Privacy Policy
Privacy Policy
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for entering into a contract. You are not obligated to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
contact
Responsible
Please contact us if you wish. The data controller is: Viktoria Tuscher, Bruckdorferstraße 38, 93161 Sinzing, Germany, +49 941 20301060, info@emmyundpepe.de
Customer initiates contact via email
If you contact us proactively via email, we collect your personal data (name, email address, message text) only to the extent that you provide it. This data processing serves the purpose of processing and responding to your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Data collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, email address, message text) only to the extent that you provide it. The data is processed for the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
WhatsApp Business
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version provided by WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile phone number registered with WhatsApp, your name if provided, and other data to the extent you have made it available. We use a mobile device for this service whose address book contains only data from users who have contacted us via WhatsApp. Therefore, no personal data is shared with WhatsApp without your prior consent to this.
Your data will be transferred by WhatsApp to servers of Meta Platforms Inc. in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. is certified under the TADPF and has thus committed to complying with European data protection principles. If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice regarding a potential purchase, preparing a quote) or relates to a contract already concluded between you and us, this data processing is based on Article 6(1)(b) GDPR.
If contact is made for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in providing quick and easy contact options and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We use your personal data only to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of service and data protection when using WhatsApp can be found athttps://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. This data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on the consent before its withdrawal. Your customer account will then be deleted.
Reviews Advertising
Data collection when writing a comment or review
When you comment on or rate an article or post, we collect your personal data (name, email address, comment text) only to the extent that you provide it. This data is processed for the purpose of enabling and displaying comments and ratings.
By submitting your comment/review, you consent to the processing of the data you provide. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of processing based on consent before its withdrawal. Your personal data will then be deleted.
When your comment/review is published, the name and email address you provided will be published.
Use of the Trusted Shops rating system (Trustbadge)
We use the rating system of Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne (“Trusted Shops”) on our website.
Trusted Shops and we are jointly responsible for the collection of your data and its transfer to Trusted Shops when you use this service. This is based on an agreement between us and Trusted Shops regarding the joint processing of personal data.
We and Trusted Shops are equally responsible for fulfilling our obligations under the GDPR, in particular for fulfilling the information obligations pursuant to Articles 13 and 14 GDPR and for granting the data subject rights pursuant to Articles 15-21 GDPR. Further information can be found at https://help.etrusted.com/hc/de/article_attachments/4422901015569 .
Trusted Shops allows us to collect customer reviews and display them via the "Trustbadge" on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Trusted Shops to submit a review. The following data will be processed by us or Trusted Shops: email address, order information (order total, order number, and, if applicable, the product purchased). This data may also be used to verify your review.
When you access our website and the Trustbadge is displayed, we or Trusted Shops also process the following data: your IP address, date and time of access, amount of data transferred and the requesting provider.
The processing is based on Article 6(1)(a) GDPR with your consent, provided you have expressly agreed to the transfer of your data and to receiving the review request. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
Further information on data protection at Trusted Shops can be found at: https://www.trustedshops.de/impressum-datenschutz/#datenschutz .
We use your email address, independently of contract processing, exclusively for our own advertising purposes to send you newsletters, provided you have expressly consented to this. This processing is based on Article 6 Paragraph 1 Letter a of the GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on the consent before its revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.
Use of the email address for sending direct marketing.
We use your email address, which we obtained in connection with the sale of goods or services, to send you electronic advertising for our own goods or services that are similar to those you have already purchased from us, unless you have objected to this use. Providing your email address is necessary for the conclusion of the contract. Failure to provide it will result in the contract not being concluded. This processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in direct marketing. You can object to this use of your email address at any time by notifying us. Our contact details for exercising your right to object can be found in the legal notice. You can also use the unsubscribe link provided in the advertising email. No costs other than standard transmission fees will be incurred.
Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) for sending newsletters as part of a data processing agreement.
We forward the information you provide during newsletter registration (email address, and optionally first and last name) to Klaviyo. This data processing serves the purpose of sending the newsletter and its statistical evaluation.
To evaluate newsletter campaigns, the newsletters we send contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any embedded links. In this context, we collect your personal data, such as your IP address, browser type and device, and the time of access. Usage profiles can be created from this data under a pseudonym. The collected data is not used to personally identify you. It is used solely for statistical analysis to improve our newsletter campaigns.
Your data is generally transferred to and stored on Klaviyo's servers in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo is certified under the TADPF and has therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in a targeted, effective, and user-friendly newsletter system. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement .
Sharing of the email address with shipping companies to inform about the shipping status
We will share your email address with the shipping company as part of the order processing, provided you have expressly consented to this during the ordering process. This sharing is for the purpose of informing you about the shipping status via email. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time by notifying us or the shipping company, without affecting the lawfulness of processing based on consent before its withdrawal.
Use of an external merchandise management system
We use an enterprise resource planning (ERP) system for order processing. For this purpose, your personal data collected during the ordering process will be transferred to...
JTL-Software-GmbH, Rheinstr. 7, 41836 Hückelhoven
Odoo, Chaussée de Namur 40, 1367 Grand-Rosière
transmitted.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 para. 1 lit. b GDPR.
Payment service provider
Using PayPal
We use the PayPal payment service on our website, provided by PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). The data processing serves the purpose of offering you the option of payment via this service. By selecting and using PayPal as your payment method, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the chosen payment method. This processing is based on Article 6(1)(b) GDPR.
