We have written this privacy statement (version 15.02.2021-311262514) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what decision-making options you have as a visitor to this website.
Privacy statements usually sound very technical. This version, however, is intended to describe the most important things to you as simply and clearly as possible. As far as possible, technical terms are explained in a reader-friendly way. We also want to convey that we only collect and use information with this website if there is a corresponding legal basis. This is certainly not possible by providing the most concise, technical explanations possible, as is often standard practice on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is one or two pieces of information you did not know.
If you still have questions, we would like to ask you to follow the existing links and look at further information on third party sites, or simply write us an e-mail. You will find our contact details in the imprint.
When you visit websites these days, certain information is automatically created and stored, including on this website. This collected data should be collected as sparingly as possible and only with justification. By website, by the way, we mean the entirety of all web pages on your domain, i.e. everything from the home page (homepage) to the very last subpage (like this one). By domain, we mean, for example, example.de or example.com.
Even while you are visiting our website right now, our web server - that is the computer on which this website is stored - usually automatically saves data for reasons of operational security, for compiling access statistics, etc., such as
Usually these files are stored for a fortnight and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of unlawful behaviour.
In short, your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not pass on your data!
Our website uses HTTP cookies to store user-specific data.
Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default setting. In some browsers each cookie has its own file, in others such as Firefox all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie is to be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programmes and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC.
For example, cookie data may look like this
A browser should support the following minimum sizes:
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
We can distinguish between 4 types of cookies:
Absolutely necessary cookies
These cookies are necessary to ensure basic website functionality. For example, these cookies are needed when a user places a product in the shopping cart, then continues surfing on other pages and later goes to the checkout. These cookies do not delete the shopping cart even if the user closes his browser window.
These cookies collect information about user behaviour and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behaviour of the website with different browsers.
These cookies provide a better user experience. For example, locations entered, font sizes or form data are saved.
These cookies are also called targeting cookies. They are used to provide the user with individually adapted advertising. This can be very practical, but also very annoying.
Usually, when you visit a website for the first time, you are asked which of these types of cookies you would like to allow. And of course, this decision is also stored in a cookie.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. The best thing to do is to search for the instructions in Google using the search term "Delete Cookies Chrome" or "Disable Cookies Chrome" in the case of a Chrome browser or replace the word "Chrome" with the name of your browser, e.g. Edge, Firefox, Safari.
The so-called "Cookie Guidelines" have been in place since 2009. These state that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these directives. In Germany, the Cookie Directives have not been implemented as national law. Instead, this directive was largely implemented in § 15 para.3 of the German Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism". https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
Personal data that you provide to us electronically on this website, such as your name, e-mail address, address or other personal details when submitting a form or commenting on the blog, together with the time and IP address, will only be used by us for the stated purpose, kept secure and not passed on to third parties.
We therefore only use your personal data to communicate with those visitors who expressly request contact and to process the services and products offered on this website. We do not disclose your personal data without your consent, but we cannot rule out the possibility that this data may be accessed in the event of unlawful conduct.
If you send us personal data by e-mail - thus away from this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data by e-mail without encryption.
According to According to Article 6(1)(a) DSGVO (lawfulness of processing), the legal basis is that you give us consent to process the data you have entered. You can revoke this consent at any time - an informal e-mail is sufficient, you will find our contact details in the imprint.
According to the provisions of the GDPR, you are generally entitled to the following rights:
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). Evaluation of visitor behaviour Federal Commissioner for Data Protection and Freedom of Information (BfDI) turn.
In the following data protection declaration, we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is generally anonymous and we cannot draw any conclusions about your person from your behaviour on this website.
You can find out more about how to object to this analysis of your visit data in the following data protection declaration.
TLS, encryption and https sound very technical and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transfer data tap-proof on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured - no one can "listen in".
We have thus introduced an additional layer of security and fulfil data protection by design of technology Article 25(1) DSGVO. By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognise the use of this data transmission protection by the small lock symbol at the top left of the browser to the left of the Internet address (e.g. beispielseite.de) and the use of the https scheme (instead of http) as part of our Internet address. top left of the browser to the left of the internet address (e.g. beispielseite.de) and the use of the https scheme (instead of http) as part of our internet address.
If you want to know more about encryption, we recommend a Google search for "Hypertext Transfer Protocol Secure wiki" to get good links to further information.
We use the analysis tracking tool Google Analytics (GA) of the American company Google Inc. on our website. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, when you click on a link, this action is stored in a cookie and sent to Google Analytics. The reports we receive from Google Analytics help us to better tailor our website and service to your preferences. In the following, we will go into more detail about the tracking tool and, in particular, inform you about what data is stored and how you can prevent this.
