Privacy policy

Introduction and overview

We have written this data protection declaration (version 25.05.2021-111744127) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the person responsible - and that of processors commissioned by us (e.g. the provider) - process, will process in the future and what legal options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data that we process about you.

Data protection declarations usually sound very technical and use legal technical terms. However, this data protection declaration is intended to describe the most important things to you as simply and transparently as possible. As far as transparency is beneficial, technical terms are explained in a reader-friendly manner,, to further information are provided andgraphics are used. We are thus informing in clear and simple language that we only process personal data in the context of our business activities if there is a corresponding legal basis. This is not possible if you make as brief, unclear and legal-technical statements as possible, and they are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and maybe there will be some s information that you were not previously familiar with.
If you still have questions, we would ask you to contact the responsible body named below or in the legal notice, to follow the links provided and to look at further information on third-party sites. You can of course also find our contact details in the imprint.

Scope of application

This data protection declaration applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (contract processors). By personal data we mean information such as the name, email address and postal address of a person. The processing of personal data ensures that we can offer and bill our services and products, be it online or offline. The scope of this data protection declaration includes:

• All online presences (websites, online shops) that we operate/li>
• Social media appearances and email communication
• Mobile apps for smartphones and other devices

In short: The data protection declaration applies to all areas in which personal data is processed in a structured manner in the company.

Legal bases

In the following data protection declaration, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course access this EU General Data Protection Regulation online at EUR-Lex, the gateway to EU law, read at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679

We only process your data if at least one of the following conditions applies:

1. Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of the data you entered in a contact form.
2. Contract Article 6 Paragraph 1 lit.b GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a sales contract with you, we need personal information in advance.
3. Legal obligation Article 6 Paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we will process your data. For example, we are legally required to keep invoices for bookkeeping. These usually contain personal data.
4. Legitimate interests (Article 6 Paragraph 1 lit.f GDPR): In the case of legitimate interests that do not restrict your basic rights, we reserve the right to process personal data. For example, we have to process certain data in order to be able to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.

Other conditions such as the taking of recordings in the public interest and the exercise of official authority as well as the protection of vital interests do not usually apply to us. If such a legal basis should be relevant, it will be shown at the appropriate point.

In addition to the EU regulation, national laws also apply:

• In In Austria this is the federal law for the protection of natural persons when processing personal data (data protection law), kurz DSG.
• In In Germany applies the Federal Data Protection Act, kurz BDSG.

If other regional or national laws apply, we will inform you about them in the following sections.

Contact details of the person responsible

If you have any questions about data protection, you will find the contact details of the responsible person or office below.

Superwine GmbH
Arsenal 1/3, 1030 Wien

Authorized to represent: Pascal Giefing

Email: drink@superwine.shop 
Phone: +436504706567
Imprint: https://www.superwine.shop/policies/legal-notice

Storage period

The fact that we only store personal data for as long as is absolutely necessary for the provision of our services and products is a general criterion for us. If, for example, it is required by law in the case of accounting, this storage period can also be exceeded. This means that we delete personal data as soon as the reason for the data processing no longer exists. If you want your data to be deleted or if you revoke your consent to data processing, the data will be deleted as soon as possible and unless there is an obligation to store it.

We will inform you below about the specific duration of the respective data processing, provided we have further information.

Rights according to the General Data Protection Regulation

According to Article 13 GDPR, you have the following rights to ensure that data is processed fairly and transparently:

• According to Article 15 GDPR, you have a right to information as to whether we are processing your data. If so, you have the right to receive a copy of the data and the following information:
  • for what purpose we carry out the processing;
  • the categories, i.e. the types of data that are processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data will be stored;
  • the existence of the right to correction, deletion or restriction of processing and the right to object to processing;
  • that you can complain to a supervisory authority (links to these authorities can be found below);
  • the origin of the data, if we have not collected it from you;
  • whether profiling is carried out, i.e. whether data is automatically evaluated in order to arrive at a personal profile of you.
• According to Article 16 GDPR, you have the right to correct your data, which means that we have to correct the data if you find errors.
• According to Article 17 GDPR, you have the right to deletion ("right to be forgotten"), which specifically means that you can request the deletion of your data.
• According to Article 18 GDPR, you have the right to restriction of processing, which means that we are only allowed to save the data but no longer use it.
• According to Article 19 GDPR, you have the right to data portability, which means that we will provide you with your data in a common format on request.
• According to Article 21 GDPR, you have a right of objection, which will result in a change in processing after enforcement.
  • If the processing of your data is based on Article 6 (1) (e) (public interest, exercise of official authority) or Article 6 (1) (f) (legitimate interest), you can object to the processing. We will then check as soon as possible whether we can legally comply with this objection.
  • If data is used to operate direct mail, you can object to this type of data processing at any time. We are then no longer allowed to use your data for direct marketing.
  • If data is used to carry out profiling, you can object to this type of data processing at any time. We are then no longer allowed to use your data for profiling.
• According to Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).

If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to the supervisory authority. For Austria this is the data protection authority, whose website you can find at https://www.dsb.gv.at/ and for Germany you can contact.the Federal Commissioner for Data Protection and Freedom of Information (BfDI)

In short: you have rights - do not hesitate to contact the person in charge listed above!

Data transfer to third countries

We only transfer or process data to countries outside the EU (third countries) if you consent to this processing, if this is required by law or contractually necessary and in any case only to the extent that this is generally permitted. In most cases, your consent is the most important reason that we have data processed in third countries. Processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, can mean that personal data is processed and stored in unexpected ways. If possible, we try to use server locations within the EU, provided that this is offered.

At the appropriate places in this data protection declaration, we will provide you with more detailed information about data transfer to third countries, if this applies.

Webhosting

Webhosting summaryg 👥 Affected: visitors to the website 🤝 Purpose: professional hosting of the website and security of operation 📓 Processed data: IP address, time of website visit, browser used and other data. You can find more details below or from the web hosting provider used. 📅 Storage period: depending on the respective provider, but usually 2 weeks ⚖️ Legal basis: Article 6 (1) (f) GDPR (legitimate interests)

What is webhosting?

When you visit websites these days, certain information - including personal data - is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all websites on a domain, i.e. everything from the start page (homepage) to the very last subpage (like this one here). By domain we mean example.de or musterbeispiel.com.

When you want to view a website on one screen, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.

This web browser has to connect to another computer where the website's code is stored: the web server. The operation of a web server is a complicated and time-consuming task, which is why this is usually done by professional providers, the providers. These offer web hosting and thus ensure reliable and error-free storage of website data.

When the browser establishes a connection on your computer (desktop, laptop, smartphone) and while data is being transferred to and from the web server, personal data may be processed. On the one hand, your computer stores data; on the other hand, the web server must also store data for a period of time in order to ensure proper operation.

for illustration

Why do we process personal data?

The purposes of data processing are:

1. Professional hosting of the website and security of operation
2. For reasons of operational security and to create access statistics

Which data are processed?

Even while you are visiting our website, our web server, that is the computer on which this website is saved, usually automatically saves data such as

• The complete Internet address (URL) of the website called up (e.g. https://www.beispielwebsite.de/beispielunterseite.html?tid=111744127)
• Browser and browser version (e.g. Chrome 87)
• The operating system used (e.g. Windows 10)
• The address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
• The host name andIP address of the device from which access is achieved (e.g. COMPUTERNAME and 194.23.43.121)
• Date and time
• In files, the so-called web server log files

How long will data be stored?

As a rule, the above data is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed by the authorities in the event of illegal behaviour.

In short: your visit will be logged by our provider (company that runs our website on special computers (servers)), but we will not pass on your data without your consent!

Legal basis

The legality of the processing of personal data in the context of web hosting results from Art. 6 Para. 1 lit. to be able to present.

Cookies

Cookies summary 👥 Affected: visitors to the website 🤝 Purpose: depending on the respective cookie. You can find more details on this below or from the manufacturer of the software that sets the cookie. 📓 Processed data: Depending on the cookie used. You can find more details on this below or from the manufacturer of the software that sets the cookie. 📅 Storage duration: depending on the respective cookie, can vary from hours to years ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit.f GDPR (legitimate interests)

What are cookies?

Our website uses HTTP cookies to save user-specific data.
IIn the following section, we explain what cookies are and why they are used so that you can better understand the following data protection declaration.

Whenever you surf the Internet, you are using a browser. Well-known browsers are, for example, Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.

One thing cannot be dismissed out of hand: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, which is the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you call up our site again, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and offers you the settings that you are used to. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as Chrome and the web server. Here, the web browser requests a website and receives a cookie back from the server, which the browser uses again as soon as another page is requested.

There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies cannot access information on your PC either.

For example, cookie data can look like this:

Name: _ga
Value: GA1.2.1326744211.152111744127-9
Purpose: Differentiation of website visitors
Expiry date: after 2 years

A browser should be able to support these minimum sizes:

• at least 4096 Bytes pro Cookie
• at least 50 Cookies pro Domain
• at least 3000 Cookies insgesamt

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Essential cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window..

