Last modified February 17, 2019
Data Protection Declaration
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise. "Personal data" means any information relating to an identified or identifiable natural person (hereinafter the "data subject"); a natural person is considered as identifiable, which can be identified directly or indirectly, in particular by reference to identifiers such as names, to identification numbers, to location data, to online identifiers (e.g. cookies) or to one or more special features that express the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
Applicable Legal Basis
In accordance with Art. 13 GDPR, we inform you about the legal basis of our data processing. Unless the legal basis is not mentioned in the privacy statement, the following applies: The legal basis for obtaining consent is article 6 (1) lit. a and Art. 7 GDPR, the legal basis for processing in order to fulfil our services, execute contractual, and respond to inquiries is art. 6 (1) lit. b GDPR, the legal basis for processing in order to fulfill our legal obligations is art. 6 (1) lit. c GDPR, and the legal basis for processing in order to safeguard our legitimate interests is article 6 (1) lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, art. 6 para. 1 lit. d GDPR serves as the legal basis.
In accordance with art. 32 GDPR, we take appropriate technical and organizational measures to ensure an appropriate level of protection against risks to the rights and freedoms of natural persons, considering the current state of technology, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the probabilities of occurrence and severity of these risks.
Measures shall include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and virtual access to the data, as well as input, disclosure, availability and separation of data. We have also set up procedures against risks of data being compromised, and to ensure the deletion of data and that data subjects can exercise their rights. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software, and procedures, in accordance with the principle of data protection through technology design and privacy-friendly default settings (article 25 GDPR).
Server Log Files
You can use our websites without submitting personal data. Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services. The access data are evaluated exclusively for the purpose of ensuring a trouble-free operation of the site as well as the improvement of our offer. In accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO the preservation of our legitimate interests, which predominate in the context of a weighing up of interests, in a correct presentation of our offer. All access data will be deleted no later than seven days after the end of your page visit.
Within the framework of a processing on our behalf, a third party provider provides the services for hosting and displaying the website. This serves to safeguard our legitimate interests, which are predominantly justified in the interests of weighing up our interests, in order to correctly present our offer. All data collected as part of the use of this website or in the forms provided as described below will be processed on its servers. Processing on other servers takes place only in the framework explained here. The hosting services we use are designed to provide the following services: infrastructure and platform services, computing capacity, storage and database services, e-mailing, security and technical maintenance services we use to operate this online service.
In this regard we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, prospects and visitors to this online offer on the basis of our legitimate interests in the efficient and secure provision of these online services according to art. 6 para. 1 lit. f GDPR in conjunction with art. 28 GDPR (conclusion of a contract processing contract). This service provider is located in the US and is certified under the EU-US Privacy Shield. A current certificate can be viewed here: https://www.privacyshield.gov/participant?id=a2zt0000000GnjcAAC&status=Active, https://www.squarespace.com/privacy. As a result of this agreement between the US and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield.
Collection, processing, and transfer of personal data in orders. When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you. Your data is transferred here for example to the shipping companies and dropshipping providers, payment service providers, service providers for handling the order and IT service providers that you have selected. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.
When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact. By submitting your message you agree to the processing of your transmitted data. Processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.
If you subscribe to our newsletter, we will use the data required or separately provided by you to regularly send you our e-mail newsletter based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. to send a DSGVO. We use your email address outside of contractual processing exclusively to send you a newsletter for our own marketing purposes, if you have explicitly agreed to this. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. It is sufficient to provide your email address to subscribe to the newsletter. We ask you to also provide a name, so we can address you personally in the newsletter. The dispatch of the newsletter and the associated performance measurement are based on the recipient’s consent pursuant to art. 6 para. 1 lit. a, art. 7 GDPR in conjunction with section 7 para. 2 no. 3 UWG (Gesetz gegen den unlauteren Wettbewerb - German Fair Trade Practices Act) or if, based on our legitimate interests in direct marketing pursuant to art. 6 para. 1 lt. F. GDPR in conjunction with section 7 para. 3 UWG, consent is not required. The logging of the registration process is based on our legitimate interests pursuant to art. 6 para. 1 lit. f GDPR. We are interested in using a user-friendly and secure newsletter system that serves our business interests, meets users' expectations, and allows us to provide evidence of consent.
You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by contacting us. Individual deletion requests may be submitted at any time, provided that the person requesting deletion confirms the former existence of a consent at the same time. Your email address will then be removed from the distributor. Your data will be forwarded to a service provider for email marketing in the course of order processing from a third country, which is covered by an adequacy decision by the European Commission. This service provider is located in the US and is certified under the EU-US Privacy Shield. A current certificate can be viewed here: https://www.privacyshield.gov/participant_search, https://mailchimp.com/legal/privacy/. As a result of this agreement between the US and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield. The use of the dispatch service provider is based on our legitimate interests according to art. 6 para. 1 lit. f. GDPR and a contract processing agreement as defined by art. 28 (3) clause 1 GDPR. The dispatch service provider may use the recipient’s data in a pseudonymous form, i.e. without attribution to a user, to optimize or improve their own services, e.g. for the technical optimization of newsletter dispatch and of the presentation of newsletters or for statistical purposes. However, the dispatch service provider will not use the data of our newsletter recipients to contact them on its own behalf or to pass the data on to third parties.
