Table of contents
- Introduction and overview
- Legal bases
- Storage duration
- Data transfer to third countries
- Data processing security
- Web Analytics
- Payment provider
- Social Media
- Copyright notice
- Photo credits
Introduction and overview
We have written this data protection declaration (version 11.05.2021-121739686) to provide you with the General Data Protection Regulation (EU) 2016/679 and applicable national laws to explain which personal data (data for short) we are responsible for – and the processors commissioned by us (e.g. providers) – process, will process in the future and what legal options you have. The terms used are gender-neutral.
If you still have questions, we would like to ask you to contact the responsible office named in the imprint, to follow the existing links and to look at further information on third-party sites.
Area of application
This data protection declaration applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (contract processors). By personal data, we mean information such as the name, email address and postal address of a person. The processing of personal data ensures that we can offer and invoice our services and products, be it online or offline. The scope of this data protection declaration includes:
- all online presences (websites, online shops) that we operate
- Social media presence and email communication
- mobile apps for smartphones and other devices
In short: The data protection declaration applies to all areas in which personal data is processed in a structured manner in the company.
In the following data protection declaration we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. This General Data Protection Regulation of the EU you can of course online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679 read.
We only process your data if at least one of the following conditions applies:
- Consent (Article 6 Paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of the data you entered in a contact form.
- Contract (Article 6 Paragraph 1 lit. b GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a sales contract with you, we need personal information in advance.
- Legal obligation (Article 6 Paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we will process your data. For example, we are legally required to keep invoices for bookkeeping. These usually contain personal data.
- Legitimate interests (Article 6 Paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your basic rights, we reserve the right to process personal data. For example, we have to process certain data in order to be able to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.
Other conditions such as the perception of recordings in the public interest and the exercise of official authority as well as the protection of vital interests do not usually arise with us. If such a legal basis should be relevant, it will be shown in the appropriate place.
In addition to the EU regulation, national laws also apply:
- In Austria this is the federal law for the protection of natural persons when processing personal data (data protection law), DSG for short.
- The Federal Data Protection Act, or BDSG for short, applies in Germany.
If further regional or national laws apply, we will inform you about this in the following sections.
The fact that we only store personal data for as long as is absolutely necessary for the provision of our services and products is a general criterion for us. If, for example, it is required by law in the case of accounting, this storage period can also be exceeded. This means that we delete personal data as soon as the reason for the data processing no longer exists. If you want your data to be deleted or if you revoke your consent to data processing, the data will be deleted as soon as possible and provided there is no obligation to store it.
We will inform you below about the specific duration of the respective data processing, provided we have further information.
Data transfer to third countries
We only transfer or process data to countries outside the EU (third countries) if you consent to this processing, if this is required by law or contractually, and in any case only to the extent that this is general allowed is. In most cases, your consent is the most important reason why we process data in third countries. Processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, can mean that personal data is processed and stored in unexpected ways. If possible, we try to use server locations within the EU, provided that this is offered.
Data processing security
In order to protect personal data, we have implemented both technical and organizational measures. Wherever possible, we encrypt or pseudonymize personal data. As a result, we make it as difficult as possible, as far as possible, for third parties to infer personal information from our data.
Art. 25 GDPR speaks of “data protection through technology design and data protection-friendly default settings” and means that both software (e.g. forms) and hardware (e.g. access to the server room) always think about security and take appropriate measures .
The processing of the data is based on the following legal bases:
- Art. 6 Para. 1 lit. a GDPR (consent): You give us your consent to save your data and continue to use it for the purposes of the business case;
- Art. 6 Para. 1 lit.b GDPR (contract): There is a need to fulfill a contract with you or a processor such as B. the telephone provider or we have to provide the data for pre-contractual activities, such as B. the preparation of an offer, process;
- Art. 6 Para. 1 lit.f GDPR (legitimate interests): We want to conduct customer inquiries and business communication in a professional manner. For this purpose, certain technical facilities such. B. e-mail programs, Exchange servers and mobile network operators are necessary to operate communication efficiently.