Appropriate cookies
These cookies collect information about user behaviour and whether the user receives any error messages. These cookies are also used to measure the loading time and the behaviour of the website with different browsers.

Goal-oriented cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They serve to deliver customised advertising to the user. That can be very practical, but also very annoying.

Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Purpose of processing via cookies

The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.

Which data are processed?

Cookies are little helpers for a wide variety of tasks. Unfortunately, it is not possible to generalise which data is stored in cookies, but we will inform you about the processed or stored data in the context of the following data protection declaration.

Storage duration of cookies

The storage duration depends on the respective cookie and is further specified under each section. Some cookies are deleted after less than an hour, others can remain on a computer for several years.

Right of objection - how can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option of deleting, deactivating or only partially accepting cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether or not to allow the cookie. The procedure differs depending on the browser. It is best to search for the instructions in Google with the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser. .

Legal basis

The so-called “cookie guidelines” have existed since 2009. It states that the storage of cookies requires your consent (Article 6 (1) (a) GDPR). Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG). In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).

Legitimate interests exist for absolutely necessary cookieswhere no consent is given (Article 6 Paragraph 1 lit.f GDPR), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience and for this cookies are often absolutely necessary.

In the following sections, you will be informed in more detail about the use of cookies, provided that the software used uses cookies.

Facebook-Pixel data protection declaration

We use the Facebook pixel from Facebook on our website. We have implemented a code for this on our website. The Facebook pixel is an excerpt from JavaScript code that loads a collection of functions with which Facebook can track your user actions, provided you came to our website via Facebook ads. For example, when you purchase a product on our website, the Facebook pixel is triggered and saves your actions on our website in one or more cookies. These cookies enable Facebook to compare your user data (customer data such as IP address, user ID) with the data in your Facebook account. Then Facebook deletes this data again. The data collected is anonymous and cannot be viewed by us and can only be used in the context of advertising. If you are a Facebook user yourself and are logged in, your visit to our website is automatically assigned to your Facebook user account.

We only want to show our services and products to those people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. In this way, Facebook users (provided they have allowed personalised advertising) see appropriate advertising. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.

In the following, we show you the cookies that were set on a test page by integrating Facebook pixels. Please note that these are only sample cookies. Different cookies are set depending on the interaction on our website.

Name: _fbp
Value: fb.1.1568287647279.257405483-6111744127-7
Purpose: This cookie uses Facebook to display advertising products.
Expiry date: after 3 month

Name: fr
Value: 0aPf312HOS5Pboo2r..Bdeiuf…1.0.Bdeiuf.
Purpose: This cookie is used so that Facebook pixels also work properly.
Expiry date: after 3 months

Name: comment_author_50ae8267e2bdf1253ec1a5769f48e062111744127-3
Value: Name of the author
Purpose: This cookie stores the text and the name of a user who leaves a comment, for example.
Expiry date: after 12 months

Name: comment_author_url_50ae8267e2bdf1253ec1a5769f48e062
Value: https%3A%2F%2Fwww.testseite…%2F (URL des Autors)
Purpose: This cookie stores the URL of the website, which the user enters in a text field on our website.
Expiry date: after 12 months

Name: comment_author_email_50ae8267e2bdf1253ec1a5769f48e062
Value: Author's email address
Purpose: This cookie stores the email address of the user, provided he has made it known on the website.
Expiry date: after 12 months

Note: The cookies mentioned above relate to individual user behavior. Changes to Facebook can never be ruled out, especially when using cookies.

If you are logged in to Facebook, you can change your settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen  If you are not a Facebook user, you can basically manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/ There you have the option of deactivating or activating providers.

If you want to learn more about Facebook's data protection, we recommend the company's own data guidelines at https://www.facebook.com/policy.php.

Facebook automatic extended comparison data protection declaration

We have also activated the automatic advanced matching as part of the Facebook pixel function. This function of the pixel enables us to send hashed e-mails, names, gender, city, state, zip code and date of birth or telephone number as additional information to Facebook, provided that you have made this data available to us. This activation enables us to adapt advertising campaigns on Facebook even more precisely to people who are interested in our services or products.

Google Analytics privacy policy

Google Analytics Privacy Policy Summary 👥 Affected: Visitors to the website 🤝 Purpose: Evaluation of visitor information to optimise the website. 📓 Processed data: Access statistics that contain data such as the location of access, device data, access duration and time, navigation behavior, click behavior and IP addresses. You can find more details on this below in this data protection declaration. 📅 Storage period: Depending on the properties used ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

Was ist Google Analytics?

We use the analysis tracking tool Google Analytics (GA) from the American company Google Inc. on our website. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is saved in a cookie and sent to Google Analytics. With the help of the reports we receive from Google Analytics, we can better adapt our website and our service to your needs. In the following, we will go into more detail about the tracking tool and, above all, inform you about which data is stored and how you can prevent this.

Google Analytics is a tracking tool that is used to analyse the traffic on our website. In order for Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you carry out on our website. As soon as you leave our website, this data is sent to the Google Analytics server and stored there..

Google processes the data and we receive reports on your user behaviour. These can include the following reports:

• Target group reports: With target group reports, we get to know our users better and know more precisely who is interested in our service.
• Advertisement reports: Advertisement reports make it easier for us to analyse and improve our online advertising.
• Acquisition reports: Acquisition reports give us helpful information on how we can get more people excited about our service.
• Behavioural Reports: This is where we learn how you interact with our website. We can understand which route you take on our site and which links you click.
• Conversion reports: Conversion is a process in which you carry out a desired action based on a marketing message. For example, when you go from being a pure website visitor to being a buyer or newsletter subscriber. With the help of these reports, we can find out more about how our marketing measures are received by you. This is how we want to increase our conversion rate.
• Real-time reports: Here we always find out immediately what is happening on our website. For example, we can see how many users are reading this text.

Why do we use Google Analytics on our website?

Our goal with this website is clear: We want to offer you the best possible service. The statistics and data from Google Analytics help us to achieve this goal.

The statistically evaluated data show us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimise our site so that interested people can find it more easily on Google. On the other hand, the data helps us to better understand you as a visitor. We will therefore know what we need to improve on our website in order to offer you the best possible service. The data also help us to carry out our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.

Which data is saved by Google Analytics?

Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognises you as a new user. The next time you visit our site, you will be recognised as a "returning" user. All collected data is saved together with this user ID. This is how it is possible to evaluate pseudonymous user profiles in the first place.

In order to be able to analyse our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then saved in the corresponding property. The Google Analytics 4 property is standard for every newly created property. Alternatively, you can also create the Universal Analytics Property. Depending on the property used, data are stored for different lengths of time.

Identifications such as cookies and app instance IDs measure your interactions on our website. Interactions are all types of actions that you carry out on our website. If you also use other Google systems (such as a Google account), data generated by Google Analytics can be linked to third-party cookies. Google does not pass on any Google Analytics data unless we, as the website operator, approve it. Exceptions may be made if required by law.

The following cookies are used by Google Analytics:

Name: _ga
Value: 2.1326744211.152111744127-5
Purpose: By default, analytics.js uses the _ga cookie to save the user ID. Basically, it is used to differentiate between website visitors.
Expiry date: after 2 years

Name: _gid
Value: 2.1687193234.152111744127-1
Purpose: The cookie is also used to differentiate between website visitors
Expiry date: after 24 hours

Name: _gat_gtag_UA_
Value: 1
Purpose: Used to lower the request rate. If Google Analytics is provided via the Google Tag Manager, this cookie is given the name _dc_gtm_.
Expiry date: after 1 minute

Name: AMP_TOKEN
Value: no information
Purpose: The cookie has a token with which a user ID can be retrieved from the AMP client ID service. Other possible values indicate a logout, a request, or an error.
Expiry date: after 30 seconds up to a year

Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: This cookie can be used to track your behaviour on the website and measure performance. The cookie is updated every time information is sent to Google Analytics.
Expiry date: after 2 years

Name: __utmt
Value: 1
Purpose: The cookie is used like _gat_gtag_UA_ to throttle the request rate.
Expiry date: after 10 minutes

Name: __utmb
Value: 3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.
Expiry date: after 30 minutes

Name: __utmc
Value: 167421564
Purpose: This cookie is used to set new sessions for returning visitors. This is a session cookie and is only saved until you close the browser again.
Expiration date: after closing the browser

Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: The cookie is used to identify the source of the traffic on our website. This means that the cookie stores where you came to our website from. That could have been another page or an advertisement.
Expiry date: after 6 months

Name: __utmv
Value: not specified
Purpose: The cookie is used to store user-defined user data. It is updated every time information is sent to Google Analytics.
Expiry date: after 2 years

Note: This list cannot claim to be complete, as Google changes the choice of their cookies again and again.

Here we show you an overview of the most important data that is collected with Google Analytics:

Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly those areas that you click on. In this way we get information about where you are on our website.

Session duration: Google defines the session duration as the time that you spend on our site without leaving the site. If you have been inactive for 20 minutes, the session ends automatically.

Bounce rate: We speak of a bounce if you only view one page on our website and then exit our website again.

Account creation: When you create an account or place an order on our website, Google Analytics collects this data.

