Privacy policy
We explain how we handle your personal data in this privacy policy. The applicable data protection law, in particular the General Data Protection Regulation (GDPR), shall apply. With the exception of the service providers and third-party vendors we name in this privacy policy, we do not share any data with third parties. If you have any questions, please feel free to contact us.
Content
- Responsible
- General information
- Website hosting
- Cookies, tracking pixels and mobile identifiers
- Contact
- Sweepstakes
- Affiliate links
- Surveys
- Newsletter
- Comments
- Registration for a user account
- Orders and payment processing
- Other third party services
- Profiles in social networks
- Rights of data subjects
Responsible
Responsible for data processing is
The provider is IONOS SE
Elgendorfer Str. 57
56410 Montabaur
General information
For a use of our website is usually neither legally nor contractually required to provide personal data. Insofar as the provision of data is necessary for the conclusion of a contract or the user is obligated to provide personal data, we will inform the user of this circumstance and the consequences of not providing the data in this privacy policy.
Data transfer to third countries
We may use service providers and third parties located in countries outside the European Union and the European Economic Area. The transfer of personal data to such third countries takes place, unless the user has consented to the data transfer, on the basis of an adequacy decision of the European Commission (Article 45 GDPR) or we have provided appropriate safeguards to ensure data protection (Article 46 GDPR). Insofar as an adequacy decision of the European Commission exists for the transfer of data to a third country, we refer to this in this privacy policy. In all other respects, users may obtain a copy of the appropriate safeguards, if not already included in the privacy statements of the service providers or third parties, from us.
If we use automated decision-making including profiling, we will inform you in this privacy statement about this circumstance, about the logic involved and the scope and intended effects of such processing. Otherwise, automated decision-making does not take place.
Website hosting
Each time our website is called up, the user’s browser transmits various data. For the duration of the visit to the website, the following data is processed and stored in log files even after the end of the connection:
- Browser type and version used
- Operating system
- Retrieved pages and files
- Amount of data transferred
- Date and time of retrieval
- Provider of the user
- IP address in anonymized form
- Referrer URL
The processing of this data is necessary to deliver the website to the user and to optimize it for his terminal device. The storage in log files serves to improve the security of our website (e.g. protection against DDOS attacks). IP addresses are anonymized before being stored in log files.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to provide the website and improve website security. Log files are automatically deleted after 30 days.
Cookies, tracking pixels and mobile identifiers
On our website, we use technologies to recognize the end device used. These can be cookies, tracking pixels and/or mobile identifiers.
The recognition of a terminal device can basically be done for different purposes. It may be necessary to provide functions of our website, for example to provide a shopping cart. In addition, the aforementioned technologies may be used to track the behavior of users on the site, for example for advertising purposes. We describe separately in this privacy policy which technologies we use in detail and for which purposes.
For a better understanding, we explain below in general how cookies, tracking pixels and mobile identifiers work:
-
Cookies are small text files that contain certain information and are stored on the user’s terminal device. In most cases, this is an identification number that is assigned to a terminal device (cookie ID).
-
A tracking pixel is a transparent graphic file that is embedded on a page and enables log file analysis.
-
A mobile identifier is a unique number (mobile ID) that is stored on a mobile device and can be read by a website.
Cookies may be necessary for our website to function properly. The legal basis for the use of such cookies is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to provide the functions of our website.
We use cookies that are not required for the operation of our website in order to make our offer more user-friendly or to be able to track the use of our website. The legal basis here depends on whether the user’s consent must be obtained or we can invoke a legitimate interest. The user can revoke a given consent at any time, among other things, through the settings in his browser.
The user can prevent and object to the processing of data using cookies by making the appropriate settings in his browser. In case of objection, not all functions of our website may be available. We provide separate information on other options for objecting to the processing of personal data by cookies in this privacy policy. Where appropriate, we will provide links that can be used to object. These are labeled “Opt-Out”.
To obtain and manage consent from our users, we use Borlabs Cookie. This is a plugin for WordPress that does not transmit any personal data to a third-party provider. The following link can be used to make settings for storing cookies on our site: Cookie settings
Contact
In the event of contact, we process the user’s details, date and time for the purpose of processing the inquiry, including any queries.
The legal basis for data processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to respond to the requests of our users. Additional legal basis is Art. 6 para. 1 UAbs. 1 letter b) DSGVO, if the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.
The data will be deleted as soon as the request, including any queries, has been answered. We check at regular intervals, but at least every two years, whether data accrued in connection with contacting us is to be deleted.
