Data protection declaration - Peter Laupenmühlen

1. Introduction

With this information we inform visitors and users of the website about the type, scope and purpose of the processing of personal data when visiting the website or using the services provided on it. We also inform about the rights that the data subject (the person concerned, website visitor) is entitled to as a result of data processing.

It is possible to visit the Internet pages without personal data being collected. However, for the use of some services offered on the website, it may be necessary to process personal data. The processing is carried out either on the basis of a legal permission standard, or, in the event that a legal permission standard does not exist, on the basis of a consent that has been obtained from the data subject beforehand.

2. Definitions

This information and explanations are based on the terms of the German General Data Protection Regulation law (DSGVO):

2.1 Personal Information

Personal data is all information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). Considered to be identifiable is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

2.2 Processing

Processing means any operation or set of operations which is carried out with or without the aid of automated processes and which relates to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparing or connection, qualification, erasure or destruction.

2.3 Restriction of processing

The limitation of processing is the marking of stored personal data with the aim of limiting its future processing.

2.4 Profiling

Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or movement of that natural person.

2.5 Pseudonymisation

Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not attributed to an identified or identifiable natural person.

2.6 Controller or data controller (person responsible for the processing)

The person responsible or person responsible for the processing, also known as the controller or data controller, is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are laid down by European Union law or by the law of the Member States, the controller or controllers may be designated in accordance with European Union law or with the law of the Member States on the basis of certain criteria.

2.7 Processors

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

2.8 Recipients

The recipient is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the context of a specific investigation mandate under European Union law or the law of the Member States shall not be considered as recipients.

2.9 Third parties

A third party means any natural or legal person, public authority, agency or body other than the visitor to the website, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.

2.10 Consent

Consent shall mean any voluntary and informed and unequivocal expression of intention, in the particular case, in the form of a statement or other unequivocal affirmative act by which the data subject indicates his or her consent to the processing of his or her personal data.

3. Data protection officer

The following office is responsible for data protection:

Peter Laupenmühlen
Kröfteler Straße 15, 61479 Glashütten
peter@laupenmuehlen.de

4. Cookies

So-called cookies are used on the website. Cookies are text files that are stored on the computer system of the person visiting the website.

Many cookies contain a unique identifier that consists of a string of characters that can be used by the system to recognise users. This serves to adapt the Internet offer individually and in a user-friendly way to the respective visitor.

There are different types of cookies. Most cookies are deleted from the hard disk at the end of the browser session (so-called session cookies). Other cookies remain on the computer and make it possible to recognise the computer during the next visit (so-called permanent cookies). These cookies serve, for example, to greet you with your individual user name and, for example, make it unnecessary to re-enter user names and passwords or fill out forms.

If the use of cookies is not desired, the visitor can prevent the use of cookies by preventing the setting and storage of cookies in the settings of their browser. In the settings, you can also delete existing cookies at any time. This is possible in all common Internet browsers.

In the event that the visitor to the website has prevented the setting of cookies in the settings, not all functions of the website may be fully usable under certain circumstances.

Cookies from third parties are generally not used.

5. Collection of data and information

When the website is accessed, general data and information are collected, which are stored in log files on the server.

Data is collected about the type of browser used and the version of the browser, the operating system used to access the website, the website from which the visitor accesses the website, the sub-pages that the visitor accesses, the date and time of access, the IP address, the Internet service provider and other similar data and information used to avert an attack on the IT system.

Under no circumstances will conclusions be drawn about the visitor. Rather, the information is needed so that the contents of the website can be displayed correctly. The data is also collected in order to make available, in the event of a cyber-attack, the information required for prosecution by the competent law enforcement authorities.

In any event, the data will be collected anonymously and stored separately from other personal data, which may be collected elsewhere in compliance with statutory data protection requirements.

6. Possibility to register

The website may allow visitors and users to register.

The type, scope and content of the data collected in the process are determined by the input mask. In any event, the collected data will be collected and stored exclusively for our own purposes in order to be able to carry out processing operations that the visitor initiates.

During registration, the IP address, date and time of registration are stored. This is done in order to prevent misuse of the services provided and, if necessary, to investigate possible criminal offences. The data will not be passed on to third parties. A passing on takes place only if a legal obligation to the passing on exists or the passing on serves a criminal prosecution.

