Data protection
Privacy Policy
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data.
This happens when you visit this website. Personal data is any data that can be used to identify you.
can be personally identified. Detailed information on data protection can be found here.
Please see our privacy policy listed below this text.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details
You can find this information in the section “Information on the responsible body” in this privacy policy.
How do we collect your data?
Your data is collected, firstly, because you provide it to us. This could include, for example,
This concerns data that you enter into a contact form.
Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time).
(of the page view). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure the website functions correctly. Other data is collected for other purposes.
Data may be used to analyze your user behavior. This applies if contracts are concluded via the website.
The transmitted data will also be used for contract offers if contracts can be concluded or initiated.
Orders or other order requests are processed.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about the origin, recipients and purpose of your
to receive the personal data stored about you. You also have the right to request the correction or
to request the deletion of this data. If you have given your consent to data processing,
You can revoke this consent at any time for the future. Furthermore, you have the right to...
Under certain circumstances, you have the right to request the restriction of the processing of your personal data.
Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time with regard to this and other questions concerning data protection.
Analytics tools and third-party tools
When you visit this website, your browsing behavior may be statistically analyzed. This happens before
especially with so-called analysis programs.
Detailed information about these analysis programs can be found in the following
Privacy policy.
2. Hosting
We host the content of our website with the following provider:
Shopify
The provider is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32,
Ireland (hereinafter referred to as “Shopify”).
Shopify is a tool for building and hosting websites. When you visit our website,
Shopify collects your IP address as well as information about the device you are using and your
Browser. Shopify also tracks visitor numbers, visitor sources, and customer behavior.
Shopify analyzes and compiles user statistics. When you make a purchase on our website, Shopify records this information.
in addition, your name, email address, delivery and billing addresses, payment details and other information.
Data related to the purchase (e.g. telephone number, amount of sales made, etc.).
Shopify stores cookies in your browser for analysis purposes.
For details, please refer to Shopify's privacy policy:
https://www.shopify.de/legal/datenschutz.
The use of Shopify is based on Article 6(1)(f) GDPR. We have a
legitimate interest in the most reliable possible presentation of our website. If a
If the appropriate consent has been requested, processing is carried out exclusively on the basis of Art.
Article 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as consent concerns the storage of cookies or the
Access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TDDDG
This includes [the following]. Consent can be revoked at any time.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
3. General information and mandatory disclosures
Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your
personal data will be treated confidentially and in accordance with the statutory data protection regulations.
this privacy policy.
When you use this website, various personal data will be collected.
Personal data is data that can be used to identify you personally. This
Our privacy policy explains what data we collect and what we use it for. It also explains how
and for what purpose this is done.
Please note that data transmission over the Internet (e.g., when communicating via email)
It may have security vulnerabilities. Complete protection of data from access by third parties is not possible.
possible.
Note regarding the responsible body
The responsible body for data processing on this website is:
Creatal GmbH
Bahnhofstraße 55
56410 Montabaur
Telephone: 02630999960
Email: info@travelboo.de
The responsible body is the natural or legal person who, alone or jointly with others,
the purposes and means of processing personal data (e.g. names, email addresses, etc.)
decides.
Storage duration
Unless a more specific storage period is stated within this privacy policy, the data will remain
Your personal data will be stored with us until the purpose for processing the data no longer applies. If you
assert a legitimate request for erasure or revoke consent to data processing,
Your data will be deleted unless we have other legally permissible reasons for storing it.
have personal data (e.g., tax or commercial law retention periods); in
In the latter case, deletion will occur once these reasons cease to exist.
General information on the legal basis for data processing on this
Website
If you have consented to data processing, we will process your personal data on
The legal basis is Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, insofar as special categories of data are involved.
Processed in accordance with Article 9(1) GDPR. In the case of explicit consent to the transfer.
Furthermore, the processing of personal data in third countries is based on Art.
Article 49(1)(a) GDPR. If you consent to the storage of cookies or access to information in
If your device has consented (e.g., via device fingerprinting), the data processing will also take place.
Based on Section 25 Paragraph 1 of the German Telemedia Act (TDDG). Consent can be revoked at any time. Are your data for
We process your data for the purpose of fulfilling the contract or for carrying out pre-contractual measures.
Data is processed on the basis of Article 6(1)(b) GDPR. Furthermore, we process your data if this
necessary for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
Data processing may also be based on our legitimate interest pursuant to Art. 6 para. 1 lit. f
GDPR compliance. The relevant legal bases in each individual case are explained in the following sections.
Paragraphs of this privacy policy provide information.
Note regarding the transfer of data to third countries that do not offer adequate data protection, as well as
the transfer to US companies that are not DPF-certified
We use, among other things, tools from companies based in countries that do not offer adequate data protection.
Third countries and US tools whose providers do not comply with the EU-US Data Privacy Framework (DPF)
are certified. When these tools are active, your personal data may be transferred to these countries.
will be transferred and processed there. We would like to point out that in data protection-insecure environments...
Third countries cannot guarantee a level of data protection comparable to that of the EU.
We would like to point out that the USA, as a safe third country, is generally comparable to the EU.
They must meet certain data protection standards. Data transfers to the USA are therefore permitted if the recipient...
possesses a certification under the “EU-US Data Privacy Framework” (DPF) or has suitable
additional safeguards are in place. Information on transfers to third countries, including the
Data recipients can be found in this privacy policy.
Recipients of personal data
As part of our business activities, we collaborate with various external parties.
In some cases, it is also necessary to transfer personal data to these external bodies.
We only share personal data with external parties if this is necessary within the context of a
Contract fulfillment is necessary if we are legally obligated to do so (e.g., disclosure of data).
to tax authorities), if we have a legitimate interest in the disclosure pursuant to Art. 6 para. 1 lit. f GDPR.
have or if another legal basis permits the data transfer. When using
We only disclose our customers' personal data to data processors on the basis of a valid
The data processing agreement is further defined. In the case of joint processing, a data processing agreement is concluded.
Joint processing concluded.
Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can
Consent already given can be revoked at any time. The lawfulness of the data processing carried out before the revocation remains unaffected.
Data processing remains unaffected by the revocation.
