Privacy Policy
E-FARM GmbH takes the protection of personal data very seriously. The protection of your privacy when using our websites is important to us. Therefore, we strictly adhere to the rules of the data protection laws of the Federal Republic of Germany (BDSG), the Telemedia Act (TMG) and the European Data Protection Regulation (GDPR). Insofar as reference is made to the GDPR in this data protection declaration, it is clarified that this will only apply from 25 May 2018. Prior to this, the legal basis is the BDSG.
This data protection declaration informs you about the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content connected with it as well as external online presences, such as our social media profiles (hereinafter jointly referred to as "online offer"). With regard to the terms used, such as "processing" or "controller", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Person responsible within the meaning of the GDPR
E-FARM GmbH
Kleine Reichenstraße 1
20457 Hamburg
Deutschland
Email: info@e-farm.com
Telefon: +49 40 466 44 811
Contact details of the data protection officer:
PROLIANCE GmbH
www.datenschutzexperte.de
Datenschutzbeauftragter
Leopoldstr. 21
80802 München
E-Mail: datenschutzbeauftragter@datenschutzexperte.de
Telefon: +49 89 2500 39 222
Definitions
Our privacy policy is intended to be simple and understandable for everyone. In this privacy policy, the official terms of the General Data Protection Regulation (GDPR) are generally used. The official definitions are explained in Art. 4 GDPR.
Types of data processed:
- Inventory data (e.g., names, addresses).
- Contact data (e.g., email, phone numbers).
- Content data (e.g., text entries, photographs, videos).
- Usage data (e.g., web pages visited, interest in content, access times).
- Meta/communication data (e.g., device information, IP addresses).
Categories of persons concerned
Visitors and users of the online offer (hereinafter we also refer to the data subjects collectively as "users"). Purpose of the processing
- Provision of the online offer, its functions and contents.
- Responding to contact requests and communicating with users.
- Security measures.
- Reach measurement/marketing
Relevant legal bases
In accordance with Art. 13 GDPR, we inform you about the legal basis of our data processing. If the legal basis is not stated in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and implementation of contractual measures as well as answering enquiries is Art. 6 (1) lit. b GDPR, the legal basis for processing for the performance of our legal obligations is Art. 6 (1) lit. c GDPR, and the legal basis for processing for the protection of our legitimate interests is Art. 6 (1) lit. f GDPR. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) lit. d GDPR serves as the legal basis.
Security measures
We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, input, disclosure, ensuring availability and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, deletion of data and response to data compromise. Furthermore, we already take the protection of personal data into account in the development and selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).
Cooperation with processors and third parties
If we disclose data to other persons and companies (processors or third parties) in the course of our processing, transmit it to them or otherwise grant them access to the data, this is only done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) lit. b GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.
Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done if it is done in order to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or allow the processing of data in a third country if the special requirements of Art. 44 and following of the GDPR. I.e. a transfer of personal data to the USA by us or our third party service providers (on the website) only takes place if other suitable guarantees are provided in accordance with Art. 46 of the GDPR or if an exceptional circumstance exists in accordance with Art. 49 of the GDPR.
Rights of the data subjects
In the following, you will find information about your data subject rights, which the current data protection law grants you against the controller concerning the processing of personal data:
The right, pursuant to Art. 15 GDPR, to obtain information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your data has been or will be disclosed, the envisaged period for which the data will be stored, the existence of the right to request from the controller rectification or erasure or personal data or restriction of processing of personal data concerning you or to object such processing, the existence of a right to lodge a complaint with a supervisory authority, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved, as well as the significance and the envisaged consequences.
The right to obtain without undue delay the rectification of inaccurate personal data concerning you. in accordance with Art. 16 GDPR.
The right to request the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right of freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
The right, pursuant to Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is contested by you, the processing is unlawful, but you oppose the erasure and we no longer need the data for the purposes of processing, but they are required by you for the establishment, exercise or defence of legal claims or you have filed an objection against the processing pursuant to Art. 21 GDPR.
The right, in accordance with Art. 20 GDPR, to receive the personal data concerning you, which you have provided to us in in a commonly used and machine-readable format and the right to transmit those data to another controller.