Insofar as information can be provided voluntarily during registration, it will only be used for the purpose of offering visitors to the site content or services that can only be offered to registered users. The data collected during registration can be changed or completed at any time. The data can also be deleted at any time.

Registered users have the right at any time to send a request to the operator of the website to obtain information about what data about them is stored. Registered users also have the right to request the correction or deletion of their data at any time. In the event that the data must be stored due to legal regulations, the data will be blocked until the end of the storage obligation, so that data processing can no longer take place and the data can only be processed for the purpose for which the storage obligation exists.

7. Newsletter

Insofar as it is possible to subscribe to a newsletter on the website, personal data is collected. The type, content and scope of the data are determined by the relevant registration form.

In order to avoid the use of external data during registration, a confirmation email is first sent to the email address provided, containing a link with which the recipient confirms registration to receive the newsletter. This will send us a message that the newsletter subscription has been confirmed. Only then will newsletter messages be sent to the registered email address.

When registering for the newsletter, the IP address and the date and time of registration are stored. The elicitation therefore serves both to prevent misuse and to provide legal protection.

The personal data collected during registration for the newsletter will be used exclusively for sending newsletters.

The data will not be passed on to third parties. The subscription to the newsletter can be cancelled at any time. Each newsletter contains a link for this purpose, with which the revocation of the registration is transmitted to our system.

8. Contact via the website

Due to legal regulations, the website contains information that enables rapid electronic contact or direct communication with the operator of the website.

In the event of contact being established, e.g. by email or via a contact form, the personal data transmitted will be automatically stored.

In any event, the data will only be processed for the purpose resulting from the establishment of contact and will not be passed on to third parties unless the transfer is necessary for the processing of the establishment of contact.

9. Comment functions

If there is the possibility to leave individual comments on the website, the comment itself, as well as the time of the comment entry and the pseudonym chosen by the user will be saved and published. The IP address is also logged.

The data is stored for security reasons and in the event that the comment violates the rights of third parties or unlawful content is published. A passing on to third parties does not take place in principle, unless the passing on is legally prescribed or necessary for legal defence.

10. Routine deletion and blocking of personal data

Personal data will only be stored for the period of time necessary for the respective purpose of processing or due to legal requirements.

After the purpose has been achieved or the statutory retention period has expired, the personal data will be deleted routinely and in accordance with the statutory provisions. If the intended purpose of the processing has been achieved, but the data may not yet be deleted due to legal requirements, the data will be blocked.

11. Legal basis of the processing

11.1

Data processing is based on Art. 6 para. 1. DSGVO, the German GDPR law. Thereafter, data processing shall be permitted if such processing

takes place with the consent of the person concerned;
is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures;
is necessary to fulfil a legal obligation;
is necessary to protect the vital interests of the visitor to the website or any other natural person;
is necessary to safeguard the legitimate interests of the person responsible or of a third party, unless the interests or fundamental rights and freedoms of the visitor to the website which require the protection of personal data prevail, in particular where the person concerned is a child.

11.2

Insofar as data processing cannot be based on any other legal basis thereafter, data processing shall in principle only take place with the consent of the data subject, which shall be obtained and documented by the data subject prior to the commencement of processing.

11.3

If the data processing is based on a legitimate interest, it is necessary to weigh the interests of the data subject before starting the processing, which can nevertheless exclude data processing, even if the data processing appears appropriate for business purposes. In this case, expediency is not generally sufficient. What is required is that significant interests of the company, its employees or shareholders are directly affected by the data processing.

12. Right of access and rectification

Persons whose data is processed have a legal claim to information, correction and deletion of their data. The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

In the event of a request for information, the following information shall be provided:

processing purposes;
categories of personal data processed;
recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
the existence of a right to the rectification or erasure of personal data concerning him or her or to the limitation of the processing by the controller or of a right to object to such processing;
existence of a right of appeal to a supervisory authority;
if the personal data is not collected from the data subject; All available information about the origin of the data;
Existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) of the DSGVO (the German GDPR law) and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject; transfer of data to a third country or to an international organisation and on the appropriate safeguards in relation to the transfer.

In the event of a request for rectification, incorrect data must be rectified or completed.

