Data protection GDPR
Your data is safe
all4nails.de ensures at all times that privacy is maintained when using our website and services. With this data protection declaration, we comply not only with the data protection regulations of the country in which the body responsible for data processing is located, but also with the current EU data protection regulation (DSGVO).
data security
We have the latest technical options to ensure data security, in particular to protect your personal data from risks during data transmission and from third parties gaining knowledge. We will always adapt these to the current state of the art. To ensure the security of your data, we only use Transport Layer Security TLS / SSL encryption (https) which encrypts the information you enter.
All4nails.de is subsequently called "The Provider".
I. Name and address of the person responsible (Art. 13I lit. A GDPR)
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:antien, enforceable rights and effective remedies are guaranteed, which result from the EU standard data protection clauses.
Any data subject can obtain a copy of the standard data protection clauses from our data protection officer. In addition, the standard data protection clauses are also available in the Official Journal of the European Union (OJ 2010 / L 39, page 5-18).
3. Data Erasure and Storage Duration
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
IV. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected here:
(1) Information about the browser type and version used
(2) The user's operating system
(3) The user's internet service provider
(4) The IP address of the user
(5)Date and time of access
(6) Websites from which the user's system accesses our website
(7) Websites accessed by the user's system via our website
The data is also stored in the log files of our system. This does not affect the IP addresses of the user or other data that enable the data to be assigned to a user. This data is not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of the data is Article 6 (1) (f) GDPR.
3.Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
Our legitimate interest in data processing in accordance with Article 6 (1) (f) GDPR also lies in these purposes.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
5. Possibility of objection and elimination
The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
V. Recipients of the data and disclosure
The data we collect will only be passed on if this is necessary to fulfill the contract and/or provide the technical functionality of the website. Any other transfer will also take place if there is a corresponding legal basis for data transfer.
In principle, we process your data exclusively in our company for our own purposes. In some cases, however, we also use service providers. In addition to the service providers mentioned in this data protection declaration, in particular:
- Data centers that store our website and databases
- EDP/IT service providers who maintain our system
- consulting company
belong. If we pass on data to third parties, they may only use the data to fulfill the assignment of their tasks. The partner companies have been carefully selected and commissioned by us. They are contractually bound to our instructions and the current version of the GDPR, have appropriate technical and organizational measures to protect the rights of the data subjects and are regularly checked by us.
In addition, disclosure may take place in connection with official inquiries, court orders and legal proceedings if it is necessary for legal prosecution or enforcement.
VI.Use of Cookies
a) Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic character string that enables the browser to be clearly identified when the website is called up again light.
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.
The following data is stored and transmitted in the cookies:
(1)Language settings
(2)Items in a shopping cart
(3)Log-In Information
We also use cookies on our website, which enable an analysis of the surfing behavior of users.
The following data can be transmitted in this way:
(1)Entered search terms
(2) Frequency of page views
(3) Use of website functions
The user data collected in this way is pseudonymized by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.
When accessing our website, users are informed by an information banner about the use of cookies for analysis purposes and are referred to this data protection declaration. In this context, there is also a reference to how the storage of cookies can be prevented in the browser settings.
When accessing our website, the user is informed about the use of cookies for analysis purposes and their consent to the processing of the personal data used in this context is obtained. In this context, there is also a reference to this data protection declaration.
b) Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Article 6 (1) (f) GDPR.
The legal basis for the processing of personal data using cookies for analysis purposes is Article 6(1)(a) GDPR if the user has given their consent.
c) Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change.
We need cookies for the following applications:
(1)Shopping cart
(2)Acquisition of language settings
(3) Remembering search terms
The user data collected by technically necessary cookies are not used to create user profiles.
Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer.
Our legitimate interest in the processing of personal data in accordance with Article 6 (1) (f) GDPR also lies in these purposes.
e) Duration of storage, possibility of objection and removal
Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.
VII.Newsletter
1. Description and scope of data processing
You can subscribe to a free newsletter on our website. When registering for the newsletter, the data from the input mask is transmitted to us.