Google Analytics is a tracking tool used to analyse traffic to our website. In order for Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions you take on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.
Google processes the data and we receive reports about your user behaviour. These reports may include, but are not limited to, the following:
Our goal with this website is clear: we want to offer you the best possible service. The statistics and data from Google Analytics help us to achieve this goal.
The statistically evaluated data shows us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimise our site so that it is found more easily by interested people on Google. On the other hand, the data helps us to better understand you as a visitor. We thus know exactly what we need to improve on our website in order to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures in a more individual and cost-effective way. After all, it only makes sense to show our products and services to people who are interested in them.
Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognises you as a new user. The next time you visit our site, you will be recognised as a "returning" user. All collected data is stored together with this user ID. This is what makes it possible to evaluate pseudonymous user profiles in the first place.
Your interactions on our website are measured through identifiers such as cookies and app instance IDs. Interactions are all types of actions that you perform on our website. If you also use other Google systems (such as a Google Account), data generated through Google Analytics may be linked to third-party cookies. Google does not share Google Analytics data unless we, as the website operator, authorise it. Exceptions may occur if required by law.
The following cookies are used by Google Analytics:
Purpose: By default, analytics.js uses the cookie _ga to store the user ID. Basically, it is used to distinguish website visitors.
Expiry date: after 2 years
Purpose: The cookie is also used to distinguish website visitors.
Expiry date: after 24 hours
Purpose: Used to lower the request rate. If Google Analytics is provided via Google Tag Manager, this cookie is named _dc_gtm_ .
Expiry date: after 1 minute
Value: not specified
Purpose: The cookie has a token that can be used to retrieve a user ID from the AMP client ID service. Other possible values indicate a logout, a request or an error.
Expiry date: after 30 seconds up to one year.
Purpose: This cookie is used to track your behaviour on the website and measure performance. The cookie is updated every time information is sent to Google Analytics.
Expiry date: after 2 years
Purpose: The cookie is used like _gat_gtag_UA_ to throttle the request rate.
Expiry date: after 10 minutes
Purpose: This cookie is used to determine new sessions. It is updated every time new data or info is sent to Google Analytics.
Expiry date: after 30 minutes
Purpose: This cookie is used to set new sessions for returning visitors. This is a session cookie and is only stored until you close the browser again.
Expiry date: After you close the browser.
Purpose: The cookie is used to identify the source of traffic to our website. This means that the cookie stores from where you came to our website. This may have been another page or an advertisement.
Expiry date: after 6 months
Value: Not specified
Purpose: The cookie is used to store custom user data. It is updated whenever information is sent to Google Analytics.
Expiry date: after 2 years
Note: This list cannot claim to be complete, as Google is always changing its choice of cookies.
Here we show you an overview of the most important data collected with Google Analytics:
Heatmaps: Google creates so-called heatmaps. Heatmaps allow us to see exactly those areas that you click on. This gives us information about where you are "travelling" on our site.
Session duration: Google defines session duration as the time you spend on our site without leaving. If you have been inactive for 20 minutes, the session ends automatically.
Bounce rate: A bounce is when you view only one page on our website and then leave our website again.
Account creation: When you create an account or place an order on our website, Google Analytics collects this data.
IP address: The IP address is only shown in abbreviated form so that no clear attribution is possible.
Location: The IP address can be used to determine the country and your approximate location. This process is also known as IP location determination.
Technical information: Technical information includes your browser type, internet service provider or screen resolution.
Source of origin: Google Analytics, or us, is of course also interested in which website or which advertisements you came to our site from.
Other data include contact details, any ratings, the playing of media (e.g. if you play a video via our site), the sharing of content via social media or the addition to your favourites. This list does not claim to be complete and only serves as a general orientation of the data storage by Google Analytics.
Google has its servers spread all over the world. Most servers are located in America and consequently your data is mostly stored on American servers. You can find out exactly where Google's data centres are located here: https://www.google.com/about/datacenters/inside/locations/?hl=de. https://www.google.com/about/datacenters/inside/locations/?hl=de
Your data is distributed on different physical data carriers. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. In each Google data centre, there are corresponding emergency programmes for your data. If, for example, the hardware at Google fails or natural disasters paralyse servers, the risk of a service interruption at Google still remains low.
Google Analytics has a standard retention period of 26 months for your user data. After this period, your user data will be deleted. However, we have the option of choosing the retention period for user data ourselves. There are five options available to us for this:
Once the specified period has expired, data is deleted once a month. This retention period applies to your data associated with cookies, user recognition and advertising IDs (e.g. DoubleClick domain cookies). Reporting results are based on aggregated data and are stored separately from user data. Aggregated data is a merging of individual data into a larger unit.