Sweepstakes
We offer our users the opportunity to participate in sweepstakes. In doing so, it is possible that we refer to a separate data protection declaration for the processing of the data. Where this is not the case, we process the data provided by the user (e.g. name, e-mail address). This is done in order to be able to carry out the competition, in particular to determine the winner and, if necessary, to notify him. The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter b) DSGVO. The data will not be further processed for other purposes and will be deleted three months after the winner has been determined.
Affiliate links
We participate in affiliate programs. This means that we set links to partner companies. If a user clicks on such an affiliate link, we may receive a commission. In this case, it is necessary to assign the user’s activities on the pages of the partner company to our offer. This is done through the link or in other ways, for example, through cookies. The accruing data are processed exclusively for this purpose.
Insofar as we obtain the consent of the user, Art. 6 para. 1 UAbs. 1 letter a) DSGVO is the legal basis for the processing. The legal basis for the rest is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the financing of our offer.
The processed data will be deleted as soon as they are no longer necessary to settle the commission.
Surveys
We conduct online surveys on our website. We want to learn more about the interests of our users in order to improve our offer as well as our products and services. It is possible that we inform about the related processing of data in a separate privacy policy, which then takes precedence.
If the survey is not personalized, i.e. if neither an individual link for participation is issued nor the user provides personal data, only the data that is generally generated during the use of the website is processed. In the case of a personalized survey, we use the information entered by the user to remind him/her if he/she has not completed the survey and to exclude multiple participation. We do not store responses together with data via which the user can be identified. Based on the responses, we create anonymous evaluations.
Insofar as we obtain the consent of the user, Art. 6 para. 1 UAbs. 1 letter a) DSGVO the legal basis of the processing. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to improve our offer as well as our products and services.
Newsletter
Users have the option to sign up for newsletters on our site. In doing so, we process the data entered during registration in order to be able to send a confirmation email to the user’s email address. After confirmation, we process the data to be able to send newsletters. For the purpose of personalization, we may also process the user’s name if the user has provided it.
With the registration date and time as well as the IP address of the user are stored to be able to prove an entry. We continue to process this data after deregistration for verification purposes and delete it after three years at the end of the year.
To improve our content, we measure how successful our newsletters are, for example, how often users open them and which links are clicked. For this purpose, e-mails contain a tracking pixel. We do not track the activities of individual users.
The legal basis for the processing is the consent of the user according to Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, the processing is carried out according to Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Legitimate interests on our part are the sending of newsletters, the personalized addressing of the user and the proof that the user has registered for the newsletter.
Comments
On our website, we give users the opportunity to leave their own comments. When a comment is submitted to us, we process the user’s information. To protect against misuse of the comment function (e.g. through spam or criminal content), we also process the date, time and IP address of the user.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to be able to offer the comment function and to protect ourselves from misuse.
Registration for a user account
Users can register for our offer on our website. In this context, we process the data entered during registration. We have the e-mail address confirmed by sending a link (double opt-in) to prevent misuse of the registration function. Furthermore, we process the date and time and the IP address of the user for this purpose. For verification purposes, we also process the date, time and IP address of the user when the confirmation link is clicked.
The data will be deleted with the deletion of the user account after three years at the end of the year, unless there is a longer legal obligation to retain the data.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 lit. a) DSGVO, insofar as we obtain the consent of the user. If the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures, it is based on Art. 6 para. 1 UAbs. 1 lit. b) GDPR. The legal basis for the rest is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to enable users to access our offer requiring registration, to protect ourselves against misuse of the registration function and to be able to prove proper registration. After the deletion of the user account, our legitimate interest is furthermore the defense against possible claims.
Orders and payment processing
When an order is placed in our online store, we process the data provided when the order is placed, e.g. name, bank details or payment details, in order to process the order. We only pass on payment data to our payment service providers if this is necessary to process the payment.
The legal basis for the processing of order data is Art. 6 para. 1 UAbs. 1 letter b) DSGVO. If the user stores their order data in a user account, Art. 6 para. 1 UAbs. 1 lit. a) GDPR is the legal basis. Otherwise, the processing is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest lies in the processing of repayments and the pursuit of claims.
Order and payment data are deleted as soon as they are no longer required for the processing of the order, including the reversal of the payment (e.g. due to a revocation or withdrawal from the contract) and the processing of warranty cases, and no statutory retention obligations exist. In the event that the user has stored their order data in their user account for a repeat order, the data will be deleted together with the user account if it is not required for the processing of a specific order.
