent fraud attempts. Details for payment with Sofortüberweisung can be found in the following links:https://www.sofort.de/datenschutz.html andhttps://www.klarna.com/sofort/.
Amazon Pay
The provider of this payment service is the Amazon Payments Europe S.C.A., 38 Avenue J.F. Kennedy, L-1855 Luxembourg.
You can read details about dealing with your data in the data protection declaration of Amazon Pay at the following link:https://pay.amazon.de/help/201212490?ld=APDELPADirect.
American Express
The provider of this payment service is the American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany (hereinafter "American Express").
American Express can transmit data to his parent company to the USA. The data transfer to the USA is based on the Binding Corporate Rules. You can find details here:https://www.americanexpress.com/en-pl/company/legal/privacy-centre/european-implementing-principles/.
Further information can be found in the American Express data protection declaration:https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html.
Mastercard
The provider of this payment service is the Mastercard Europe SA, CHAUSSEEEE de Tervuren 198a, B-1410 Waterloo, Belgium (hereinafter "Mastercard").
Mastercard can transmit data to his parent company to the USA. The data transfer to the USA is based on the Binding Corporate Rules by MasterCard. You can find details here:https://www.mastercard.de/de-de/datenschutz.html andhttps://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
Visa
The provider of this payment service is Visa Europe Services Inc., London branch, 1 Sheldon Square, London W2 6TT, Great Britain (hereinafter "Visa").
Great Britain is considered a safe third -country country under data protection law. This means that Britain has a data protection level that corresponds to the data protection level in the European Union.
Visa can transfer data to his parent company to the USA. Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.
Further information can be found in Visa's data protection declaration:https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
ideal
The provider of this payment service is the Currence B.V., Gustav Mahlerplein 33-35, Amsterdam, Noord-Holland 1082 ms, NL. Details for dealing with your data can be found in the data protection declaration of ideal at https://www.ideal.nl/disclaimer-privacy/.
Bancontact
The provider of this payment service is the Bancontact Payconiq Company NV/SA, Rue d’Arlon 82, 1040-Brussels, Belgium. You can find details on dealing with your data in the data protection declaration of Bancontact at https://www.bancontact.com/files/privacy.pdf.
EPS
The provider of this payment service is PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna, Austria. You can find details on dealing with your data in the data protection declaration of the PSA at https://eservice.psa.at/de/datenschutzerklaerung.html.
Presence on social media platforms
Data processing by social networks
We operate publicly accessible profiles in social networks. The social networks we use in detail can be found below.
Social networks such as Facebook, Twitter etc. can usually analyze their user behavior comprehensively. By visiting our social media presences, the following data protection-relevant processing processes are triggered:
If you are registered with your social media account and visit our profile, the operator of this social medium can understand this visit. Regardless of this, the operator can process your data (e.g. IP address) even if you are not registered in your account or you do not have any account.
The operator summarizes this data in user profiles in which their preferences and interests are stored. These profiles are used to circulate personalized advertising in and outside the respective social media presence. If you have an account with the respective social network, personalized advertising can be displayed on all devices on which you are logged in or logged in.
Depending on the platform, further processing processes may be carried out by the operators of the social media portals, we have no influence on this. Details can be found in the terms of use and data protection regulations of the respective social media portals.
Legal basis
Our social media appearances should ensure the most comprehensive presence on the Internet within the meaning of Art. 6 Para. 1 lit. f GDPR. The analysis processes carried out by the operators of the social networks may be based on different legal bases that must be specified by the respective providers.
Responsible and assertion of rights
If you visit one of our social media appearances (e.g. Facebook), we are responsible for the data processing processes triggered during this visit together with the operator of the social media platform. You can basically both gGü. us as well as ggü. assert to the operator of the respective social media portal (e.g. Facebook).
Despite the common responsibility with the social media portal operators, we have no full influence on the data processing processes of the portals. Our possibilities are largely based on the company's corporate policy.
