data protection

Data protection

This data protection declaration clarifies the type, scope and purpose of the processing of personal data (hereby briefly "data") as part of the provision of our services as well as within our online offer and the websites, functions and content associated with it, as well as external online presences, such as our social media profiles (hereinafter referred to as "online offer"). With regard to the terms used, such as "processing" or "responsible", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Responsible

Martin Stück / Cyber EDP - Systems

School path 9a

34317 Habichtswald

Germany

Email: info@cyber-sys.de

Managing Director: Martin Stück

Types of processed data

- inventory data (e.g., personal master data, names or addresses).

- Contact details (e.g., email, telephone numbers).

- Content data (e.g., text input, photographs, videos).

- Usage data (e.g., visited websites, interest in content, access times).

-Meta/communication data (e.g., device information, IP addresses).

Categories of people affected

Visitors and users of the online offer (hereinafter referred to as a “user”), we summarize the people concerned.

Purpose of processing

- Provision of the online offer, its functions and content.

- Answering contact inquiries and communication with users.

- Safety measures.

- Measuring range/marketing

Used terms

"Personal data" is all information that relates to an identified or identifiable natural person (hereinafter "data subject"); A natural person is regarded as identifiable, which can be identified directly or indirectly, in particular by means of assignment to a identifier such as a name, to an identification number, on site data, for an online detection (e.g. cookie) or for one or more special characteristics, the expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

"Processing" is every process carried out with or without the help of automated procedures or any such series of transaction in connection with personal data. The term extends wide and includes practically every handling of data.

"Pseudonymization" The processing of personal data in a way that the personal data can no longer be assigned to a specific data without the involvement of additional information, provided that this additional information is kept separately and are subject to technical and organizational measures that ensure that the personal data are not assigned to an identified or identifiable natural person.

"Profiling" of any type of automated processing of personal data that is used in the fact that this personal data is used in order to evaluate certain personal aspects that relate to a natural person, in particular aspects regarding work performance, economic situation, health, personal Prevention, interests, reliability, behavior, place of residence or change of location of this natural person to analyze or predict.

The natural or legal person, authority, institution or other body, which decides on the purposes and means of processing personal data alone, is referred to as the "person responsible".

"Processor" a natural or legal person, authority, institution or other body that processes personal data on behalf of the person responsible.

Relevant legal bases

In accordance with Art. 13 GDPR, we inform you of the legal bases of our data processing. For users from the scope of the General Data Protection Regulation (GDPR), i.e. the EU and the EEC applies, provided the legal basis is not mentioned in the data protection declaration, the following:

The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 GDPR;

The legal basis for the processing to fulfill our services and implementation of contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR;

The legal basis for the processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c GDPR;

In the event that vital interests of the data subject or another natural person require processing of personal data, Art. 6 Para. 1 lit. d GDPR serves as a legal basis.

The legal basis for the necessary processing to perform a task that is in the public interest or in the exercise of public violence that has been transferred to the person responsible is Art. 6 Para. 1 lit. e GDPR.

The legal basis for the processing of our legitimate interests is Art. 6 Para. 1 lit. f GDPR.

The processing of data for purposes other than those for which they were collected is determined according to the requirements of Art 6 Para. 4 GDPR.

The processing of special categories of data (corresponding to Art. 9 Para. 1 GDPR) is determined in accordance with the requirements of Art. 9 Para. 2 GDPR.

Safety measures

In accordance with the statutory submission of the state of the art, implementation costs and the type, scope, circumstances and purposes of processing as well as the different probability of occurrence and severity of the risk of the rights and freedoms of natural persons, we take suitable technical and organizational measures to ensure a level of protection that is appropriate to the risk.

The measures include in particular the securing of confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, transfer, securing availability and separation. We have also set up procedures that ensure a perception of affected rights, deletion of data and reaction to the risk of the data. We also take into account the protection of personal data in the development or selection of hardware, software as well as procedures, in accordance with the principle of data protection through technology design and through data protection -friendly default settings.

Cooperation with order processors, jointly responsible and third parties

If we reveal data to other persons and companies (contracts, jointly responsible or third parties), transmit them to them or otherwise grant you access to the data, this is only done on the basis of legal permission (e.g. if a transmission of the data to third parties, as is required to fulfill the contract), users have consented to a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we reveal, transmit, transmit data to other companies in our group of companies, this is done in particular for administrative purposes as a legitimate interest and also based on a basis corresponding to the legal requirements.

