Privacy policy

Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data includes all data with which you can be personally identified. Detailed information on data protection can be found in our privacy policy listed below this text.

Data Collection on this Website

Who is Responsible for Data Collection on this Website?

Data processing on this website is carried out by the website operator. You can find the operator's contact details in the "Information on the Responsible Entity" section of this privacy policy.

How do we Collect Your Data?

Your data is collected, in part, by you providing it. This may, for example, be data that you enter into a contact form.

Other data is automatically collected or after your consent when you visit the website through our IT systems. These are mainly technical data (e.g., internet browser, operating system, or time of page access). The collection of this data occurs automatically as soon as you enter this website.

What do we use Your Data for?

Some of the data is collected to ensure the proper provision of the website. Other data may be used to analyze your user behavior.

What Rights do You have Regarding Your Data?

You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the responsible supervisory authority.

For these matters and any further questions about data protection, you can contact us at any time.

Analysis Tools and Third-Party Tools

When visiting this website, your surfing behavior may be statistically evaluated. This is mainly done with analysis programs.

Detailed information about these analysis programs can be found in the following privacy policy.

2. Hosting

Shopify

We host our website on Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify").

Shopify is a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address and information about the device and browser you are using. Shopify also analyzes visitor numbers, sources of visitors, and customer behavior, as well as creating user statistics. When you make a purchase on our website, Shopify also collects your name, email address, delivery and billing addresses, payment details, and other data related to the purchase (e.g., phone number, amount of sales, etc.). Shopify stores cookies in your browser for analysis purposes.

Details can be found in Shopify's privacy policy: https://www.shopify.de/legal/datenschutz.

The use of Shopify is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in a reliable presentation of our website. If consent has been requested, processing will only be carried out based on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

3. General Information and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g., when communicating by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.

Information on the Responsible Entity

The responsible entity for data processing on this website is:

NIPPLI EUROPE GmbH
Elsterweg 27
61118 Bad Vilbel

Commercial Register: HRB 128224
Local Court: Frankfurt am Main District Court

Represented by:
Miriam Weilmünster

Telephone: +4917697730222
Email: info@nippli.de

The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Duration

Unless a specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate deletion request or revoke your consent to data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

General Information on the Legal Bases of Data Processing on this Website

If you have given your consent to data processing, we process your personal data based on Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, if special categories of data according to Art. 9 para. 1 GDPR are processed. In the case of an explicit consent to the transfer of personal data to third countries, data processing also takes place on the basis of Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is also carried out on the basis of § 25 para. 1 TTDSG. The consent can be revoked at any time. If your data is necessary for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data based on Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if this is necessary to fulfill a legal obligation based on Art. 6 para. 1 lit. c GDPR. Data processing may also take place based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR. The relevant legal bases are provided in the following paragraphs of this privacy policy.

Note on Data Transfer to the USA and Other Third Countries

We use tools from companies based in the USA or other countries that are not subject to data protection regulations. When these tools are active, your personal data may be transferred to and processed in these third countries. We would like to point out that these countries may not have a data protection level comparable to that of the EU. For example, US companies are obligated to disclose personal data to security authorities without you being able to take legal action against this. It cannot be ruled out that US authorities (e.g., intelligence agencies) may process, evaluate, and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to Object to Data Collection in Special Cases and to Direct Advertising (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSES OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSES OF DIRECT ADVERTISING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to Complain to the Competent Supervisory Authority

In the case of violations of the GDPR, data subjects have a right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work, or the place of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done if it is technically feasible.

Information, Deletion, and Correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient, and the purpose of data processing, as well as, if applicable, the right to correct or delete this data. For this purpose, as well as for further questions regarding personal data, you can contact us at any time.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time. The right to restrict processing exists in the following cases:

If you dispute the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the examination, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need it for the exercise, defense, or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
If you have filed an objection pursuant to Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data may, apart from their storage, only be processed with your consent or for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries, that you send to us as the site operator, this site uses SSL/TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Encrypted Payment Transactions on this Website

If there is an obligation to provide us with your payment data (e.g., account number for direct debit authorization) after the conclusion of a paid contract, this data is required for payment processing.

