Privacy Policy
1. Privacy at a Glance
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data refers to any data by which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.
Data Collection on this Website
Who is responsible for the data collection on this website?
The data processing on this website is carried out by the website operator. Their contact details can be found in the „Note on the Responsible Body“ section in this privacy policy.
How do we collect your data?
Your data is collected when you share it with us. This could be data that you enter into a contact form, for example.
Other data is automatically collected, or with your consent, by our IT systems when you visit the website. These are mainly technical data (e.g., internet browser, operating system, or time of the page view). This data collection occurs automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure the website is provided without errors. Other data can be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right at any time to obtain information free of charge about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent for data processing, you can revoke this consent at any time for future actions. Additionally, under certain circumstances, you have the right to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
For this and other questions on the topic of data protection, you can contact us at any time.
Analysis Tools and Third-party Tools
When visiting this website, your surfing behavior can be statistically evaluated. This is primarily done using so-called analysis programs.
Detailed information on these analysis programs can be found in the following privacy policy.
2. Hosting
We host the content of our website with the following provider:
IONOS
The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter referred to as IONOS). When you visit our website, IONOS collects various log files including your IP addresses. Details can be found in the IONOS privacy policy: https://www.ionos.de/terms-gtc/terms-privacy.
The use of IONOS is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in ensuring the most reliable presentation of our website. If the necessary consent has been obtained, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG, provided that the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) in the sense of the TTDSG. The consent can be revoked at any time.
Order Processing
We have entered into a contract for order processing (Data Processing Agreement or DPA) to use the aforementioned service. This is a legally required contract that ensures that the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
3. General notes and mandatory information
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can personally identify you. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission on the Internet (e.g., when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
Note on the Responsible Party
The party responsible for data processing on this website is:
Invent Studio UG (limited liability) An der Windmühle 1a 59069 Hamm
Email: info@userize.de
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Duration of Storage
Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, deletion will occur after these reasons cease.
General Information on the Legal Bases of Data Processing on this Website
If you have given your consent to data processing, we process your personal data based on Art. 6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR, if special categories of data are processed according to Art. 9 (1) GDPR. In case of explicit consent to the transfer of personal data to third countries, data processing also takes place based on Art. 49 (1) lit. a GDPR. If you have consented to the storage of cookies or to access information on your end device (e.g., via device fingerprinting), data processing also takes place based on § 25 (1) TTDSG. Consent can be revoked at any time. If your data is necessary for contract fulfillment or for the implementation of pre-contractual measures, we process your data based on Art. 6 (1) lit. b GDPR. Furthermore, we process your data, if necessary to fulfill a legal obligation, based on Art. 6 (1) lit. c GDPR. Data processing can also take place based on our legitimate interest in accordance with Art. 6 (1) lit. f GDPR. The respective legal bases relevant in individual cases are informed in the following paragraphs of this privacy policy.
Note on Data Transfer to the USA and Other Third Countries
We use tools from companies based in the USA or other data protection non-secure third countries. When these tools are active, your personal data can be transferred and processed in these third countries. We would like to point out that a level of data protection comparable to the EU cannot be guaranteed in these countries. For example, US companies are obligated to hand over personal data to security authorities without you as the person concerned being able to take legal action against it. It cannot be excluded that US authorities (e.g., intelligence agencies) process, evaluate, and permanently store your data located on US servers for surveillance purposes. We have no influence over these processing activities.
Revocation of Your Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. The legality of data processing carried out before the revocation remains unaffected by the revocation.
Right to Object to Data Collection in Special Cases and Direct Advertising (Art. 21 GDPR)
IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 (1) LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR SPECIFIC SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH A PROCESSING IS BASED IS TAKEN FROM THIS DATA PROTECTION DECLARATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 (1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION ACCORDING TO ART. 21 (2) GDPR).