Memory duration
The data that we have recorded directly by the social media presence is deleted by our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage is no longer necessary. Mandatory legal provisions - especially retention periods - remain unaffected.
We have no influence on the memory duration of the data collected by social networks. For details, please inform yourself directly from the operators of the social networks (e.g. in their data protection declaration, see below).
Facebook site
We have a profile on Facebook. The provider of this service is the Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. The data recorded will also be transferred to the USA and other third countries.
We have concluded an agreement with Facebook an agreement on joint processing (controller addendum), in which it is determined for which data processing processes we or Facebook is responsible. You can view this agreement at the following link:https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings independently in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:https://www.facebook.com/legal/EU_data_transfer_addendum andhttps://de-de.facebook.com/help/566994660333381.
You can find more information on data processing by Facebook athttps://www.facebook.com/about/privacy/.
Instagram page
We have a profile on Instagram. The provider is the Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 andhttps://de-de.facebook.com/help/566994660333381.
Details on how to handle your personal data can be found in the data protection declaration of Instagram:https://help.instagram.com/519522125107875.
We have a profile at Pinterest. The operator is the Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. Details on how to use your personal data can be found in the Pinterest data protection declaration:https://policy.pinterest.com/de/privacy-policy.
Video conferences
Data processing
We use online conference tools to communicate with our customers. The tools that we use in detail are listed below. If you communicate with us via video or audio conference, your personal data will be recorded and processed by us and the provider of the respective tool.
The tools record the data you provide, including your email address and telephone number. They also process the duration of the conference, when they took part in the conference, number of participants and other metadata.
In addition, the provider of the tool processes all the technical data required to process the conference. This includes IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker as well as the type of connection.
If you share content in this service, these are stored on the providers' servers. This includes cloud recordings, chat messages, voice messages as well as photos and videos that you shared while using this service.
Please note that we do not fully influence the data processing processes of the tools used. More information on data processing by the conference tools can be found in the data protection declarations of the tools used.
Purpose and legal bases
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 Para. 1 lit. b GDPR). Furthermore, the use of the tools of general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR) serves. If you have previously given consent to data processing, the processing of your data takes place solely on the basis of Art. 6 Para. 1 lit. a GDPR; The consent can be revoked at any time.
Memory duration
The data recorded directly by us via the video and conference tools will be deleted by our systems as soon as you ask us for deletion, revoke your consent to storage or the purpose for data storage is no longer necessary. Stored cookies remain on your device until you delete it. Mandatory statutory retention periods remain unaffected.
We have no influence on the storage duration of your data, which is saved by the operators of the conference tools for our own purposes. For details, please inform yourself directly from the operators of the conference tools.
Used conference tools
We use the following conference tools:
Microsoft teams
We use Microsoft teams. The provider is the Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details on data processing can be found in the data protection declaration of Microsoft Teams:https://privacy.microsoft.com/de-de/privacystatement.
Webex
We use webex. The provider of this service is Webex Communications Deutschland GmbH, Hansaallee 249 C/O Cisco Systems GmbH, 40549 Düsseldorf, Germany.
It cannot be ruled out that the data processed with webex is transferred to third countries (e.g. to the USA). In this case, the provider has Binding Corporate Rules (BCR), which were approved by Dutch, Polish, Spanish and other relevant European data protection regulators. You can find details here:https://www.cisco.com/c/de_de/about/trust-center/data-protection-and-privacy-policy.html andhttps://konferenzen.telekom.de/fileadmin/Redaktion/conference/cisco-webex/Webex_Compliance_Deutsch_V1.0.pdf.
Details on data processing can be found in the data protection declaration from WebEX:https://www.cisco.com/c/de_de/about/legal/privacy-full.html.
zoom
We use zoom. The provider of this service is the Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom's data protection declaration:https://zoom.us/de-de/privacy.html.
Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:https://zoom.us/de-de/privacy.html.
CDNJS
Type and scope of processing
We use CDNJS to properly provide the content of our website. CDNJS is a service of Cloudflare, Inc., which acts on our website as a content delivery (CDN).
A CDN helps to provide content from our online offer, especially files such as graphics or scripts, with the help of regionally or internationally distributed servers. If you access this content, establish a connection to the Cloudflare servers, Inc. This data is processed exclusively for the above purposes and to maintain the safety and functionality of CDNJs.
Purpose and legal basis
The use of the Content Delivery Networks is based on our legitimate interests, i.e. interest in secure and efficient provision as well as the optimization of our online offer in accordance with Art. 6 Para. 1 lit. f. GDPR.
Memory duration
The concrete memory duration of the processed data cannot be influenced by us, but is determined by Cloudflare, Inc. Further information can be found in the data protection declaration for CDNJs: https://www.cloudflare.com/privacypolicy/.
Facebook Pixel
Type and scope of processing
We use the Facebook pixel on this website, which is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
With the help of the Facebook pixel, we can analyze the behavior of our website visitors if they are forwarded to our website by clicking on a Facebook advertisement. We use the user data to measure the success of our advertisements on Facebook and to optimize the ads. As a website operator, we only receive anonymized data, so that we cannot identify you as a user.
Facebook, on the other hand, processes the data in such a way that they are assigned to a certain user and are used for their own advertising purposes. This allows Facebook to switch personalized advertisements on Facebook and other websites. As website operator, we have no influence on this. You can find more information on data processing in the Facebook data protection declaration at Facebook at https://www.facebook.com/about/privacy/.
You can use this remarketing function "Custom Audiences" from Facebook in your personal account https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screendeactivate. If you don't have an account on Facebook, but want to deactivate this advertising function, you can use the European Interactive Digital Advertising Alliance website at the website of the European Interactive Digital Advertisinghttp://www.youronlinechoices.com/de/praferenzmanagement/ do.
Purpose and legal basis
When using Facebook pixels, we rely on Art. 6 Para. 1 lit. f GDPR as a legal basis, since we have a legitimate interest in optimizing our online presence and offers through social media platforms. If you have previously made consent to data processing by Facebook Pixel on this website, the processing of your data takes place solely on the legal basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time.
The transfer of your personal data to the USA is based on the EU Commission's standard contract clauses. You can find more information about this at https://www.facebook.com/legal/EU_data_transfer_addendum andhttps://de-de.facebook.com/help/566994660333381.
If personal data is collected on this website through this service and passed on to Facebook, we and the Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland have the shared responsibility for the processing of your personal data (Art. 26 GDPR). However, we are only responsible for the recording of your data and its transmission to Facebook, while Facebook is responsible for what happens to the data afterwards. The obligations that we impose each other as part of the shared responsibility are specified in an agreement on joint data processing. Under the following link you will find the exact text of the agreement: https://www.facebook.com/legal/controller_addendum. Accordingly, when using the Facebook tool, we must provide you with information on data protection and ensure that the tool is implemented in accordance with data protection on our website.
Facebook itself is responsible for the safety of your own products. If you make use of your rights of affected and, for example, want to request information about the data processed on Facebook from you, you can contact Facebook directly. If you assert your rights as a person concerned, we will bear the obligation to send your request to Facebook.
Facebook plugin
Type and scope of processing
We use plugins of the social media platform Facebook on this website. The plugin is offered by the Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, personal data will also be transferred to third countries such as the USA.
Based on the logo of Facebook and the "Like button" / "Fell-Mir" you can see Facebook plugins on this website. Under the following link you will find a list of all Facebook plugins: https://developers.facebook.com/docs/plugins/?locale=de_DE.
As soon as you visit this website, Facebook learns from the plugin that you have visited this website with your IP address. If you are logged into your personal Facebook account and click on the "Like button" on this website, you can share the content of this website on your Facebook profile. Your visit to this website can be automatically linked to your Facebook user account.
We do not know the content of the transmitted data or for what purpose Facebook uses the data. You can find more information on this data processing in the Facebook data protection declaration of Facebook at https://de-de.facebook.com/privacy/explanation. If you want to make sure that Facebook does not find out that you have visited this website, please contact your Facebook account beforehand.
Purpose and legal basis
When using the Facebook plugins, we rely on Art. 6 Para. 1 lit. f GDPR as a legal basis, since we have a legitimate interest in an extensive presence on the social media platforms. If you have previously given consent to data processing on this website through the Facebook plugins, the processing of your data takes place solely on the legal basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time.
If personal data is collected on this website through this service and passed on to Facebook, we and the Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland have the shared responsibility for the processing of your personal data (Art. 26 GDPR). However, we are only responsible for the recording of your data and its transmission to Facebook, while Facebook is responsible for what happens to the data afterwards. The obligations that we impose each other as part of the shared responsibility are specified in an agreement on joint data processing. Under the following link you will find the exact text of the agreement: https://www.facebook.com/legal/controller_addendum.
Accordingly, when using the Facebook tool, we must provide you with information on data protection and ensure that the tool is implemented in accordance with data protection on our website. Facebook itself is responsible for the safety of your own products. If you make use of your rights of affected and, for example, want to request information about the data processed on Facebook from you, you can contact Facebook directly. If you assert your rights as a person concerned, we will bear the obligation to send your request to Facebook.
The transfer of your personal data to the USA is based on the EU Commission's standard contract clauses. You can find more information about this at https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 andhttps://www.facebook.com/policy.php.
Google ads
Type and scope of processing
We integrated Google Ads on our website. Google Ads is a service from Google Ireland Limited to display users in a targeted manner. Google Ads uses cookies and other browser technologies to evaluate user behavior and recognize users.
Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of the advertising. Furthermore, Google Ads delivers advertising on the basis of behavioral profile and geographical location. Your IP address and other identification features such as your user agent will be transmitted to the provider.
If you are registered with a Google Ireland Limited service, Google Ads can assign the visit to your account. Even if you are not registered with Google Ireland or have not logged in, it is possible that the provider will find and save your IP address and other identification features.
In this case, your data will be passed on to the operator of Google Ads, the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Purpose and legal basis
Google Ads is used on the basis of your consent in accordance with Art. 6 Para. 1 lit. a. GDPR and Section 25 (1) TTDSG.
Memory duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the data protection declaration for Google Ads: https://policies.google.com/privacy.
Google Analytics
Type and scope of processing
We use Google Analytics on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google Analytics, as website operator, we can determine how our website is used. As part of the analysis, we learn how often our website is called, how long visitors stay on the page and with which devices or systems you access the website. In addition, we can use Google Analytics to track your mouse movements and clicks. This information can be saved and used by Google to create a profile about you. Here, Google Analytics uses machine learning to analyze and supplement your data. Furthermore, Google Analytics uses technologies to recognize website visitors to analyze user behavior. The processing of the data collected usually takes place on the Google servers in the USA.
Purpose and legal basis
When using Google Analytics, we rely on Art. 6 Para. 1 Lit. f GDPR as a legal basis for the storage and analysis of personal data, since we have a legitimate interest in analyzing the use of our website. This enables us to optimize our online presence and offers for you. If you have previously given consent to data processing on this website by Google Analytics, the processing of your data only takes place on the legal basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time.
The transfer of your personal data to the USA is based on the EU Commission's standard contract clauses. You can find more information about this at https://privacy.google.com/businesses/controllerterms/mccs/.
IP anonymization
When using Google Analytics on this website, we use a function in which Google cuts your IP address before it is transmitted to the Google servers in the USA. This only happens if you are in the European Union or in a country of the European Economic Area. Your complete IP address is only transmitted to the USA in exceptional cases and then shortened there. Google Analytics uses this information to follow how to use our website. Your IP address is not merged with other data that Google has.
Browser plugin
You can prevent Google from collecting and processing data about you. To do this, you need the browser plugin under https://tools.google.com/dlpage/gaoptout?hl=de Download and install it in your browser.
You can find more information on the processing of user data in the data protection declaration of Google Analytics at https://support.google.com/analytics/answer/6004245?hl=de
Order processing
When using Google Analytics, we adhere to the strict regulations of the German data protection authorities because we have concluded a contract for order processing with Google.
Memory duration
Google stores data that are linked to cookies, user recognitions or advertising IDs. This data is saved for two months and then anonymized or deleted. You can find more information on the memory duration or the deletion of your data athttps://support.google.com/analytics/answer/7667196?hl=de.
Google DoubleClick
Type and scope of processing
We use Google DoubleClick on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google DoubleClick, we can show our users in a targeted manner in the Google applications connected to DoubleClick, which are aimed at the interests of users. In order to be able to show users relevant advertising for you, Google DoubleClick must be able to identify the user and to connect it to the websites he visited, his clicks and other information about his behavior. For this purpose, Google DoubleClick uses cookies and technologies for recognizing users and creates pseudonymized profiles of the users based on the collected data.
You can deactivate this personalized advertising in your personal Google account. You can find more information about this at https://policies.google.com/technologies/ads andhttps://adssettings.google.com/authenticated.
Purpose and legal basis
When using Google DoubleClick, we rely on Art. 6 Para. 1 lit. f GDPR as a legal basis, as we have a legitimate interest in analyzing the use of our website. This enables us to optimize our online presence and offers for you. If you have given Google DoubleClick consent to data processing on this website beforehand, the processing of your data only takes place on the legal basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time.
Google Fonts
Type and scope of processing
This website uses web fonts for the uniform representation of fonts. They are provided by Google. Your browser loads the required web fonts into your browser cache when you call the page so that texts and fonts are displayed correctly. In addition, the browser you use establishes a connection to the Google servers. This gives Google knowledge of its IP address.
If your browser web fonts does not support, a standard font will be used by your computer.
Further information on Google Web Fonts can be found here: https://developers.google.com/fonts/faq.
You can find Google's data protection declaration here: https://policies.google.com/privacy?hl=de.
Purpose and legal basis
The use of Google Web Fonts is based on our legitimate interest in a uniform representation of the typeface of our website (Art. 6 Para. 1 lit. f GDPR). If a corresponding consent has been queried (e.g. consent to store cookies), the processing of the data takes place exclusively on the basis of your consent according to Art. 6 Para. 1 lit. a GDPR. This can be revoked at any time.
Google Recaptcha
Type and scope of processing
This website uses Google Recaptcha. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Recaptcha should be checked (e.g. in a contact form) on this website. Specifically, whether this is done by a person or through an automated program. Google Recaptcha analyzes the behavior of the visitor to the website based on various characteristics. The analysis begins automatically as soon as the visitor calls the website. The data recorded during the analysis, such as the IP address, the length of stay of the website seeker or the mouse movements made, are forwarded to Google.
Visitors to the website are not pointed out that an analysis takes place, they run completely in the background.
The data protection declaration and the terms of use of Google can be found under the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.
Purpose and legal basis
The storage and analysis of the data takes place on the basis of our legitimate interest in protecting our web offers from improper automated spying and from spam (Art. 6 Para. 1 lit. f GDPR). If a corresponding consent has been queried, the data is processed exclusively on the basis of your consent according to Art. 6 Para. 1 lit. a GDPR. This can be revoked at any time.
Clavy
Type and scope of processing
We have integrated components from Klaviyo on our website. Klaviyo is a service of the Klaviyo, Inc. and offers marketing automation software for marketing services and products, including SEO and content creation, lead management, newsletter, email and SMS marketing as well as web analysis.
