DATA PROTECTION
1. Introduction
The protection of your personal data is our highest priority. This privacy policy explains the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") in connection with the online offering. This includes the associated website, functions, and content, as well as external online presences, such as social media profiles (hereinafter collectively referred to as "online offering"). Your personal data will be treated confidentially and strictly in accordance with statutory data protection regulations and the provisions of this privacy policy.
General information This privacy policy provides you with a comprehensive overview of what happens to your personal data when you visit this website. Personal data is all information that can be used to personally identify you. Detailed information on data protection can be found in this complete privacy policy. Responsible party Data processing on this website is carried out by the website operator. The contact details of the responsible party can be found in the "Responsible party" section of this privacy policy. Collection of your data Data is collected, on the one hand, when you actively provide it, e.g., by filling out a contact form. Other data is collected automatically or with your consent when you visit the website by the controller's IT systems. This primarily concerns technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter the website.
Use of your data Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior in order to optimize the service and adapt it to your needs. Data transfer to external parties In the course of the controller's business activities, it may be necessary to transfer personal data to external parties. This transfer only takes place under certain conditions: if the transfer is necessary to fulfill a contract, if there is a legal obligation, for example, to tax authorities, if there is a legitimate interest pursuant to Art. 6 (1) (f) GDPR, or if another legal basis permits the data transfer.
When using external service providers for data processing, the transfer of personal data takes place exclusively on the basis of a valid contract for order processing pursuant to Art. 28 GDPR.
If data is processed jointly with other parties, a joint processing agreement will be concluded in accordance with Art. 26 GDPR.
Revocation of consent to data processing Certain data processing operations can only be carried out with your express consent. This consent can be revoked at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation. Right to object to specific data processing and advertising measures (Art. 21 GDPR)
If your personal data is processed on the basis of Art. 6 (1) (e) or (f) GDPR, you have the right to object to this processing at any time, provided you have reasons arising from your particular situation. This also applies to profiling based on these provisions. The specific legal basis for data processing can be found in this privacy policy. If you object, the controller will no longer process your personal data unless compelling legitimate grounds can be demonstrated that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims (objection pursuant to Art. 21 (1) GDPR).
If your personal data is used for direct marketing purposes, you have the right to object to this processing at any time. This also applies to profiling if it is related to direct marketing. Following your objection, the controller will no longer use your personal data for these advertising purposes (objection pursuant to Art. 21 (2) GDPR).
Rights under the General Data Protection Regulation You have the right to lodge a complaint with a competent supervisory authority in the event of violations of the GDPR. This right can be exercised, in particular, in the Member State of your habitual residence, place of work, or place of the alleged infringement. Other administrative or judicial remedies remain unaffected.
Personal data that is processed automatically based on consent or to fulfill a contract can be requested in a structured, common, and machine-readable format. Upon request, this data can also be transmitted directly to another controller, provided this is technically feasible. Every data subject has the right to receive information about their stored personal data, its origin, recipients, and the purpose of the data processing free of charge. Furthermore, they have the right to have this data rectified or erased, provided this is permitted by law. If they have further questions or concerns regarding personal data, they can contact the controller at any time. They have the right to request the restriction of the processing of personal data if the accuracy of the data is contested and verification is pending. Even in the case of unlawful processing, they can request restriction of data processing instead of erasure. Furthermore, they can request restriction of processing if the data is no longer needed but is required to assert, exercise, or defend legal claims.
If you object to processing pursuant to Art. 21 (1) GDPR, you also have the right to restriction of processing until it has been clarified whose interests prevail. If the processing of personal data is restricted, it may, with the exception of storage, only be processed with the consent of the data subject or for the establishment, exercise, or defense of legal claims, to protect the rights of other natural or legal persons, or for reasons of important public interest of the EU or a Member State.
Personal data that is processed automatically based on consent or to fulfill a contract can be requested in a structured, common, and machine-readable format. Upon request, this data can also be transmitted directly to another controller, provided this is technically feasible.
2. Controller
The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is: CrocoDi Design Diana Aman, Mainzer Str. 10, 55430 Oberwesel Website: www.crocodi.de Email: crocodi@gmx.de
3. Processors
We work with various processors who process data on our behalf. These service providers are contractually obligated to treat the data confidentially and to use it exclusively for the purposes of the respective service. In addition, there are cases where responsibility for data processing is shared with other parties. In such cases, responsibilities are transparently regulated and documented to ensure compliance with data protection requirements.
4. Definitions
To ensure the transparency of this privacy policy and to make it understandable for everyone, this policy primarily uses terms that are also defined in the General Data Protection Regulation (GDPR). The complete legal definitions can be found in Art. 4 GDPR. The most important terms used in this privacy policy are explained below: Personal data: This includes all information relating to an identified or identifiable natural person (hereinafter "data subject"). A person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., a cookie), or one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that person. Processing: This term covers any action or set of actions performed on personal data, whether with or without the aid of automated procedures. This may include collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, comparing or linking, restricting, erasing, or destroying data. Controller: This is the natural or legal person, public authority, agency, or other body that alone or jointly with others decides on the purposes and means of processing personal data. Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller. Consent: Any freely given, specific, informed, and unambiguous indication of the data subject's wishes in the form of a statement or other unambiguous affirmative action by which they signify their agreement to the processing of personal data concerning them. Website: The website refers to the entire internet offering provided by the controller at a specific URL. This includes all content, information, functions, and services published by the controller that are made available to the user via this URL. The website serves as a digital platform for providing information, services, and interaction between the controller and users. End device: An end device is an electronic device capable of accessing the internet and loading web pages. This includes, among others, computers, laptops, tablets, and smartphones. These definitions help you better understand the privacy policy and the meaning of the terms used.