IP address: The IP address is only shown in abbreviated form so that it cannot be clearly assigned.

Location: The country and your approximate location can be determined via the IP address. This process is also known as IP location determination.

Technical information: The technical information includes, among other things, your browser type, your Internet provider or your screen resolution.

Source of origin: Google Analytics or us are of course also interested in through which website or which advertising you came to our site.

Further data are contact details, any ratings, the playing of media (e.g. when you play a video on our site), the sharing of content via social media or adding to your favourites. The list is not intended to be exhaustive and is only used as a general guide to data storage by Google Analytics.

How long and where will the data be stored?

Google has distributed their servers all over the world. Most of the servers are located in America and consequently your data is mostly stored on American servers. Here you can read exactly where the Google data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=de

Your data is distributed on various physical data carriers. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Every Google data center has appropriate emergency programs for your data. If, for example, the hardware at Google fails or natural disasters paralyse servers, the risk of service interruption at Google remains low.

The retention period of the data depends on the properties used. When using the newer Google Analytics 4 properties, the retention period of your user data is set to 14 months. For other so-called event data, we have the option of choosing a retention period of 2 months or 14 months.

At Universal Analytics Properties, Google Analytics has set a standardised retention period for your user data of 26 months. Then your user data will be deleted. However, we have the option of choosing the retention period for user data ourselves. We have five variants available for this:

• Deletion after 14 months
• Deletion after 26 months
• Deletion after 38 months
• Deletion after 50 months
• No automatic deletion

In addition, there is also the option that data will only be deleted if you no longer visit our website within the period selected by us. In this case, the retention period will be reset every time you visit our website again within the specified period.

When the specified period has expired, the data is deleted once a month. This retention period applies to your data linked to cookies, user identification and advertising IDs (e.g. cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is a merging of individual data into a larger unit.

How can I delete my data or prevent data storage?

According to the data protection law of the European Union, you have the right to receive information about your data, to update it, to delete it or to restrict it. Use the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js) to prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de Please note that this add-on only deactivates data collection by Google Analytics.

If you generally want to deactivate, delete or manage cookies (independent of Google Analytics), there are separate instructions for each browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

Please note that when you use this tool, your data can also be stored and processed outside of the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

Legal basis

The use of Google Analytics requires your consent, which we obtained with our cookie popup. According to Art. 6 Paragraph 1 lit.

In addition to consent, we have a legitimate interest in analysing the behaviour of website visitors and thus improving our offer technically and economically. With the help of Google Analytics, we recognise website errors, identify attacks and improve profitability. The legal basis for this is Article 6 (1) lit.f GDPR (legitimate interests)..

We hope we were able to provide you with the most important information about data processing by Google Analytics. If you want to find out more about the tracking service, we recommend these two http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de.

MailChimp privacy policy

MailChimp privacy policy summary 👥 Affected: newsletter subscribers 🤝 Purpose: direct marketing via email, notification of systemically relevant events 📓 Processed data: data entered during registration, but at least the e-mail address. 📅 Storage duration: duration of the subscription ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit.f GDPR (legitimate interests)

What is MailChimp?

Like many other websites, we also use the services of the newsletter company MailChimp on our website. MailChimp is operated by The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. Thanks to MailChimp, we can send you interesting news very easily via newsletter. With MailChimp we don't have to install anything and can still draw on a pool of really useful functions. In the following, we will go into more detail about this e-mail marketing service and inform you about the most important aspects relevant to data protection.

MailChimp is a cloud-based newsletter management service. “Cloud-based” means that we don't have to install MailChimp on our own computer or server. Instead, we use the service via an IT infrastructure - which is available via the Internet - on an external server. This way of using software is also called SaaS (Software as a Service).

With MailChimp we can choose from a wide range of different email types. Depending on what we want to achieve with our newsletter, we can carry out individual campaigns, regular campaigns, autoresponders (automatic e-mails), A / B tests, RSS campaigns (sending out in a predefined time and frequency) and follow-up campaigns.

Why do we use MailChimp on our website?

We generally use a newsletter service so that we can stay in contact with you. We want to tell you what's new with us or what attractive offers we currently have in our programme. We always look for the simplest and best solutions for our marketing measures. And for this reason we also decided to use Mailchimp's newsletter management service. Although the software is very easy to use, it offers a large number of helpful features. In this way we can create interesting and beautiful newsletters ina short time. With the design templates we offer, we design each newsletter individually and thanks to the "responsive design" our content is displayed legibly and beautifully on your smartphone (or any other mobile device).

Thanks to tools such as the A / B test or the extensive analysis options, we can see very quickly how you get our newsletters. In this way we can react if necessary and improve our offer or our services.

Another advantage is Mailchimp's "cloud system". The data is not stored and processed directly on our server. We can retrieve the data from external servers and in this way save our storage space. In addition, the maintenance effort is significantly lower.

Which data is saved by MailChimp?

The Rocket Science Group LLC (MailChimp) maintains online platforms that enable us to contact you (provided you have subscribed to our newsletter). If you become a subscriber to our newsletter via our website, you confirm your membership in an email list from MailChimp by email. So that MailChimp can also prove that you have registered yourself in the "list provider", the date of the entry and your IP address are saved. MailChimp also stores your email address, your name, the physical address and demographic information such as language or location.

This information is used to send you e-mails and to enable certain other MailChimp functions (such as evaluating the newsletter).

MailChimp also shares information with third party service providers to provide better services. MailChimp also shares some data with third-party advertising partners in order to better understand the interests and concerns of its customers so that more relevant content and targeted advertising can be provided.

Using so-called "web beacons" (these are small graphics in HTML e-mails) MailChimp can determine whether the e-mail has arrived, whether it has been opened and whether links have been clicked. All of this information is stored on the MailChimp servers. This gives us statistical evaluations and enables us to see exactly how well you received our newsletter. In this way we can adapt our offer much better to your wishes and improve our service.

MailChimp may also use this data to improve its own service. In this way, for example, the dispatch can be technically optimised or the location (country) of the recipient can be determined.

The following cookies can be set by Mailchimp. This is not a complete list of cookies, but rather an exemplary selection:

Name: AVESTA_ENVIRONMENT
Value: Prod
Purpose: This cookie is necessary to provide the Mailchimp services. It is always set when a user registers for a newsletter mailing list.
Expiration date: after the session ends

Name: ak_bmsc
Value: F1766FA98C9BB9DE4A39F70A9E5EEAB55F6517348A7000001111744127-3
Purpose: The cookie is used to distinguish a person from a bot. This enables secure reports on the use of a website to be generated.
Expiry date: nach after 2 hours

Name: bm_sv
Value: A5A322305B4401C2451FC22FFF547486~FEsKGvX8eovCwTeFTzb8//I3ak2Au…
Purpose: The cookie is from MasterPass Digital Wallet (a MasterCard service) and is used to offer a visitor a safe and easy virtual payment process. For this, the user is anonymously identified on the website.
Expiry date: : after 2 hours

Name: _abck
Value: 8D545C8CCA4C3A50579014C449B045111744127-9
Purpose: We could not find out any more information about the purpose of this cookie
Expiry date: after one year

Sometimes it can happen that you open our newsletter for a better presentation via a given link. This is the case, for example, if your e-mail programme does not work or the newsletter is not displayed properly. The newsletter is then displayed on a MailChimp website. MailChimp also uses cookies (small text files that save data on your browser) on its own websites. Personal data can be processed by MailChimp and its partners (e.g. Google Analytics). This data collection is the responsibility of MailChimp and we have no influence on it. In the “Cookie Statement” from MailChimp (at: https://mailchimp.com/legal/cookies/) you can find out exactly how and why the company uses cookies.

How long and where will the data be stored?

Since MailChimp is an American company, all collected data is also stored on American servers.

In principle, the data remains permanently stored on Mailchimp's servers and is only deleted when you request it. You can have your contact deleted by us. This permanently removes all of your personal data for us and anonymises you in the Mailchimp reports. However, you can also request the deletion of your data directly from MailChimp. Then all your data will be removed there and we will receive a notification from MailChimp. After we received the email, we have 30 days to delete your contact from all connected integrations.

How can I delete my data or prevent data storage?

You can withdraw your consent to receive our newsletter at any time within the received email by clicking on the link below. If you have unsubscribed by clicking on the unsubscribe link, your data will be deleted from MailChimp.

If you get to a MailChimp website via a link in our newsletter and cookies are set in your browser, you can delete or deactivate these cookies at any time.

Deactivating or deleting works a little differently depending on the browser. The following instructions show how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether or not to allow it.

Please note that when you use this tool, your data can also be stored and processed outside of the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

Legal basis

Mailchimp sends our newsletter on the basis of your consent (Article 6 (1) (a) GDPR). his means that we are only allowed to send you a newsletter if you have actively registered for it beforehand. If consent is not required, the newsletter is sent on the basis of the legitimate interest in direct marketing (Article 6 (1) (f)), provided this is legally permitted. We record your registration process so that we can always prove that it complies with our laws..

You can find out more about the use of cookies at MailChimp at https://mailchimp.com/legal/cookies/, information on data protection at MailChimp (privacy) can be found at  https://mailchimp.com/legal/privacy/

MailChimp order data processing contract

We have concluded a data processing addendum contract with MailChimp. This contract serves to secure your personal data and ensures that MailChimp adheres to the applicable data protection regulations and does not pass on your personal data to third parties.

You can find more information about this contract at  https://mailchimp.com/legal/data-processing-addendum/.

Google Ads (Google AdWords) Conversion Tracking Privacy Policy

Google Ads (Google AdWords) Conversion Tracking Privacy Policy Summary 👥 Affected: visitors to the website 🤝 Purpose: economic success and the optimisation of our service. 📓 Processed data: access statistics that contain data such as the location of access, device data, access duration and time, navigation behaviour, click behaviour and IP addresses. Personal data such as name or email address can also be processed. 📅Storage period: conversion cookies usually expire after 30 days and do not transmit any personal data ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit.f GDPR (legitimate interests)

What is Google Ads Conversion Tracking?

We use Google Ads (formerly Google AdWords) as an online marketing measure to advertise our products and services. We want to make more people aware of the high quality of our offers on the Internet. As part of our advertising measures through Google Ads, we use conversion tracking from Google Inc. on our website. In Europe, however, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With the help of this free tracking tool, we can better adapt our advertising offer to your interests and needs. In the following section, we want to go into more detail about why we use conversion tracking, which data is stored and how you can prevent this data storage.

Google Ads (formerly Google AdWords) is the in-house online advertising system of Google Inc. We are convinced of the quality of our offer and want as many people as possible to get to know our website. In the online area, Google Ads offers the best platform for this. Of course, we also want to get a precise overview of the cost-benefit factor of our advertising campaigns. That's why we use the Google Ads conversion tracking tool.

But what exactly is a conversion? A conversion occurs when you change from a purely interested website visitor to an active visitor. This always happens when you click on our ad and then take another action, such as visiting our website. With the conversion tracking tool from Google we record what happens after a user clicks on our Google Ads ad. For example, we can see whether products are being purchased, services are being used or whether users have signed up for our newsletter.

Why do we use Google Ads conversion tracking on our website?

We use Google Ads to draw attention to our offer on other websites. The aim is that our advertising campaigns really only reach those people who are interested in our offers. With the conversion tracking tool, we can see which keywords, ads, ad groups and campaigns lead to the desired customer actions. . We see how many customers interact with our ads on a device and then convert. This data enables us to calculate our cost-benefit factor, measure, the success of individual advertising measures and consequently optimise our online marketing measures. Furthermore, with the help of the data obtained, we can make our website more interesting for you and adapt our advertising offer even more individually to your needs.

What data is saved by Google Ads conversion tracking?

We have integrated a conversion tracking tag or code snippet on our website in order to be able to better analyse certain user actions. If you now click on one of our Google Ads ads, the "Conversion" cookie from a Google domain is saved on your computer (usually in the browser) or mobile device. Cookies are small text files that save information on your computer.

Here are the data from the most important cookies for Google's conversion tracking:

Name: Conversion
Value: EhMI_aySuoyv4gIVled3Ch0llweVGAEgt-mr6aXd7dYlSAGQ111744127-3
Purpose: This cookie saves every conversion that you make on our site after you have come to us via a Google Ad.
Expiry date: after 3 months

Name: _gac
Value: 1.1558695989.EAIaIQobChMIiOmEgYO04gIVj5AYCh2CBAPrEAAYASAAEgIYQfD_BwE
Purpose: This is a classic Google Analytics cookie and is used to record various actions on our website.
Expiry date: after 3 months

Note: The _gac cookie only appears in connection with Google Analytics. The above list does not claim to be complete, as Google repeatedly uses other cookies for analytical evaluation.

As soon as you complete an action on our website, Google recognises the cookie and saves your action as a so-called conversion. As long as you are surfing our website and the cookie has not yet expired, we and Google will recognise that you have found us via our Google Ads ad. The cookie is read out and sent back to Google Ads with the conversion data. It is also possible that other cookies are used to measure conversions. Google Ads conversion tracking can be refined and improved with the help of Google Analytics. For ads that Google shows in different places on the web, cookies with the name “__gads” or “_gac” may be set under our domain. Since September 2017, various campaign information has been stored by analytics.js with the _gac cookie. The cookie stores this data as soon as you visit one of our pages for which Google Ads automatic tagging has been set up. In contrast to cookies that are set for Google domains, Google can only read these conversion cookies when you are on our website. We do not collect or receive any personal data. We get a report from Google with statistical evaluations. For example, we find out the total number of users who clicked on our ad and we can see which advertising measures were well received.

How long and where will the data be stored?

At this point we want to point out that we have no influence on how Google uses the collected data. According to Google, the data is encrypted and stored on secure servers. In most cases, conversion cookies expire after 30 days and do not transmit any personal data. The cookies with the name "Conversion" and "_gac" (which is used in connection with Google Analytics) have an expiration date of 3 months.

How can I delete my data or prevent data storage?

You have the option of opting out of Google Ads conversion tracking. If you deactivate the Google conversion tracking cookie via your browser, you block conversion tracking. In this case you will not be included in the statistics of the tracking tool. You can change the cookie settings in your browser at any time. This works a little differently for each browser. Here you will find instructions on how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether or not to allow the cookie. By downloading and installing this browser plug-in athttps://support.google.com/ads/answer/7395996all "advertising cookies" are also deactivated. Please note that by deactivating these cookies you will not prevent the advertisements, only the personalised advertisements.

Please note that when you use this tool, your data can also be stored and processed outside of the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

Legal basis

If you have consented to the use of Google Ads Conversion Tracking, the legal basis for the corresponding data processing is this consent. According to

We also have a legitimate interest in using Google Ads Conversion Tracking to optimise our online service and our marketing measures. The corresponding legal basis for this is Article 6 (1) lit.f GDPR (legitimate interests)..

If you would like to find out more about data protection at Google, we recommend the general data protection declaration from Google: https://policies.google.com/privacy?hl=de.

Cookie Consent Management Platform

Cookie Consent Management Platform Summary 👥 Affected: Website visitors 🤝 Purpose: Obtaining consent to certain cookies and thus the use of certain tools 📓 Processed data: Data for managing the cookie settings such as IP address, time of consent, type of consent, individual consents. You can find more details on this with the tool used in each case.. 📅 Storage period: Depends on the tool used, you have to be prepared for periods of several years ⚖️ Legal basis: Article 6 (1) (a) GDPR (consent), Article 6 (1) (f) GDPR (legitimate interests)

What is a Cookie Consent Management Platform?

We use a Consent Management Platform (CMP) software on our website, which makes it easier for us and you to handle the scripts and cookies used correctly and securely. The software automatically creates a cookie pop-up, scans and controls all scripts and cookies, provides you with the cookie consent required under data protection law and helps you and us to keep track of all cookies. Most cookie consent management tools identify and categorise all existing cookies. As a website visitor, you then decide for yourself whether and which scripts and cookies you allow or not.

Why do we use a cookie management tool?

Our goal is to offer you the best possible transparency in the area of data protection. We are also legally obliged to do so. We want to inform you as successfully as possible about all tools and all cookies that can save and process your data. It is also your right to decide for yourself which cookies you accept and which you do not. In order to grant you this right, we first need to know exactly which cookies actually landed on our website. Thanks to a cookie management tool, which scans the website regularly for all cookies present, we know about all cookies and can provide you with GDPR-compliant information. You can then use the consent system to accept or reject cookies.

Which data are processed?

As part of our cookie management tool, you can manage each individual cookie yourself and have complete control over the storage and processing of your data. The declaration of your consent is saved so that we do not have to ask you every time you visit our website and so that we can also prove your consent if required by law. This is saved either in an opt-in cookie or on a server. The storage time of your cookie consent varies depending on the provider of the cookie management tool. This data (such as pseudonymous user ID, time of consent, detailed information on the cookie categories or tools, browser, device information) is stored for up to two years.

Duration of the data processing

We will inform you below about the duration of the data processing if we have further information. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. Data stored in cookies are stored for different periods of time. Some cookies are deleted after you leave the website, others can be stored in your browser for a number of years. The exact duration of the data processing depends on the tool used, in most cases you should be prepared for a storage period of several years. In the respective data protection declarations of the individual providers, you will usually receive precise information about the duration of the data processing.

Right to object

You also have the right and the option to revoke your consent to the use of cookies at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Information on special cookie management tools can be found - if available - in the following sections.

Legal basis

If you agree to cookies, your personal data will be processed and saved via these cookies. If we are allowed to use cookies with your consent ((Article 6 (1) (a) GDPR), this consent is also the legal basis for the use of cookies and the processing of your data. In order to be able to manage the consent to cookies and to enable you to give your consent, a cookie consent management platform software is used. The use of this software enables us to operate the website in an efficient manner in accordance with the law, which is a legitimate interest (Article 6 (1) (f) GDPR).