The right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR, in particular in the Member State of your habitual residence, place of work.
Right to withdraw
The right to withdraw your given consent pursuant to Art. 7 (3) GDPR with effect in the future at any time. You have the right to withdraw your given consent concerning the processing of your personal data with effect for the future at any time. In the event of withdrawal, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Right to object
If your personal data is processed by us based on legitimate interests pursuant to Art. 6 (1) lit. f GDPR, you have the right, pursuant to Art. 21 GDPR, to object at any time to the processing of your personal data on grounds relating to your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement of stating a particular situation.
If you wish to exercise your right of withdrawal, objection or any of your other rights, simply send an e-mail to info@e-farm.com.
Cookies and right to object to direct advertising
Our website uses so-called “cookies”. Cookies are small text files that are either temporarily stored on your end device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or an automatic solution is provided by your web browser.
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or language settings). Other cookies are used to evaluate user behavior or display advertising.
Technically necessary cookies are stored on the basis of Art. 6 (1) lit. f GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimised presentation of our services. Other cookies are only stored with your consent on the basis of Art. 6 (1) lit. a GDPR. This consent can be withdrawn at any time for the future. The legal basis may also result from Art. 6 (1) lit. b GDPR if the processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.
Insofar as cookies are used for analysis purposes, we will inform you of this separately within the framework of this privacy policy and obtain your consent.
You can set your browser to • be informed about the setting of cookies, • only allow cookies in individual cases, • exclude the acceptance of cookies for certain cases or generally, • activate the automatic deletion of cookies when the browser is closed.
The cookie settings can be managed under the following links for each browser: • Google Chrome • Mozilla Firefox • Edge (Microsoft) • Safari • Opera
You can also manage cookies of many companies and functions used for advertising individually. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.
Most browsers also offer a so-called "do-not-track function". When this feature is enabled, the browser tells ad networks, websites, and applications that you do not want to be "tracked" for behavioural advertising and the like.
For information and instructions on how to edit this feature, please refer to the links below, depending on your browser provider:
• Google Chrome
• Mozilla Firefox
• Edge (Microsoft)
• Safari
• Opera
Additionally, you can prevent the loading of so-called scripts by default. "NoScript" allows the execution of JavaScripts, Java and other plug-ins only at trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).
Please note that if you disable cookies, the functionality of our website may be limited.
Deletion of data
The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 GDPR. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.
According to legal requirements in Germany, data is stored for 10 years in accordance with §§ 147 (1) AO, 257 (1), (4) HGB (books, records, management reports, accounting vouchers, commercial books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 (1), (4) HGB (commercial letters).
According to legal requirements in Austria, retention takes place in particular for 7 years pursuant to § 132 (1) BAO (accounting records, vouchers/invoices, accounts, receipts, business papers, statement of income and expenditure, etc.), for 22 years in connection with real property and for 10 years for records in connection with electronically provided services, telecommunications, radio and television services provided to non-entrepreneurs in EU Member States and for which the Mini-One-Stop-Shop (MOSS) is claimed.
Contacting
If you send us requests via our contact form or email, your details from the contact form or email, including the contact data you have provided there, will be stored for the purpose of processing your request and in the event of follow-up questions. You are required to provide an email address to contact us. Your name and telephone number are optional. Under no circumstances will we pass on this data without your consent. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f GDPR and, if applicable, Art. 6 (1) lit. b GDPR, provided that your request is aimed at concluding a contract. Your data will be deleted after final processing of your request, provided that there are no legal storage obligations to the contrary. You can object to the processing of your personal data at any time in the case of Art. 6 (1) lit. f GDPR. Newsletter
If you would like to receive the newsletter offered on our website with regular information about our offers and products, we need your email address as a mandatory information. We use the so-called double opt-in procedure for sending the newsletter. This means that we will not send you our newsletter by email until you have expressly confirmed that you agree to the dispatch of newsletters. In the first step, you will receive an email with a link to confirm that you, as the owner of the corresponding email address, would like to receive the newsletter in the future. With the confirmation you give us your consent according to Art. 6 (1) lit. a GDPR that we may use your personal data for the purpose of the desired newsletter dispatch.