If you generally want to deactivate, delete or manage cookies (independently of Google Analytics), there are separate instructions for each browser:
Google Analytics is an active participant in the EU-U.S. Privacy Shield Framework, which governs the accurate and secure transfer of personal data. You can find more information about this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311262514. We hope we have been able to provide you with the most important information about Google Analytics' data processing. If you want to learn more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de. https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311262514. We hope we have been able to provide you with the most important information about the data processing of Google Analytics. If you want to learn more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de.
We embed elements of social media services on our website to display images, videos and text.
When you visit pages that display these elements, data is transmitted from your browser to the respective social media service and stored there. We have no access to this data.
where it is explained how they handle your data
We only want to welcome flesh and blood people to our site. Bots or spam software of any kind can safely stay at home. That's why we pull out all the stops to protect ourselves and offer the best possible user experience for you. For this reason, we use Google reCAPTCHA from Google. This way we can be pretty sure that we remain a "bot-free" website. By using reCAPTCHA, data is transmitted to Google to determine whether you are actually a human being. reCAPTCHA therefore serves the security of our website and, by extension, your security. For example, without reCAPTCHA it could happen that a bot registers as many email addresses as possible during registration in order to "spam" forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
reCAPTCHA collects personal data from users in order to determine whether the actions on our website actually originate from people. This means that the IP address and other data required by Google for the reCAPTCHA service may be sent to Google. IP addresses are almost always shortened beforehand within the member states of the EU or other contracting states to the Agreement on the European Economic Area before the data ends up on a server in the USA. The IP address is not combined with other data from Google unless you are logged in with your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube. Gmail, etc.) are already placed on your browser. Then, reCAPTCHA places an additional cookie on your browser and collects a snapshot of your browser window.
The following list of collected browser and user data does not claim to be exhaustive. Rather, they are examples of data that, to our knowledge, are processed by Google.
It is undisputed that Google uses and analyses this data even before you click on the "I am not a robot" checkbox. With the Invisible reCAPTCHA version, even the ticking is omitted and the whole recognition process runs in the background. Google does not tell you in detail how much and which data it stores.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version: https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:
Purpose: This cookie is set by DoubleClick (also owned by Google) to record and report a user's actions on the website in dealing with advertisements. This allows advertising effectiveness to be measured and appropriate optimisation measures to be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. Furthermore, the cookie can be used to prevent a user from seeing the same ad more than once.
Expiry date: after one month
Expiry date: after 9 months
Purpose: The cookie stores the status of a user's consent to use various Google services. CONSENT is also used for security purposes to verify users, prevent login fraud and protect user data from unauthorised attacks.
Expiry date: after 19 years
Purpose: NID is used by Google to customise ads to your Google search. With the help of the cookie, Google "remembers" your most frequently entered search queries or your previous interaction with ads. This way you always get tailored ads. The cookie contains a unique ID to collect the user's personal preferences for advertising purposes.
Expiry date: after 6 months
Purpose: Once you have ticked the "I am not a robot" box, this cookie will be set. The cookie is used by Google Analytics for personalised advertising. DV collects information in an anonymous form and is also used to make user distinctions.
Expiry date: after 10 minutes
Note: This list cannot claim to be exhaustive, as experience has shown that Google changes its choice of cookies time and again.
By inserting reCAPTCHA, data is transferred from you to the Google server. Where exactly this data is stored, Google does not make clear, even after repeated enquiries. Without having received confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings are stored on Google's European or American servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. The deviating data protection regulations of the Google company apply to this. The deviating data protection provisions of the company Google apply to this.
If you do not want any data about you and your behaviour to be transmitted to Google, you must log out of Google completely and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, data is automatically transmitted to Google as soon as you visit our site. To delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=311262514. https://support.google.com/?hl=de&tid=311262514 contact.
So when you use our website, you agree that Google LLC and its agents automatically collect, process and use data.
WooCommerce is an online shop system that has been part of the WordPress directory since 2011 and was developed specifically for WordPress websites. It is a customisable, open source eCommerce platform based on WordPress and has also been integrated into our website as a WordPress plugin.
We use this convenient online shop solution to offer you our physical or digital products or services in the best possible way on our website. The aim is to provide you with simple and easy access to our range of products, so that you can get to your desired products quickly and easily. With WooCommerce, we have found a good plugin that meets our requirements for an online shop.
Information that you actively enter into a text field in our online shop can be collected and stored by WooCommerce or Automattic. So when you register with us or order a product, Automattic can collect, process and store this data. This may include credit card or billing information in addition to email address, name or address. Automattic may subsequently use this information for its own marketing campaigns.
