Managing Directors: Matthias Bathke, Dennis Heiden
Phone: ++49 (0)40 / 99999 – 3020
In addition, we process contract data (e.g., subject matter of contract, term, customer category). – Payment data (e.g., bank details, payment history) of our customers, prospects and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.
The hosting services we use are used to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical Maintenance services that we use for the purpose of operating this online offer.
In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in efficient and secure provision of this online offer in accordance with Art. 1 lit. f GDPR in art. 28 GDPR (conclusion of order processing contract).
COLLECTION OF ACCESS DATA AND LOGFILES
We, or our hosting provider, collect on the basis of our legitimate interests within the meaning of Art. 1 lit. f. GDPR data on each access to the server on which this service is located (so-called server log files). The access data includes the name of the retrieved website, file, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting providers. Logfile information is stored for security reasons (e.g. to investigate abuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidence purposes shall be excluded from deletion until the relevant incident has been finally clarified.
ORDER PROCESSING IN THE ONLINE SHOP AND CUSTOMER ACCOUNT
We process the data of our customers in the course of the ordering processes in our online shop in order to enable them to select and order the selected products and services, as well as to pay for and deliver them, respectively to execute them.
The processed data includes inventory data, communication data, contract data, payment data and the data subjects affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services in the context of the operation of an online shop, billing, delivery and customer service. We use session cookies for the storage of the shopping cart content and permanent cookies for the storage of the login status.
The processing shall be carried out on the basis of Article 6(6) of the 1 lit. b (Execution of ordering operations) and c (Legally required archiving) GDPR. The information marked as necessary is necessary for the establishment and fulfilment of the contract. We disclose the data to third parties only in the context of delivery, payment or within the scope of legal authorisations and obligations towards legal advisors and authorities. The data will only be processed in third countries if this is necessary for the fulfilment of the contract (e.g. at the customer’s request upon delivery or payment).
Users can optionally create a user account by viewing their orders in particular. As part of the registration process, the required mandatory information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have cancelled their user account, their data will be deleted with regard to the user account, subject to their retention is due for commercial or tax reasons. Art. 1 lit. c GDPR is necessary. Information in the customer’s account remains until its deletion, followed by archiving in the event of a legal obligation. It is the responsibility of users to secure their data before the end of the contract if they have been terminated.
As part of the registration and re-registration stake as well as use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with the Art. 1 lit. c GDPR.
The deletion takes place after the expiry of statutory warranty and comparable obligations, the necessity of the retention of the data is checked every three years; in the case of the statutory archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).
ADMINISTRATION, FINANCIAL ACCOUNTING, OFFICE ORGANIZATION, CONTACT MANAGEMENT
We process data within the scope of administrative tasks as well as the organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the context of the provision of our contractual services. The basis for processing is Article 6(4) of the 1 lit. c. GDPR, Art. 1 lit. f. GDPR. The processing affects customers, prospects, business partners and website visitors. The purpose and our interest in processing lies in administration, financial accounting, office organization, archiving of data, i.e. tasks related to the maintenance of our business activities, the performance of our tasks and the provision of our services. The erasure of the data with regard to contractual services and contractual communication corresponds to the information provided in these processing activities. We disclose or transmit data to the tax administration, consultants, such as tax consultants or auditors as well as other fee agencies and payment service providers. Furthermore, based on our business interests, we store information about suppliers, organizers and other business partners, e.g. for later contact. In principle, we store this majority of company-related data permanently.
Users can optionally create a user account. As part of the registration process, the required mandatory information will be communicated to the users. The data entered during the registration process will be used for the purposes of using the offer. Users may be informed by e-mail about information relevant to the offer or registration, such as changes in the scope of the offer or technical circumstances. If users have cancelled their user account, their data will be deleted with regard to the user account, subject to their retention is due for commercial or tax reasons. Art. 1 lit. c GDPR is necessary. It is the responsibility of users to secure their data before the end of the contract if they have been terminated. We are entitled to irretrievably delete all data of the user stored during the term of the contract.