Payment transactions using common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via encrypted SSL/TLS connections. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

In the case of encrypted communication, your payment data that you transmit to us cannot be read by third parties.

4. Data Collection on this Website

Cookies

Our website uses so-called "cookies." Cookies are small text files and do not cause any damage to your end device. They are either temporarily stored for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until automatic deletion by your web browser.

Some cookies may also be stored on your end device by third-party companies when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g., cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.

Cookies that are necessary to carry out the electronic communication process or to provide certain functions you desire (e.g., shopping cart function) are stored based on Art. 6(1)(f) of the GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and similar technologies has been requested, the processing takes place exclusively on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); the consent is revocable at any time.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject cookies, or to accept cookies only in specific cases or to reject them in general, and to activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

Insofar as cookies are used by third-party companies or for analytical purposes, we will inform you separately about this within the scope of this data protection declaration and, if necessary, request your consent.

Consent with Cookie Notice & Compliance

Our website uses the Consent technology from Cookie Notice & Compliance for GDPR to obtain your consent to store certain cookies on your end device or to use certain technologies and to document this in compliance with data protection regulations.

The provider of the tool is Hu-manity Rights Inc., 300 Carnegie Center, Suite 150, Princeton, NJ, New Jersey 08540, USA (hereinafter "Hu-manity Rights Inc."). When you visit our website, a connection to the servers of Hu-manity Rights Inc. is established to obtain your consents and other declarations regarding cookie use. Subsequently, Hu-manity Rights Inc. stores a cookie in your browser to be able to assign the consents granted or their revocation. The data collected in this way is stored until you request us to delete it, delete the cookie from Hu-manity Rights Inc. yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected.

The use of Cookie Notice & Compliance for GDPR is to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.

Server Log Files

The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files." These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

These data will not be combined with data from other sources.

The basis for data processing is Art. 6(1)(f) GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures.

Contact Form

If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of the data entered in the contact form is thus exclusively based on your consent (Art. 6(1)(a) GDPR). You can revoke this consent at any time. An informal message to us by email is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions—especially retention periods—remain unaffected.

Request by Email, Phone, or Fax

If you contact us by email, phone, or fax, your request, including all resulting personal data (name, request), will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested.

The data sent by you to us via contact requests will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory statutory provisions—especially statutory retention periods—remain unaffected.

Registration on this Website

You can register on our website to use additional features on the site. The data entered for this purpose will only be used for the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.

For important changes, such as the scope of the offer or for technically necessary changes, we use the email address provided during registration to inform you in this way.

The processing of the data entered during registration is based on your consent (Art. 6(1)(a) GDPR). You can revoke any consent you have given at any time. An informal message to us by email is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

The data collected during registration will be stored by us as long as you are registered on our website and will subsequently be deleted. Legal retention periods remain unaffected.

Registration with Google

Instead of registering directly on this website, you can register with Google. The provider of this service is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

To register with Google, you must enter your Google name and password only. Google will identify you and confirm your identity to our website.

By registering with Google, we may be able to use certain information on your account to complete your profile with us. You decide which information this is within the framework of your Google security settings, which you can find here: https://myaccount.google.com/security and https://myaccount.google.com/permissions.

The data processing associated with Google registration is based on our legitimate interest in enabling our users to register in a simple way (Art. 6(1)(f) GDPR). Since the use of the registration function is voluntary and users can decide for themselves on the respective access options, there are no conflicting overriding rights of the data subjects.

Registration with Facebook Connect

Instead of registering directly on this website, you can register with Facebook Connect. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the data collected will also be transferred to the USA and other third countries.

If you choose to register with Facebook Connect and click on the "Login with Facebook" / "Connect with Facebook" button, you will be automatically redirected to the Facebook platform. There you can log in with your usage data. This will link your Facebook profile to this website or our services. This link gives us access to your data stored on Facebook. These are primarily:

Facebook name
Facebook profile and cover picture
Facebook cover picture
Email address stored on Facebook
Facebook ID
Facebook friends lists
Facebook likes ("Like" entries)
Birthday
Gender
Country
Language

These data will be used to set up, provide, and personalize your account.