-Name or pseudonym
-E-mail address
In addition, the following data is collected during registration:
(1) IP address of the calling computer
(2)Date and time of registration
Your consent will be obtained for the processing of the data as part of the registration process and reference will be made to this data protection declaration. There is no transfer of data to third parties in connection with data processing for sending newsletters. The data will only be used to send the newsletter.
2. Legal basis for data processing
The legal basis for processing the data after the user has registered for the newsletter is Article 6(1)(a) GDPR if the user has given their consent.
3.Purpose of data processing
The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data as part of the registration process serves to prevent misuse of the services or the email address used.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. The user's email address is therefore stored as long as the subscription to the newsletter is active. The other personal data collected as part of the registration process is usually deleted after a period of seven days.
5. Possibility of objection and elimination
The subscription to the newsletter can be canceled by the user concerned at any time. For this purpose, there is a corresponding link in every newsletter.
This also enables a revocation of the consent to the storage of the personal data collected during the registration process.
6.Newsletter tracking
The provider's newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in e-mails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Based on the embedded tracking pixel, the provider can see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects.
Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the person responsible for processing in order to optimize the newsletter dispatch and to adapt the content of future newsletters even better to the interests of the person concerned. This personal data will not be passed on to third parties. Affected persons are entitled at any time to revoke the relevant separate declaration of consent given via the double opt-in procedure. After a revocation, this personal data will be deleted by the person responsible for processing. The provider automatically regards a withdrawal from the receipt of the newsletter as a revocation.
Data processing takes place on the basis of GDPR Article 6 Paragraph 1 Letter f
VIII.Live Support Chat
1. Description and scope of data processing
The person responsible for processing has integrated the live support chat component on this website. The live support chat is a live support software that enables direct communication in real time (so-called live chat) with visitors to your own website.
With each individual visit to our website, which is equipped with a live support chat component, data is collected by this component for the purpose of operating the live chat system and analyzing the operation of the system.
The Live Support Chat component places a cookie on the information technology system of the data subject. What cookies are has already been explained above. Pseudonymised usage profiles can be created via the Live Support Chat cookie. Such pseudonymised usage profiles can be used by the data controller to analyze visitor behavior and to analyze and maintain the proper operation of the live chat system. The analysis also serves to improve our offer. The data collected via the Live Support Chat component will not be used to identify the data subject without first obtaining a separate express consent from the data subject. This data is not merged with personal data or with other data containing the same pseudonym.
As part of the registration process, the user's consent to the processing of this data is obtained.
2. Legal basis for data processing
The legal basis for processing the data is Article 6(1)(a) GDPR if the user has given their consent.
3.Purpose of data processing
In order to be able to provide optimal support
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.
5. Possibility of objection and elimination
The person concerned can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent the live support chat component from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by the Live Support Chat component can be deleted at any time via the Internet browser or other software programs.
IX. Registration (customer account)
6. Description and scope of data processing
On our website we offer users the opportunity to register by providing personal data. The data are stored in eientered an input mask and transmitted to us and saved.
When you open a customer account, we collect your personal data to the extent specified there. The purpose of data processing is to improve your shopping experience and to simplify order processing. The processing takes place on the basis of Art. 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent up to the revocation. Your customer account will then be deleted.
Collection, processing and use of personal data when placing orders
When you place an order, we only collect and use your personal data to the extent that this is necessary to fulfill and process your order and to process your inquiries. The provision of the data is necessary for the conclusion of the contract. Non-provision means that no contract can be concluded. The processing takes place on the basis of Art. 6 (1) lit. b GDPR and is necessary for the fulfillment of a contract with you. Your data will not be passed on to third parties without your express consent. The only exceptions to this are our service partners that we need to process the contractual relationship or service providers that we use in the context of order processing. In addition to the recipients named in the respective clauses of this data protection declaration, these are, for example, recipients of the following categories: shipping service providers, payment service providers, merchandise management service providers, service providers for order processing, web hosts, IT service providers and dropshipping dealers. In all cases, we strictly observe the legal requirements. The amount of data transmission is limited to a minimum.