All PayPal transactions are subject to the PayPal Privacy Statement. You can find it at https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Cookies
Our website uses cookies. Cookies are small text files that are stored in or by the internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is visited again.
Analysis of advertising tracking and affiliate marketing
Use of Google Analytics 4
We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. To this end, Google, on behalf of the operator of this website, will use the information obtained to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator.
The following information may be collected, among other things: IP address, date and time of the page visit, click path, information about the browser and device you are using, pages visited, referrer URL (website from which you accessed our website), location data, and purchase activity. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google holds about you.
Google will shorten the IP address beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Google uses technologies such as cookies, web storage in the browser, and tracking pixels that enable analysis of your website usage. The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR.
Your personal data is processed with your consent on the basis of Article 6(1)(a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
We use the advanced consent mode. In this mode, even if consent is not given, user data is transmitted to Google in the form of "pings." These pings can contain, among other things, the following information: IP address to deduce the IP country (the IP address itself is not logged), date and time of the page request, URL of the visited pages, user agent, referrer URL (the website from which our website was accessed), or information about triggering website events such as a conversion. Based on this information, Google models user data to perform comprehensive usage analysis despite the refusal of consent.
The information generated about your use of this website is generally transmitted to and stored on a Google server in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles. Both Google and US government authorities have access to your data.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .
Use of Matomo
We use the Matomo analytics tool from InnoCraft Ltd. (150 Willis St, 6011 Wellington, New Zealand; "Matomo") on our website.
The data processing serves the purpose of analyzing this website and its visitors. The following information may be collected, among other things: (anonymized) IP address, information about the browser and device you are using, files you have clicked on or downloaded, clicks on links to third-party websites, referrer URL (website from which you accessed our website), URL of our website, number of your visits, time of your first visit, date and time of the visit, time zone, and location data. Usage profiles can be created from this data under a pseudonym. The data collected using Matomo technologies is not used to personally identify visitors to this website and is not merged with personal data about the holder of the pseudonym.
Cookies are used for this purpose, which enable the recognition of the internet browser.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in designing the website to meet user needs and be targeted effectively. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you. The use of Matomo and the associated data collection and storage can be deactivated at any time with effect for the future.
Further information on data protection at Matomo can be found at https://matomo.org/matomo-cloud-privacy-policy/ and https://matomo.org/gdpr-analytics/ .
Using Shopify statistics
We use the statistics and analytics functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is a company affiliated with Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and made available in reports, analyses, and statistics. This includes the collection and processing of the following device information: information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate the website, information about the web pages or products visited, the referrer URL (the website from which you accessed our website), and information about how you interact with the website are also collected. Technologies such as cookies, web beacons, tags, and pixels (electronic files used to collect information about how you navigate the website) are used for this purpose.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. The EU Commission has issued an adequacy decision for Canada. The EU Commission has also issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission's Standard Contractual Clauses.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz , information about the data processing agreement at https://www.shopify.com/de/legal/dpa and information about the cookies used at https://www.shopify.com/de/legal/cookies .
We use the TikTok Pixel on our website, provided by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”). Both companies are joint controllers for data processing (hereinafter “TikTok”).
The data processing serves the purpose of identifying and analyzing our customers' website visits, improving customer targeting through the placement of targeted advertisements, and evaluating the effectiveness of advertisements on TikTok. TikTok uses technologies such as cookies and pixels to recognize your browser. The following information, among other things, may be collected and transmitted to TikTok: date and time of visit, information about your browser and device type, screen resolution, and IP address. TikTok can associate this information with your personal TikTok user account. Usage profiles can be created from the data collected in this way using pseudonyms. However, personal identification of users is not possible through this process.
Your data may be transferred to third countries, such as the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified under the TADPF. Data transfers to the USA and to third countries without an adequacy decision are based, among other things, on standard contractual clauses as suitable safeguards for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on data protection can be found at https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller .
Using the ADCELL Partner Program
We use the partner program “ADCELL” of Firstlead GmbH (Rosenfelder Str. 15-16, 10315 Berlin; “ADCELL”).
ADCELL and we are jointly responsible for the collection of your data and its transfer to ADCELL when you use this service. This is based on an agreement between us and ADCELL regarding the joint processing of personal data. The agreement can be accessed at https://www.adcell.de/datenverarbeitung . According to this agreement, we and ADCELL are equally responsible for fulfilling our obligations under the GDPR, in particular for fulfilling the information obligations pursuant to Articles 13 and 14 of the GDPR and for granting the data subject rights pursuant to Articles 15 to 21 of the GDPR.
When you click on an ad containing an affiliate link, ADCELL places a conversion tracking cookie on your computer. These cookies are used for accurate billing within the affiliate program by recording the success of an advertising medium. The cookies recognize that you clicked on the ad and allow the advertiser to trace the origin of the order. ADCELL also uses tracking pixels. These allow for the analysis of information such as website traffic.
The information generated by cookies and tracking pixels regarding the use of this website (including the IP address) and the delivery of advertising formats is transmitted to and stored on an ADCELL server. Among other things, ADCELL can recognize that the partner link on this website was clicked. ADCELL may, under certain circumstances, share this (anonymized) information with contractual partners; however, data such as the IP address is not combined with other stored data.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Plug-ins and other
Use of social plug-ins
We use social network plugins on our website. The integration of social plugins and the associated data processing serve the purpose of optimizing advertising for our products.
