General

As the operator of this website and as a company, we come into contact with your personal data. This refers to all data that says something about you and with which you can be identified. In this privacy policy, we would like to explain to you how, for what purpose and on what legal basis we process your data.

The person responsible for data processing on this website and in our company is:

Regionalheld® is a private label of MiU24® KG | Wholesale and Full Service Agency

Heinrichsplatz 10, MiU24 KG

38350 Helmstedt

Germany

Phone: 053515322584

E-mail: info@miu24.com

General information

SSL or TLS encryption

When you enter your data on websites, place online orders or send e-mails over the Internet, you must always expect that unauthorized third parties will access your data. There is no complete protection against such access. However, we do everything we can to protect your data in the best possible way and to close the security gaps as far as we can.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data that you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the entered Internet address in your browser and by the fact that our Internet address begins with https:// and not with http://.

Encrypted payment transactions

Payment data, such as the account or credit card number, is particularly in need of protection. That's why we only use an encrypted SSL or TLS connection to make payments with the usual means of payment.

How long do we store your data?

At some points in this Privacy Policy, we will inform you about how long we or the companies that process your data on our behalf will keep your data. If such information is missing, we will store your data until the purpose of the data processing no longer applies, you object to the data processing or you revoke your consent to data processing.

In the event of an objection or revocation, however, we may continue to process your data if at least one of the following conditions applies:

  • We have compelling legitimate grounds for continuing to process data that override your interests, rights and freedoms (only if you object to the processing; if the objection is directed against direct marketing, we cannot provide grounds worthy of protection).
  • The data processing is necessary to establish, exercise or defend legal claims (does not apply if your objection is directed against direct marketing).
  • We are required by law to retain your data.

In this case, we will delete your data as soon as the requirement(s) no longer applies.

Data transfer to the USA

On our website, we also use tools from companies that transfer your data to the USA and store it there and, if necessary, process it further. The European Commission has adopted an adequacy decision for the EU-US data protection framework. This establishes that the US ensures an adequate level of protection for personal data from the EU transferred to US companies. This decision is based on new safeguards and measures introduced by the US to meet data protection requirements. The adequacy decision includes, among other things, restrictions and safeguards with regard to access to the data by the US intelligence services. Binding safeguards have been put in place to limit US intelligence access to what is necessary and proportionate to protect national security. In addition, increased oversight of the activities of the US intelligence services has been established to ensure that the restrictions on surveillance activities are observed. An independent redress mechanism has also been set up to deal with and resolve complaints from European citizens about access to their data. The EU-US data protection framework thus allows European companies to transfer data to certified US companies without having to introduce additional data protection safeguards. A list of all certified companies can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

A change in the decision of the European Commission cannot be ruled out.

Data protection supervisor

We have appointed a data protection officer for our company.

MiU24 KG

E-mail address: info@miu24.com

Your rights

Objection to data processing

IF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS FOR THE PROCESSING OF YOUR DATA AND THEREFORE RELY ON ART. 6 PARA. 1 SENTENCE 1 LIT. F) GDPR, YOU HAVE THE RIGHT TO LODGE AN OBJECTION TO IT UNDER ART. 21 GDPR. THIS ALSO APPLIES TO PROFILING THAT IS CARRIED OUT ON THE BASIS OF THE AFOREMENTIONED PROVISION. THE PREREQUISITE IS THAT YOU GIVE REASONS FOR THE OBJECTION THAT ARISE FROM YOUR PARTICULAR SITUATION. A JUSTIFICATION IS NOT REQUIRED IF THE OBJECTION IS DIRECTED AGAINST THE USE OF YOUR DATA FOR DIRECT ADVERTISING.

THE CONSEQUENCE OF THE OBJECTION IS THAT WE ARE NO LONGER ALLOWED TO PROCESS YOUR DATA. THIS ONLY DOES NOT APPLY IF ONE OF THE FOLLOWING CONDITIONS IS MET:

  • WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS.
  • THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.

THE EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS DIRECTED AGAINST DIRECT ADVERTISING OR PROFILING RELATED TO IT.

Other rights

Withdrawal of your consent to data processing

Many data processing operations are based on your consent. You can do this, for example, by ticking the appropriate box for online forms before you submit the form, or by allowing certain cookies when you visit our website. You can revoke your consent at any time without giving reasons (Art. 7 para. 3 GDPR). From the time of revocation, we are no longer allowed to process your data. The only exception: We are legally obliged to keep the data for a certain period of time. Such retention periods exist in particular in tax and commercial law.

