Privacy policy - GDPR
We have prepared this privacy policy (version 20.08.2024-322861602) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the controller – and the processors commissioned by us (e.g. providers) – process, will process in the future and what lawful options you have. The terms used are to be understood as gender-neutral.
In short, we provide you with comprehensive information about the data we process about you.
Data protection declarations usually sound very technical and use technical legal terms. This privacy policy, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. Where it is conducive to transparency, technical terms are explained in a reader-friendly way, links to further information are provided and graphics are used. We thus inform you in clear and simple language that we only process personal data as part of our business activities if there is a corresponding legal basis. This is certainly not possible by providing explanations that are as concise, unclear and legally technical as possible, as is often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or two pieces of information that you did not yet know.
If you still have any questions, we would ask you to contact the responsible body named below or in the legal notice, follow the links provided and look at further information on third-party websites. Our contact details can of course also be found in the legal notice.
Area of application
This privacy policy applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person’s name, email address and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes
- all online presences (websites, online stores) that we operate
- Social media presences and email communication
- mobile apps for smartphones and other devices
In short: the privacy policy applies to all areas in which personal data is processed in the company in a structured manner via the channels mentioned. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
Legal basis
In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course read this EU General Data Protection Regulation online at EUR-Lex, the gateway to EU law, at https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679.
We only process your data if at least one of the following conditions applies:
- Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of your data entered in a contact form.
- Contract (Article 6(1)(b) GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.
- Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
- Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and efficiently. This processing is therefore a legitimate interest.
Other conditions such as the performance of recordings in the public interest and the exercise of official authority as well as the protection of vital interests do not generally apply to us. If such a legal basis is relevant, it will be indicated at the appropriate point.
In addition to the EU Regulation, national laws also apply:
In Austria, this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act), or DSG for short.
In Germany, the Federal Data Protection Act (BDSG) applies.
If other regional or national laws apply, we will inform you about them in the following sections.
Contact details of the person responsible
If you have any questions about data protection or the processing of personal data, you will find the contact details of the person or body responsible below:
Witold Gornik
Fritz-Bauer-Straße 15
81249 Munich
Email: info@gostrats.com
Storage duration
It is a general criterion for us that we only store personal data for as long as is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for the data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes.
If you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to store it.
We will inform you below about the specific duration of the respective data processing if we have further information on this.
Rights under the General Data Protection Regulation
In accordance with Articles 13 and 14 GDPR, we inform you of the following rights to which you are entitled in order to ensure fair and transparent data processing:
- According to Article 15 GDPR, you have a right of access as to whether we process data about you. If this is the case, you have the right to receive a copy of the data and the following information
- the purpose for which we are processing the data
- the categories, i.e. the types of data being processed
- who receives this data and, if the data is transferred to third countries, how security can be guaranteed
- how long the data will be stored;
- the existence of the right to rectification, erasure or restriction of processing and the right to object to processing
- that you can lodge a complaint with a supervisory authority (links to these authorities can be found below)
- the origin of the data if we have not collected it from you
- whether profiling is carried out, i.e. whether data is automatically analyzed in order to create a personal profile of you.
- According to Article 16 GDPR, you have a right to rectification of data, which means that we must correct data if you find errors.
- According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which specifically means that you may request the erasure of your data.
- According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it any further.
- According to Article 20 GDPR, you have the right to data portability, which means that we will provide you with your data in a commonly used format upon request.
- According to Article 21 GDPR, you have the right to object, which entails a change in processing after enforcement.
If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interest), you can object to the processing. We will then check as quickly as possible whether we can legally comply with this objection.
If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may then no longer use your data for direct marketing.
If data is used for profiling, you can object to this type of data processing at any time. We may then no longer use your data for profiling.
Under Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).
According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can lodge a complaint with the data protection authority at any time if you believe that the processing of your personal data violates the GDPR.
In short: you have rights – do not hesitate to contact the controller listed above!
If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website can be found at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:
Bavaria Data Protection Authority
State Commissioner for Data Protection: Prof. Dr. Thomas Petri
Address: Wagmüllerstr. 18, 80538 Munich
Telephone number: 089/21 26 72-0
E-mail address: poststelle@datenschutz-bayern.de
Website: https://www.datenschutz-bayern.de/
Data transfer to third countries
We only transfer or process data to countries outside the scope of the GDPR (third countries) if you consent to this processing or other legal permission exists. This applies in particular if the processing is required by law or necessary to fulfill a contractual relationship and in any case only to the extent that this is generally permitted. In most cases, your consent is the most important reason for us to process data in third countries. The processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, may mean that personal data is processed and stored in unexpected ways.
We expressly point out that, according to the European Court of Justice, there is currently only an adequate level of protection for data transfers to the USA if a US company that processes personal data of EU citizens in the USA is an active participant in the EU-US Data Privacy Framework. You can find more information on this at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
Data processing by US services that are not active participants in the EU-US Data Privacy Framework may result in data not being processed and stored anonymously. Furthermore, US government authorities may be able to access individual data. In addition, data collected may be linked to data from other services of the same provider if you have a corresponding user account. Where possible, we try to use server locations within the EU if this is offered.
We will inform you in more detail about data transfer to third countries, if applicable, in the appropriate sections of this privacy policy.
Security of data processing
In order to protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. In this way, we make it as difficult as possible for third parties to infer personal information from our data.
Art. 25 GDPR refers to “data protection by design and by default”, meaning that we always think about security and take appropriate measures for both software (e.g. forms) and hardware (e.g. access to the server room). If necessary, we will discuss specific measures below.
TLS encryption with https
TLS, encryption and https sound very technical – and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for “secure hypertext transfer protocol”) to transmit data tap-proof on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured – nobody can “listen in”.
We have thus introduced an additional layer of security and comply with data protection by design (Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission security by the small lock symbol at the top left of the browser, to the left of the Internet address (e.g. examplepage.com) and the use of the https scheme (instead of http) as part of our Internet address.
If you would like to know more about encryption, we recommend a Google search for “Hypertext Transfer Protocol Secure wiki” to find good links to further information.
Communication
If you contact us and communicate with us by telephone, e-mail or online form, personal data may be processed.
The data is processed for the purpose of handling and processing your question and the associated business transaction. The data is stored for as long as necessary and for as long as the law requires.
Data subjects
All persons who contact us via the communication channels provided by us are affected by the above-mentioned processes.
Telephone
When you call us, the call data is stored pseudonymously on the respective end device and at the telecommunications provider used. In addition, data such as name and telephone number can be sent by e-mail and stored to answer the request. The data is deleted as soon as the business case has been completed and legal requirements allow.
E-mail
If you communicate with us by e-mail, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and data may be stored on the e-mail server. The data will be deleted as soon as the business case has been completed and legal requirements permit.
Online forms
If you communicate with us using an online form, data will be stored on our web server and may be forwarded to an e-mail address. The data will be deleted as soon as the business case has been completed and legal requirements permit.
Legal basis
The processing of the data is based on the following legal basis:
Art. 6 para. 1 lit. a GDPR (consent): You give us your consent to store your data and to use it for the purposes of the business case;
Art. 6 para. 1 lit. b GDPR (contract): There is a need to fulfill a contract with you or a processor such as the telephone provider or we have to process the data for pre-contractual activities, such as preparing an offer;
Art. 6 para. 1 lit. f GDPR (legitimate interests): We want to handle customer enquiries and business communication in a professional manner. To do this, certain technical facilities such as e-mail programs, exchange servers and mobile phone operators are necessary to enable efficient communication.
Contract for commissioned processing (AVV)
In this section, we would like to explain what a data processing agreement is and why it is needed. Because the word “data processing agreement” is quite a mouthful, we will often use the acronym DPA in the text. Like most companies, we do not work alone, but also use the services of other companies or individuals. By involving various companies or service providers, we may pass on personal data for processing. These partners then act as processors with whom we conclude a contract, the so-called order processing contract (AVV). The most important thing for you to know is that the processing of your personal data is carried out exclusively on our instructions and must be regulated by the AVV.
