§ 2 Your rights
(1) You have the following rights towards us with regard to your personal data: – Right to information, – Right to correction or deletion, – Right to restriction of processing, – Right to refusal of processing, – Right to data portability. (2) You also have the right to lodge a complaint about our processing of your personal data with a data protection regulatory body.
§ 3 Collection of personal data when you visit our website
§ 4 Other functions and offers on our website
(1) As well as the purely informational use of our website, we offer various services that you may use if they interest you. To do so, you must generally provide further personal data, which we use in order to provide the respective service and to which the above-mentioned principles of data processing apply. (2) We sometimes use external service providers to process your data. They have been carefully selected and commissioned by us, are bound to our instructions and are regularly monitored. (3) We can also pass your personal data on to third parties if we offer special offer participation, lotteries, contract conclusions or similar services together with partners. You can find more information about this if you enter your personal data or below in the description of the offer. (4) If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you about the consequences of this in the description of the offer.
§ 5 Use of our webshop
(1) If you wish to order in our webshop, it is necessary for the conclusion of the contract that you provide personal data that we require in order to process your order. Mandatory fields for the conclusion of contracts are specially marked; other information is voluntary. We process the data you pro-vide in order to complete your order. For this purpose, we can pass your payment details on to our company bank. The legal basis for this is Article 6 (1) sentence 1 lit. b GDPR. You can voluntarily set up a customer account through which we can save your data for other, subsequent purchases. When setting up an account under “My account”, the data you provide are revocably stored. You can delete all further data, including your user account, at any time in the customer area. We can also process the data provided by you in order to inform you about other interesting products in our portfolio or to send you emails with technical information. (2) Due to commercial and tax law requirements, we are obliged to save your address, payment and order data for the duration of ten years. However, after [two years] we restrict processing, i.e. your data are only used to comply with legal requirements. (3) To prevent unauthorised access by third parties to your personal data, especially financial data, the order process is encrypted by TLS technology.
§ 6 Newsletter
(1) With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers about our goods and services. (2) To register for our newsletter, we use the so-called double-opt-in process. This means that after you register, we send an email to the email address you gave asking for confirmation that you wish to receive the newsletter. If you do not confirm your registration you will not receive our newsletter and we will not store your e-mail address. In addition, we save the IP addresses you used and the times of registration and confirmation. The purpose of the process is to prove your registration and, if necessary, to investigate possible misuse of your personal information. (3) The only obligatory information for transmission of the newsletter is your email address. After your confirmation, we store your email address for the purpose of sending the newsletter. The legal basis is Article 6 (1) sentence 1 lit. a GDPR. (4) You can revoke your consent to transmission of the newsletter and unsubscribe to the newsletter at any time. You can revoke it by clicking on the link provided in every newsletter email or by sending a message to the contact point given in the legal notice. (5) Please note that we evaluate your user behaviour when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels which display one-pixel image files which are saved on our website. For the evaluations, we link the files named in § 3 and the web beacons with your email address and an individual ID. Using the data obtained, we create a user profile in order to customise the newsletter to your individual interests. To do so, we record when you read our newsletters and which links you click in them, and we draw conclusions about your personal interests from this. We link this data with the actions carried out by you on our website. You can revoke this tracking at any time by clicking on the special link that is provided in every email or inform us through another communication channel. The information is saved as long as you have subscribed to the newsletter. After logging out, we only save the data for statistical purposes and anonymously. This tracking is also not possible if you have deactivated the display of images as standard in your email programme. In this case, the newsletter will not be shown completely and you may not be able to use all the functions. If you display the images manually, the above-mentioned tracking occurs.
§ 7 Revocation or withdrawal of consent to the processing of your data
(1) If you have agreed to the processing of your data, you can revoke this at any time. After you have pronounced it to us, the revocation influences the permissibility of processing your personal data. (2) If we base the processing of your personal information on consideration of interests, you can revoke your consent to processing. This is the case, in particular, if processing is not necessary for fulfilment of a contract with you, which is always outlined by us in the subsequent description of the functions. When exercising the right of revocation, we ask you to cite the reasons why we should not process your personal information as we have previously done. In the case of a justified revocation, we will examine the situation and either stop or adjust the data processing or convey to you our protection-worthy and necessary reasons for continuing the processing. (3) Of course, you can revoke consent to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us of your advertising revocation by sending a message to the contact information given in the legal notice.
§ 8 Web analytics – Use of Google Analytics
(1) This website uses Google Analytics, a web analysis service by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and which enable an analysis of your use of the website. The information about your use of this website generated by the cookie is generally transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will first be shortened by Google within member states of the European Union or other contracting member states of the European Economic Area. Only in exceptional cases will the complete IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information in order to evaluate your use of the website, to compile reports about website activities and to pro-vide further services connected with website use and internet use for the website operator. (2) The IP address transmitted from your browser within Google Analytics is not connected with other data from Google.
§ 9 Social media – Use of social media plug-ins
(1) We currently use the following social media plug-ins: [Facebook, Google+, Twitter]. We use the so-called two-click solution for this. This means that when you visit our site, fundamentally no personal data will be initially transmitted to the providers of the plug-ins. You can recognise the provider of the plug-in via the label on the box above its initial letters or the logo. We offer you the possibility of communicating with the provider of the plug-in directly via the button. The plug-in provider only receives the information that you have called up the corresponding page of our online presence if you click on the demarcated field to activate it. The data named under § 3 of this statement are also transmitted. In the case of Facebook and Xing, according to the respective providers in Germany, the IP address is anonymised immediately after collection. When the plug-in is activated, your personal data are therefore transmitted to the respective plug-in provider and stored there (in the USA in the case of US providers). Since the plug-in provider carries out data capture using cookies in particular, we recommend that you delete all cookies before clicking on the greyed-out box above the security settings of your browser. (2) We have no influence on the data captured or the data processing procedures, nor do we know the entire scope of data collection, the purpose of processing or the retention periods. We also have no information about the deletion of the collected data by the plug-in provider. (3) The plug-in provider stores the data collected about you as user profiles and uses them for the purposes of advertising, market research and/or the needs-based design of their website. Such an evaluation takes place, in particular (even for users who are not logged in) to provide needs-based advertising and in order to inform other users in the social network about your activities on our web-site. You have the right to revoke the creation of these user profiles, although you must contact the respective plug-in provider to exercise this right. Via the plug-ins, we offer you the opportunity to interact with social networks and other users so that we can improve our website presence and make it more interesting for you as a user. The legal basis for the use of plug-ins is Article 6 (1) sentence 1 lit. f GDPR. (4) Data transmission takes place regardless of whether you have an account with the plug-in provider and are logged on there. If you are logged on to a plug-in provider, your data collected by us are directly associated with the account you have with the plug-in provider. If you click on the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and communicates it publicly to your contacts. We recommend that after using a social network, you regularly log out, but in particular before activating the button, since this enables you to avoid association with your profile by the plug-in provider. (5) You can find more information about the purpose and scope of data collection and pro-cessing by the plug-in provider in their data protection statements, which are given below. You can also find further information there on your rights in this regard and the setting options to protect your privacy. (6) Addresses of the respective plug-in providers and URLs with their data protection notices: a) [Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. c) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
§ 10 Web Analytics – Use of Hotjar
You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link: https://www.hotjar.com/legal/compliance/opt-out