Right to lodge a complaint with the competent supervisory authority

If you believe that we are violating the General Data Protection Regulation (GDPR), you have the right to complain to a supervisory authority in accordance with Art. 77 GDPR. You can contact a supervisory authority in the Member State of your residence, your place of work or the place where the alleged infringement took place. The right of appeal exists in addition to administrative or judicial remedies.

Right to data portability

Data that we process automatically on the basis of your consent or in performance of a contract must be handed over to you or a third party in a commonly used machine-readable format if you request it. We can only transfer the data to another controller to the extent that this is technically possible.

Right to data access, deletion and correction

In accordance with Art. 15 GDPR, you have the right to receive information free of charge about what personal data we have stored about you, where the data comes from, to whom we transmit the data and for what purpose it is stored. If the data is incorrect, you have a right to rectification (Art. 16 GDPR), under the conditions of Art. 17 GDPR you may request that we delete the data.

Right to restriction of processing

In certain situations, you can request that we restrict the processing of your data in accordance with Art. 18 GDPR. The data may then only be processed as follows – apart from storage:

  • with your consent
  • to assert, exercise or defend legal claims
  • to protect the rights of another natural or legal person
  • for reasons of important public interest of the European Union or of a Member State

The right to restriction of processing exists in the following situations:

  • You have contested the accuracy of your personal data held by us and we need time to verify this. In this case, the right exists for the duration of the examination.
  • The processing of your personal data is unlawful or has been unlawful in the past. Here there is the right as an alternative to the deletion of the data.
  • We no longer need your personal data, but you do need it to exercise, defend or assert legal claims. Here there is the right as an alternative to the deletion of the data.
  • You have filed an objection pursuant to Art. 21 (1) GDPR and now your interests and ours must be weighed against each other. The right exists here as long as the result of the balancing has not yet been determined.

Hosting and Content Delivery Networks (CDN)

External Hosting

Our website is located on a server of the following provider of internet services (hosters):

Hostingmonster.eu by MiU24 KG

Heinrichsplatz 10

38350 Helmstedt

Has a contract for order processing been concluded with the hoster or are standard contractual clauses (SCC) used?

Yes

How do we process your data?

The hoster stores all data of our website. This includes any personal information collected automatically or through your entry. This can include, but is not limited to: your IP address, pages accessed, names, contact details and requests, as well as meta and communication data. When processing data, our host adheres to our instructions and always processes the data only to the extent necessary to fulfil its obligation to perform towards us.

What is the legal basis for processing your data?

Since we address potential customers via our website and maintain contacts with existing customers, the data processing by our hoster serves the purpose of initiating and fulfilling the contract and is therefore based on Art. 6 para. 1 lit. b) GDPR. In addition, it is in our legitimate interest as a company to provide a professional Internet service that meets the necessary requirements for security, speed and efficiency. In this respect, we also process your data on the basis of Art. 6 (1) (f) GDPR.

Data collection on this website

Cookie consent with the Legal Cockpit

What is the Legal Cockpit Cookie Tool?

Consent management platform (CMP) for obtaining and processing GDPR-compliant consents

Who processes your data?

Legalcore AG, Reinhardtstr. 7, 10117 Berlin

Has a contract for data processing been concluded with Legal Cockpit?

Yes

Where can you find more information about data protection at Legal Cockpit?

https://cockpit.legal/datenschutz

How do we process your data?

We use the consent management platform of the Legal Cockpit to obtain your consent to the storage of cookies on your device in compliance with data protection regulations. When you visit our website and close the cookie window of the Legal Cockpit by requesting consent, the following data will be transmitted to the company:

  • Your IP address
  • Information about your browser
  • Information about your device
  • the time of your visit to the website

In addition, the Legal Cockpit stores a cookie in your browser in order to be able to assign the consents granted or their revocation to your browser. All data collected will be stored until the cookies are no longer needed, you delete the Legal Cockpit cookie or ask us to delete the data. This only does not apply if we are legally obliged to retain the data.

What is the legal basis for processing your data?

We are legally obliged to obtain the consent of our website visitors for the use of certain cookies. To fulfil this obligation, we use Legal Cockpit. The legal basis for data processing is therefore Art. 6 para. 1 lit. c) GDPR.

Server log files

Server log files log all requests and accesses to our website and record error messages. They also include personal data, in particular your IP address. However, this is anonymized by the provider after a short time, so that we cannot assign the data to your person. The data is automatically transmitted from your browser to our provider.

How do we process your data?

Our provider stores the server log files in order to be able to track the activities on our website and to find errors. The files contain the following data:

  • Browser type and version
  • operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address (anonymized if necessary)

We do not combine this data with other data, but only use it for statistical evaluation and to improve our website.