When social plugins are integrated, a connection is established between your computer and the servers of the social network provider. The plugin is then displayed on the page by sending a message to your browser, provided you have explicitly consented to this. In this process, both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered with or logged into the social network. Even unregistered or logged-out users are subject to this transmission. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be associated with your corresponding profiles. When you use the plugin functions (e.g., by clicking the button), this information is also associated with your user account. You can prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The social networks listed below are integrated into our website via social plugins. Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and its transfer to Facebook when you use this service. This is based on an agreement between us and Meta Platforms Ireland regarding the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . Specifically, we are responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, for complying with the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Articles 33 and 34 of the GDPR insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights in accordance with Articles 15-20 GDPR, complying with the security requirements of Article 32 GDPR with regard to the security of the service, and fulfilling the obligations under Articles 33 and 34 GDPR insofar as a personal data breach affects Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Further information on the collection and use of data by Facebook, your related rights and options for protecting your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/ .
Using Facebook's single sign-on feature
We use the single sign-on function (formerly Facebook Connect) of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data and its transfer to Facebook when you use this service. This is based on an agreement between us and Meta Platforms Ireland regarding the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . Specifically, we are responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, for complying with the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Articles 33 and 34 of the GDPR insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights in accordance with Articles 15-20 GDPR, complying with the security requirements of Article 32 GDPR with regard to the security of the service, and fulfilling the obligations under Articles 33 and 34 GDPR insofar as a personal data breach affects Meta Platforms Ireland's obligations under the joint processing agreement.
This feature allows website visitors to log in to the website using their existing Facebook account. The data processing serves the purpose of verification during registration, personalization, and interest-based advertising.
To offer this feature on the website, a connection to the Facebook server is established. Cookies are used for this purpose. The following information, among other things, may be collected and transmitted to Facebook: IP address, browser information, referrer URL (website from which you accessed our website), and location data. This applies regardless of whether you are registered with or logged into the social network. Data is also transmitted for users who are not registered or logged in. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be associated with your corresponding profiles. You can prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons. Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and is therefore committed to complying with European data protection principles.
When using the single sign-on function, the website visitor's Facebook profile is linked to a customer account for this website. In doing so, we receive personal data from Facebook, as specified during the login process. This may include, among other things, the following information: name, address, public profile information (e.g., name, profile picture, age, gender), email address, friend lists, and "likes".
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by Facebook, your related rights and options for protecting your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/ .
Using Google invisible reCAPTCHA
We use the invisible reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves the purpose of distinguishing between input from a human and input from automated, machine processing. In the background, Google collects and analyzes usage data, which Invisible reCAPTCHA uses to differentiate regular users from bots. For this purpose, your input is transmitted to Google and further processed there. Additionally, your IP address and, if applicable, other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
This data is processed by Google within the European Union and may also be transferred to servers of Google LLC in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information about Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Using Cloudflare
We use the Cloudflare CDN content delivery network from Cloudflare Inc. (101 Townsend St, San Francisco, CA 94107, USA; “Cloudflare”) on our website. This is a geographically dispersed network of servers in various data centers to which our web server connects and through which certain content from our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.
The following information may be collected, among other things: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudflare is certified under the TADPF and has therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in designing the website to meet user needs and be targeted effectively. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
Further information on data protection when using Cloudflare can be found at https://www.cloudflare.com/de-de/privacypolicy/ .
We use the YouTube video embedding function on our website, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
This feature displays videos hosted on YouTube within an iFrame on the website. The "Enhanced Privacy Mode" option is enabled. This means that YouTube does not store any information about website visitors. Information is only transmitted to and stored by YouTube when you actually watch a video. Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by YouTube and Google, your related rights and options for protecting your privacy can be found in YouTube's privacy policy at https://www.youtube.com/t/privacy .
Use of Algolia
We use the search function of Algolia, a service of Algolia SAS (55 Rue d'Amsterdam, 75008 Paris, France; “Algolia”), on our website. The data processing serves the purpose of making it easier to find the information contained on our website and improving user-friendliness. Algolia uses technologies such as cookies. The following information, among other things, may be collected: IP address, date and time of the page visit, information about the browser and operating system you are using. The data is stored on Algolia's server for a period of 90 days.
Your data may be transferred to third countries such as the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Algolia is not certified under the TADPF. Data transfers are based, among other things, on standard contractual clauses as suitable safeguards for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on data protection and the use of cookies at Algolia can be found at https://www.algolia.com/policies/privacy/ .
Data subject rights and storage period
Storage duration
After complete contract fulfillment, the data will initially be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the data subject
Provided the legal requirements are met, you have the following rights under Articles 15 to 20 GDPR: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability.
Furthermore, pursuant to Article 21 Paragraph 1 GDPR, you have the right to object to processing based on Article 6 Paragraph 1 f GDPR, as well as to processing for direct marketing purposes.
Right to lodge a complaint with the supervisory authority
According to Article 77 of the GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is unlawful.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Tel.: +49 981 1800930
Fax: +49 981 180093800
Email: poststelle@lda.bayern.de
Right to object
If the processing of personal data listed here is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation.