Right to object to data collection in special cases and to
Direct marketing (Art. 21 GDPR)
IF THE DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR
If this has been done, you have the right at any time to withdraw your consent for reasons arising from your particular circumstances.
A situation arises in which you can object to the processing of your personal data.
TO MONITOR AN OBJECTION; THIS ALSO APPLIES TO A DECISION BASED ON THESE PROVISIONS
PROFILING. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED,
Please refer to this privacy policy. If you object,
WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, IT
UNLESS WE CAN PROVIDE COMPELLING LEGITIMATE REASONS FOR PROCESSING
Evidence that outweighs your interests, rights and freedoms or that
Processing serves the purpose of establishing, exercising or defending rights of
LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).
ARE YOUR PERSONAL DATA PROCESSED FOR DIRECT MARKETING PURPOSES?
You have the right to object to the processing of your data at any time.
CONCERNING PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING
TO BE REGARDED; THIS ALSO APPLIES TO PROFILING, IN EFFECT WITH SUCH DIRECT ADVERTISING IN
A connection is established. If you object, your personal data will be deleted.
Subsequently no longer used for direct marketing purposes (objection)
PURSUANT TO ART. 21 PARA. 2 GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority.
Supervisory authority, in particular in the Member State of their habitual residence or place of work
or the place of the alleged violation. The right to appeal exists without prejudice to other rights.
administrative or judicial remedies.
Right to data portability
You have the right to data that we process based on your consent or in fulfillment of a contract.
to process automatically, either for oneself or for a third party, in a commonly used, machine-readable format
to have it handed over. If you request the direct transfer of the data to another controller.
If requested, this will only be done to the extent that it is technically feasible.
Information, correction and deletion
Within the framework of applicable legal provisions, you have the right at any time to free
Information about your stored personal data, its origin and recipients, and the
The purpose of data processing and, where applicable, a right to rectification or erasure of this data. For this purpose, as well as...
For further questions regarding personal data, please feel free to contact us at any time.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data.
You can contact us at any time regarding this. The right to restrict processing exists in
the following cases:
If you dispute the accuracy of your personal data stored with us, we require
You usually have time to check this. For the duration of the check, you have the right to...
to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can
Instead of deletion, request the restriction of data processing.
If we no longer need your personal data, but you require it to exercise your rights,
If you need to defend or assert legal claims, you have the right to do so instead of the
You have the right to request the erasure or restriction of the processing of your personal data.
If you have lodged an objection pursuant to Article 21(1) GDPR, a balancing of interests must be carried out between
These actions will be taken in your and our interests. As long as it is not yet clear whose interests
If your interests or fundamental rights and freedoms override those interests, you have the right to restrict the processing of your personal data.
to demand.
If you have restricted the processing of your personal data, this data may – from
Apart from their storage – only with your consent or for the establishment, exercise or
Defense of legal claims or for the protection of the rights of another natural or
legal person or for reasons of important public interest of the European Union or
processed by a member state.
SSL or TLS encryption
This site uses cookies for security reasons and to protect the transmission of confidential content, such as...
For example, orders or inquiries that you send to us as the website operator use SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser's address bar changes from
"http://" changes to "https://" and you can see the lock symbol in your browser bar.
When SSL or TLS encryption is enabled, the data you send to us cannot be intercepted.
can be read by third parties.
Encrypted payment transactions on this website
After concluding a paid contract, is there an obligation to provide us with your payment details?
(e.g., account number for direct debit authorization) will be transmitted; this data will be used for payment processing.
needed.
Payment transactions are processed via the usual payment methods (Visa/MasterCard, direct debit).
exclusively via an encrypted SSL or TLS connection. An encrypted connection can be recognized by...
You can tell by the fact that the browser's address bar changes from "http://" to "https://" and by the padlock symbol.
in your browser bar.
With encrypted communication, your payment details that you transmit to us cannot be intercepted by third parties.
Third parties may also read the information.
Objection to advertising emails
The use of contact details published within the scope of the legal notice requirements for sending
We hereby object to receiving unsolicited advertising and informational materials.
The operators of these pages expressly reserve the right to take legal action in the event of unsolicited sending of
Advertising information, such as through spam emails.
4. Data collection on this website
Cookies
Our website uses so-called "cookies". Cookies are small data packets and are aimed at
Your device will not be harmed. They will either be temporarily disabled for the duration of a session.
Session cookies or persistent cookies are stored on your device.
These cookies are automatically deleted after your visit ends. Persistent cookies remain on your device.
stored until you delete them yourself or your web browser deletes them automatically.
Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from
Third-party companies within websites (e.g., cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary because certain
Website functions would not work without them (e.g., the shopping cart function or the display).
(from videos). Other cookies may be used to analyze user behavior or for advertising purposes.
be used.
Cookies that are necessary for carrying out the electronic communication process, for providing
certain functions you have requested (e.g., for the shopping cart function) or to optimize the
Website cookies (e.g., cookies for measuring website traffic) are required (necessary cookies).
Data is stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified.
The website operator has a legitimate interest in storing necessary cookies for
technically flawless and optimized provision of its services. Provided consent has been given for
If the storage of cookies and similar recognition technologies has been requested, the following occurs:
Processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1
TDDDG); consent can be revoked at any time.
You can configure your browser to notify you when cookies are being set and
Allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or generally.
and enable the automatic deletion of cookies when the browser is closed.
Disabling cookies may limit the functionality of this website.
You can find out which cookies and services are used on this website here.
See privacy policy.
CCM19
Our website uses CCM19 to obtain your consent to the storage of certain cookies on your device.
to obtain information on the end device or the use of specific technologies and to ensure that these comply with data protection regulations.
Documentation. The provider of this technology is Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn.
(hereinafter referred to as “CCM19”).
When you enter our website, a connection is established to the servers of CCM19 to process your data.
to obtain consent and other declarations regarding cookie usage. CCM19 then stores this information.
A cookie will be placed in your browser to associate your given consents or their revocation with you.
The data collected in this way will be stored until you request its deletion.
Delete the CCM19 cookie yourself, or the purpose for data storage will cease to exist. Mandatory legal requirements.
Retention obligations remain unaffected.
CCM19 is used to obtain the legally required consents for the use of
To collect cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
Contact form
If you send us inquiries via the contact form, your information will be stored.