Registration with Facebook Connect and the associated data processing processes are based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time with effect for the future.

If personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of data and its transmission to Facebook. The processing by Facebook after the transmission is not part of the joint responsibility. Our joint obligations have been recorded in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. Rights of data subjects (e.g., requests for information) regarding data processed by Facebook can be asserted directly with Facebook. If you assert data subject rights with us, we are obligated to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381, and https://www.facebook.com/policy.php.

Further information can be found in Facebook's terms of use and privacy policy. You can find them at: https://de-de.facebook.com/about/privacy/ and https://de-de.facebook.com/legal/terms/.

5. Social Media

Facebook

Elements of the Facebook social network are integrated into this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

An overview of the Facebook social media elements can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE.

When the social media element is active, a direct connection is established between your device and the Facebook server. Facebook thereby receives information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation.

If consent has been obtained, the use of the aforementioned service is based on Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used based on our legitimate interest in comprehensive visibility on social media.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875, and https://de-de.facebook.com/help/566994660333381.

Instagram

Functions of the Instagram service are integrated into this website. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information about your visit to this website.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.

If personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of data and its transmission to Facebook or Instagram. The processing by Facebook or Instagram after the transmission is not part of the joint responsibility. Our joint obligations have been recorded in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook or Instagram products. Rights of data subjects (e.g., requests for information) regarding data processed by Facebook or Instagram can be asserted directly with Facebook. If you assert data subject rights with us, we are obligated to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875, and https://de-de.facebook.com/help/566994660333381.

More information can be found in Instagram's privacy policy: https://instagram.com/about/legal/privacy/.

Tumblr

This website uses buttons and other elements of the Tumblr service. The provider is Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA.

When the social media element is active, a direct connection is established between your device and the Tumblr server. Tumblr thereby receives information about your visit to this website.

The Tumblr buttons allow you to share a post or page on Tumblr or follow the provider on Tumblr. If you call up one of our websites with a Tumblr button, the browser establishes a direct connection to Tumblr's servers. We have no influence on the scope of the data that Tumblr collects and transmits with the help of this plugin. As of the current status, the user's IP address and the URL of the respective website are transmitted.

Further information can be found in Tumblr's privacy policy at: https://www.tumblr.com/privacy/de.

6. Analysis Tools and Advertising

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or analytics tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies, or perform independent analyses. It only serves to manage and play out the tools integrated through it. However, Google Tag Manager collects your IP address, which can also be transferred to Google's parent company in the United States.

The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and management of various tools on its website. If consent has been requested, the processing is based exclusively on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Google Analytics

This website uses features of the Google Analytics web analytics service. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, dwell time, operating systems used, and the origin of the user. This data is assigned to the respective user's device. It is not assigned to a user ID.

Furthermore, we can record your mouse and scroll movements and clicks with Google Analytics. Google Analytics also uses various modeling approaches to supplement the collected data sets and employs machine learning technologies in data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this service is based on your consent under Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Browser Plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

For more information on how user data is handled by Google Analytics, please refer to Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads allows us to display advertisements in the Google search engine or on third-party websites when the user enters specific search terms on Google (keyword targeting). Additionally, targeted ads can be displayed based on user data available at Google (e.g., location data and interests). As website operators, we can quantitatively analyze this data, such as determining which search terms led to the display of our advertisements and how many clicks resulted from those ads.

The use of this service is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Google AdSense

This website uses Google AdSense, an advertising embedding service. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google AdSense, we can display targeted ads from third-party companies on our site. The content of the ads is based on your interests, which Google determines based on your previous user behavior. Furthermore, when selecting the appropriate ad, contextual information such as your location, the content of the visited webpage, or the Google search terms you entered is taken into account.

Google AdSense uses cookies, web beacons (invisible graphics), and similar recognition technologies. This allows the analysis of information such as visitor traffic on these pages.

The information collected by Google AdSense about the use of this website (including your IP address) and the delivery of ad formats is transferred to a Google server in the USA and stored there. This information may be passed on by Google to Google's contractual partners. However, Google will not merge your IP address with other data stored by you.