A transfer of data to third parties does not take place. The following data is collected as part of the registration process:
-Salutation
-First name
-Last name
-E-mail address
-Password
-Phone Number (Optional)
-Birth date
-Address
-As well as different delivery address
At the time of registration, the following data is also stored:
(1)The IP address of the user
(2)Date and time of registration
As part of the registration process, the user's consent to the processing of this data is obtained.
7. Legal basis for data processing
The legal basis for processing the data is Article 6(1)(a) GDPR if the user has given their consent.
If the registration serves to fulfill a contract to which the user is a party or to carry out pre-contractual measures, the additional legal basis for the processing of the data is Article 6 (1) (b) GDPR.
8.Purpose of data processing
Registration of the user is required for the provision of certain content and services on our website.
9. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case for the data collected during the registration process if the registration on our website is canceled or changed.
10. Possibility of objection and elimination
As a user, you have the option to cancel the registration at any time. You can have the data stored about you changed at any time.
The customer can ask our support in writing at any time to delete the customer account (info@all4nails.de) or do this independently in the customer area.
X.Contact form, ticket system and email contact
1. Description and scope of data processing
There is a contact form on our website which can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved. These dates are:
-First name
-Last name
-E-mail address
-Phone Number (Optional)
-Address (Optional)
-Reason for the request/inquiry
At the time the message is sent, the following data is also stored:
(1)The IP address of the user
(2)Date and time of registration
Your consent will be obtained for the processing of the data during the sending process and reference will be made to this data protection declaration.
Alternatively, you can contact us via the email address provided. In this case, the user's personal data transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.
2. Legal basis for data processing
The legal basis for processing the data is Article 6(1)(a) GDPR if the user has given their consent.
legal basis
Article 6 (1) (f) GDPR applies to the processing of data transmitted in the course of sending an e-mail. If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
3.Purpose of data processing
The processing of the personal data from the input mask serves us solely to process the contact. If contact is made by email, this is also the necessary legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the facts in question have been finally clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. Possibility of objection and elimination
The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
All personal data that was saved in the course of making contact will be deleted in this case.
XI.Payment services and payment (payment) - procedures
6. Description and scope of data processing
There are payment services on our website that are used for payment processing. If a user takes advantage of this online payment option, the data entered in the input mask will be transmitted to the relevant payment provider and processed according to their specifications. The legal basis for the aforementioned data processing is Art. 6 Para. 1 b) GDPR.
We offer the following payment methods: purchase on account, payment in installments, payment in advance, immediate transfer, direct debit, Paypal and credit card. We process your payment data in order to process the payments. Depending on the payment method selected, we will pass on your payment data to the credit institution commissioned with the payment or the payment service provider commissioned by us.
7. Legal basis for data processing
The legal basis for the aforementioned data processing is Art. 6 Para. 1 b) GDPR.
8.Purpose of data processing
In order to ensure smooth payment transactions, we work together with payment providers and credit institutions that comply with the GDPR.
9. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected or a statutory storage period has expired.
10. Possibility of objection and elimination
According to the GDPR, the options for objection and elimination are the responsibility of the relevant payment providers or credit institutions.
11. Payment providers and credit institutions and link to their GDPR
Using PayPal
Data protection regulations for PayPal as a payment method
The person responsible for processing has integrated PayPal components on this website. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no classic account number. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If the data subject selects "PayPal" as the payment option during the ordering process in our online shop, the data of the data subject is automatically transmitted to PayPal. By selecting this payment option, the person concerned agrees to the transmission of personal data required for payment processing.
The personal data transmitted to PayPal is usually first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing
are necessary. Personal data related to the respective order are also required to process the purchase contract.
The transmission of the data is intended for payment processing and fraud prevention. The person responsible for processing will transmit personal data to PayPal in particular if there is a legitimate interest in the transmission. The personal data exchanged between PayPal and the person responsible for processing may be transmitted by PayPal to credit agencies. The purpose of this transmission is to check identity and creditworthiness.
PayPal may pass on the personal data to affiliated companies and service providers or subcontractors insofar as this is necessary to fulfill the contractual obligations or the data is to be processed in the order.
The data subject has the option of withdrawing their consent to the handling of personal data from PayPal at any time. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.