When registering for the newsletter, in addition to the email address required for sending the newsletter, we store the IP address via which you have registered for the newsletter as well as the date and time of registration and confirmation so that we can trace any possible misuse at a later point in time.
You can cancel the newsletter at any time via the link inserted in each newsletter or by sending an email to the above-mentioned responsible party. After your cancellation, your email address will be deleted from our newsletter distribution list immediately, unless you have explicitly consented to continued use of the data collected or continued processing is otherwise legally permissible.
SendGrid
SendGrid is a communication service provider for transactional and marketing emails and sends emails to our customers for us.
If you would like to receive this service, we require your e-mail address as mandatory information.
We use the so-called double opt-in procedure to send the e-mails. This means that we will only send you e-mails after you have expressly confirmed that you give your consent. With the confirmation, you give us your consent in accordance with Art. 6 para. 1 lit. a GDPR to use your personal data for the purpose of sending the requested e-mail.
With the registration, we store, in addition to the e-mail address required for sending, the IP address by which you registered, as well as the date and time of registration and confirmation, to be able to track possible misuse later. The legal basis for this is our legitimate interest according to Art. 6 para. 1 lit. f GDPR.
You can unsubscribe from the e-mail dispatch at any time via the link included in each e-mail. After unsubscribing, your e-mail address will be deleted from our mailing list immediately, unless you have expressly consented to the continued use of the collected data, or the continued processing is otherwise permitted by law.
Our e-mails are sent via a technical service provider to whom we pass on the data you provided when registering. We have entered into an order processing agreement with our email service provider, in which we oblige them to protect our customers' data and not to pass it on to third parties.
Service provider: SendGrid, Inc.
Address: 1801 California Street, Suite 500, Denver, CO 80202, USA
Privacy policy: https://www.twilio.com/legal/privacy
Since there is a transfer of personal data to a third country (USA), further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we endeavor to obtain additional regulations and commitments from the recipient in the third country.
The service provider uses the information from the registration to send and statistically evaluate the e-mails on our behalf based on your consent pursuant to Art. 6 (1) lit. a GDPR. For the evaluation, the sent emails contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether an e-mail has been opened and which links, if any, have been clicked on. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action has taken place after clicking on the link in an e-mail. In addition, technical information is recorded (e.g., time of retrieval, IP address, browser type and operating system). The data is collected exclusively pseudonymously and is not linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for the statistical analysis. The results of these analyses can be used to better adapt future e-mails to the interests of the recipients.
If you wish to revoke your consent to data analysis for statistical evaluation purposes, you must unsubscribe from the e-mail delivery.
Nimbata
On our website, we use the cloud-based call tracking solution Nimbata from the provider Nimbata LLC (6 Liberty Square, Boston, MA 02109, USA). Nimbata helps us track which marketing campaigns result in calls to our company.
Using cookies, Nimbata assigns certain tracking numbers to users and interactions that allow us to determine the source of incoming call activity. In doing so, your IP address, device information, and assigned tracking ID are processed and may be linked to data from our marketing campaigns. The setting of cookies and the processing of your personal data in this context is based on your consent pursuant to Art. 6 (1) a) GDPR.
You can find more information about Nimbata’s privacy practices here: https://www.nimbata.com/privacy-policy
Trustpilot
We use the services of Trustpilot A/S (Pilestræde 58 1112 Copenhagen, Denmark) for our website. We may contact you by email to invite you to rate the service you have received from us to gather your feedback and improve our service. Because we work with an outside company, Trustpilot A/S ("Trustpilot"), to collect customer feedback, we will share your name, email address, and reference number with Trustpilot for this purpose. If you submit a rating after we have sent you a request by e-mail, your rating is attributable to us via the e-mail address. We do not store the data on the ratings outside of Trustpilot. The legal basis for data processing is your consent in accordance with Art. 6 Para. 1 lit. a GDPR. We may use your reviews for advertising and promotional purposes. The legal basis for this is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. We have concluded a so-called order processing agreement with Trustpilot, by which Trustpilot is obliged to protect the data of our website users and not to pass it on to third parties. If you would like to learn more about how Trustpilot processes your data, you can view the company's privacy policy here https://de.legal.trustpilot.com/for-reviewers/end-user-privacy-terms.