The use of this service is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Google Ads Remarketing

This website uses the features of Google Ads Remarketing. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign individuals who interact with our online offering to specific target groups in order to subsequently display them interest-based advertising in the Google advertising network (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Ads Remarketing can be linked to Google's cross-device capabilities. In this way, interest-based, personalized advertising messages adapted to your previous usage and browsing behavior on one device (e.g., mobile phone) can also be displayed on another of your devices (e.g., tablet or PC).

If you have a Google account, you can object to personalized advertising using the following link: https://www.google.com/settings/ads/onweb/.

The use of this service is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

Further information and the privacy policy can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=en.

Customer Matching for Audience Building

For audience building, we use, among other things, customer matching from Google Ads Remarketing. Here, we transfer certain customer data (e.g., email addresses) from our customer lists to Google. If the respective customers are Google users and logged into their Google accounts, they will be shown suitable advertising messages within the Google network (e.g., on YouTube, Gmail, or in the search engine).

Google Conversion Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, Google and we can determine whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked frequently, and which products were viewed or purchased most often. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information that allows us to personally identify the user. Google itself uses cookies or similar recognition technologies for identification.

The use of this service is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

More information about Google Conversion Tracking can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en.

Facebook Pixel

This website uses the visitor action pixel of Facebook for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.

This allows tracking the behavior of site visitors after they have been redirected to the provider's website by clicking on a Facebook ad. This enables the effectiveness of Facebook ads to be evaluated for statistical and market research purposes, and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website; we cannot draw conclusions about the identity of the users. However, the data is stored and processed by Facebook, allowing a connection to the respective user profile and enabling Facebook to use the data for its advertising purposes in accordance with the Facebook Data Policy. As a result, Facebook can enable the display of ads on Facebook pages as well as outside of Facebook. We, as the operator of the site, cannot influence this use of the data.

The use of this service is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://www.facebook.com/help/566994660333381.

To the extent that personal data is collected on our website and transmitted to Facebook using the described tool, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of data and its transmission to Facebook. The processing by Facebook after transmission is not part of joint responsibility. The obligations jointly incumbent on us have been documented in an agreement on joint processing. The wording of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. Rights of data subjects (e.g., requests for information) regarding the data processed by Facebook can be asserted directly against Facebook. If you assert data subject rights against us, we are obligated to forward them to Facebook.

Further information on Facebook's privacy practices can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

You can also deactivate the "Custom Audiences" remarketing function in the ad settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged into Facebook.

If you do not have a Facebook account, you can deactivate Facebook's usage-based advertising on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

Facebook Conversion API

We have integrated Facebook Conversion API on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.

Facebook Conversion API enables us to capture the interactions of website visitors with our website and transmit them to Facebook to improve advertising performance on Facebook.

For this purpose, the time of the call, the visited webpage, your IP address, and your user agent, as well as possibly other specific data (e.g., purchased products, shopping cart value, and currency), are recorded. A complete overview of the data that can be recorded can be found here: https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.

The use of this service is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

Further information on Facebook's privacy practices can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

Facebook Custom Audiences

We use Facebook Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When you visit or use our websites and apps, take advantage of our free or paid offers, transmit data to us, or interact with the Facebook content of our company, we collect your personal data. If you give us consent to use Facebook Custom Audiences, we will transmit this data to Facebook, which can then show you relevant advertising. Furthermore, target groups can be defined with your data (Lookalike Audiences).

Facebook processes this data as our order processor. Details can be found in Facebook's terms of use: https://www.facebook.com/legal/terms/customaudience.

The use of this service is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/terms/customaudience and https://www.facebook.com/legal/terms/dataprocessing.

7. Newsletter

Newsletter Data

If you would like to subscribe to the newsletter offered on the website, we require your email address and information that allows us to verify that you are the owner of the specified email address and agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use this data exclusively for sending the requested information and do not share it with third parties.

The processing of the data entered into the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of data, email address, and their use for sending the newsletter at any time, for example, via the "Unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter or the purpose no longer applies. We reserve the right to delete or block email addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Data that has been stored for other purposes with us remains unaffected by this.

After you have been removed from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and is not merged with other data. This serves both your interest and our interest in compliance with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interests.