PayPal's applicable data protection regulations can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full. PayPal's European operating company is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. All PayPal transactions are subject to the PayPal Privacy Policy. You can find this at https://www.paypal.com/de/webapps/mpp/ua/privacy-prev?locale.x=de_DE
Use of the payment provider Paydirekt
When paying via paydirekt, your payment details will be sent to Hamburger Allee 26-28, 60486 Frankfurt am Main as part of the payment process. The payment data (e.g. payment amount, information on the payee) and the participant's confirmation as to whether the payment data is correct are collected, processed and transmitted to the bank by paydirekt GmbH to carry out the paydirekt payment. paydirekt GmbH authenticates the payment using the authentication procedure stored for the participant. The bank authorizes the payment to the merchant with the involvement of paydirekt GmbH. paydirekt GmbH collects and stores the transaction data from paydirekt payments. The transaction data includes the transaction reference and the transaction ID as well as information on the shopping cart, which paydirekt GmbH receives from the merchant if the merchant supports this. They enable paydirekt GmbH and the bank to later identify and reference the transaction (e.g. in the case of refunds), so that the transaction can be assigned to the respective customer. In order to process refunds, transaction data is transmitted from paydirekt GmbH to the bank.
You can find more information in the paydirekt data protection declaration at: https://www.paydirekt.de/agb/index.html
Using Credit Card Payments (Stripe)
If you choose a payment method from the payment service provider Stripe, the payment will be processed via the payment service provider Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland, to whom we will send the information you provided during the ordering process together with the information about Pass on your order (name, address, account number, sort code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Article 6 Paragraph 1 lit. b GDPR. Your data will only be passed on for the purpose of payment processing with the payment service provider Stripe Payments Europe Ltd. and only insofar as it is necessary for this. You can find more information about Stripe's data protection under the URL https://stripe.com/de/terms
Use of advance payment
With the payment method “payment in advance”, you transfer the invoice amount to the provider’s account. The payment information transmitted is usually – account holder, account number (IBAN/BIC), invoice amount and customer number or invoice number. The data exchange takes place on the basis of the GDPR of your bank.
Use of Sofort.com (instant transfer)
The person responsible for processing has integrated components of Sofortüberweisung on this website. Sofortüberweisung is a payment service that enables cashless payment for products and services on the Internet. Sofortüberweisung represents a technical procedure through which the online retailer immediately receives a payment confirmation. In this way, a retailer is able to deliver goods, services or downloads to the customer immediately after the order has been placed.
The operating company of Sofortüberweisung is SOFORT GmbH, Fußbergstraße 1, 82131 Gauting, Germany.
Selects the person concerned
During the ordering process in our online shop, if you choose “Sofortüberweisung” as the payment option, the data of the person concerned is automatically transmitted to Sofortüberweisung. By selecting this payment option, the person concerned agrees to the transfer of personal data required for payment processing.
When making a purchase via Sofortüberweisung, the buyer transmits the PIN and TAN to Sofort GmbH. Sofortüberweisung then carries out a transfer to the online retailer after a technical check of the account balance and retrieval of further data to check the account funds. The execution of the financial transaction is then automatically communicated to the online retailer.
The personal data exchanged with Sofortüberweisung is first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing. The transmission of the data is intended for payment processing and fraud prevention. The person responsible for processing will also transmit other personal data to Sofortüberweisung if there is a legitimate interest in the transmission. The personal data exchanged between Sofortüberweisung and the person responsible for processing may be transmitted by Sofortüberweisung to credit agencies. The purpose of this transmission is to check identity and creditworthiness.
Sofortüberweisung may pass on the personal data to affiliated companies and service providers or subcontractors insofar as this is necessary to fulfill the contractual obligations or the data is to be processed in the order.
The person concerned has the option to revoke their consent to the handling of personal data at any time. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.
The applicable data protection regulations of Sofortüberweisung can be accessed at https://www.sofort.com/ger-DE/datenschutzerklaerung-sofort-gmbh/.
XII. Use of social media plugins
When using social media plugins, personal user data is forwarded to the providers of social networks. In order to comply with the new GDPR guidelines, we only use the "two-click solution". With this solution, the user must trigger actively and with their consent. The legal basis for the processing of the data after the user has given his consent is Article 6(a) GDPR.