Who are processors?
As a company and website owner, we are responsible for all the data we process about you. In addition to the data controller, there may also be so-called data processors. This includes any company or person who processes personal data on our behalf. To be more precise and according to the GDPR definition: any natural or legal person, public authority, agency or other body that processes personal data on our behalf is considered a data processor. Contract processors can therefore be service providers such as hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.
For a better understanding of the terminology, here is an overview of the three roles in the GDPR:
Data subject (you as a customer or interested party) → Controller (we as a company and client) → Processor (service providers such as web hosts or cloud providers)
Contents of a data processing agreement
As mentioned above, we have concluded a data processing agreement with our partners who act as data processors. This agreement stipulates, above all, that the data processor processes the data to be processed exclusively in accordance with the GDPR. The agreement must be concluded in writing, but in this context, electronic conclusion of the agreement is also considered to be “in writing”. The processing of personal data only takes place on the basis of the agreement. The following must be included in the agreement:
Binding to us as the controller
Duties and rights of the controller
Categories of data subjects
Type of personal data
Type and purpose of data processing
Subject and duration of data processing
Place of data processing
Furthermore, the contract contains all the obligations of the processor. The most important obligations are:
To ensure data security measures
To take possible technical and organizational measures to protect the rights of the data subject
to keep a data processing register
to cooperate with the data protection supervisory authority at the latter’s request
to carry out a risk analysis in relation to the personal data received
sub-processors may only be commissioned with the written consent of the controller
You can see what an AVV looks like in practice at https://www.wko.at/service/wirtschaftsrecht-gewerberecht/eu-dsgvo-mustervertrag-auftragsverarbeitung.html, for example. A sample contract is presented here.
Cookies
What are cookies?
Our website uses HTTP cookies to store user-specific data.
The following explains what cookies are and why they are used, so that you can better understand the following data protection declaration.
Whenever you surf the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One thing is for sure: cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data, such as language or personal page settings. When you visit our site again, your browser sends the “user-related” information back to our site. Thanks to the cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.
The web browser requests a website and receives a cookie from the server, which the browser reuses as soon as another page is requested.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies also cannot access information on your PC.
Cookie data may look like this, for example:
Name: _ga
Value: GA1.2.1326744211.152322861602-9
Purpose: to distinguish between website visitors
Expiry date: after 2 years
A browser should be able to support these minimum sizes:
At least 4096 bytes per cookie
At least 50 cookies per domain
At least 3000 cookies in total
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is explained in the following sections of the data protection declaration. At this point, we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
Essential cookies
These cookies are necessary to ensure that the website functions properly. For example, these cookies are needed when a user adds a product to the shopping cart, then continues to surf other pages and only goes to the checkout later. These cookies ensure that the shopping cart is not deleted even if the user closes the browser window.
Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers.
Targeted cookies
These cookies ensure a better user experience. For example, locations, font sizes or form data entered are stored.
Advertising cookies
These cookies are also called targeting cookies. They are used to deliver personalized advertising to the user. This can be very practical, but also very annoying.
Usually, when you visit a website for the first time, you are asked which of these types of cookies you would like to allow. And of course, this decision is also stored in a cookie.
If you would like to learn more about cookies and are not afraid of technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Purpose of processing via cookies
The purpose ultimately depends on the respective cookie. You can find more details below or from the manufacturer of the software that sets the cookie.
What data is processed?
Cookies are small helpers that perform a wide range of different tasks. Unfortunately, it is not possible to generalize about the data that is stored in cookies, but we will inform you about the data that is processed or stored in the following data protection declaration.
Storage duration of cookies
The storage duration depends on the respective cookie and is specified below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.
You also have control over the storage period. You can manually delete all cookies at any time via your browser (see also below “Right of objection”). Furthermore, cookies that are based on consent are deleted at the latest after you revoke your consent, whereby the legality of the storage remains unaffected until then.
Right of objection – how can I delete cookies?
You decide for yourself whether and how you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, deactivate or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can do so in your browser settings:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete and manage cookies
If you do not want to have any cookies at all, you can set up your browser so that it always informs you when a cookie is about to be set. This way, you can decide whether or not to allow each individual cookie. The procedure varies depending on the browser. The best thing to do is to search for instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser.
Legal basis
The so-called “cookie guidelines” have been in place since 2009. They state that the storage of cookies requires your consent (Article 6 (1) (a) GDPR). However, there are still very different reactions to these guidelines within the EU countries. In Austria, however, this directive was implemented in § 165 para. 3 of the Telecommunications Act (2021). In Germany, the cookie guidelines were not implemented as national law. Instead, this directive was largely implemented in § 15 para. 3 of the Telemedia Act (TMG), which has been replaced by the Digital Services Act (DDG) since May 2024.
For absolutely necessary cookies, even if no consent has been given, there are legitimate interests (Article 6 (1) (f) GDPR), which in most cases are of an economic nature. We want to give visitors to the website a pleasant user experience, and certain cookies are often absolutely necessary for this.
If non-essential cookies are used, this is only done with your consent. The legal basis for this is Art. 6 (1) (a) GDPR.
The following sections provide more detailed information on the use of cookies, provided that the software used uses cookies.
Customer data
What is customer data?
In order to provide our services and contractual benefits, we also process data relating to our customers and business partners. This data always includes personal data. Customer data is understood to mean all information that is processed on the basis of a contractual or pre-contractual relationship in order to provide the services offered. Customer data is therefore all the information that we collect and process about our customers.
Why do we process customer data?
There are many reasons why we collect and process customer data. The most important one is that we simply need various data to provide our services. Sometimes your e-mail address is enough, but if you purchase a product or service, for example, we also need data such as your name, address, bank details or contract data. We also use the data for marketing and sales optimization so that we can improve our service for our customers overall. Another important point is our customer service, which is always very important to us. We want you to be able to contact us with questions about our offers at any time, and for that we need at least your e-mail address.
What data is processed?
The exact data that is stored can only be indicated here by category. This always depends on the services you receive from us. In some cases, you only give us your e-mail address so that we can contact you or answer your questions, for example. In other cases, you purchase a product or service from us and we need significantly more information, such as your contact details, payment details and contract data.
Here is a list of the possible data that we receive from you and process:
Name
Contact address
E-mail address
Telephone number
Date of birth
Payment data (invoices, bank details, payment history, etc.)
Contract data (term, content)
Usage data (websites visited, access data, etc.)
Metadata (IP address, device information)
How long is the data stored?
As soon as we no longer need the customer data to fulfill our contractual obligations and our purposes and the data is also not required for possible warranty and liability obligations, we delete the corresponding customer data. This is the case, for example, when a business contract ends. After that, the limitation period is usually 3 years, although longer periods are possible in individual cases. We also comply with the statutory retention requirements. Your customer data will certainly not be passed on to third parties unless you have explicitly given your consent.
Legal basis
The legal basis for the processing of your data is Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract or pre-contractual measures), Art. 6 para. 1 lit. f GDPR (legitimate interests) and in special cases (e.g. medical services) Art. 9 para. 2 lit. a. GDPR (processing of special categories).
In the event of the protection of vital interests, data processing is carried out in accordance with Art. 9 para. 2 lit. c. GDPR. For the purposes of healthcare, occupational medicine, medical diagnostics, care or treatment in the healthcare or social sector or for the administration of systems and services in the healthcare or social sector, personal data is processed in accordance with Art. 9 para. 2 lit. h. GDPR. If you voluntarily provide special categories of data, the processing is based on Art. 9 para. 2 lit. a. GDPR.
Webhosting Introduction
What is web hosting?
When you visit websites today, certain information – including personal data – is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only for a good reason. By website, we mean the entirety of all web pages on a domain, i.e. everything from the homepage to the very last subpage (like this one). By domain, we mean, for example, example.de or musterbeispiel.com.