Right to File a Complaint with the Competent Supervisory Authority
In the event of violations of the GDPR, those affected have a right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work, or the place of the alleged violation. The right to complain is without prejudice to other administrative or judicial remedies.
Right to Data Portability
You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to yourself or to a third party in a common, machine-readable format. If you request direct data transfer to another responsible party, this will only be done if it is technically feasible.
SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as a site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from „http://“ to „https://“ and by the lock symbol in your browser line.
If the SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
4. Data collection on this website
Cookies
Our websites use so-called „cookies“. Cookies are small packets of data that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or an automatic deletion occurs by your web browser.
Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary since certain website functions would not work without them (e.g., the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.
Cookies that are required for the electronic communication process, for providing certain functions desired by you (e.g., for the shopping cart function), or for optimizing the website (e.g., cookies for measuring web audience) are stored based on Art. 6 para. 1 lit. f GDPR, unless another legal basis is provided. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent was requested for the storage of cookies and similar recognition technologies, the processing is based exclusively on this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); the consent can be revoked at any time.
You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
You can find out which cookies and services are used on this website from this privacy policy.
Consent with Complianz
Our website uses the consent technology from Complianz to obtain your consent for storing certain cookies on your device or for using certain technologies and to document this in a data protection-compliant manner. The provider of this technology is Complianz B.V., Kalmarweg 14-5, 9723 JG Groningen, Netherlands (hereinafter „Complianz“).
Complianz is hosted on our servers, so no connection is established to the servers of the Complianz provider. Complianz stores a cookie in your browser to be able to assign the given consents or their revocation. The data collected in this way is stored until you request us to delete it, delete the Complianz cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected.
Complianz is used to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
Calendly
On our website, you have the opportunity to make appointments with us. For the appointment booking, we use the tool „Calendly“. The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter „Calendly“).
For the purpose of appointment booking, you enter the requested data and the desired date into the provided mask. The entered data is used for planning, implementation, and possibly for the follow-up of the appointment. The appointment data is stored for us on Calendly’s servers, whose privacy policy you can view here: https://calendly.com/pages/privacy.
The data you entered remains with us until you ask us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory legal provisions – especially retention periods – remain unaffected.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in a straightforward appointment arrangement with prospective and existing customers. If appropriate consent was obtained, processing is based exclusively on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, provided that the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://calendly.com/pages/dpa.
5. Social Media
On this website, features of the Instagram service are integrated. These features are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thus receives information about your visit to this website.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate the visit to this website with your user account. We would like to point out that we, as the providers of these pages, have no knowledge of the content of the transmitted data or its use by Instagram.
In cases where consent has been obtained, the use of the aforementioned service is based on Art. 6 Para. 1 lit. a DSGVO and § 25 TTDSG. This consent can be revoked at any time. If no consent has been obtained, the use of the service is based on our legitimate interest in maximizing visibility on social media.
Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). This joint responsibility is limited solely to the collection of the data and its transmission to Facebook or Instagram. The subsequent processing by Facebook or Instagram is not part of this shared responsibility. The obligations incumbent upon us have been laid down in an agreement on joint processing. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook or Instagram tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook or Instagram products. Rights of the affected parties (e.g. requests for information) regarding data processed by Facebook or Instagram can be asserted directly with Facebook. If you assert the affected party rights with us, we are obliged to forward them to Facebook.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875, and https://de-de.facebook.com/help/566994660333381.
For more information, please see Instagram’s privacy policy: https://instagram.com/about/legal/privacy/.
6. Analytics Tools und Advertising
Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies, and does not conduct independent analyses. It merely serves to manage and play out the tools integrated through it. However, the Google Tag Manager does record your IP address, which can also be transferred to Google’s parent company in the United States.