Comments Data Collection
When you comment on an article or a contribution, we collect your personal data (name, email address, comment text) only in the scope provided by you. The processing serves to allow you to comment and to display comments. By submitting the comment you agree to the processing of the transmitted data. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. You personal data will then be deleted. On publication of your comment the name and email address you have entered will be published.
On submission of your comment your IP address will also be saved in order to prevent misuse of the comment function and to ensure the security of our IT systems. By submitting the comment you agree to the processing of the transmitted data. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your IP address will then be deleted.
Contact Form Data Collection
We collect personal information if you provide it to us as part of your order or when contacting us (for example, by contact form or e-mail). Obligatory fields are marked as such, since in these cases we need the data obligatory for the execution of the contract or for the processing of your contact and you can not complete the order without their specification, or can not send the contact. The data collected is shown in the respective input forms. When contacting us (e.g. via contact form, e-mail, telephone or social media), we process information provided by the user to handle the contact inquiry pursuant to art. 6 para. 1 lit. b. (regarding contractual / pre-contractual relationships), art. 6 para. 1 lit. f. (regarding other requests) GDPR. User information may be stored in a Customer Relationship Management System ("CRM System") or similar tool for inquiry processing.
We use the data provided by you in accordance with Art. 6 para. 1 sentence 1 lit. b DSGVO for contract handling and processing of your inquiries. After completion of the contract, your data will be restricted for further processing and deleted after expiry of any tax and commercial retention periods, unless you have expressly consented to a further use of your data or we reserve the right to use the data, which is permitted by law and about which we inform you in this statement. We review the necessity every two years; furthermore, the statutory archiving provisions apply.
We use payment service providers based in a state outside the European Union. The transfer of personal data to this company takes place only in the context of the need to fulfill the contract. We use external payment providers that facilitate payment transactions between users and us though their platforms (e.g. including a link to the respective privacy policies
American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html)
Within the context of the performance of contracts, we use these payment providers on the basis of art. 6 para. 1 lit. b. GDPR. We also use external payment providers on the basis of our legitimate interests pursuant to art. 6 para. 1 lit. f. GDPR in order to provide our users with effective and secure payment options.
The data processed by the payment providers include inventory data such as name and address, bank details such as bank account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, summary and recipient-related information. These details are required to complete the transactions. However, the data entered will only be processed and stored by the payment service providers. This means that we do not receive any bank account- or credit card-related information, but only payment confirmations or information when a payment is rejected. Payment service providers may pass on data to credit reporting agencies for identity verification and credit check purposes. In this regard we refer to the general terms and conditions and privacy statements of the payment service providers.
Payment transactions are subject to the terms and conditions and privacy policies of the respective payment service providers, which can be accessed within the respective websites or transaction applications. We also refer to these documents for further information and assertion regarding the rights of withdrawal, information and other rights of data subjects.
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en (https://support.google.com/accounts/answer/61416?hl=en)
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies (http://https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies)
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen (https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen)
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac (https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac)
Statutory storage periods in Germany are 10 years in particular according to section 147 para. 1 AO (Abgabenordnung – German Tax Code), section 257 para. 1 clauses 1 and 4, section 4 HGB (Handelsgesetzbuch – German Commercial code) (books, records, management reports, accounting documents, trading books, documents relevant for taxation, etc.), and 6 years in accordance with section 257 (1) no. 2 and 3, para. 4 HGB (commercial letters).
If you have given your consent, Google Analytics, a web analysis service of Google Ireland Limited ("Google") is used on this website. The use includes the "Universal Analytics" operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze a user's activities across devices. This data protection notice is provided by <a href="https://www.intersoft-consulting.de" target="_blank">www.intersoft-consulting.de</a>.</p>
Purposes of the Processing
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and Internet use.
The legal basis for the use of Google Analytics is your consent in accordance with <a href="https://gdpr-info.eu/art-6-gdpr/" target="_blank">Art. 6 para. 1 lit. a GDPR</a>.</p>
Recipients or Categories of Recipients
The recipient of the collected data is Google.
Transfer to Third Countries
Personal data will be transferred to the USA under the EU-US Privacy Shield on the basis of the European Commission's adequacy decision. You can download the certificate <a href="https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI">here</a>.</p>
Duration of Data Storage
The data sent by us and linked to cookies, user-identifiers (e.g. User-IDs) or advertising-identifiers are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.</p>
Rights of the Persons affected
You can revoke your consent at any time with effect for the future by blocking the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functionalities of this website to their full extent.