13. Right to deletion

In the event of a request for deletion, the relevant personal data must be deleted immediately,

if the personal data has been collected or otherwise processed for purposes for which they are no longer needed;
the data was collected exclusively on the basis of the consent of the data subject, which the data subject has revoked;
the data subject objects to the processing pursuant to Art. 21 DSGVO (the German GDPR law) and in the event of revocation pursuant to Art. 21 para. 1 DSGVO (the German GDPR law) there are no overriding legitimate reasons for the processing;
the personal data has been processed unlawfully;
the deletion is required by law.

In the event that the data to be deleted has been made public, appropriate measures will be taken pursuant to Art. 17 para. 1 DSGVO (the German GDPR law), taking into account the available technology and implementation costs, to inform third parties processing the published personal data of the request for deletion.

14. Right to limitation of processing

The data subject has a statutory right to demand the restriction of the processing of their data if they dispute the accuracy of the personal data or has lodged an objection pursuant to Art. 21 (1) DSGVO (the German GDPR law). In such a case, the processing shall be limited for such time as is necessary to verify the accuracy of the personal data or to establish whether there are reasons for the processing outweighing the interest of the data subject. If the processing is subsequently unlawful and the data subject refuses to have their data erased, they may instead request that the processing of their data be restricted.

The processing of the data must also be limited if it is no longer needed for the purpose for which it was collected, but are still required for the assertion, exercise or defence of legal claims.

The aforementioned rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

15. Right to data transferability

Persons whose data is processed have a legal right to the data being transferred in a structured, common and machine-readable format or being transferred to a third party without hindrance, if the processing is based on the consent pursuant to Art. 6 para. 1 letter a DSGVO (the German GDPR law) or Art. 9 para. 2 letter a DSGVO (the German GDPR law) or on a contract pursuant to Art. 6 para. 1 letter b DSGVO (the German GDPR law) and the processing is carried out by means of automated procedures, provided that the processing is not necessary for the performance of a task which is in the public interest or which is carried out in the exercise of official authority assigned to the data controller.

The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

16. Right to object

Affected parties have a legal right to object to data processing at any time.

In the event of an objection, the data will no longer be processed unless there are demonstrable compelling reasons worthy of protection for the continuation of the data processing, which outweigh the interests, rights and freedoms of the visitor to the website, or the processing serves the assertion, exercise or defence of legal claims.

In the event of an objection to processing for advertising purposes, the objection shall in principle take precedence. The data will then no longer be used for advertising purposes.

The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

17. Automated decisions in individual cases, including profiling

Data subjects have a statutory right that a decision affecting them which has legal effect is not taken exclusively on the basis of automated processing or in a similar manner that significantly affects them. This shall not apply to decisions which are necessary for the conclusion or performance of a contract with the data subject or which are permitted by law and which contain appropriate measures to safeguard the rights and freedoms, as well as the legitimate interests of the visitor to the website or which are taken with the express consent of the visitor to the website.

Where the decision is necessary for the conclusion or performance of a contract or where the automated decision is taken with the express consent of the data subject, appropriate measures shall be taken to safeguard the rights and freedoms and legitimate interests of the visitor to the website, such as measures whereby the data subject may intervene in the procedure and present his or her views.

If the data subject wishes to exercise rights relating to automated decisions, he or she may at any time contact our data protection officer or another employee of the data controller for this purpose.

The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

An automated decision in individual cases and profiling does not take place in the present case despite this.

18. Right to revoke consent under data protection law

Affected parties can revoke their consent to data processing at any time.

The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

19. Use of analysis tools and other services

The website may contain components from various third-party companies which can be used to collect and analyse information on visitors to the website and their surfing behaviour, in some cases in real-time. Interactions are statistically recorded and processed in order to gain an overview of the online activities of visitors and users of the website.

The components are third-party software components. If such components are used, the type, content and scope, as well as the purpose of the data processing are explained and pointed out below.

The components use different types of cookies. These are also explained below. As already described above under clause XXX Æ XXX, you can prevent cookies from being set in the settings in the Internet browser. This prevents the collection of personal data by the components used.

In addition, provider companies frequently provide an opportunity to centrally object to the collection of data by their components. To the extent possible, this is also explained below.

19.1 Adobe Analytics (Omniture) / Adobe Marketing Cloud

The operating company is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. Adobe’s current Privacy Policy can be found at http://www.adobe.com/de/privacy.html

Omniture is a web analysis service. Omniture places a cookie on the user’s system where the user’s IP address is stored for geolocalisation and range measurement. The purpose is to evaluate the user behaviour of visitors and users of the website, to generate reports about user activities and to provide other services in connection with the use of our website.