Our website uses HTTP cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
Cookies store certain user data from you, such as language or personal page settings. When you call up our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
There are both first party cookies and third party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies cannot access information on your PC either.
You can distinguish 4 types of cookies:
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.
These cookies collect information about user behavior and whether the user receives any error messages. These cookies are also used to measure the loading time and the behavior of the website with different browsers.
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.
Usually when you visit a website for the first time you will be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.
If you want to know more about cookies and are not afraid of technical documentation, we recommend https: //tools.ietf.org/html/rfc6265 , the Request for Comments from the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
We use software on our website to evaluate the behavior of website visitors, known as web analytics for short. In doing so, data is collected, which the respective analytic tool provider (also called tracking tool) stores, manages and processes. With the help of the data, analyzes of user behavior on our website are created and made available to us as the website operator. Most tools also offer various test options. For example, we can test which offers or content are best received by our visitors. We are showing you two different offers for a limited period of time. After the test (so-called A / B test) we know which product or which content our website visitors find more interesting. For such test procedures, as well as for other analytics procedures, user profiles can also be created and the data stored in cookies.
On our website we use the analysis tracking tool Google Analytics (GA) from the American company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is saved in a cookie and sent to Google Analytics. With the help of the reports we receive from Google Analytics, we can better adapt our website and our service to your needs.
Google Ads (Google AdWords) conversion tracking
We use Google Ads (formerly Google AdWords) as an online marketing measure to advertise our products and services. We want to make more people aware of the high quality of our offers on the Internet. As part of our advertising measures through Google Ads, we use conversion tracking from Google Inc. on our website. In Europe, however, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With the help of this free tracking tool, we can better adapt our advertising offer to your interests and needs.
Cookie Consent Management Platform
We use a Consent Management Platform (CMP) software on our website, which makes it easier for us and you to handle the scripts and cookies used correctly and safely. The software automatically creates a cookie pop-up, scans and controls all scripts and cookies, provides you with the cookie consent required under data protection law and helps you and us to keep track of all cookies. Most cookie consent management tools identify and categorize all existing cookies. As a website visitor, you then decide for yourself whether and which scripts and cookies you allow or not.
We use online payment systems on our website, which allow us and you a secure and smooth payment process. Among other things, personal data can also be sent to the respective payment provider, stored and processed there.
We therefore offer other payment service providers in addition to banks / credit institutions as part of contractual or legal relationships, due to legal obligations and on the basis of legitimate interest. The data protection declarations of the individual payment providers (such as Amazon Payments, Apple Pay or Discover) provide you with an overview of data processing and data storage. In addition, you can always contact the person responsible if you have any questions about data protection issues.
Instant Bank Transfer
We offer the payment method “Sofortüberweisung” from the company Sofort GmbH for cashless payment on our website. Sofort GmbH has been part of the Swedish company Klarna since 2014, but has its headquarters in Germany, Theresienhöhe 12, 80339 Munich.
If you choose this payment method, personal data will also be transmitted to Sofort GmbH or Klarna, stored and processed there.
We use a payment tool from the American technology company and online payment service Stripe on our website. Stripe Payments Europe (Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) is responsible for customers within the EU. This means that if you choose Stripe as your payment method, your payment will be processed via Stripe Payments. The data required for the payment process will be forwarded to Stripe and saved.
We use the online payment system Klarna Checkout from the Swedish company Klarna Bank AB on our website. Klarna Bank has its main headquarters in Sveavägen 46, 111 34 Stockholm, Sweden. If you choose this service, personal data will be sent to Klarna, saved and processed.
In addition to our website, we are also active in social media. User data can be processed so that we can target users who are interested in us via the social networks. In addition, elements of a social media platform can also be embedded directly in our website. This is the case, for example, if you click a so-called social button on our website and are forwarded directly to our social media presence.
All contents of this website (images, photos, texts, videos) are subject to copyright. Please ask us before you distribute, reproduce or exploit the content of this website, for example republishing it on other websites. If necessary, we will legally prosecute the unauthorized use of parts of the content of our site.
If you should find content on this website that infringes copyright, please contact us.
The images, photos and graphics on this website are protected by copyright.