Live Chat Tool
If you use the live chat tool to contact us, the data voluntarily entered by you (name, e-mail address, message) will be processed in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO processed for the purpose of answering the request during the execution of the contract by us. In addition, the use of this tool serves to safeguard our legitimate interests in effective and improved customer communication, which prevail in the context of a balance of interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO. The data will be deleted afterwards. All data collected during the use of the chat tool will be processed on its servers.
Our presence on social networks and platforms facilitates better, more active communication with our customers and prospects. We inform you about our products and ongoing promotions. We would like to point out that user data collected in this context may be processed outside the European Union. This may entail risks for users, e.g. by making it more difficult to enforce users' rights. We would like to point out that US providers certified under the Privacy Shield undertake to comply with EU privacy standards. When you visit our online social media sites, your information may be collected and stored automatically for marketing research and promotional purposes. From these data so-called usage profiles are created using pseudonyms. These may be used to e.g. place advertisements inside and outside the platforms that are allegedly in line with your interests. For this purpose, cookies are usually used on your device. These cookies store visitor behavior and the interests of users. This is gem. Art. 6 para. 1 lit. f. DSGVO the preservation of our legitimate interest in optimizing the representation of our offer and effective communication with customers and interested parties. If you are asked by the respective social media platform operators for consent (consent) to the data processing, e.g. with the help of a checkbox, the legal basis for data processing is Art. 6 para. 1 lit. a GDPR.
As far as the aforementioned social media platforms are headquartered in the US, the following applies: For the US, a decision on appropriateness of the European Commission is available. This goes back to the EU-US Privacy Shield. A current certificate for the respective company can be viewed here: https://www.privacyshield.gov/welcome.
Based on our legitimate interests (i.e. interest in the analysis, optimization and profitable operation of our online offer within the meaning of art. 6 (1) lit. GDPR), we use third-party content and/or services in order to integrate these providers’ content and services, such as videos or fonts (collectively referred to as "content"). This always presupposes that the third-party providers of this content perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on users’ devices and may include technical information about the browser and operating system, referring web pages, time of access, and other information regarding the use of our online offer.
Data processing takes place on the basis of an agreement between jointly responsible persons in accordance with Art. 26 GDPR, which you can see here:
Google / YouTube: https://policies.google.com/privacy
Opposition possibility (opt-out):
Google / YouTube: https://adssettings.google.com/authenticated
Use of Facebook
Use of Pinterest
Use of Instagram
Use of YouTube
Our website uses the function for the embedding of YouTube videos provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube"). YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;"Google").
Contact and Rights
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.
Contact us at any time.
Our contact details can be found in our imprint.
Right to object
If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the following rights:
- in according to Art. 15 GDPR, the right to demand information on the personal data processed by us in the scope specified therein;
- in accordance with Art. 16 GDPR, the right to demand immediate correction of incorrect or completed personal data stored by us;
- in accordance with Art. 17 DSGVO the right to demand the deletion of your personal data stored by us, unless the further processing
to exercise the right to freedom of expression and information;
to fulfil a legal obligation;
for reasons of public interest or
to assert, exercise or defend legal claims is required;
- in accordance with Art. 18 DSGVO the right to demand the restriction of the processing of your personal data, as far as
- the accuracy of the data is disputed by you;
- the processing is unlawful, but you reject its deletion;
- we no longer need the data, but you need it to assert, exercise or defend legal claims or
- you have lodged an objection against the processing in accordance with Art. 21 GDPR;
- in accordance with Art. 20 DSGVO the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible;
- in accordance with Art. 77 GDPR the right to complain to a supervisory authority. In general, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
For questions about the collection, processing or use of your personal data, information, correction, restriction or deletion of data and revocation of granted consent or objection to a particular use of data, please contact us directly via the contact details in our imprint. To the extent that we process personal data as explained above in order to safeguard our legitimate interests, which are predominant as part of a weighing up of interests, you can object to this processing with effect for the future. If the processing is for the purpose of direct marketing, you can exercise this right at any time as described above. Insofar as the processing takes place for other purposes, you have a right of objection only if there are reasons that arise from your particular situation.
After exercising your right to object, we will not further process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing of the assertion, exercise or defense of Legal claims serves.
This does not apply if the processing is for direct marketing purposes. Then we will not process your personal data for this purpose.
Liability for links
Our website contains links to external websites of third parties on whose contents we have no influence. Therefore, we can not assume any liability for these third-party content. The respective provider or operator of the pages is always responsible for the contents of the linked pages.
Responsible for the data processing is:
61348 Bad Homburg, Germany
Email Address: firstname.lastname@example.org
In accordance with Section 19 UStG (VAT Act) we do not charge German VAT, and consequently, do not quote this on our invoices (small business).
Effective as of February 17, 2019