Transmission to third countries

If we process data in a third country (i.e. outside of the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or this or this in the context of using third parties or disclosure services, or transmission of data to other persons or companies If this is only done if it happens to fulfill our (before) contractual obligations based on your consent, based on a legal obligation or on the basis of our legitimate interests. Subject to express consent or contractually required transmission, process or let the data only in third countries with a recognized data protection level, which include the US processor certified under the "Privacy-Shield" or on the basis of special guarantees, such as contractual obligation by so-called standard protection clauses Process the EU Commission, the existence of certification or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission).

Rights of the persons concerned

You have the right to request confirmation of whether the data in question is processed and information about this data as well as further information and copy of the data in accordance with the legal requirements.

You have accordingly. the legal requirements to request the completion of the data relating to it or the correction of the incorrect data relating to it.

In accordance with the legal requirements, you must request the right to be deleted immediately or, as an alternative, to request a restriction of the processing of the data in accordance with the legal requirements.

You have the right to request that the data you have provided to us to receive us in accordance with the legal requirements and to request the transfer to other those responsible.

In accordance with the legal requirements, you also have the right to submit a complaint to the responsible supervisory authority.

Right of withdrawal

You have the right to revoke consent with effect for the future.

Right to object

You can object to the future processing of the data relating to you in accordance with the legal requirements. The contradiction can take place in particular against the processing for direct marketing purposes.

Cookies and right of objection in direct advertising

Small files that are stored on users' computers are called "cookies". Different information can be saved within the cookies. A cookie primarily serves to save the information about a user (or the device on which the cookie is stored) during or after visiting an online offer. Cookies that are deleted after a user leaves an online offer and closes his browser are referred to as temporary cookies or "session cookies" or "transient cookies". In such a cookie, the content of a shopping cart can be stored in an online shop or a login status. Cookies are referred to as "permanent" or "persistent", which are also stored after the browser is closed. For example, the login status can be saved if the users visit it after several days. In such a cookie, the interests of the users that are used for range measurement or marketing purposes can also be saved. Cookies, which are offered by other providers as the person responsible who operates the online offer, are offered as the “third party cookie” (otherwise if only its cookies are spoken of “first party cookies”).

We can use temporary and permanent cookies and clarify this as part of our data protection declaration.

If we ask the users for consent to the use of cookies (e.g. as part of a cookie consent), the legal basis of this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, the personal cookies of the users will be in accordance with the following explanations in the context of this data protection declaration on the basis of our legitimate interests (i.e. interest in analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 Lit. f. GDPR) or if The use of cookies is required to provide our contractual services, according to Art. 6 Para. 1 lit. b. GDPR, or if the use of cookies for the performance of a task that is necessary in the public interest or is carried out in the exercise of public violence, according to Art. 6 Para. 1 lit. e. GDPR, processed.

If users do not want cookies to be saved on their computer, you are asked to deactivate the corresponding option in the system settings of your browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

A general contradiction to the use of cookies used for the purpose of online marketing can be used for a variety of services, especially in the case of tracking, via the US side http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved in the settings of the browser by means of their shutdown. Please note that if necessary, not all functions of this online offer can be used.

Deletion of data

The data we process will be deleted in accordance with the legal requirements or restricted in your processing. Unless expressly stated in the context of this data protection declaration, the data stored by us will be deleted as soon as they are no longer necessary for their purpose and no legal retention obligations are opposed to deletion.

If the data is not deleted because they are required for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies e.g. to data that must be kept for commercial or tax reasons.

Changes and updates of the data protection declaration

We ask you to regularly inform yourself about the content of our data protection declaration. We adapt the data protection declaration as soon as the changes in the data processing we have necessary make this necessary. We will inform you as soon as the changes are required to take part (e.g. consent) or other individual notification.

Business -related processing

In addition, we process

- Contract data (e.g., subject of the contract, term, customer category).

- Payment data (e.g., bank details, payment history)

by our customers, interested parties and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.

Order processing in the online shop and customer account

We process the data of our customers as part of the order processes in our online shop to enable you to select and order the selected products and services, as well as their payment and delivery or execution.

The processed data include inventory data, communication data, contract data, payment data and the people affected by the processing include our customers, interested parties and other business partners. The processing takes place for the purpose of providing contract services as part of the operation of an online shop, settlement, delivery and customer services. Here we use session cookies for storing the shopping cart content and permanent cookies for storing the login status.

The processing is carried out to fulfill our services and implementation of contractual measures (e.g. implementation of order processes) and insofar as it is prescribed by law (e.g., legally required archiving of business processes for trade and tax purposes). The information marked as necessary are required to justify and fulfill the contract. We only reveal the data compared to third parties in the context of delivery, payment or within the framework of the statutory permits and obligations, as well as if this is based on our legitimate interests, which we inform you in the context of this data protection declaration (e.g., to legal and tax consultants, Financial institutes, freight companies and authorities).

