Hereinafter we inform you about the nature, scope and purpose of the processing of your personal data when using our website and online content. Personal data is any information that relates to an identified or identifiable natural person. The person responsible (“controller”) within the meaning of the EU General Data Protection Regulation (GDPR) is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data. The controller within the meaning of the GDPR for the personal data processed by the provider of this website and online service is:
Using our online service or website
When you visit our website, our server collects the following information from you: browser type and version, operating system used, the previously visited web page, IP address and time of the page view. From your IP address, we can not identify you in person. We also do not match your IP address with other data in such a way that such inference would be possible.
We collect and process this data in order to ensure the trouble-free operation of our website and to detect, fend off and prosecute a misuse of our services. Furthermore, we use the collected data for statistical purposes to evaluate, for example, with which terminals and browsers our platform is accessed in order to adapt our offer on the basis of the needs of users on an ongoing basis and to improve.
This data processing is based on Article 6 par. 1 f GDPR. The data will be deleted when they are no longer relevant to that why was collected for.
You also have the option to create a customer account on our website. The mandatory information required for this will be communicated to you in the entry mask and the entered data will be used for the purpose of using our service. We provide you with information relevant to the service or registration, such as changes in our offer or technical circumstances by e-mail. If you delete your customer account, your data will be deleted from the customer account, unless their storage is necessary for commercial or tax reasons (Art. 6 par. 1 c GDPR). It is your responsibility to back up your data before deleting your customer account. We are entitled to irretrievably delete all of your data stored during the term of the contract.
When registering and using the customer account, the IP address and the time of your respective use will be saved. The storage is based on our legitimate interests, as well as your interest in protection against misuse and other unauthorized use. A transfer of these data to third parties does not take place, unless it is necessary for the prosecution of our claims or there is a legal obligation in accordance with Art. 6 par. 1 c GDPR. The IP addresses will be anonymized or deleted after 7 days at the latest.
If you make use of the services and products offered on our site, we store the data you entered during the ordering process. This includes, in particular, your name, address, e-mail address, and other information voluntarily provided by you (such as a different delivery address or telephone number). We process this data electronically for the proper performance of the contract, in particular for the fulfillment of our contractual services, invoicing, accounting, and processing of complaints. This data processing is based on Article 6 par. 1 b GDPR. We store this data until all mutual claims arising from the respective contractual relationship with you have been completely settled and the commercial and fiscal retention periods to which we are subject have expired.
To conclude a contract between you and us, it is necessary that we receive your name, e-mail address and address. The necessity of providing this data arises, among other things, from various legal regulations. Without providing this data, you cannot conclude a contract with us.
We do not use any automated decision-making or profiling.
If you send us a message via the contact function on your website, we will process your personal data entered (your name and e-mail address) along with your message (legal basis: Article 6 par. 1 a GDPR). If you send us a message by e-mail, we will save your message along with the sender details (your name and e-mail address) in order to be able to answer it and also to respond to possible subsequent questions (legal basis: Article 6 par. 1 f GDPR). For the reception, storage and sending of e-mails, we use an e-mail provider who acts for us as a processor in accordance with Article 28 GDPR. We will erase the information collected from you once they are not needed for the purposes why they were collected for.
If you send us a message with information legally relevant for the contractual relationship (e.g. a withdrawal or a complaint), the legal basis for the processing is Article 6 par. 1 b GDPR, regardless of how you transmitted your message to us. In such a case, we will erase the data related to your message as soon as all mutual claims arising from the contractual relationship have been completely settled and the commercial and fiscal retention periods have expired.
Hereinafter we inform you about the contents of our newsletter as well as the registration procedure and its dispatch, as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.
We send you newsletters by e-mail only with your consent (legal basis: Art. 6 (1) lit. a, Art. 7 GDPR). Before subscribing to the newsletter, you will be informed about its contents and your consent only applies to these contents. Our newsletters contain information about our services and us.