8. Plugins and Tools

Google Web Fonts

This page uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google's servers. As a result, Google becomes aware that our website has been accessed via your IP address. The use of Google WebFonts is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on his website. If a corresponding consent has been requested (e.g., consent to the storage of cookies or access to information on the user's device), the processing will be carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, to the extent that the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting). The consent can be revoked at any time.

If your browser does not support web fonts, a default font will be used by your computer.

For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and Google's privacy policy: https://policies.google.com/privacy?hl=en.

Adobe Fonts

This website uses web fonts from Adobe for the uniform display of certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).

When you call up this website, your browser loads the required fonts directly from Adobe to display them correctly on your end device. In doing so, your browser establishes a connection to Adobe's servers in the USA. Adobe thereby becomes aware that this website has been accessed via your IP address. When providing the fonts, Adobe does not store cookies, according to Adobe's statements.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on his website. If a corresponding consent has been requested (e.g., consent to the storage of cookies or access to information on the user's device), the processing will be carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, to the extent that the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting). The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://www.adobe.com/privacy/policies/adobe-fonts.html.

For more information about Adobe Fonts, please refer to the Adobe Fonts privacy policy, which you can access here: https://www.adobe.com/privacy/policies/adobe-fonts.html.

Google Maps

This page uses the Google Maps mapping service. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the features of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this page has no influence on this data transmission. When Google Maps is activated, Google may use Google Web Fonts for the uniform display of fonts. When you access Google Maps, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

The use of Google Maps is in the interest of an attractive presentation of our online offers and easy location of the places we have indicated on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been requested, processing will be carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, to the extent that the consent includes the storage of cookies or access to information on the user's device (e.g., Device-Fingerprinting) within the meaning of TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on how user data is handled, please refer to Google's privacy policy: https://policies.google.com/privacy?hl=en.

Google reCAPTCHA

We use "Google reCAPTCHA" ("reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is used to check whether data entry on this website (e.g., in a contact form) is done by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, duration of the website visitor's stay on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.

Storage and analysis of the data are based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting his web offerings from abusive automated spying and from SPAM. If consent has been requested, processing will be carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, to the extent that the consent includes the storage of cookies or access to information on the user's device (e.g., Device-Fingerprinting) within the meaning of TTDSG. The consent can be revoked at any time.

For more information about Google reCAPTCHA, please refer to Google's privacy policy and terms of use at the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

9. eCommerce and Payment Service Providers

Processing of Customer and Contract Data

We collect, process, and use personal customer and contract data for the establishment, content design, and modification of our contractual relationships. We only collect, process, and use personal usage data related to this website (usage data) to the extent necessary to enable the user to use the service or to bill the user. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

The customer data collected will be deleted after completion of the order or termination of the business relationship and after the expiry of any statutory retention periods that may exist. Statutory retention periods remain unaffected.

Data Transfer upon Contract Conclusion for Online Shops, Merchants, and Shipping of Goods

If you order goods from us, we will forward your personal data to the shipping company responsible for the delivery and to the payment service provider commissioned with the payment processing. Only data necessary for the respective service provider to fulfill its task will be disclosed. The legal basis for this is Art. 6 para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures. If you have given your consent in accordance with Art. 6 para. 1 lit. a GDPR, we will pass on your email address to the shipping company responsible for delivery so that they can inform you by email about the status of your shipment; you can revoke your consent at any time.

Payment Services

We integrate third-party payment services on our website. When you make a purchase from us, your payment data (e.g., name, payment amount, account details, credit card number) will be processed by the payment service provider for the purpose of payment processing. The respective contractual and data protection provisions of the respective providers apply to these transactions. The use of payment service providers is based on Art. 6 para. 1 lit. b GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment process (Art. 6 para. 1 lit. f GDPR). To the extent that your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consents can be revoked at any time for the future.

We use the following payment services/payment service providers as part of this website:

PayPal

The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg ("PayPal").

Data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

For details, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland ("Stripe").

Data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.

You can find details in Stripe's privacy policy at the following link: https://stripe.com/de/privacy.

