Passa al contenuto principale

Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.

Data Collection on This Website

Who is responsible for the data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the section "Notice on the Responsible Party" in this privacy policy.

How do we collect your data?

Your data is collected firstly by you providing it to us. This can, for example, be data that you enter into a contact form.

Other data is automatically collected or obtained with your consent when you visit the website through our IT systems. This mainly includes technical data (e.g., internet browser, operating system, or time of the page access). The collection of this data occurs automatically as soon as you enter this website.

What do we use your data for?

Part of the data is collected to ensure the error-free provision of the website. Other data can be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipients, and purpose of your stored personal data at any time and free of charge. You also have the right to request the correction or deletion of these data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time for further questions on the subject of data protection.

Analysis Tools and Third-Party Tools

When visiting this website, your surfing behavior can be statistically evaluated. This is mainly done with so-called analysis programs.

Detailed information on these analysis programs can be found in the following privacy policy.

2. Hosting

We host the contents of our website with the following provider:

External Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the host. This may mainly include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated through a website.

The external hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). If a corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, as far as the consent includes the storage of cookies or the access to information in the user's end device (e.g., device fingerprinting) in the sense of the TTDSG. The consent can be revoked at any time.

Our host(s) will only process your data to the extent necessary to fulfill their service obligations and will follow our instructions regarding this data.

We use the following host(s):

Timme Hosting GmbH & Co. KG

Ovelgönner Weg 43
21335 Lüneburg
Germany

Commissioned Data Processing

We have concluded a contract for commissioned data processing (AVV) with the above-mentioned provider. This is a contract required by data protection law to ensure that this provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

3. General Information and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.

When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We point out that data transmission over the Internet (e.g., when communicating via email) can have security gaps. A complete protection of the data from access by third parties is not possible.

Notice Concerning the Responsible Party

The responsible party for data processing on this website is:

Willy Maisel GmbH
Münchberger Str. 46
95176 Konradsreuth

Tel.: +49 (0) 9292 519-0
E-Mail: info@world-of-textiles.com

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Duration

Unless a specific storage period has been stated within this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion will take place after these reasons cease to apply.

General Information on the Legal Basis of Data Processing on this Website

If you have consented to the data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR and Art. 9 para. 2 lit. a GDPR, if special data categories according to Art. 9 para. 1 GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or the access to information in your end device (e.g., via device fingerprinting), the data processing is also based on § 25 para. 1 TTDSG. The consent can be revoked at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if this is necessary to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. The data processing can also be based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.

Data Protection Officer

We have appointed a data protection officer.

Michael Knapp (GDDcert)
Münchberger Str. 46
95176 Konradsreuth (Deutschland)

Tel.: +49 (0) 9292 519-0
E-Mail: datenschutz@world-of-textiles.com

Recipients of Personal Data

In the course of our business activities, we work with various external parties. In some cases, the transfer of personal data to these external parties is necessary. We only share personal data with external parties if this is necessary for the performance of a contract, if we are legally obliged to do so (e.g., data transfer to tax authorities), if we have a legitimate interest in the data transfer (Art. 6 para. 1 lit. f GDPR), or if another legal basis permits the data transfer. When using processors, we only share personal data of our customers on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to Object to Data Collection in Special Cases and to Direct Advertising (Art. 21 DSGVO)

IF THE DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH A PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING SERVES THE ASSERTION, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 PARA. 1 DSGVO).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING AT ANY TIME; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION ACCORDING TO ART. 21 PARA. 2 DSGVO).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of violations of the DSGVO, the data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, their place of work, or the place of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

Right to Data Portability

You have the right to have data, which we process automatically on the basis of your consent or in fulfillment of a contract, handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done to the extent technically feasible.

Information, Correction, and Deletion

You have the right, within the scope of the applicable legal provisions, to obtain information about your stored personal data, their origin and recipients, and the purpose of the data processing and, if necessary, the right to correction or deletion of this data at any time. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. For this purpose, you can contact us at any time. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need them to exercise, defend, or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
  • If you have lodged an objection according to Art. 21 para. 1 DSGVO, a balance must be struck between your and our interests. As long as it is not yet determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state.

SSL or TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the change in the address line of the browser from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Encrypted Payment Transactions on This Website

If, after the conclusion of a contract requiring payment, there is an obligation to transmit your payment data (e.g., account number in the case of direct debit authorization), these data are required for payment processing.

The payment transactions via the common means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the change in the address line of the browser from "http://" to "https://" and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Objection to Advertising Emails

The use of contact data published within the framework of the imprint obligation to send unsolicited advertising and information materials is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam emails.