Users can optionally create a user account by being able to view their orders in particular. As part of the registration, the necessary mandatory information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, their storage is necessary for reasons of commercial or tax law. Information remains in the customer account until it is deleted with subsequent archiving in the event of a legal obligation or our legitimate interests (e.g., in the event of legal disputes). It is the responsibility of the users to secure their data before the contract has been terminated.

As part of registration and re-registration as well as the use of our online services, we save the IP address and the time of the respective user story. The storage is based on our legitimate interests, as well as the user in protection against misuse and other unauthorized use. In principle, this data is not passed on to third parties, unless it is necessary to pursue our legal claims as a legitimate interest or there is a legal obligation.

The deletion takes place at the expiry of legal warranty and other contractual rights or obligations (e.g., payment claims or service obligations from contracts to me), whereby the necessity of storing the data is checked every three years; In the case of storage due to statutory archiving obligations, the deletion takes place in this respect after its expiry.

Agency services

We process the data of our customers as part of our contractual services to which conceptual and strategic advice, campaign planning, software and design development/ counseling or care, implementation of campaigns and processes/ handling, server administration, data analysis/ consulting services and training services.

Here we process inventory data (e.g., customer master data, such as names or addresses), contact details (e.g., email, telephone numbers), content data (e.g., text inputs, photographs, videos), contract data (e.g., contractual object, term), payment data (e.g., Bank details, payment history), usage and metadata (e.g. as part of the evaluation and measurement of marketing measures). In principle, we do not process special categories of personal data, unless these components of a commissioned processing are. Those affected include our customers, interested parties and their customers, users, website visitors or employees as well as third parties. The purpose of processing is to provide contractual services, billing and our customer service. The legal bases of the processing result from Art. 6 Para. 1 Lit. B GDPR (contractual services), Art. 6 Para. 1 Lit. f GDPR (analysis, statistics, optimization, security measures). We process data that are necessary to justify and fulfill the contractual services and indicate the necessity of your statement. External disclosures are only made if it is required as part of an order. When processing the data provided to us as part of an order, we act according to the instructions of the clients and the legal requirements of order processing in accordance with Art. 28 GDPR and process the data for no other than the order -accordingly purposes.

We delete the data after statutory warranty and comparable obligations. The necessity of storing the data is checked every three years; In the case of the statutory archiving obligations, the deletion takes place according to their expiry (6 J, according to § 257 Paragraph 1 HGB, 10 J, according to § 147 Paragraph 1 AO). In the case of data that was disclosed towards us as part of an order by the client, we basically delete the data in accordance with the requirements of the order, in principle after the order ended.

External payment service provider

We use external payment service providers, through whose platforms the users and we can make payment transactions. These payment service providers can include, each with a link to the data protection declaration: PayPal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full), Klarna (https://www.klarna.com/de /Data protection/), Skrill (https://www.skrill.com/de/fusszeile/datenschutzigteilt/), Giropay (https://www.giropay.de/lawliche/datenschutz-agb/), Visa (https:/ /www.visa.de/datenschutz), Mastercard (https://www.masterCard.de/de-de/datenschutz.html), American Express (https://www.americanexpress.com/de/content/privacy- Policy-statement.html), Stripe (https://stripe.com/de/privacy).

As part of the fulfillment of contracts, we set the payment service providers based on Art. 6 Para. 1 lit. b. GDPR. In addition, we use external payment service providers based on our legitimate interests in accordance with Art. 6 Para. 1 Lit. f. GDPR to offer our users effective and safe payment options.

The data processed by the payment service providers include inventory data, such as the name and address, bank details, such as account numbers or credit card numbers, passwords, tan and test sums as well as the contract, sums and recipient-related information. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored in them. This means that we do not receive any account or credit card-related information, but only information with confirmation or negative information. Under certain circumstances, the data is transmitted to economic information on the part of the payment service provider. This transmission aims for identity and credit check. To do this, we refer to the terms and conditions and data protection information from the payment service providers.

The terms and conditions and data protection information from the respective payment service providers apply to the payment transactions, which can be called up within the respective websites or transaction applications. We refer to this also for further information and assertion of cancellation, information and other affected rights.

Administration, financial accounting, office organization, contact management

We process data as part of administrative tasks as well as organization of our company, financial accounting and compliance with the legal obligations, such as archiving. We process the same data that we process as part of the provision of our contractual services. The processing bases are Art. 6 Para. 1 lit. c. GDPR, Art. 6 Para. 1 Lit. f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain our business activities, perceive our tasks and provide our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the information provided in these processing activities.

We reveal or transmit data to the financial administration, consultants, such as, tax consultants or auditors as well as other fees and payment service providers.

We also store information about suppliers, organizers and other business partners on the basis of our business interests, e.g. for the purpose of later contacting. We basically store this majority of company -related data.

Business analyzes and market research

In order to be able to recognize our business economically, to be able to recognize market tendencies, wishes of the contractual partners and users, we analyze the data available to us on business processes, contracts, inquiries, etc. We process inventory data, communication data, contract data, payment data, usage data based on the type . 6 Para. 1 Lit. f. GDPR, whereby the data subjects include contractual partners, interested parties, customers, visitors and users of our online offer.

The analyzes are carried out for the purpose of business evaluations, marketing and market research. We can take into account the profiles of the registered users with information, e.g. on their services. The analyzes serve us to increase user friendliness, the optimization of our offer and business. The analyzes alone serve us and are not revealed externally, unless it is anonymous analyzes with summarized values.

If these analyzes or profiles are personal, you will be deleted or anonymized with the termination of the users, otherwise after two years from the conclusion of the contract. In addition, the overall commercial analyzes and general tendency regulations are created anonymously if possible.

Google Cloud services

We use the cloud offered by Google and the cloud software services (so-called software as a service, e.g. Google Suite) for the following purposes: document storage and administration, calendar management, email shipping, spreadsheet and presentations, exchange of documents, content and information with certain recipients or publication of websites, forms or other content and information as well as chats and participation in audio and video conferences.

The personal data of the users are processed, provided that this component of the documents and content processed within the services described or are part of communication processes. This can include, for example, master data and contact details of the users, data on processes, contracts, other processes and their content. Google also processes usage data and metadata used by Google for security purposes and service optimization.

As part of the use of publicly accessible documents, websites or other content, Google Cookies can save on the computer of the user for the purposes of web analysis or to remember settings of the users.

We use the Google Cloud services based on our legitimate interests in accordance with Art. 6 Para. 1 lit. f GDPR in efficient and safe administrative and cooperation processes. Furthermore, the processing is carried out on the basis of an order processing contract with Google (https://cloud.google.com/terms/data-processing-terms).

You can find further information in Google's data protection declaration (https://www.google.com/policies/privacy) and the security information on Google Cloud-Diensten (https://cloud.google.com/security/privacy/). You can object to the processing of your data in the Google Cloud in accordance with the legal requirements. In addition, the deletion of the data within Google's cloud services is determined according to the other processing processes in which the data is processed (e.g., deletion for contractual purposes or storage for the purpose of taxation required).

The Google Ireland Limited offers Google Cloud services. As far as there is a transmission to the USA, we refer to the certification of Google USA under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000000000000000AAI&status=active) and standard protection clause (https://cloud.google. Com/Terms/Data Processing Terms).

Participation in affiliate partner programs

Within our online offer, we use on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer) in accordance with Art. 6 Para. 1 lit. f GDPR, insofar as these are necessary for the operation of the affiliate system. Below we clarify the users about the technical background.

The services offered by our contractual partners can also be advertised and linked on other websites (so-called affiliate links or after-buy systems, if e.g. links or services are offered by third parties after a contract conclusion). The operators of the respective websites receive a commission if users follow the affiliate links and then take the offers.

In summary, it is necessary for our online offer that we can track, whether users who are interested in affiliate links and/or the offers available from us then perceive the offers on the reason for the affiliate links or our online platform. For this purpose, the affiliate links and our offers are supplemented by certain values that can be set part of the left or otherwise, e.g. in a cookie. The values include the starting website (referrer), time, an online detection of the operators of the website on which the affiliate link was located, an online detection of the respective offer, an online detection of the user, as well as tracking Specific values such as advertising material ID, partner ID and categorizations.

The online identifiers used by us are pseudonymous values. This means that the online identifiers themselves do not contain any personal data such as names or email addresses. They only help us to determine whether the same user who clicked on an affiliate link or was interested in an offer via our online offer perceived the offer, i.e. concluded a contract with the provider. However, online detection is personal, as the partner company and us, the online detection together with other user data. This is the only way to inform us of whether the user has perceived the offer and we can pay for the bonus, for example.

Affilinet partner program

We are on the basis of our legitimate interests (i.e. interest in the economic operation of our online offer within the meaning of Art. 6 Para. 1 Lit. f. GDPR) participants of the partner program of Affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany a medium for websites was designed by means of this by placing advertisements and links to affilinet advertising reimbursement (so-called affiliate system). Affilinet uses cookies to understand the origin of the conclusion of the contract. Among other things, Affilinet can see that you clicked the partner link on this website and then made a contract with or via affilinet.

Further information on data usage through affilinet and opposition options can be found in the company's data protection declaration: https://www.affili.net/de/footeritem/datenschutz.