Data protection regulations for the deployment and use of Facebook
The person responsible for processing has integrated components of the company Facebook on this website. Facebook is a social network.
A social network is a social meeting place operated on the Internet, an online community that usually enables users to communicate with one another and to interact in virtual space. A social network can serve as a platform for exchanging opinions and experiences, or it allows the Internet community to provide personal or company-related information. Among other things, Facebook enables users of the social network to create private profiles, upload photos and network via friend requests.
Facebook's operating company is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a person concerned lives outside the USA or Canada, the person responsible for processing personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website is called up, which is operated by the person responsible for processing and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the information technology system of the person concerned is automatically activated by the respective Facebook component causes a representation of the corresponding Facebook component to be downloaded from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook is informed which specific subpage of our website is visited by the person concerned.
If the person concerned is logged on to Facebook at the same time, Facebook recognizes which specific subpage of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of their stay on our website. This information is collected through the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the person concerned clicks on one of the Facebook buttons integrated on our website, for example the “Like” button, or if the person concerned makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data .
Facebook always receives information via the Facebook component that the person concerned has visited our website if the person concerned is logged in to Facebook at the same time as accessing our website; this takes place regardless of whether the person concerned clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook in this way, they can prevent the transmission by logging out of their Facebook account before accessing our website.
The data policy published by Facebook, which can be accessed at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It is also explained there which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the person concerned to suppress data transmission to Facebook.
Data protection regulations for the deployment and use of Google+
The person responsible for processing has integrated the Google+ button as a component on this website. Google+ is a so-called social network. A social network is a social meeting place operated on the Internet, an online community that usually enables users to communicate with one another and to interact in virtual space. A social network can serve as a platform for exchanging opinions and experiences, or it allows the Internet community to provide personal or company-related information. Among other things, Google+ enables users of the social network to create private profiles, upload photos and network via friend requests.
The operating company of Google+ is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the individual pages of this website is called up, which is operated by the person responsible for processing and on which a Google+ button has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Google+ button to display the corresponding Google+ Download button from Google. As part of this technical process, Google is informed which specific subpage of our website is visited by the person concerned. More detailed information about Google+ is available at https://developers.google.com/+/.
If the person concerned is logged in to Google+ at the same time, Google recognizes which specific subpage of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of their stay on our website. This information is collected by the Google+ button and assigned by Google to the respective Google+ account of the person concerned.
If the person concerned clicks on one of the Google+ buttons integrated on our website and thus makes a Google+1 recommendation, Google assigns this information to the personal Google+ user account of the person concerned and stores this personal data. Google stores the Google+1 recommendation of the person concerned and makes it publicly available in accordance with the terms accepted by the person concerned in this respect. A Google+1 recommendation given by the person concerned on this website will then be used in other Google services together with other personal data, such as the name of the Google+1 account used by the person concerned and the photo stored in it. For example, the search engine results of the Google search engine, the Google account of the person concerned or in other places, for example on websites or in connection with advertisements, are stored and processed. Furthermore, Google is able to link the visit to this website with other personal data stored by Google. Google also records this personal information for the purpose of using the various services of Google to improve or optimize.
Google always receives information via the Google+ button that the person concerned has visited our website if the person concerned is logged in to Google+ at the same time as accessing our website; this takes place regardless of whether the person concerned clicks on the Google+ button or not.
If the data subject does not want personal data to be transmitted to Google, they can prevent such transmission by logging out of their Google+ account before accessing our website.
Further information and Google's applicable data protection regulations can be found at https://www.google.de/intl/de/policies/privacy/. Further information from Google on the Google +1 button can be found at https://developers.google.com/+/web/buttons-policy.
Data protection regulations for the deployment and use of Twitter
The person responsible for processing has integrated components from Twitter on this website. Twitter is a multilingual, publicly accessible microblogging service on which users can publish and distribute so-called tweets, i.e. short messages limited to 280 characters. These short messages can be accessed by anyone, including people who are not registered on Twitter. The tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow a user's tweets. Furthermore, Twitter makes it possible to address a broad audience via hashtags, links or retweets.