Payment provider

Payment provider privacy policy summary 👥 Affected: visitors to the website 🤝 Purpose: to optimise the payment process on our website 📓 Processed data: data such as name, address, bank details (account number, credit card number, passwords, TANs, etc.), IP address and contract data You can find more details on this with the payment provider tool used. 📅 Storage period: depending on the payment provider used ⚖️ Legal basis: Art. 6 para. 1 lit. c GDPR (legal obligation), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is a payment provider?

We use online payment systems on our website that enable us and you to have a secure and smooth payment process. Among other things, personal data can also be sent to the respective payment provider, stored and processed there. Payment providers are online payment systems that enable you to place an order via online banking. The payment processing is carried out by the payment provider you have chosen. We will then receive information about the payment made. This method can be used by any user who has an active online banking account with a PIN and TAN. There are barely any banks that do not offer or accept such payment methods.

Why do we use payment providers on our website?

Of course, we want to offer the best possible service with our website and our integrated online shop, so that you feel comfortable on our site and take advantage of our offers. We know that your time is valuable and that payment processing in particular has to work quickly and smoothly. For these reasons, we offer you various payment providers. You can choose your preferred payment provider and pay in the usual way.

Which data are processed?

The exact data that is processed naturally depends on the respective payment provider. Basically, however, data such as name, address, bank details (account number, credit card number, passwords, TANs, etc.) are saved. This is the necessary data to be able to carry out a transaction at all. In addition, any contract data and user data, such as when you visit our website, what content you are interested in or which sub-pages you click, can also be saved. Most payment providers also store your IP address and information about the computer you are using.

The data is usually stored and processed on the payment providers' servers. We as the website operator do not receive this data. We are only informed whether the payment worked or not. For identity and credit checks, it can happen that payment providers forward data to the appropriate body. The business and data protection principles of the respective provider always apply to all payment transactions. Therefore, please always take a look at the general terms and conditions and the data protection declaration of the payment provider. You also have the right to have data deleted or corrected at any time, for example. Please contact the respective service provider regarding your rights (right of withdrawal, right to information and right to be affected).

Duration of the data processing

We will inform you below about the duration of the data processing if we have further information. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If it is required by law, for example in the case of accounting, this storage period can also be exceeded.

Right to object

You always have the right to information, correction and deletion of your personal data. If you have any questions, you can always contact the person responsible for the payment provider used. You can find contact details either in our specific data protection declaration or on the website of the relevant payment provider.

You can delete, deactivate or manage cookies that payment providers use for their functions in your browser. This works in different ways depending on which browser you are using. Please note, however, that the payment process may then no longer work.

Legal basis

We therefore offer in the context of contractual or legal relationships, due to legal obligations Art. 6 Para. 1 lit. c GDPR) and on the basis of legitimate interest (Art. 6 Para. 1 lit.f GDPR) in addition to banking / credit institutions also other payment service providers. The data protection declarations of the individual payment providers (such as Amazon Payments, Apple Pay or Discover) give you a precise overview of data processing and data storage. In addition, you can always contact those responsible if you have any questions about data protection-related topics.

Information on the special payment providers can be found - if available - in the following sections.

Apple Pay privacy Policy

We use Apple Pay, an online payment service, on our website. The service provider is the American company Apple Inc., Infinite Loop, Cupertino, CA 95014, USA. You can find out more about the data processed through the use of Apple Pay in the Privacy Policy at https://www.apple.com/legal/privacy/de-ww/.

Google Pay privacy policy

We use the online payment provider Google Pay on our website. The service provider is the American company Google Inc. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.  You can find out more about the data processed through the use of Google Pay in the Privacy Policy at https://policies.google.com/privacy.

Mastercard privacy policy

We use the payment service provider Mastercard on our website. The service provider is the American company Mastercard Inc. The company Mastercard Europe SA (Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium) is responsible for the European region. You can find out more about the data processed by using Mastercard in the Privacy Policy at https://www.mastercard.de/de-de/datenschutz.html.

PayPal privacy policy

We use the online payment service PayPal on our website. The service provider is the American company PayPal Inc. The company PayPal Europe (S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg) is responsible for the European region. You can find out more about the data processed through the use of PayPal in the Privacy Policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Shop Pay privacy policy

We use Shop Pay, a service for online payment solutions, on our website. The service provider is the American company Shopify Inc. Shopify International Limited (Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland) is responsible for the European region. You can find out more about the data processed by using Shop Pay in the Privacy Policy at https://www.shopify.de/legal/datenschutz.

Visa privacy policy

We use Visa, a global payment provider, on our website. The service provider is the American company Visa Inc. The company Visa Europe Services Inc. (1 Sheldon Square, London W2 6TT, Great Britain) is responsible for the European region. You can find out more about the data processed by using Visa in the Privacy Policy at https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.

Klarna Checkout privacy policy

Klarna Checkout Privacy Policy Summary 👥 Affected: visitors to the website 🤝 Purpose: to optimise the payment process on our website 📓 Processed data: data such as name, address, bank details (account number, credit card number, passwords, TANs, etc.), IP address and contract data You can find more details on this below in this data protection declaration. 📅 Storage period: data is stored as long as Klarna needs it for the processing purpose. ⚖️ Legal basis: Art. 6 para. 1 lit. c GDPR (legal obligation), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is Klarna Checkout?

We use the online payment system Klarna Checkout from the Swedish company Klarna Bank AB on our website. Klarna Bank has its main headquarters in Sveavägen 46, 111 34 Stockholm, Sweden. If you choose this service, personal data will be sent to Klarna, stored and processed, among other things. In this data protection declaration, we would like to give you an overview of the data processing by Klarna.

Klarna Checkout is a payment system for orders in an online shop. The user selects the payment method and Klarna Checkout takes over the entire payment process. After a user has made a payment once via the checkout system and has provided the relevant data, future online purchases can be made faster and easier. The Klarna system then recognises the existing customer after entering the email address and postal code.

Why do we use Klarna Checkout for our website?

Our goal with our website and our integrated online shop is to offer you the best possible service. In addition to the overall experience on the website and in addition to our offers, this also includes smooth, fast and secure payment processing for your orders. To ensure this, we use the Klarna Checkout payment system.

Which data is saved by Klarna Checkout?

As soon as you choose the Klarna payment service and pay using the Klarna Checkout payment method, you also transmit personal data to the company. On the Klarna checkout page, technical data such as browser type, operating system, our internet address, date and time, language settings, time zone settings and IP address are collected from you and transmitted to Klarna's servers and stored there. This data is saved even if you have not yet placed an order.

If you order a product or service through our shop, you have to enter your personal data in the fields provided. This data is processed by Klarna for payment processing. The following personal data (as well as general product information) can be stored and processed by Klarna for creditworthiness and identity checks:

• Contact information: name, date of birth, national ID number, title, billing and shipping address, email address, phone number, nationality or salary.
• Payment information such as credit card details or your bank account number
• Product information such as the tracking number, type of item and price of the product

In addition, there is also data that can be optionally collected, provided you consciously decide to do so. These are, for example, political, religious or ideological convictions or various health data.

Klarna can also collect data itself or through third parties (such as through us or through public databases) in addition to the above-mentioned data, as well as data on the goods or services that you buy or order. This can be, for example, the shipment number or the type of article ordered, but also information about your creditworthiness, your income or credit granted. Klarna can also pass on your personal data to service providers such as software providers, data storage providers or us as retailers.

When data is automatically entered in a form, cookies are always involved. If you do not want to use this function, you can deactivate these cookies at any time. Further down in the text you will find instructions on how to delete, deactivate or manage cookies in your browser. Our tests have shown that Klarna does not set any cookies directly. If you choose the payment method “Klarna Sofort” and click on “Order”, you will be redirected to the Sofort website. After the successful payment you will come to our thank you page. There, Sofort.com sets the following cookie:

Name: SOFUEB
Value: e8cipp378mdscn9e17kajlfhv7111744127-4
Purpose: This cookie stores your session ID.
Expiry date: after the browser session has ended

How long and where will the data be stored?

Klarna tries to save your data only within the EU or the European Economic Area (EEA). However, it can also happen that data is transferred outside of the EU / EEA. When that happens, Klarna ensures that data protection is in line with the GDPR and that the third country is subject to an adequacy decision by the European Union. The data is always saved as long as Klarna needs it for the processing purpose.

How can I delete my data or prevent data storage?

You can revoke your consent to Klarna processing personal data at any time. You always have the right to information, correction and deletion of your personal data. All you have to do is contact the company or the company's data protection team by e-mail to datenschutz@klarna.de You can also contact Klarna directly via the Klarna website „“My data protection request”.“ 

Cookies that Klarna may use for their functions can be deleted, deactivated or managed in your browser. This works in different ways depending on which browser you are using. The following instructions show how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

Legal basis

In the context of contractual or legal relationships, due to legal obligations (Art. 6 Abs. 1 lit. c DSGVO) und auf Grundlage des berechtigten Interesses (Art. 6 Abs. 1 lit.f DSGVO) and on the basis of legitimate interest (Art. 6 Para. 1 lit.f GDPR), we also offer banking / credit institutions the payment service provider Klarna Checkout.