Data protection information in the application process

We only process the applicant data for the purpose and within the framework of the application process in accordance with the legal requirements. The processing of the applicant data is carried out to fulfill our (before) contractual obligations within the framework of the application procedure within the meaning of Art. 6 Para. 1 lit. b. GDPR Art. 6 Para. 1 Lit. f. GDPR if data processing is required, for example, within the framework of legal procedures (in Germany § 26 BDSG also applies).

The application procedure requires that applicants inform us of the applicant data. The necessary applicant data are, if we offer an online form, otherwise result from the job descriptions and basically the information about the person, postal and contact addresses and the documents belonging to the application, such as cover letters, CV and the certificates. In addition, applicants can voluntarily provide us with additional information.

With the transmission of the application to us, the applicants agree to the processing of their data for purposes of the application process in accordance with the type and scope specified in this data protection declaration.

Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 GDPR are communicated in the context of the application process, their processing is also carried out according to Art. 9 Para. 2 lit. b GDPR (e.g. health data, such as severely disabled person's status or ethnic origin) . Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 GDPR are requested to applicants in the context of the application process, their processing is also carried out in accordance with Art. 9 Para. 2 lit. a GDPR (e.g. health data if this is necessary for professional exercise are).

If provided, applicants can send us your applications on our website using an online form. The data is encrypted to us in accordance with the state of the art.

Applicants can also send us their applications via email. However, we ask that e-mails are not sent encrypted and that applicants themselves have to ensure encryption themselves. We can therefore assume no responsibility for the transfer route of the application between the sender and the reception on our server and therefore recommend that you use an online form or postal shipping. Because instead of the application via the online form and email, the applicants still have the opportunity to send us the application by post.

The data provided by the applicants can be processed by us in the event of a successful application for the purposes of the employment relationship. Otherwise, if the application for a job offer is not successful, the data from the applicants will be deleted. The applicants' data is also deleted if an application is withdrawn, for which applicants are justified at any time.

Subject to a legitimate revocation of the applicant, the deletion takes place after the expiry of a period of six months, so that we can answer any follow -up questions about the application and meet our obligation to provide evidence from the equal treatment law. Invoices on any reimbursement of travel expenses are archived in accordance with the tax law requirements.

Comments and posts

If users leave comments or other posts, your IP addresses can be saved for 7 days based on our legitimate interests within the meaning of Art. 6 Para. 1 Lit. f. GDPR. This is done for our security if someone leaves illegal content in comments and contributions (insults, forbidden political propaganda, etc.). In this case, we can be prosecuted for the comment or contribution and are therefore interested in the identity of the author.

Furthermore, we reserve the right to process the information from the user for spam detection on the basis of our legitimate interests in accordance with Art. 6 Para. 1 Lit. f. GDPR.

On the same legal basis, we reserve the right to save the IP addresses of the users for their duration in the event of surveys and use cookies in order to avoid multiple partitions.

The information on the person, any contact and website information as well as the information provided as part of the comments and contributions, as well as the content information, are permanently stored by us to the contradiction of the users.

Comment subscriptions

The follow -up comments can be subscribed to by users with their consent in accordance with Art. 6 Para. 1 lit. a GDPR. The users receive a confirmation email to check whether they are the owner of the entered email address. Users can unsubscribe from ongoing comment subscriptions at any time. The confirmation email will contain information on the cancellation options. For the purposes of the evidence of the consent of the user, we store the registration time and the IP address of the users and delete this information if users cancel themselves from the subscription.

You can cancel the reception of our subscription at any time, i.e. revoke your consent. We can save the email addresses carried out for up to three years based on our legitimate interests before deleting them in order to be able to prove a former consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual application for deletion is possible at any time, provided that the former existence of consent is also confirmed.

contact

When contacting us (e.g. via contact form, email, telephone or via social media), the user's information for processing the contact request and its handling according to Art. 6 Para. 1 lit. b. (In the context of contractual/pre-contractual relationships), Art. 6 Para. 1 lit. f. (Other inquiries) GDPR processed. get saved.

We delete the inquiries if they are no longer necessary. We check the necessity every two years; The statutory archiving obligations also apply.

Newsletter

With the following information, we inform you about the content of our newsletter as well as the registration, shipping and statistical evaluation procedures as well as your right to object. By subscribing to our newsletter, you agree to the reception and the procedure described.

Content of the newsletter: We send newsletters, emails and other electronic notifications with advertising information (hereinafter "newsletter") only with the consent of the recipients or a legal permit. If the content of its content is described as part of a registration for the newsletter, you are decisive for the consent of the users. In addition, our newsletter contains information about our services and us.

Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in procedure. This means that you will receive an email after registration, in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with foreign email addresses. Registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes storing the registration and the confirmation time, as well as the IP address. The changes from the data stored by the shipping service provider are also logged.