The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Each time one of the individual pages of this website is called up, which is operated by the person responsible for processing and on which a Twitter component (Twitter button) has been integrated, the Internet browser on the information technology system of the person concerned is automatically activated by the respective Twitter component causes a representation of the relevant Twitter component to be downloaded from Twitter. Further information on the Twitter buttons is available at https://about.twitter.com/de/resources/buttons. As part of this technical process, Twitter is informed which specific subpage of our website is visited by the person concerned. The purpose of integrating the Twitter component is to enable our users to redistribute the content of this website, to make this website known in the digital world and to increase our visitor numbers.
If the person concerned is logged in to Twitter at the same time, Twitter recognizes which specific subpage of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of their stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the data subject. If the person concerned clicks on one of the Twitter buttons integrated on our website, the data and information thus transmitted are assigned to the personal Twitter user account of the person concerned and stored and processed by Twitter.
Twitter always receives information via the Twitter component that the person concerned has visited our website if the person concerned is logged in to Twitter at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Twitter component or not. If the data subject does not want this information to be transmitted to Twitter in this way, they can prevent the transmission by logging out of their Twitter account before accessing our website.
Twitter's applicable data protection regulations are available at https://twitter.com/privacy?lang=de.
Data protection regulations for the deployment and use of YouTube
The person responsible for processing has integrated components from YouTube on this website. YouTube is an Internet video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them free of charge. YouTube allows the publication of all types of videos, which is why both complete film and television programs as well as music videos, trailers or videos made by users themselves can be accessed via the Internet portal.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the individual pages of this website is called up, which is operated by the person responsible for processing and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the information technology system of the person concerned is automatically activated by the respective YouTube component caused to download a representation of the relevant YouTube component from YouTube. Further information about YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google are informed which specific subpage of our website is visited by the person concerned.
If the person concerned is logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website the person concerned is visiting by calling up a subpage that contains a YouTube video. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.
YouTube and Google always receive information via the YouTube component that the person concerned has visited our website if the person concerned is logged in to YouTube at the same time as accessing our website; this takes place regardless of whether the data subject clicks on a YouTube video or not. If the data subject does not want this information to be transmitted to YouTube and Google, they can prevent the transmission by logging out of their YouTube account before accessing our website.
The data protection regulations published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.
XIII.Web analysis by Matomo
1.Scope of processing of personal data
We use the open source software tool Matomo on our website to analyze the surfing behavior of our users. The software sets a cookie on the user's computer (see above for cookies). If individual pages of our website are called up, the following data is stored:
(1)Two bytes of the IP address of the user's calling system
(2) The accessed website
(3) The website from which the user accessed the accessed website (referrer)
(4) The subpages that are accessed from the accessed website
(5) The length of stay on the website
(6)The frequency of visits to the website
The software runs exclusively on the servers of our website. A storage of the personal data of the users only takes place there. The data will not be passed on to third parties.
The software is set in such a way that the IP addresses are not saved completely, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.
2.Legal basis for processing personal data
The legal basis for the processing of users' personal data is Article 6 (1) (f) GDPR.
3.Purpose of data processing
The processing of users' personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. Our legitimate interest in the processing of the data according to Art. 6 (1) (f) GDPR also lies in these purposes. By making the IP address anonymous, the interest of the user in the protection of their personal data is sufficiently taken into account.
4. Duration of storage
The data will be deleted as soon as they are no longer required for our recording purposes.
In our case, this is the case after 60 days.
5. Possibility of objection and elimination
Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.
We offer our users the option of opting out of the analysis process on our website. To do this, you must follow the relevant link. In this way, another Cookie set on your system, which signals our system not to save the user's data. If the user deletes the corresponding cookie from their own system in the meantime, they must set the opt-out cookie again.
Browser references:
Internet Explorer: instructions below
http://windows.microsoft.com/de-de/internet-explorer/delete-manage-cookies#ie=ie-11-win-7
Mozilla Firefox: instructions below
https://support.mozilla.org/de/kb/cookies-allow-and-reject
Google Chrome: instructions below
https://support.google.com/chrome/answer/95647
Safari: instructions below
http://help.apple.com/safari/mac/8.0/#/sfri11471
XIV. Rights of the data subject
The following list includes all rights of those affected under the GDPR. Rights that are not relevant to your own website do not have to be mentioned. In this respect, the list can be shortened.