4. Data Collection on This Website

Cookies

Our internet pages use so-called "cookies." Cookies are small data packets that do not cause any harm to your device. They are either temporarily stored for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after your visit. Permanent cookies remain on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies can be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services of third-party companies within websites (e.g., cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or the display of videos). Other cookies can be used to analyze user behavior or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions requested by you (e.g., for the shopping cart function), or to optimize the website (e.g., cookies for measuring the web audience) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); the consent can be revoked at any time.

You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or generally, as well as to activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be restricted.

Which cookies and services are used on this website can be found in this privacy policy.

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and version
  • Used operating system
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this, the server log files must be recorded.

Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 para. 1 lit. b GDPR, if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; the consent can be revoked at any time.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions - in particular, retention periods - remain unaffected.

Inquiry by Email, Telephone, or Fax

If you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 para. 1 lit. b GDPR, if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; the consent can be revoked at any time.

The data you send to us via contact inquiries will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after your request has been processed). Mandatory legal provisions - in particular, statutory retention periods - remain unaffected.

5. Analysis Tools and Advertising

Data Sharing with Malibu GmbH & Co. KG for Marketing Purposes
To optimize our marketing activities and improve your shopping experience, we collaborate with our brand owner Malibu GmbH & Co. KG. In this context, certain data is shared with Malibu GmbH & Co. KG for marketing purposes. A data processing agreement (AV contract) according to Art. 28 GDPR has been concluded with Malibu GmbH & Co. KG to ensure the protection of your personal data.
Use of Meta Pixel, Meta Conversion API, and Google Tag Manager: In particular, data collected via the Meta Pixel, Meta Conversion API, and Google Tag Manager is made available to Malibu. These tools help us to display targeted advertising and measure the effectiveness of our marketing campaigns.
Newsletter Sign-ups: The data you provide when signing up for our newsletter is also shared with Malibu. This allows us to send you personalized information and offers.
Orders: Malibu also has access to the orders placed by our customers. This information is used to optimize the ordering processes and provide you with better service.
Contact details of the Data Protection Officer of Malibu GmbH & Co. KG
If you have any questions about the processing of your personal data or wish to exercise your data protection rights, you can contact the Data Protection Officer of Malibu GmbH & Co. KG:
Malibu GmbH & Co. KG
Carthago Ring 1
88326 Aulendorf
Tel.: 07525 - 92000
E-Mail: info@malibu-carthago.com
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
We thank you for your trust and support in continuously improving our services.

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. Google Tag Manager itself does not create user profiles, store cookies, or perform independent analyses. It only serves the management and implementation of the tools integrated through it. However, Google Tag Manager collects your IP address, which may also be transmitted to Google's parent company in the United States.

The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and management of various tools on its website. If a corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, as far as the consent includes the storage of cookies or the access to information in the user's end device (e.g., device fingerprinting) in the sense of the TTDSG. The consent can be revoked at any time.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Analytics

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, duration of stay, operating systems used, and the user's origin. These data are summarized in a user ID and assigned to the respective end device of the website visitor.

We can also use Google Analytics to record your mouse and scroll movements and clicks. Furthermore, Google Analytics uses various modeling approaches to supplement the collected data sets and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there. The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

IP Anonymization

We have activated IP anonymization for Google Analytics. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before transmission to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services related to website use and internet use to the website operator. The IP address transmitted by your browser within the framework of Google Analytics will not be merged with other Google data.

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

More information on how Google Analytics handles user data can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Google Signals

We use Google Signals. When you visit our website, Google Analytics collects, among other things, your location, search history, YouTube history, and demographic data (visitor data). These data can be used with the help of Google Signal for personalized advertising. If you have a Google account, the visitor data collected by Google Signal will be linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics about user behavior of our users.

Commissioned Data Processing

We have concluded a contract for commissioned data processing with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Analytics E-Commerce Measurement

This website uses the "e-commerce measurement" function of Google Analytics. With the help of e-commerce measurement, the website operator can analyze the purchase behavior of website visitors to improve their online marketing campaigns. Information such as orders placed, average order values, shipping costs, and the time from viewing to purchasing a product is collected. These data can be combined by Google under a transaction ID, which is assigned to the respective user or their device.

Hotjar

This website uses Hotjar. The provider is Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool for analyzing your user behavior on this website. With Hotjar, we can, among other things, record your mouse and scroll movements and clicks. Hotjar can also determine how long you stayed with the mouse pointer on a specific spot. From this information, Hotjar creates so-called heatmaps, which show which areas of the website are preferred by the website visitor.

Furthermore, we can determine how long you stayed on a page and when you left it. We can also determine where you stopped your entries in a contact form (so-called conversion funnels).