Paypal
In the case of payment via PayPal, payment is processed by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.
Google Pay
When paying via Google Pay, the payment is processed by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
Apple Pay
When paying via Apple Pay, the payment is processed by Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill, Cork, Ireland.
Stripe
When paying via Stripe, the payment is processed by Stripe Payments Europe Ltd, The One Building, Lower Grand Canal St, Dublin 2, Ireland.
Klarna
When paying via Klarna, the payment is processed by Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden.
Other third party services
Hotjar
For statistical analysis of the use of our website and to improve the content, we use the service Hotjar. Provider: Hotjar Limited, Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta.
Hotjar makes it possible to statistically evaluate the use of a website. The company evaluates the user’s mouse movements, scrolling movements and keystrokes, as well as the pages viewed and the duration of the visit. Hotjar uses cookies and other technologies to collect data about our users’ behavior and the devices they use. This includes the IP address, which is only stored anonymously. In addition, the size of the display, the type of device, browser information, location information in relation to the country and the preferred language are processed. Hotjar stores this information in a pseudonymized profile.
Insofar as we obtain the user’s consent, the processing of data is carried out on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to design and improve our website and content in a user-friendly way.
Segment
We use the customer data management and analysis solution Segment.io to record, collect and structure customer data. The provider is Segment.io Inc, 100 California St Suite 700, San Francisco, CA 94111, USA.
Segment.io simplifies the analysis of data by providing an interface. Through them, we may aggregate and share data that we collect through other services mentioned in this Privacy Policy. In addition, Segment.io makes it easier for us to add new services to our website and remove services that are no longer needed. The user’s IP address is transferred to Segment.io when a script is executed by the service. The IP address is only stored in abbreviated form.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to improve our website and content.
The parent company of Segment.io is Twilio Inc, 645 Harrison Street, Third Floor, San Francisco, CA 94107, USA. Appropriate guarantee in the sense of Art. 46 GDPR are binding internal data protection rules of Twilio, which have been approved by the competent supervisory authority according to Art. 47 GDPR.
Facebook Social Plugins
We integrate content and buttons of the social network Facebook via a plugin on our website. Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
In order to load content from Facebook, it is technically necessary to transmit the user’s IP address to the company. If the user is logged in to Facebook, the visit to a page can be assigned to the account.
Insofar as we obtain the user’s consent, the processing of data is carried out on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest for the integration of Facebook content and buttons is the user-friendly design of our website.
Facebook Social Plugins Privacy Policy
We integrate content and buttons of the social network Instagram via a plugin on our website. Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
In order to load content from Instagram, it is technically necessary to transmit the user’s IP address to the company. If the user is logged in to Instagram, the visit to a page can be assigned to the account.
Insofar as we obtain the user’s consent, the processing of data is carried out on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest for the integration of Instagram content and buttons is the user-friendly design of our website.
In order to load content from X, it is technically necessary to transmit the user’s IP address to the company. If the user is logged in to X, the visit to a page can be assigned to the account.
Gravatar
For a personalization of our website we use Gravatar. Provider: Aut O’Mattic A8C Ireland Ltd, Business Centre, No.1 Lower Mayor Street, International Financial Services Centre, Dublin 1, Ireland.
Posts or comments made by users where they provide their email address are personalized by Gravatar profile pictures. For this purpose only, the hashed email address will be transmitted to Gravatar’s server in order to verify that a Gravatar account exists. In order to provide the service, it is also technically necessary to transmit the user’s IP address.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the user-friendly design of our website.
WP Umbrella
We manage this website with the help of the WP Umbrella tool. The provider is Liven Studio at 22 B Rue de la République 69140 Rillieux-la-Pape – France (hereinafter WP Umbrella).
With WP Umbrella, we can monitor the security and performance of our website and create automatic backups, among other things. WP Umbrella therefore has access to all website content, including our databases. WP Umbrella is hosted on the provider’s servers.
The use of WP Umbrella is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most effective and secure operation of its website(s). If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
FontAwesome
This site uses Font Awesome for the uniform display of fonts. Font Awesome is installed locally on the Elementor plugin. A connection to servers of Fonticons, Inc. does not take place.
Further information about Font Awesome can be found in the Font Awesome privacy policy at: https://fontawesome.com/privacy.