If personal data is processed by you, you are the data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
1. Right to information
You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us.
If such processing is present, you can request information from the person responsible for the following information:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;
(4) the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage duration;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the person responsible or a right to object to this processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) all available information about the origin of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Art. 22 (1) and (4) GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transmission.
2.Right to Rectification
You have a right to correction and/or completion to the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
3.Right to restriction of processing
Under the following conditions, you can request the restriction of the processing of your personal data:
(1) if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to check the accuracy of the personal data;
(2) the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have lodged an objection to the processing pursuant to Art. 21 (1) GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of the personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State are processed.
If the restriction of processing has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.
4.Right to Erasure
a) Obligation to delete
You can request the person responsible to delete the personal data concerning you immediately, and the person responsible is veobliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based pursuant to Article 6 Paragraph 1 Letter a or Article 9 Paragraph 2 Letter a GDPR and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Article 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Article 21 (2) GDPR.
(4) The personal data concerning you was processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
(6) The personal data concerning you was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.
b) Information to third parties
If the person responsible has made the personal data relating to you public and is obliged to delete it in accordance with Art. 17 (1) GDPR, he shall take appropriate measures, including technical measures, to protect the person responsible for data processing, taking into account the available technology and the implementation costs , who process the personal data, that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
c) exceptions
The right to erasure does not exist if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation that requires processing under Union or Member State law to which the person responsible is subject, or to perform a task that is in the public interest or in the exercise of official authority that is transferred to the person responsible would;
(3) for reasons of public interest in the area of public health in accordance with Art. 9 (2) lit. h and i and Art. 9 (3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 Para
(5) to assert, exercise or defend legal claims.
5. Right to Information
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have the right vis-à-vis the person responsible to be informed about these recipients.
6.Right to Data Portability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to transmit this data to another person responsible without hindrance by the person responsible for providing the personal data, provided that
(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and
(2) the processing is carried out using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible. The freedoms and rights of other people must not be impaired by this.
The right to data portability does not apply to the processing of personal data that is required to perform a task that is in the public interest or in the exercise of official authority that has been assigned to the controller.
7. Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 Paragraph 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
The one in chargee no longer processes the personal data relating to you, unless it can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you is processed in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to the processing for direct marketing purposes, the personal data relating to you will no longer be processed for these purposes.
In connection with the use of information society services, you have the option – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures that use technical specifications.
8. Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
9. Automated individual decision-making including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is required for the conclusion or performance of a contract between you and the person responsible,
(2) is permitted by law of the Union or the Member States to which the person responsible is subject and this law contains appropriate measures to protect your rights and freedoms and your legitimate interests or
(3) done with your express consent.
However, these decisions must not be based on special categories of personal data according to Article 9 Paragraph 1 GDPR, unless Article 9 Paragraph 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests .
With regard to the cases referred to in (1) and (3), the person responsible shall take appropriate measures to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the person responsible, to express his or her point of view and to challenge the decision.
10.Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data violates violates the GDPR.
The supervisory authority to which the complaint was lodged will inform the complainant about the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
11.Overview of rights under GDPR
You have the following legal data protection rights under the respective legal requirements
Right to information (Article 15 GDPR, Section 34 BDSG)
Right to erasure (Article 17 GDPR, Section 35 BDSG)
Right to rectification (Article 16 GDPR, Section 34 BDSG)
Right to restriction of processing (Article 18 GDPR)
Right to data portability (Article 20 GDPR)
Right to revoke consent (Article 7 Paragraph 3 GDPR)
Right to object to certain data processing measures (Article 21 GDPR)
XV.Use of Google reCAPTCHA
We use the reCAPTCHA service from Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google") on our website. The query serves the purpose of distinguishing whether the input is made by a human or by automated, machine processing. The query includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. For this purpose, your input will be transmitted to Google and used there. However, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this informationUse information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other Google data. Your data may also be transmitted to the USA. An adequacy decision by the European Commission, the "Privacy Shield", is in place for data transfers to the USA. Google participates in the "Privacy Shield" and has submitted to the guidelines. By confirming the query, you consent to the processing of your data. The processing takes place on the basis of Art. 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent up to the revocation.