What is the legal basis for processing your data?

We have a legitimate interest in ensuring that our website runs error-free. It is also in our legitimate interest to obtain an anonymised overview of access to our website. The data processing is therefore lawful in accordance with Art. 6 (1) (f) GDPR.

Google Calendar

What is Google Calendar?

Scheduling tool

Who processes your data?

Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Irland

Has a contract data processing agreement been concluded with Google?

Yes

Where can you find more information about data protection at Google?

https://policies.google.com/privacy

How do we process your data?

To make an appointment with us, you can use the Google Calendar tool on our website. We use the data for the planning, implementation and, if necessary, follow-up of the appointment.

On our website, we use Google Calendar, a service of Google Ireland Limited, to clearly display dates. When the calendar loads, it connects to Google's servers, transmitting your IP address and possibly other technical data.

On what basis do we transfer your data to the US?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How long do we store your data?

We delete your data as soon as one of the following occurs:

  • The purpose of the data processing has ceased to apply.
  • You ask us to delete the data.
  • You revoke your consent to storage.

This only does not apply if we are legally obliged to retain the data.

What is the legal basis for processing your data?

We have a legitimate interest in making appointments with customers and other interested parties as easily as possible. Data processing is therefore carried out on the basis of Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, the legal basis is exclusively Art. 6 (1) (a) GDPR. In this case, you can revoke your consent at any time with effect for the future.

Analytics tools and advertising

We use the following tools to analyze the behavior of our website visitors and to show you advertisements.

WP Statistics

How do we process your data?

We are always interested in optimising our website for users and placing advertising in the best possible way. The WP Statistics plugin helps us with this, which analyzes the behavior of users and thus provides us with the necessary database for adjustments. The provider is Veronalabs, ARENCO Tower, 27th Floor, Dubai Media City, Dubai, Dubai 23816, United Arab Emirates. WP Statistics collects the following data, among others:

  • IP address
  • Referrer
  • Browser used
  • Origin of the user
  • Search engine used
  • Clicks, page views and other actions

The data is stored exclusively locally.

What is the legal basis for processing your data?

As a website operator, we have a legitimate interest in analysing user behaviour for the purpose of optimising our website and the advertising placed there. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR. In the event that you have consented to the storage of cookies or have otherwise consented to the data processing, the legal basis is exclusively Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

Google Conversion Tracking

What is Google Conversion Tracking?

Tool for analyzing user behavior by Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland

Has a contract for order processing been concluded with Google Conversion Tracking?

Yes

Where can you find more information about data protection in Google Conversion Tracking?

https://www.google.de/intl/de/policies/privacy

On what basis do we transfer your data to the US?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We are always interested in optimising our website for users and placing advertising in the best possible way. For this purpose, we also use Google's conversion tracking. With its help, we can record whether and how often visitors have clicked on certain buttons on our website and which products have been viewed and purchased particularly frequently (conversion statistics). In the course of data collection and storage, we do not receive any information that allows us to personally identify individual visitors. Google itself uses cookies or comparable recognition technologies for identification.

What is the legal basis for processing your data?

As a website operator, we have a legitimate interest in analysing user behaviour for the purpose of optimising our website and the advertising placed there. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR. In the event that you have consented to the storage of cookies, for example, or have otherwise consented to data processing by Google Conversion Tracking, the legal basis is exclusively Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

LinkedIn Insight Tag

What is LinkedIn Insight Tag?

LinkedIn Ireland Unlimited Company user behavior analysis tool

Who processes your data?

LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Irland

Has a contract for data processing been concluded with LinkedIn Insight Tag?

Yes

Where can you find more information about privacy at LinkedIn Insight Tag?

https://www.linkedin.com/legal/privacy-policy#choices-oblig

On what basis do we transfer your data to the US?

LinkedIn Insight Tag adheres to the European Commission's Standard Contractual Clauses (cf.  https://www.linkedin.com/legal/l/dpaand https://www.linkedin.com/legal/l/eu-sccs)

How can you prevent data processing?

By objecting to the analysis of your user behavior and targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. If you have a LinkedIn account, you can also set up settings for the use of your personal data for advertising purposes.

How do we process your data?

We use the LinkedIn Insight Tag on our website. The analysis tool helps us to learn more about the visitors to our website and to adapt our online offer accordingly. If our visitors are registered with LinkedIn, we can use the tool to analyze their key professional data such as career level, company size, country, location, industry and job title, among other things. In addition, it can be measured whether they buy something or take another action (conversion measurement). This data is determined across devices. Finally, LinkedIn Insight Tag offers a retargeting feature that allows us to show targeted advertising to our visitors outside of our website. LinkedIn assures that individual advertising addressees cannot be identified.