Inquiry form including the contact details you provided for processing the inquiry
and stored by us in case of follow-up questions. We will not share this data without your consent.
Consent forwarded.
The processing of this data is based on Article 6 Paragraph 1 Letter b GDPR, insofar as your request is related to
related to the fulfillment of a contract or for the implementation of pre-contractual measures
is necessary. In all other cases, the processing is based on our legitimate interest in the
effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your
Consent (Art. 6 para. 1 lit. a GDPR) if requested; consent can be withdrawn at any time.
revocable.
The data you entered in the contact form will remain with us until you request its deletion.
request, revoke your consent to data storage, or the purpose for data storage no longer applies.
(e.g., after your request has been processed). Mandatory legal provisions –
In particular, retention periods remain unaffected.
Use of AI on the website
We use AI-powered services and/or applications on our website.
We use artificial intelligence (AI) on our website as follows:
- Answers to support requests
- Responses to contact form
When you interact with or come into contact with elements on our website that contain artificial
When intelligence is used (e.g., a chatbot), your input, including metadata, is processed to create a
to generate a suitable answer or reaction.
The use of these AI-supported functions is based on Article 6(1)(f) GDPR. We
have a legitimate interest in using modern technologies on our website to improve our services.
To improve performance and services and to unlock new potential from interactions with our customers
recognize. If consent is required, processing will only take place on the basis of
Article 6 paragraph 1 letter a GDPR and Section 25 paragraph 1 TDDDG. You can withdraw your consent at any time.
Further information on the data processing of this tool or service can be found in the relevant section of this privacy policy.
Use of artificial intelligence (AI) to answer customer inquiries
We use AI-powered software to process and respond to customer inquiries.
The AI we use analyzes the content of your message in order to autonomously or partially autonomously...
to generate a suitable answer or a suggested answer. In this context, data is processed.
Our AI analyzes all the content of your message, including names, email addresses, and communication content.
or technical information (e.g. IP addresses, device information).
The use of the AI software employed is based on Article 6(1)(f) GDPR. We
have a legitimate interest in the most efficient customer communication possible using
modern technical solutions.
We use the following AI applications:
ChatGPT
We use ChatGPT for our customer communication. The provider is OpenAI, 3180 18th St, San Francisco.
Francisco, CA 94110, USA
https://openai.com. Therefore, when you contact us, your requests, including metadata, may be sent to
The data is transferred to ChatGPT's servers and processed there to generate a suitable response.
You can find more information here:
https://openai.com/policies/privacy-policy.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
Inquiries via email, telephone or fax
If you contact us by email, telephone or fax, your request, including all resulting information, will be processed.
The personal data arising from this (name, request) will be processed for the purpose of handling your request.
Your data is stored and processed by us. We will not share this data without your consent.
The processing of this data is based on Article 6 Paragraph 1 Letter b GDPR, insofar as your request is related to
related to the fulfillment of a contract or for the implementation of pre-contractual measures
is necessary. In all other cases, the processing is based on our legitimate interest in the
effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your
Consent (Art. 6 para. 1 lit. a GDPR) if requested; consent can be withdrawn at any time.
revocable.
The data you send us via contact requests will remain with us until you request its deletion.
request, revoke your consent to data storage, or the purpose for data storage no longer applies.
(e.g., after your request has been processed). Mandatory legal provisions –
In particular, statutory retention periods remain unaffected.
Communication via WhatsApp
We use the instant messaging service WhatsApp, among others, to communicate with our customers and other third parties. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Communication takes place via end-to-end encryption (peer-to-peer), which prevents...
WhatsApp or other third parties may gain access to the communication content. WhatsApp receives
However, access to metadata generated during the communication process (e.g., sender,
Recipient and time). We would also like to point out that, according to WhatsApp,
shares personal data of its users with its US-based parent company Meta.
Further details on data processing can be found in WhatsApp's privacy policy at:
https://www.whatsapp.com/legal/#privacy-policy.
The use of WhatsApp is based on our legitimate interest in the greatest possible [information/service/etc.].
fast and effective communication with customers, prospects and other business and
Contractual partners (Art. 6 para. 1 lit. f GDPR). If corresponding consent has been requested,
Data processing is carried out exclusively on the basis of consent; this consent can be revoked at any time with effect
Revocable for the future.
The communication content exchanged between you and us on WhatsApp will remain with us until
You request that we delete the data, revoke your consent to its storage, or the purpose for which it was stored no longer applies.
Data storage is not required (e.g., after your request has been processed). Mandatory legal requirements apply.
Provisions – in particular retention periods – remain unaffected.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/7735.
We use WhatsApp in the "WhatsApp Business" version.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.whatsapp.com/legal/business-data-transfer-addendum.
We have configured our WhatsApp accounts so that there is no automatic data synchronization with the
Makes the address book available on the smartphones in use.
We have concluded a data processing agreement (DPA) with the above-mentioned provider.
Registration on this website
You can register on this website to use additional features. These features are available upon request.
We use the data you enter only for the purpose of using the respective offer or service.
for which you registered. The mandatory information requested during registration must be complete.
This information must be provided. Otherwise, we will reject the registration.
For important changes, such as changes to the scope of services or technically necessary changes, use
We will use the email address you provided during registration to inform you in this way.
The data entered during registration is processed for the purpose of carrying out the
through the user relationship established by registration and, if applicable, for the initiation of further contracts (Art.
6 para. 1 lit. b GDPR).
The data collected during registration will be stored by us for as long as you remain on this website.
The data is registered and will subsequently be deleted. Statutory retention periods remain unaffected.
5. Social Media
Facebook
This website integrates elements of the social network Facebook. The provider of this service is...
Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. The collected data will
However, according to Facebook, the data is also transferred to the USA and other third countries.
An overview of Facebook's social media elements can be found here:
https://developers.facebook.com/docs/plugins/?locale=de_DE.
When the social media element is active, a direct connection is established between your device and the
A Facebook server is established. Facebook thereby receives the information that you, with your IP address, are accessing this site.
You have visited this website. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of this website to your Facebook profile.
This allows Facebook to associate your visit to this website with your user account. Please note,
that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use
obtained through Facebook. Further information can be found in Facebook's privacy policy.