We hope to have given you a good overview of data processing by Klarna. If you want to find out more about the handling of your data, we recommend the Klarna data protection declaration at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy.

 

Sofortüberweisung data protection declaration

Sofortüberweisung Privacy Policy Summary 👥 Affected: visitors to the website 🤝 Purpose: to optimise the payment process on our website 📓 Processed data: data such as name, address, bank details (account number, credit card number, passwords, TANs, etc.), IP address and contract data More details can be found below in the data protection declaration 📅 Storage period: data are stored within the legal retention period ⚖️ Legal basis: Art. 6 para. 1 lit. c GDPR (legal obligation), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is an "instant transfer"?

On our website we offer the payment method "Sofortüberweisung" from the company Sofort GmbH for cashless payment. Sofort GmbH has been part of the Swedish company Klarna since 2014, but has its headquarters in Germany, Theresienhöhe 12, 80339 Munich.

If you choose this payment method, personal data will also be transmitted to Sofort GmbH or Klarna, stored and processed there. With this data protection text, we give you an overview of the data processing by Sofort GmbH.

Sofortüberweisung is an online payment system that enables you to place an order via online banking. The payment processing is carried out by Sofort GmbH and we immediately receive information about the payment made. This method can be used by any user who has an active online banking account with a PIN and TAN. Only a few banks do not yet support this payment method.

Why do we use "Sofortüberweisung" on our website?

Our goal with our website and our integrated online shop is to offer you the best possible service. In addition to the overall experience on the website and in addition to our offers, this also includes smooth, fast and secure payment processing for your orders. To ensure this, we use "Sofortüberweisung" as a payment system.

Which data is saved by "Sofortüberweisung"?

If you make an immediate transfer via the Sofort / Klarna service, data such as name, account number, bank code, subject, amount and date are stored on the company's servers. We also receive this information via the payment confirmation.

As part of the account coverage check, Sofort GmbH checks whether your account balance and overdraft credit line cover the payment amount. In some cases, a check is also carried out to determine whether immediate transfers have been made successfully in the last 30 days. Furthermore, your user identification (such as the user number or contract number) is collected and stored in abbreviated ("hashed") form and your IP address. BIC and IBAN are also saved for SEPA transfers.

According to the company, no other personal data (such as account balances, sales data, credit limits, account lists, mobile phone numbers, authentication certificates, security codes or PIN / TAN) are collected, stored or passed on to third parties.

Sofortüberweisung also uses cookies to make its own service more user-friendly. When you order a product, you will be redirected to the Sofort or Klarna website. After the successful payment, you will be redirected to our thank you page. The following three cookies are set here:

Name: SOFUEB
Value: e8cipp378mdscn9e17kajlfhv7111744127-5
Purpose: This cookie stores your session ID.
Expiry date: after the browser session has ended

Name: User[user_cookie_rules] Value: 1
Purpose: This cookie stores your consent to the use of cookies.
Expiry date: : nafter 10 years

Name: _ga
Value: GA1.2.69759879.1589470706
Purpose: By default, analytics.js uses the _ga cookie to save the user ID. Basically, it is used to differentiate between website visitors. This is a Google Analytics cookie.
Expiry date: : after 2 years

Note: The cookies listed here do not claim to be complete. It is always possible that Sofortüberweisung also uses other cookies.

How long and where will the data be stored?

All data collected are stored within the legal retention period. This obligation can last between three and ten years.

Klarna / Sofort GmbH tries to save data within the EU or the European Economic Area (EEA). If data is transferred outside of the EU / EEA, data protection must comply with the GDPR and the country must be subject to an adequacy decision by the EU.

How can I delete my data or prevent data from being saved?

You can revoke your consent to Klarna processing personal data at any time. You always have the right to information about, correction and deletion of your personal data. To do this, you can simply contact the company's data protection team by emailing datenschutz@sofort.com.

You can manage, delete or deactivate any cookies that Sofortüberweisung uses in your browser. This works in different ways depending on your preferred browser. The following instructions show how to manage cookies in the most common browsers:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

Legal basis

In the context of contractual or legal relationships, due to legal obligations (Art. 6 Abs. 1 lit. c DSGVO) and on the basis of legitimate interest (Art. 6 Abs. 1 lit.f DSGVO) ,we also offer banking / credit institutions the payment service provider Sofortüberweisung.

If you want to find out more about the data processing by the "Sofortüberweisung" of the company Sofort GmbH, we recommend the data protection declaration at https://www.sofort.de/datenschutz.html.

Social Media

Social Media Privacy Policy Summary 👥 Affected: visitors to the website 🤝 Purpose: to optimise our service 📓 Processed data: data such as telephone numbers, e-mail addresses, contact data, data on user behaviour, information about your device and your IP address. You can find more details on this with the respective social media tool used. 📅 Storage period: depending on the social media platforms used ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What is social media?

In addition to our website, we are also active on various social media platforms. User data can be processed so that we can target users who are interested in us via the social networks. In addition, elements of a social media platform can also be embedded directly in our website. This is the case, for example, if you click a so-called social button on our website and are forwarded directly to our social media presence. So-called social media or social media are websites and apps through which registered members can produce content, exchange content openly or in certain groups, and network with other members.

Why do we use social media?

For years, social media platforms have been the place where people communicate and get in touch online. With our social media presence, we can bring our products and services closer to interested parties. The social media elements integrated on our website help you to switch to our social media content quickly and without complications.

The primary purpose of the data that is saved and processed through your use of a social media channel is to be able to carry out web analyses. The aim of these analyses is to be able to develop more precise and personal marketing and advertising strategies. Depending on your behaviour on a social media platform, appropriate conclusions can be drawn about your interests with the help of the evaluated data and so-called user profiles can be created. In this way, it is also possible for the platforms to present you with customised advertisements. For this purpose, cookies are usually set in your browser, which save data on your usage behaviour.

Please note that when you use the social media platforms or our built-in elements, your data can also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. As a result, you may no longer be able to easily claim or enforce your rights with regard to your personal data.

Which data are processed?

Exactly which data is stored and processed depends on the respective provider of the social media platform. But usually it is data such as telephone numbers, e-mail addresses, data that you enter in a contact form, user data such as which buttons you click, who you like or who you follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Especially if you yourself have a profile on the social media channel you are visiting and are logged in, data can be linked to your profile.

All data that is collected via a social media platform is also stored on the provider's servers. This means that only the providers have access to the data and can provide you with the appropriate information or make changes.

If you want to know exactly which data is stored and processed by the social media providers and how you can object to the data processing, you should read the respective data protection declaration of the company carefully. We also recommend that you contact the provider directly if you have any questions about data storage and data processing or if you want to assert corresponding rights.

Duration of the data processing

We will inform you below about the duration of the data processing if we have further information. For example, the social media platform Facebook stores data until it is no longer needed for its own purpose. However, customer data that is compared with your own user data is deleted within two days. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If it is required by law, for example in the case of accounting, this storage period can also be exceeded.

Right to object

You also have the right and the option to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Since cookies can be used with social media tools, we also recommend our general data protection declaration on cookies. To find out which of your data is stored and processed, you should read the data protection declarations of the respective tools.

Legal basis

If you have consented to your data being processed and stored through integrated social media elements, this consent is the legal basis for data processing (Art. 6 Abs. 1 lit. a DSGVO). In principle, your data is also stored and processed on the basis of our legitimate interest(Art. 6 Abs. 1 lit. f DSGVO) in quick and good communication with you or other customers and business partners. Most social media platforms also set cookies on your browser to save data. We therefore recommend that you read our data protection text about cookies carefully and take a look at the data protection declaration or the cookie policy of the respective service provider.

You can find information on special social media platforms - if available - in the following sections.

TikTok privacy policy

We also use TikTok, a social media and video channel. The service provider is the Chinese company Beijing Bytedance Technology Ltd. The Irish company TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, is responsible for the European area. You can find out more about the data processed through the use of TikTok in the Privacy Policy at https://www.tiktok.com/legal/privacy-policy?lang=de.

Facebook privacy policy

Facebook privacy policy summary 👥 Affected: visitors to the website 🤝 Purpose: to optimise our service 📓 Processed data: data such as customer data, data on user behaviour, information about your device and your IP address. More details can be found below in the data protection declaration. 📅 Storage period: until the data is no longer useful for Facebook purposes ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests).

What are Facebook tools?

We use selected tools from Facebook on our website. Facebook is a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland. With the help of these tools, we can offer you and people who are interested in our products and services the best possible offer. In the following, we provide an overview of the various Facebook tools, which data is sent to Facebook and how you can delete this data.

In addition to many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official name of Facebook. But since the term is hardly known, we decided to call them just Facebook tools. These include:

• Facebook pixel
• Social plug-ins (such as the "Like" or "Share" button)
• Facebook login
• Account Kit
• APIs (programming interface)
• SDKs (collection of programming tools)
• Platform integrations
• Plugins
• Codes
• Specifications
• Documentation
• Technologies and services

These tools enable Facebook to expand its services and receive information about user activities outside of Facebook.

Why do we use Facebook tools on our website?