In addition to the aforementioned data, the analysis tool collects the following data from you when you visit our website: URL, referrer URL, IP address, device and browser characteristics as well as the time of access. The IP addresses are shortened or pseudonymised. The latter happens if you as a LinkedIn member are to be reached across devices.

The data collected by LinkedIn is anonymous for us as a website operator. So we can't identify you as a visitor. However, LinkedIn will store your personal data on its servers in the USA and use it as part of its own advertising measures.

You can prevent LinkedIn from linking the data collected on our website to your LinkedIn account by logging out of your account before continuing to browse the Internet. You can also prevent the use of your data for advertising purposes by using the appropriate settings in your account.

If you do not have a LinkedIn account, you can object to the analysis of your usage behavior and targeted advertising by LinkedIn under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

How long do we store your data?

LinkedIn deletes the direct identifiers of LinkedIn members after 7 days. The remaining pseudonymized data will be deleted within 180 days.

What is the legal basis for processing your data?

As a website operator, we have a legitimate interest in optimising our online offer and our advertising measures. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR. In the event that you have consented to the storage of cookies or have otherwise consented to the data processing, the legal basis is exclusively Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

Pinterest Tag

What is Pinterest Tag?

User behavior analysis tool

Who processes your data?

Pinterest Ireland Ltd. 2 Grand Canal Square Dublin 2, Ireland

Has a contract for data processing been concluded with Pinterest Tag?

Yes

Where can you find more information about privacy at Pinterest Tag?

https://policy.pinterest.com/de/privacy-policy

On what basis do we transfer your data to the US?

Pinterest adheres to the standard contractual clauses of the European Commission (cf. https://policy.pinterest.com/de/privacy-policy)

How do we process your data?

We use Pinterest Tag on our website. Pinterest Tag is a tracking code or code snippet used by businesses to track activity on their website and collect data about user behavior and campaign performance. For this purpose, the Pinterest tag collects a tag ID, your location and the referrer URL, among other things. It can also collect promotion-specific data such as order value, order quantity, order number, category of items purchased, and video views.

Pinterest Tag belongs to the globally active company "Pinterest Inc.", so that data transfer to the USA can also take place.

What is the legal basis for processing your data?

As a website operator, we have a legitimate interest in effective advertising measures in the social networks. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR. In the event that you have consented to the storage of cookies, for example, or have otherwise consented to data processing by Facebook, the legal basis is exclusively Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

Newsletter

Rapidmail

What is Rapidmail?

Service for sending newsletters and analysing recipient behaviour

Who processes your data?

rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg im Breisgau, Germany

Has a contract for order processing been concluded with Rapidmail?

Yes

Where can I find more information about data protection at Rapidmail?

https://www.rapidmail.de/datenschutz

How do we process your data?

We use Rapidmail to send out our newsletters. The service manages the data of newsletter subscribers for us, sends our newsletter and analyzes our newsletter campaigns.

If you would like to receive our newsletter, we need your e-mail address. We will also use a confirmation email (double opt-in procedure) to verify that you are really the owner of this email address. We do not collect any other data or only on a voluntary basis. We use your data exclusively for sending the newsletter.

If we send a newsletter via Rapidmail and open it, a file contained in the newsletter automatically connects to Rapidmail's servers. In this way, the service learns that the newsletter has been opened and registers all clicks on the links contained therein. In addition, Rapidmail collects technical information, such as the time of retrieval, IP address, browser type, and operating system.

You can unsubscribe from the newsletter at any time.

How long do we store your data?

After you have unsubscribed, the data will be deleted from the newsletter distribution list. We may also blacklist your email address; this is necessary, for example, if we have an objection to advertising from you. The data is then stored on the basis of Art. 6 (1) (f) GDPR.

In addition, we reserve the right to delete the data at any time after the purpose of collection has ceased to exist or at our own discretion.

What is the legal basis for processing your data?

By entering your name in the subscriber list, you consent to data processing by Rapidmail. This is therefore lawfully carried out on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent by unsubscribing from the newsletter or by sending us an informal message. For us, this means that we are no longer allowed to send you newsletters from this point on.

Plugins and Tools

Google Fonts (local hosting)

We use fonts from the US company Google on our website. We have installed the fonts locally, so there is no connection to Google's servers when you visit our website.

For more information about Google Fonts, please visit https://developers.google.com/fonts/faqand in Google's privacy policy:  https://policies.google.com/privacy?hl=de.