Facebook at:
https://de-de.facebook.com/privacy/explanation.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
To the extent that personal data is collected on our website using the tool described here and transmitted to
If you are redirected to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, are responsible.
Grand Canal Harbour, Dublin 2, Ireland, jointly responsible for this data processing (Art. 26
GDPR). The joint responsibility is limited exclusively to the collection of the
Data and its transfer to Facebook. The processing that takes place after the transfer by
Facebook is not part of the shared responsibility. The obligations incumbent upon us jointly.
were stipulated in an agreement on joint processing. The wording of the
The agreement can be found at:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for granting
the data protection information when using the Facebook tool and for data protection compliance
We are responsible for implementing the tool on our website. Facebook is responsible for the data security of its products. Data subject rights (e.g., requests for information) regarding the data processed by Facebook are not affected.
You can assert your rights regarding data processed by Facebook directly with Facebook. If you
If data subjects assert their rights with us, we are obliged to forward these to Facebook.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://de-de.facebook.com/help/566994660333381 and
https://www.facebook.com/policy.php.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4452.
Instagram
This website integrates features of the Instagram service. These features are
Offered by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
When the social media element is active, a direct connection is established between your device and the
An Instagram server has been established. Instagram will therefore receive information about your visit to this website.
through you.
If you are logged into your Instagram account, you can click the Instagram button.
Link the content of this website to your Instagram profile. This allows Instagram to track your visit to this site.
Website to be associated with your user account. Please note that we, as the provider of the pages, do not
Knowledge of the content of the transmitted data and its use by Instagram is obtained.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
To the extent that personal data is collected on our website using the tool described here and transmitted to
We and Meta Platforms Ireland Limited, 4 Grand, are responsible for redirecting you to Facebook or Instagram.
Canal Square, Grand Canal Harbour, Dublin 2, Ireland, jointly for this data processing
responsible (Art. 26 GDPR). The joint controllership is limited exclusively
on the collection of data and its transfer to Facebook or Instagram. The data after the transfer
Any processing carried out by Facebook or Instagram is not part of the joint responsibility.
Our shared obligations were defined in a joint agreement
The processing was recorded. You can find the full text of the agreement at:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for granting
the data protection information when using the Facebook or Instagram tool and for the
We are responsible for ensuring the data protection-compliant implementation of the tool on our website.
Facebook is responsible for the data security of its Facebook and Instagram products. Data subject rights.
(e.g., requests for information) regarding the data processed by Facebook or Instagram, you can
You can assert your rights directly with Facebook. If you assert your data subject rights with us, we
obliged to forward these to Facebook.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://privacycenter.instagram.com/policy/ and
https://de-de.facebook.com/help/566994660333381.
You can find more information about this in Instagram's privacy policy:
https://privacycenter.instagram.com/policy/.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4452.
6. Analytics tools and advertising
Google Analytics
This website uses features of the web analytics service Google Analytics. The provider is Google Ireland.
Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyze the behavior of website visitors.
In this process, the website operator receives various usage data, such as page views, time spent on the site,
Operating systems used and user origin. This data is stored in a user ID.
summarized and assigned to the respective device of the website visitor.
Furthermore, we can use Google Analytics to track your mouse movements, scrolling, and clicks, among other things.
record. Furthermore, Google Analytics uses various modeling approaches to analyze the collected data.
to supplement datasets and uses machine learning technologies in data analysis.
Google Analytics uses technologies that recognize users for analysis purposes.
enable the tracking of user behavior (e.g., cookies or device fingerprinting). The data collected by Google
Information about the use of this website is usually transmitted to a Google server in the
transferred to the USA and stored there.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://business.safety.google/adscontrollerterms/sccs/.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.
IP anonymization
Google Analytics IP anonymization is activated. This means your IP address is anonymized by Google within
from member states of the European Union or in other contracting states of the agreement on the
Data from the European Economic Area is truncated before being transferred to the USA. Only in exceptional cases is the
The full IP address is transmitted to a Google server in the USA and shortened there. On behalf of the
The operator of this website will use Google to analyze your use of the website.
to evaluate, to compile reports on website activity and to further develop the
Services related to website use and internet usage vis-à-vis the website operator
to provide. The IP address transmitted by your browser as part of Google Analytics will not be
combined with other data from Google.
Browser Plugin
You can prevent Google from collecting and processing your data by clicking the link below.
Download and install the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de.
More information on how Google Analytics handles user data can be found in the
Google's privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de.
Google Signals
We use Google Signals. When you visit our website, Google Analytics collects, among other things, your data.
Location, search history, YouTube history, and demographic data (visitor data). This data
can be used for personalized advertising with the help of Google Signal. If you have a
If you have a Google account, visitor data from Google Signal will be linked to your Google account.
and used for personalized advertising messages. The data is also used for the creation of
anonymized statistics on the user behavior of our users are used.
Order processing
We have concluded a data processing agreement with Google and adhere to its strict requirements.
The requirements of the German data protection authorities for the use of Google Analytics are fully implemented.
Google Analytics E-Commerce Measurement
This website uses the "E-Commerce Measurement" feature of Google Analytics. E-Commerce Measurement allows the website operator to analyze the purchasing behavior of website visitors in order to improve their website.
Analyze online marketing campaigns. This involves gathering information such as the actions taken.
Orders, average order values, shipping costs, and the time from view to purchase.
a product is recorded. This data can be aggregated by Google under a transaction ID.
will be assigned to the respective user or their device.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program of Google.
Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites.
to display ads when the user enters certain search terms into Google (keyword targeting). Furthermore
Targeted advertising can be based on user data available at Google (e.g.,
Location data and interests are used to display relevant information (target group targeting). We, as website operators,
We can quantitatively evaluate this data by, for example, analyzing which search terms are used to...
The results of our ad placements and how many ads led to corresponding clicks.
have led to this.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://policies.google.com/privacy/frameworks and
https://business.safety.google/controllerterms/.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.
Google AdSense (non-personalized)
This website uses Google AdSense, a service for integrating advertisements. The provider is [Company Name].
Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use Google AdSense in "non-personalized" mode. This is in contrast to personalized mode.