If you want to view a website on a computer, tablet or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We call them browsers or web browsers for short.
To display the website, the browser has to connect to another computer where the website code is stored: the web server. Operating a web server is a complicated and time-consuming task, which is why it is usually taken over by professional providers. These offer web hosting and thus ensure that website data is stored reliably and without errors. A whole lot of technical terms, but please stay with us, it gets even better!
When the browser connects to your computer (desktop, laptop, tablet or smartphone) and during the data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server also has to store data for a while to ensure proper operation.
A picture is worth a thousand words, so the following graphic shows the interaction between the browser, the internet and the hosting provider.
Why do we process personal data?
The purposes of data processing are:
Professional hosting of the website and safeguarding of operations
to maintain operational and IT security
Anonymous evaluation of access behavior to improve our offering and, if necessary, for criminal prosecution or the pursuit of claims
What data is processed?
Even as you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically stores data such as
the complete internet address (URL) of the website accessed
browser and browser version (e.g. Chrome 87)
the operating system used (e.g. Windows 10)
the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen/)
the host name and IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
date and time
in files, the so-called web server log files
How long is data stored?
As a rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of unlawful behavior.
In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not pass on your data without your consent!
Legal basis
The lawfulness of the processing of personal data in the context of web hosting is based on Art. 6 para. 1 lit. f GDPR (safeguarding of legitimate interests), because the use of professional hosting by a provider is necessary to present the company on the internet in a secure and user-friendly manner and to be able to pursue attacks and claims arising from this if necessary.
We usually have a contract with the hosting provider for order processing in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.
1&1 IONOS Webhosting Privacy Policy
What is 1&1 IONOS Webhosting?
We use the web hosting services of the company IONOS by 1&1 to host our website. In Germany, 1&1 IONOS SE is based at Elgendorfer Str. 57, 56410 Montabaur. In Austria, 1&1 IONOS SE is located at Gumpendorfer Straße 142/PF 266, 1060 Vienna.
IONOS offers the following web hosting services: domain, website & shop, hosting & WordPress, marketing, email & office, IONOS Cloud and server. With over 22 million domains, almost 9 million customer contracts and 100,000 servers, IONOS is one of the largest German web hosting companies.
As we mentioned in our introductory words on the subject of web hosting, data from you or your end device is also stored on the IONOS servers. First and foremost, your IP address, which is known to be personal data, is stored. In addition, technical data such as the URL of our website, the name of your internet browser or which operating system you use is also stored.
Why do we use 1&1 IONOS web hosting?
IONOS was founded in Germany back in 1988, so it has over 30 years of experience under its belt. However, that doesn’t mean that the company is not constantly developing technologically. In our view, it is precisely this combination of experience and innovative spirit that provides a good basis for our website. After all, we want our website to work smoothly 24 hours a day while ensuring a high level of security. Since IONOS does not limit monthly data traffic and provides plenty of storage space, our website remains powerful even when it is visited by many people. We are very satisfied with the speed of the website and the price-performance ratio currently meets our requirements.
What data is processed by 1&1 IONOS Webhosting?
1&1 IONOS Webhosting may also process personal data about you. When you visit our website, the following data about you or your computer is stored by IONOS:
the website you visited before (also known as the referrer)
the requested website (in this case, our website)
browser type and version
your operating system and device type
time of page access
Your IP address in anonymized form
The data collected is used to increase the security of the website, to detect possible errors and also to carry out anonymous statistical analyses. According to IONOS, the anonymized IP address is only used to determine the location of the access.
How long and where is the data stored?
The data is stored on IONOS‘ own servers. In principle, IONOS stores the data for as long as it is necessary to fulfill its obligations. Visitor data is stored for 8 weeks. However, it may also be the case that data is stored for longer, for example to have evidence for possible legal disputes. Visitor data is not passed on to third parties and is not transferred to a country outside the EU.
How can I delete my data or prevent it from being stored?
You have the right to access, correct, delete or restrict the processing of your personal data at any time. You can also revoke your consent to the processing of your data at any time.
If you want to disable, delete or manage cookies, you will find the corresponding links to the respective instructions for the most popular browsers in the “Cookies” section.
Legal basis
We have a legitimate interest in using IONOS to be able to offer our online service. Professional hosting by a provider is necessary to present our company on the internet in a secure and user-friendly manner and to be able to track possible cyber attacks. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests).
You can find more information about data protection at IONOS in the data protection declaration at https://www.ionos.de/terms-gtc/datenschutzerklaerung/. If you have any further questions about data protection, you can also contact the IONOS data protection team by e-mail at datenschutz@ionos.de.
Data processing agreement (DPA) with IONOS
We have concluded a data processing agreement (DPA) with IONOS in accordance with Article 28 of the General Data Protection Regulation (GDPR). You can read about what a DPA is and, in particular, what must be included in a DPA in our general section “Data processing agreement (DPA)”.
This contract is required by law because IONOS processes personal data on our behalf. It clarifies that IONOS may only process data that it receives from us in accordance with our instructions and must comply with the GDPR. You can find the link to the data processing contract (AVV) at https://www.ionos.de/hilfe/datenschutz/allgemeine-informationen-zur-datenschutz-grundverordnung-dsgvo/auftragsverarbeitung/.
Website Modular Systems Introduction
What are website building block systems?
We use a website building block system for our website. Building block systems are special forms of a content management system (CMS). With a building block system, website operators can create a website very easily and without any programming knowledge. In many cases, web hosts also offer building block systems. By using a building block system, personal data about you can also be collected, stored and processed. In this data protection text, we provide you with general information about data processing using modular systems. You can find more detailed information in the provider’s data protection declarations.
Why do we use website modular systems for our website?
The biggest advantage of a website building block system is its ease of use. We want to offer you a clear, simple and well-organized website that we can easily operate and maintain ourselves – without external support. A website building block system now offers many helpful functions that we can use without any programming knowledge. This allows us to design our website according to our wishes and to offer you an informative and pleasant time on our website.
What data is stored by a website builder?
The exact data that is stored depends on the website builder used. Each provider processes and collects different data from the website visitor. However, technical usage information such as operating system, browser, screen resolution, language and keyboard settings, hosting provider and the date of your website visit is usually collected. Tracking data (e.g. browser activity, clickstream activity, session heatmaps, etc.) may also be processed. In addition, personal data may also be collected and stored. This usually includes contact details such as email address, telephone number (if you have provided it), IP address and geographical location data. You can find out exactly which data is stored in the provider’s privacy policy.
How long and where is the data stored?
We will inform you about the duration of data processing below in connection with the website building block system used, provided that we have further information about it. You will find detailed information about this in the provider’s privacy policy. In general, we only process personal data for as long as it is absolutely necessary to provide our services and products. It may be that the provider stores data about you according to their own specifications, over which we have no control.
Right of objection
You always have the right to access, correct and delete your personal data. If you have any questions, you can also contact the person responsible for the website building block system used at any time. You can find contact details either in our data protection declaration or on the website of the corresponding provider.
You can delete, deactivate or manage cookies that providers use for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that this may mean that not all functions will work as usual.
Legal basis
We have a legitimate interest in using a website building block system to optimize our online service and to present it to you in an efficient and user-friendly way. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use the building block system if you have given your consent.
If the processing of data is not absolutely necessary for the operation of the website, the data will only be processed on the basis of your consent. This applies in particular to tracking activities.
The legal basis for this is Art. 6 para. 1 lit. a GDPR.
This data protection declaration is intended to provide you with the most important general information about data processing. If you would like more detailed information on this subject, you will find further information – if available – in the following section or in the provider’s data protection declaration.
WordPress.com Privacy Policy
What is WordPress?
We use the well-known content management system WordPress.com for our website. The service provider is the American company Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.
The company was founded in 2003 and has quickly become one of the most popular content management systems (CMS) in the world. A CMS is software that helps us to design our website and present content in an attractive and organized way. The content can be text, audio or video.