After an objection has been lodged, the processing of the data in question will cease, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
If your personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. Upon receipt of your objection, we will cease processing the data in question for direct marketing purposes.
Last updated: October 22, 2024
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for entering into a contract. You are not obligated to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Server log files
You can visit our websites without providing any personal information.
Each time you access our website, your internet browser transmits usage data to us or our web host/IT service provider, which is then stored in log files (server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred, and the requesting provider.
The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the smooth operation of our website and improving our services.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. The EU Commission has issued an adequacy decision for Canada. The EU Commission has also issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission's Standard Contractual Clauses.The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the smooth operation of our website and improving our services.
contact
Responsible
Please contact us if you wish. The data controller is: Viktoria Tuscher, Bruckdorferstraße 38, 93161 Sinzing, Germany, +49 941 20301060, info@emmyundpepe.de
Customer initiates contact via email
If you contact us proactively via email, we collect your personal data (name, email address, message text) only to the extent that you provide it. This data processing serves the purpose of processing and responding to your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Data collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, email address, message text) only to the extent that you provide it. The data is processed for the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
WhatsApp Business
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version provided by WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile phone number registered with WhatsApp, your name if provided, and other data to the extent you have made it available. We use a mobile device for this service whose address book contains only data from users who have contacted us via WhatsApp. Therefore, no personal data is shared with WhatsApp without your prior consent to this.
Your data will be transferred by WhatsApp to servers of Meta Platforms Inc. in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. is certified under the TADPF and has thus committed to complying with European data protection principles. If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice regarding a potential purchase, preparing a quote) or relates to a contract already concluded between you and us, this data processing is based on Article 6(1)(b) GDPR.
If contact is made for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in providing quick and easy contact options and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We use your personal data only to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of service and data protection when using WhatsApp can be found athttps://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. This data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on the consent before its withdrawal. Your customer account will then be deleted.
Collection, processing and transfer of personal data during orders
When you place an order, we collect and process your personal data only to the extent necessary to fulfill and process your order and to handle your inquiries. Providing this data is necessary for entering into a contract. Failure to provide this data will result in the contract not being concluded. This processing is based on Article 6(1)(b) GDPR and is necessary for the performance of a contract with you.
Your data will be shared with, for example, shipping companies, dropshipping and fulfillment providers, payment service providers, order processing service providers, and IT service providers. In all cases, we strictly adhere to legal requirements. The scope of data transfer is limited to the minimum necessary.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. The EU Commission has issued an adequacy decision for Canada. The EU Commission has also issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission's Standard Contractual Clauses.Reviews Advertising
Data collection when writing a comment or review
When you comment on or rate an article or post, we collect your personal data (name, email address, comment text) only to the extent that you provide it. This data is processed for the purpose of enabling and displaying comments and ratings.
By submitting your comment/review, you consent to the processing of the data you provide. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of processing based on consent before its withdrawal. Your personal data will then be deleted.
When your comment/review is published, the name and email address you provided will be published.
Use of the Trusted Shops rating system (Trustbadge)
We use the rating system of Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne (“Trusted Shops”) on our website.
Trusted Shops and we are jointly responsible for the collection of your data and its transfer to Trusted Shops when you use this service. This is based on an agreement between us and Trusted Shops regarding the joint processing of personal data.
We and Trusted Shops are equally responsible for fulfilling our obligations under the GDPR, in particular for fulfilling the information obligations pursuant to Articles 13 and 14 GDPR and for granting the data subject rights pursuant to Articles 15-21 GDPR. Further information can be found at https://help.etrusted.com/hc/de/article_attachments/4422901015569 .
Trusted Shops allows us to collect customer reviews and display them via the "Trustbadge" on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Trusted Shops to submit a review. The following data will be processed by us or Trusted Shops: email address, order information (order total, order number, and, if applicable, the product purchased). This data may also be used to verify your review.
When you access our website and the Trustbadge is displayed, we or Trusted Shops also process the following data: your IP address, date and time of access, amount of data transferred and the requesting provider.
The processing is based on Article 6(1)(a) GDPR with your consent, provided you have expressly agreed to the transfer of your data and to receiving the review request. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
Further information on data protection at Trusted Shops can be found at: https://www.trustedshops.de/impressum-datenschutz/#datenschutz .
Review reminder
After placing your order, we would like to ask you to rate your purchase with us.
For this purpose, we use your personal data (name, email address, order information) independently of the contract processing to send you a review reminder by email after an order has been placed, provided you have expressly agreed to this.
The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by using the corresponding link in the email or by notifying us, without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
Use of the email address for sending newslettersAfter placing your order, we would like to ask you to rate your purchase with us.
For this purpose, we use your personal data (name, email address, order information) independently of the contract processing to send you a review reminder by email after an order has been placed, provided you have expressly agreed to this.
The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by using the corresponding link in the email or by notifying us, without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
We use your email address, independently of contract processing, exclusively for our own advertising purposes to send you newsletters, provided you have expressly consented to this. This processing is based on Article 6 Paragraph 1 Letter a of the GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on the consent before its revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.
Use of the email address for sending direct marketing.