Registration data: To register for the newsletter, it is sufficient if you enter your email address. Optionally, we ask you to specify a name for the purpose of personal addressing in the newsletter.

The sending of the newsletter and the success measurement associated with it are based on the consent of the recipient in accordance with Art. 6 Para. 1 lit. a, Art. 7 GDPR in conjunction with Section 7 (2) No. 3 UWG or if consent is not necessary , based on our legitimate interests in direct marketing according to Art. 6 Para. 1 Lt. F. GDPR i.V.M. Section 7 (3) UWG.

The login procedure is recorded on the basis of our legitimate interests in accordance with Art. 6 Para. 1 lit. f GDPR. Our interest is aimed at the use of a user -friendly and secure newsletter system, which serves both our business interests, and meets the expectations of the users and also allows us to prove consent.

Termination/revocation - You can cancel the reception of our newsletter at any time, i.e. revoke your consent. You can find a link to cancel the newsletter at the end of each newsletter. We can save the email addresses carried out for up to three years based on our legitimate interests before deleting them in order to be able to prove a former consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual application for deletion is possible at any time, provided that the former existence of consent is also confirmed.

Hosting and email shipping

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, e-mail shipping, security services and technical maintenance services that we use for the purpose of operating this online offer.

Here, or our hosting provider, we process inventory data, contact details, content data, contract data, usage data, usage data, meta and communication data from customers, interested parties and visitors of this online offer based on our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 lit. f GDPR i.V.M. Art. 28 GDPR (conclusion of order processing contract).

Google Tag Manager

Google Tag Manager is a solution with which we can manage so-called website tags via a surface (and thus integrate Google Analytics and other Google marketing services into our online offer). The Tag Manager itself (which implemented the tags) does not process any personal data from the users. With regard to the processing of the personal data of the users, reference is made to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html.

Google Analytics

We use Google Analytics, a web analysis service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by the users is usually transferred to a Google server in the USA and stored there.

Google will use this information on our behalf to evaluate the use of our online offer by the users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and internet use. Pseudonyms from the users can be created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is reduced by Google within Member States of the European Union or in other contracting states of the agreement via the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software; Users can also prevent the data generated by the cookie and related to their use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: http: // Tools .google.com/dlpage/gaoptout? hl = de.

If we ask the users for consent (e.g. as part of a cookie consent), the legal basis of this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, the personal data of the users are processed on the basis of our legitimate interests (i.e. interest in analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR).

As far as data is processed in the USA, we point out that Google is certified under the Privacy-Shield Agreement and thus assures that European data protection law comply with (https://www.privacyshield.gov/participant?id=a2zt00001l5aai&status=Active) .

Further information on data usage by Google, setting and objection options, can be found in the data protection declaration of Google (https://policies.google.com/privacy) and in the settings for the presentation of advertisements by Google (https: // adsettings. Google.com/authenticated).

The personal data of the users are deleted or anonymized after 14 months.

Google Universal Analytics

We use Google Analytics in the design as "universal analytics". "Universal Analytics" describes a procedure by Google Analytics, in which the user analysis is based on a pseudonymous user ID and thus creates a pseudonymes of the user with information from the use of different devices (so-called "cross-device tracking")) .

Google Adsense with personalized ads

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

We use the AdSense service, with the help of which advertisements displayed in our website and we receive a remuneration for the fading or other use. For these purposes, usage data, such as the click on an advertisement and the IP address of the users, are processed, whereby the IP address is shortened by the last two digits. Therefore, the processing of the data is carried out by the user pseudonymized.

We use AdSense with personalized ads. On the basis of the websites or apps used by users, Google draws conclusions about their interests. Advertisers use this information to align their campaigns to these interests, which is equally advantageous for users and advertisers. For Google, ads are personalized if recorded or known data determine or influence the selection selection. These include previous searches, activities, website visits, the use of apps, demographic and location information. This includes this: Demographic targeting, targeting on interest categories, remarketing and targeting on lists for customer comparison and target group lists, which were uploaded in DoubleClick Bid Manager or Campaign Manager.

Further information on data usage by Google, setting and objection options, can be found in Google's data protection declaration (https://policies.google.com/technologies/Ads) as well as in the settings for the presentation of advertising overlays by Google (https: // adsettings.google.com/authenticated).

Google Adsense with non-personalized ads

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

We use AdSense with non-personalized ads. The ads are not displayed on the basis of user profiles. Non -personalized ads are not based on previous user behavior. In targeting, context information is used, including a rough (e.g. at the location) geographical targeting based on the current location, the content on the current website or the app as well as current search terms. Google prevents any personalized targeting, i.e. demographic targeting and targeting based on user lists.