The data will be anonymised before transmission to Adobe by replacing the last digits of the IP addresses. This way, assignment is no longer possible.

In addition to the possibility of preventing the setting of cookies in the settings of the Internet browser, it is also possible to object to the collection of data generated by the Adobe cookie and relating to the use of this website and to the processing of this data by Adobe and to prevent such collection. To do this, the person concerned must press the unsubscribe button under the link http://www.adobe.com/de/privacy/opt-out.html, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the user’s system. If the cookies on the visitor’s system are deleted after an objection, the person concerned must open the link again and set a new opt-out cookie.

With the setting of the opt-out cookie, however, there is the possibility that the Internet pages are no longer fully usable.

19.2 Privacy policy for use and application of affilinet

The operating company of Affilinet is affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany. Affilinet’s current data protection regulations can be found at https://www.affili.net/de/footeritem/datenschutz .

Affiliate marketing is an Internet-supported sales form in which advertising providers (advertisers) and providers of advertising space (publishers) on the Internet can enter into advertising partnerships via the network organised by the provider. Advertising media are displayed on the pages of the publishers.

Affilinet places a cookie on the system of the visitor of the site. Affilinet’s tracking cookie does not store any personal data. Only the affiliate’s identification number, as well as the visitor’s order number of a website and the clicked advertising medium are stored. The purpose of storing this data is to process commission payments which are processed via the affiliate network.

19.3 Privacy policy on the use and application of Facebook

The operating company of Facebook is Facebook, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the data controller for processing personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Facebook’s published data policy, which is available at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains which settings Facebook offers to protect the privacy of visitors to the website. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.

By opening the Internet page on which a Facebook component (Facebook plug-in) has been integrated, a representation of the corresponding Facebook component is downloaded. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook is informed about which subpages are visited.

If the data subject clicks one of the Facebook buttons integrated into our website, such as the “Like” button, or if the data subject makes a comment, Facebook assigns this information to the personal Facebook user account of the visitor to the website and stores this personal data.

The service also receives information about the visit to the website at the same time whenever the visitor is logged in to the website. This applies regardless of whether the button is clicked or not. To prevent this, the user must log out of the account during this time.

19.4 Google AdSense Privacy Policy – How we use Google AdSense

The operating company of the Google AdSense component is Alphabet Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Google AdSense is explained in more detail via this link https://www.google.de/intl/de/adsense/start/.

Google AdSense is an online service that enables the placement of advertisements on third-party sites. Google AdSense is based on an algorithm that selects the advertisements displayed on third party sites according to the content of the respective third-party site. Google AdSense allows an interest-related targeting of the Internet user, which is implemented by generating individual user profiles.

The purpose of the Google AdSense component is to include advertisements on the website. Google AdSense places a cookie on the website visitor’s system, which enables Alphabet Inc. to analyse website usage. When the website is accessed, data is transmitted to Alphabet Inc. for the purpose of online advertising and the billing of commissions. Alphabet Inc. obtains knowledge of personal data, such as the IP address of the visitor to the website, which Alphabet Inc. uses, among other things, to track the origin of visitors and clicks and subsequently enable commission invoices to be made.

Google AdSense also uses so-called tracking pixels. A counting pixel is a miniature graphic embedded in web pages to enable log file recording and analysis, which can be used for statistical analysis. Using the embedded pixel-code, Alphabet Inc. can detect if and when a website was opened by an affected person and which links were clicked by the visitor of the website. Pixels serve, among other things, to evaluate the visitor flow of a website.

Through Google AdSense, personal data and information, including IP address and that necessary for the collection and billing of advertisements displayed, is transferred to Alphabet Inc. in the United States of America. This personal data is stored and processed in the United States of America. Alphabet Inc. may share this personal information collected through the technical process with third parties.

19.5 Privacy policy for the use of Google Analytics (with anonymisation function)

The operating company of the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Further information and Google’s applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html Google Analytics is explained in more detail under this link https://www.google.com/intl/de_en/analytics/.

Google Analytics is a web analytics service. Web analysis is the collection, collection and evaluation of data about the behaviour of visitors to Internet sites. A web analysis service collects data on, among other things, from which website a person concerned has accessed a website (so-called referrers), which subpages of the website have been accessed or how often and for how long a subpage has been viewed. A web analysis is mainly used for the optimisation of a website and for the cost-benefit analysis of Internet advertising.