Klarna

The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden ("Klarna"). Klarna offers various payment options (e.g., installment purchase). If you choose to pay with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. Klarna uses cookies to optimize the use of the Klarna checkout solution. Details about the use of Klarna cookies can be found in the following link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

For details, please refer to Klarna's privacy policy at the following link: https://www.klarna.com/de/datenschutz/.

Paydirekt

The provider of this payment service is Paydirekt GmbH, Hamburger Allee 26-28, 60486 Frankfurt am Main, Germany ("Paydirekt"). If you execute the payment via Paydirekt, Paydirekt collects various transaction data and forwards it to the bank with which you are registered with Paydirekt. In addition to the data required for payment, Paydirekt collects further data as part of the transaction processing, such as delivery address or individual items in the shopping cart. Paydirekt then authenticates the transaction using the authentication method deposited with the bank for this purpose. The payment amount is then transferred from your account to our account. Neither we nor third parties have access to your account data. Details of payment with Paydirekt can be found in the terms and conditions and data protection regulations of Paydirekt at: https://www.paydirekt.de/agb/index.html.

Sofortüberweisung

The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich ("Sofort GmbH"). Using the "Sofortüberweisung" method, we receive a payment confirmation from Sofort GmbH in real time and can immediately fulfill our obligations. If you choose the payment method "Sofortüberweisung," you transmit the PIN and a valid TAN to Sofort GmbH, with which Sofort GmbH can log into your online banking account. Sofort GmbH automatically checks your account balance and carries out the transfer to us using the TAN you transmitted. It then immediately sends us a transaction confirmation. After logging in, your sales, the credit limit of the overdraft facility, and the presence of other accounts as well as their balances are checked automatically. In addition to the PIN and TAN, Sofort GmbH also transmits the payment data you entered and data about your person. This includes your first and last name, address, telephone number(s), email address, IP address, and possibly other data required for payment processing. The transmission of this data is necessary to unambiguously establish your identity and prevent fraud attempts. Details of payment with Sofortüberweisung can be found in the following links: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.

giropay

The provider of this payment service is paydirekt GmbH, Stephanstraße 14 – 16, 60313 Frankfurt am Main ("giropay").

Details can be found in giropay's privacy policy: https://www.paydirekt.de/agb/index.html.

Shopify Payment

The provider of this payment service in the EU is Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify Payment").

For details, please refer to the privacy policy of Shopify Payment: https://www.shopify.de/legal/datenschutz.

Mastercard

The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter "Mastercard").

Mastercard may transfer data to its parent company in the USA. The data transfer to the USA is based on Mastercard's Binding Corporate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

VISA

The provider of this payment service is Visa Europe Services Inc., Branch London, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter "VISA").

The United Kingdom is considered a data protection-safe third country. This means that the UK has a level of data protection equivalent to that in the European Union.

VISA may transfer data to its parent company in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.

For further information, please refer to the privacy policy of VISA: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.

10. Audio and Video Conferences

Data Processing

For communication with our customers, we use various online conference tools. The tools we use are listed below. When you communicate with us via internet video or audio conference, your personal data is collected and processed by us and the provider of the respective conference tool.

The conference tools collect all data that you provide/use for the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants, and other "contextual information" related to the communication process (metadata).

In addition, the tool provider processes all technical data necessary for the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded, or otherwise provided within the tool, it is also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely based on the corporate policy of the respective provider. For further information on data processing by the conference tools, please refer to the privacy policies of the tools listed below.

Purpose and Legal Bases

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If consent has been requested, the use of the respective tools is based on this consent; the consent can be revoked at any time with effect for the future.

Storage Duration

The data directly collected by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please inquire directly with the operators of the conference tools.

Used Conference Tools

We use the following conference tools:

Zoom

We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom's privacy policy: https://zoom.us/de-de/privacy.html.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://zoom.us/de-de/privacy.html.

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details on data processing can be found in the privacy policy of Microsoft Teams: https://privacy.microsoft.com/de-de/privacystatement.

Google Hangouts

We use Google Hangouts. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on data processing can be found in the privacy policy of Google Hangouts: https://policies.google.com/privacy?hl=de.

Google Meet

We use Google Meet. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on data processing can be found in the privacy policy of Google: https://policies.google.com/privacy?hl=de.