Klaviyo uses cookies and other browser technologies to evaluate user behavior and recognize users. Among other things, this information is used to compile reports on the activity of the website. Furthermore, Klaviyo is used to save and transmit data entered in forms using cookies, including your IP address. In this case, your data is passed on to the operator of Klaviyo, the Klaviyo, Inc., 125 Summer Street, Boston, Massachusetts 02111, United State.
Purpose and legal basis
We process your data with the help of Klaviyo for the purpose of optimizing our website and for marketing purposes based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR. Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here: https://www.klaviyo.com/legal/dpa.
Further information can be found in the data protection declaration for Klaviyo: https://www.klaviyo.com/privacy/policy.
Shop Pay
Type and scope of processing
We have integrated components of Shop Pay on our website. Shop Pay is a service of Shopify, Inc. and offers online payment solutions worldwide.
If you choose Shop Pay as a payment method, your data required for the payment process will automatically be transmitted to Shopify, Inc., 150 ELGIN ST, Ottawa, on K2P 1L4, Canada.
In this context, the following data is usually collected: name, address, possibly company, email address, telephone and mobile phone number and IP address.
Purpose and legal basis
The service is used on the basis of the implementation of a contract, i.e. for the handling of payment processes in accordance with Art. 6 Para. 1 lit. b. GDPR.
Memory duration
The concrete memory duration of the processed data cannot be influenced by us, but is determined by Shopify, Inc. Further information can be found in the data protection declaration for Shop Pay: https://www.shopify.com/legal/privacy.
Shopify CDN
Type and scope of processing
We use the content of our website Shopify CDN for proper provision. Shopify CDN is a service of the Shopify International Limited, which acts on our website as a content delivery Network (CDN) in order to ensure the functionality of further services of the Shopify, Inc. For said services you will find a separate section in this data protection declaration. This section is only about using the CDN.
A CDN helps to provide content from our online offer, especially files such as graphics or scripts, with the help of regionally or internationally distributed servers. If you access this content, establish a connection to the Serner of Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland, whereby your IP address and, if necessary, browser data such as your user -Agent can be transmitted. This data is processed exclusively for the purposes mentioned above and to maintain the safety and functionality of Shopify CDN.
Purpose and legal basis
The use of the Content Delivery Networks is based on our legitimate interests, i.e. interest in secure and efficient provision as well as the optimization of our online offer in accordance with Art. 6 Para. 1 lit. f. GDPR.
Shopify checkout
Type and scope of processing
The provider of this payment service in the EU is the Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify Payment").
Details can be found in the data protection declaration of Shopify Payment:https://www.shopify.de/legal/datenschutz.
Tidio Chat
Type and scope of processing
To process user inquiries via our support channels or via live chat systems, we use Tidio (hereinafter: "Tidio"). The provider is the Tidio LLC, 180 Steuart ST, CA 94119, San Francisco, California, USA.
Messages you can send to us are saved in the Tawk.to ticket system or answered directly by our employees. If you contact us via Tidio, all the data you entered before starting the chat (e.g. name or telephone number) as well as your IP address, your country of origin, browser used as well as the end device, will be accessed, accessed website and the replaced messages summarized in a profile and stored on the Tidio servers. We also record individual analysis data, e.g. to determine how many users have accessed our website or filled out the contact form.
Further information is available in the data protection declaration of TIDIO:https://www.tidio.com/privacy-policy/.
Purpose and legal basis
Tiidio is used on the basis of our legitimate interest in the most fast and reliable processing of your inquiries in accordance with Art. 6 Para. 1 lit. f GDPR. If you have previously given consent to data processing, the processing of your data takes place solely on the basis of Art. 6 Para. 1 lit. a GDPR; The consent can be revoked at any time.
Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:https://www.tidio.com/terms/.
Memory duration
We keep the messages until you ask us for deletion or the purpose for data storage is no longer necessary (e.g. after processing your request). Mandatory legal provisions - especially retention periods - remain unaffected.
Order processing
To ensure that personal data is processed according to our requirements and in compliance with the GDPR, we have concluded a contract for order processing (AVV) with the provider.