The IP address of the Internet connection of the visitor to the website is abbreviated and anonymised by Google if the Internet pages are accessed from a Member State of the European Union or from another Contracting State to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website and to provide other services in connection with the use of our website.

Google Analytics places a cookie on the website visitor’s system to help the website analyse how users use the site. When the website is accessed, data is transmitted to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the visitor to the website, which Google uses, among other things, to track the origin of visitors and clicks and subsequently to enable commission invoices.

The cookie is used to store personal information, such as the access time, the location from which an access originated and the frequency of visits to our website by the person concerned. Each time you visit the website, this personal data, including the IP address of the Internet connection used by the visitor to the website, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal information collected through the technical process with third parties.

In addition to the options described above for preventing the use of cookies, visitors to the website also have the option of opposing the collection of data generated by Google Analytics and relating to the use of this website and the processing of this data by Google, and of preventing such data from being collected. For this purpose, the person concerned must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout. This browser add-on tells Google Analytics via JavaScript that no data and information about visits to Internet pages may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as an objection.

19.6 Privacy Policy on the use and application of Google Re-Marketing

The operating company of Google Re-Marketing services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. For more information and to review Google’s current privacy policy, please visit https://www.google.de/intl/de/policies/privacy/

Google Re-Marketing is a Google AdWords feature that enables a company to display ads to Internet users who have previously been on the company’s website. The integration of Google Re-Marketing therefore allows a company to create user-related advertisements and consequently to display advertisements of interest to the Internet user.

The purpose of Google Re-Marketing is the display of interest-relevant advertising. Google Re-Marketing enables advertisements to be displayed via the Google advertising network or on other websites that are tailored to the individual needs and interests of Internet users.

Google Re-Marketing places a cookie on the website visitor’s system in order to recognise the website visitor when he or she subsequently visits websites that are also members of the Google advertising network. Each time a website is accessed on which the Google Re-Marketing service has been integrated, the Internet browser of the visitor to the website automatically identifies itself to Google. As part of this technical process, Google obtains knowledge of personal data, such as the IP address or the surfing behaviour of the user, which Google uses, among other things, to display advertisements relevant to the interests of the user.

The cookie is used to store personal information, such as the Internet pages visited by the person concerned. Accordingly, each time you visit the website, personal data, including the IP address of the Internet connection used by the visitor to the website, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal information collected through the technical process with third parties.

In addition to the options described above for preventing the use of cookies, visitors to the website also have the option of opting out of interest-related advertising by Google. To do this, the person concerned must access the link www.google.de/settings/ads from any of the Internet browsers they use and make the desired settings there.

19.7 Privacy policy on the use and application of Google+

Google+ is operated by Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. For more information and to review Google’s current privacy policy, please visit https://www.google.de/intl/de/policies/privacy/ Further information from Google on the Google+1 button can be found at https://developers.google.com/+/web/buttons-policy.

When the website is opened, a display of the Google+ button is downloaded. Google will be informed about which pages are visited. More detailed information on Google+ is available at https://developers.google.com/+/.

If the visitor to the website activates one of the Google+ buttons integrated on our website and thereby makes a Google+1 recommendation, Google assigns this information to the personal Google+ user account of the visitor of the website and saves this personal data. Google stores the Google+1 recommendation and makes it publicly available. A Google+1 recommendation is subsequently stored in other Google services and processed together with other personal data, such as the name of the user of the Google+1 account and the photo stored in this account, the search engine results of the Google search engine, the Google account of the visitor to the website or in other places, such as on Internet pages or in connection with advertisements. Google is also able to connect a visit to this website with other personal data stored by Google. Google also records this personal information for the purpose of improving or optimising Google’s various services.

19.8 Privacy policy for the use of Google AdWords

The company operating the Google AdWords services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. For more information and to review Google’s current privacy policy, please visit https://www.google.de/intl/de/policies/privacy/

Google AdWords is an Internet advertising service that allows advertisers to serve ads both in Google’s search engine results and on the Google advertising network. Google AdWords allows an advertiser to pre-define keywords that will be used to display an ad in Google’s search engine results only when the user uses the search engine to retrieve a keyword relevant search result. In the Google advertising network, the ads are distributed to relevant Internet sites using an automatic algorithm and in accordance with the keywords defined beforehand.