5. Hosting
This website is hosted on the servers of an external service provider to ensure reliable and secure use of this online service. Data processing by the hosting provider is carried out in accordance with Art. 6 (1) (f) GDPR, as the controller has a legitimate interest in providing a stable and secure website. Should it be necessary to obtain the user's consent (for example, for the use of certain cookies or tracking technologies), data processing is based on the user's consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. You can revoke your consent at any time with future effect. The hosting provider is: Wix.com Ltd. 40 Namal Tel Aviv Street, Tel Aviv, 6350671 Israel Details regarding data processing and data protection can be found in the hosting provider's privacy policy. You can find this here: https://de.wix.com/about/privacy To ensure that your data is processed in compliance with applicable data protection regulations, a data processing agreement (DPA) has been concluded with the hosting provider. This agreement obligates the hosting provider to process the personal data of website visitors exclusively according to the controller's instructions and in compliance with the GDPR. The hosting provider guarantees comprehensive protection of your data through technical and organizational measures.
6. Legal basis for data processing
The processing of your personal data is based on the General Data Protection Regulation (GDPR) and other relevant legal provisions. Different legal bases apply depending on the purpose of the data processing. If you have consented to the processing of your personal data, this is done on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. This applies in particular to the processing of special categories of personal data in accordance with Art. 9 (2) (a) GDPR and to the transfer of personal data to third countries in accordance with Art. 49 (1) (a) GDPR. Your consent can be revoked at any time. The processing of your data may be necessary to fulfill a contract or to take steps prior to entering into a contract and, in this case, is based on Art. 6 (1) (b) GDPR. Furthermore, processing may be necessary to comply with legal obligations, which then occurs in accordance with Art. 6 (1) (c) GDPR. In certain cases, processing is carried out to protect the legitimate interests of the controller or a third party, unless your interests or fundamental rights and freedoms prevail. This processing is based on Art. 6 (1) (f) GDPR. For certain processing operations, national regulations may also apply, such as Section 25 of the German Telemedia Act (TTDSG) regarding the storage of cookies or access to information on your device. The applicable legal bases are explained in detail in the specific sections of this privacy policy. If your data is necessary to fulfill a contract or to carry out pre-contractual measures, your data will be processed on the basis of Art. 6 (1) (b) GDPR. For the fulfillment of a legal obligation, data processing is based on Art. 6 (1) (c) GDPR. Furthermore, data processing may be based on legitimate interests pursuant to Art. 6 (1) (f) GDPR. The specific legal bases in each individual case are explained in the following sections of this privacy policy.
7. Data transfer to unsafe third countries and non-DPF-certified US companies
If this website uses tools from companies based in third countries with unsafe data protection laws, or if US tools are used whose providers are not certified under the EU-US Data Privacy Framework (DPF), your personal data may be transferred to these countries and processed there. Please note that a level of data protection equivalent to that of the EU cannot be guaranteed in third countries with unsafe data protection laws. For the USA, as an unsafe third country, a level of data protection comparable to that of the EU is generally not guaranteed. Data transfer to the USA is therefore only permitted if the recipient is either certified under the EU-US Data Privacy Framework (DPF) or has appropriate additional guarantees. Detailed information on possible transfers to third countries, including the data recipients, can be found in this Privacy Policy.
8. Storage Period Unless a more specific storage period is specified within this privacy policy, personal data will remain with the controller until the purpose for data processing no longer applies. If a legitimate request for deletion is made or consent to data processing is revoked, the data in question will be deleted unless other legally permissible reasons for storing the personal data exist (e.g., retention periods under tax or commercial law). In these cases, deletion will occur once these reasons no longer apply. The controller will only store personal data for as long as necessary to fulfill the respective purposes for which the data was collected. This includes, in particular, the fulfillment of contractual obligations, compliance with statutory retention periods, and the protection of the controller's legitimate interests, such as IT security and protection against misuse. If the processing of personal data is based on consent, the data will be stored until this consent is revoked by the data subject. Such revocation is possible at any time with future effect. The data will then be deleted immediately, unless there are statutory retention obligations or other overriding legal reasons that require continued storage. In summary, personal data will be deleted once the purpose has been fulfilled or the legal basis for storage no longer applies, unless legal obligations or legitimate interests continue to exist that justify continued storage.
9. Security Measures and Data Minimization
Comprehensive technical and organizational measures are taken to effectively protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access. Care is taken to ensure that only the data absolutely necessary for the respective purpose is collected and processed. This data minimization strategy helps to significantly reduce the risk of misuse and unauthorized access. Security measures are continuously adapted to the state of the art to ensure that your data is permanently protected at a high level.
10. SSL/TLS Encryption
To protect the security of your data during transmission, state-of-the-art encryption methods (e.g., SSL or TLS) are used over HTTPS. SSL (Secure Socket Layer) and TLS (Transport Layer Security) are protocols for encrypting data transmissions on the Internet. This ensures that the data exchanged between your browser and the server is protected from unauthorized access. You can recognize an encrypted connection by the browser's address bar changing from "http://" to "https://" and by the lock symbol in your browser bar.
11. Encrypted Payment
Transactions via the Website If, after concluding a paid contract, there is an obligation to provide the controller with payment data (e.g., account number for direct debit authorization), the data transmission is encrypted. This encryption technology offers a high level of protection for payment data and prevents access by third parties. The encrypted transmission path can be recognized by the fact that the browser's address line changes from "http://" to "https://" and the lock symbol appears in the browser bar. The use of SSL or TLS ensures that payment data is treated securely and confidentially.
12. Storage of User Information
in Log Files Each time you access the website, general information is automatically recorded and transmitted by your browser to the server. This information is stored in so-called log files and typically includes: a) IP address of the requesting computer b) Date and time of access c) Name and URL of the retrieved file d) Website from which access is made (referrer URL) e) Browser used and user agent string f) Operating system g) Name of your access provider h) HTTP status code This data is stored for security reasons, to ensure a smooth connection to the website, for convenient use of the website, to evaluate system security and stability, and for other administrative purposes. The legal basis for data processing is Art. 6 (1) (f) GDPR. The legitimate interest arises from the stated purposes for data collection. Under no circumstances will the collected data be used to draw conclusions about you personally. The stored data will be anonymized or deleted unless there are legal retention obligations.
13. Cookies This website uses cookies. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit the site. Cookies do not cause any damage to your device and do not contain viruses, Trojans, or other malware. Information related to the specific device used is stored in the cookie. However, this does not mean that the controller thereby directly obtains knowledge of your identity. The use of cookies serves, on the one hand, to make using the service more pleasant for you. For example, the controller uses so-called session cookies to recognize that you have already visited individual pages of the website. These are automatically deleted after you leave the site. In addition, the controller also uses temporary cookies to optimize user-friendliness, which are stored on your device for a specific period of time. If you visit the site again to use the services, it will automatically recognize that you have already been there and which entries and settings you have made so that you do not have to enter them again. On the other hand, the controller uses cookies to statistically record website usage and evaluate it for the purpose of optimizing the service for you. These cookies enable the controller to automatically recognize that you have already been there when you visit the site again. These cookies are automatically deleted after a defined period of time. The data processed by cookies are necessary for the aforementioned purposes to protect the legitimate interests of the controller and third parties in accordance with Art. 6 (1) (f) GDPR. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a warning always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all functions of the website.
14. Cookie Consent Banner This website uses a Cookie Consent Banner to manage your consent to the use of cookies. The provider of this service is: CookieYes Limited 3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom Further information on data processing can be found at: https://www.cookieyes.com/privacy-policy/ Functionality and Purpose The Cookie Consent Banner sets a technically necessary cookie to store your cookie consent. This cookie does not process any personal data. It only stores the settings you selected when entering the website, including: a) Consent to or rejection of certain cookies b) Time of consent c) Duration of storage of settings d) Legal basis for data processing Data processing by the Cookie Consent Banner is carried out in accordance with Art. 6 (1) (f) GDPR. The legitimate interest of the controller is to ensure lawful consent to the use of cookies. If consent was requested, processing is based on Art. 6 (1) (a) GDPR. Storage period and deletion The stored data will remain stored until you delete the cookies in your browser yourself or revoke your consent. You can change your settings at any time in the cookie settings of this website.
15. Use of the contact form For questions of any kind, you can contact the controller using a form provided on this website. Data processing for the purpose of contacting the controller is carried out in accordance with Art. 6 (1) (a) GDPR on the basis of the voluntarily granted consent. The personal data collected for the use of the contact form will be regularly deleted after the request has been processed.
16. Inquiries by email or telephone Inquiries can be sent to the controller by email. The personal data transmitted (e.g., name, email address, telephone number, and the inquiry itself) will be processed and stored by the controller exclusively for the purpose of processing the inquiry and any follow-up questions. The legal basis for this data processing is Art. 6 (1) (b) GDPR, as the processing is necessary to fulfill a contract or to implement pre-contractual measures. If the processing is not related to a contract, it is based on Art. 6 (1) (f) GDPR, as the controller has a legitimate interest in processing and answering inquiries.
17. Prohibition of sending advertising emails The use of the contact information published in the imprint to send unsolicited advertising and information materials is hereby prohibited. Any unauthorized use of contact information for advertising purposes constitutes a violation of the rights of the operator of this website and will not be tolerated. The operator of this website expressly reserves the right to take legal action in the event of violations, particularly in the event of unsolicited sending of advertising information such as spam emails.
18. Registration on the Website
You have the option of registering on the website. The data entered for this purpose will be used by the controller only for the purpose of using the respective offer or service for which the registration is made. The mandatory information requested during registration must be provided in full. Otherwise, the registration will be rejected. For important changes, such as those relating to the scope of services or technically necessary changes, the controller will use the email address provided during registration to inform you via this channel. The data entered during registration is processed based on the user's consent (Art. 6 (1) (a) GDPR). Consent given can be revoked at any time. An informal email notification to the controller is sufficient. The legality of any data processing already carried out remains unaffected by the revocation. Use of Google for registration Users have the option of logging in to this website using their Google account. Certain personal data will be transmitted from Google to the website to enable registration. This data will be used exclusively to carry out and manage the registration and to use the services offered on the website. This data is processed based on your consent in accordance with Art. 6 (1) (a) GDPR. Logging in via Google offers users a convenient and quick way to access the controller's services without the need for separate registration. However, please note that using this function will result in data being transmitted to Google and processed there. Google Ireland Limited is located at Gordon House, Barrow Street, Dublin 4, Ireland. Further information on data processing by Google can be found in Google's privacy policy at: https://policies.google.com/privacy. If users no longer wish to log in via Google, they can cancel this connection at any time in their Google account settings. The data transmitted by Google will then no longer be used, and the user account on this website will remain active, but can be deleted if necessary. The operator of this website undertakes to treat the transmitted data confidentially and not to disclose it to third parties, unless legally obliged to do so or the disclosure is necessary to fulfill contractual obligations. Use of Facebook Connect for Registration Users have the option of logging in to this website using their Facebook account. Certain personal data will be transmitted from Facebook to the website to enable registration. This data will be used exclusively to process and manage the registration and to use the services offered on the website. This data is processed based on your consent in accordance with Art. 6 (1) (a) GDPR. Logging in via Facebook Connect offers users a convenient and quick way to access the controller's services without requiring separate registration. However, please note that using this function will result in data being transmitted to Facebook and processed there. Facebook is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. Further information on data processing by Facebook can be found in Facebook's privacy policy at: https://www.facebook.com/about/privacy. If users no longer wish to log in via Facebook Connect, they can cancel this connection at any time in their Facebook account settings. The data transmitted by Facebook will then no longer be used, and the user account on this website will remain active, but can be deleted if necessary. The operator of this website undertakes to treat the transmitted data confidentially and not to pass it on to third parties unless there is a legal obligation to do so or the transfer is necessary to fulfill contractual obligations.
Using Apple ID to Log In Users have the option of logging in to this website using their Apple ID. Certain personal data will be transmitted from Apple to the website to enable the login. This data will be used exclusively to complete and manage the login and to use the services offered on the website. This data is processed based on your consent in accordance with Art. 6 (1) (a) GDPR. Logging in via Apple ID offers users a convenient and quick way to access the controller's services without the need for separate registration. However, please note that using this feature will result in data being transmitted to Apple and processed there. Apple Distribution International Ltd. is located at Hollyhill Industrial Estate, Hollyhill, Cork, Ireland. Further information on data processing by Apple can be found in Apple's privacy policy at: https://www.apple.com/legal/privacy/de-ww/. If users no longer wish to log in using Apple ID, they can cancel this connection at any time in the settings of their Apple account. The data transmitted by Apple will then no longer be used, and the user account on this website will remain, but can be deleted if necessary. The operator of this website undertakes to treat the transmitted data confidentially and not to pass it on to third parties, unless there is a legal obligation to do so or the transfer is necessary to fulfill contractual obligations.
19. Newsletter
If you would like to receive the newsletter offered on the website, the controller requires a valid email address from you as well as information that allows verification that you are the owner of the specified email address and that you agree to receive the newsletter (double opt-in procedure). No further data will be collected. This data will be used exclusively to send the requested information and will not be passed on to third parties. The newsletter will be sent via Wix or GMX. The data entered into the newsletter registration form is processed exclusively on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent to the storage of your data, your email address, and their use for sending the newsletter at any time, for example, via the "unsubscribe" link in the newsletter or by sending a corresponding message to the controller. The legality of any data processing already carried out remains unaffected by this revocation. The data you have provided for the purpose of subscribing to the newsletter will be stored until you unsubscribe from the newsletter and will be deleted after you unsubscribe. Data stored by the controller for other purposes (e.g., email addresses for the members' area) remains unaffected. In addition, technical and organizational security measures are used to protect your personal data against manipulation, loss, destruction, or access by unauthorized persons. These security measures are continuously improved in line with technological developments. The website uses the Popconvert app to collect email addresses for sending desired newsletters. The operating company is headquartered at: Paulista Avenue, 2.06414th floor, Bela Vista – São Paulo, CNPJ: 46.963.610/0001-91, hi@popconvert.com.br, Tel: +55 11 2844-4529
20. Use of Analysis and Tracking Tools
Analysis and tracking tools are used to ensure a needs-based design and continuous optimization of this website. These measures help to statistically record the use of this website and thus optimize the service for you. The storage and analysis of data is based on Art. 6 (1) (f) GDPR, as the provider has a legitimate interest in offering an attractive and functional website. If corresponding consent has been obtained, processing will also be based on Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG, provided the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting). This consent can be revoked at any time.
Adobe Analytics
Es wird Adobe Analytics verwendet, einen Webanalysedienst der Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Irland („Adobe“). Adobe Analytics setzt Cookies ein, um eine Analyse der Benutzung der Website durch Sie zu ermöglichen. Die durch das Cookie bereitgehaltenen Informationen über Ihre Benutzung dieser Website werden auf Servern von Adobe innerhalb der EU gespeichert und können für die weitere Verarbeitung an Server in die USA übertragen werden. Durch die Aktivierung der IP-Anonymisierung auf dieser Website wird Ihre IP-Adresse von Adobe jedoch innerhalb von Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten des Abkommens über den Europäischen Wirtschaftsraum zuvor gekürzt.
Adobe ist unter dem EU-US Data Privacy Framework (DPF) zertifiziert, welches einen angemessenen Schutz für die Übertragung von personenbezogenen Daten aus der EU in die USA gewährleistet. Jedes Unternehmen, das nach dem DPF zertifiziert ist, verpflichtet sich zur Einhaltung dieser strengen Datenschutzstandards. Weitere Informationen zum EU-US DPF finden Sie unter: https://www.dataprivacyframework.gov/.
Weitere Informationen zum Datenschutz bei Adobe Analytics finden Sie unter: https://www.adobe.com/de/privacy/policy.html.
Google Ads Tracking
Es wird Google Ads Tracking verwendet, ein Webanalysedienst von Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland („Google“). Google Ads Tracking setzt Cookies ein, um die Effektivität von Werbekampagnen zu messen und die Nutzung dieser Website durch Sie zu analysieren. Die durch das Cookie bereitgehaltenen Informationen über Ihre Nutzung dieser Website werden in der Regel an Server von Google in den USA übertragen und dort gespeichert.
Google ist unter dem EU-US Data Privacy Framework (DPF) zertifiziert, was einen angemessenen Schutz für die Übertragung von personenbezogenen Daten aus der EU in die USA gewährleistet. Jedes nach dem DPF zertifizierte Unternehmen verpflichtet sich zur Einhaltung dieser strengen Datenschutzstandards. Weitere Informationen zum EU-US DPF finden Sie unter: https://www.dataprivacyframework.gov/.
Weitere Informationen zum Datenschutz bei Google Ads Tracking finden Sie unter: https://policies.google.com/privacy.
Google Ads Remarketing
Es wird Google Ads Remarketing verwendet, ein Dienst der Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland („Google“). Google Ads Remarketing setzt Cookies ein, um gezielte Werbung an Nutzer auszuspielen, die zuvor diese Website besucht haben. Dies ermöglicht es, Besuchern dieser Website relevante Anzeigen auf anderen Websites im Google Display-Netzwerk zu präsentieren. Die durch das Cookie bereitgehaltenen Informationen über Ihre Benutzung dieser Website werden in der Regel an einen Server von Google in den USA übertragen und dort gespeichert.
Google ist unter dem EU-US Data Privacy Framework (DPF) zertifiziert, was einen angemessenen Schutz für die Übertragung von personenbezogenen Daten aus der EU in die USA gewährleistet. Jedes nach dem DPF zertifizierte Unternehmen verpflichtet sich zur Einhaltung dieser strengen Datenschutzstandards. Weitere Informationen zum EU-US DPF finden Sie unter: https://www.dataprivacyframework.gov/.
Weitere Informationen zum Datenschutz bei Google Ads Remarketing finden Sie unter: https://policies.google.com/privacy.
Adobe Analytics Adobe Analytics is used, a web analytics service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland ("Adobe"). Adobe Analytics uses cookies to enable analysis of your website usage. The information provided by the cookie about your use of this website is stored on Adobe servers within the EU and may be transferred to servers in the USA for further processing. However, by activating IP anonymization on this website, your IP address will be shortened by Adobe within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Adobe is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the USA. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov/. Further information on data protection with Adobe Analytics can be found at: https://www.adobe.com/de/privacy/policy.html. Google Ads Tracking Google Ads Tracking is used, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Ads Tracking uses cookies to measure the effectiveness of advertising campaigns and to analyze your use of this website. The information provided by the cookie about your use of this website is usually transferred to and stored by Google on servers in the USA. Google is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the USA. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov/. Further information on data protection with Google Ads Tracking can be found at: https://policies.google.com/privacy. Google Ads Remarketing Google Ads Remarketing is used, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Ads Remarketing uses cookies to deliver targeted advertising to users who have previously visited this website. This makes it possible to present relevant ads to visitors to this website on other websites in the Google Display Network. The information provided by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Google is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the USA. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov/. Further information on data protection with Google Ads Remarketing can be found at: https://policies.google.com/privacy.
Google Analytics This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies to analyze your use of the website. The information provided by the cookie about your use of this website is usually transferred to and stored by Google on servers in the United States. However, by activating IP anonymization on this website, your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Google is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the United States. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov. Further information on data protection with Google Analytics can be found at: https://policies.google.com/privacy. Microsoft Advertising Microsoft Advertising is used, a service of Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland ("Microsoft"). Microsoft Advertising uses cookies and similar technologies to measure the effectiveness of advertising campaigns and analyze user behavior on this website. The information provided by the cookie about your use of this website is usually transferred to Microsoft servers in the USA and stored there. Microsoft is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the USA. Every company certified under the DPF is committed to adhering to these strict data protection standards. For more information about the EU-US DPF, please visit: https://www.dataprivacyframework.gov/. For more information about data protection at Microsoft Advertising, please visit: https://privacy.microsoft.com/de-de/privacystatement.
21. Social Media Plugins
This section informs you about the integration and use of social media on this website. This includes details on data processing and your rights in connection with the use of social media plugins and their functions.
This website contains plugins from the social network Facebook, which is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. The plugins allow you to share and distribute content from this website on your Facebook profile. You can recognize the Facebook plugins by the Facebook logo or the "Like" button integrated into this website. When you visit a page of this website that contains a Facebook plug-in, your browser establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted directly from Facebook to your browser and integrated into the website. Through this integration, Facebook receives the information that your browser has accessed the corresponding page of this website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can directly associate your visit to this website with your Facebook account. If you interact with the plug-ins, for example, by clicking the "Like" button or leaving a comment, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends. The use of Facebook plug-ins is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG, as consent to the use of cookies and other tracking technologies is required. Consent can be revoked at any time with future effect. To prevent Facebook from associating the data collected through this website with your Facebook account, you must log out of Facebook before visiting this website. The transfer of personal data to the USA is based on the EU Commission's standard contractual clauses. Further information can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum. Meta Platforms Ireland Limited is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the USA. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov/. Further information on data processing and use by Facebook, as well as your related rights and settings options for protecting your privacy, can be found in Facebook's privacy policy at: https://www.facebook.com/privacy/policy/.
This website incorporates features of the Instagram service, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The Instagram plug-in allows you to share and distribute content from this website on your Instagram profile. You can recognize these plug-ins by the Instagram logo integrated into this website. When you visit a page of this website that contains an Instagram plug-in, your browser establishes a direct connection to the Instagram servers. The content of the plug-in is transmitted directly from Instagram to your browser and integrated into the website. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of this website, even if you do not have an Instagram account or are not currently logged into Instagram. This information (including your IP address) is transmitted from your browser directly to an Instagram server in the USA and stored there. If you are logged into Instagram, Instagram can directly associate your visit to this website with your Instagram account. If you interact with the plugins, for example, by clicking the "Like" button or leaving a comment, the corresponding information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram profile and displayed to your Instagram followers. The use of Instagram plugins is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG, as consent to the use of cookies and other tracking technologies is required. Consent can be revoked at any time with future effect. To prevent Instagram from assigning the data collected via this website to your Instagram account, you must log out of Instagram before visiting this website. The transfer of personal data to the USA is based on the EU Commission's standard contractual clauses. Further information can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum. Meta Platforms Ireland Limited is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the US. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov/. Further information on data processing and use by Instagram, as well as your rights and settings options for protecting your privacy, can be found in Instagram's privacy policy at: https://help.instagram.com/155833707900388. Pinterest This website incorporates features of the Pinterest service, which is operated by Pinterest Inc., 505 Brannan St, San Francisco, CA 94107, USA. The Pinterest plug-ins allow you to share and distribute content from this website on your Pinterest profile. You can recognize these plug-ins by the Pinterest logo integrated into this website.
If you are logged in to TikTok,
TikTok can directly associate your visit to this website with your TikTok account. If you interact with the plugins, for example, by clicking the "TikTok" button or leaving a comment, the corresponding information is also transmitted directly to a TikTok server and stored there. The information is also published on your TikTok profile and displayed to your TikTok followers. The use of TikTok plugins is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG, as consent to the use of cookies and other tracking technologies is required. Consent can be revoked at any time with future effect. To prevent TikTok from associating the data collected via this website with your TikTok account, you must log out of TikTok before visiting this website. The transfer of personal data to the USA is based on the EU Commission's standard contractual clauses. Further information can be found at: https://www.tiktok.com/legal/page/eea/privacy-policy/de. TikTok Technology Limited is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the US. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov/. Further information on data processing and use by TikTok, as well as your rights and settings options for protecting your privacy, can be found in TikTok's privacy policy at: https://www.tiktok.com/legal/page/eea/privacy-policy/de.
22. Form Tools Here you will find information on the use of form tools on this website, including details on the processing of personal data and your rights in connection with the use of these forms. These tools are used based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR to ensure efficient data collection and management. Where necessary, data processing is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. Consent can be revoked at any time with future effect.
Feedback geben
23. CDN Service
To optimize loading times and ensure reliable delivery of the content of this website, a Content Delivery Network (CDN) is used. This network distributes the content across various servers worldwide to ensure fast and secure data transmission. Personal data such as IP addresses are also processed. The use of the CDN service is based on consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. The controller has a legitimate interest in optimizing website performance and ensuring IT security. Consent can be revoked at any time with future effect. Below you will find detailed information about the CDN service: Google Cloud CDN Google Cloud CDN is used to improve the performance and security of this website. Google Cloud CDN is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Cloud CDN offers Content Delivery Network (CDN) solutions. When you visit the website, certain data (e.g., IP address, browser type, time of access) is transmitted to and stored by Google. Google uses this data to optimize the delivery of content and to ensure the security of the website. Your data may be transferred to and stored in the USA and other third countries. Google may also transfer this information to third parties if required to do so by law, or if third parties process this data on Google's behalf. For more information about data processing by Google, please see Google's privacy policy at: https://policies.google.com/privacy.
24. Processing of address data for postal advertising
The controller collects and processes your address data in order to send you postal advertising about products and services. This processing is based on the controller's legitimate interest pursuant to Art. 6 (1) (f) GDPR. The legitimate interest is to inform you about offers and to maintain the business relationship. If you no longer wish to receive mailings, you have the right to object to the use of your address data for this purpose at any time. You can object informally by email, telephone, or mail. Upon receipt of your objection, your data will be immediately removed from the mailing list, and mailings will be discontinued.
25. Processing of Customer and Contract Data
Personal customer and contract data is collected, processed, and used to establish, define, and amend contractual relationships. This may include name, address, email address, and telephone number. This information is necessary to provide and communicate services. Depending on the payment method chosen, payment information such as credit card details, bank account details, or information about other payment services is also collected and used exclusively for the payment process. Usage and order data is also processed, including information about orders, the services used, prices, and delivery details. Personal data about the use of this website (usage data) is only collected, processed, and used to the extent necessary to enable the user to use the service or to bill them. Personal data is processed on various legal bases. According to Art. 6 (1) (b) GDPR, data processing is carried out to fulfill a contract or to carry out pre-contractual measures, for example, to process orders and provide services. In addition, processing is carried out in accordance with Art. 6 (1) (c) GDPR to fulfill legal obligations, including statutory retention periods. Furthermore, processing is carried out in accordance with Art. 6 (1) (f) GDPR to protect legitimate interests, such as improving services and ensuring IT security. The collected customer data will be deleted after completion of the order or termination of the business relationship and expiration of any existing statutory retention periods. Statutory retention periods remain unaffected.
26. Shipping and Delivery of Goods
If goods are shipped to customers, the controller collects and processes additional personal data necessary for processing the shipment. This includes, in particular, the name, delivery address, and, if applicable, special delivery instructions. This data is used exclusively for carrying out the shipping process and delivering the ordered goods. This data is processed on the basis of Art. 6 (1) (b) GDPR, as it is necessary to fulfill the contract, namely the delivery of the ordered goods. As part of the shipping process, your data will be passed on to commissioned shipping service providers if this is necessary for delivery. These service providers are contractually obligated to treat your data confidentially and to use it only for the purpose of providing the service. After shipping is complete and the contractual relationship has been fulfilled, your shipping data will be stored in accordance with the statutory retention periods and subsequently deleted, unless there are further legal obligations to retain it.
27. Conclusion of contracts for services or digital content
When concluding contracts for services or digital content, the controller collects and processes your personal data to fulfill the contractual obligations. This data includes, in particular, your contact information such as your name, address, email address, and relevant information regarding the use of the services or digital content. Your data is processed on various legal bases: Pursuant to Art. 6 (1) (b) GDPR, the controller processes your data to fulfill the contract and to carry out pre-contractual measures, such as the provision and use of the services. Furthermore, processing is carried out in accordance with Art. 6 (1) (c) GDPR to fulfill legal obligations, including compliance with statutory retention periods. Furthermore, processing is carried out in accordance with Art. 6 (1) (f) GDPR to protect legitimate interests, such as improving services and ensuring IT security. The data collected is used exclusively for the execution and fulfillment of the contracts and is deleted after the conclusion of the contractual relationship and the expiration of any statutory retention periods. Your data may be shared with third parties involved in the provision of services, such as IT service providers, as part of the contract fulfillment. These third parties are contractually obligated to treat your data confidentially and to use it exclusively for the purpose of providing the service. The controller ensures that your data is only shared to the extent necessary to fulfill the contract. Further transmission of data will not occur unless you have expressly consented to the transmission. Your data will not be shared with third parties without your express consent, for example, for advertising purposes.
28. Processing of orders via dropshipping
As part of the processing of orders via dropshipping, the controller works with external suppliers who ship the ordered goods directly to you. During this process, your personal data is collected and processed in order to properly process the orders and ensure the delivery of the goods. The processed data includes, in particular, your contact information such as name, address, and email address, as well as order details and delivery information. This data will be forwarded to the relevant dropshipping suppliers, who are responsible for fulfilling the order. Personal data is processed on the basis of Art. 6 (1) (b) GDPR, as it is necessary to fulfill the contract, i.e., to process your order. Furthermore, processing is carried out in accordance with Art. 6 (1) (f) GDPR to protect the legitimate interests of the controller, such as optimizing the delivery process and ensuring customer satisfaction. The controller ensures that dropshipping suppliers are contractually obligated to treat your data confidentially and to use it exclusively for the purpose of providing the service. No further transmission of data will occur unless you have expressly consented to such transmission. After the order has been completed and the goods have been delivered, your data will be stored in accordance with the statutory retention periods and subsequently deleted, unless further statutory retention obligations apply. Your data will not be passed on to third parties for other purposes, in particular for advertising purposes, without your express consent.
29. Third-party payment services
This website uses third-party payment services to ensure a secure and convenient payment option. If you make a purchase through the website, your payment data (e.g., name, payment amount, account details, credit card number) will be processed directly by the respective payment service provider for the purpose of payment processing. The contractual and data protection provisions of the respective provider apply. Your data will be processed on the basis of Art. 6 (1) (b) GDPR to fulfill the contract and in the interest of a smooth, convenient, and secure payment process in accordance with Art. 6 (1) (f) GDPR. If your consent is required for certain actions, data processing will be based on Art. 6 (1) (a) GDPR. Consent can be revoked at any time with future effect.
Klarna
You have the option of paying for your purchases via Klarna. Klarna is a payment service provided by Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden. If you use Klarna, your payment information will be collected and processed directly by Klarna. Additional information about how Klarna processes your personal data can be found in the Klarna Privacy Policy at: https://www.klarna.com/de/datenschutz/.