Google AdWords and conversion measurement

We use the online marketing procedure Google "AdWords" to place advertisements in the Google Werbe network (e.g., in search results, in videos, on websites, etc.) so that you are displayed with users who have an alleged interest in the ads. This allows us to display advertisements for and within our online offer more specifically in order to only present users that potentially meet their interests. If, for example, ads are displayed for products for which he was interested in other online offers, one speaks of "remarketing". For these purposes, a code of Google is carried out directly through Google by Google when calling our and other websites on which the Google advertising network is active and so-called (re) marketing tags (invisible graphics or code, also as "as" Web Beacons "Described) in the website. With their help, an individual cookie is saved on the device, i.e. a small file is saved (instead of cookies, comparable technologies can also be used). This file notes which websites of the users are visited, for which content he is interested and which offers the user clicked, also technical information on the browser and operating system, referring websites, visiting hours and further information on the use of the online offer.

We also receive an individual "conversion cookie". The information obtained with the help of the cookies serves Google to create conversion statistics for us. However, we only learn the anonymous total number of users who clicked on our ad and were forwarded to a page with a conversion tracking day. However, we do not receive any information with which users can be identified personally.

The data of the users are processed as part of the Google advertising network pseudonym. This means that Google does not save and process the name or email address of the user, but processes the relevant data cookie-related within pseudonymous user profiles. From the perspective of Google, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected about the users is transmitted to Google and saved on Google's servers in the USA.

Facebook pixels, Custom Audiences and Facebook Conversion

Within our online offer, the so-called "Facebook pixel" of the social network Facebook, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ("Facebook").

With the help of the Facebook pixel, Facebook is possible to determine visitors to our online offer as a target group for displaying ads (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to notify the Facebook ADs that we have connected only that have shown that our online offer has been interested in our online offer or the certain characteristics (e.g. interests on certain topics or products that were visited based on the visited Websites are determined) that we transmit to Facebook (so -called "Custom Audiences"). With the help of the Facebook pixel, we would also like to ensure that our Facebook ads correspond to the potential interest of the users and do not have an annoying effect. With the help of the Facebook pixel, we can also understand the effectiveness of Facebook advertisements for statistical and market research purposes in which we see whether users have been forwarded to our website after clicking on a Facebook advertisement (so-called "conversion").

The processing of the data is processed by Facebook as part of Facebook's data usage guideline. Accordingly, general information on the presentation of Facebook Ads, in the data usage guideline of Facebook: https://www.facebook.com/policy. Special information and details on the Facebook pixel and its way of working can be found in Facebook's help area: https://www.facebook.com/business/help/65129470501616.

Facebook is certified under the Privacy-Shield Agreement and thus ensures that European data protection law complies with (https://www.privacyshield.gov/participant?id=a2zt0000000gnyWaac&status=Active).

You can contradict the recording by the Facebook pixel and the use of your data to display Facebook ads. To set which types of advertisements are displayed within Facebook, you can call up the page set up by Facebook and follow the information about the settings of usage -based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform independently, i.e. they are taken over for all devices such as desktop computers or mobile devices.

You can also use cookies that serve the range measurement and advertising purposes via the deactivation page of the network advertising (http://optout.networkadvertising.org/) and also the US website (http://www.aboutads.info/ Choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Online presences in social media

We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to be able to inform them about our services.

We would like to point out that data from the user outside the space of the European Union can be processed. This can result in risks for users, because this could make it difficult to enforce the rights of the users. With regard to US providers that are certified under the Privacy-Shield, we would like to point out that they are committed to complying with the EU data protection standards.

Furthermore, the data of the users are usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and the resulting interests of the users. The usage profiles can in turn be used, e.g. to switch advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are generally saved on the users' computers, in which the user and interests of the users are stored. Furthermore, data can also be saved in the user profiles regardless of the devices used by the users (especially if users are members of the respective platforms and are logged in with them).

The processing of the personal data of the users is carried out on the basis of our legitimate interests in effective information from users and communication with the users in accordance with Art. 6 Para. 1 lit. f. GDPR. If the users are asked by the respective providers of the platforms for consent to the above data processing, the legal basis of processing is Art. 6 Para. 1 lit. a., Art. 7 GDPR.

For a detailed presentation of the respective processing and the opposition options (opt-out), we refer to the providers linked below.

Even in the case of information inquiries and the assertion of user rights, we would like to point out that they can be asserted most effectively with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information. If you still need help, you can contact us.

- Facebook, pages, groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland) based on an agreement on the joint processing of personal data - data protection declaration: https://www.facebook.com /About/privacy/, especially for pages: https://www.facebook.com/legal/terms/information_page_page_insights_data, opt-out: https://www.facebook.com/settings?tab=ads and http: // www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000gnywaac&status=active.