The use of the Google Tag Manager is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in quickly and easily integrating and managing various tools on his website. If the appropriate consent has been obtained, processing is exclusively based on Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
[…]
Google Analytics E-Commerce Measurement
This website uses the „E-commerce measurement“ function of Google Analytics. With the help of e-commerce measurement, the website operator can analyze the purchasing behavior of website visitors to improve its online marketing campaigns. Information, such as the orders placed, average order values, shipping costs, and the time from viewing to purchasing a product, is recorded. Google can aggregate this data under a transaction ID assigned to the respective user or their device.
IONOS WebAnalytics
This website uses the analysis services of IONOS WebAnalytics (hereafter: IONOS). The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D – 56410 Montabaur. Within the framework of analyses with IONOS, visitor numbers and behavior (e.g., number of page views, duration of a website visit, bounce rates), visitor sources (i.e., from which page the visitor comes), visitor locations, and technical data (browser and operating system versions) can be analyzed. For this purpose, IONOS stores the following data in particular:
- Referrer (previously visited website)
- Requested website or file
- Browser type and version
- Operating system used
- Device type used
- Time of access
- IP address in anonymized form (used only to determine the location of access)
According to IONOS, data collection is completely anonymous, so it cannot be traced back to individual persons. IONOS WebAnalytics does not store cookies.
The storage and analysis of the data is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the statistical analysis of user behavior to optimize both his web offer and his advertising. If the appropriate consent has been obtained, processing is exclusively based on Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
For more information on data collection and processing by IONOS WebAnalytics, please refer to IONOS’s privacy policy at the following link: https://www.ionos.de/terms-gtc/datenschutzerklaerung/
Order Processing
We have concluded a contract for order processing (AVV) to use the aforementioned service. This is a contract required by data protection law, ensuring that this service processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program from Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms into Google (Keyword-Targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g., location data and interests) (Audience-Targeting). As website operators, we can evaluate this data quantitatively by analyzing, for example, which search terms led to our advertisements being displayed and how many ads led to clicks.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. Consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
Google Ads Remarketing
This website uses the features of Google Ads Remarketing. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Ads Remarketing, we can assign people who interact with our online offer to specific target groups to then show them interest-based advertising in the Google advertising network (Remarketing or Retargeting).
Furthermore, the target groups created with Google Ads Remarketing can be linked to the cross-device functions of Google. In this way, interest-based, personalized advertising messages, adapted to your previous usage and surfing behavior on one device (e.g., mobile phone), can also be displayed on another of your devices (e.g., tablet or PC).
If you have a Google account, you can object to personalized advertising under the following link: https://www.google.com/settings/ads/onweb/.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. Consent can be revoked at any time.
For more information and the privacy policy, please visit Google’s Privacy Policy at: https://policies.google.com/technologies/ads?hl=en.
Target Group Formation with Customer Matching
For target group formation, we use, among other things, the customer matching of Google Ads Remarketing. In this process, we transfer certain customer data (e.g., email addresses) from our customer lists to Google. If the relevant customers are Google users and logged into their Google account, suitable advertising messages are displayed to them within the Google network (e.g., on YouTube, Gmail, or in the search engine).
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google Conversion Tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly often. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and which actions they took. We do not receive any information that could personally identify the user. For identification, Google itself uses cookies or similar recognition technologies.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. Consent can be revoked at any time.
More information about Google Conversion Tracking can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
Meta-Pixel (formerly Facebook Pixel)
This website uses the visitor action pixel from Facebook/Meta for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, however, the collected data is also transferred to the USA and other third countries.
This allows the behavior of site visitors to be tracked after they click on a Facebook ad to go to the provider’s website. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The collected data is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible, and Facebook can use the data for its own advertising purposes, according to the Facebook Data Usage Policy (https://www.facebook.com/about/privacy/). This allows Facebook to enable the placement of ads on pages within Facebook and outside of Facebook. We as the site operator have no influence on this data use.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. Consent can be revoked at any time.
We use the advanced matching feature within the Meta Pixel.