Google Maps
To be able to display geographical maps, we use Google Maps. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. In doing so, it is technically necessary to transfer the user’s IP address to Google. In addition, the company sets various cookies to identify the user and play out personalized advertising.
Insofar as we obtain the user’s consent, the processing of data is carried out on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the user-friendly design of our website.
We have concluded a joint responsibility agreement with Google.
Profiles in social networks
We are present in one or more social networks. In detail, these are: Facebook, Instagram or Twitter. When contacting us, we process personal data as described above under contact.
The providers of social networks process data in accordance with their privacy policies, which can be accessed here:
If a user is logged in with his account, the activities on our profile in the respective social network may be assigned to him. This can be done across devices and, if necessary, without a login, for example, using cookies or mobile identifiers. The providers of social networks use the collected data to create pseudonymized user profiles, which they can use in particular to play out personalized advertising.
Rights of data subjects
If personal data of the user is processed, he is a data subject in the sense of the GDPR. Data subjects are entitled to the following rights:
Right of access: The data subject has the right to obtain confirmation as to whether personal data concerning him or her are being processed. If personal data are processed, the data subject shall have the right to obtain free of charge information as well as a copy of the personal data that are the subject of the processing.
Right to rectification: The data subject has the right to request that inaccurate or incomplete personal data be corrected without undue delay.
Right to erasure: The data subject has the right to request immediate erasure of personal data concerning him or her in accordance with the law.
Right to restriction of processing: The data subject has the right to request restriction of the processing of personal data concerning him or her in accordance with the law.
Right to data portability: The data subject has the right to obtain the personal data concerning him or her in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.
Right to object: The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on Article 6(1) of the GDPR. 1 UAbs. 1 lit. e) or f) DSGVO; this also applies to profiling based on these provisions. If personal data are processed for the purposes of direct marketing, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing; this shall also apply to profiling insofar as it is related to such direct marketing.
Right of withdrawal: The data subject has the right to withdraw his or her given consent at any time.
Right to complain: The data subject has the right to complain to a supervisory authority.
Status of the privacy policy: February 22, 2024
Vidyard Player
Videos from Vidyard are integrated on this website. The operator of this video player is Buildscale, Inc. in Kitchener, Canada.
When you visit one of our pages equipped with a Vidyard plugin, a connection to the Vidyard servers is established. This tells the Vidyard server which of our pages you have visited.
The use of Vidyard is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 p. 1 lit. f GDPR.
Further information on the handling of user data can be found in Vidyard’s privacy policy at: https://www.vidyard.com/privacy/
Ninja Firewall
We have integrated Ninja Firewall on this website. The provider is NinTechNet Limited, Unit 1603, 16th Floor, The L. Plaza 367 – 375 Queen’s Road Central Sheung Wan, Hong Kong (hereinafter referred to as Ninja Firewall).
Ninja Firewall is used to protect our website from unwanted access or malicious cyberattacks. For this purpose, Ninja Firewall records the IP address, request, referrer and time of page access. Ninja Firewall is integrated on our own servers and does not transmit any personal data to the provider of the tool or other third parties.
We have activated IP anonymization in Ninja Firewall so that the tool only records the IP address in abbreviated form.
The use of Ninja Firewall is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyberattacks.
Further information about data protection at NinTechNet can be found at: blog.nintechnet.com/ninjafirewall-general-data-protection-regulation-compliance/
The Events Calendar
We use the WordPress plugin The Events Calendar to display upcoming events. To prevent your data from being transferred to external web servers, we have deactivated the optional Google Maps display for the event location. We have also deactivated the comment function.
Modern Tribe is working on a binding privacy policy. Until then, the functions mentioned will remain deactivated.
Yoast SEO
We use plugins from Yoast SEO on our website. This is an offer from Yoast BV, Don Emanuelstraat 3, 6602 GX Wijchen, The Netherlands, Tel: +31 (0)24 82 00 337(Chamber of Commerce / KvK: 55404367, VAT Number: NL851692540B01).
This plugin takes over the complete technical optimization of our websites for search engines. It also supports the development of content. For more information, please refer to Yoast BV’s privacy policy, which you can view at https://yoast.com/privacy-policy/.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
Blogs and publication media
We use blogs or comparable means of online communication and publication (hereinafter “publication medium”). Readers’ data are processed for the purposes of the publication medium only to the extent necessary for its presentation and communication between authors and readers or for security reasons. For the rest, we refer to the information on the processing of visitors to our publication medium within the scope of this data protection notice.