Sparkcentral
To bundle messages that reach us via social interaction channels, we use the Sparkcentral tool, which is operated by Hootsuite Inc, 111 East 5th Avenue, Vancouver, BC, V5T 4L1. The tool aggregates all activity, mentions and messages directed to us on the social media channels Facebook, LinkedIn, Instagram, Trustpilot, Google MyBusiness as well as Mailchimp. We receive all data submitted by the user, i.e., username, time, text content, medium. Comments within Facebook groups are displayed anonymously in Hootsuite. The legal basis for data processing is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. We have concluded a so-called order processing agreement with Hootsuite for our use of Sparkcentral, through which Hootsuite is obligated to protect the data of our website users and not to pass it on to third parties. Since a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the data protection level of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the USA. For more information, please see the Hootsuite privacy policy: https://www.hootsuite.com/legal/privacy.
Hosting
This website is hosted by an external service provider (hoster). This website is hosted in Kiel. Personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, web page accesses and other data generated by a website.
We have concluded a Data Processing Agreement with the provider in accordance with the requirements of Art. 28 GDPR, in which we commit him to protect the data of our customers and not to pass them on to third parties.
Content-Delivery-Network Cloudflare
Our website uses the services of Cloudflare Inc. (USA) for secure encrypted data transmission on the Internet (SSL), to improve global website performance through the Cloudlflare Content Delivery Network (CDN) and to improve security and protect against hacker attacks through the Cloudflare Web Application Firewall (WAF). It is possible that Cloudflare uses its own cookies to provide these services.
Cloudflare generally only forwards that data which is controlled by website operators. The content is therefore not determined by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information on the use of our website and process data that is sent by us or for which Cloudflare has received appropriate instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data and website performance data derived from browser activity. Log data helps Cloudflare to detect new threats, for example. In this way, Cloudflare can ensure a high level of security protection for our website.
For security reasons, Cloudflare also uses a cookie. The cookie (__cfduid) is used to identify individual users behind a shared IP address and to apply security settings for each individual user. This cookie is absolutely necessary for Cloudflare's security features and cannot be disabled.
In general, Cloudflare stores user-level data for domains in the Free, Pro and Business versions for less than 24 hours. Cloudflare only retains data logs for as long as necessary and this data is also deleted within 24 hours in most cases. Cloudflare also does not store any personal data, such as your IP address. However, there is information that Cloudflare stores indefinitely as part of its permanent logs in order to improve the overall performance of Cloudflare Resolver and to identify any security risks.
To find out exactly what permanent logs are stored, please visit https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/. All data that Cloudflare collects (temporary or permanent) is scrubbed of any personally identifiable information. All permanent logs are also anonymised by Cloudflare.
You can also completely prevent all collection and processing of your data by Cloudflare by disabling the execution of script code in your browser or by including a script blocker in your browser.
As there is a transfer of personal data to the USA, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the USA.
We have concluded an Data Processing Agreement with Cloudflare. You can find more detailed information about data protection and Cloudflare at: https://www.cloudflare.com/de-de/gdpr/introduction/
Criteo
We use online marketing services provided by Criteo GmbH on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offering within the meaning of Art. 6 (1) lit. f. GDPR), we use the online marketing services of the provider Criteo GmbH, Gewürzmühlstr. 11, 80538 Munich, Germany.
Criteo's services allow us to display advertisements for and on our website in a more targeted manner in order to present users only with ads that potentially match their interests. If, for example, a user is shown ads for products in which he or she has shown interest on other websites, this is referred to as "remarketing". For these purposes, when our website and other websites on which Criteo is active are called up, a code from Criteo is executed directly by Criteo and so-called (re)marketing tags (invisible graphics or code, also referred to as "web beacons") are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). This file records which web pages the user has visited, which content he or she is interested in and which offers he or she has clicked on, as well as technical information on the browser and operating system, referring web pages, time of visit and other information on the use of the online offer. Criteo may also combine the aforementioned information with information from other sources. If the user subsequently visits other websites, he or she can be shown ads tailored to his or her interests.