Additionally, direct feedback from website visitors can be collected with Hotjar. This function serves to improve the website offerings of the website operator.

Hotjar uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting).

As far as consent (consent) has been requested, the use of the aforementioned service is based exclusively on Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. The consent can be revoked at any time. As far as no consent was requested, the use of this service is based on Art. 6 para. 1 lit. f GDPR; the website operator has a legitimate interest in analyzing user behavior in order to optimize both its website offering and its advertising.

Deactivation of Hotjar

If you want to disable data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/policies/do-not-track/

Please note that the deactivation of Hotjar must be carried out separately for each browser or device. Further information about Hotjar and the data collected can be found in Hotjar's privacy policy at the following link: https://www.hotjar.com/privacy

Commissioned Data Processing

We have concluded a contract for commissioned data processing (AVV) with the above-mentioned provider. This is a contract required by data protection law to ensure that this provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Targeted advertisements can also be displayed based on the user data available at Google (e.g., location data and interests) (target group targeting). We, as website operators, can quantitatively evaluate these data by analyzing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks und https://business.safety.google/controllerterms/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Ads Remarketing

This website uses the functions of Google Ads Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign people who interact with our online offering to specific target groups to subsequently display interest-based advertising within the Google advertising network (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Ads Remarketing can be linked to the cross-device functions of Google. This allows interest-based, personalized advertising messages, which were adapted to you depending on your previous usage and surfing behavior on one device (e.g., cell phone), to be displayed on another of your devices (e.g., tablet or PC).

If you have a Google account, you can object to personalized advertising at the following link: https://adssettings.google.com/anonymous?hl=de.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

Further information and the privacy policy can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=de.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Target Group Formation with Customer Matching

To form target groups, we use, among other things, Google Ads Customer Matching. Here, we transfer certain customer data (e.g., email addresses) from our customer lists to Google. If the relevant customers are Google users and logged into their Google account, they will be shown appropriate advertising messages within the Google network (e.g., on YouTube, Gmail, or in the search engine).

Google Conversion-Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were particularly often viewed or purchased. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and which actions they performed. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

More information on Google Conversion Tracking can be found in Google's privacy policy: https://policies.google.com/privacy?hl=de.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Meta Pixel (formerly Facebook Pixel)

This website uses the visitor action pixel from Facebook/Meta for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data will also be transferred to the USA and other third countries.

This allows the behavior of the site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and to optimize future advertising measures.

The collected data is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible, and Facebook can use the data for its own advertising purposes, according to the Facebook data usage policy (https://de-de.facebook.com/about/privacy/). This allows Facebook to enable the placement of advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

We use the extended matching feature within the Meta Pixel.

The extended matching feature allows us to transmit various types of data (e.g., location, state, zip code, hashed email addresses, names, gender, birth date, or phone numbers) of our customers and prospects, collected through our website, to Meta (Facebook). By enabling this feature, we can tailor our advertising campaigns on Facebook even more precisely to people interested in our offers. The extended matching feature also improves the attribution of website conversions and expands custom audiences.

If personal data is collected on our website and transferred to Facebook with the help of the tool described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited to the collection of the data and its transmission to Facebook. The processing by Facebook after the transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set forth in an agreement on joint processing. The wording of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-compliant implementation of the tool on our website. For the data security of the Facebook products, Facebook is responsible. Data subject rights (e.g., access requests) regarding the data processed by Facebook can be asserted directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.

Further information on the protection of your privacy can be found in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/.

You can also disable the "Custom Audiences" remarketing feature in the Ad Settings section at unter https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen To do this, you must be logged into Facebook.

If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active.

Facebook Conversion API

We have integrated Facebook Conversion API on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data will also be transferred to the USA and other third countries.

Facebook Conversion API allows us to capture the interactions of the website visitor with our website and transmit them to Facebook to improve advertising performance on Facebook.

In particular, the time of the call, the called website, your IP address, and your user agent as well as possibly further specific data (e.g., purchased products, cart value, and currency) are recorded. A complete overview of the data that can be collected can be found here: https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

If personal data is collected on our website and transferred to Facebook with the help of the tool described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited to the collection of the data and its transmission to Facebook. The processing by Facebook after the transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set forth in an agreement on joint processing. The wording of the agreement can be found at : https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-compliant implementation of the tool on our website. For the data security of the Facebook products, Facebook is responsible. Data subject rights (e.g., access requests) regarding the data processed by Facebook can be asserted directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.

Further information on the protection of your privacy can be found in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active.

