1. Data protection at a glance
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.
Data collection on this website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. His contact details can be found in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This can be data that you enter in a contact form, for example.
Other data is collected automatically or with your consent by our IT systems when you visit the website. These are mainly technical data (e.g. internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure that the website is provided without errors. Other data can be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right to receive information free of charge about the origin, recipient and purpose of your stored personal data at any time. You also have the right to demand the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. In addition, you have the right to demand, under certain circumstances, the restriction of the processing of your personal data. Furthermore, you have the right of appeal to the competent supervisory authority.
You can contact us at any time at the address given in the imprint for this and other questions on the subject of data protection.
Analysis tools and tools from third parties
When you visit this website, your surfing behaviour can be statistically evaluated. This is mainly done with so-called analysis programs.
You will find detailed information on these analysis programs in the following data protection declaration.
2. Hosting and content delivery networks (CDN)
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated by a website.
The use of the hoster is for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our hoster will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.
Conclusion of a contract on order processing
In order to guarantee data protection compliant processing, we have concluded a contract for order processing with our host.
3. General information and compulsory information
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this data protection declaration.
We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
Note on the responsible body
The person responsible for data processing on this website is
Responsible party is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke any consent already given at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)
IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING, INCLUDING PROFILING, INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION ACCORDING TO ART. 21 PARA. 2 GDPR).
Right of appeal to the competent supervisory authority
In the case of infringements of the DPAs, the persons concerned have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the suspected infringement. This right of appeal is without prejudice to other administrative or judicial remedies.
Right to data transmission
You have the right to have data, which we process automatically on the basis of your consent or in fulfilment of a contract, handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only take place to the extent that it is technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If there is an obligation to provide us with your payment data (e.g. account number for direct debit authorisation) after the conclusion of a contract with costs, this data is required for payment processing.
The payment transactions via the usual means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
In the case of encrypted communication, your payment data that you transmit to us cannot be read by third parties.
Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right to obtain information free of charge at any time about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correct or delete this data. For this purpose, as well as for further questions regarding personal data, you can contact us at any time at the address given in the imprint.
Right to limitation of processing
You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases:
- If you dispute the correctness of your personal data stored with us, we usually need time to check this. For the duration of the review, you have the right to demand the restriction of the processing of your personal data.
- If the processing of your personal data was/is unlawful, you may request the restriction of the processing instead of the deletion.
- If we no longer need your personal data, but you do need it to exercise, defend or assert legal claims, you have the right to demand restriction of the processing of your personal data instead of deletion.
- If you have lodged an objection in accordance with Art. 21 para. 1 DSGVO, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests outweigh the interests of the parties concerned, you have the right to demand that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, these data - apart from their storage - may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
4. data collection on this website
Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage on your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for the processing of payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behaviour or display advertisements.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6 para. 1 lit. f DSGVO, unless another legal basis is given. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of his services. If consent to the storage of cookies has been requested, the storage of the cookies in question will be carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO); the consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the scope of this data protection declaration and, if necessary, request your consent.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
These data are recorded on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimisation of his website - for this purpose the server log files must be recorded.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, insofar as your enquiry is connected with the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), provided that the enquiry was made.
The data entered by you in the contact form will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your inquiry has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
We have signed a contract with Zendesk for commissioned data processing and fully implement the strict requirements of the German data protection authorities when using Zendesk. The legal basis for processing with Zendesk is, if you have given your consent, Art. 6, para. 1, clause 1, lit. a, if you have given your consent, otherwise lit. b, if the processing of your inquiry is related to the preparation or execution of a contractual relationship, and lit. f., if no contractual relationship exists, in which case our legitimate interest is to answer your inquiry.
Inquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your inquiry including all personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your inquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), provided that the enquiry was made.
The data sent to us by you via contact enquiries remains with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your enquiry has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
Registration on this website
You can register on this website to use additional features on the site. We will only use the data entered for this purpose for the purpose of using the respective offer or service for which you have registered. The mandatory data requested during registration must be provided in full. Otherwise we will refuse the registration.
In the event of important changes, for example in the scope of the offer or technically necessary changes, we will use the e-mail address provided during registration to inform you in this way.
The data entered during registration is processed for the purpose of implementing the user relationship established by the registration and, if applicable, for the initiation of further contracts (Art. 6 para. 1 lit. b GDPR).
The data entered during registration is stored by us for as long as you are registered on this website and is then deleted. Legal retention periods remain unaffected.
Registration with Facebook Connect
Instead of registering directly on this website, you can register with Facebook Connect. This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
If you choose to register with Facebook Connect and click on the "Login with Facebook"/"Connect with Facebook" button, you will be automatically redirected to the Facebook platform. There you can log in with your usage data. This will link your Facebook profile with this website or our services. This link gives us access to your data stored on Facebook. These are above all:
- Facebook name
- Facebook profile and cover picture
- Facebook cover picture
- Email address registered with Facebook
- Facebook ID
- Facebook friend lists
- Facebook Likes ("I like-me" information)
This information is used to set up, provision and personalize your account.
Registration with Facebook Connect and the associated data processing procedures are based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time with effect for the future.
Registration with Google Account
Instead of a direct registration on this website you can register with your Google Account.
This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. However, according to Google, the data collected is also transferred to the USA and other third countries.
If you choose to register with your Google Account and click the button, you will be automatically redirected to the Google platform. There you can log in with your usage data. This will link your Google Account to this website or our services. This link gives us access to your data stored at Google. This is above all:
- Email address
This information is used to set up, provision and personalize your account.