By using WordPress, personal data about you can also be collected, stored and processed. Usually, only technical data such as operating system, browser, screen resolution or hosting provider is stored. However, personal data such as IP address, geographical data or contact details may also be processed.
Why do we use WordPress on our website?
We have many strengths, but real programming is not one of our core competencies.
Nevertheless, we want to have a powerful and attractive website that we can manage and maintain ourselves. A website building block system or a content management system like WordPress makes this possible. With WordPress, we don’t have to be programming wizards to be able to offer you a beautiful website. Thanks to WordPress, we can operate our website quickly and easily, even without any prior technical knowledge. If technical problems arise or we have special requests for our website, we still have our specialists who are at home with HTML, PHP, CSS and the like.
The ease of use and comprehensive functionality of WordPress allows us to design our website according to our wishes and offer you a good user experience.
What data is processed by WordPress?
Non-personal data includes technical usage information such as browser activity, clickstream activity, session heatmaps and data on your computer, operating system, browser, screen resolution, language and keyboard settings, internet provider and date of site visit.
Personal data is also collected. This is primarily contact data (email address or telephone number, if you provide it), IP address or your geographical location.
WordPress may also use cookies to collect data. These often collect data about your behavior on our website. For example, it can be recorded which subpages you like to view, how long you spend on individual pages, when you leave a page (bounce rate) or even which preferences (e.g. language selection) you have made. Based on this data, WordPress can also better adapt its own marketing measures to your interests and user behavior. The next time you visit our website, it will be displayed to you in the way you have previously set.
WordPress can also use technologies such as pixel tags (web beacons) to, for example, clearly identify you as a user and possibly offer you interest-based advertising.
How long and where is the data stored?
How long the data is stored depends on various factors. It depends on the type of data stored and the specific settings of the website. In principle, WordPress deletes data when it is no longer needed for its own purposes. There are, of course, exceptions, especially when legal obligations require data to be stored for longer. Web server logs that contain your IP address and technical data are deleted by WordPress or Automattic after 30 days. Automattic uses the data for this period to analyze traffic on its own websites (for example, all WordPress pages) and to resolve any problems. Deleted content on WordPress websites is also stored in the recycle bin for 30 days to enable recovery, after which it may remain in backups and caches until they are deleted. The data is stored on Automattic’s American servers.
How can I delete my data or prevent it from being stored?
You have the right and the option to access your personal data at any time and to object to the use and processing of this data. You can also file a complaint with a state supervisory authority at any time.
You can also manage, delete or deactivate cookies individually in your browser. However, please note that deactivated or deleted cookies may have a negative impact on the functionality of our WordPress site. Depending on which browser you use, the way in which cookies are managed varies. In the “Cookies” section, you will find links to the relevant instructions for the most popular browsers.
Legal basis
If you have consented to WordPress being used, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when it is collected by WordPress.
We also have a legitimate interest in using WordPress to optimize our online service and present it to you in a beautiful way.
The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). However, we only use WordPress if you have given your consent.
WordPress and Automattic process your data, among other places, in the USA. Automattic is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
In addition, Automattic uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Automattic is committed to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
More details on the data protection policy and what data is processed by WordPress and how can be found at https://automattic.com/privacy/.
Data processing agreement (AVV) with WordPress.com
In accordance with Article 28 of the General Data Protection Regulation (GDPR), we have concluded a data processing agreement (AVV) with WordPress.com. You can read about what an AVV is and, in particular, what must be included in an AVV in our general section “Data processing agreement (AVV)”.
This contract is required by law because WordPress.com processes personal data on our behalf. It clarifies that WordPress.com may only process data that it receives from us in accordance with our instructions and must comply with the GDPR. You can find the link to the data processing agreement (AVV) at https://wordpress.com/support/data-processing-agreements/.
Social Media Introduction
What is social media?
In addition to our website, we are also active on various social media platforms. This means that user data can be processed so that we can target users who are interested in us via social networks. Furthermore, elements of a social media platform can also be embedded directly into our website. This is the case, for example, when you click on a so-called social button on our website and are redirected directly to our social media presence. Social media are websites and apps that registered members can use to produce content, share content openly or in specific groups, and network with other members.
Why do we use social media?
For years, social media platforms have been the place where people communicate and connect online. Our social media presence allows us to present our products and services to interested parties. The social media elements integrated into our website help you to quickly and easily switch to our social media content.
The data that is stored and processed when you use a social media channel is primarily used to carry out web analytics. The aim of these analyses is to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, the evaluated data can be used to draw conclusions about your interests and create so-called user profiles. This also enables the platforms to present you with customized advertisements. In most cases, cookies are set in your browser for this purpose, which store data about your usage behavior.
We generally assume that we remain responsible for data protection, even if we use the services of a social media platform. However, the European Court of Justice has ruled that in certain cases the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we will point this out separately and work on the basis of an agreement to this effect. The essence of the agreement is then given below for the platform concerned.
Please note that when you use social media platforms or our built-in elements, data about you may also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. This may make it more difficult for you to claim or enforce your rights in relation to your personal data.
What data is processed?
The exact data that is stored and processed depends on the respective social media platform provider. However, it usually includes data such as telephone numbers, e-mail addresses, data that you enter in a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. In particular, if you have a profile on the social media channel you are visiting and are logged in, data can be linked to your profile.
All data collected via a social media platform is also stored on the providers‘ servers. This means that only the providers have access to the data and can provide you with the appropriate information or make changes.
If you want to know exactly which data is stored and processed by social media providers and how you can object to data processing, you should carefully read the respective data protection declaration of the company. Even if you have questions about data storage and data processing or want to assert corresponding rights, we recommend that you contact the provider directly.
Duration of data processing
We will inform you about the duration of data processing below, provided that we have further information. For example, the social media platform Facebook stores data until it is no longer needed for its own purposes. However, customer data that is compared with the user’s own data is deleted within two days. In general, we only process personal data for as long as is absolutely necessary to provide our services and products. If, as in the case of accounting, for example, it is required by law, this storage period may be exceeded.
Right of objection
You also have the right and the option to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This can be done either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling or deleting cookies in your browser.
Since social media tools may use cookies, we also recommend that you read our general data protection declaration on cookies. To find out exactly which of your data is stored and processed, you should read the data protection declarations of the respective tools.
Legal basis
If you have consented to the processing and storage of your data by integrated social media elements, this consent shall be deemed the legal basis for the data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in maintaining fast and good communication with you or other customers and business partners. However, we only use the tools to the extent that you have given your consent. Most social media platforms also use cookies in your browser to store data. We therefore recommend that you read our data protection text on cookies carefully and view the data protection declaration or cookie guidelines of the respective service provider.
Information on specific social media platforms can be found – if available – in the following sections.
Facebook Privacy Policy
What are Facebook tools?
We use selected Facebook tools on our website. Facebook is a social media network of the company Meta Platforms Inc. or, for the European region, of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. These tools enable us to offer you and people who are interested in our products and services the best possible service.
If data is collected and forwarded from you via our embedded Facebook elements or via our Facebook page (fan page), both we and Facebook Ireland Ltd. are responsible for this. Facebook alone is responsible for the further processing of this data.
Our joint obligations have also been enshrined in a publicly accessible agreement at https://www.facebook.com/legal/controller_addendum. This agreement states, for example, that we must clearly inform you about the use of Facebook tools on our site. Furthermore, we are also responsible for ensuring that the tools are integrated into our website in a way that complies with data protection laws. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and data processing by Facebook, you can contact the company directly. If you ask us the question, we are obliged to forward it to Facebook.
Below, we provide an overview of the various Facebook tools, the data that is sent to Facebook and how you can delete this data.