The processing of user data is pseudonymous, i.e. no clear user data (such as names) is processed and IP addresses of users are shortened. Processing only takes place on the basis of an online identifier, a technical ID. Any IDs (e.g. of a customer care system) or e-mail addresses provided to Criteo are encrypted and stored as a series of characters that do not allow identification.
For more information and to opt out of the collection of data by Criteo, please refer to Criteo's privacy policy: https://www.criteo.com/de/privacy/.
Google Ads
We use "Google Ads" on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). Google Ads is used by us for marketing and optimisation purposes, in particular to display ads that are relevant and interesting to you.
If you have given us your consent to do so in accordance with Art. 6 (1) lit. a GDPR, we can use Google Ads to draw attention to our attractive offers by using advertising material on external websites. This enables us to determine how successful individual advertising measures are.
These advertising media is delivered by Google via so-called "AdServers". We use AdServer cookies for this purpose, through which certain parameters for measuring success, such as the display of the ads or clicks by users, can be measured.
If you reach our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually expire after 30 days. They are not intended to identify you personally. The following information is usually stored as analysis values for this cookie: Unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wishes to be contacted). These cookies enable Google to recognize your web browser. If a user visits certain pages of an ad client's website and the cookie stored on their computer has not expired, Google and the client will be able to tell that the user clicked on the ad and was redirected to that page. A different cookie is associated with each ad client. As a result, cookies cannot be tracked through the websites of ad clients. We ourselves do not collect and process any personal data in the advertising measures mentioned above. We only receive statistical evaluations from Google. By means of these evaluations we can recognize which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify the users on the basis of this information.
Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. To the best of our knowledge, Google receives the information that you have called up the relevant part of our website or clicked on an advertisement from us. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out and save your IP address.
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
Further information on data use by Google, on setting and objection options as well as on data protection can be found on the following Google websites:
-
Privacy policy: https://policies.google.com/privacy
-
Google website statistics: https://services.google.com/sitestats/en.html
You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. Please note that in this case you may not be able to use all functions of our website to their full extent. You can also prevent the storage of cookies by setting your web browser to block cookies from the domain "www.googleadservices.com" (https://www.google.de/settings/ads). We would like to point out that this setting will be deleted if you delete your cookies. In addition, you can deactivate interest-related advertisements by clicking on the link http://optout.aboutads.info. Please note that this setting will also be deleted if you delete your cookies.
Google Tag Manager
This website uses the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). This service allows website tags to be managed through an interface. The Google Tag Manager only implements tags. This means that no cookies are used and only the user's IP address is transmitted to Google to establish a connection. The Google Tag Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made on domain or cookie level, it will remain for all tracking tags as long as they are implemented with the Google Tag Manager.
We use the Google Tag Manager on the basis of our legitimate interest under Art. 6 (1) lit. f GDPR. Our legitimate interest here is to enable the technical integration of other website tools.
Since a transfer of personal data (IP address) to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
Further information on data privacy regarding Google can be found here: https://policies.google.com/privacy?hl=en&gl=en
Google Analytics
Our website uses Google Analytics, an internet analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called "cookies" and web beacons. Google will use this information on behalf of the operator of this website to evaluate your use of the website and to create reports on website activity. Google will also use this information to provide the website operator with further services related to the use of the website and the internet. The IP address sent by your browser in the context of Google Analytics is not combined with other data from Google. Processing is carried out in accordance with Art. 6 (1) lit. a GDPR on the legal basis of your given consent.
We use Google Analytics only with activated IP anonymisation. This means that your IP address will only be further processed by Google in abbreviated form.
We have concluded a Data Processing Agreement with the service provider in which we oblige him to protect the data of our customers and not to pass them on to third parties.
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
The terms of use of Google Analytics and information on data protection can be accessed via the following links:
http://www.google.com/analytics/terms/
https://policies.google.com/privacy
The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. User and event-level data associated with cookies, user IDs (e.g., User ID), and advertising IDs (e.g., DoubleClick cookies, Android Advertising ID, IDFA) will be deleted no later than 14 months after collection.