The purpose of Google AdWords is to promote the website by displaying advertisements of interest on the websites of third parties and in the search results of the Google search engine and by displaying third-party advertisements on our website.

If a visitor reaches the website via a Google advertisement, a so-called conversion cookie is stored on his system. A conversion cookie loses its validity after thirty days and does not serve to identify the visitor to the website. If the cookie has not yet expired, the conversion cookie is used to track whether certain subpages, such as the shopping cart from an online shop system, have been accessed on the website, to see whether the visitor has completed or cancelled the purchase.

The data and information collected through the use of the conversion cookie is used by Google to compile visit statistics for the website, to determine the success or failure of the respective AdWords ad and to optimise our AdWords ads for the future. An identification of the visitor on their part is thereby not possible.

The conversion cookie is used to transfer personal data, including the IP address of the Internet connection used, to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal information collected through the technical process with third parties.

19.9 Privacy policy for the use and application of Instagram

The operating company of Instagram’s services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA. Instagram’s current privacy policy is available at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/

Instagram is a service that allows users to share photos and videos and share them on other social networks.

When the Internet page is opened on which an Instagram component (Insta-button) is integrated, a representation of the corresponding component is downloaded from Instagram. Instagram will know which subpage of the website has been visited.

If the user presses one of the integrated Instagram buttons, the transferred data and information is assigned to the personal Instagram user account of the visitor of the website and stored and processed by Instagram.

19.10 Privacy policy for the use of LinkedIn

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. The office responsible for privacy matters outside the United States is LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn’s current privacy policy can be found at https://www.linkedin.com/legal/privacy-policy. LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy. LinkedIn is an internet-based social network for business contacts.

When you visit the website that contains the LinkedIn plug-in, the browser downloads a display of the LinkedIn component. LinkedIn will thereby know which pages are visited.

If the user presses one of the integrated buttons, the transferred data and information will be assigned to the personal LinkedIn user account of the visitor of the website and stored and processed by LinkedIn.

LinkedIn also receives information about the visit of the website if the visitor is logged in to LinkedIn at the same time. This applies regardless of whether the button is clicked or not. To prevent this, the user must log out of the account during this time.

At https://www.linkedin.com/psettings/guest-controls LinkedIn provides an additional way to unsubscribe from email messages, SMS messages, ads, and manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, who may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal/cookie-policy.

19.11 Privacy policy on the use and application of Twitter

The operating company of Twitter is Twitter, Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The current Twitter privacy policy can be found at https://twitter.com/privacy?lang=en.

Twitter is a publicly accessible microblogging service for publishing short messages that can then be accessed by anyone. The short messages can be indexed and comments can be made on the messages via so-called hashtags, links or re-tweets.

When you visit the website that contains the Twitter plug-in, the browser downloads a display of the Twitter component. In this way, Twitter will know which pages are visited.

If the user presses one of the integrated buttons, the transferred data and information are assigned to the personal Twitter user account of the visitor to the website and stored and processed by Twitter.

Twitter also receives information about the visit of the website if the visitor is logged in to LinkedIn at the same time. This applies regardless of whether the button is clicked or not. To prevent this, the user must log out of the account during this time.

19.12 Privacy policy on the use and application of Xing

Xing’s operating company is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. The data protection regulations published by Xing, which can be accessed at https://www.xing.com/privacy, provide information about the collection, processing and use of personal data by Xing. Xing has also published a privacy statement for the XING share button at https://www.xing.com/app/share?op=data_protection.

Xing is an Internet-based social network for business contacts.

When visiting the website containing the Xing plug-in, the browser downloads a Twitter component display. In this way, Xing obtains information about which pages are visited.

If the user presses one of the integrated buttons, the transferred data and information are assigned to the personal Xing user account of the visitor to the website and stored and processed by Xing.

Xing also receives information about the visit of the website if the visitor is logged in to LinkedIn Xing at the same time. This applies regardless of whether the button is clicked or not. To prevent this, the user must log out of the account during this time.

19.12 Privacy policy on the use and application of YouTube

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The data protection regulations published by YouTube, which are available at https://www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.

YouTube is an Internet video portal that allows registered users to publish video clips.

When visiting the website containing the YouTube plug-in, the browser downloads a Twitter component display. In this way, YouTube will know which pages are visited.

If the user presses one of the integrated buttons, the transferred data and information are assigned to the personal YouTube user account of the visitor of the website and stored and processed by YouTube.