Registration with your Google Account and the associated data processing operations are based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time with effect for the future.
5. Analysis tools and advertising
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page impressions, length of stay, operating systems used and the origin of the user. Google may combine this data in a profile that is assigned to the respective user or his or her end device.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google on the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both his website and his advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR
We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. The IP address transmitted by your browser within the framework of Google Analytics is not combined with other data from Google.
You can prevent Google from collecting and processing your information by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de .
We have concluded a contract with Google for order processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic characteristics in Google Analytics
This website uses the "demographic characteristics" feature of Google Analytics to help the website visitors find appropriate ads within the Google advertising network. This allows reports to be generated that contain statements about the age, gender and interests of the site visitors. This data is derived from Google's interest-based advertising and from third-party visitor data. This data cannot be associated with any particular person. You can disable this feature at any time by changing the ad settings in your Google Account, or generally prohibit Google Analytics from collecting your information as described in the "Opting out of data collection" section.
User and event-level data stored at Google that is linked to cookies, user IDs (e.g., User ID) or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. Please see the following link for details: https://support.google.com/analytics/answer/7667196?hl=de
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms in Google (keyword targeting). Furthermore, targeted ads can be played out based on the user data available on Google (e.g. location data and interests) (target group targeting). We as website operators can evaluate this data quantitatively, for example by analysing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.
The use of Google Ads is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in marketing his service products as effectively as possible.
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The use of Google Conversion Tracking is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both his website and his advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
In order to be able to guarantee the proper functioning of our application, we use the services of Logentries.
If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected or only on a voluntary basis. We use these data exclusively for sending the requested information and do not pass them on to third parties.
The processing of the data provided is based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address as well as its use for sending the newsletter at any time, e.g. via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you have provided us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have cancelled your subscription. Data that has been stored by us for other purposes remains unaffected.
After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in compliance with the legal requirements when sending newsletters (legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
We use Sendgrid to send our newsletter. The provider is the company SendGrid, Inc., 1801 California Street, Suite 500, Denver, CO 80202, USA.
SendGrid is a service that can be used to organize and analyze the sending of e-mails and newsletters, among other things. If you enter data such as an e-mail address, for example, it will be stored on SendGrid's servers in the USA.
SendGrid is certified according to the "EU-US Privacy Shield". The "Privacy-Shield" is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
With the help of SendGrid we can analyse the sending of e-mails. This makes it possible to determine whether a message has been opened and which links have been clicked on, if any. Technical information is also collected (e.g. time of retrieval, IP address, browser type and operating system). This information is used exclusively for statistical analysis of messages. The results of these analyses can be used to better identify delivery problems.
The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
For more details, please refer to the SendGrid data protection regulations at: https://sendgrid.com/policies/privacy/privacy-shield-certification/
Conclusion of a Data-Processing-Agreement
We have concluded a so-called "Data-Processing-Agreement" with SendGrid, in which we commit SendGrid to protect our customers' data and not to pass it on to third parties.
Twilio’s Privacy Shield Statement:
With Twilio, unite communications and strengthen customer relationships across your business – from marketing and sales to customer service and operations. (16 kB)
Logentries is a service of Rapid7 Ireland Limited, Windmill Lane, Dublin 2, Ireland. Logentries analyses problems with the functions and informs us about them via so-called "crash reports". For this purpose, your IP address is transmitted to Logentries. You can find further information here: https://www.rapid7.com/privacy-policy/
7. Plugins and tools
Google Web Fonts
This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.
Google DevelopersGoogle Developers
Frequently Asked Questions | Google Fonts | Google Developers (62 kB)
8. eCommerce and payment providers
Processing of data (customer and contract data)
We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR , which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data on the use of this website (usage data) only to the extent necessary to enable or charge the user for the use of the service.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Data transmission upon conclusion of contract for services and digital contents
We only transfer personal data to third parties if this is necessary for the execution of the contract, for example to the credit institution commissioned with the payment processing.
A further transmission of the data does not take place or only if you have expressly agreed to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 Para. 1 lit. b GDPR , which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
On this website we offer, among other things, payment with the services of Stripe. Provider for customers within the EU is Stripe Payments Europe, Ltd,1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe").
The transfer of your data to Stripe is based on Art. 6 Para. 1 lit. b GDPR (contract processing) and on our justified interest in using reliable and secure payment processes (Art. 6 Para. 1 lit. f GDPR ).
On this website we offer payment via PayPal among other things. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
If you choose to pay via PayPal, the payment data you enter will be transmitted to PayPal.
The transmission of your data to PayPal is based on art. 6 para. 1 lit. a GDPR (consent) and art. 6 para. 1 lit. b GDPR (processing for the performance of a contract). You have the possibility to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations carried out in the past.
On this website we offer payment via Novalnet among other things. Provider of this payment service is Novalnet AG, Zahlungsinstitut (ZAG), Feringastraße 4
85774 Unterföhring (hereinafter 'Novalnet').
The transmission of your data to Novalnet is based on art. 6 para. 1 lit. a GDPR (consent) and art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the possibility to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations carried out in the past.
On this website we offer payment via Novalnet among other things. Provider of this payment service is Novalnet AG, Zahlungsinstitut (ZAG), Feringastraße 4
85774 Unterföhring ('Novalnet').
The transmission of your data to Novalnet is based on art. 6 para. 1 lit. a GDPR(consent) and art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the possibility to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations carried out in the past.