Font Awesome (local hosting)

We use icons from the Font Awesome icon library on our website. The library is offered by Fonticons Inc. We have installed the icons locally, so there is no connection to the company's servers when you visit our website.

For more information about Font Awesome, see https://fontawesome.com/and there specifically in the privacy policy: https://fontawesome.com/privacy.

MyFonts

This site uses MyFonts. These are fonts that are loaded into your browser when you visit our website in order to ensure a uniform font appearance in the website display. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.

In order to check compliance with the license terms and the number of monthly page views, MyFonts transmits your IP address together with the URL of our website and our contract data to its servers in the USA. According to Monotype Inc., your IP address will be anonymized immediately after transmission, so that no personal reference can be established (anonymization).

Further information about MyFonts can be found in the privacy policy: https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften

Google Maps

What is Google Maps?

Map service of Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland

Where can you find more information about data protection at Google?

https://policies.google.com/privacy?hl=de

On what basis do we transfer your data to the US?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use Google Maps on our website. In order for you to be able to use all the functions of the map service, Google stores your IP address on one of its servers in the USA.

What is the legal basis for processing your data?

The maps of Google Maps ensure that the places indicated on our website are easier for visitors to find. As a company, we have a legitimate interest in this. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR.

If you have consented to the data processing, we will process your data exclusively on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time. From the time of revocation, we are no longer allowed to process your data.

OpenStreetMap

What is OpenStreetMap?

Map service of the OpenStreetMap Foundation

Who processes your data?

OpenStreetMap Foundation (OSMF), Cowley Road, St John's Innovation Centre, Cambridge CB4 0WS, United Kingdom

Where can you find more information about data protection at OpenStreetMap?

https://wiki.osmfoundation.org/wiki/Privacy_Policy

How do we process your data?

On our website we use maps from the OpenStreetMap Foundation. For you, this means that your IP address and information about your surfing behaviour will be forwarded to the Foundation and stored there when you access our website. For this purpose, the Foundation places cookies on your device or uses comparable recognition technologies. If you have allowed your location to be determined in the settings of your device, OpenStreetMap will also store this data.

What is the legal basis for processing your data?

The maps of OpenStreetMap ensure that the places indicated on our website are easier for visitors to find. As a company, we have a legitimate interest in this. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR.

If you have consented to data processing, we process your data exclusively on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time. From the time of revocation, we are no longer allowed to process your data.

Google reCAPTCHA

What is Google reCAPTCHA?

Test tool for distinguishing people and computers from Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland

Where can you find more information about data protection at Google?

https://policies.google.com/privacy?hl=de

On what basis do we transfer your data to the US?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use Google reCAPTCHA to check whether data entered into forms on our website comes from a human or from a computer. For you, this means that the test tool analyzes your behavior as a visitor to our website based on various characteristics. The analysis does not only begin when you use the test tool, but already when you call up our website. Various data is recorded, e.g. the IP address, the time spent on our website and mouse movements. The data is forwarded to Google.

What is the legal basis for processing your data?

As a company, we have a legitimate interest in protecting our websites from spam and abusive spying. The data processing is therefore lawful according to Art. 6 para. 1 lit. f) GDPR.

If you have consented to the data processing, we will process your data exclusively on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time. From the time of revocation, we are no longer allowed to process your data.

Amazon PartnerNet

What is Amazon PartnerNet?

Amazon Europe Affiliate Marketing Program (more information: https://partnernet.amazon.de/help/operating/policies)

Who processes your data?

Amazon Europe Core S.à r.l., 38 avenue John F. Kennedy, 1855 Luxembourg, Luxembourg

Where can you find more information about privacy at Amazon PartnerNet?

https://www.amazon.de/gp/help/customer/display.html/?nodeId=3312401

How do we process your data?

We participate in Amazon's EU Associates Program. This is noticeable in the way that Amazon advertisements and links to the Amazon website are integrated into our website. If Amazon registers purchases through these ads or links, we receive affiliate compensation. To understand whether a purchase was made through an ad or link on our website, Amazon places cookies on your device or uses similar recognition technologies (e.g., device fingerprinting).

What is the legal basis for processing your data?

We have a legitimate interest in the correct calculation of our affiliate remuneration. The use of your data is therefore based on Art. 6 (1) (f) GDPR. If you have consented to the data processing, the processing will be carried out exclusively on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

eCommerce and payment providers

Customer and contract data

How do we process your data?