Comments and contributions: When users leave comments or other contributions, their IP addresses may be stored based on our legitimate interests. This is done for our security, in case someone leaves illegal content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we ourselves may be prosecuted for the comment or post and are therefore interested in the identity of the author.
Furthermore, we reserve the right to process the user’s data for the purpose of spam detection on the basis of our legitimate interests.
On the same legal basis, in the case of surveys, we reserve the right to store the IP addresses of users for their duration and to use cookies to avoid multiple votes.
The personal information provided in the context of comments and contributions, any contact and website information as well as the content-related information will be stored permanently by us until the user objects.
Profile pictures from Gravatar: We use the service Gravatar within our online offer and especially in the blog.
Gravatar is a service where users can sign up and store profile pictures and their email addresses. If users leave posts or comments on other online presences (especially blogs) with the respective e-mail address, their profile pictures can be displayed next to the posts or comments. For this purpose, the email address provided by users is transmitted to Gravatar in encrypted form for the purpose of checking whether a profile is stored for it. This is the only purpose of the transmission of the e-mail address. It will not be used for other purposes, but will be deleted afterwards.
The use of Gravatar is based on our legitimate interests, as we use Gravatar to offer post and comment authors the opportunity to personalize their posts with a profile picture.
By displaying the images, Gravatar obtains the IP address of the users, as this is necessary for a communication between a browser and an online service.
If users do not want a user image associated with their Gravatar email address to appear in the comments, they should use an email address that is not on file with Gravatar to comment. We also point out that it is also possible to use an anonymous email address or no email address at all, if users do not want their own email address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our commenting system.
- Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g., website visitors, users of online services).
- Purposes of processing: Contractual performance and service, feedback (e.g. collecting feedback via online form), security measures, managing and responding to requests, providing our online offer and user friendliness.
- Legal basis: Contract fulfillment and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b. DSGVO), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. DSGVO), Consent (Art. 6 para. 1 p. 1 lit. a DSGVO), Protection of Vital Interests (Art. 6 para. 1 p. 1 lit. d. DSGVO).
Services used and service providers:
- Profile pictures from Gravatar: Profile pictures; Service provider: Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, USA; website: https://automattic.com; privacy policy: https: //automattic.com/privacy.
- Medium: hosting platform for blogs / websites; service provider: A Medium Corporation, P.O. Box 602, San Francisco, CA 94104-0602, USA; Website: https: //medium.com/; Privacy Policy: https: //medium.com/policy/medium-privacy-policy-f03bf92035c9.
Google Analytics
We use Google Analytics to analyze website usage. The data obtained from this is used to optimize our website and advertising measures.
Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes website usage data on our behalf and is contractually committed to measures to ensure the security and confidentiality of the data processed.
During your visit to the website, the following data, among others, is recorded:
- Pages called
- Orders incl. of sales and products ordered
- The achievement of “website goals” (e.g., contact inquiries and newsletter sign-ups).
- Your behavior on the pages (for example, dwell time, clicks, scrolling behavior)
- Your approximate location (country and city)
- Your IP address (in shortened form, so that no clear assignment is possible)
- Technical information such as browser, Internet provider, terminal device and screen resolution
- Source of origin of your visit (i.e. via which website or via which advertising medium you came to us)
No personal data such as name, address or contact details are ever transferred to Google Analytics.
This data is transferred to Google servers in the USA. We would like to point out that, under data protection law, the same level of protection cannot be guaranteed in the USA as within the EU.
Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID, with which you can be recognized on future website visits.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.
If you do not agree to the collection of data, you can prevent this by installing the browser add-on to deactivate Google Analytics or by rejecting cookies via our cookie settings dialog.
Cookie consent with Complianz
Our website uses the cookie consent technology of “Complianz GDPR/CCPA Cookie Consent“ to obtain your consent to store certain cookies in your browser and to document this in a data protection compliant manner. The provider of this technology is Complianz B.V., Atoomweg 6b, 9743 AK Groningen, Netherlands (hereinafter Complianz).
When you enter our website, a Complianz cookie is stored in your browser, which stores the consents you have given or revoked.
The collected data will be stored until you request us to delete it or delete the Complianz cookie yourself, or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on Complianz’s data processing can be found at https://complianz.io/privacy-statement.
The use of Complianz cookie consent technology is done in order to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c GDPR.
For more information, visit https://dreiseelenkristall.de/cookie-richtlinie-eu
Data transmission when visiting an online offer with video technology provider “zoom
We would like to inform you below about the processing of personal data in connection with the use of “Zoom”.