Therefore, the advertisements are not based on your previous user behavior and no user profile is created.
created by you. Instead, so-called "contextual information" is used when selecting advertisements.
The selected advertisements are then based, for example, on your location.
based on the content of the website you are currently visiting or your current search terms. Learn more about the
Discover the differences between personalized and non-personalized targeting with Google AdSense
You can find them at:
https://support.google.com/adsense/answer/9007336.
Please note that even when using Google AdSense in non-personalized mode, cookies may still be used.
or comparable recognition technologies (e.g. device fingerprinting) are used
They can. According to Google, these are used to combat fraud and abuse.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://business.safety.google/adscontrollerterms/sccs/.
You can adjust your advertising settings yourself in your user account. To do this, click on
Follow this link and log in:
https://adssettings.google.com/authenticated.
You can find more information about Google's advertising technologies here:
https://policies.google.com/technologies/ads and
https://www.google.de/intl/de/policies/privacy/.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.
Google Ads Remarketing
This website uses Google Ads Remarketing features. The provider is Google Ireland Limited.
(“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Ads Remarketing, we can reach people who interact with our online offerings.
to assign specific target groups in order to subsequently display interest-based advertising to them in the Google advertising network (remarketing or retargeting).
Furthermore, the advertising audiences created with Google Ads Remarketing can be combined with the
Google's cross-device features can be linked. In this way,
Interest-based, personalized advertising messages that depend on your previous usage and
Your browsing behavior on one device (e.g., mobile phone) has been tailored to you and also on another of your devices.
Devices (e.g. tablet or PC) will be displayed.
If you have a Google account, you can opt out of personalized advertising at the following link:
Disagreement link:
https://adssettings.google.com/anonymous?hl=de.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
Further information and the data protection regulations can be found in the privacy policy.
from Google at:
https://policies.google.com/technologies/ads?hl=de.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.
Target group formation with customer matching
We use, among other things, the customer matching feature of Google Ads Remarketing to define our target audience.
In this process, we transfer certain customer data (e.g., email addresses) from our customer lists to
Google. If the customers in question are Google users and logged into their Google account, they will be notified.
Relevant advertising messages within the Google network (e.g., on YouTube, Gmail, or in the
displayed in the search engine.
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon
House, Barrow Street, Dublin 4, Ireland.
Google conversion tracking allows Google and us to recognize whether the user has made certain purchases.
Actions have been performed. For example, we can analyze which buttons on our website are used.
how often clicks were made and which products were viewed or purchased most frequently.
This information is used to generate conversion statistics. We learn the total number of users,
who clicked on our ads and what actions they took. We receive no data on this.
Information that allows us to personally identify the user. Google itself uses this for
Identification cookies or similar recognition technologies.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
More information about Google Conversion Tracking can be found in the privacy policy of
Google:
https://policies.google.com/privacy?hl=de.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.
Meta-Pixel (formerly Facebook Pixel)
This website uses the visitor action pixel from Meta for conversion tracking. The provider of this pixel is [Company Name].
The service provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The data collected
However, according to Meta, they are also transferred to the USA and other third countries.
This allows the behavior of website visitors to be tracked after they have been redirected to the provider's website by clicking on a meta ad. This allows the effectiveness of the
Meta-advertisements are evaluated for statistical and market research purposes and future
Advertising measures will be optimized.
The data collected is anonymous for us as the operators of this website; we cannot draw any conclusions about
to identify the users. However, the data is stored and processed by Meta, so that a
A connection to the respective user profile on Facebook or Instagram is possible, and Meta uses the data for
own advertising purposes, in accordance with the meta data usage policy (
https://de-de.facebook.com/about/privacy/) can use this. This allows Meta to control the switching of
This enables advertising on Facebook or Instagram pages and other advertising channels.
We, as the website operator, have no influence over the use of the data.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
We use the extended matching function within the meta-pixels.
The extended matching feature allows us to compare different types of data (e.g., place of residence, state,
Postcode, hashed email addresses, names, gender, date of birth or telephone number) of our
We transmit customer and prospect data collected through our website to Meta.
We can tailor our advertising campaigns on Facebook and Instagram even more precisely to individuals,
who are interested in our offers. Furthermore, the enhanced matching improves the allocation of
Website conversions and enhanced custom audiences.
To the extent that personal data is collected on our website using the tool described here and transmitted to
If you are redirected to Meta, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand
Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR).
The joint responsibility is limited exclusively to the collection of the data and
their transfer to Meta. The processing by Meta after the transfer is not part of this.
of shared responsibility. The obligations incumbent upon us jointly were defined in a
Agreement on joint processing recorded. You can find the text of the agreement here.
under:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for granting
the data protection information when using the meta-tool and for data protection compliance
We are responsible for the implementation of the tool on our website. We are also responsible for the data security of the meta products.
Meta is responsible. Data subject rights (e.g., requests for information) regarding data held by Facebook or
You can assert your rights regarding data processed by Instagram directly with Meta.
If you make a claim against us, we are obliged to forward it to Meta.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.
You can find further information on protecting your privacy in Meta's privacy policy:
https://de-de.facebook.com/about/privacy/.
You can also use the "Custom Audiences" remarketing feature in the settings section for
Advertisements below
Disable ad setting on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
You must be logged in to Facebook.
If you don't have a Facebook or Instagram account, you can't view interest-based advertising from
Disable meta tags on the European Interactive Digital Advertising Alliance website:
http://www.youronlinechoices.com/de/praferenzmanagement/.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4452.
Meta Conversion API
We have integrated the Meta Conversion API into this website. The provider of this service is Meta.
Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The collected data will, according to the statement...
However, Meta also transferred it to the USA and other third countries.
The Meta Conversion API allows us to track the interactions of website visitors with our website.
to capture and pass this data on to Meta in order to measure advertising performance on Facebook and Instagram
improve.
For this purpose, in particular the time of access, the accessed website, your IP address and your
User agent and, if applicable, other specific data (e.g., purchased products, value of the shopping cart and
Currency) is recorded. A complete overview of the data that can be recorded can be found here:
https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
To the extent that personal data is collected on our website using the tool described here and transmitted to
If you are redirected to Meta, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand
Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR).