If we enter into a contract with you, we will need certain personal data from you. We collect, process and use this data only to the extent that it is necessary to establish our legal relationship, to shape it in terms of content or to change it. If you can only use our services via our website or if the services are billed via the website, we also collect usage data, insofar as this is necessary to enable you to use our offer or to bill for the service used.

How long do we store your data?

We will store your data until our legal relationship ends, unless we are legally obliged to keep the data for longer.

What is the legal basis for processing your data?

We store your data in order to perform the contract with you or to carry out pre-contractual measures. The basis for data processing is therefore Art. 6 (1) (b) GDPR.

Data transmission when goods are shipped

How do we process your data?

When you order goods from us, we transfer your data to companies that we commission to deliver and/or through which we process the payment. Only data that is necessary for the contracted company to be able to carry out the specific order is transmitted. If we want to share data beyond that, we will obtain your consent. We do not share your information for marketing purposes.

What is the legal basis for processing your data?

We share your information to perform the contract we have with you. The basis for data processing is therefore Art. 6 (1) (b) GDPR.

Data transmission when using services and digital content

How do we process your data?

To process the payment, we transmit your data to a payment service or the bank commissioned with payment processing. We only pass on data that is absolutely necessary for the payment process. If we want to share data beyond that, we will obtain your consent.

What is the legal basis for processing your data?

We share your information to perform the contract we have with you. The basis for data processing is therefore Art. 6 (1) (b) GDPR. If you have consented to the disclosure of your data, the data processing is based on Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

Payment Services

In order for you to be able to pay for your purchases on our website conveniently, we use the services of payment services, i.e. external companies that process the payments for us. You can find out exactly what these are in the list at the end of this section.

How do we process your data?

For the payment process, you must provide certain personal data, e.g. Your name, bank account details or credit card number. We pass this data on to the respective payment service. The transaction itself is governed by the respective contractual and data protection provisions of the respective services.

What is the legal basis for processing your data?

We share your information to perform the contract we have with you. The basis for data processing is therefore Art. 6 (1) (b) GDPR. In addition, we have a legitimate interest in processing purchases as quickly, conveniently and securely as possible. In this respect, the legal basis is also Art. 6 (1) (f) GDPR. If you have consented to the disclosure of your data, the data processing is based on Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

What payment services do we use?

PayPal

What is PayPal?

Online payment service

Who processes your data?

PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg

Where can you find more information about privacy at PayPal?

https://www.paypal.com/de/webapps/mpp/ua/privacy-full

On what basis do we transfer your data to the US?

PayPal adheres to the standard contractual clauses of the European Commission (cf. https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full)

Mollie

What is Mollie?

Online payment service

Who processes your data?

Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, The Netherlands

Where can you find more information about data protection at Mollie?

https://www.mollie.com/de/privacy

Apple Pay

What is Apple Pay?

Mobile payment service of Apple Inc.

Who processes your data?

Apple Inc., Infinite Loop, Cupertino, CA 95014, USA

Where can you find more information about Apple Pay privacy?

https://www.apple.com/legal/privacy/de-ww

On what basis do we transfer your data to the US?

Apple Pay adheres to the standard contractual clauses of the European Commission (cf. https://www.apple.com/legal/privacy/de-ww/)

Google Pay

What is Google Pay?

Mobile payment system of the US company Google

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland

Where can you find more information about Google Pay privacy?

https://policies.google.com/privacy

On what basis do we transfer your data to the US?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

Klarna

What is Klarna?

Payment service

Who processes your data?

Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden

Where can you find more information about Klarna's data protection?

https://www.klarna.com/de/datenschutz

Audio and video conferencing

As a company, we are in contact with many people: customers, business partners, service providers, etc. In addition to other means of communication, we also use so-called online conference tools for exchange. Information relevant to data protection law on the provider(s) of the tools we use can be found at the end of this section. If you communicate with us via such a tool, not only we, but in particular the provider of the respective tool will process your personal data.

How do we process your data?

Online conference tools collect and store various personal data in order to enable participation in an online conference and its smooth implementation. In addition to registration, conference and technical data, this also applies to certain communication content.

  • Registration data: Your email address and/or telephone number and, if applicable, other data that you provide when registering for the conference.
  • Conference data: Start, end and duration of your participation in the conference, the number of participants and other metadata about the conference.
  • Technical data: IP address, MAC address, device ID, device type, operating system and version, client version, camera type, microphone or speaker, and the type of connection.
  • Communication Content: Cloud recordings, chat/instant messages, photos and videos uploaded to voicemails, files, whiteboards, and other information shared while using the Service.

For details on data processing, please refer to the privacy policy of the respective conference tool provider.

How long do we store your data?