- Google/YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)- Data protection declaration: https://policies.google.com/privacy, opt-out: https://adssettings.google.com/authenticated , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=active.

- Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)- data protection declaration/opt-out: http://instagram.com/about/legal/privacy/.

- Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) - Data protection declaration: https://twitter.com/de/privacy, opt-out: https://twitter.com/personalization , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000Torzaao&status=active.

-Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA)-Data protection declaration/opt-out: https://about.pinterest.com/de/privacy-policy.

- LinkedIn (Linkedin Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)- Data protection declaration https://www.linkedin.com/legal/privacy-policy, opt-out: https://www.linkedin.com/psettings/guest -controls/retargeting-opt-out, privacy shield: https://www.privacyshield.gov/participant?id=a2zt00000l0uzaa0&status=Active.

- XING (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany)- Data protection declaration/opt-out: https://privacy.xing.com/de/datenschutzerklaung.

- Wakalet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom) - Data protection declaration/opt -out: https://wakelet.com/privacy.html.

- Soundcloud (Soundcloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany) - Data protection declaration/opt -out: https://soundcloud.com/pages/privacy.

Integration of services and third -party content

We use the content or service offers from third-party providers within our online offer based on our legitimate interests (i.e. interest in analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. 1 lit. f. GDPR) To integrate services such as videos or fonts (hereinafter referred to as "content").

This always presupposes that the third-party providers perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore necessary for the presentation of this content. We only strive to use such content whose respective providers only use the IP address to deliver the content. Third providers can also use so-called pixel tags (invisible graphics, also known as "Web Beacons") for statistical or marketing purposes. The "Pixel tags" can be used to evaluate information on how visitor traffic on the website of this website is evaluated. The pseudonymous information can also be stored in cookies on the user device and, among other things, technical information on the browser and operating system, referring websites, visiting time, as well as further information on the use of our online offer, as well as with such information from other sources are connected.

YouTube

We bind the videos of the “YouTube” platform from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

Google Fonts

We bind the fonts ("Google Fonts") of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. According to Google, the data of the users are used solely for the purposes of presenting the fonts in the user browser. The integration takes place on the basis of our legitimate interests on a technically safe, maintenance -free and efficient use of fonts, their uniform presentation and consideration of possible license restrictions for their integration. Data protection declaration: https://www.google.com/policies/privacy/.

Google Maps

We bind the maps of the “Google Maps” service from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The processed data can include, in particular, IP addresses and location data of the users, but they are not collected without their consent (usually carried out in the context of the settings of their mobile devices). The data can be processed in the USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

Use of Facebook Social Plugins

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR) Social Plugins ("plugins") of the social network facebook.com, which by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ("Facebook").

This can include, for example, content such as images, videos or texts and buttons with which users can share content of this online offer within Facebook. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy-Shield Agreement and thereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000gnyWaac&status=active).

If a user calls a function of this online offer that contains such a plugin, his device establishes a direct connection with the Facebook servers. The content of the plugin is transferred directly to the user's device and integrated from it into the online offer. User profiles of the users can be created from the processed data. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore informs the users according to our level of knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user has logged in on Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example pressing the Like button or submitting a comment, the corresponding information is transmitted directly to Facebook from your device and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save his IP address. According to Facebook, only an anonymized IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options for the protection of the privacy of users can be found in the data protection information from Facebook: https://www.facebook.com/about/privacy/ .

If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link with his member data stored on Facebook, he must log out of Facebook before using our online offer and delete his cookies. Further settings and contradictions for the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the etc. /Choices/or the EU page http://www.youronlinechoices.com/. The settings are platform independently, i.e. they are taken over for all devices such as desktop computers or mobile devices.

Instagram

Within our online offer, functions and content of the Instagram service can be integrated by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. This can include, for example, content such as images, videos or texts and buttons with which users can share content of this online offer within Instagram. If the users are members of the Instagram platform, Instagram can assign the call to the above content and functions to the users' profiles there. Data protection declaration from Instagram: http://instagram.com/about/legal/privacy/.

Google+

Within our online offer, functions and content of the Google+ platform, offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), can be integrated. This can include, for example, content such as images, videos or texts and buttons with which users can share content of this online offer within Google. If the users are members of the Google+ platform, Google can assign the call of the above content and functions to the users' profiles there.

Google is certified under the Privacy-Shield Agreement and thereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000001L5AAI&status=active). Further information on data usage by Google, setting and objection options, can be found in Google's data protection declaration (https://policies.google.com/technologies/Ads) as well as in the settings for the presentation of advertising overlays by Google (https: // adsettings.google.com/authenticated).

Created with datenschutz-generator.de by RA Dr. Thomas Schwenke

A short sentence describing what someone will receive by subscribing