We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook ads), we can reach exactly these people. However, in order to be able to show users appropriate advertising, Facebook needs information about people's wishes and needs.  Information about user behaviour (and contact details) is made available to the company on our website. As a result, Facebook collects better user data and can show interested people the right advertising about our products or services. The tools thus enable tailor-made advertising campaigns on Facebook.

Facebook calls data about your behaviuor on our website “event data”. These are also used for measurement and analysis services. In this way, Facebook can create “campaign reports” on our behalf about the impact of our advertising campaigns. Furthermore, analyses give us a better insight into how you use our services, website or products. This enables us to optimise your user experience on our website with some of these tools. For example, you can use the social plug-ins to share content on our site directly on Facebook.

Which data are saved by Facebook tools?

By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address can be sent.

Facebook uses this information to compare the data with the data it has about you (if you are a Facebook member). So-called "hashing" takes place before customer data is transmitted to Facebook. This means that a data record of any size is transformed into a character string. This is also used to encrypt data.

In addition to the contact details, "event data" are also transmitted. "Event data" means the information that we receive about you on our website. For example, which sub-pages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally obliged to do so. "Event data" can also be linked to contact details. This enables Facebook to offer better personalised advertising. After the already mentioned comparison process, Facebook will delete the contact details again.

In order to be able to deliver advertisements in an optimised way, Facebook only uses the event data if this has been combined with other data (which were recorded by Facebook in a different way). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, a different number of cookies will be created in your browser. In the descriptions of the individual Facebook tools, we go into more detail on individual Facebook cookies. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.

How long and where will the data be stored?

In principle, Facebook stores data until it is no longer needed for its own services and Facebook products. Facebook has servers all over the world where its data is stored. However, customer data will be deleted within 48 hours after it has been compared with your own user data.

How can I delete my data or prevent data storage?

In accordance with the General Data Protection Regulation, you have the right to information about, correction, portability and deletion of your data.

The data will only be completely deleted if you completely delete your Facebook account. And this is how to delete your Facebook account:

1) On the right side of Facebook, click Settings.

2) Then click on "Your Facebook information" in the left column.

3) Now click “Deactivate and Delete”.

4) Now select "Delete account" and then click on "Next and delete account"

5) Now enter your password, click on "Next" and then on "Delete account"

The storage of the data that Facebook receives via our site takes place, among other things, via cookies (e.g. with social plugins). You can deactivate, delete or manage individual or all cookies in your browser. This works in different ways depending on which browser you are using. The following instructions show how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether or not to allow it.

Please note that when you use this tool, your data can also be stored and processed outside of the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

Legal basis

If you have consented that your data can be processed and stored through integrated social media elements, this consent is the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR).. In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners. Most social media platforms also set cookies on your browser to save data. We therefore recommend that you read our data protection text about cookies carefully and take a look at the data protection declaration or the cookie policy of the respective service provider.

We hope we have brought you the most important information about the use and data processing by the Facebook tools. If you want to find out more about how Facebook uses your data, we recommend the data guidelines at https://www.facebook.com/about/privacy/update.

Instagram privacy policy

Instagram privacy policy summary 👥 Affected: visitors to the website 🤝 Purpose: to optimise our service 📓 Processed data: data such as data on user behaviour, information about your device and your IP address. More details can be found below in the data protection declaration. More details can be found below in the data protection declaration. 📅 Storage period: until Instagram no longer needs the data for its purposes ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What is Instagram?

We have built in Instagram functions on our website. Instagram is a social media platform operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Facebook Inc. since 2012 and is a Facebook product. Embedding Instagram content on our website is called embedding. This enables us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit our website that has an Instagram function integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data will thus be processed across all Facebook companies.

In the following, we want to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control the data processing. Since Instagram belongs to Facebook Inc., we obtain our information from the Instagram guidelines on the one hand, but also from the Facebook data guidelines themselves on the other.

Instagram is one of the most famous social media networks in the world. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to “Insta” (as many of the users casually call the platform), edit them with various filters and also distribute them on other social networks. And if you don't want to be active yourself, you can just follow other interesting users.

Why do we use Instagram on our website?

Instagram is the social media platform that has really gone through the roof in recent years. And of course we have reacted to this boom. We want you to feel as comfortable as possible on our website. That is why a varied preparation of our content is a matter of course for us. Thanks to the embedded Instagram functions, we can enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be used for personalised advertising on Facebook. Our advertisements are only given to people who are really interested in our products or services.

Instagram also uses the collected data for measurement  analysis purposes. We get summarised statistics and thus more insight into your wishes and interests. It is important to note that these reports do not personally identify you.

What data is stored by Instagram?

If you come across one of our pages that has Instagram functions (such as Instagram images or plug-ins) installed, your browser automatically connects to the Instagram servers. In doing so, data is sent to Instagram, saved and processed. Regardless of whether you have an Instagram account or not. This includes information about our website, about your computer, about purchases made, about advertisements that you see and how you use our offer. The date and time of your interaction with Instagram are also saved. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.

Facebook differentiates between customer data and event data. We assume this is exactly the case with Instagram. Customer data are, for example, name, address, telephone number and IP address. This customer data will only be transmitted to Instagram if it has been "hashed" beforehand. Hashing means that a data record is converted into a character string. This allows you to encrypt the contact details. In addition, the above-mentioned "event data" are also transmitted. Facebook - and consequently Instagram - understands “event data” to mean data about your user behaviour. It can also happen that contact data is combined with event data. The contact details collected are compared with the data Instagram already has about you.

The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored.

We assume that data processing on Instagram works in the same way as on Facebook. This means: if you have an Instagram account orwww.instagram.com have visited www.instagram.com, Instagram has set at least one cookie. If that is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data will be deleted or anonymised after 90 days at the latest (after comparison). Although we have dealt intensively with data processing by Instagram, we cannot say exactly which data Instagram collects and stores.

In the following, we show you cookies that are set in your browser at least when you click on an Instagram function (such as a button or an Insta picture). Our test assumes that you do not have an Instagram account. If you are logged in to Instagram, significantly more cookies will of course be set in your browser.

These cookies were used in our test:

Name: csrftoken
Value: “”
Purpose: This cookie is very likely to be set for security reasons in order to prevent falsification of inquiries. However, we could not find out more precisely.
Expiry date: after one year

Name: mid
Value: “”
Purpose: Instagram sets this cookie in order to optimise its own services and offers in and outside of Instagram. The cookie defines a unique user ID.
Expiration date:after the end of the session

Name: fbsr_111744127124024
Value: no information
Purpose: : This cookie saves the log-in request for users of the Instagram app.
Expiration date after the end of the session

Name: rur
Value: ATN
Purpose: This is an Instagram cookie that guarantees functionality on Instagram.
Expiration date: after the end of the session

Name: urlgen
Value: “{”194.96.75.33”: 1901}:1iEtYv:Y833k2_UjKvXgYe111744127”
Purpose: This cookie is used by Instagram for marketing purposes.
Expiration date:after the end of the session

Note:We cannot claim to be comprehensive here. Which cookies are set in individual cases depends on the embedded functions and your use of Instagram.

How long and where will the data be stored?

Instagram shares the information received between the Facebook companies with external partners and with people with whom you connect worldwide. The data processing takes place in compliance with their own data guidelines. For security reasons, among other things, your data is distributed on Facebook servers around the world. Most of these servers are in the USA.

How can I delete my data or prevent data storage?

Thanks to the General Data Protection Regulation, you have the right to information about, portability, correction and deletion of your data. You can manage your data in Instagram settings. If you want to completely erase your data on Instagram, you have to delete your Instagram account permanently.

And this is how to delete an Instagram account:

First, open the Instagram app. On your profile page, go down and click on "Help Center". You are now on the company's website. On the website, click on "Manage Your Account" and then on "Delete Your Account".

If you delete your account entirely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and therefore will not be deleted.

As already mentioned above, Instagram stores your data primarily via cookies. You can manage, deactivate or delete these cookies in your browser. Management always works a little differently depending on your browser. Here we show you the instructions for the most important browsers.

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

You can also set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Please note that when you use this tool, your data can also be stored and processed outside of the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

Legal basis

If you have consented to your data being processed and stored through integrated social media elements, this consent is the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR).. In principle, your data is also stored and processed on the basis of our legitimate interest Art. 6 Para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners. Most social media platforms also set cookies on your browser to save data. We therefore recommend that you read our data protection text about cookies carefully and take a look at the data protection declaration or the cookie policy of the respective service provider.

We have tried to give you the most important information about data processing by Instagram. On https://help.instagram.com/519522125107875
you can take a closer look at Instagram's data guidelines.

Google Fonts privacy policy

Google Fonts Privacy Policy Summary 👥 Affected: visitors to the website 🤝 Purpose: to optimise our service 📓 Processed data: data such as IP address and CSS and font requests You can find more details on this below in this data protection declaration. 📅 Storage period: Font files are stored by Google for one year ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What are Google Fonts?

We use Google Fonts on our website. These are the “Google Fonts” from Google Inc. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

You do not have to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts / fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don't need to worry that your Google account details will be transmitted to Google while you are using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at what the data storage looks like.

