Note: The German version of this text is authoritative
Managing Directors: Matthias Bathke, Dennis Heiden
Phone: +49 (0)40 / 99999 – 3020
In addition, we process – contract data (e.g., subject matter of the contract, term, customer category). – Payment data (e.g., bank details, payment history) of our customers, prospective customers and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.
The hosting services used by us serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offering.
In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with the German Data Protection Act. Art. 6 par. 1 lit. f DSGVO in conjunction with. Art. 28 DSGVO (conclusion of order processing contract).
COLLECTION OF ACCESS DATA AND LOG FILES
We, or rather our hosting provider, collects data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO data about each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. Log file information is stored for security reasons (e.g. for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident.
ORDER PROCESSING IN THE ONLINE STORE AND CUSTOMER ACCOUNT
We process the data of our customers in the context of the order processes in our online store to enable them to select and order the selected products and services, as well as their payment and delivery, or execution.
The data processed includes inventory data, communication data, contract data, payment data and the data subjects of the processing include our customers, prospective customers and other business partners. The processing is carried out for the purpose of providing contractual services within the framework of the operation of an online store, billing, delivery and customer services. We use session cookies to store the contents of the shopping cart and permanent cookies to store the login status.
The processing is carried out on the basis of Art. 6 para. 1 lit. b (Execution of order processes) and c (Legally required archiving) DSGVO. In this context, the information marked as required is necessary for the justification and fulfillment of the contract. We disclose the data to third parties only within the scope of delivery, payment or within the scope of legal permissions and obligations to legal advisors and authorities. The data is only processed in third countries if this is necessary for the fulfillment of the contract (e.g. at the customer’s request for delivery or payment).
Users can optionally create a user account, in which they can view their orders in particular. As part of the registration process, the required mandatory information will be provided to users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data with regard to the user account will be deleted, subject to their retention for reasons of commercial or tax law. Art. 6 par. 1 lit. c GDPR necessary. Information in the customer account remains until its deletion with subsequent archiving in the event of a legal obligation. It is the responsibility of the users to back up their data before the end of the contract if the contract has been terminated.
Within the scope of registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as those of users in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties unless it is necessary for the prosecution of our claims or there is a legal obligation to do so in accordance with the German Data Protection Act. Art. 6 par. 1 lit. c GDPR.
The deletion takes place after the expiry of legal warranty and comparable obligations, the necessity of keeping the data is reviewed every three years; in the case of legal archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).
ADMINISTRATION, FINANCIAL ACCOUNTING, OFFICE ORGANIZATION, CONTACT MANAGEMENT
We process data in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of providing our contractual services. The processing bases are Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The cancellation of the data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities. In this context, we disclose or transmit data to the tax authorities, advisors, such as tax consultants or auditors, as well as other fee offices and payment service providers. Furthermore, we store information on suppliers, event organizers and other business partners on the basis of our business interests, e.g. for the purpose of contacting them at a later date. We store this data, which is mostly company-related, permanently.
Users can optionally create a user account. As part of the registration process, users are provided with the required mandatory information. The data entered during registration will be used for the purposes of using the offer. Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical circumstances. If users have terminated their user account, their data with regard to the user account will be deleted, subject to their retention for reasons of commercial or tax law. Art. 6 par. 1 lit. c GDPR necessary. It is the responsibility of the users to back up their data before the end of the contract if the contract has been terminated. We are entitled to irretrievably delete all of the user’s data stored during the term of the contract.
In the context of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as those of users in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with the German Data Protection Act. Art. 6 par. 1 lit. c GDPR. The IP addresses are anonymized or deleted after 7 days at the latest.
When contacting us (e.g. by contact form, e-mail, telephone or via social media), the user’s details will be used to process the contact request and its handling in accordance with the German Data Protection Act. Art. 6 par. 1 lit. b) DSGVO processed. User information may be stored in a customer relationship management system (“CRM System”) or similar inquiry organization. We delete the requests if they are no longer necessary. We review the necessity every two years; Furthermore, the legal archiving obligations apply.
COMMENTS AND CONTRIBUTIONS
When users leave comments or other contributions, their IP addresses may be stored on the basis of our legitimate interests as defined in Art. 6 para. 1 lit. f. DSGVO will be stored for 7 days. This is done for our security, in case someone leaves illegal content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we ourselves may be prosecuted for the comment or post and are therefore interested in the identity of the author. Furthermore, we reserve the right, on the basis of our legitimate interests pursuant to sec. Art. 6 par. 1 lit. f. DSGVO to process the information of the users for the purpose of spam detection.
INTEGRATION OF THIRD PARTY SERVICES AND CONTENT
Within our online offer, we use content or service offers of third-party providers on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) content or service offers from third party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). This always assumes that the third-party providers of this content are aware of the IP address of the user, since without the IP address they would not be able to send the content to their browser. The IP address is thus required for the display of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as be combined with such information from other sources.
We use, for the integration of scripts and libraries on our website, a Content Delivery Network (CDN) of Cloudflare, Inc., 101 Townsend Street, San Francisco, California 94107, USA (“Cloudflare”).
With a content delivery network, the content of our website is stored on the server of the service and the service distributes this content to you or your browser via a network of regional servers when the website is accessed. The purpose of this is to be able to better fend off attacks, such as DDos attacks, on our website and, in the case of large script and data volumes, to provide you with the content of our pages quickly and in an optimized manner.
Since the traffic of our website runs through servers of Cloudfare, your IP address is also transmitted to Cloudflare. Cloudflare is certified according to the US Privacy Shield and thus guarantees data processing according to the GDPR. We have concluded an order processing agreement with Cloudflare, with which Cloudflare documents to us the compliance with appropriate technical and organizational measures.
The legal basis for our use of Cloudflare is Art. 6 I (f) DSGVO. Our legitimate interest arises from the fact that the service allows us to take security measures against attacks on our website and to deliver large amounts of data in an optimized manner. The encroachment on your fundamental freedoms is minor here, as Cloudflare guarantees the level of data protection according to the GDPR.
Cookies and messages about access numbers
We use “session cookies” from VG Wort, Munich, to measure accesses to texts in order to record the copy probability. Session cookies are small pieces of information that a provider stores in the RAM of the visitor’s computer. In a session cookie, a randomly generated unique identification number is stored, a so-called session ID. In addition, a cookie contains information about its origin and the storage period. Session cookies cannot store any other data. These measurements are carried out by Kantar Germany GmbH according to the Scalable Central Measurement Method (SZM). They help to determine the copy probability of individual texts for the remuneration of legal claims of authors and publishers. We do not collect any personal data via cookies.
It is also possible to use our offers without cookies. Most browsers are set to accept cookies automatically. However, you can disable the storage of cookies or set your browser to notify you when cookies are sent.
Our website and our mobile website use the “Scalable Central Measurement Method” (SZM) of Kantar Germany GmbH to determine statistical parameters for determining the copy probability of texts.
Anonymous measured values are collected in the process. The access count measurement alternatively uses a session cookie or a signature created from various automatically transmitted information from your browser to recognize computer systems. IP addresses are only processed in anonymized form.
The procedure was developed in compliance with data protection. The sole aim of the method is to determine the copy probability of individual texts.
At no time are individual users identified. Your identity always remains protected. You will not receive any advertising through the system.