We use your email address, which we obtained in connection with the sale of goods or services, to send you electronic advertising for our own goods or services that are similar to those you have already purchased from us, unless you have objected to this use. Providing your email address is necessary for the conclusion of the contract. Failure to provide it will result in the contract not being concluded. This processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in direct marketing. You can object to this use of your email address at any time by notifying us. Our contact details for exercising your right to object can be found in the legal notice. You can also use the unsubscribe link provided in the advertising email. No costs other than standard transmission fees will be incurred.
Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) for sending newsletters as part of a data processing agreement.
We forward the information you provide during newsletter registration (email address, and optionally first and last name) to Klaviyo. This data processing serves the purpose of sending the newsletter and its statistical evaluation.
To evaluate newsletter campaigns, the newsletters we send contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any embedded links. In this context, we collect your personal data, such as your IP address, browser type and device, and the time of access. Usage profiles can be created from this data under a pseudonym. The collected data is not used to personally identify you. It is used solely for statistical analysis to improve our newsletter campaigns.
Your data is generally transferred to and stored on Klaviyo's servers in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo is certified under the TADPF and has therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in a targeted, effective, and user-friendly newsletter system. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement .
Use of email address for availability notifications
We offer a stock availability notification service on our website. If an item is temporarily unavailable, you can enter your email address on the respective product page and be notified by email when it becomes available, provided you have consented to this. You will receive a one-time email notification when the item is available. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the availability notification at any time by contacting us. Your email address will then be removed from the mailing list.
Shipping service provider, inventory managementWe offer a stock availability notification service on our website. If an item is temporarily unavailable, you can enter your email address on the respective product page and be notified by email when it becomes available, provided you have consented to this. You will receive a one-time email notification when the item is available. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the availability notification at any time by contacting us. Your email address will then be removed from the mailing list.
Sharing of the email address with shipping companies to inform about the shipping status
We will share your email address with the shipping company as part of the order processing, provided you have expressly consented to this during the ordering process. This sharing is for the purpose of informing you about the shipping status via email. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time by notifying us or the shipping company, without affecting the lawfulness of processing based on consent before its withdrawal.
Use of an external merchandise management system
We use an enterprise resource planning (ERP) system for order processing. For this purpose, your personal data collected during the ordering process will be transferred to...
JTL-Software-GmbH, Rheinstr. 7, 41836 Hückelhoven
Odoo, Chaussée de Namur 40, 1367 Grand-Rosière
transmitted.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 para. 1 lit. b GDPR.
Payment service provider
Using PayPal
We use the PayPal payment service on our website, provided by PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). The data processing serves the purpose of offering you the option of payment via this service. By selecting and using PayPal as your payment method, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the chosen payment method. This processing is based on Article 6(1)(b) GDPR.
All PayPal transactions are subject to the PayPal Privacy Statement. You can find it at https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Using the payment service provider Mollie
We use the payment service provider Mollie BV (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. The data processing serves the purpose of offering you various payment methods through payment processing via Mollie. If you have chosen one of Mollie's payment options, the data required for payment processing will be transmitted to Mollie. This includes your payment details (for example, bank account number or credit card number), your IP address, your internet browser and device type, and in some cases, your first and last name, your address, and information about the product or service you have purchased from us. This data processing is based on Article 6 Paragraph 1 Letter b GDPR. Further information on data processing when using the payment service provider Mollie can be found in their privacy policy: https://www.mollie.com/de/privacy
We use the payment service provider Mollie BV (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. The data processing serves the purpose of offering you various payment methods through payment processing via Mollie. If you have chosen one of Mollie's payment options, the data required for payment processing will be transmitted to Mollie. This includes your payment details (for example, bank account number or credit card number), your IP address, your internet browser and device type, and in some cases, your first and last name, your address, and information about the product or service you have purchased from us. This data processing is based on Article 6 Paragraph 1 Letter b GDPR. Further information on data processing when using the payment service provider Mollie can be found in their privacy policy: https://www.mollie.com/de/privacy
Cookies
Our website uses cookies. Cookies are small text files that are stored in or by the internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is visited again.
Cookies are stored on your computer. Therefore, you have full control over their use. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, please note that you may then not be able to fully utilize all the functions of this website.
The links below provide information on how to manage (including disable) cookies in the most common browsers:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablassen
Technically necessary cookies
Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies to make our website more user-friendly, effective, and secure. Furthermore, cookies enable our systems to recognize your browser even after you navigate to a different page and to offer you services. Some features of our website cannot be offered without the use of cookies. For these features, it is necessary that the browser is recognized even after a page change.
The use of cookies or similar technologies is based on Section 25 Paragraph 2 of the German Telemedia Act (TDDG). The processing of your personal data is based on Article 6 Paragraph 1 Letter f of the GDPR, due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our services.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Use of Usercentrics
We use the consent management tool Usercentrics from Usercentrics GmbH (Rosenthal 4, 80331, Munich; “Usercentrics”) on our website.
This tool allows you to grant consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw previously granted consent. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations. Cookies may be used for this purpose. The following information, among other things, may be collected and transmitted to Usercentrics: date and time of the page visit, information about the browser and device you are using, anonymized IP address, and opt-in and opt-out data.
Usercentrics uses the Google Cloud Platform of Google Ireland Limited, which may result in your data being transferred to the USA. The EU Commission has not issued an adequacy decision for the USA. Data transfers are based, among other things, on standard contractual clauses as suitable safeguards for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks .
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
The revocation document for a previously granted consent will be kept for a period of three years.
Further information on data protection at Usercentrics can be found at: https://usercentrics.com/privacy-policy/
We use the consent management tool Usercentrics from Usercentrics GmbH (Rosenthal 4, 80331, Munich; “Usercentrics”) on our website.
This tool allows you to grant consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw previously granted consent. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations. Cookies may be used for this purpose. The following information, among other things, may be collected and transmitted to Usercentrics: date and time of the page visit, information about the browser and device you are using, anonymized IP address, and opt-in and opt-out data.
Usercentrics uses the Google Cloud Platform of Google Ireland Limited, which may result in your data being transferred to the USA. The EU Commission has not issued an adequacy decision for the USA. Data transfers are based, among other things, on standard contractual clauses as suitable safeguards for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks .
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
The revocation document for a previously granted consent will be kept for a period of three years.
Further information on data protection at Usercentrics can be found at: https://usercentrics.com/privacy-policy/
Analysis of advertising tracking and affiliate marketing
Use of Google Analytics 4
We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. To this end, Google, on behalf of the operator of this website, will use the information obtained to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator.
The following information may be collected, among other things: IP address, date and time of the page visit, click path, information about the browser and device you are using, pages visited, referrer URL (website from which you accessed our website), location data, and purchase activity. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google holds about you.
Google will shorten the IP address beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Google uses technologies such as cookies, web storage in the browser, and tracking pixels that enable analysis of your website usage. The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR.
Your personal data is processed with your consent on the basis of Article 6(1)(a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
We use the advanced consent mode. In this mode, even if consent is not given, user data is transmitted to Google in the form of "pings." These pings can contain, among other things, the following information: IP address to deduce the IP country (the IP address itself is not logged), date and time of the page request, URL of the visited pages, user agent, referrer URL (the website from which our website was accessed), or information about triggering website events such as a conversion. Based on this information, Google models user data to perform comprehensive usage analysis despite the refusal of consent.
The information generated about your use of this website is generally transmitted to and stored on a Google server in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles. Both Google and US government authorities have access to your data.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .
Use of Matomo
We use the Matomo analytics tool from InnoCraft Ltd. (150 Willis St, 6011 Wellington, New Zealand; "Matomo") on our website.
The data processing serves the purpose of analyzing this website and its visitors. The following information may be collected, among other things: (anonymized) IP address, information about the browser and device you are using, files you have clicked on or downloaded, clicks on links to third-party websites, referrer URL (website from which you accessed our website), URL of our website, number of your visits, time of your first visit, date and time of the visit, time zone, and location data. Usage profiles can be created from this data under a pseudonym. The data collected using Matomo technologies is not used to personally identify visitors to this website and is not merged with personal data about the holder of the pseudonym.
Cookies are used for this purpose, which enable the recognition of the internet browser.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in designing the website to meet user needs and be targeted effectively. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you. The use of Matomo and the associated data collection and storage can be deactivated at any time with effect for the future.
Further information on data protection at Matomo can be found at https://matomo.org/matomo-cloud-privacy-policy/ and https://matomo.org/gdpr-analytics/ .
Using Shopify statistics
We use the statistics and analytics functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is a company affiliated with Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and made available in reports, analyses, and statistics. This includes the collection and processing of the following device information: information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate the website, information about the web pages or products visited, the referrer URL (the website from which you accessed our website), and information about how you interact with the website are also collected. Technologies such as cookies, web beacons, tags, and pixels (electronic files used to collect information about how you navigate the website) are used for this purpose.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. The EU Commission has issued an adequacy decision for Canada. The EU Commission has also issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission's Standard Contractual Clauses.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz , information about the data processing agreement at https://www.shopify.com/de/legal/dpa and information about the cookies used at https://www.shopify.com/de/legal/cookies .
Use of the Meta Pixel
We use the Meta Pixel of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are jointly responsible for the collection of your data and its transfer to Meta when you use this service. This is based on an agreement between us and Meta regarding the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://de-de.facebook.com/legal/terms/businesstools . Specifically, we are responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, for complying with the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Articles 33 and 34 of the GDPR, insofar as a personal data breach affects our obligations under the joint processing agreement. Meta is responsible for enabling the data subject rights in accordance with Articles 15-20 GDPR, complying with the security requirements of Article 32 GDPR with regard to the security of the service, and fulfilling the obligations under Articles 33 and 34 GDPR, insofar as a personal data breach affects Meta's obligations under the joint processing agreement.
The purpose of this application is to target website visitors with interest-based advertising on the social networks Facebook and Instagram. For this purpose, the Meta remarketing tag has been implemented on the website. This tag establishes a direct connection to the Meta servers when you visit the website. This transmits information to the Meta server about which of our pages you have visited. Meta then associates this information with your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalized, interest-based ads.
The application also serves the purpose of generating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag, as well as what actions they took after being redirected to that website. However, we do not receive any information that can personally identify users.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Your personal data is processed with your consent on the basis of Article 6(1)(a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can deactivate the "Custom Audiences" remarketing feature here. Further information about the collection and use of data by Meta, your related rights, and options for protecting your privacy can be found in Meta's privacy policy at https://www.facebook.com/about/privacy/ .