There is also information that Automattic automatically collects from you in so-called server log files:
WooCommerce also sets cookies in your browser and uses technologies such as pixel tags (web beacons), for example, to clearly identify you as a user and potentially offer interest-based advertising. WooCommerce uses a number of different cookies that are set depending on the user action. This means, for example, that when you add a product to your shopping cart, a cookie is set so that the product remains in the shopping cart when you leave our website and return at a later time.
Here we show you an example list of possible cookies that can be set by WooCommerce:
Purpose: The cookie helps WooCommerce determine when the content in the shopping cart changes.
Expiry date: after end of session
Purpose: This cookie is also used to recognise and store changes in your shopping cart.
Expiry date: after end of session
Purpose: This cookie contains a unique identifier for you so that the shopping cart data can be found in the database.
Expiry date: after 2 days
Unless there is a legal obligation to keep data for a longer period of time, WooCommerce deletes the data when it is no longer needed for its own purposes for which it was stored. For example, server log files that contain technical data about your browser and IP address are deleted after about 30 days. Until then, Automattic uses the data to analyse the traffic on its own websites (for example, all WordPress pages) and to fix possible problems. The data is stored on Automattic's American servers.
You have the right to access and object to the use and processing of your personal data at any time. You can also file a complaint with a state supervisory authority at any time.
In your browser, you also have the option to individually manage, delete or deactivate cookies. However, please note that deactivated or deleted cookies have possible negative effects on the functions of our WooCommerce online shop. Depending on which browser you use, managing cookies works slightly differently. Below you can see links to the instructions for the most popular browsers:
Automattic is an active participant in the EU-U.S. Privacy Shield Framework, which governs the accurate and secure transfer of personal data. For more information, please visit https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC.
Klarna Checkout is a payment system for orders in an online shop. The user selects the payment method and Klarna Checkout handles the entire payment process. Once a user has made a payment via the Checkout system and entered the relevant data, future online purchases can be made even more quickly and easily. The Klarna system then already recognises the existing customer after entering the email address and postcode.
Our goal with our website and integrated online shop is to provide you with the best possible service. This includes not only the overall experience on the website and alongside our offers, but also a smooth, fast and secure payment processing of your orders. To ensure this, we use the Klarna Checkout payment system.
As soon as you decide to use the Klarna payment service and pay via the Klarna Checkout payment method, you also transmit personal data to the company. On the Klarna Checkout page, technical data such as browser type, operating system, our internet address, date and time, language settings, time zone settings and IP address are collected from you and transmitted to Klarna's servers and stored there. This data is also stored if you have not yet completed an order.
When you order a product or service via our shop, you must enter personal data in the fields provided. This data is processed by Klarna for payment processing. In the process, the following personal data (as well as general product information) may be specifically stored and processed by Klarna for creditworthiness and identity checks:
In addition, there is also data that can be collected as an option, provided you make a conscious decision to do so. These are, for example, political, religious or ideological convictions or various health data.
Klarna may also collect data itself or through third parties (such as through us or through public databases) about the goods or services you purchase or order, in addition to the data mentioned above. This can be, for example, the shipment number or the type of item ordered, but also information about your creditworthiness, about your income or credit grants. Klarna may also share your personal data with service providers such as software providers, data storage providers or us as a merchant.
When data is automatically entered into a form, cookies are always involved. If you do not want to use this function, you can deactivate these cookies at any time. Further down in the text you will find instructions on how to basically delete, deactivate or manage cookies in your browser. Our tests have shown that no cookies are set by Klarna directly. If you select the payment method "Klarna Sofort" and click on "Order", you will be redirected to the Sofort website. After the successful payment, you will be taken to our thank you page. The following cookie is set there by sofort.com:
Purpose: This cookie stores your session ID.
Expiry date: after the browser session ends.
Klarna endeavours to store your data only within the EU or the European Economic Area (EEA). However, it may also happen that data is transferred outside the EU/EEA. If this happens, Klarna ensures that the data protection is in line with the GDPR, the third country is in an adequacy decision of the European Union or the country has the US Privacy Shield certificate. The data is always stored for as long as Klarna needs it for the processing purpose.
You can withdraw your consent for Klarna to process personal data at any time. You also always have the right to access, correct and delete your personal data. To do this, all you need to do is contact the company or the company's data protection team by emailing email@example.com. You can also contact Klarna directly via the Klarna website "My data protection request". firstname.lastname@example.org contact. About the Klarna website "My data protection request" you can also contact Klarna directly.
You can delete, disable or manage cookies that Klarna may use for its functions in your browser. Depending on which browser you use, this works in different ways. The following instructions show how to manage cookies in your browser: