We have drafted this Privacy Policy (Version June 19, 2024-322818827) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter “data”) we, as the controller – and the processors commissioned by us (e.g., providers) – process, will process in the future, and what legal options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data we process about you.
Privacy policies usually sound very technical and use legal jargon. This Privacy Policy, however, aims to describe the most important aspects to you as simply and transparently as possible. Where it promotes transparency, technical terms are explained in a user-friendly manner, links to further information are provided, and graphics are used. We thus inform you in clear and simple language that, in the course of our business activities, we only process personal data when there is a corresponding legal basis. This is certainly not possible if one provides explanations that are as brief, unclear, and legally technical as they often are on the internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is some information you were not yet aware of.
If you still have questions, we kindly ask you to contact the responsible body mentioned below or in the imprint, follow the provided links, and view further information on third-party sites. Our contact details can, of course, also be found in the imprint.
This Privacy Policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person’s name, email address, and postal address. The processing of personal data ensures that we can offer and bill for our services and products, whether online or offline. The scope of this Privacy Policy includes:
In short: The Privacy Policy applies to all areas within the company where personal data is processed in a structured manner via the channels mentioned. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
In the following Privacy Policy, we provide you with transparent information on the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, which enable us to process personal data.
Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can, of course, read this EU General Data Protection Regulation online on EUR-Lex, the access point to EU law, at https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679.
We only process your data if at least one of the following conditions applies:
Other conditions such as the performance of tasks carried out in the public interest and the exercise of official authority, as well as the protection of vital interests, generally do not apply to us. Should such a legal basis nevertheless be relevant, it will be indicated at the appropriate place.
In addition to the EU regulation, national laws also apply:
If further regional or national laws apply, we will inform you about them in the following sections.
Should you have any questions about data protection or the processing of personal data, you will find the contact details of the responsible person or entity below:
Klaus Ronny Schulze
Email: info@pegasus-sportswear.de
Imprint: https://pegasus-sportswear.de/impressum/
The principle that we only store personal data for as long as is absolutely necessary for the provision of our services and products is a general criterion for us. This means that we delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased, for example, for accounting purposes.
Should you wish for your data to be deleted or revoke your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to store it.
We will inform you about the specific duration of the respective data processing further below, provided we have additional information.
In accordance with Articles 13 and 14 GDPR, we inform you about the following rights that you are entitled to, to ensure fair and transparent data processing:
In short: You have rights – do not hesitate to contact the responsible body listed above!
If you believe that the processing of your data violates data protection law or that your data protection rights have been infringed in any other way, you can lodge a complaint with the supervisory authority. For Austria, this is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For further information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:
State Commissioner for Data Protection: Prof. Dr. Thomas Petri
Address: Wagmüllerstr. 18, 80538 Munich
Phone: 089/21 26 72-0
Email Address: poststelle@datenschutz-bayern.de
Website: https://www.datenschutz-bayern.de/
We only transfer or process data to countries outside the scope of the GDPR (third countries) if you consent to this processing or if there is another legal permission. This applies in particular if the processing is legally required or necessary for the fulfillment of a contractual relationship, and in any case, only to the extent generally permitted. In most cases, your consent is the most important reason for us to have data processed in third countries. The processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, can mean that personal data is processed and stored in unexpected ways.
We expressly point out that, in the opinion of the European Court of Justice, an adequate level of protection for data transfer to the USA currently only exists if a US company that processes personal data of EU citizens in the USA is an active participant in the EU-US Data Privacy Framework. More information on this can be found at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
Data processing by US services that are not active participants in the EU-US Data Privacy Framework may result in data not being processed and stored anonymously. Furthermore, US government authorities may, if applicable, access individual data. In addition, collected data may be linked with data from other services of the same provider, provided you have a corresponding user account. Where possible, we try to use server locations within the EU, if offered.
We will inform you in more detail about data transfer to third countries at the appropriate points in this Privacy Policy, if applicable.
To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible, within our capabilities, for third parties to infer personal information from our data.
Art. 25 GDPR refers here to “data protection by design and by default” and means that security is always considered for both software (e.g., forms) and hardware (e.g., server room access), and appropriate measures are implemented. In the following, we will elaborate on specific measures, if necessary.
TLS, encryption, and HTTPS sound very technical, and they are. We use HTTPS (Hypertext Transfer Protocol Secure stands for “secure hypertext transfer protocol”) to transmit data securely over the internet, preventing eavesdropping.
This means that the entire transmission of all data from your browser to our web server is secured – no one can “listen in.”
With this, we have introduced an additional layer of security and fulfill data protection by design (Article 25, paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission security by the small padlock symbol 
in the top left of the browser, to the left of the internet address (e.g., examplepage.de), and the use of the https scheme (instead of http) as part of our internet address.
If you would like to know more about encryption, we recommend searching Google for “Hypertext Transfer Protocol Secure wiki” to find good links to further information.
| Cookies Summary ? Affected parties: Website visitors ? Purpose: depends on the respective cookie. More details can be found below or from the software manufacturer that sets the cookie. ? Processed data: Depends on the cookie used. More details can be found below or from the software manufacturer that sets the cookie. ? Storage duration: depends on the respective cookie, can vary from hours to years ?? Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
Our website uses HTTP cookies to store user-specific data.
Below, we explain what cookies are and why they are used, so that you can better understand the following Privacy Policy.
Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One thing is undeniable: cookies are truly useful helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other types of cookies for other applications. HTTP cookies are small files that are stored by our website on your computer. These cookie files are automatically placed in the cookie folder, essentially the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more additional attributes must be specified.
Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie back from the server, which the browser uses again as soon as another page is requested.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “malware”. Cookies also cannot access information on your PC.
For example, cookie data can look like this:
Name: _ga
Value: GA1.2.1326744211.152322818827-9
Purpose: Differentiation of website visitors
Expiration date: after 2 years
These minimum sizes should be supported by a browser:
The question of which cookies we use in particular depends on the services used and will be clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user places a product in the shopping cart, then continues browsing on other pages and only goes to checkout later. These cookies ensure that the shopping cart is not deleted, even if the user closes their browser window.
Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behavior of the website on different browsers.
Targeting cookies
These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved.
Advertising cookies
These cookies are also called targeting cookies. They serve to deliver individually tailored advertising to the user. This can be very practical, but also very annoying.
Usually, when you visit a website for the first time, you will be asked which of these types of cookies you want to allow. And of course, this decision is also stored in a cookie.
If you would like to know more about cookies and are not afraid of technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.
Cookies are small helpers for many different tasks. Unfortunately, it is not possible to generalize which data is stored in cookies, but we will inform you about the processed or stored data in the following privacy policy.
The storage period depends on the respective cookie and is specified in more detail below. Some cookies are deleted after less than an hour, others can remain stored on a computer for several years.
You also have influence on the storage period yourself. You can manually delete all cookies at any time via your browser (see also below “Right of objection”). Furthermore, cookies that are based on consent will be deleted at the latest after you revoke your consent, whereby the legality of the storage remains unaffected until then.
You decide how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, deactivating them or only partially allowing them. For example, you can block cookies from third-party providers, but allow all other cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, activate and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: Deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. This allows you to decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. The best way to find the instructions is to search Google for “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser.
The so-called “cookie policies” have been in place since 2009. They stipulate that the storage of cookies requires consent (Article 6 paragraph 1 lit. a GDPR) from you. Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this guideline was implemented in § 165 paragraph 3 of the Telecommunications Act (2021). In Germany, the cookie guidelines were not implemented as national law. Instead, this guideline was largely implemented in § 15 paragraph 3 of the Telemedia Act (TMG), which has been replaced by the Digital Services Act (DDG) since May 2024.
For absolutely necessary cookies, even if there is no consent, there are legitimate interests (Article 6 paragraph 1 lit. f GDPR), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience and certain cookies are often absolutely necessary for this.
Insofar as cookies that are not absolutely necessary are used, this only happens with your consent. The legal basis in this respect is Art. 6 Para. 1 lit. a GDPR.
In the following sections, you will be informed in more detail about the use of cookies, provided that the software used uses cookies.
| Customer data summary ? Affected: Customers or business and contractual partners ? Purpose: Provision of the contractually or pre-contractually agreed services including related communication ? Processed data: Name, address, contact details, email address, telephone number, payment information (such as invoices and bank details), contract data (such as term and subject of the contract), IP address, order data ? Storage period: the data will be deleted as soon as it is no longer required to provide our business purposes and there is no legal retention obligation. ?? Legal bases: Legitimate interest (Art. 6 Para. 1 lit. f GDPR), contract (Art. 6 Para. 1 lit. b GDPR) |
In order to be able to offer our service or our contractual services, we also process data from our customers and business partners. This data always includes personal data. Customer data is understood to mean all information that is processed on the basis of a contractual or pre-contractual cooperation in order to be able to provide the services offered. Customer data is therefore all the information we collect and process about our customers.
There are many reasons why we collect and process customer data. The most important is that we simply need different data to provide our services. Sometimes your email address is enough, but if you purchase a product or service, we also need data such as your name, address, bank details or contract data. We also use the data in the following for marketing and sales optimizations so that we can improve our service for our customers overall. Another important point is our customer service, which is always very important to us. We want you to be able to come to us at any time with questions about our offers and for this we need at least your email address.
Which data is stored exactly can only be reproduced here using categories. This always depends on which services you purchase from us. In some cases, you only give us your email address so that we can contact you, for example, or we can answer your questions. In other cases, you purchase a product or service from us and we need significantly more information for this, such as your contact details, payment details and contract details.
Here is a list of possible data that we receive and process from you:
As soon as we no longer need the customer data to fulfill our contractual obligations and our purposes and the data is also not necessary for possible warranty and liability obligations, we delete the corresponding customer data. This is the case, for example, when a business contract ends. After that, the limitation period is usually 3 years, although longer periods are possible in individual cases. Of course, we also adhere to the statutory retention obligations. Your customer data will certainly not be passed on to third parties unless you have explicitly given your consent.
The legal bases for processing your data are Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. b GDPR (contract or pre-contractual measures), Art. 6 Para. 1 lit. f GDPR (legitimate interests) and in special cases (e.g. for medical services) Art. 9 Para. 2 lit. a. GDPR (processing of special categories).
In the event of the protection of vital interests, data processing takes place in accordance with Art. 9 Para. 2 lit. c. GDPR. For the purposes of healthcare, occupational medicine, medical diagnostics, for the provision of care or treatment in the health or social sector or for the management of systems and services in the health or social sector, personal data is processed in accordance with Art. 9 Para. 2 lit. h. GDPR. If you voluntarily provide data from the special categories, the processing takes place on the basis of Art. 9 Para. 2 lit. a. GDPR.
| Registration Summary ? Affected: All persons who register, create an account, log in and use the account. ? Processed data: Email address, name, password and other data collected during registration, login and account usage. ? Purpose: Provision of our services. Communication with customers in connection with the services. ? Storage period: As long as the company account associated with the texts exists and then usually 3 years. ?? Legal bases: Art. 6 Para. 1 lit. b GDPR (contract), Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
If you register with us, personal data may be processed, provided that you enter data with personal references or data such as the IP address are recorded during processing. You can read more about what we mean by the rather unwieldy term “personal data” below.
Please only enter data that we need for registration and for which you have the approval of a third party if you carry out the registration on behalf of a third party. If possible, use a secure password that you do not use anywhere else and an email address that you check regularly.
In the following, we will inform you about the exact nature of the data processing, because you should feel comfortable with us!
When you register, we receive certain data from you and enable you to easily log in online with us later and use your account with us. An account with us has the advantage that you do not have to enter everything again each time. Saves time, effort and ultimately prevents errors in the provision of our services.
In short, we process personal data to enable the creation and use of an account with us.
If we didn’t, you would have to enter all the data every time, wait for approval from us and enter everything again. We and many, many customers wouldn’t like that so much. How would you find that?
All data that you provided during registration, enter when logging in or enter as part of managing your data in the account.
When registering, we process the following types of data:
When logging in, we process the data that you enter when logging in, such as username and password, and data recorded in the background, such as device information and IP addresses.
When using the account, we process data that you enter while using the account and which are created as part of using our services.
We store the data entered at least for the time that the account linked to the data exists with us and is used, as long as contractual obligations exist between us and, when the contract ends, until the respective claims arising from it have expired. In addition, we store your data as long and to the extent that we are subject to legal obligations to store it. After that, we keep booking documents (invoices, contract documents, account statements, etc.) belonging to the contract and other relevant business documents for the legally prescribed period (usually a few years).
You have registered, entered data and would like to revoke the processing? No problem. As you can read above, the rights under the General Data Protection Regulation also exist during and after registration, login or the account with us. Contact the person responsible for data protection above to exercise your rights. If you already have an account with us, you can easily view or manage your data and texts in the account.
By completing the registration process, you are entering into pre-contractual negotiations with us to conclude a user agreement for our platform (even if no payment obligation automatically arises). You invest time to enter data and register, and we offer you our services after logging into our system and access to your customer account. Furthermore, we fulfill our contractual obligations. Finally, we must keep registered users informed of important changes via email. Thus, Art. 6 para. 1 lit. b GDPR (implementation of pre-contractual measures, fulfillment of a contract) applies.
If necessary, we also obtain your consent, e.g., if you voluntarily provide more data than strictly necessary or if we are allowed to send you advertising. Art. 6 para. 1 lit. a GDPR (Consent) therefore applies.
We also have a legitimate interest in knowing who we are dealing with in order to make contact in certain cases. Furthermore, we need to know who uses our services and whether they are used as stipulated by our terms of use, so Art. 6 para. 1 lit. f GDPR (Legitimate interests) applies.
Note: the following sections are to be checked by users (as needed):
Registration with Real Name
Since we need to know who we are dealing with in our business operations, registration is only possible with your real name (full name) and not with pseudonyms.
Registration with Pseudonyms
Pseudonyms can be used during registration, meaning you do not have to register with your real name. This ensures that your name cannot be processed by us.
Storage of IP Address
During registration, login, and account usage, we store the IP address in the background for security reasons to be able to determine legitimate use.
Public Profile
User profiles are publicly visible, meaning parts of the profile can be viewed on the internet even without providing a username and password.
2-Factor Authentication (2FA)
Two-factor authentication (2FA) provides additional security during login, as it prevents, for example, logging in without a smartphone. This technical measure to secure your account thus protects you from data loss or unauthorized access even if your username and password were known. You can find out which 2FA is used during registration, login, and in the account itself.
| Web Analytics Privacy Policy Summary ? Affected parties: Website visitors ? Purpose: Evaluation of visitor information to optimize the website offering. ? Processed data: Access statistics, which include data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. More details can be found with the respective Web Analytics Tool used. ? Storage duration: depends on the Web Analytics Tool used ?? Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate interests) |
On our website, we use software to evaluate the behavior of website visitors, known as Web Analytics or Web Analysis. Data is collected, stored, managed, and processed by the respective analytics tool provider (also called a tracking tool). With the help of this data, analyses of user behavior on our website are created and made available to us as website operators. In addition, most tools offer various testing options. For example, we can test which offers or content are most popular with our visitors. For this, we show you two different offers for a limited period. After the test (a so-called A/B test), we know which product or content our website visitors find more interesting. For such testing procedures, as well as for other analytics procedures, user profiles can also be created and data stored in cookies.
With our website, we have a clear goal in mind: we want to deliver the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting content, and also ensure that you feel completely comfortable on our website. With the help of web analysis tools, we can take a closer look at the behavior of our website visitors and then improve our web offering for you and us accordingly. For example, we can see the average age of our visitors, where they come from, when our website is most visited, or which content or products are particularly popular. All this information helps us to optimize the website and thus best adapt it to your needs, interests, and wishes.
Exactly what data is stored naturally depends on the analysis tools used. However, typically, data such as which content you view on our website, which buttons or links you click, when you access a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to visit the website, or which computer system you use is stored. If you have consented to location data also being collected, this can also be processed by the web analysis tool provider.
In addition, your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address is usually stored pseudonymized (i.e., in an unrecognizable and shortened form). For the purpose of tests, web analysis, and web optimization, no direct data such as your name, age, address, or email address is stored. All such data, if collected, is stored pseudonymized. This way, you cannot be identified as a person.
The following example schematically illustrates how Google Analytics works as an example of client-based web tracking with JavaScript code.
How long the respective data is stored always depends on the provider. Some cookies store data only for a few minutes or until you leave the website, while other cookies can store data for several years.
We will inform you about the duration of data processing below, provided we have further information. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. If it is legally required, for example in the case of accounting, this storage period may be exceeded.
You also have the right and the option to withdraw your consent to the use of cookies or third-party providers at any time. This can be done either via our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser.
The use of web analytics requires your consent, which we obtained with our cookie popup. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent constitutes the legal basis for the processing of personal data, as may occur when collected by web analytics tools.
In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technically and economically. With the help of web analytics, we can identify website errors, detect attacks, and improve economic efficiency. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate interests). Nevertheless, we only use the tools if you have given your consent.
Since web analytics tools use cookies, we also recommend reading our general privacy policy on cookies. To find out exactly what data about you is stored and processed, you should read the privacy policies of the respective tools.
Information on specific web analytics tools can be found – if available – in the following sections.
| Google Analytics Privacy Policy Summary ? Affected parties: Website visitors ? Purpose: Evaluation of visitor information to optimize the website offering. ? Processed data: Access statistics, which include data such as access locations, device data, access duration and time, navigation behavior, and click behavior. More details can be found further down in this privacy policy. ? Storage duration: individually adjustable, by default Google Analytics 4 stores data for 14 months ?? Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate interests) |
On our website, we use the analysis tracking tool Google Analytics, specifically Google Analytics 4 (GA4), from the American company Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. Through the combination of various technologies such as cookies, device IDs, and login information, you as a user can be identified across different devices. This allows your actions to be analyzed across platforms.
For example, if you click a link, this event is stored in a cookie and sent to Google Analytics. With the help of the reports we receive from Google Analytics, we can better adapt our website and our service to your wishes. In the following, we will go into more detail about the tracking tool and inform you primarily about what data is processed and how you can prevent this.
Google Analytics is a tracking tool used for analyzing our website’s data traffic. The basis for these measurements and analyses is a pseudonymous user identification number. This number does not contain personal data such as name or address, but serves to assign events to an end device. GA4 uses an event-based model that captures detailed information on user interactions such as page views, clicks, scrolling, and conversion events. In addition, various machine learning functions have been integrated into GA4 to better understand user behavior and certain trends. GA4 relies on modeling with the help of machine learning functions. This means that based on the collected data, missing data can also be extrapolated to optimize the analysis and provide forecasts.
For Google Analytics to function, a tracking code is embedded in our website’s code. When you visit our website, this code records various events that you perform on our site. With GA4’s event-based data model, we as website operators can define and track specific events to obtain analyses of user interactions. Thus, in addition to general information such as clicks or page views, special events important to our business can also be tracked. Such special events could include, for example, submitting a contact form or purchasing a product.
As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.
Google processes the data, and we receive reports on your user behavior. These may include the following reports:
In addition to the analysis reports mentioned above, Google Analytics 4 also offers the following functions, among others:
Our goal with this website is clear: We want to offer you the best possible service. The statistics and data from Google Analytics help us achieve this goal.
The statistically evaluated data gives us a clear picture of our website’s strengths and weaknesses. On the one hand, we can optimize our site so that it is more easily found by interested people on Google. On the other hand, the data helps us to better understand you as a visitor. We thus know very precisely what we need to improve on our website to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.
Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This allows Google Analytics to recognize you as a new user and assign you a user ID. The next time you visit our site, you will be recognized as a “returning” user. All collected data is stored together with this user ID. This is what makes it possible to evaluate pseudonymous user profiles.
To analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. For every newly created property, the Google Analytics 4 property is the default. Data is stored for different lengths of time depending on the property used.
Through identifiers such as cookies, app instance IDs, user IDs, or custom event parameters, your interactions are measured across platforms, provided you have consented. Interactions are all types of actions you perform on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics can be linked with third-party cookies. Google does not share Google Analytics data unless we, as website operators, approve it. Exceptions may occur if legally required.
According to Google, no IP addresses are logged or stored in Google Analytics 4. However, Google uses IP address data to derive location data and deletes it immediately thereafter. All IP addresses collected from users in the EU are therefore deleted before the data is stored in a data center or on a server.
Since Google Analytics 4 focuses on event-based data, the tool uses significantly fewer cookies compared to previous versions (like Google Universal Analytics). Nevertheless, there are some specific cookies used by GA4. These include, for example:
Name: _ga
Value: 2.1326744211.152322818827-5
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it serves to distinguish website visitors.
Expiration date: after 2 years
Name: _gid
Value: 2.1687193234.152322818827-1
Purpose: The cookie also serves to distinguish website visitors
Expiration date: after 24 hours
Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose: Used to reduce the request rate. If Google Analytics is provided via Google Tag Manager, this cookie is named _dc_gtm_ <property-id>.
Expiration date: after 1 minute
Note: This list cannot claim to be complete, as Google is constantly changing its choice of cookies. The aim of GA4 is also to improve data protection. Therefore, the tool offers several ways to control data collection. For example, we can set the storage period ourselves and also control the data collection.
Here we show you an overview of the most important types of data that are collected with Google Analytics:
Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly those areas that you click on. This gives us information about where you are “on the road” on our site.
Session duration: Google refers to the time you spend on our site without leaving the page as the session duration. If you have been inactive for 20 minutes, the session ends automatically.
Bounce rate: A bounce is when you only view one page on our website and then leave our website again.
Account creation: If you create an account or place an order on our website, Google Analytics collects this data.
Location: IP addresses are not logged or stored in Google Analytics. However, shortly before the IP address is deleted, derivations for location data are used.
Technical information: The technical information includes your browser type, your internet provider or your screen resolution.
Source: Google Analytics or us is of course also interested in which website or which advertisement you came to our site from.
Other data includes contact details, any ratings, the playing of media (e.g. if you play a video via our site), the sharing of content via social media or adding it to your favorites. The list is not exhaustive and is only intended to provide a general overview of data storage by Google Analytics.
Google has distributed its servers all over the world. Here you can read exactly where the Google data centers are located: https://www.google.com/about/datacenters/locations/?hl=de
Your data is distributed across various physical data carriers. This has the advantage that the data can be retrieved more quickly and is better protected against manipulation. There are corresponding emergency programs for your data in every Google data center. For example, if the hardware at Google fails or natural disasters paralyze servers, the risk of a service interruption at Google remains low.
The retention period of the data depends on the properties used. The storage period is always determined separately for each individual property. Google Analytics offers us four options for controlling the storage period:
In addition, there is also the option that data will only be deleted if you no longer visit our website within the period we have chosen. In this case, the retention period is reset each time you visit our website again within the specified period.
When the specified period has expired, the data is deleted once a month. This retention period applies to your data that is linked to cookies, user recognition and advertising IDs (e.g. cookies from the DoubleClick domain). Reporting results are based on aggregated data and are stored independently of user data. Aggregated data is a fusion of individual data into a larger unit.
According to the data protection law of the European Union, you have the right to obtain information about your data, to update, delete or restrict it. With the help of the browser add-on to deactivate Google Analytics JavaScript (analytics.js, gtag.js), you prevent Google Analytics 4 from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only deactivates data collection by Google Analytics.
If you want to generally deactivate, delete or manage cookies, you will find the corresponding links to the respective instructions of the most well-known browsers in the “Cookies” section.
The use of Google Analytics requires your consent, which we have obtained with our cookie popup. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as it can occur during collection by web analytics tools.
In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offer technically and economically. With the help of Google Analytics, we recognize errors on the website, can identify attacks and improve economic efficiency. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). However, we only use Google Analytics if you have given your consent.
Google also processes data from you in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure data transfer of personal data of EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
In addition, Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard contractual clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and through the standard contractual clauses, Google undertakes to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.
We hope we have been able to give you the most important information about data processing by Google Analytics. If you want to learn more about the tracking service, we recommend these two links: https://marketingplatform.google.com/about/analytics/terms/de/ and https://support.google.com/analytics/answer/6004245?hl=de.
If you want to learn more about data processing, use the Google Privacy Policy at https://policies.google.com/privacy?hl=de.
| Google Site Kit Privacy Policy Summary ? Affected: Website visitors ? Purpose: Evaluation of visitor information to optimize the website offer. ? Processed data: Access statistics that contain data such as locations of access, device data, access duration and time, navigation behavior, click behavior and IP addresses. More details can be found below and in the privacy policy of Google Analytics. ? Storage period: depending on the properties used ?? Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
We have integrated the WordPress plugin Google Site Kit from the American company Google Inc. into our website. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With Google Site Kit, we can quickly and easily view statistics from various Google products such as Google Analytics directly in our WordPress dashboard. The tool or the tools integrated in Google Site Kit also collect personal data from you. In this privacy policy, we explain why we use Google Site Kit, how long and where data is stored and which other data protection texts are relevant for you in this context.
Google Site Kit is a plugin for the content management system WordPress. With this plugin, we can view important statistics for website analysis directly in our dashboard. These are statistics that are collected by other Google products. First and foremost by Google Analytics. In addition to Google Analytics, the services Google Search Console, Page Speed Insight, Google AdSense, Google Optimize and Google Tag Manager can also be linked to Google Site Kit.
As a service provider, it is our job to offer you the best possible experience on our website. You should feel comfortable on our website and quickly and easily find exactly what you are looking for. Statistical evaluations help us to get to know you better and to adapt our offer to your wishes and interests. We use various Google tools for these evaluations. Site Kit makes our work much easier in this regard because we can view and analyze the statistics of the Google products directly in the dashboard. So we no longer have to log in separately for each tool. Site Kit thus always offers a good overview of the most important analysis data.
If you have actively agreed to tracking tools in the cookie notice (also called script or banner), Google products such as Google Analytics will set cookies and data from you, such as about your user behavior, will be sent to Google, stored and processed there. This also includes personal data such as your IP address.
For more detailed information on the individual services, we have separate text sections in this privacy policy. For example, take a look at our privacy policy on Google Analytics. Here we go into great detail about the data collected. You will learn how long Google Analytics stores, manages and processes data, which cookies can be used and how you can prevent data storage. We also have our own privacy policies with comprehensive information for other Google services such as Google Tag Manager or Google AdSense.
In the following, we will show you examples of Google Analytics cookies that can be set in your browser, provided that you have generally agreed to data processing by Google. Please note that these cookies are only a selection:
Name: _ga
Value:2.1326744211.152322818827-2
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it serves to distinguish website visitors.
Expiration date: after 2 years
Name: _gid
Value:2.1687193234.152322818827-7
Purpose: This cookie also serves to distinguish website visitors.
Expiration date: after 24 hours
Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose: This cookie is used to reduce the request rate.
Expiration date: after 1 minute
Google stores collected data on its own Google servers, which are distributed worldwide. Most of the servers are located in the United States and therefore it is easily possible that your data will also be stored there. At https://www.google.com/about/datacenters/locations/?hl=de you can see exactly where the company provides servers.
Data collected by Google Analytics is retained for a standardized 26 months. Your user data will then be deleted. The retention period applies to all data that is linked to cookies, user recognition and advertising IDs.
You always have the right to receive information about your data, to have your data deleted, corrected or restricted. You can also deactivate, delete or manage cookies in your browser at any time.
If you want to generally deactivate, delete or manage cookies, you will find the corresponding links to the respective instructions of the most well-known browsers in the “Cookies” section.
The use of Google Site Kit requires your consent, which we have obtained with our cookie popup. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as it can occur during collection by web analytics tools.
In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offer technically and economically. With the help of Google Site Kit, we recognize errors on the website, can identify attacks and improve economic efficiency. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). However, we only use Google Site Kit if you have given your consent.
Google also processes data from you in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure data transfer of personal data of EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
In addition, Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard contractual clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and through the standard contractual clauses, Google undertakes to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.
To learn more about data processing by Google, we recommend Google’s comprehensive privacy policy at https://policies.google.com/privacy?hl=de.
| Jetpack Privacy Policy Summary ? Affected: Website visitors ? Purpose: Analysis of visitor information to optimize the website. ? Processed data: Access statistics, including data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. ? Storage duration: until the data is no longer required for the services ?? Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
We use the WordPress plugin Jetpack on our website. Jetpack is software that provides us with web analytics, among other things. Jetpack is operated by Automattic (Inc. 132 Hawthorne Street San Francisco, CA 94107, USA), which uses technology from Quantcast (Inc., 201 3rd St, Floor 2, San Francisco, CA 94103-3153, USA) for this product. The integrated tracking tool also collects, stores, and processes your personal data. This privacy policy explains exactly what data is involved, why we use Jetpack, and how you can prevent this data storage.
Jetpack is a plugin for WordPress websites with many different functions and modules. All these tools help us make our website more attractive, more secure, and welcome more visitors. For example, the tool can display related posts, content can be shared, and Jetpack can also improve our website’s loading speed. All functions are hosted and provided by WordPress.
It is crucial for us that you feel comfortable on our website and find what you are looking for. Only if you are satisfied with our service can we be successful. And to know how and where we can further improve our website, we need information. Through Jetpack, for example, we see how often and how long you are on a single webpage or which buttons you like to click. With the help of this information, we can improve our website and adapt it to your wishes and preferences.
Specifically, the built-in tracking tool WordPress.com Stats also collects, stores, and processes your personal data. For the Jetpack tool to function, Jetpack sets a cookie in your browser when you open a webpage that has components of the tool integrated. The collected data is synchronized with Automattic and stored there.
In addition to your IP address (anonymized before storage) and user behavior data, this includes, for example, browser type, unique device identifier, preferred language, date and time of page entry, operating system, and mobile network information. Jetpack uses this information to improve its services and offerings and to gain better insights into the use of its own service. Furthermore, the following data may also be synchronized and stored:
Jetpack also uses cookies for data storage. Below, we show you a few selected example cookies that Jetpack uses:
Name: eucookielaw
Value: 1613651061376322818827-6
Purpose: Stores the user’s consent status for cookie usage.
Expiration date: after 180 days
Name: tk_ai
Value: 0
Purpose: This cookie stores a randomly generated anonymous ID. It is only used within the administration area to track general analytics.
Expiration date: after session end
Name: tk_tc
Value: E3%2BgJ1Pw6iYKk%2Fvj322818827-3
Purpose: This is a so-called referral cookie. It analyzes the connection between WooCommerce and a website with the Jetpack plugin.
Expiration date: after session end
Note: Jetpack uses many different cookies. Which cookies are specifically used depends on the Jetpack functions used and your actions on websites with the integrated Jetpack plugin. You can find a list of possible cookies used by Jetpack at https://de.jetpack.com/support/cookies/.
Automattic stores the collected data until it is no longer used for its own services. Beyond this period, data is only retained if the company is legally obliged to do so. Web server logs such as your IP address, browser type, and operating system are deleted after approximately 30 days. The data is stored on the company’s American servers.
As mentioned above, Jetpack uses cookies to store data. If you do not want Jetpack to collect your data in the future, you can request an “Opt-Out” cookie at https://www.quantcast.com/opt-out/. Quantcast sets this cookie, and no visitor data will be stored from you. This remains the case until you delete this cookie again.
Alternatively, you can also manage, disable, or delete cookies in your browser as you wish. Cookie management works slightly differently depending on the browser type. Under the “Cookies” section, you will find the corresponding links to the respective instructions for the most popular browsers.
The use of Jetpack requires your consent, which we have obtained with our cookie popup. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent constitutes the legal basis for the processing of personal data, as may occur when collected by web analytics tools.
In addition to consent, we have a legitimate interest in analyzing website visitor behavior to technically and economically improve our offering. With the help of Jetpack, we can identify website errors, detect attacks, and improve economic efficiency. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). However, we only use Jetpack if you have given your consent.
Automattic also processes your data in the USA, among other places. Jetpack and Automattic are active participants in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
Furthermore, Automattic uses so-called Standard Contractual Clauses (= Art. 46 para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Automattic commits to adhering to the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision by the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.
If you want to learn more about the privacy policies and data processing by Jetpack or Automattic, we recommend the privacy policy at https://automattic.com/privacy/, the cookie policy at https://automattic.com/cookies/, and also the information page https://jetpack.com/support/what-data-does-jetpack-sync/. We hope we have given you a good insight into data processing by Jetpack.
| Cookie Consent Management Platform Summary ? Affected: Website visitors ? Purpose: Obtaining and managing consent for certain cookies and thus the use of certain tools ? Processed data: Data for managing the set cookie settings such as IP address, time of consent, type of consent, individual consents. More details can be found with the respective tool used. ? Storage duration: Depends on the tool used; expect periods of several years ?? Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
On our website, we use Consent Management Platform (CMP) software that facilitates the correct and secure handling of scripts and cookies for both us and you. The software automatically creates a cookie popup, scans and controls all scripts and cookies, provides a legally required cookie consent for you, and helps us and you keep track of all cookies. Most Cookie Consent Management tools identify and categorize all existing cookies. As a website visitor, you then decide for yourself whether or not to allow which scripts and cookies. The following graphic illustrates the relationship between browser, web server, and CMP.
Our goal is to offer you the best possible transparency in data protection. Furthermore, we are legally obliged to do so. We want to inform you as thoroughly as possible about all tools and cookies that can store and process your data. It is also your right to decide for yourself which cookies you accept and which you do not. To grant you this right, we first need to know exactly which cookies have landed on our website. Thanks to a cookie management tool that regularly scans the website for all existing cookies, we are aware of all cookies and can provide you with GDPR-compliant information about them. You can then accept or reject cookies via the consent system.
Within our cookie management tool, you can manage each individual cookie yourself and have full control over the storage and processing of your data. Your declaration of consent is stored so that we do not have to ask you every time you visit our website and so that we can prove your consent if legally required. This is stored either in an opt-in cookie or on a server. The storage duration of your cookie consent varies depending on the provider of the cookie management tool. Most often, this data (such as pseudonymous user ID, time of consent, detailed information on cookie categories or tools, browser, device information) is stored for up to two years.
We will inform you further below about the duration of data processing, provided we have additional information. Generally, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. Data stored in cookies is stored for varying lengths of time. Some cookies are deleted immediately after leaving the website, while others can be stored in your browser for several years. The exact duration of data processing depends on the tool used; most often, you should expect a storage period of several years. In the respective privacy policies of the individual providers, you will usually find precise information about the duration of data processing.
You also have the right and the option to withdraw your consent to the use of cookies at any time. This can be done either via our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser.
Information on specific cookie management tools can be found – if available – in the following sections.
If you agree to cookies, personal data from you will be processed and stored via these cookies. If we are permitted to use cookies based on your consent (Article 6 para. 1 lit. a GDPR), this consent also simultaneously forms the legal basis for the use of cookies and the processing of your data. To manage cookie consent and enable you to give consent, Cookie Consent Management Platform software is used. The use of this software allows us to operate the website in an efficient and legally compliant manner, which constitutes a legitimate interest (Article 6 para. 1 lit. f GDPR).
| Security & Anti-Spam Privacy Policy Summary ? Affected: Website visitors ? Purpose: Cybersecurity ? Processed data: Data such as your IP address, name, or technical data like browser version More details can be found below and in the individual privacy texts. ? Storage duration: most data is stored until it is no longer needed for the provision of the service ?? Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
With so-called Security & Anti-Spam software, you and we can protect ourselves from various spam or phishing emails and other potential cyberattacks. Spam refers to unsolicited mass-sent advertising emails. Such emails are also called data junk and can incur costs. Phishing emails, in turn, are messages designed to build trust through fake messages or websites to obtain personal data. Anti-spam software generally protects against unwanted spam messages or malicious emails that could, for example, introduce viruses into our system. We also use general firewall and security systems that protect our computers from unwanted network attacks.
We place particular emphasis on security on our website. After all, it’s not just about our security, but above all, yours. Unfortunately, cyber threats have become commonplace in the world of IT and the internet. Hackers often try to steal personal data from an IT system with the help of a cyberattack. Therefore, a good defense system is absolutely necessary. A security system monitors all incoming and outgoing connections to our network or computer. To achieve even greater security against cyberattacks, in addition to the standardized security systems on our computer, we also use other external security services. This better prevents unauthorized data traffic and thus protects us from cybercrime.
Exactly what data is collected and stored naturally depends on the respective service. However, we always strive to use only programs that collect data very sparingly or only store data that is necessary for the fulfillment of the offered service. In principle, the service can store data such as name, address, IP address, email address, and technical data such as browser type or browser version. Any performance and log data may also be collected to detect potential incoming threats in good time. This data is processed within the scope of the services and in compliance with applicable laws. This also includes the GDPR for US providers (via the Standard Contractual Clauses). In some cases, these security services also work with third-party providers who can store and/or process data under instruction and in accordance with privacy policies and other security measures. Data storage usually occurs via cookies.
We will inform you about the duration of data processing below, if we have further information. For example, security programs store data until you or we revoke data storage. Generally, personal data is stored only as long as it is strictly necessary for the provision of services. Unfortunately, in many cases, providers do not give us precise information about the storage duration.
You also have the right and the option to withdraw your consent to the use of cookies or third-party security software providers at any time. This can be done either through our cookie management tool or other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser.
Since such security services may also use cookies, we recommend our general privacy policy on cookies. To find out exactly what data about you is stored and processed, you should read the privacy policies of the respective tools.
We primarily use security services based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in maintaining a robust security system against various cyberattacks.
Certain processing operations, especially the use of cookies and security features, require your consent. If you have consented to your data being processed and stored by integrated security services, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Most services we use set cookies in your browser to store data. Therefore, we recommend that you carefully read our privacy text on cookies and review the privacy policy or cookie guidelines of the respective service provider.
Information on specific tools can be found – where applicable – in the following sections.
| Google reCAPTCHA Privacy Policy Summary ? Data subjects: Website visitors ? Purpose: Optimization of our services and protection against cyberattacks ? Processed data: Data such as IP address, browser information, your operating system, limited location and usage data More details can be found further down in this privacy policy. ? Storage duration: depends on the stored data ?? Legal bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate interests) |
Our primary goal is to secure and protect our website as effectively as possible for both you and us. To ensure this, we use Google reCAPTCHA from Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With reCAPTCHA, we can determine whether you are truly a human and not a robot or other spam software. By spam, we mean any unsolicited information that reaches us electronically. With classic CAPTCHAs, you usually had to solve text or image puzzles for verification. With Google reCAPTCHA, we usually don’t have to bother you with such puzzles. In most cases, it’s enough to simply check a box to confirm that you are not a bot. With the new Invisible reCAPTCHA version, you don’t even have to check a box. You can find out exactly how this works and, above all, what data is used for it, in the course of this privacy policy.
reCAPTCHA is a free Captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is most commonly used when you fill out forms online. A Captcha service is a type of automated Turing test designed to ensure that an action on the internet is performed by a human and not by a bot. In the classic Turing test (named after computer scientist Alan Turing), a human determines the distinction between a bot and a human. With Captchas, the computer or a software program also takes over this task. Classic Captchas involve small tasks that are easy for humans to solve but present significant difficulties for machines. With reCAPTCHA, you no longer have to actively solve puzzles. The tool uses modern risk techniques to distinguish humans from bots. Here, you only need to check the “I’m not a robot” checkbox; with Invisible reCAPTCHA, even that is no longer necessary. reCAPTCHA embeds a JavaScript element in the source code, and the tool then runs in the background, analyzing your user behavior. From these user actions, the software calculates a so-called Captcha score. Google uses this score to calculate the probability that you are a human even before the Captcha input. reCAPTCHA, or Captchas in general, are always used when bots could manipulate or misuse certain actions (e.g., registrations, surveys, etc.).
We only want to welcome real people to our site. Bots or spam software of all kinds are welcome to stay home. That’s why we pull out all the stops to protect ourselves and offer you the best possible user experience. For this reason, we use Google reCAPTCHA from Google. This way, we can be quite sure that our website remains “bot-free”. By using reCAPTCHA, data is transmitted to Google to determine whether you are truly human. reCAPTCHA thus serves the security of our website and, consequently, your security. For example, without reCAPTCHA, a bot could register as many email addresses as possible during registration to then “spam” forums or blogs with unwanted advertising content. With reCAPTCHA, we can avoid such bot attacks.
reCAPTCHA collects personal data from users to determine whether actions on our website truly originate from humans. Thus, the IP address and other data that Google requires for the reCAPTCHA service can be sent to Google. IP addresses within EU member states or other contracting states of the Agreement on the European Economic Area are almost always truncated before the data lands on a server in the USA. The IP address is not combined with other Google data unless you are logged into your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) are already present in your browser. Subsequently, reCAPTCHA sets an additional cookie in your browser and captures a snapshot of your browser window.
The following list of collected browser and user data is not exhaustive. Rather, these are examples of data that, to our knowledge, are processed by Google.
It is undisputed that Google uses and analyzes this data even before you click the “I’m not a robot” checkbox. With the Invisible reCAPTCHA version, even checking the box is omitted, and the entire detection process runs in the background. Google does not provide detailed information on exactly how much and what data it stores.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:
Name: IDE
Value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-322818827-8
Purpose: This cookie is set by DoubleClick (also owned by Google) to register and report a user’s actions on the website in relation to advertisements. This allows advertising effectiveness to be measured and corresponding optimization measures to be taken. IDE is stored in browsers under the doubleclick.net domain.
Expiration date: after one year
Name: 1P_JAR
Value: 2019-5-14-12
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. Furthermore, the cookie can prevent a user from seeing the same advertisement more than once.
Expiration date: after one month
Name: ANID
Value: U7j1v3dZa3228188270xgZFmiqWppRWKOr
Purpose: We could not find much information about this cookie. In Google’s privacy policy, the cookie is mentioned in connection with “advertising cookies” such as “DSID”, “FLC”, “AID”, “TAID”. ANID is stored under the google.com domain.
Expiration date: after 9 months
Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: This cookie stores the status of a user’s consent to the use of various Google services. CONSENT also serves security purposes, to verify users, prevent credential fraud, and protect user data from unauthorized attacks.
Expiration date: after 19 years
Name: NID
Value: 0WmuWqy322818827zILzqV_nmt3sDXwPeM5Q
Purpose: NID is used by Google to tailor advertisements to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with ads. This way, you always receive customized advertisements. The cookie contains a unique ID to collect a user’s personal settings for advertising purposes.
Expiration date: after 6 months
Name: DV
Value: gEAABBCjJMXcI0dSAAAANbqc322818827-4
Purpose: Once you have checked the “I’m not a robot” box, this cookie is set. The cookie is used by Google Analytics for personalized advertising. DV collects information in anonymized form and is also used to differentiate users.
Expiration date: after 10 minutes
Note: This list cannot claim to be exhaustive, as Google, based on experience, frequently changes its choice of cookies.
By integrating reCAPTCHA, your data is transferred to Google’s servers. Google does not clearly state where exactly this data is stored, even after repeated inquiries. Without confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website, or language settings are stored on European or American Google servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. Google’s separate privacy policy applies to this.
If you do not want data about you and your behavior to be transmitted to Google, you must completely log out of Google and delete all Google cookies before visiting our website or using the reCAPTCHA software. Generally, data is automatically transmitted to Google as soon as you access our site. To delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=322818827.
Therefore, by using our website, you agree that Google LLC and its representatives automatically collect, process, and use data.
Please note that when using this tool, your data may also be stored and processed outside the EU. Most third countries (including the USA) are currently considered unsafe under European data protection law. Therefore, data may not simply be transferred, stored, and processed in unsafe third countries unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.
If you have consented to the use of Google reCAPTCHA, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent constitutes the legal basis for the processing of personal data, as may occur during collection by Google reCAPTCHA.
Furthermore, we have a legitimate interest in using Google reCAPTCHA to optimize and secure our online service. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). However, we only use Google reCAPTCHA if you have given your consent.
Google also processes your data in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
In addition, Google uses so-called Standard Contractual Clauses (= Art. 46 para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.
You can learn more about reCAPTCHA on Google’s web developer page at https://developers.google.com/recaptcha/. While Google elaborates on the technical development of reCAPTCHA there, precise information on data storage and privacy-relevant topics is sought in vain. A good overview of Google’s general use of data can be found in its own privacy policy at https://policies.google.com/privacy.
For our website, we use UpdraftPlus, a backup and security system. The service provider is the British company Updraft WP Software Ltd. 11 Barringer Way, St. Neots, PE19 1LW, Cambridgeshire, United Kingdom.
Due to the United Kingdom’s withdrawal from the European Union, the GDPR is no longer applicable to data transfers there. However, the European Commission has decided, based on Art. 45 GDPR, that the United Kingdom offers an adequate level of protection compared to the GDPR. Data transfer there is therefore permissible. You can view the decision here (Download): https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32021D1772
You can find out more about the data processed by using UpdraftPlus in the Privacy Policy at https://updraftplus.com/data-protection-and-privacy-centre/.
| Payment Provider Privacy Policy Summary ? Affected: Website visitors ? Purpose: Enabling and optimizing the payment process on our website ? Data processed: Data such as name, address, bank details (account number, credit card number, passwords, TANs, etc.), IP address and contract data More details can be found in the payment provider tool used. ? Storage period: depending on the payment provider used ?? Legal basis: Art. 6 para. 1 lit. b GDPR (fulfilment of a contract) |
We use online payment systems on our website that enable us and you to have a secure and smooth payment process. Among other things, personal data can also be sent to, stored and processed by the respective payment provider. Payment providers are online payment systems that allow you to place an order via online banking. The payment is processed by the payment provider you have chosen. We then receive information about the payment made. This method can be used by any user who has an active online banking account with PIN and TAN. There are hardly any banks that do not offer or accept such payment methods.
We naturally want to offer the best possible service with our website and our integrated online shop so that you feel comfortable on our site and use our offers. We know that your time is precious and that payment processing in particular must function quickly and smoothly. For these reasons, we offer you various payment providers. You can choose your preferred payment provider and pay in the usual way.
The exact data processed naturally depends on the respective payment provider. However, data such as name, address, bank details (account number, credit card number, passwords, TANs, etc.) are generally stored. This is necessary data in order to be able to carry out a transaction at all. In addition, any contract data and user data, such as when you visit our website, what content you are interested in or which subpages you click on, may also be stored. Your IP address and information about the computer you are using are also stored by most payment providers.
The data is generally stored and processed on the servers of the payment providers. We as website operators do not receive this data. We are only informed whether the payment has worked or not. For identity and credit checks, it may happen that payment providers forward data to the appropriate authority. The terms and conditions and data protection principles of the respective provider always apply to all payment transactions. Therefore, please always take a look at the general terms and conditions and the privacy policy of the payment provider. You also have the right to have data deleted or corrected at any time, for example. Please contact the respective service provider regarding your rights (right of withdrawal, right of information and rights of the data subject).
We will inform you about the duration of data processing further below if we have further information on this. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If it is required by law, as for example in the case of accounting, this storage period may also be exceeded. For example, we keep accounting documents (invoices, contract documents, account statements, etc.) belonging to a contract for 10 years (§ 147 AO) and other relevant business documents for 6 years (§ 247 HGB) after they have been incurred.
You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact the person responsible for the payment provider used at any time. Contact details can be found either in our specific privacy policy or on the website of the respective payment provider.
Cookies that payment providers use for their functions can be deleted, deactivated or managed in your browser. Depending on which browser you use, this works in different ways. Please note, however, that the payment process may then no longer work.
We therefore offer for the processing of contractual or legal relationships (Art. 6 para. 1 lit. b GDPR) in addition to the traditional bank/credit institutions, other payment service providers. The privacy statements of the individual payment providers (such as Amazon Payments, Apple Pay or Discover) provide you with a precise overview of data processing and data storage. In addition, you can always contact the responsible parties if you have any questions regarding data protection issues.
Information on the special payment providers can be found – if available – in the following sections.
| PayPal Privacy Policy Summary ? Affected: Website visitors ? Purpose: Optimizing the payment process on our website ? Data processed: Data such as name, address, bank details (account number, credit card number, passwords, TANs, etc.), IP address and contract data can be processed. More details can be found further down in this privacy policy. ? Storage period: Data is generally stored until the cooperation with PayPal is terminated ?? Legal basis: Art. 6 para. 1 lit. b GDPR (contract processing), Art. 6 para. 1 lit. a GDPR (consent) |
We use the online payment service PayPal on our website. The service provider is the American company PayPal Inc. The company PayPal Europe (S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg) is responsible for the European area.
With PayPal, all users can send and receive money electronically. The company was founded in 1998 and with over 325 million active customers, it is now one of the best-known and largest online payment service providers worldwide.
There are several reasons why we use PayPal and offer it on our website. Since PayPal is one of the best-known online payment providers, many of our website visitors also use and trust this service. PayPal also offers high security standards for digital money transfers. The service uses various encryption methods to protect your personal data as best as possible. We also appreciate the ease of use of PayPal and the possibility of international payments in different currencies. As a rule, the transactions are very quick, which is another advantage for both us and you as customers.
PayPal distinguishes in its privacy policy various categories of personal data that can be processed through the use of the service. These include registration and contact data, identification and signature data, payment information, information on imported contacts, data from your account profile, device data such as your IP address, location data and so-called derived data. This includes information that can be derived from transactions or other data. This can be purchase habits, behavioral patterns, creditworthiness or personal preferences.
Then there is also personal data that is collected by third parties (such as identity verifiers, fraud detection providers or your bank). This data includes information from credit agencies, transaction data, information on legal regulations, technical usage data, location data and also derived data again.
PayPal and its partners also use tracking technologies such as cookies, pixel tags, web beacons and widgets to recognize you as a user, customize content and perform analyses for interest-based advertising.
In principle, PayPal stores the data for as long as it is necessary to fulfil its obligations and within the scope of the purpose. Personal data that is necessary for the customer relationship is kept for up to 10 years after the end of the relationship. If PayPal is subject to a legal obligation, the retention period of the personal data is the applicable law (e.g. insolvency law). PayPal also stores personal data for as long as necessary if the retention is advisable with regard to legal disputes.
Since PayPal is a globally operating company, the service also has data centers worldwide where your data can be stored. This means that your data can also be stored outside your country and also outside the scope of the GDPR on PayPal servers.
You have the right to information, correction or deletion and restriction of the processing of your personal data at any time. You can also revoke your consent to the processing of the data at any time.
If you want to deactivate, delete or manage cookies in general, you will find the corresponding links to the respective instructions of the most popular browsers under the section “Cookies”.
We have a legitimate interest in integrating an external payment service with PayPal in order to make our offer more attractive and to improve it technically and economically. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). We would like to point out that you can only use PayPal if you enter into a contractual relationship with PayPal. Here it may be necessary to submit further data protection and contractual declarations (e.g. a consent).
PayPal also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.
As a basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. especially in the USA) or a data transfer to them, PayPal uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard contractual clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to and stored in third countries (such as the USA). Through these clauses, PayPal undertakes to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
More information on the standard contractual clauses and on the data processed by using PayPal can be found in the privacy policy at https://www.paypal.com/webapps/mpp/ua/privacy-full.
We use Visa, a globally operating payment provider, on our website. The service provider is the American company Visa Inc. The company Visa Europe Services Inc. (1 Sheldon Square, London W2 6TT, United Kingdom) is responsible for the European area.
Visa also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.
As a basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. especially in the USA) or a data transfer to them, Visa uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard contractual clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to and stored in third countries (such as the USA). Through these clauses, Visa undertakes to comply with the European data protection level when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
More information on the standard contractual clauses at Visa can be found at https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.
More about the data processed by using Visa can be found in the Privacy Policy at https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
| Audio & Video Privacy Policy Summary ? Affected: Website visitors ? Purpose: Optimizing our service ? Data processed: Data such as contact details, data on user behavior, information on your device and your IP address can be stored. More details can be found further down in the corresponding data protection texts. ? Storage period: Data is generally stored as long as it is necessary for the purpose of the service ?? Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
We have integrated audio and video elements on our website so that you can watch videos or listen to music/podcasts directly via our website. The content is provided by service providers. All content is therefore also obtained from the corresponding servers of the providers.
These are integrated functional elements from platforms such as YouTube, Vimeo or Spotify. The use of these portals is usually free of charge, but paid content can also be published. With the help of these integrated elements, you can listen to or watch the respective content via our website.
If you use audio or video elements on our website, your personal data may also be transmitted to, processed and stored by the service providers.
Of course, we want to provide you with the best offer on our website. And we are aware that content is no longer just conveyed in text and static images. Instead of simply giving you a link to a video, we offer you audio and video formats directly on our website that are entertaining or informative and, ideally, even both. This expands our service and makes it easier for you to access interesting content. Thus, in addition to our texts and images, we also offer video and/or audio content.
When you visit a page on our website that has an embedded video, for example, your server connects to the server of the service provider. Data from you is also transferred to the third-party provider and stored there. Some data is collected and stored regardless of whether you have an account with the third-party provider or not. This usually includes your IP address, browser type, operating system, and other general information about your device. Furthermore, most providers also collect information about your web activity. This includes session duration, bounce rate, which button you clicked on or via which website you use the service. All this information is usually stored via cookies or pixel tags (also called web beacons). Pseudonymized data is usually stored in cookies in your browser. You can always find out exactly which data is stored and processed in the privacy policy of the respective provider.
You can find out exactly how long data is stored on third-party servers either in the privacy text of the respective tool below or in the provider’s privacy policy. As a general rule, personal data is only processed for as long as is strictly necessary for the provision of our services or products. This generally also applies to third-party providers. In most cases, you can assume that certain data will be stored on third-party servers for several years. Data can be stored for varying lengths of time, especially in cookies. Some cookies are deleted as soon as you leave the website, while others can remain stored in your browser for several years.
You also have the right and the option to withdraw your consent to the use of cookies or third-party providers at any time. This can be done either via our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser. The lawfulness of processing until withdrawal remains unaffected.
Since the integrated audio and video functions on our site usually also use cookies, you should also read our general privacy policy regarding cookies. In the privacy policies of the respective third-party providers, you will find more details about how your data is handled and stored.
If you have consented to your data being processed and stored by integrated audio and video elements, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in quick and effective communication with you or other customers and business partners. Nevertheless, we only use the integrated audio and video elements if you have given your consent.
| YouTube Privacy Policy Summary ? Data Subjects: Website visitors ? Purpose: Optimizing our services ? Processed Data: Data such as contact details, user behavior data, information about your device, and your IP address may be stored. More details can be found below in this privacy policy. ? Storage Duration: Data is generally stored as long as necessary for the service purpose ?? Legal Bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
We have embedded YouTube videos on our website, allowing us to present interesting videos directly on our page. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you access a page on our website that has an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. Various data is transferred in the process (depending on your settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing within the European Economic Area.
In the following, we will explain in more detail what data is processed, why we have integrated YouTube videos, and how you can manage or delete your data.
On YouTube, users can watch, rate, comment on, and upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. To display videos on our website, YouTube provides a code snippet that we have integrated into our page.
YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website, and interesting videos are, of course, essential. With the help of our embedded videos, we provide you with additional helpful content alongside our texts and images. Furthermore, our website is more easily found on the Google search engine thanks to the embedded videos. Even when we run Google Ads, Google – thanks to the collected data – can truly only show these ads to people who are interested in our offers.
As soon as you visit one of our pages with an embedded YouTube video, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually associate your interactions on our website with your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information like browser type, screen resolution, or your internet service provider. Additional data may include contact details, any ratings, sharing content via social media, or adding to your favorites on YouTube.
If you are not logged into a Google or YouTube account, Google stores data with a unique identifier linked to your device, browser, or app. For example, your preferred language setting is retained. However, many interaction data points cannot be stored because fewer cookies are set.
The following list shows cookies that were set during a browser test. We present cookies set without a logged-in YouTube account, and separately, cookies set with a logged-in account. This list cannot claim to be exhaustive, as user data always depends on interactions on YouTube.
Name: YSC
Value: b9-CV6ojI5Y322818827-1
Purpose: This cookie registers a unique ID to store statistics of the video watched.
Expiration date: after session end
Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google uses PREF to gather statistics on how you use YouTube videos on our website.
Expiration date: after 8 months
Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track your GPS location.
Expiration date: after 30 minutes
Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie attempts to estimate the user’s bandwidth on our websites (with embedded YouTube video).
Expiration date: after 8 months
Additional cookies set when you are logged into your YouTube account:
Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7322818827-
Purpose: This cookie is used to create a profile of your interests. The data is utilized for personalized advertisements.
Expiration date: after 2 years
Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: This cookie stores the status of a user’s consent to the use of various Google services. CONSENT also serves security purposes, verifying users and protecting user data from unauthorized attacks.
Expiration date: after 19 years
Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile of your interests. This data helps in displaying personalized advertising.
Expiration date: after 2 years
Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information about your login data.
Expiration date: after 2 years
Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile of your interests.
Expiration date: after 2 years
Name: SID
Value: oQfNKjAsI322818827-
Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.
Expiration date: after 2 years
Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information on how you use the website and what advertising you may have seen before visiting our site.