You can prevent cookies from being saved by adjusting the settings of your browser software accordingly. Please note, however, that if you do so you may not be able to use all the functions of this website without restriction. You can also prevent Google from collecting the data generated by the cookie and analysing your use of the website (including your IP address) and processing this data by Google by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout.
Facebook-Pixel and Conversion
We use "Facebook Pixel" on our website, a service of Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter referred to as: "Facebook").
Provided you have given us your consent in accordance with Art. 6 (1) lit. a GDPR, we use Facebook Pixel for marketing and optimisation purposes, in particular to place relevant and interesting advertisements on Facebook and thus improve our offer, make it more interesting for you as a user and avoid annoying advertisements.
Facebook Pixel enables Facebook to display our ads on Facebook, so-called "Facebook Ads" only to those Facebook users who were visitors to our website, in particular those who showed interest in our online offer. In this case, Facebook Pixel also enables us to check whether a user was redirected to our website after clicking on our Facebook Ads. Among other things, Facebook Pixel uses cookies, i.e. small text files that are stored locally in the cache of your web browser on your end device. If you are logged into Facebook with your user account, the visit to our online offer will be noted in your user account. The data collected about you is anonymous to us, so we cannot draw any conclusions about the identity of the user. However, this data can be linked by Facebook with your user account there. If you have a user account on Facebook and are registered, Facebook can assign the visit to your user account.
As a transfer of personal data to the USA takes place, further protective mechanisms are required to ensure the level of data protection under the GDPR. In order to guarantee this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we will endeavour to obtain additional regulations and commitments from the recipient in the USA.
Further information on data protection from the third party provider can be found on the following Facebook website: https://www.facebook.com/about/privacy.
Information on Facebook Pixel can be found on the following Facebook website: https://www.facebook.com/business/help/651294705016616
You can make the relevant settings for which types of advertisements are displayed to you within Facebook on the following Facebook website: https://www.facebook.com/settings?tab=ads.
We would like to point out that this setting is deleted when you delete your cookies. In addition, you can deactivate cookies that are used to measure reach and advertising purposes via the following websites: http://optout.networkadvertising.org/ http://www.aboutads.info/choices http://www.youronlinechoices.com/uk/your-ad-choices/
Please note that this setting is also deleted when you delete your cookies.
Facebook Custom Audiences
We use "Facebook Custom Audiences" on our website, a remarketing tool of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour Dublin 2, Ireland (hereinafter referred to as "Facebook"). Facebook Custom Audiences enables us to display interest-based advertisements, so-called "Facebook Ads", to visitors to our website as part of a visit to the social network Facebook or as part of a visit to other websites that also use Facebook Custom Audiences.
By using "Facebook Custom Audiences" your web browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of Facebook Custom Audiences. To the best of our knowledge, Facebook receives the information that you have called up the relevant part of our website or clicked on an advertisement from us. If you have a user account with Facebook and are registered, Facebook can assign the visit to your user account. Even if you are not registered with Facebook or have not logged in, it is possible that Facebook will find out and store your IP address and, if necessary, other identifying features.
We use Facebook Custom Audiences for marketing and optimization purposes, in particular to display ads that are relevant and interesting for you and thus improve our offer and make it more interesting for you as a user. The legal basis is Art. 6 (1) lit. a GDPR (consent).
We have concluded a Data Processing Agreement with our service provider Facebook in which we commit Facebook to protect our customers' data and not to pass it on to third parties.
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
For more information about Facebook’s privacy practices, please visit the following Facebook website: https://www.facebook.com/about/privacy
The deactivation of Facebook Custom Audiences is possible for logged-in users at https://www.facebook.com/settings/?tab=ads#_.
Please note that this setting is also deleted when you delete your cookies.
Facebook Conversions API
We use “Conversions API” on our website, a service provided by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour Dublin 2, Ireland (hereinafter referred to as: “Meta/Facebook”).