We, as your communication partner, delete your data on our systems as soon as one of the following occurs:

  • The purpose of the data processing does not apply.
  • You ask us to delete the data.
  • You revoke your consent to storage.

This only does not apply if we are legally obliged to retain the data.

Cookies remain on your device until you delete them.

The providers of conferencing tools also store your data for their own purposes. What this means for the duration of the storage of your data, please ask the providers directly.

What is the legal basis for processing your data?

If we are already contractually bound or you would like to conclude a contract with us, we use conference tools to fulfill the contract or to inform you about our services or products. In this respect, data processing is carried out on the basis of Art. 6 (1) (b) GDPR. Otherwise, the use of conference tools serves to provide simple and fast communication, without which we would not be able to run our company efficiently. We therefore also have a legitimate interest in data processing in accordance with Art. 6 (1) (f) GDPR. Another legal basis may be your consent. Art. 6 (1) (a) GDPR is relevant in this case. This basis does not apply in the future if you revoke your consent.

What online conferencing tools do we use?

Google Meet

What is Google Meet?

Video conferencing service of Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland

Has a data processing agreement been concluded with Google Meet?

Yes

Where can you find more information about privacy on Google Meet?

https://policies.google.com/privacy?hl=de

On what basis do we transfer your data to the US?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

Own Services / Miscellaneous

Handling of applicant data

If you would like to work for us, we will be happy to accept your application. We treat all personal data transmitted as strictly confidential. This also applies to such data that we collect later in the course of the application process.

How do we process your data?

We store and use all data that we collect as part of the application process to the extent necessary to decide on the establishment of an employment relationship. In addition to contact and communication data as well as application documents, this also applies to notes that we take during job interviews. Within our company, we will only pass on your data to persons who are involved in processing your application.

If the application is successful, we will store the data required to carry out the employment relationship in our data processing systems.

If we are currently unable to offer you a suitable position, we will be happy to include your data in our applicant pool with your consent. This gives them the opportunity to contact you if a position becomes available that matches your profile.

How long do we store your data?

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to keep your documents and other application data for up to 6 months after the end of the application process. The reason is that we may need the data for evidentiary purposes in the event of a legal dispute. After the deadline, we will delete the data and destroy the documents. If there is actually a threat of litigation or if it is already pending, we will delete the data and documents when they are no longer needed for evidentiary purposes.

We delete data in the applicant pool no later than 2 years after consent has been granted. If you withdraw your consent before this period, we will delete it sooner.

The deletion of your data always requires that we are not legally obliged to keep it for longer.

What is the legal basis for processing your data?

We process your applicant data on the basis of § 26 BDSG-neu (initiation of an employment relationship) and Art. 6 para. 1 lit. b) GDPR (general contract initiation).

The same applies if your application is successful.

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we have a legitimate interest in using your data for evidentiary purposes in any legal dispute. The data processing is therefore based on Art. 6 para. 1 lit. f) GDPR.

If you have expressly consented to the storage of your data, we will process your data on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

Data processing on social media

What is social media?

By social media we mean the social networks on which we have created publicly accessible profiles. You can read below which social networks these are specifically.

Who processes your data?

The respective operating companies of the social networks. The individual operators can be found below under the respective networks.

How is your data processed?

The operators of social networks are usually able to collect and evaluate comprehensive data about the behavior of visitors and users of the network. It is not possible for us to trace all processing operations in the social networks we use, which is why further processing operations that are not listed here may be carried out by the operators of the social networks. You can find more information on this in the terms of use and privacy policies of the respective social networks.

The processing of your data can be triggered by visiting the social network's website or our profile page there. Even if you visit a website that uses certain content of the network, e.g. Like or Share buttons, data can already be transmitted to the operators of the social network. If you are a user of the social network yourself and are logged into your user account, your visit to our profile page may be assigned to your account by the operator of the social network. Even if you have not registered a user account yourself or are not logged in, it is possible that the operator of the network still collects your personal data, e.g. by collecting your IP address or setting cookies. With this data, the operators can create user profiles tailored to your behaviour and interests and show you interest-based advertising inside and outside the network. If you are a registered user of the network, interest-based advertising may also be displayed on all devices on which you are or were logged in.

What is the legal basis for processing your data?

Our profiles in the social networks are intended to ensure that our company has as comprehensive a presence as possible on the Internet. As a company, we have a legitimate interest in this. The data processing is therefore lawful under Art. 6 (1) (f) GDPR.

The data processing operations and analyses carried out by the operators of the social networks themselves may be based on other legal bases. These must be provided by the operators of the social networks.