Advanced matching allows us to transmit various types of data (e.g., residence, state, postal code, hashed email addresses, names, gender, date of birth, or phone number) of our customers and prospects that we collect through our website to Meta (Facebook). By activating this, we can tailor our advertising campaigns on Facebook even more precisely to people who are interested in our offers. In addition, advanced matching improves the attribution of website conversions and expands custom audiences.
Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its transmission to Facebook. Processing by Facebook after the transfer is not part of the joint responsibility. The obligations incumbent on us together have been recorded in an agreement on joint processing. You can find the text of the agreement here: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., information requests) regarding data processed by Facebook directly at Facebook. If you assert data subject rights with us, we are obligated to forward them to Facebook.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://www.facebook.com/help/566994660333381.
For more information on protecting your privacy, please see Facebook’s privacy policy: https://www.facebook.com/about/privacy/.
You can also disable the remarketing feature „Custom Audiences“ in the Ad Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.
If you don’t have a Facebook account, you can opt-out of Facebook’s usage-based advertising on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/en/praferenzmanagement/.
Facebook Conversion API
We have integrated the Facebook Conversion API on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the collected data is also transferred to the USA and other third countries.
The Facebook Conversion API allows us to capture the interactions of website visitors with our website and pass them on to Facebook to improve advertising performance on Facebook.
In particular, the time of the call, the accessed website, your IP address, and your user agent, as well as possibly other specific data (e.g., purchased products, value of the shopping cart, and currency) are recorded. A complete overview of the data that can be recorded can be found here: https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.
The use of this service is based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. Consent can be revoked at any time.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of data and its transmission to Facebook. Processing by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent upon us together have been set out in an agreement on joint processing. You can find the text of the agreement here: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook tools and for securely implementing the tools on our website in terms of data protection. Facebook is responsible for the data security of Facebook products. Rights of the data subjects (e.g., information requests) concerning the data processed by Facebook can be asserted directly with Facebook. If you assert the rights of the data subjects with us, we are obliged to pass these on to Facebook.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
Further information on the protection of your privacy can be found in Facebook’s data protection notes: https://de-de.facebook.com/about/privacy/.
Order processing
We have concluded a contract for order processing (AVV) for the use of the aforementioned service. This is a contract required by data protection law that ensures that the latter only processes the personal data of our website visitors according to our instructions and in compliance with the GDPR.
7. Newsletter data
If you would like to receive the newsletter offered on the website, we need an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data is not or only collected on a voluntary basis. For the processing of the newsletter, we use newsletter service providers, which are described below.
Sendinblue
This website uses Sendinblue to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Sendinblue is a service that, among other things, can be used to organize and analyze the dispatch of newsletters. The data you entered for the purpose of subscribing to the newsletter will be stored on Sendinblue’s servers in Germany.
Data analysis by Sendinblue
With the help of Sendinblue, we can analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links were possibly clicked. This way, we can determine which links were clicked particularly often.
We can also see whether certain pre-defined actions were carried out after opening/clicking (conversion rate). For example, we can determine whether you made a purchase after clicking on the newsletter.
Sendinblue also allows us to categorize (or „cluster“) the newsletter recipients based on various criteria. For example, newsletter recipients can be subdivided based on age, gender, or place of residence. This way, newsletters can be better adapted to the respective target groups.
If you do not want an analysis by Sendinblue, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.
For detailed information on the functions of Sendinblue, please refer to the following link: https://de.sendinblue.com/newsletter-software/.
Legal basis
Data processing is based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
Storage duration
The data you provided for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe. Data that was stored for other purposes with us remains unaffected by this.
After you unsubscribe from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist, as far as this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not combined with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storing in the blacklist is not limited in time. You can object to storage if your interests outweigh our legitimate interest.
You can find more information on Sendinblue’s data protection regulations at: https://de.sendinblue.com/datenschutz-uebersicht/.
Order processing
We have concluded a contract for order processing (AVV) for the use of the aforementioned service. This is a contract required by data protection law that ensures that the latter only processes the personal data of our website visitors according to our instructions and in compliance with the GDPR.