If you have given us your consent in accordance with Art. 6 para. 1 lit. a GDPR, we use Conversions API for marketing and optimization purposes, in particular to place relevant and interesting ads for you on Facebook.
How Conversions API works:
Conversions API is an interface through which we can send tracking and event data to Meta. Conversions API enables Meta to display our ads on Facebook, so-called “Facebook ads”, only to those Facebook users who have visited our website, in particular those who have shown interest in our online products and services. In this case, Conversions API also makes it possible to check whether a user was redirected to our website after clicking on our Facebook ads.
Processed data:
Conversions API processes personal identifiers such as the IP address and other personal data generated during your website visit (product views, purchases, shopping carts, etc.). In addition, so-called http header information is also processed, e.g. which browser you are using. If you have a Facebook user account, it is generally possible for Meta to link this information to you personally. However, this does not allow us to draw any conclusions about your identity. In addition, “ interface data” may be processed; this refers to information about your interaction with our website, e.g. the opening of subpages or the use of a shopping cart.
Purposes:
• For marketing purposes, we pass on button click data (see above) to Meta so that Meta can provide us with measurement and analysis services. We use these to optimize our website.
• We also transmit personal contact information in this context. Meta matches this with Facebook user IDs and combines this with information about your use of our website. This helps us to optimize our advertisements.
Information that can identify you is only passed on to Meta in the form of a “hash”. This is an identifier determined by mathematical methods (from the above-mentioned information about you), which on the one hand enables Meta to compare the information, but on the other hand cannot be assigned to you without the use of additional information, or only with great effort.
In this context, Meta processes data on our behalf.
Joint data processing with Meta:
In addition, we use Meta Custom Audiences for the purpose of carrying out advertising campaigns tailored to specific target groups. In doing so, we transmit click data to Meta. The provider Meta supports us by creating target groups based on other such button click data that it has about its users. We are jointly responsible with Meta for the collection, transmission and use of this data. We or Meta are solely responsible for all further data processing.
We have concluded an agreement with Meta that regulates the responsibility for the fulfillment of data protection obligations in joint data processing. This agreement stipulates, among other things, that we are obliged to inform you about this data processing in accordance with Art. 13, 14 GDPR. Meta, on the other hand, is responsible for fulfilling your claims arising from your rights under Art. 15 - 20 GDPR (e.g.: right to information and deletion). If we receive a corresponding request, we will forward it to Meta. Further information on this can be found at https://www.facebook.com/about/privacy .
Transfers to third countries:
Meta will transfer your personal data to recipients in countries outside the EEA, in particular to its parent company Meta Platforms, Inc. For these transfers, there is an adequacy decision of the EU Commission (Art. 45 para. 1 GDPR) in accordance with the so-called EU-U.S. Data Privacy Framework. If, in certain cases, there is no valid adequacy decision or data is transferred to third countries without an adequate level of data protection, we have also agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.
Further information on data transfers at Meta can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum/update
Further information from the third-party provider on data protection can be found on the following Facebook website: https://www.facebook.com/about/privacy. Information on Conversions API can be found on the following Facebook website: https://www.facebook.com/business/tools/facebook-conversions-api?ref=search_new_0.
Microsoft Bing Ads
On our pages, we use the conversion tracking of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
If you have given us your consent in accordance with Art. 6 (1) lit. a GDPR, Microsoft Bing Ads will store a cookie on your computer if you have accessed our website via a Microsoft Bing advertisement. In this way, Microsoft Bing and we can recognise that someone has clicked on an ad, been redirected to our website and reached a previously determined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the identity of the user is disclosed.
We have concluded an order processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass it on to third parties.
As a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured by this contractual extension, we will endeavour to obtain additional regulations and commitments from the recipient in the USA.
If you do not want information about your behaviour to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this - for example, by means of a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website, as well as the processing of this data by Microsoft, by clicking on the following link: https://account.microsoft.com/privacy/ad-settings/signedout?lang=de-DE to declare your objection.
Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement.
Online presence in social media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.
Google Fonts
This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") for the uniform display of fonts. Google Web Fonts enables us to use external fonts, so-called Google Fonts. The integration of these web fonts is carried out locally by our server.