PayPal
You have the option to pay for your purchases via PayPal. PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. If you use PayPal, your payment information will be collected and processed directly by PayPal. PayPal is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the US. Every company certified under the DPF is committed to adhering to these strict data protection standards. Further information about the EU-US DPF can be found at: www.dataprivacyframework.gov. Additional information on how PayPal processes your personal data can be found in the PayPal Privacy Policy at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
30. Google Fonts
This website uses Google Fonts. Google Fonts is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This service enables the use of fonts provided by Google to enhance the visual design of this website. To ensure the protection of your data, Google Fonts are hosted locally on our own server. This means that no connection to Google's servers is established, and your IP address is not transmitted to Google. Your data remains entirely on the controller's server and is not shared with third parties.
31. External Videos
This website integrates external videos to provide you with multimedia content and an interactive user experience. These integrations are carried out by third parties, who may process personal data when you use their services. Your data is processed on the basis of Art. 6 (1) (b) GDPR to fulfill the contract, in particular to provide the videos and associated services, as well as in the legitimate interest of a smooth, convenient, and secure user experience in accordance with Art. 6 (1) (f) GDPR. If your consent is required for certain actions, data processing is carried out on the basis of Art. 6 (1) (a) GDPR.
Consent can be revoked at any time with future effect.
TikTok TikTok is used to integrate videos on this website. TikTok is a service provided by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. When you visit a page with embedded TikTok videos, a connection to TikTok's servers is established. Personal data such as your IP address and your interactions with the video may be transferred to TikTok. Further information on data processing by TikTok can be found in TikTok's privacy policy: https://www.tiktok.com/legal/privacy-policy. YouTube YouTube is used to embed videos on this website.
YouTube is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit a page with YouTube videos, a connection is established to YouTube's servers. Information about your use of this website, including your IP address, is transmitted to YouTube and stored there. Google is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the US. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov. Further information on the processing of your personal data by YouTube can be found in the YouTube privacy policy: https://policies.google.com/privacy.
32. Map Service
This website uses a map service to provide you with geographical information and an interactive user experience. The integration is carried out by a third-party provider who may process personal data if you use their service. Your data is processed on the basis of Art. 6 (1) (b) GDPR to fulfill the contract, in particular to provide geographical information and services, as well as in the legitimate interest of a smooth, convenient, and secure user experience in accordance with Art. 6 (1) (f) GDPR. If your consent is required for certain actions, data processing is carried out on the basis of Art. 6 (1) (a) GDPR. Consent can be revoked at any time with future effect. Below you will find detailed information about the map service Google Maps Google Maps is used to provide maps and geographical information on this website. Google Maps is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit a page with embedded Google Maps, a connection to Google's servers is established. Personal data such as your IP address and your interactions with the map may be transferred to Google.
Google is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the US. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov. For more information on how Google Maps processes your personal data, please see Google's privacy policy: https://policies.google.com/privacy.
33. Captcha Service
This website uses a captcha service to ensure the security of online forms and to ensure that they are completed only by real users and not by bots. This integration is carried out by a third-party provider who may process personal data if you use their service. Your data is processed on the basis of Art. 6 (1) (b) GDPR to fulfill the contract, in particular to ensure the security of online forms, and in the legitimate interest of a secure user experience in accordance with Art. 6 (1) (f) GDPR. If your consent is required for certain actions, data processing is based on Art. 6 (1) (a) GDPR. Consent can be revoked at any time with future effect. Below you will find detailed information about the Captcha service: Google reCAPTCHA Google reCAPTCHA is used to ensure that form entries originate from genuine users. Google reCAPTCHA is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit a page with embedded Google reCAPTCHA, a connection is established to Google's servers. Personal data such as your IP address and your interactions with the Captcha may be transferred to Google. Google is certified under the EU-US Data Privacy Framework (DPF), which ensures adequate protection for the transfer of personal data from the EU to the US. Further information on the EU-US DPF can be found at: https://www.dataprivacyframework.gov. For more information about how Google reCAPTCHA processes your personal data, please see Google's privacy policy: https://policies.google.com/privacy.
34. Security Tool
This website uses a security tool to ensure the integrity, confidentiality, and availability of data and to increase protection against cyberattacks. The security tool may process personal data when you use the website. Your data is processed on the basis of Art. 6 (1) (f) GDPR to protect our legitimate interest in ensuring IT security and preventing misuse and cyberattacks. To the extent that your consent is required for certain actions, data processing is based on Art. 6 (1) (a) GDPR. Consent can be revoked at any time with future effect. 35. Website Management Tool This website uses a website management tool to optimize the administration and maintenance of the website. This tool enables you to efficiently manage various tasks, including managing updates, backups, and security measures. Your data is processed on the basis of Art. 6 (1) (b) GDPR to fulfill the contract, in particular to ensure the functionality and security of the website, as well as in the legitimate interest in efficient administration and maintenance of the website in accordance with Art. 6 (1) (f) GDPR. To the extent that your consent is required for certain actions, data processing is carried out on the basis of Art. 6 (1) (a) GDPR. Consent can be revoked at any time with future effect. This website uses the website management tool from: CMS