Purpose of processing
We use the tool “Zoom” to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “Online Meetings”). “Zoom” is a service of Zoom Video Communications, Inc. which is based in the USA.
User details:
First name,
Last name,
Telephone (optional),
E-mail address,
Password (if “Single-Sign-On” is not used),
Profile picture (optional),
Department (optional)
Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.
For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
When dialing in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
Text, audio and video data: You may have the option to use the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “Online Meeting” and, if necessary, to log them. To enable the display of video and the playback of audio, the data from the microphone of your terminal device as well as from any video camera of the terminal device are processed accordingly during the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time using the “Zoom” applications.
To participate in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.
Scope of processing
We use “Zoom” to conduct “online meetings”. If we want to record “online meetings”, we will transparently communicate this to you in advance and – if necessary – ask for consent. The fact of recording is also displayed to you in the “Zoom” app.
If necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case.
In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and following up webinars.
If you are registered as a user at “Zoom”, then reports on “online meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) can be stored at “Zoom” for up to 12 months.
Automated decision-making within the meaning of Art. 22 DSGVO is not used.
Legal bases of data processing
Insofar as personal data is processed by employees of Dreiseelenkristall, § 26 BDSG is the legal basis for data processing. If, in connection with the use of “Zoom”, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of “Zoom”, Art. 6 para. 1 lit. f) DSGVO is the legal basis for the data processing. Our interest in these cases is in the effective conduct of “online meetings”.
Incidentally, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships.
If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) GDPR. Again, our interest is in the effective conduct of “online meetings”.
Recipient / passing on of data
Personal data processed in connection with participation in “online meetings” will not be disclosed to third parties as a matter of principle, unless they are specifically intended to be disclosed. Please note that content from “online meetings,” as well as in-person meeting content, is often intended precisely to communicate information with customers, prospects, or third parties and is therefore intended to be shared.
Other recipients: The provider of “Zoom” necessarily obtains knowledge of the above data to the extent provided for in our order processing agreement with “Zoom”.
Data processing outside the European Union
“Zoom” is a service provided by a provider from the USA. Processing of personal data thus also takes place in a third country. We have concluded an order processing agreement with the provider of “Zoom” that complies with the requirements of Art. 28 DSGVO.
An adequate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU standard contractual clauses. As additional safeguards, we have also configured our Zoom to use only data centers in the EU, EEA, or secure third countries such as Canada or Japan to conduct “online meetings.”
Your rights as a data subject
You have the right to obtain information about the personal data concerning you. You can contact us for information at any time.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be.
Furthermore, you have a right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law.
Finally, you have a right to object to processing within the scope of the law.
A right to data portability also exists within the framework of data protection law.
Data deletion
We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed in order to fulfill contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion is only considered after the expiry of the respective retention obligation.
Right of complaint to a supervisory authority
You have the right to complain about the processing of personal data by us to a data protection supervisory authority .
Amendment of this privacy notice
We revise this data protection notice in the event of changes to data processing or other occasions that make this necessary. The current version can always be found on this website.
Google Tag Manager
- What personal data is collected and to what extent is it processed? On our site, we use the service of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google Tag Manager). Google Tag Manager provides a technical platform to run other web services and web tracking programs by means of so-called “tags” and to control them in a bundled way. In this context, Google Tag Manager stores cookies on your computer and, insofar as web tracking tools are executed using Google Tag Manager, analyzes your surfing behavior (so-called “tracking”). This data sent by individual tags embedded in Google Tag Manager is aggregated, stored and processed by Google Tag Manager under a unified user interface. All embedded “tags” are listed separately again in this privacy policy. For more information on the privacy of the tools included in Google Tag Manager, please refer to the respective section of this privacy policy. In the course of using our website with activated integration of tags from Google Tag Manager, data, such as in particular your IP address and your user activities, are transmitted to servers of the company Google Ireland Limited. With regard to the web services integrated by means of Google Tag Manager, the regulations in the respective section of this privacy policy apply. The tracking tools used in Google Tag Manager ensure that the IP address of Google Tag Manager is anonymized before transmission by IP anonymization of the source code. Here, Google Tag Manager only enables the anonymized collection of IP addresses (so-called IP masking).
- Legal basis for the processing of personal data Legal basis for the data processing is pursuant to Art. 6 para. 1 lit. a DSGVO your consent in our notice banner regarding the use of cookies and web tracking (consent by clear confirming action or behavior).