Expiration date: after 3 months
The data that YouTube receives and processes from you is stored on Google servers. Most of these servers are located in America. At https://www.google.com/about/datacenters/locations/?hl=de you can see exactly where Google’s data centers are located. Your data is distributed across the servers, making it faster to retrieve and better protected against manipulation.
Google stores the collected data for varying lengths of time. Some data you can delete at any time, others are automatically deleted after a limited period, and still others are stored by Google for a longer duration. Some data (such as items from “My Activity,” photos or documents, products) stored in your Google account remain stored until you delete them. Even if you are not logged into a Google account, you can delete some data linked to your device, browser, or app.
You can generally delete data manually in your Google account. With the automatic deletion function for location and activity data introduced in 2019, information is stored for either 3 or 18 months, depending on your decision, and then deleted.
Regardless of whether you have a Google account, you can configure your browser to delete or deactivate Google cookies. Depending on the browser you use, this works in different ways. Under the section “Cookies,” you will find the corresponding links to the instructions for the most popular browsers.
If you generally do not want cookies, you can configure your browser to always inform you when a cookie is about to be set. This way, you can decide for each individual cookie whether to allow it or not.
If you have consented to your data being processed and stored by integrated YouTube elements, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in quick and effective communication with you or other customers and business partners. Nevertheless, we only use the integrated YouTube elements if you have given your consent. YouTube also sets cookies in your browser to store data. Therefore, we recommend that you carefully read our privacy text on cookies and review the privacy policy or cookie guidelines of the respective service provider.
YouTube also processes your data in the USA, among other locations. YouTube and Google are active participants in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
In addition, Google uses so-called Standard Contractual Clauses (= Art. 46 para. 2 and 3 GDPR). Standard Contractual Clauses (SCCs) are model templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses, among others, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.
Since YouTube is a subsidiary of Google, there is a common privacy policy. If you want to learn more about how your data is handled, we recommend reviewing the privacy policy at https://policies.google.com/privacy?hl=de.
| Web Design Privacy Policy Summary ? Data Subjects: Website visitors ? Purpose: Improving user experience ? Processed Data: The data processed depends heavily on the services used. This usually includes IP address, technical data, language settings, browser version, screen resolution, and browser name. More details can be found with the respective web design tools employed. ? Storage Duration: dependent on the tools used ?? Legal Bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests) |
We use various tools on our website for web design purposes. Web design, contrary to common belief, is not just about making our website look appealing, but also about functionality and performance. However, the appropriate visual appeal of a website is certainly one of the main goals of professional web design. Web design is a sub-discipline of media design, focusing on both the visual and the structural and functional design of a website. The aim is to enhance your experience on our website through web design. In web design jargon, this is referred to as User Experience (UX) and Usability. User Experience encompasses all impressions and experiences a website visitor has on a website. A sub-component of User Experience is Usability, which focuses on the user-friendliness of a website. The primary emphasis here is on ensuring that content, subpages, or products are clearly structured, allowing you to easily and quickly find what you are looking for. To provide you with the best possible experience on our website, we also use third-party web design tools. Thus, under the category “Web design” in this privacy policy, all services that visually enhance our website are included. These can be, for example, fonts, various plugins, or other integrated web design functions.
How you absorb information on a website depends heavily on its structure, functionality, and visual perception. Therefore, good and professional web design has become increasingly important for us. We are constantly working on improving our website and view this as an extended service for you, our website visitor. Furthermore, an attractive and functional website also offers economic advantages for us. Ultimately, you will only visit us and utilize our offers if you feel completely comfortable.
When you visit our website, web design elements may be integrated into our pages, which can also process data. The exact data involved depends heavily on the tools used. Below you can see exactly which tools we use for our website. For more information about data processing, we recommend that you also read the respective privacy policy of the tools used. In most cases, you will find out what data is processed, whether cookies are used and how long the data is stored. For example, fonts such as Google Fonts automatically transmit information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers.
How long data is processed is very individual and depends on the web design elements used. For example, if cookies are used, the retention period can be as short as one minute, but also a few years. Please find out more about this. We recommend that you read our general text section about cookies and the privacy statements of the tools used. There you will usually find out exactly which cookies are used and what information is stored in them. Google Font files, for example, are stored for one year. This is intended to improve the loading time of a website. In principle, data is only stored for as long as it is necessary to provide the service. Data may also be stored for longer if required by law.
You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. You can also prevent the collection of data by cookies by managing, deactivating or deleting the cookies in your browser. However, under web design elements (mostly with fonts) there is also data that cannot be deleted so easily. This is the case when data is automatically collected directly when a page is accessed and transmitted to a third-party provider (such as Google). In this case, please contact the support of the corresponding provider. In the case of Google, you can reach support at https://support.google.com/?hl=de.
If you have consented to the use of web design tools, the legal basis for the corresponding data processing is this consent. According to Art. 6 Para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as it may occur when collected by web design tools. We also have a legitimate interest in improving the web design on our website. After all, we can only provide you with a beautiful and professional web offer if we do so. The corresponding legal basis for this is Art. 6 Para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use web design tools if you have given your consent. We would like to emphasize this again here.
You can find information on special web design tools – if available – in the following sections.
| Google Fonts privacy policy summary ? Affected: Website visitors ? Purpose: Optimization of our service ? Processed data: Data such as IP address and CSS and font requests More details can be found further down in this privacy policy. ? Storage period: Font files are stored at Google for one year ?? Legal bases: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
We use Google Fonts on our website. These are the “Google fonts” of Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
You do not need to register or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don’t have to worry about your Google account data being transmitted to Google while using Google Fonts. Google collects the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at what the data storage looks like in detail.
Google Fonts (formerly Google Web Fonts) is a directory with over 800 fonts that Google makes available to its users free of charge.
Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licenses.
With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component to keep the quality of our website high. All Google fonts are automatically optimized for the web, which saves data volume and is a great advantage especially for use on mobile devices. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes visually distort texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible.
When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google servers. This also tells Google that you or your IP address has visited our website. The Google Fonts API was developed to reduce the use, storage and collection of end-user data to what is necessary for the proper provision of fonts. API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software area.
Google Fonts stores CSS and font requests securely at Google and is therefore protected. Google can use the collected usage figures to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. In addition, Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database of Google Fonts. Companies and developers use the Google web service BigQuery to examine and move large amounts of data.
However, it should also be borne in mind that every Google Font request also automatically transmits information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. It is not clear whether this data is also stored or is not clearly communicated by Google.
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that you can use to easily and quickly change the design or font of a website, for example.
The font files are stored at Google for one year. Google’s goal is to generally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately appear on all other websites visited later. Google sometimes updates font files to reduce the file size, increase language coverage, and improve the design.
The data that Google stores for one day or one year cannot be easily deleted. The data is automatically transmitted to Google when the page is accessed. In order to be able to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=322818827. In this case, you can only prevent data storage if you do not visit our site.
Unlike other web fonts, Google allows us unrestricted access to all fonts. So we can access an unlimited sea of fonts and get the optimum for our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=322818827. There Google addresses data protection-related matters, but really detailed information about data storage is not included. It is relatively difficult to get really precise information about stored data from Google.
If you have consented to the use of Google Fonts, the legal basis for the corresponding data processing is this consent. According to Art. 6 Para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as it may occur when collected by Google Fonts.
We also have a legitimate interest in using Google Font to optimize our online service. The corresponding legal basis for this is Art. 6 Para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use Google Font if you have given your consent.
Google also processes data from you in the USA. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure data transfer of personal data from EU citizens to the USA. You can find more information on this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
In addition, Google uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 GDPR). Standard contractual clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards if it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google.com/intl/de/adsprocessorterms/.
You can also read about what data Google collects in principle and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
On our website we use Google Fonts from Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible. We have integrated the Google fonts locally, i.e. on our web server – not on Google’s servers. As a result, there is no connection to Google servers and therefore no data transfer or storage.
Google Fonts used to be called Google Web Fonts. This is an interactive directory with over 800 fonts that Google provides free of charge. With Google Fonts you could use fonts without uploading them to your own server. However, in order to prevent any information transfer to Google servers in this regard, we have downloaded the fonts to our server. In this way, we act in accordance with data protection regulations and do not forward any data to Google Fonts.
All texts are protected by copyright.
Source: Created with the Data Protection Generator Germany by AdSimple