Commissioned Data Processing

We have concluded a contract for commissioned data processing (AVV) with the above-mentioned provider. This is a contract required by data protection law to ensure that this provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Facebook Custom Audiences

We use Facebook Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When you visit our websites and apps, use our free or paid offers, transmit data to us, or interact with our company's Facebook content, we collect your personal data. If you give us consent to use Facebook Custom Audiences, we will transmit this data to Facebook so that Facebook can display appropriate advertising to you. Furthermore, target groups (lookalike audiences) can be defined with your data.

Facebook processes this data as our processor. Details can be found in the Facebook usage agreement: https://www.facebook.com/legal/terms/customaudience.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time. 
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here

https://www.facebook.com/legal/terms/customaudience and https://www.facebook.com/legal/terms/dataprocessing.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified according to the DPF commits to adhering to these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active.

6. Newsletter

Newsletter Data

If you wish to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the provided email address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use newsletter service providers to handle the newsletter dispatch, which are described below.

CleverReach

This website uses CleverReach for the dispatch of newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter "CleverReach"). CleverReach is a service with which the newsletter dispatch can be organized and analyzed. The data you provide for the purpose of receiving the newsletter (e.g., email address) is stored on the servers of CleverReach in Germany or Ireland.

Our newsletters sent with CleverReach allow us to analyze the behavior of the newsletter recipients. Among other things, it can be analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g., purchase of a product on this website) has taken place after clicking on the link in the newsletter. For more information on data analysis by CleverReach newsletters, please visit: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.


The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. 
If you do not want any analysis by CleverReach, you have to unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

The data you provide to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from our servers as well as from the servers of CleverReach after unsubscribing from the newsletter. Data that has been stored by us for other purposes remains unaffected.

After you unsubscribe from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist, if necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interest.

Further information can be found in CleverReach's privacy policy at: 

https://www.cleverreach.com/de/datenschutz/.

Commissioned Data Processing

We have concluded a contract for commissioned data processing (AVV) with the above-mentioned provider. This is a contract required by data protection law to ensure that this provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

7. eCommerce and Payment Providers

Processing of Customer and Contract Data

We collect, process, and use personal customer and contract data to establish, structure, and amend our contractual relationships. We collect, process, and use personal data on the use of this website (usage data) only to the extent necessary to enable the user to utilize the service or to bill the user. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

The collected customer data will be deleted after the completion of the order or termination of the business relationship and the expiry of any existing statutory retention periods. Statutory retention periods remain unaffected.

Data Transfer upon Conclusion of Contracts for Online Stores, Dealers, and Shipment of Goods

When you order goods from us, we will pass on your personal data to the transport company entrusted with the delivery and to the payment service provider responsible for the payment processing. Only the data necessary for the respective service provider to fulfill its task will be disclosed. The legal basis for this is Art. 6 para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. If you have given your consent according to Art. 6 para. 1 lit. a GDPR, we will pass on your email address to the transport company entrusted with the delivery so that it can inform you by email about the shipping status of your order; you can revoke the consent at any time.

Payment Services

We include payment services from third-party companies on our website. If you make a purchase from us, your payment data (e.g., name, payment amount, account details, credit card number) will be processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contractual and data protection provisions of the respective providers apply. The use of payment service providers is based on Art. 6 para. 1 lit. b GDPR (contract performance) and in the interest of a smooth, convenient, and secure payment process (Art. 6 para. 1 lit. f GDPR). If your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consents can be revoked at any time for the future.

We use the following payment services/payment service providers within the scope of this website:

PayPal

The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

Details can be found in PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe"). 
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

https://stripe.com/de/privacy und https://stripe.com/de/guides/general-data-protection-regulation.

Details can be found in Stripe's privacy policy at the following link: https://stripe.com/de/privacy.

Sofort­überweisung

The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich (hereinafter "Sofort GmbH"). With the help of the "Sofortüberweisung" procedure, we receive a payment confirmation from Sofort GmbH in real-time and can start fulfilling our obligations immediately. If you choose the "Sofortüberweisung" payment method, you transmit the PIN and a valid TAN to Sofort GmbH, with which it can log into your online banking account. After logging in, Sofort GmbH automatically checks your account balance and carries out the transfer to us with the help of the TAN you provided. It then immediately sends us a transaction confirmation. After logging in, your transactions, credit line of the overdraft facility, and the existence of other accounts as well as their balances are also checked automatically. In addition to the PIN and TAN, the payment data you entered as well as data about your person are transmitted to Sofort GmbH. The personal data includes your name, address, telephone number(s), email address, IP address, and possibly further data necessary for the payment processing. The transmission of this data is necessary to determine your identity beyond doubt and to prevent fraud attempts. Details about the payment with Sofortüberweisung can be found at the following link: https://www.klarna.com/sofort/.