- Purpose of data processing On our behalf, Google will use the information obtained by means of Google Tag Manager to evaluate your visit to this website, to compile reports on website activity and to provide us with other services related to website and internet usage.
- Duration of storage Google will store the data relevant for the function of Google Tag Manager for as long as it is necessary to fulfill the booked web service. The data collection and storage is anonymized. If there is a reference to a person, the data will be deleted immediately, provided that it is not subject to any statutory retention obligations. In any case, the deletion takes place after the expiration of the retention obligation.
- You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the “Do Not Track” setting of your browser. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link http://tools.google.com/dlpage/gaoptout?hl=de. Google’s security and privacy policies can be found at https://policies.google.com/privacy.
YouTube
1. data processed by YouTube
Dreiseelenkristall uses a YouTube channel owned by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
We would like to point out that you use the YouTube channel offered here and its functions on your own responsibility. This applies in particular to the use of the “Discussion” function.
Information about which data is processed by Google and for which purposes can be found in Google’s privacy policy:
https://policies.google.com/privacy?hl=de&gl=de#infocollect
Dreiseelenkristall has no influence on the type and scope of the data processed by Google, the type of processing and use or the transfer of this data to third parties. Nor does it have any effective means of control in this respect.
By using Google, your personal information will be collected, transferred, stored, disclosed and used by Google and, in doing so, will be transferred to and stored and used in the United States, Ireland and any other country in which Google does business, regardless of your country of residence. There is a transfer to Google affiliates as well as to other trusted companies or persons who process it on behalf of Google
Google processes on the one hand your voluntarily entered data such as name and username, e-mail address, telephone number. Also, Google processes the content that you create, upload or receive from others when using the Services. These include, for example, photos and videos you save, documents and spreadsheets you create, and comments you write on YouTube videos.
On the other hand, Google also evaluates the content you share to determine what topics you are interested in, stores and processes confidential messages you send directly to other users, and can determine your location using GPS data, wireless network information, or your IP address in order to send you advertising or other content.
For evaluation, Google may use analysis tools such as Google Analytics. Dreiseelenkristall has no influence on the use of such tools by Google and was not informed about such a potential use. Should tools of this kind be used by Google for the YouTube channel of Dreiseelenkristall, Dreiseelenkristall has neither commissioned this nor otherwise supported it in any way. Nor is the data obtained from the analysis made available to it. Only certain subscribers’ profiles are visible to Dreiseelenkristall via their account. Moreover, Dreiseelenkristall has no way to prevent or disable the use of such tools on its YouTube channel.
Finally, Google also receives information when you view content, for example, even if you have not created an account. This so-called “log data” can be the IP address, the browser type, the operating system, information about the website you previously visited and the pages you viewed, your location, your mobile provider, the terminal device you use (including device ID and application ID), the search terms you used and cookie information.
You have options to restrict the processing of your data in the general settings of your Google account. In addition to these tools, Google also offers privacy settings specific to YouTube. To learn more, see Google’s guide to privacy in Google products:
https://policies.google.com/technologies/product-privacy?hl=de&gl=de
You can find more information on these points in Google’s privacy policy under the term “Privacy settings”:
https://policies.google.com/privacy?hl=de&gl=de#infochoices
Furthermore, you have the option to request information via the Google privacy form:
2. data processed by three-soul crystal
Dreiseelenkristall also processes your data when you communicate with us via YouTube.
The recipient of the data is first Google, where it may be passed on to third parties for their own purposes and under the responsibility of Goggle. The recipient of publications is also the public, i.e. potentially anyone.
It is true that Dreiseelenkristall itself does not collect any data via its YouTube channel. Also about the integration of YouTube videos Dreiseelenkristall on their website(https://www.dreiseelenkristall.de) are not the IP addresses of page visitors to the Google transmitted. In particular, no tracking takes place on the website.
However, the data you enter on YouTube, in particular your username and the content published under your account, will be processed by us insofar as we may respond to your publications under “Discussions”. The data you freely publish and distribute on YouTube is thus included by Dreiseelenkristall in their offer and made available to their followers.