The joint responsibility is limited exclusively to the collection of the data and
their transfer to Meta. The processing by Meta after the transfer is not part of this.
of shared responsibility. The obligations incumbent upon us jointly were defined in a
Agreement on joint processing recorded. You can find the text of the agreement here.
under:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for granting
the data protection information when using the meta-tool and for data protection compliance
We are responsible for the implementation of the tool on our website. We are also responsible for the data security of the meta products.
Meta is responsible. Data subject rights (e.g., requests for information) regarding data held by Facebook or
You can assert your rights regarding data processed by Instagram directly with Meta.
If you make a claim against us, we are obliged to forward it to Meta.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.
You can find further information on protecting your privacy in Meta's privacy policy:
https://de-de.facebook.com/about/privacy/.
You can also use the "Custom Audiences" remarketing feature in the settings section for
Advertisements below
Disable ad setting on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
You must be logged in to Facebook.
If you don't have a Facebook or Instagram account, you can't view interest-based advertising from
Disable meta tags on the European Interactive Digital Advertising Alliance website:
http://www.youronlinechoices.com/de/praferenzmanagement/.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4452.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
Meta Custom Audiences
We use Meta Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4
Grand Canal Square, Dublin 2, Ireland.
When you visit or use our websites and apps, whether free or paid
Take advantage of offers, transmit data to us, or interact with Facebook or Instagram content.
When you interact with our company, we collect your personal data.
If you give your consent to the use of Meta Custom Audiences, we will send this data to Meta.
transmit information that Meta can use to show you relevant ads. Furthermore, your
Data is used to define target groups (Lookalike Audiences).
Meta processes this data as our data processor. Details are in the user agreement of
Meta can be found here:
https://www.facebook.com/legal/terms/customaudience.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.facebook.com/legal/terms/customaudience and
https://www.facebook.com/legal/terms/dataprocessing.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4452.
TikTok Pixel
We have integrated the TikTok pixel on this website. The provider is TikTok Technology Limited, 10
Earlsfort Terrace, Dublin, D02 T380, Ireland (hereinafter referred to as TikTok).
With the help of TikTok Pixel, we can identify website visitors who have viewed our offers.
Display interest-based advertising on TikTok (TikTok Ads). At the same time, we can use TikTok to...
Pixels determine how effective our advertising on TikTok is. This allows us to evaluate the effectiveness of TikTok ads for statistical and market research purposes and to use this information for future campaigns.
Advertising measures are optimized. Various usage data is processed in this process, such as IP address, page views, time spent on the site, operating systems used, and user origin.
Information about the ad a person clicked on on TikTok or an event that triggered it
was (timestamp). This data is aggregated into a user ID and assigned to the respective device.
assigned to the website visitor.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and §
Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
Data transfers to third countries are based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE and
https://ads.tiktok.com/i18n/official/policy/controller-to-controller.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
LinkedIn Insight Tag
This website uses the LinkedIn Insight Tag. The provider of this service is LinkedIn Ireland.
Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Data processing by LinkedIn Insight Tag
Using the LinkedIn Insight Tag, we obtain information about visitors to our website. Is a
If website visitors are registered with LinkedIn, we can, among other things, access their professional information (e.g., career level,
Company size, country, location, industry and job title) of our website visitors
We can analyze and thus better tailor our site to the respective target groups. Furthermore, we can use
LinkedIn Insight Tags help us measure whether visitors to our websites make a purchase or other action.
Take action (conversion measurement). Conversion measurement can also be performed across multiple devices.
(e.g., from PC to tablet). LinkedIn Insight Tag also offers a retargeting function that helps
we can display targeted advertising to visitors of our website outside of the website,
However, according to LinkedIn, no identification of the advertising recipient takes place.
LinkedIn itself also collects so-called log files (URL, referrer URL, IP address, device and
Browser characteristics and time of access). The IP addresses are shortened or (if used)
(are hashed (pseudonymized) to reach LinkedIn members across devices). The direct
LinkedIn member IDs are deleted by LinkedIn after seven days. The remaining
Pseudonymized data will then be deleted within 180 days.
The data collected by LinkedIn cannot be attributed to specific individuals by us as website operators.
LinkedIn will associate the collected personal data of website visitors with its platform.
We store data on servers in the USA and use it for our own advertising purposes. See details below.
LinkedIn's privacy policy at
https://www.linkedin.com/legal/privacy-policy#choices-oblig.
Legal basis
Provided that consent has been obtained, the aforementioned service will only be used on
This processing is based on Article 6(1)(a) GDPR and Section 25 TDDDG. Consent can be withdrawn at any time. Insofar as...
If no consent has been obtained, the use of this service is based on Article 6(1).
lit. f GDPR; the website operator has a legitimate interest in effective advertising measures under
Including social media.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.linkedin.com/legal/l/dpa and
https://www.linkedin.com/legal/l/eu-sccs.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5448.
Objection to the use of LinkedIn Insight Tag
LinkedIn analyzes user behavior and offers targeted advertising via the following link.
contradict:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Furthermore, LinkedIn members can control the use of their personal data for
You can control advertising purposes in your account settings. To prevent a link from being displayed on our website, please select the appropriate option.
To avoid data being collected by LinkedIn and your LinkedIn account, you must log out of your account.
Log out of your LinkedIn account before visiting our website.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
Pinterest tag
We have integrated the Pinterest tag on this website. The provider is Pinterest Europe Ltd., Palmerston.
House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
The Pinterest tag is used to track certain actions you perform on our website.
Data can then be used to provide you with personalized content on our website or on another platform.
The Pinterest tag advertising network page displays interest-based advertising.
For this purpose, the Pinterest tag collects, among other things, a tag ID, your location, and the referrer URL. Furthermore,
Action-specific data, such as order value, order quantity, order number, and category of purchased items, can be included.
Article and video views are tracked.
The Pinterest tag uses technologies that enable cross-site user recognition.
To enable analysis of user behavior (e.g., cookies or device fingerprinting).
Provided that consent has been obtained, the aforementioned service will only be used on
This processing is based on Article 6(1)(a) GDPR and Section 25 TDDDG. Consent can be withdrawn at any time. Insofar as...
If no consent has been obtained, the use of this service is based on Article 6(1).
lit. f GDPR; the website operator has a legitimate interest in the most effective marketing measures possible.