In the context of the use of our registration and registration functions as well as the use of the user account, the IP address and the time of the respective user action will be stored. The storage is based on our legitimate interests, as well as the user in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties, unless it is necessary for the prosecution of our claims or there is a legal obligation to do so in accordance with the Art. 1 lit. c GDPR. The IP addresses will be anonymized or deleted after 7 days at the latest.
When contacting us (e.g. via contact form, e-mail, telephone or via social media), the user’s details are processed in accordance with the Art. 1 lit. b) GDPR processed. Users’ information can be stored in a customer relationship management system (“CRM system”) or similar request organization. We will delete the requests if they are no longer required. We check the necessity every two years; In addition, the statutory archiving obligations apply.
COMMENTS AND POSTS
If users leave comments or other contributions, their IP addresses may be based on our legitimate interests within the meaning of Art. 1 lit. f. GDPR for 7 days. This is for our safety in case someone leaves illegal content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we can be prosecuted for the comment or contribution ourselves and are therefore interested in the identity of the author. Furthermore, we reserve the right to be based on our legitimate interests in accordance with the Art. 1 lit. f. GDPR to process users’ information for spam detection.
INTEGRATION OF THIRD-PARTY SERVICES AND CONTENT
Within our online offer, we place content or service offers based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 sec. 1 lit. f. GDPR). third parties to include their content and services, such as videos or fonts (hereinafter referred to as “Content”). This always presupposes that the third-party providers of this content perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers use the IP address only for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” allow information on how to evaluate visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and, among other things, technical information about the browser and operating system, referring websites, visit time as well as further information on the use of our online offer as well as such information from other sources.
We use a Content Delivery Network (CDN) from Cloudflare, Inc., 101 Townsend Street, San Francisco, California 94107, USA (“Cloudflare”) to integrate scripts and libraries on our website.
With a content delivery network, the content of our website is stored on the server of the service and this distributes this content to you or to you when the website is accessed. Your browser via a network of regional servers. The purpose of this is to better defend against attacks,.B such as DDoS attacks, on our website and, in the case of large amounts of script and data, to make the content of our pages available to you quickly and in an optimized manner.
Since the data traffic of our website runs through Servers of Cloudfare, your IP address is also transmitted to Cloudflare. Cloudflare is certified according to the US Privacy Shield and thus guarantees data processing according to the GDPR. We have entered into an order processing agreement with Cloudflare in which Cloudflare documents compliance with appropriate technical and organizational measures.
The legal basis for our use of Cloudflare is Art. 6 I (f) GDPR. Our legitimate interest arises from the fact that we can use the service to take security measures against attacks on our website and that large amounts of data can be delivered in an optimized manner. The interference with your fundamental freedoms is low, as Cloudflare guarantees the level of data protection according to the GDPR.
Cookies and messages on access numbers
We use “session cookies” from VG Wort, Munich, to measure access to texts in order to record the probability of copying. Session cookies are small pieces of information that a provider stores in the memory of the visitor’s computer. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. Session cookies cannot store any other data. These measurements are carried out by Kantar Germany GmbH according to the Scalable Central Measurement Method (SZM). They help to determine the probability of copying individual texts for the remuneration of legal claims of authors and publishers. We do not collect any personal data through cookies.
The use of our offers is also possible without cookies. Most browsers are set to automatically accept cookies. However, you can deactivate the storage of cookies or set your browser so that it notifies you as soon as cookies are sent.
Data protection declaration for the use of the Scalable Central Measurement Method
Our website and our mobile website use the “Scalable Central Measurement Method” (SZM) of Kantar Germany GmbH for the determination of statistical parameters to determine the copy probability of texts.
Anonymous measured values are collected. For the recognition of computer systems, access number measurement alternatively uses a session cookie or a signature that is created from various automatically transmitted information from your browser. IP addresses are only processed in anonymous form.
The procedure was developed in compliance with data protection. The sole aim of the procedure is to determine the probability of copying individual texts.
At no time are individual users identified. Your identity is always protected. You will not receive any advertising through the system.