In addition to many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official name of Facebook. However, since the term is hardly known, we have decided to simply call them Facebook tools. These include, among other things:
Facebook pixel
social plug-ins (such as the “Like” or “Share” buttons)
Facebook Login
Account Kit
APIs (programming interface)
SDKs (collection of programming tools)
platform integrations
plug-ins
codes
specifications
documentationtechnologies and services
These tools enable Facebook to expand its services and to obtain information about user activities outside of Facebook.
Why do we use Facebook tools on our website?
We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook ads), we can reach exactly these people. However, in order to show users appropriate advertising, Facebook needs information about people’s wishes and needs. This is how the company is provided with information about user behavior (and contact data) on our website. This enables Facebook to collect better user data and to display the right advertising for our products and services to interested people. The tools thus enable customized advertising campaigns on Facebook.
Facebook calls data about your behavior on our website “event data”. This data is also used for measurement and analysis services. This enables Facebook to create “campaign reports” on our behalf about the impact of our advertising campaigns. Furthermore, the analyses provide us with a better insight into how you use our services, website or products. This enables us to optimize your user experience on our website with some of these tools. For example, you can use the social plug-ins to share content on our site directly on Facebook.
What data is stored by Facebook tools?
By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address may be sent.
Facebook uses this information to match it with the data it has about you (if you are a Facebook member). Before customer data is transmitted to Facebook, it is hashed. This means that a data set of any size is transformed into a character string. This also serves to encrypt data.
In addition to contact data, “event data” is also transmitted. “Event data” refers to the information that we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally obliged to do so. “Event data” can also be linked to contact data. This enables Facebook to offer better personalized advertising. After the aforementioned matching process, Facebook deletes the contact data again.
In order to optimize the delivery of advertisements, Facebook only uses the event data if it has been combined with other data (which has been collected by Facebook in another way). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, a different number of cookies will be created in your browser. We will go into more detail about individual Facebook cookies in the descriptions of the individual Facebook tools. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.
How long and where is the data stored?
In principle, Facebook stores data until it is no longer needed for its own services and Facebook products. Facebook has servers all over the world where its data is stored. However, customer data is deleted within 48 hours after it has been compared with its own user data.
How can I delete my data or prevent it from being stored?
In accordance with the General Data Protection Regulation, you have the right to access, rectify, transfer and delete your data.
Your data will only be completely deleted if you delete your Facebook account completely. This is how you delete your Facebook account:
1) Click on Settings on the right-hand side of Facebook.
2) Then click on “Your Facebook Information” in the left-hand column.
3) Now click on “Deactivation and Deletion”.
4) Now select “Delete account” and then click on “Continue and delete account”
5) Now enter your password, click on “Continue” and then on “Delete account”
The data that Facebook receives from our site is stored, among other things, via cookies (e.g. for social plugins). You can disable, delete or manage individual or all cookies in your browser. Depending on which browser you use, this works in different ways. Under the section “Cookies” you will find the corresponding links to the respective instructions for the most popular browsers.
If you do not want to have any cookies at all, you can set up your browser so that it always informs you when a cookie is about to be set. This way, you can decide whether or not to allow each individual cookie.
Legal basis
If you have consented to the processing and storage of your data by integrated Facebook tools, this consent shall be deemed to be the legal basis for the data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in maintaining fast and good communication with you or other customers and business partners. However, we only use the tools to the extent that you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our data protection text on cookies carefully and view Facebook’s privacy policy or cookie guidelines.
Facebook also processes your data in the USA, among other places. Facebook and Meta Platforms are active participants in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
In addition, Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Facebook is obliged to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Facebook data processing conditions, which refer to the standard contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.
We hope that we have provided you with the most important information about the use and data processing of Facebook tools. If you would like to learn more about how Facebook uses your data, we recommend that you read the data guidelines at https://www.facebook.com/privacy/policy/.
Facebook login data protection declaration
We have integrated the convenient Facebook login on our site. This means that you can log in to our site easily using your Facebook account without having to create another user account. If you decide to register using the Facebook login, you will be redirected to the social media network Facebook. You will then log in using your Facebook user data. This login procedure stores data about you and your user behavior and transmits it to Facebook.
Facebook uses various cookies to store this data. The following is a list of the most important cookies that are set in your browser or already exist when you log in to our site using the Facebook login:
Name: fr
Value: 0jieyh4c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: This cookie is used to ensure that the social plugin on our website works as well as possible.
Expiration date: after 3 months
Name: datr
Value: 4Jh7XUA2322861602SEmPsSfzCOO4JFFl
Purpose: Facebook sets the “datr” cookie when a web browser accesses facebook.com, and the cookie helps to identify login activities and protect users.
Expiration date: after 2 years
Name: _js_datr
Value: deleted
Purpose: This session cookie is set by Facebook for tracking purposes, even if you do not have a Facebook account or are logged out.
Expiry date: after the end of the session
Note: The cookies listed are just a small selection of the cookies available to Facebook. Other cookies include _ fbp, sb or wd. A complete list is not possible because Facebook has a large number of cookies and uses them in a variety of ways.
The Facebook login offers you a quick and easy registration process, but it also gives us the opportunity to share data with Facebook. This allows us to better tailor our offers and promotions to your interests and needs. The data we receive from Facebook in this way is public data such as
your Facebook name
your profile picture
a stored e-mail address
Friends lists
Button information (e.g. “Like” button)
Date of birth
Language
Place of residence
In return, we provide Facebook with information about your activities on our website. This includes information about the device you are using, which subpages you visit on our website or which products you have purchased from us.
By using Facebook Login, you consent to the processing of your data. You can revoke this agreement at any time. If you would like to learn more about how Facebook processes data, we recommend that you read Facebook’s privacy policy at https://www.facebook.com/privacy/policy/.
If you are logged in to Facebook, you can change your advertising settings at https://www.facebook.com/adpreferences/advertisers/?entry_product=ad_settings_screen.
Facebook social plug-ins Data protection declaration
Our website contains so-called social plug-ins from the company Meta Platforms Inc. You can recognize these buttons by the classic Facebook logo, such as the “Like” button (the hand with the raised thumb) or by a clear “Facebook plug-in” label. A social plug-in is a small part of Facebook that is integrated into our site. Each plug-in has its own function. The most commonly used functions are the familiar “Like” and “Share” buttons.
The following social plug-ins are offered by Facebook:
“Save” button
“Like” button, share, send and quote
Page plug-in
Comments
Messenger plug-in
Embedded posts and video players
Group plug-in
You can find more information on how to use the individual plug-ins at https://developers.facebook.com/docs/plugins. We use the social plug-ins on the one hand to offer you a better user experience on our site, and on the other hand because Facebook can optimize our advertisements as a result.
If you have a Facebook account or have https://www.facebook.com/ visited before, Facebook has already set at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our site or interact with social plugins (e.g. the “Like” button).
The information obtained is deleted or anonymized within 90 days. According to Facebook, this data includes your IP address, the website you visited, the date, time and other information related to your browser.
To prevent Facebook from collecting a lot of data during your visit to our website and linking it to Facebook data, you must log out of Facebook while visiting the website.
If you are not logged in to Facebook or do not have a Facebook account, your browser will send less information to Facebook because you have fewer Facebook cookies. Nevertheless, data such as your IP address or which website you visit may be transmitted to Facebook. We would like to expressly point out that we do not know the exact content of the data. However, we try to inform you about data processing as best we can based on our current knowledge. You can also read about how Facebook uses the data in the company’s data policy at https://www.facebook.com/about/privacy/update.
The following cookies are set in your browser at the very least when you visit a website with social plug-ins from Facebook:
Name: dpr
Value: not specified
Purpose: This cookie is used to ensure that the social plug-ins on our website work.
Expiry date: after the end of the session
Name: fr
Value: 0jieyh4322861602c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: This cookie is also necessary for the plug-ins to function properly.
Expiry date: after 3 months
Note: These cookies were set after a test, even if you are not a Facebook member.