You can deactivate the "Custom Audiences" remarketing feature here. Further information about the collection and use of data by Meta, your related rights, and options for protecting your privacy can be found in Meta's privacy policy at https://www.facebook.com/about/privacy/ .
Using Google Ads conversion tracking
We use the online advertising program "Google Ads" on our website and, within this framework, conversion tracking (visit action evaluation). Google Conversion Tracking is an analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad served by Google, a conversion tracking cookie is placed on your computer. These cookies have a limited lifespan, do not contain any personally identifiable information, and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. This means that cookies cannot be tracked across the websites of different Ads customers.
The information collected using the conversion cookie is used to generate conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any personally identifiable information. We use the advanced consent mode. In this mode, even if consent is not given, user data is transmitted to Google in the form of "pings." These pings may contain information such as: IP address to determine the IP country (the IP address itself is not logged), date and time of the page view, URL of the visited pages, user agent, referrer URL (the website from which our website was accessed), or information about triggering website events such as a conversion. Based on this information, Google models user data to perform comprehensive usage analysis despite the user's refusal to consent.
Your data may be transferred to Google LLC servers in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
We use the online advertising program "Google Ads" on our website and, within this framework, conversion tracking (visit action evaluation). Google Conversion Tracking is an analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad served by Google, a conversion tracking cookie is placed on your computer. These cookies have a limited lifespan, do not contain any personally identifiable information, and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. This means that cookies cannot be tracked across the websites of different Ads customers.
The information collected using the conversion cookie is used to generate conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any personally identifiable information. We use the advanced consent mode. In this mode, even if consent is not given, user data is transmitted to Google in the form of "pings." These pings may contain information such as: IP address to determine the IP country (the IP address itself is not logged), date and time of the page view, URL of the visited pages, user agent, referrer URL (the website from which our website was accessed), or information about triggering website events such as a conversion. Based on this information, Google models user data to perform comprehensive usage analysis despite the user's refusal to consent.
Your data may be transferred to Google LLC servers in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information and Google's privacy policy can be found at: https://www.google.de/policies/privacy/
Use of TikTok PixelFurther information and Google's privacy policy can be found at: https://www.google.de/policies/privacy/
We use the TikTok Pixel on our website, provided by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”). Both companies are joint controllers for data processing (hereinafter “TikTok”).
The data processing serves the purpose of identifying and analyzing our customers' website visits, improving customer targeting through the placement of targeted advertisements, and evaluating the effectiveness of advertisements on TikTok. TikTok uses technologies such as cookies and pixels to recognize your browser. The following information, among other things, may be collected and transmitted to TikTok: date and time of visit, information about your browser and device type, screen resolution, and IP address. TikTok can associate this information with your personal TikTok user account. Usage profiles can be created from the data collected in this way using pseudonyms. However, personal identification of users is not possible through this process.
Your data may be transferred to third countries, such as the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified under the TADPF. Data transfers to the USA and to third countries without an adequacy decision are based, among other things, on standard contractual clauses as suitable safeguards for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on data protection can be found at https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller .
Using the ADCELL Partner Program
We use the partner program “ADCELL” of Firstlead GmbH (Rosenfelder Str. 15-16, 10315 Berlin; “ADCELL”).
ADCELL and we are jointly responsible for the collection of your data and its transfer to ADCELL when you use this service. This is based on an agreement between us and ADCELL regarding the joint processing of personal data. The agreement can be accessed at https://www.adcell.de/datenverarbeitung . According to this agreement, we and ADCELL are equally responsible for fulfilling our obligations under the GDPR, in particular for fulfilling the information obligations pursuant to Articles 13 and 14 of the GDPR and for granting the data subject rights pursuant to Articles 15 to 21 of the GDPR.
When you click on an ad containing an affiliate link, ADCELL places a conversion tracking cookie on your computer. These cookies are used for accurate billing within the affiliate program by recording the success of an advertising medium. The cookies recognize that you clicked on the ad and allow the advertiser to trace the origin of the order. ADCELL also uses tracking pixels. These allow for the analysis of information such as website traffic.
The information generated by cookies and tracking pixels regarding the use of this website (including the IP address) and the delivery of advertising formats is transmitted to and stored on an ADCELL server. Among other things, ADCELL can recognize that the partner link on this website was clicked. ADCELL may, under certain circumstances, share this (anonymized) information with contractual partners; however, data such as the IP address is not combined with other stored data.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Plug-ins and other
Use of social plug-ins
We use social network plugins on our website. The integration of social plugins and the associated data processing serve the purpose of optimizing advertising for our products.
When social plugins are integrated, a connection is established between your computer and the servers of the social network provider. The plugin is then displayed on the page by sending a message to your browser, provided you have explicitly consented to this. In this process, both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered with or logged into the social network. Even unregistered or logged-out users are subject to this transmission. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be associated with your corresponding profiles. When you use the plugin functions (e.g., by clicking the button), this information is also associated with your user account. You can prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The social networks listed below are integrated into our website via social plugins. Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and its transfer to Facebook when you use this service. This is based on an agreement between us and Meta Platforms Ireland regarding the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . Specifically, we are responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, for complying with the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Articles 33 and 34 of the GDPR insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights in accordance with Articles 15-20 GDPR, complying with the security requirements of Article 32 GDPR with regard to the security of the service, and fulfilling the obligations under Articles 33 and 34 GDPR insofar as a personal data breach affects Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Further information on the collection and use of data by Facebook, your related rights and options for protecting your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/ .
Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
https://help.instagram.com/155833707900388
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Using Facebook's single sign-on feature
We use the single sign-on function (formerly Facebook Connect) of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data and its transfer to Facebook when you use this service. This is based on an agreement between us and Meta Platforms Ireland regarding the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . Specifically, we are responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, for complying with the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Articles 33 and 34 of the GDPR insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights in accordance with Articles 15-20 GDPR, complying with the security requirements of Article 32 GDPR with regard to the security of the service, and fulfilling the obligations under Articles 33 and 34 GDPR insofar as a personal data breach affects Meta Platforms Ireland's obligations under the joint processing agreement.
This feature allows website visitors to log in to the website using their existing Facebook account. The data processing serves the purpose of verification during registration, personalization, and interest-based advertising.
To offer this feature on the website, a connection to the Facebook server is established. Cookies are used for this purpose. The following information, among other things, may be collected and transmitted to Facebook: IP address, browser information, referrer URL (website from which you accessed our website), and location data. This applies regardless of whether you are registered with or logged into the social network. Data is also transmitted for users who are not registered or logged in. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be associated with your corresponding profiles. You can prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons. Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and is therefore committed to complying with European data protection principles.
When using the single sign-on function, the website visitor's Facebook profile is linked to a customer account for this website. In doing so, we receive personal data from Facebook, as specified during the login process. This may include, among other things, the following information: name, address, public profile information (e.g., name, profile picture, age, gender), email address, friend lists, and "likes".
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by Facebook, your related rights and options for protecting your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/ .
We use the invisible reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves the purpose of distinguishing between input from a human and input from automated, machine processing. In the background, Google collects and analyzes usage data, which Invisible reCAPTCHA uses to differentiate regular users from bots. For this purpose, your input is transmitted to Google and further processed there. Additionally, your IP address and, if applicable, other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
This data is processed by Google within the European Union and may also be transferred to servers of Google LLC in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information about Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Using Cloudflare
We use the Cloudflare CDN content delivery network from Cloudflare Inc. (101 Townsend St, San Francisco, CA 94107, USA; “Cloudflare”) on our website. This is a geographically dispersed network of servers in various data centers to which our web server connects and through which certain content from our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.
The following information may be collected, among other things: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudflare is certified under the TADPF and has therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in designing the website to meet user needs and be targeted effectively. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
Further information on data protection when using Cloudflare can be found at https://www.cloudflare.com/de-de/privacypolicy/ .
Using OpenStreetMap
We use the open-source mapping service of the OpenStreetMap Foundation (St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom; "OpenStreetMap") on our website. The data processing serves the purpose of visually displaying geographical information and maps to show you our location.
Cookies may be used in this process. Among other things, the following information may be collected and processed: date and time of access, IP address, and information about the browser and device you are using. This information will be associated with your personal user account if you have an OpenStreetMap account and are logged in when visiting the website. In that case, the following additional information will be collected and processed: user ID, email address associated with the user account, and content blocked by the user.
Your data may also be transferred outside the EU to the United Kingdom. The EU Commission has issued an adequacy decision for the United Kingdom.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on data processing and data protection can be found at https://wiki.osmfoundation.org/wiki/Privacy_Policy?tid=331640695983 .
Using YouTubeWe use the YouTube video embedding function on our website, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
This feature displays videos hosted on YouTube within an iFrame on the website. The "Enhanced Privacy Mode" option is enabled. This means that YouTube does not store any information about website visitors. Information is only transmitted to and stored by YouTube when you actually watch a video. Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by YouTube and Google, your related rights and options for protecting your privacy can be found in YouTube's privacy policy at https://www.youtube.com/t/privacy .
Use of Algolia
We use the search function of Algolia, a service of Algolia SAS (55 Rue d'Amsterdam, 75008 Paris, France; “Algolia”), on our website. The data processing serves the purpose of making it easier to find the information contained on our website and improving user-friendliness. Algolia uses technologies such as cookies. The following information, among other things, may be collected: IP address, date and time of the page visit, information about the browser and operating system you are using. The data is stored on Algolia's server for a period of 90 days.
Your data may be transferred to third countries such as the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Algolia is not certified under the TADPF. Data transfers are based, among other things, on standard contractual clauses as suitable safeguards for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on data protection and the use of cookies at Algolia can be found at https://www.algolia.com/policies/privacy/ .
Data subject rights and storage period
Storage duration
After complete contract fulfillment, the data will initially be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the data subject
Provided the legal requirements are met, you have the following rights under Articles 15 to 20 GDPR: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability.
Furthermore, pursuant to Article 21 Paragraph 1 GDPR, you have the right to object to processing based on Article 6 Paragraph 1 f GDPR, as well as to processing for direct marketing purposes.
Right to lodge a complaint with the supervisory authority
According to Article 77 of the GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is unlawful.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Tel.: +49 981 1800930
Fax: +49 981 180093800
Email: poststelle@lda.bayern.de
Right to object
If the processing of personal data listed here is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation.
After an objection has been lodged, the processing of the data in question will cease, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
If your personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. Upon receipt of your objection, we will cease processing the data in question for direct marketing purposes.
Last updated: October 22, 2024