Pinterest is a globally operating company, so data transfer to the USA is also possible.
This data transfer can take place. According to Pinterest, this data transfer will be directed to the
Based on the EU Commission's standard contractual clauses. Details can be found here:
https://policy.pinterest.com/de/privacy-policy.
You can find more information about the Pinterest tag here:
https://help.pinterest.com/de/business/article/track-conversions-with-pinterest-tag.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4203.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
7. Newsletter
Newsletter data
If you wish to subscribe to the newsletter offered on the website, we require an email address from you, as well as information that allows us to verify that you are the owner of the
You have provided the specified email address and agree to receive the newsletter. Further information
Data is not collected, or only on a voluntary basis. We use this data exclusively for...
We will send the requested information and will not pass it on to third parties.
The data entered into the newsletter registration form is processed exclusively on
The basis for this is your consent (Art. 6 para. 1 lit. a GDPR). The consent given for the storage of the
You can revoke your data, email address and its use for sending the newsletter at any time.
You can revoke your consent, for example via the "Unsubscribe" link in the newsletter. The legality of the data already processed remains unaffected.
Data processing operations remain unaffected by the revocation.
The data you provided for the purpose of subscribing to our newsletter will be stored by us until you unsubscribe.
Your unsubscription from the newsletter is stored with us or the newsletter service provider and after the
Unsubscribing from the newsletter or being removed from the newsletter distribution list after the purpose for which it was collected no longer applies. We
We reserve the right to remove email addresses from our newsletter distribution list at our own discretion.
to delete or block data based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
Data that we have stored for other purposes remains unaffected.
After you unsubscribe from the newsletter mailing list, your email address will be deleted by us or the
Newsletter service providers may be stored on a blacklist if this is necessary to prevent future subscriptions.
Mailings are required. The data from the blacklist will only be used for this purpose and not for any other purpose.
other data is combined. This serves both your interest and our interest in the
Compliance with legal requirements when sending newsletters (legitimate interest within the meaning of the GDPR)
Article 6 paragraph 1 letter f GDPR). Storage on the blacklist is not time-limited. You can object to this.
You may object to the storage of your data if your interests outweigh our legitimate interest.
Newsletter distribution to existing customers
If you order goods or services from us and provide your email address, we can
This email address will subsequently be used by us for sending newsletters, provided we
You will be informed about this in advance. In such a case, the newsletter will only contain direct advertising for
We send our own similar goods or services. You may opt out of receiving this newsletter.
You can unsubscribe at any time. A corresponding link can be found in every newsletter for this purpose.
The legal basis for sending the newsletter in this case is Article 6(1)(f) GDPR in conjunction with
with Section 7 Paragraph 3 of the Unfair Competition Act (UWG).
After you unsubscribe from the newsletter mailing list, your email address may be stored by us in a
Your information has been stored on a blacklist to prevent future mailings to you. The data from the blacklist will only be used for this purpose.
This data is used for this purpose and is not combined with other data. This serves both your interests.
as well as our interest in complying with legal requirements when sending newsletters
(legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage on the blacklist is temporary.
not time-limited. You can object to the storage if your interests are overridden by our legitimate interests.
Interests prevail.
8. Plugins and Tools
Zapier
We use Zapier. The provider is Zapier Inc., Market St. #62411, San Francisco, CA 94104-5401, USA
(hereinafter Zapier).
Zapier allows us to link various functionalities, databases and tools and
to synchronize them with each other. In this way, for example, it is possible to synchronize content that we have on our
Publish website content, automatically also display it on our social media channels, or extract content from
Exporting marketing and analytics tools. Depending on the functionality, Zapier can also be used for various purposes.
Collect personal data.
The use of Zapier is based on Article 6(1)(f) GDPR. We have a legitimate interest in doing so.
Interest in the most effective possible integration of the tools used. Provided that a corresponding
If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a
GDPR and Section 25 Paragraph 1 TDDDG, insofar as consent concerns the storage of cookies or access to
This includes information stored on the user's device (e.g., device fingerprinting) as defined in the German Telecommunications Data Protection and Data Security Act (TDDDG).
Consent can be withdrawn at any time.
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://zapier.com/tos.
The company is certified under the EU-US Data Privacy Framework (DPF).
DPF is an agreement between the European Union and the USA that ensures compliance
This is intended to ensure European data protection standards for data processing in the USA. Each according to
Companies certified by the DPF are committed to complying with these data protection standards. Further
You can obtain further information from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4425.
Order processing
We have a data processing agreement (DPA) for the use of the above-mentioned service.
This is a legally required data protection agreement.
This ensures that the personal data of our website visitors is processed only in accordance with our [relevant regulations/guidelines].
Processed according to instructions and in compliance with the GDPR.
9. eCommerce and payment providers
Processing of customer and contract data
We collect, process and use personal customer and contract data for the purpose of establishing,
Content-related design and modification of our contractual relationships. Personal data concerning the
We collect, process and use usage data from this website only to the extent necessary for its intended purpose.
required to enable the user to use the service or to bill for it.
The legal basis for this is Article 6(1)(b) GDPR.
The collected customer data will be deleted after completion of the order or termination of the
The business relationship and the expiry of any applicable statutory retention periods have been deleted.
Statutory retention periods remain unaffected.
Data transfer during contract conclusion for online shops, retailers and shipping companies
When you order goods from us, we pass your personal data on to the company entrusted with the delivery.
Transport companies and the payment service provider commissioned with payment processing
Furthermore, only data that the respective service provider needs to fulfill its obligations will be released.
This task requires it. The legal basis for this is Article 6(1)(b) GDPR, which permits the processing of data for the purpose of
Fulfillment of a contract or pre-contractual measures is permitted. Provided you have a corresponding
If you have given your consent in accordance with Art. 6 para. 1 lit. a GDPR, we will forward your email address to the party associated with the
The delivery will be handed over to the transport company entrusted with the shipment, so that they can inform you about the shipping status via email.
We may inform you about your order; you can withdraw your consent at any time.
Order processing via dropshipping
When you order goods from us, it is possible that your order will be shipped directly to you by our dealers.