If you are logged in to Facebook, you can change your advertising settings at https://www.facebook.com/adpreferences/advertisers/. If you are not a Facebook user, you can manage your usage-based online advertising at https://www.youronlinechoices.com/de/praferenzmanagement/?tid=322861602. There you have the option to deactivate or activate providers.
If you would like to find out more about Facebook’s data protection policy, we recommend that you read the company’s own data protection guidelines at https://www.facebook.com/privacy/policy/.
Instagram Privacy Policy
What is Instagram?
We have integrated Instagram functions into our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Meta Platforms Inc. since 2012 and is one of the Facebook products. Embedding Instagram content on our website is called embedding. This allows us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit pages on our website that have an integrated Instagram function, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is therefore processed across all Facebook companies.
In the following, we would like to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control the data processing. Since Instagram belongs to Meta Platforms Inc., we obtain our information from the Instagram guidelines on the one hand, but also from the Meta data protection guidelines themselves on the other.
Instagram is one of the most popular social media networks in the world. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. On “Insta” (as many users casually call the platform), you can upload photos and short videos, edit them with various filters and also share them on other social networks. And if you don’t want to be active yourself, you can just follow other interesting users.
Why do we use Instagram on our website?
Instagram is the social media platform that has really taken off in recent years. And of course we have responded to this boom. We want you to feel as comfortable as possible on our website. That’s why we naturally present our content in a varied way. The embedded Instagram functions enable us to enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be used for personalized advertising on Facebook. This means that our ads only reach people who are really interested in our products or services.
Instagram also uses the data collected for measurement and analysis purposes. We receive summarized statistics and thus gain more insight into your wishes and interests. It is important to note that these reports do not personally identify you.
What data is stored by Instagram?
When you visit one of our pages that has integrated Instagram functions (such as Instagram images or plug-ins), your browser automatically connects to Instagram’s servers. Data is sent to Instagram, stored and processed. This happens regardless of whether you have an Instagram account or not. This includes information about our website, your computer, purchases made, advertisements you see and how you use our services. The date and time of your interaction with Instagram is also stored. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.
Facebook differentiates between customer data and event data. We assume that this is also the case with Instagram. Customer data includes, for example, name, address, telephone number and IP address. This customer data is only transmitted to Instagram if it has been hashed beforehand. Hashing means that a data set is converted into a character string. This allows the contact data to be encrypted. In addition, the above-mentioned “event data” is also transmitted. Facebook – and therefore Instagram – defines “event data” as data about your user behavior. It may also happen that contact data is combined with event data. The collected contact data is compared with the data that Instagram already has about you.
The collected data is transmitted to Facebook via small text files (cookies) that are usually placed in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored.
We assume that data processing on Instagram works in the same way as on Facebook. This means that if you have an Instagram account or have visited www.instagram.com, Instagram has at least placed a cookie. If this is the case, your browser will send information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data will be deleted or anonymized after 90 days at the latest (after synchronization). Although we have looked closely at Instagram’s data processing, we cannot say exactly which data Instagram collects and stores.
In the following, we will show you the cookies that are at least set in your browser when you click on an Instagram function (such as a button or an Insta picture). In our test, we assume that you do not have an Instagram account. If you are logged in to Instagram, of course, significantly more cookies will be set in your browser.
These cookies were used in our test:
Name: csrftoken
Value: “”
Purpose: This cookie is most likely set for security reasons to prevent forgeries of requests. However, we were unable to find out more about it.
Expiration date: after one year
Name: mid
Value: “”
Purpose: Instagram sets this cookie to optimize its own services and offers on and off Instagram. The cookie defines a unique user ID.
Expiration date: after the end of the session
Name: fbsr_322861602124024
Value: no information
Purpose: This cookie stores the login request for users of the Instagram app.
Expiry date: after the end of the session
Name: rur
Value: ATN
Purpose: This is an Instagram cookie that ensures functionality on Instagram.
Expiry date: after the end of the session
Name: urlgen
Value: “{”194.96.75.33“: 1901}:1iEtYv:Y833k2_UjKvXgYe322861602”
Purpose: This cookie is used for Instagram’s marketing purposes.
Expiry date: after the end of the session
Note: We cannot claim to be exhaustive here. Which cookies are set in each individual case depends on the embedded functions and how you use Instagram.
How long and where is the data stored?
Instagram shares the information it receives between the Facebook companies, with external partners and with people you connect with worldwide. Data processing is carried out in accordance with its own data policy. For security reasons, among other things, your data is distributed across Facebook servers around the world. Most of these servers are located in the USA.
How can I delete my data or prevent it from being stored?
Thanks to the General Data Protection Regulation, you have the right to access, transfer, rectify and delete your data. You can manage your data in the Instagram settings. If you want to delete your data on Instagram completely, you have to permanently delete your Instagram account.
And this is how you delete your Instagram account:
First, open the Instagram app. On your profile page, scroll down and click on “Help Center”. You will now be taken to the company’s website. On the website, click on “Manage your account” and then on “Delete your account”.
If you delete your account completely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and will therefore not be deleted.
As mentioned above, Instagram primarily stores your data via cookies. You can manage, disable or delete these cookies in your browser. Depending on your browser, the management always works a little differently. Under the “Cookies” section, you will find the corresponding links to the respective instructions for the most popular browsers.
You can also set up your browser so that you are always informed when a cookie is about to be set. Then you can always decide individually whether you want to allow the cookie or not.
Legal basis
If you have consented to the processing and storage of your data by integrated social media elements, this consent shall be deemed to be the legal basis for the data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in maintaining fast and good communication with you or other customers and business partners. However, we only use the integrated social media elements if you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our data protection text about cookies carefully and view the data protection declaration or cookie guidelines of the respective service provider.
Instagram also processes your data in the USA, among other places. Instagram and Meta Platforms are active participants in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
Instagram also uses so-called standard contractual clauses (SCCs) (= Art. 46. para. 2 and 3 GDPR). Standard contractual clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Instagram is obliged to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
We have tried to give you the most important information about data processing by Instagram. You can find out more about Instagram’s data policies at https://privacycenter.instagram.com/policy/.
TikTok Privacy Policy
What is TikTok?
We use the TikTok integration on our website. The service provider is the Chinese company Beijing Bytedance Technology Ltd. The Irish company TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, is responsible for the European region. TikTok is a popular social media platform, especially among young people, where users can create, share and watch short video clips.
In this privacy policy, we will inform you about the data processed by TikTok, how long the data is stored and how you can manage your privacy settings.
Why do we use TikTok on our website?
We have integrated TikTok into our website so that you can watch TikTok videos and interact with them if you like. TikTok is particularly known for funny and creative content, and of course we don’t want to deprive you of such content. After all, we also like to watch the occasional creative TikTok video ourselves.
What data is processed by TikTok?
When you watch or interact with TikTok videos on our website, TikTok may collect information about your usage behavior and your device. This may include data such as your IP address, browser type, operating system, location and other technical information. TikTok may also use cookies and similar technologies to collect information and personalize your user experience.
If you have a TikTok account yourself, even more information may be collected and processed. This includes, for example, user information (such as name, date of birth or your e-mail address) and data about your communication with other TikTok users.
How long and where is the data stored?
The storage duration and storage locations of the data collected by TikTok can vary greatly and are subject to TikTok’s privacy policy. TikTok may also store data on servers in the United States and other countries. The storage period is usually based on the respective legal requirements and internal guidelines. However, we have not yet been able to find out exactly how long data is stored. As soon as we have more information, we will of course let you know.
How can I delete my data or prevent it from being stored?
If you have a TikTok account, you can manage your privacy settings directly on TikTok. For example, you can use the settings in your TikTok account to specify which information can be shared and which cannot. You can also manage and disable cookies in your web browser to limit data collection. Of course, this is also possible without a TikTok account. However, please note that this may affect the functionality of our website and your TikTok experience.