After signing up for our newsletter, you will receive an e-mail asking you to confirm your registration and given data. This confirmation e-mail is used by us to prove whether the owner of the e-mail address as the data subject has authorized to receive the newsletter. Registration for the newsletter will be logged in order to prove your consent. For this purpose, your IP address will be stored at the time of the registration and its confirmation (legal basis: Art. 6 par. 1 lit. a GDPR). To subscribe to the newsletter we need your e-mail address. If you wish to be addressed personally in the newsletter, you can also optionally provide your name.
The cancellation of the newsletter – i.e. the revocation of your consent – is possible at any time. At the end of each newsletter email you will find a link to unsubscribe. In order to prove your original consent, we may store your signing-up data based on our legitimate interests.
You may find Social Media Buttons on your website; they can be recognized by the logos of the social media platforms (hereinafter “platforms”) (Facebook: blue “f”, Google Plus: red “g+”, Pinterest: red “p”, Twitter: blue bird silhouette). These are links to the respective platforms based in the United States (USA). Clicking on such a link calls the respective Platform’s website; at the same time, the IP address of your device and the address of the page where the link is placed (“Referrer”) will be transmitted to the Platform in the USA. However, we neither collect nor otherwise process any data related to the use of these social media buttons.
In the cookie information is stored, each resulting in connection with the specific device used. However, this does not mean that we are immediately aware of your identity.
In addition, to improve usability, we also use temporary cookies that are stored on your device for a specific period of time. If you visit our site again to take advantage of our services, you will automatically be notified that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.
The data processed by means of cookies are for the stated purposes in order to safeguard our legitimate interests as well as the third party according to Art. 6 para. 1 1 lit. f GDPR required.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or that a warning always appears before a new cookie is created. However, disabling cookies completely may mean that you can not use all features of our website.
Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this only takes place if it occurs for the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. We will only process your data in a third country if this is legally or contractually permitted under the special conditions of Arts. 44 et seq. GDPR. Thus, the processing is carried out, for example, on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA through the “Privacy Shield”) or compliance with legally recognised standard contractual clauses.
Integration of third-party services
Within our online offer, we make no representations or warranties of any kind based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 par. 1 lit. f. GDPR) content or service offerings from third parties to include content and services such as videos or fonts. The respective third party provider must receive the IP address of the user, as he cannot send the contents to the user’s browser without the IP address. The IP address is therefore required for the display of this content. We make every effort to use only those contents whose respective providers use the IP address only for the delivery of the contents.
We use the SSL procedure (Secure Socket Layer) within our website in conjunction with the highest encryption level, which is used by your browser. Usually this is a 256 bit encryption. Whether an individual pages of our web content offer a encrypted transfer can be recognized by the depiction of a closed key or key lock symbol in the status bar of your browser.
We use appropriate technical and organisational security measures to protect your data against accidental or wilful manipulation, partial or total loss, destruction or against unauthorised access by third parties. In doing so, we try to continuously improve our security measures and adapt them to technical developments.
With regard to your personal data we process, you have the following rights:
a) You have the right to obtain a confirmation from us as to whether we process personal data concerning you. If this is the case, we will inform you about the personal data stored about you and the further information.
b) You have the right to have your inaccurate personal data rectified without undue delay. Taking into account the purposes of processing, you also have the right to request the completion of incomplete personal data, including by means of providing a supplementary statement.
c) You can demand the erasure of your personal data concerning you.
d) You may demand that we restrict the processing of your data. You can request the restriction instead of an erasure.
e) We will communicate any rectification or erasure of your personal data and a restriction of processing to all recipients to whom we have disclosed your personal data, unless this proves impossible or involves a disproportionate effort. We will also inform you about these recipients if you request it.
f) You have the right to receive the personal data which you provide to us in a structured, commonly used and machine-readable format. You may also request that we transmit the data to another controller without hindrance, where technically feasible.
g) As far as a data processing is based on your given consent, you have the right to, withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the data processing based on consent before its withdrawal.
If you believe that the processing of your personal data is in breach of the GDPR, you may lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. This does not exclude other administrative or judicial remedies.