You can find more information about Google reCAPTCHA and the associated data protection declaration at: https://www.google.com/privacy/ads/
XVI.Tools and Miscellaneous
Google Maps
On our website we use Google Maps (API) from Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). Google Maps is a web service for displaying interactive (land) maps to visually display geographic information. Using this service will show you our location and make it easier to get there.
As soon as you call up the sub-pages in which the Google Maps map is integrated, information about your use of our website (e.g. your IP address) is transmitted to Google servers in the USA and stored there. This takes place regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in particular in accordance with Art. 6 Para. 1 lit.f DSGVO on the basis of Google's legitimate interests in the display of personalized advertising, market research and/or needs-based design of its website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
Google LLC based in the USA is certified for the US-European data protection agreement "Privacy Shield", which ensures compliance with the data protection level applicable in the EU.
If you do not agree to the future transmission of your data to Google when using Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus also the map display on this website cannot then be used.
You can view Google's terms of use at http://www.google.de/intl/de/policies/terms/regional.html, the additional terms of use for Google Maps can be found at https://www.google.com/intl /de_US/help/terms_maps.html
Detailed information on data protection in connection with the use of Google Maps can be found on the Google website ("Google Privacy Policy"): http://www.google.de/intl/de/policies/privacy/
Transfer of personal data to shipping service providers
-DHL
If the goods are delivered by the transport service provider DHL (DHL Paket GmbH - Sträßchensweg 10 - 53113 Bonn Telephone: 0228/1820), we will provide your delivery address as specified by you in our online shop and, if applicable, your e-mail address before delivery of the goods in accordance with Article 6 (1) (a) GDPR for the purpose of coordinating a delivery date or delivery notification and data processing (shipment processing) to DHL, provided that you have given your express consent to this during the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to DHL for the purpose of delivery in accordance with Article 6 (1) (b) GDPR. The data will only be passed on if this is necessary for the delivery of the goods. In this case, it is not possible to coordinate the delivery date with DHL in advance or to send status information about the delivery of the shipment.
The consent can be revoked at any time with effect for the future to the person responsible mentioned above or to the transport service provider DHL.
- DPD
If the goods are delivered by the transport service provider DPD (DPD Deutschland GmbH - Wailandtstraße 1 - 63741 Aschaffenburg Telephone: 06021/843-0), we will provide your delivery address as specified by you in our online shop and, if necessary, your e-mail address the delivery of the goods in accordance with Article 6 (1) (a) GDPR for the purpose of coordinating a delivery date orfor delivery notification and data processing (shipment processing) to DPD, provided that you have given your express consent to this during the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to DPD for the purpose of delivery in accordance with Article 6 (1) (b) GDPR. The data will only be passed on if this is necessary for the delivery of the goods. In this case, it is not possible to coordinate the delivery date with DPD in advance or to send status information about the delivery of the shipment.
Consent can be revoked at any time with effect for the future from the above-mentioned person responsible or from the transport service provider DPD.
XVII.Data collection when writing a comment on the blog and when rating articles
When you comment on an article or a contribution, we collect your personal data (name, e-mail address, comment text) only to the extent provided by you. The processing serves the purpose of enabling comments and displaying comments. By submitting the comment, you agree to the processing of the transmitted data. The processing takes place on the basis of Art. 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent up to the revocation. Your personal data will then be deleted.
When your comment is published, only the name you provide will be published.
In addition, when you submit a comment, your IP address will be saved for the purpose of preventing misuse of the comment function and ensuring the security of our information technology systems. By submitting the comment, you agree to the processing of the transmitted data. The processing takes place on the basis of Art. 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent up to the revocation. Your IP address will then be deleted.
Changes to the Privacy Policy
We reserve the right to update this data protection declaration at any time, for example if we adapt our website or if the legal requirements change.