Legal basis
If you have consented to the processing and storage of your data by TikTok, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in communicating quickly and effectively with you or other customers and business partners. However, we only use the integrated social media elements if you have given your consent. TikTok may also set cookies in your browser to store data. Therefore, we recommend that you read our data protection text on cookies carefully and view the data protection declaration or cookie guidelines of the respective service provider.
TikTok also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can entail various risks for the legality and security of data processing.
As the basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, and in particular the USA) or for data transfer to such countries, TikTok uses so-called standard contractual clauses (Art. 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the USA). Through these clauses, TikTok undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA.
These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
For more information about TikTok’s privacy policy and how it collects data, please visit the TikTok website at https://www.tiktok.com/legal/page/eea/privacy-policy/en and the TikTok general information at https://www.tiktok.com/en/.
X (formerly: Twitter) Privacy Policy
What is X?
We have integrated X functions into our website. These include embedded tweets, timelines, buttons or hashtags. X is a short message service and a social media platform of the American company X Corp., 1355 Market Street, Suite 900 San Francisco, CA 94103, USA. For the European region, the company Twitter International Unlimited Company (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland) is responsible for processing personal data.
To our knowledge, the mere integration of X functions in the European Economic Area and Switzerland does not yet transfer any personal data or data on your web activities to X. Only when you interact with the X functions, for example by clicking on a button, can data be sent to X, stored there and processed. We have no influence over this data processing and bear no responsibility for it. In the context of this data protection declaration, we would like to give you an overview of what data X stores, what X does with this data and how you can protect yourself from data transmission to a large extent.
For some, X is a news service, for others a social media platform and for others still a microblogging service. All these terms are justified and mean more or less the same thing.
Both private individuals and companies use X to communicate with interested parties via short messages. X only allows 280 characters per message. These messages are called “tweets”. Unlike Facebook, for example, the service does not focus on building a network of “friends”, but rather wants to be seen as a global and open news platform. You can also have an anonymous account on X and tweets can be deleted by the company or by the users themselves.
Why do we use X on our website?
Like many other websites and companies, we try to offer our services and communicate with our customers through a variety of channels. We have grown particularly fond of X (better known to many as Twitter) as a useful “little” messaging service. We tweet or retweet exciting, funny or interesting content again and again. We realize that you can’t follow every channel separately. After all, you have other things to do. That’s why we have also integrated X functions on our website. You can experience our X activity “on site” or come to our X page via a direct link. By integrating it, we want to strengthen our service and user-friendliness on our website.
What data is stored by X?
You will find the built-in X functions on some of our subpages. If you interact with the X content, for example by clicking on a button, X can collect and store data. And it can do so even if you do not have an X account yourself. X calls this data “log data”. This includes demographic data, browser cookie IDs, the ID of your smartphone, hashed e-mail addresses, and information about which pages you have visited on X and which actions you have performed. Of course, X stores more data if you have an X account and are logged in. Until now, this storage has been done via cookies. Cookies are small text files that are usually set in your browser and transmit different information to X.
We will now show you which cookies are set when you are not logged in to X but visit a website with built-in X functions. Please consider this list as an example. We cannot guarantee that it is complete, as the choice of cookies always changes and depends on your individual actions with the X content.
These cookies were used in our test:
Name: personalization_id
Value: “v1_cSJIsogU51SeE322861602”
Purpose: This cookie stores information about how you use the website and which advertisements may have brought you to X.
Expiry date: after 2 years
Name: lang
Value: de
Purpose: This cookie stores your default or preferred language.
Expiry date: after the end of the session
Name: guest_id
Value: 322861602v1%3A157132626
Purpose: This cookie is set to identify you as a guest.
Expiry date: after 2 years
Name: fm
Value: 0
Purpose: Unfortunately, we were unable to find out the purpose of this cookie.
Expiry date: after the end of the session
Name: external_referer
Value: 3228616022beTA0sf5lkMrlGt
Purpose: This cookie collects anonymous data, such as how often you visit X and how long you visit X.
Expiry date: After 6 days
Name: eu_cn
Value: 1
Purpose: This cookie stores user activity and is used for various advertising purposes by X.
Expiry date: After one year
Name: ct0
Value: c1179f07163a365d2ed7aad84c99d966
Purpose: Unfortunately, we have not found any information about this cookie.
Expiry date: after 6 hours
Name: _twitter_sess
Value: 53D%253D–dd0248322861602-
Use: This cookie allows you to use functions within the X website.
Expiry date: after the end of the session
Note: X also works with third-party providers. That is why we also recognized the three Google Analytics cookies _ga, _gat, _gid in our test.
X uses the data collected to better understand user behavior and thus improve its own services and advertising offers, and the data also serves internal security measures.
How long and where is the data stored?
If X collects data from other websites, it will be deleted, aggregated or otherwise obscured after a maximum of 30 days. The X servers are located in various server centers in the United States. It can therefore be assumed that the data collected is collected and stored in America. According to our research, we were unable to determine whether X also has its own servers in Europe. In principle, X can store the data collected until it is no longer useful to the company, you delete the data or a legal deletion period exists.
How can I delete my data or prevent it from being stored?
X repeatedly emphasizes in its privacy policy that it does not store data from external website visits if you or your browser are located in the European Economic Area or Switzerland. However, if you interact with X directly, X will of course also store data about you.
If you have an X account, you can manage your data by clicking on “More” under the “Profile” button. Then click on “Settings and Privacy”. Here you can manage the data processing individually.
If you do not have an X account, you can go to twitter.com and then click on “Individualization”. Under the item “Individualization and Data” you can manage your collected data.
Most data is stored via cookies, as mentioned above, and you can manage, deactivate or delete these in your browser. Please note that you can only “edit” the cookies in the browser you have chosen. This means that if you use a different browser in the future, you will have to manage your cookies again according to your preferences. Under the “Cookies” section, you will find the corresponding links to the respective instructions for the most popular browsers.
You can also set your browser to inform you about each individual cookie. This way, you can always decide individually whether or not to accept a cookie.
X also uses the data for personalized advertising both within and outside of X. You can disable personalized advertising in the settings under “Individualization and Data”. If you use X on a browser, you can disable personalized advertising at https://optout.aboutads.info/?c=2&lang=EN.
Legal basis
If you have consented to the processing and storage of your data by integrated social media elements, this consent shall be deemed to be the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in communicating quickly and effectively with you or other customers and business partners. However, we only use the integrated social media elements if you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our data protection text about cookies carefully and view the data protection declaration or cookie guidelines of the respective service provider.
X also processes your data in the USA, among other places.
We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can entail various risks for the legality and security of data processing.
As a basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, and thus in particular in the USA) or for data transfer to such countries, X uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also meets European data protection standards when it is transferred to and stored in third countries (such as the USA). Through these clauses, X undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
You can find more information about the standard contractual clauses at X at https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
We hope that we have given you a basic overview of the data processing by X. We do not receive any data from X and are not responsible for what X does with your data. If you have any further questions on this topic, we recommend that you read X’s privacy policy at https://twitter.com/de/privacy.
Partner programs Introduction
What are partner programs?
We use partner programs from various providers on our website. By using a partner program, data from you can be transferred, stored and processed by the respective partner program provider. In this data protection text, we provide you with a general overview of data processing by partner programs and show you how you can prevent or revoke a data transfer. Each partner program (also called an affiliate program) is based on the principle of a commission. A link or an advertisement with a link is placed on our website and if you are interested in it and click on it and purchase a product or service in this way, we receive a commission (advertising cost reimbursement)
Why do we use partner programs on our website?
Our aim is to provide you with a pleasant time with lots of helpful content. To achieve this, we put a lot of work and time into developing our website. With the help of partner programs, we have the opportunity to be rewarded a little for our work. Of course, every partner link is always related to our topic and shows offers that might interest you.
What data is processed?
In order to be able to track whether you have clicked on a link that we have placed, the partner program provider needs to know that it was you who followed the link via our website. This means that the partner program links that are used must be correctly assigned to the following actions (business transaction, purchase, conversion, impression, etc.). Only then can the commissions be settled.