Google Fonts (formerly Google Web Fonts) is a directory with over 800 fonts that Google makes available to its users free of charge.

Many of these fonts are released under the  SIL Open Font License while others are released under the  Apache-Lizenz Both are free software licenses.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimised for the web and this saves data volume and is a great advantage, especially for use on mobile devices. When you visit our site, the small file size ensures a quick loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast content delivery network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts so that we can present our entire online service as beautifully and consistently as possible.

Which data is saved by Google?

When you visit our website, the fonts are downloaded from a Google server. This external call transfers data to the Google server. Google also recognises that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end-user data to what is necessary for the proper provision of fonts. By the way, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests with Google and is therefore protected With the usage figures collected, Google can determine how well the individual fonts are being received. Google publishes the results on internal analysis sites such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery,database by Google Fonts. Entrepreneurs and developers use the Google web service BigQuery to examine and move large amounts of data.

It should be noted, however, that with every Google Font request, information such as language settings, IP address, version of the browser, screen resolution of the browser and the name of the browser are automatically transmitted to the Google server. It is not clear whether this data is saved or not clearly communicated by Google.

How long and where will the data be stored?

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. With this, Google is pursuing the goal of fundamentally improving the loading time of websites. If millions of web pages refer to the same fonts, they are cached after the first visit and immediately reappear on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. In order to be able to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=111744127 In this case, you only prevent data storage if you are not visiting our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore have unlimited access to a sea of fonts and thus get the most out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=111744127. Although Google deals with data protection issues there, it does not contain any really detailed information about data storage. It is relatively difficult to get really precise information about stored data from Google.

Legal basis

If you have consented to the use of Google Fonts, the legal basis for the corresponding data processing is this consent. According to Art. 6 Paragraph 1 lit.

We also have a legitimate interest in using Google Font to optimise our online service. The corresponding legal basis for this is Article 6 (1) lit.f GDPR (legitimate interests)..

You can also read which data is generally recorded by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/ nachlesen.

Google reCAPTCHA privacy policy

Google reCAPTCHA privacy policy summary 👥 Affected: visitors to the website 🤝 Purpose: optimisation of our services and protection against cyber attacks 📓 Processed data: data such as IP address, browser information, your operating system, limited location and usage data You can find more details on this below in this data protection declaration. 📅 Storage duration: depending on the stored data ⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What is reCAPTCHA?

Our primary goal is to secure and protect our website for you and for us in the best possible way. To ensure this, we use Google reCAPTCHA from Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With reCAPTCHA we can determine whether you are really a flesh and blood human and not a robot or other spam software. We understand spam as any unsolicited information that comes to us electronically. With the classic CAPTCHAS, you mostly had to solve text or picture puzzles to check. With reCAPTCHA from Google, we usually don't have to bother you with such puzzles. In most cases, it is sufficient to simply tick the box and confirm that you are not a bot. With the new Invisible reCAPTCHA version you don't even have to check the box anymore. How this works exactly and, above all, which data is used for it, you will find out in the course of this data protection declaration.

reCAPTCHA is a free captcha service from Google that protects websites from spam software and abuse by non-human visitors. The most common use of this service is when filling out forms on the Internet. A captcha service is a type of automatic Turing test that is designed to ensure that an action on the Internet is carried out by a human and not by a bot. In the classic Turing test (named after the computer scientist Alan Turing), a person determines the distinction between bot and human. With captchas, this is also done by the computer or a software program. Classic captchas work with small tasks that are easy for humans to solve, but are very difficult for machines. With reCAPTCHA you no longer have to actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. All you have to do here is tick the text field “I am not a robot” or, with Invisible reCAPTCHA, even this is no longer necessary. With reCAPTCHA, a JavaScript element is integrated into the source text and the tool then runs in the background and analyses your user behaviour. The software calculates a so-called captcha score from these user actions. Google uses this score to calculate the probability that you are human before entering the captcha. reCAPTCHA or captchas in general are always used when bots could manipulate or abuse certain actions (such as registrations, surveys, etc.).

Why do we use reCAPTCHA on our website?

We only want to welcome people of flesh and blood on our side. Bots or spam software of all kinds can safely stay at home. That is why we do all we can to protect ourselves and offer you the best possible user-friendliness. For this reason we use Google reCAPTCHA from Google. So we can be pretty sure that we will remain a “bot-free” website. By using reCAPTCHA, data is transmitted to Google in order to determine whether you are really human. reCAPTCHA therefore serves the security of our website and consequently also your security. For example, without reCAPTCHA, it could happen that a bot registers as many e-mail addresses as possible in order to "spam" on forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.

Which data is saved by reCAPTCHA?

reCAPTCHA collects personal data from users in order to determine whether the actions on our website actually originate from people. The IP address and other data that Google needs for the reCAPTCHA service can therefore be sent to Google. Within the member states of the EU or other signatory states to the Agreement on the European Economic Area, IP addresses are almost always shortened beforehand before the data ends up on a server in the USA. The IP address will not be combined with other Google data unless you are logged into your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed on your browser. ReCAPTCHA then sets an additional cookie in your browser and takes a snapshot of your browser window.

The following list of collected browser and user data does not claim to be exhaustive. Rather, they are examples of data that, to our knowledge, are processed by Google.

• Referrer URL (the address of the page from which the visitor comes)
• IP address (e.g. 256.123.123.1)
• Information about the operating system (the software that enables the operation of your computer. Known operating systems are Windows, Mac OS X or Linux)
• Cookies (small text files that save data in your browser)
• Mouse and keyboard behaviour  (every action you perform with the mouse or keyboard is saved)
• Date and language settings  (which language or which date you have preset on your PC is saved)
• All Javascript objects  (JavaScript is a programming language that enables websites to adapt to the user. JavaScript objects can collect all possible data under one name)
• Screen resolution  (shows how many pixels the image display consists of)

It is undisputed that Google uses and analyses this data even before you click the "I am not a robot" tick. With the Invisible reCAPTCHA version, there is even no ticking and the entire recognition process runs in the background. How much and which data Google stores exactly cannot be found out in detail from Google.

The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha/api2/demo. All of these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:

Name: IDE
Value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-111744127-8
This cookie is set by DoubleClick (also owned by Google) to register and report the actions of a user on the website when dealing with advertisements. In this way, the effectiveness of the advertising can be measured and appropriate optimisation measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year

Name: 1P_JAR
Value: 2019-5-14-12
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to show relevant advertisements to users. The cookie can also be used to prevent a user from seeing the same ad more than once.
Expiry date: after one month

Name: ANID
Value: U7j1v3dZa1117441270xgZFmiqWppRWKOr
Purpose: We could not find out much information about this cookie. In Google's data protection declaration, the cookie is used in connection with "advertising cookies" such as. B. “DSID”, “FLC”, “AID”, “TAID” mentioned. ANID is saved under the domain google.com.
Expiry date: after 9 months

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user's consent to the use of various Google services. CONSENT also provides security to check users, prevent fraudulent login information and protect user data from unauthorised attacks.
Expiry date: : after 19 years

Name: NID
Value: 0WmuWqy111744127zILzqV_nmt3sDXwPeM5Q
Purpose: NID is used by Google to adapt advertisements to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with advertisements. So you always get tailor-made advertisements. The cookie contains a unique ID in order to collect personal settings of the user for advertising purposes.
Expiry date: after 6 months

Name: DV
Value: gEAABBCjJMXcI0dSAAAANbqc111744127-4
Purpose: As soon as you have ticked the "I am not a robot" checkbox, this cookie will be set. The cookie is used by Google Analytics for personalised advertising. DV collects information in an anonymous form and is also used to distinguish between users.
Expiry date: after 10 minutes

Note: This list cannot claim to be complete, as experience has shown that Google changes the choice of their cookies again and again.

How long and where will the data be stored?

By inserting reCAPTCHA, your data will be transferred to the Google server. Where exactly this data is stored, Google is not clear, even after repeated inquiries. Without having received a confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings on the European or American Google Servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. The different data protection regulations of Google apply for this.

How can I delete my data or prevent data storage?

If you do not want any data about you or your behaviour to be transmitted to Google, you must completely log out of Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. To delete this data again, you must contact Google support at   https://support.google.com/?hl=de&tid=111744127

So if you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.

Please note that when you use this tool, your data can also be stored and processed outside of the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

Legal basis

If you have consented that Google reCAPTCHA may be used, the legal basis for the corresponding data processing is this consent. According to Art. 6 Paragraph 1 lit.

We also have a legitimate interest in using Google reCAPTCHA to optimise our online service and make it more secure. The corresponding legal basis for this is Article 6 (1) lit.f GDPR (legitimate interests).

You can find out a little more about reCAPTCHA on Google's web developer page at https://developers.google.com/recaptcha/. Google goes into the technical development of the reCAPTCHA in more detail here, but you will look in vain for precise information about data storage and data protection issues. A good overview of the basic use of data by Google can be found in the in-house data protection declaration at https://www.google.com/intl/de/policies/privacy/.

All texts are copyrighted.

Source: Created with with the data protection generator von from AdSimple