Who is responsible for the processing of your data and how can you assert your rights?

If you visit one of our social media profiles, we will be responsible, together with the operator of the network in question, for the data processing operations initiated during that visit. In principle, you can assert your rights against us as well as against the operator of the respective network.

Despite the joint responsibility with the operators of the social networks, however, our influence on the data processing operations of the respective operator is limited and is primarily based on the specifications of the operator.

How long will your data be stored?

If we collect data about our social media profiles, it will be deleted from our systems as soon as the purpose for which it is stored no longer applies, you ask us to delete it or you withdraw your consent to its storage. Stored cookies remain on your device until you delete them. Mandatory legal provisions – esp. retention periods – remain unaffected.

We have no influence on how long the operators of the social networks store your data, which the operators collect for your own purposes. You can obtain information on this directly from the operator of the respective social network, e.g. in the respective privacy policy.

What social media do we use?

Facebook

What is Facebook?
A social network

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland

Will your data be transferred to third countries?
Yes, to the USA and also to other third countries

Where can you find more information about data protection at Facebook?
https://www.facebook.com/about/privacy/

As a Facebook user, where can you adjust your advertising settings?
As a registered Facebook user, you can adjust your advertising settings in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads.

Twitter

What is Twitter?
A social network in the form of a micro-blogging platform

Who processes your data?
Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

Will your data be transferred to third countries?
Yes, to the USA

Where can you find more information about privacy on Twitter?
https://twitter.com/de/privacy

As a Twitter user, where can you adjust your advertising settings?
As a registered Twitter user, you can adjust your privacy settings in your user account. To do this, click on the following link and log in:
https://twitter.com/personalization.

Instagram

What is Instagram?
A social network specializing in photos and videos

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland

Will your data be transferred to third countries?
Yes

Where can you find more information about privacy on Instagram?
https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Richtlinien%20und%20Meldungen

Where can you as a user adjust your privacy settings?
As a registered Instagram user, you can adjust your privacy settings in your user account. To do this, click on the following link and log in:
https://www.instagram.com/accounts/privacy_and_security/

Tumblr

What is Tumblr?

Social network and blogging platform

Who processes your data?

Tumblr Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA

Will your data be transferred to third countries?

Yes

Where can you find more information about privacy on Tumblr?

https://www.tumblr.com/privacy/de

Where can you as a user adjust your privacy settings?

https://help.tumblr.com/hc/de/articles/115011611747-Privatsph%C3%A4re-Einstellungen

LinkedIn

What is LinkedIn?

A social network for business contacts

Who processes your data?

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Will your data be transferred to third countries?

Yes

Where can you find more information about privacy at LinkedIn?

https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Where can you as a user adjust your privacy settings?

As a registered LinkedIn user, you can adjust your privacy settings in your user account. To do this, click on the following link and log in:
https://www.linkedin.com/psettings/

Pinterest

What is Pinterest?

Visual search engine and online pinboard

Who processes your data?

Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland

Will your data be transferred to third countries?

Yes

Where can you find more information about privacy on Pinterest?

https://policy.pinterest.com/de/privacy-policy

Where can you as a user adjust your privacy settings?

https://help.pinterest.com/de/article/edit-account-privacy

Xing

What is Xing?

A social network for professional contacts

Who processes your data?

New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany

Will your data be transferred to third countries?

Yes, for the performance of the contract with Xing, if you have given consent, if it is necessary for the assertion, exercise or defence of legal claims, or if an adequacy decision pursuant to Art. 45 EU GDPR or suitable safeguards pursuant to Art. 46 EU GDPR exist.

Where can you find more information about data protection at Xing?

https://privacy.xing.com/de/datenschutzerklaerung/druckversion

Where can you as a user adjust your privacy settings?

As a registered Xing user, you can adjust your privacy settings in your user account. To do this, click on the following link and log in:
https://www.xing.com/settings/privacy

YouTube

What is YouTube?
A social network in the form of an online video portal

Who processes your data?
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland

Will your data be transferred to third countries?
Yes

Where can you find more information about privacy at YouTube?
https://policies.google.com/privacy?hl=de

Where can you as a user adjust your privacy settings?
https://policies.google.com/privacy?hl=de#infochoices

TikTok

What is TikTok?
A social network specializing in photos and videos

Who processes your data?
TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland

Will your data be transferred to third countries?
Yes

Where can you find more information about privacy on TikTok?
https://www.tiktok.com/legal/privacy-policy-eea?lang=de

Where can you as a user adjust your privacy settings?
https://www.tiktok.com/legal/tiktok-website-cookies-policy?lang=de