The item will be shipped via dropshipping. For this purpose, we will provide your name, delivery address, and – insofar as this is necessary for the delivery – your contact information.
Delivery is required – your telephone number will be forwarded to the sending company. The forwarding
This is done exclusively for the purpose of delivering goods.
The legal basis for data processing is Article 6(1)(b) GDPR (performance of a contract) and our
legitimate interest in the fastest and most effective possible purchase processing within the meaning of Art. 6 para.
Article 6(1)(f) GDPR.
We use the following retailer for dropshipping:
Gelato
Payment services
We integrate payment services from third-party companies into our website. When you make a purchase with us
When you make a payment, your payment details (e.g., name, payment amount, bank account details, credit card number) will be processed.
Processed by the payment service provider for the purpose of payment processing. For these transactions
The respective contractual and data protection regulations of the respective providers apply. The use of
The payment service provider is used on the basis of Art. 6 para. 1 lit. b GDPR (contract processing) and in the
Interest in a payment process that is as smooth, convenient and secure as possible (Art. 6 para. 1 lit. f)
GDPR). Where your consent is requested for certain actions, Article 6(1)(a) GDPR applies.
Legal basis for data processing; consent can be revoked at any time for the future.
We use the following payment services/payment providers on this website:
PayPal
The provider of this payment service is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449
Luxembourg (hereinafter “PayPal”).
Data transfers to the USA are based on the EU Commission's standard contractual clauses.
Details can be found here:
https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
For details, please refer to PayPal's privacy policy:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Apple Pay
The payment service provider is Apple Inc., Infinite Loop, Cupertino, CA 95014, USA.
Apple's privacy policy can be found at:
https://www.apple.com/legal/privacy/de-ww/.
Google Pay
The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google's privacy policy can be found here:
https://policies.google.com/privacy.
Klarna
The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter referred to as "Klarna").
Offers various payment options (e.g., installment payments). If you choose to pay with Klarna
If you choose the Klarna checkout solution, Klarna will collect various personal data from you.
Klarna collects data. Klarna uses cookies to optimize the use of the Klarna Checkout solution. Details about
For information on the use of Klarna cookies, please see the following link:
https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.
You can find more details in Klarna's privacy policy at the following link:
https://www.klarna.com/de/datenschutz/.
Shopify Payment
The provider of this payment service in the EU is Shopify International Limited, 2nd Floor Victoria
Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter “Shopify Payment”).
For details, please refer to the Shopify Payment privacy policy:
https://www.shopify.de/legal/datenschutz.
American Express
The provider of this payment service is American Express Europe SA, Theodor-Heuss-Allee 112, 60486
Frankfurt am Main, Germany (hereinafter referred to as “American Express”).
American Express may transfer data to its parent company in the USA. Data transfer in
The US is based on the Binding Corporate Rules. Details can be found here:
https://www.americanexpress.com/en-cz/company/legal/privacy-centre/binding-corporate-rules/.
For further information, please refer to the American Express privacy statement:
https://www.americanexpress.com/de-de/firma/legal/datenschutz-center/online-datenschutzerklarung/.
Mastercard
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410
Waterloo, Belgium (hereinafter referred to as “Mastercard”).
Mastercard may transfer data to its parent company in the USA. Data transfer to the
The USA is based on Mastercard's Binding Corporate Rules. Details can be found here:
https://www.mastercard.de/de-de/datenschutz.html and
https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
VISA
The provider of this payment service is Visa Europe Services Inc., London Branch, 1 Sheldon
Square, London W2 6TT, United Kingdom (hereinafter referred to as “VISA”).
The UK is considered a safe third country with regard to data protection. This means that the UK is a
has a level of data protection equivalent to the level of data protection in the European Union.
VISA may transfer data to its parent company in the USA. Data transfer to the USA will be
Based on the EU Commission's standard contractual clauses. Details can be found here:
https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zuzustandigkeitsfragen-fur-den-ewr.html.
For further information, please refer to VISA's privacy policy:
https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
TikTok Shops
We sell goods and/or services through TikTok shops. The shop system provider is [Company Name].
TikTok Technology Limited, The Sorting Office, Ropemaker Place, Dublin 2, D02 HD23, Ireland or a
other contracting group company of TikTok – depending on the respective logistics
Transaction (hereinafter referred to as "TikTok Shops"). The sale takes place directly on the TikTok platform.
TikTok Shops allows us as providers to sell products directly through the TikTok platform.
to process orders. Through TikTok Shops, we can provide product information and manage orders.
Receive payments and carry out shipping and communication processes with our customers.
In this process, we and TikTok receive and process various personal data via the platform,
which are necessary for processing the purchase, including profile information (e.g. name,
Username, profile picture), information you have provided (e.g. order details, support requests),
Messages between buyer and seller, business content such as product descriptions and
Customer reviews, payment information (e.g., credit card details, PayPal details), and TikTok account information such as user ID and technical device information. This data processing serves the purpose of
Contract fulfillment, payment processing, shipping coordination and communication with customers.
When using TikTok Shops, personal data is transmitted to TikTok, which is important for the
Provision and processing of the service is necessary. TikTok stores user data in this context.
Data centers within the EU as well as outside the European Union or the European
economic area – particularly in third countries. It therefore cannot be ruled out that in
In certain cases, this also includes government bodies outside the EU, particularly those not subject to data protection laws.
secure third countries, gaining access to personal data.
Personal data is processed for the purpose of fulfilling the contract in accordance with Article 6(1).
lit. b GDPR.
Data transfers to third countries are based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://www.tiktok.com/legal/page/global/partner-privacy-policy/en#eea and at
https://ads.tiktok.com/i18n/official/policy/controller-to-controller.
More information on how TikTok Shops handles user data can be found in the privacy policy.
from TikTok:
https://www.tiktok.com/legal/page/eea/privacy-policy/de and
https://www.tiktok.com/legal/page/global/tiktok-shop-creator-privacy-policy/de.
HTML source code of the privacy policy for your website
You can copy the following source code to insert the privacy policy on your website.
Note: Some browsers and PDF readers have problems displaying the following in full.
HTML source code. We recommend using the free Adobe Acrobat Reader to view this PDF document.
Acrobat Reader DC (Download).
Powered by TCPDF (www.tcpdf.org)