YouTube also receives information about the visit of the website if the visitor is logged in to YouTube at the same time. This applies regardless of whether the button is clicked or not. To prevent this, the user must log out of the account during this time.

19.13 Using Google Web Fonts

Google Web Fonts services are operated by Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. For more information and to review Google’s current privacy policy, please visit https://www.google.de/intl/de/policies/privacy/

Google Web Fonts is a service that allows fonts to be integrated into a web page. When you visit the website where Google Web Fonts is integrated, the browser downloads the font. In this way, Google Web Fonts obtains information about which pages are visited.

Payment methods

On the website, components from different third-party companies can be used to enable the payment of fees, e.g. on account or in instalments. In addition, services that serve to protect the buyer can be made use of. They may also include services to verify the identity or creditworthiness of the data subject. On the one hand, the use of these components serves the interest of the parties concerned in facilitating the fulfilment of payment obligations. On the other hand, this serves the company’s interest in minimizing the risk of bad debt losses.

When selecting the following payment methods, the first and last name, address, date of birth, gender, email address, as well as the details of the relevant legal transaction (e.g. order) and bank details are automatically transmitted to the provider of the payment service. In order to establish the identity and verify the creditworthiness of the person concerned, the provider may forward the data to credit agencies.

The transmission of the data takes place with the consent of the person concerned, as the selection of the method of payment implies his or her consent to the processing of the payment transaction by the provider of the method of payment. This includes in particular the consent to verify the identity and creditworthiness of the data subject.

The person concerned can revoke their consent to the respective provider of the payment method at any time. The revocation does not, however, affect the processing of such data that is required for payment processing.

20.1 Klarna

Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden, is the operating company of the Klarna payment service.

The options “Purchase on account” or “Instalment purchase” are available to the person concerned. In both cases, data is automatically transmitted to Klarna.

Klarna also passes on the personal data to affiliated companies (Klarna Group) and service providers or subcontractors insofar as this is necessary to fulfil contractual obligations or to process the information on behalf of Klarna.

Klarna collects and uses data and information on the previous payment behaviour of the visitor to the website, as well as probability values for their behaviour in the future (so-called scoring) to decide on the establishment, implementation or termination of a contractual relationship. The scoring is calculated on the basis of scientifically recognised mathematical-statistical methods.

Klarna’s current data protection regulations can be found at https://cdn.klarna.com/1.0/shared/content/policy/data/de_en/data_protection.pdf.

20.2 PayPal

The data controller has integrated PayPal components into this website. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which are virtual private or business accounts. In addition, PayPal offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no standard account number. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also acts as a trustee and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If the person concerned selects “PayPal” as the payment option during the ordering process in our online shop, the data of the visitor to the website is automatically transferred to PayPal. By selecting this payment option, the data subject consents to the transmission of personal data necessary for the processing of the payment.

The personal data transmitted to PayPal is usually first name, surname, address, email address, IP address, telephone number, mobile phone number or other data necessary for payment processing. Personal data related to the respective order is also necessary for the processing of the purchase contract.

The purpose of data transmission is to process payments and prevent fraud. The person responsible for the processing will transfer personal data to PayPal in particular if there is a justified interest in the transfer. Personal data exchanged between PayPal and the data controller may be transferred by PayPal to credit reference agencies. The purpose of this transmission is to check identity and creditworthiness.

PayPal may share the personal information with affiliated companies and service providers or subcontractors to the extent necessary to fulfil its contractual obligations or to process the information on behalf of PayPal.

The person concerned has the possibility to revoke their consent to the handling of personal data by PayPal at any time. A revocation does not affect personal data which must be processed, used or transmitted for (contractual) payment processing.

PayPal’s current privacy policy can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .

20.3 Sofortüberweisung

The operating company of Sofortüberweisung is SOFORT GmbH, Fußbergstraße 1, 82131 Gauting, Germany.

In the case of purchase processing via Sofortüberweisung, the buyer transmits the PIN and the TAN to Sofort GmbH. After a technical check of the account balance and retrieval of further data, the provider of the payment method then makes a transfer to the online merchant to check the account coverage. The execution of the financial transaction is then automatically notified to the online merchant.

The applicable data protection provisions of Sofortüberweisung can be found at https://www.sofort.com/ger-DE/datenschutzerklaerung-sofort-gmbh/ .