As a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured by this contractual extension, we endeavour to obtain additional regulations and assurances from the recipient in the USA.
We use Google Web Fonts for optimisation purposes, in particular to improve the use of our website for you and to make its design more user-friendly. This is also our legitimate interest according to Art. 6 (1) lit. f GDPR.
Further information on data protection can be found in Google's data protection declaration: http://www.google.de/intl/de/policies/privacy.
Further information on Google Web Fonts can be found at http://www.google.com/webfonts/, https://developers.google.com/fonts/faq?hl=de-DE&csw=1 and https://www.google.com/fonts#AboutPlace:about.
Google ReCaptcha
On this website we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function is primarily used to distinguish whether an entry is made by a natural person or is abused by machine and automated processing. The service includes the sending of the IP address and, if applicable, further data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in determining individual personal responsibility on the Internet and the prevention of abuse and spam. The use of Google reCAPTCHA may also involve the transmission of personal data to the servers of Google LLC. in the USA.
Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.
Microsoft Clarity
On our website we use Microsoft Clarity, a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. “Microsoft Clarity" is a Microsoft procedure in which analysis is carried out on the basis of a pseudonymous user ID, such as the evaluation of performance data for certain designs and mouse movements on the website. The analysed data should be used to be able to send you personalised and interest-based advertising on the basis of the user profile created, as well as to carry out conversion and reach measurement. The settings of Clarity are configured in such a way that the data collection by Microsoft already takes place via so-called IP-masking in pseudonymised form. The data processing is based on your consent in accordance with Art. 6 para. 1 a) GDPR. The following data is processed in pseudonymised form: • Usage data (page visited, time of access) • Device information • IP address • location data • Movement data (mouse and scroll movements)
Since a transfer of personal data by Microsoft to affiliates and sub-processors to countries outside the EU and EEA is possible, further appropriate safeguards are required to ensure the level of data protection under the GDPR. For the U.S., there is an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR regarding companies with certification under the EU-U.S. Data Privacy Framework. Microsoft Corporation is certified under the EU-U.S. Data Privacy Framework and is therefore committed to compliance with adequate data protection standards, which can be verified via the following link: https://www.dataprivacyframework.gov/s/participant-search. For potential transfers to other countries outside the EU and the EEA, for which no adequacy decision of the EU Commission exists, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the country outside the EU to process the data in accordance with the level of protection in Europe. You can find more information on data protection and the cookies used at Microsoft on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement.
Triggerbee
This website uses the online marketing tool Triggerbee, provided by Triggerbee AB (Döbelnsgatan 12, 113 58 Stockholm, Sweden). Triggerbee employs cookies to help us analyze user behavior on our site and tailor the user experience. In doing so, data such as IP addresses, usage data, and other potential information related to your website visit may be collected and processed.
The data collected by Triggerbee is used to enhance our content, optimize marketing strategies, and improve website functionality. Triggerbee collects both session data and profile data. Session data includes information tied to your website visit, such as date and time, IP address, geolocation, browser information, event/identification data, and interest data. Once you provide identification through the popup on our website, Triggerbee creates a profile storing your name and contact details. All data is stored and processed on servers within the EU.
This cookie-based service is only activated on our website after you have provided prior consent, as per Art. 6 Para. 1 (a) GDPR. Cookies have a lifespan of up to 12 months. You can modify or withdraw your consent at any time by accessing the “Cookie Settings” link in the footer of the website.
We have entered into a data processing agreement with the service provider, ensuring they process and protect customer data according to Art. 28 GDPR, with strict requirements not to disclose any data to third parties. Triggerbee does not transfer personal data to affiliated companies or subcontractors outside of the EU and EEA.
For further details about Triggerbee, please visit: https://triggerbee.com/privacy-policy/
Automated decision making
Automated decision making or profiling according to Art. 22 GDPR does not take place.
Subject to change
We reserve the right to adapt or update this privacy policy, if necessary, in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take account of changes to our services, e.g. the introduction of new services. The most current version applies to your visit.
Status of this privacy policy: 04.04.2022