In order for this assignment to work, a value can be attached to a link (in the URL) or information can be stored in cookies. This information includes the page you came from (referrer), when you clicked on the link, an identifier for our website, the offer in question and a user identifier.
This means that as soon as you interact with the products and services of a partner program, this provider also collects data from you. Exactly which data is stored depends on the individual providers. For example, the Amazon partner program distinguishes between active and automatic information. Active information includes name, e-mail address, telephone number, age, payment information or location information. In this case, automatically stored information includes user behavior, IP address, device information and the URL.
Duration of data processing
We will inform you below about the duration of data processing, provided that we have further information on this. In general, personal data is only processed for as long as it is necessary to provide the services and products. Data stored in cookies is stored for different lengths of time. Some cookies are deleted as soon as you leave the website, while others may be stored in your browser for several years, provided that they are not actively deleted. The exact duration of data processing depends on the provider used. In most cases, you should expect a storage period of several years. The respective data protection declarations of the individual providers usually provide you with detailed information on the duration of data processing.
Right of objection
You always have the right to access, correct and delete your personal data. If you have any questions, you can also contact the responsible person at the partner program provider at any time. You can find contact details either in our specific data protection declaration or on the website of the corresponding provider.
You can delete, deactivate or manage cookies that providers use for their functions in your browser. Depending on which browser you use, this works in different ways.
Legal basis
If you have consented to the use of partner programs, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when it is collected by a partner program.
We also have a legitimate interest in using a partner program to optimize our online service and our marketing measures. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). However, we only use the partner program if you have given your consent.
Information on specific partner programs can be found in the following sections, if available.
Cookie Consent Management Platform Introduction
What is a cookie consent management platform?
We use a consent management platform (CMP) software on our website that makes it easier for us and you to handle the scripts and cookies used correctly and securely. The software automatically creates a cookie popup, scans and checks all scripts and cookies, offers you the cookie consent required by data protection law and helps us and you to keep track of all cookies. Most cookie consent management tools identify and categorize all existing cookies. You, as a website visitor, then decide for yourself whether and which scripts and cookies you want to allow or not.
Why do we use a cookie management tool?
Our goal is to offer you the best possible transparency in the area of data protection. We are also legally obliged to do so. We want to inform you as best we can about all the tools and all the cookies that can store and process your data. It is also your right to decide for yourself which cookies you accept and which you do not. In order to grant you this right, we first need to know exactly which cookies have landed on our website. Thanks to a cookie management tool that regularly scans the website for all existing cookies, we know about all cookies and can provide you with information about them in accordance with the GDPR. You can then accept or reject cookies via the consent system.
What data is processed?
Our cookie management tool allows you to manage each individual cookie yourself and gives you complete control over the storage and processing of your data. Your declaration of consent is stored so that we do not have to ask you for it every time you visit our website and so that we can also prove your consent if required by law. This is stored either in an opt-in cookie or on a server. The storage period for your cookie consent varies depending on the provider of the cookie management tool. In most cases, this data (such as pseudonymous user ID, consent date, details on cookie categories or tools, browser, device information) is stored for up to two years.
Duration of data processing
We will inform you about the duration of data processing below, provided that we have further information. In general, we only process personal data for as long as it is absolutely necessary to provide our services and products. Data stored in cookies is stored for different lengths of time. Some cookies are deleted as soon as you leave the website, while others may be stored in your browser for several years. The exact duration of data processing depends on the tool used, but you should generally expect data to be stored for several years. The respective data protection declarations of the individual providers usually provide detailed information on the duration of data processing.
Right of objection
You also have the right and the option to revoke your consent to the use of cookies at any time. This can be done either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.
Information on specific cookie management tools, if available, can be found in the following sections.
Legal basis
If you consent to cookies, your personal data will be processed and stored via these cookies. If we are allowed to use cookies with your consent (Article 6 (1) (a) GDPR), this consent is also the legal basis for the use of cookies and the processing of your data. A cookie consent management platform software is used to manage your consent to cookies and to enable you to give your consent. The use of this software enables us to operate the website in an efficient and legally compliant manner, which constitutes a legitimate interest (Article 6 (1) (f) GDPR).
Webdesign Introduction
What is web design?
We use a variety of tools on our website to help us with our web design. As is often assumed, web design is not just about making our website look pretty, but also about functionality and performance. But of course, the right look for a website is also one of the main goals of professional web design. Web design is a sub-area of media design and deals with the visual, structural and functional design of a website.
The aim is to improve your experience on our website with the help of web design. In web design jargon, this is referred to as user experience (UX) and usability. User experience refers to all the impressions and experiences that a website visitor has on a website. A sub-category of user experience is usability. This is about the user-friendliness of a website.
The main focus here is on ensuring that content, subpages and products are clearly structured and that you can find what you are looking for quickly and easily. In order to offer you the best possible experience on our website, we also use so-called web design tools from third-party providers. In this data protection declaration, the category “web design” therefore includes all services that improve the design of our website. These may include fonts, various plugins or other integrated web design functions.
Why do we use web design tools?
The way you absorb information from a website depends very much on the structure, functionality and visual perception of the website. That is why good and professional web design has become increasingly important for us. We are constantly working to improve our website and see this as an extended service for you as a website visitor. Furthermore, a beautiful and functional website also has economic advantages for us. After all, you will only visit us and take advantage of our offers if you feel completely comfortable.
What data is stored by web design tools?
When you visit our website, web design elements may be integrated into our pages that can also process data. Exactly which data is involved depends, of course, on the tools used. Below you can see exactly which tools we use for our website. We also recommend that you read the data protection declaration of the tools used for more information about data processing. In most cases, you will find out which data is processed, whether cookies are used and how long the data is stored. For example, fonts such as Google Fonts automatically transfer information such as language settings, IP address, browser version, browser screen resolution and browser name to Google servers.
Duration of data processing
The duration of data processing is highly individual and depends on the web design elements used. For example, if cookies are used, the retention period can be as short as one minute or as long as a few years. Please familiarize yourself with this. To do so, we recommend that you read our general text section on cookies and the data protection declarations of the tools used. These will usually tell you exactly which cookies are used and what information is stored in them. Google font files, for example, are stored for one year. This is to improve the loading time of a website. In principle, data is only stored for as long as it is necessary to provide the service. In the case of legal requirements, data may also be stored for longer.
Right of objection
You also have the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This can be done either via our cookie management tool or via other opt-out functions. You can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. However, some data (usually fonts) cannot be deleted as easily. This is the case when data is automatically collected and transmitted to a third party (such as Google) when a page is accessed. In this case, please contact the support team of the respective provider. In the case of Google, you can contact the support team at https://support.google.com/?hl=de.
Legal basis
If you have consented to the use of web design tools, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when it is collected by web design tools. We also have a legitimate interest in improving the web design on our website. After all, we can only provide you with a beautiful and professional website. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). However, we only use web design tools if you have given your consent. We would like to emphasize this again here.
Information on specific web design tools can be found in the following sections, if available.
Closing words
Congratulations!
If you are reading these lines, you have really “fought” your way through our entire data protection declaration or at least scrolled down to this point. As you can see from the length of our data protection declaration, we take the protection of your personal data very seriously.
It is important to us to inform you to the best of our knowledge and belief about the processing of personal data. However, we do not only want to tell you which data is processed, but also to explain the reasons for using various software programs. As a rule, data protection declarations sound very technical and legal. However, since most of you are not web developers or lawyers, we also wanted to take a different approach linguistically and explain the facts in simple and clear language. Of course, this is not always possible due to the nature of the subject matter. Therefore, the most important terms are explained in more detail at the end of the data protection declaration.
If you have any questions about data protection on our website, please do not hesitate to contact us or the responsible body. We hope you have a pleasant time and hope to see you again soon on our website.
All texts are protected by copyright.
Source: Created with the data protection generator from AdSimple