Members area
We offer our members a secure internal area that is not open to the public. Documents, videos, workbooks, etc. are stored here. made available. Members must register on our website to gain access. We use the WordPress plugin Simple Membership for this process. Only the personal data that the persons themselves provide in the registration form is collected. The data is used solely to process the registration. The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR (consent). You give your consent by ticking the box when submitting the form. The data is then stored on our servers. The user has the option of changing or deleting the account with the personal data at any time. You can also object to the storage of your personal data at any time. In such a case, the account and all personal data will be deleted. To revoke your consent and object to storage, please send an e-mail to info@dreiseelenkristall.com
WooCommerce Plugin
We have integrated the WooCommerce open source store system as a plugin on our website. This WooCommerce plugin is based on the WordPress content management system, which is a subsidiary of Automattic Inc. (60 29th Street #343, San Francisco, CA 94110, USA). The implemented functions transfer data to Automattic Inc. sent, stored and processed. In this privacy policy, we inform you what data is involved, how the network uses this data and how you can manage or prevent data storage.
WooCommerce is an online store system that has been part of the WordPress directory since 2011 and was developed specifically for WordPress websites. It is a customizable, open-source eCommerce platform that is based on WordPress and has also been integrated into our website as a WordPress plugin.
Why do we use WooCommerce on our website?
We use this practical online store solution to offer you our physical or digital products or services on our website in the best possible way. The aim is to provide you with simple and easy access to our range so that you can find the products you want quickly and easily. With WooCommerce, we have found a good plugin that meets our requirements for an online store.
What data is stored by WooCommerce?
Information that you actively enter in a text field in our online store can be collected and stored by WooCommerce or Automattic. So when you register with us or order a product, Automattic can collect, process and store this data. In addition to e-mail address, name or address, this may also include credit card or billing information. Automattic can subsequently use this information for its own marketing campaigns.
In addition, there is also information that Automattic automatically collects from you in so-called server log files:
- IP address
- Browser information
- Preset language setting
- Date and time of web access
WooCommerce also sets cookies in your browser and uses technologies such as pixel tags (web beacons), for example to clearly identify you as a user and possibly offer interest-based advertising. WooCommerce uses a number of different cookies that are set depending on the user action. This means, for example, that when you place a product in the shopping cart, a cookie is set so that the product remains in the shopping cart when you leave our website and return at a later time.
Here we show you an exemplary list of possible cookies that can be set by WooCommerce:
Name: woocommerce_items_in_cart
Value: 1
Purpose: The cookie helps WooCommerce to determine when the content in the shopping cart changes.
Expiration date: after the end of the session
Name: woocommerce_cart_hash
Wert: 447c84f810834056ab37cfe5ed27f204111784157-7
Purpose: This cookie is also used to recognize and save the changes in your shopping cart.
Expiration date: after the end of the session
Name: wp_woocommerce_session_d9e29d251cf8a108a6482d9fe2ef34b6
Wert: 1146%7C%7C1589034207%7C%7C95f8053ce0cea135bbce671043e740111784157-4aa
Purpose: This cookie contains a unique identifier for you so that the shopping cart data can also be found in the database.
Expiration date: after 2 days
How long and where is the data stored?
Unless there is a legal obligation to retain data for a longer period of time, WooCommerce will delete the data when it is no longer needed for the purposes for which it was stored. For example, server log files containing technical data about your browser and your IP address are deleted after 30 days. Until then, Automattic uses the data to analyze the traffic on its own websites (e.g. all WordPress sites) and to fix potential problems. The data is stored on Automattic’s American servers.
How can I delete my data or prevent data storage?
You have the right to access your personal data at any time and to object to its use and processing. You can also lodge a complaint with a state supervisory authority at any time.
In your browser, you also have the option of individually managing, deleting or deactivating cookies. Please note, however, that deactivated or deleted cookies may have a negative impact on the functions of our WooCommerce online store. Depending on which browser you use, the management of cookies works slightly differently. Below you will find links to the instructions for the most common browsers:
Chrome: Delete, activate and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: Deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
Legal basis
If you have consented to the use of WooCommerce, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent) represents the legal basis for the processing of personal data as it may occur when collected by WooCommerce.
We also have a legitimate interest in using WooCommerce to optimize our online service and present it to you in an attractive way. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use WooCommerce if you have given your consent.
We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. Data processing is essentially carried out by WooCommerce. This may result in data not being processed and stored anonymously. Furthermore, US government authorities may be able to access individual data. It is also possible that this data may be linked to data from other WooCommerce services with which you have a user account.
You can find more details about the privacy policy and what data is collected by WooCommerce and how at https://automattic.com/privacy/ and general information about WooCommerce at https://woocommerce.com/.