8. Plugins and Tools
YouTube
This website embeds videos from the YouTube website. The operator of the website is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our web pages that integrates YouTube, a connection to the YouTube servers is established. This informs the YouTube server about which of our pages you have visited.
Furthermore, YouTube may store various cookies on your device or use similar technologies for recognition (e.g., device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to gather video statistics, improve user-friendliness, and prevent fraudulent activities.
If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If the appropriate consent was requested, processing is exclusively based on Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) as per TTDSG. Consent can be revoked at any time.
For more information on the handling of user data, please see YouTube’s privacy policy at: https://policies.google.com/privacy?hl=en.
Google Fonts (local hosting)
This site uses so-called Google Fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google’s servers.
Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
Font Awesome (local hosting)
This site uses Font Awesome for the uniform display of fonts. Font Awesome is installed locally. There is no connection to servers of Fonticons, Inc.
For more information on Font Awesome, please see the Font Awesome privacy policy at: https://fontawesome.com/privacy.
Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the features of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. When Google Maps is activated, Google can use Google Fonts to achieve a uniform display of fonts. When accessing Google Maps, your browser loads the required web fonts into its cache to display texts and fonts correctly.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy-to-find location indicated on our website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If the appropriate consent was requested, processing is exclusively based on Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) as per TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
More information about the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
9. eCommerce und payment provider
Processing of Customer and Contract Data
We collect, process, and use personal customer and contract data to establish, design content for, and modify our contractual relationships. We only collect, process, and use personal data regarding the use of this website (usage data) insofar as it is necessary to enable or charge the user for the use of the service. The legal basis for this is Art. 6 Para. 1 lit. b GDPR.
The collected customer data will be deleted after the completion of the order or the termination of the business relationship and after the expiry of any existing legal retention periods. Legal retention periods remain unaffected.
Data Transfer upon Contract Conclusion for Services and Digital Content
We only transfer personal data to third parties when necessary for the processing of the contract, for example, to the bank responsible for handling payments.
No further transfer of data takes place or only if you have expressly consented to the transfer. Your data will not be passed on to third parties without explicit consent, for example for advertising purposes.
The basis for data processing is Art. 6 Para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
10. Audio and video conferencing
Data Processing
For communication with our customers, we use, among other things, online conference tools. The specific tools we use are listed below. When you communicate with us via video or audio conference over the Internet, your personal data is collected and processed by us and by the provider of the respective conference tool.
The conference tools capture all data that you provide/use for the tools (e-mail address and/or your phone number). Furthermore, the conference tools process the duration of the conference, the start and end (time) of participation in the conference, the number of participants, and other „context information“ related to the communication process (metadata).
Moreover, the tool provider processes all technical data required for online communication. This particularly includes IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.
If content is exchanged, uploaded, or otherwise provided within the tool, this is also stored on the tool provider’s servers. This content includes, but is not limited to, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the service’s use.
Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the privacy statements of the tools used, which we have listed below this text.
Purpose and Legal Bases
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 Para. 1 lit. b GDPR). The use of the tools also serves the general simplification and acceleration of communication with us or our company (legitimate interest as per Art. 6 Para. 1 lit. f GDPR). If consent has been sought, the respective tools are used based on this consent; consent can be revoked at any time with effect for the future.
Data Retention
Data that we collect directly via the video and conference tools will be deleted from our systems as soon as you request deletion, revoke your consent for storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal retention periods remain unaffected.
We have no influence on the retention duration of your data stored by conference tool operators for their own purposes. For more details, please contact the operators of the conference tools directly.
Conference Tools Used
We use the following conference tools:
Zoom
We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom’s privacy policy: https://zoom.us/de-de/privacy.html.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://zoom.us/de-de/privacy.html.
Contract Processing
We have entered into a contract for order processing (AVV) to use the above service. This is a legally mandated contract that ensures that the personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.