-15% auf ALLES für 24h! Rabatt automatisch im Warenkorb

--

Days

--

Hours

--

Mins

--

Secs

Aktion beendet.

Privacy & Cookies

Privacy Policy

1. Introduction

This website is operated by: RCP Handels GmbH & Co. KG.

It is very important to us to handle the data of our website visitors with trust and to protect it as best as possible. For this reason, we make every effort to comply with the requirements of the GDPR.

In the following, we explain how we process your data on our website. We use the clearest and most transparent language possible so that you truly understand what happens to your data.

2. General Information

2.1 Processing of personal data and other terms

Data protection applies to the processing of personal data. Personal data means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) you are currently using. Such data is processed when 'something happens to it'. For example, the IP address is transmitted from the browser to our provider and automatically stored there. This is then a processing (pursuant to Art. 4 No. 2 GDPR) of personal data (pursuant to Art. 4 No. 1 GDPR).

These and other legal definitions can be found in Art. 4 GDPR.

2.2 Applicable regulations/laws – GDPR, BDSG and TDDDG

The scope of data protection is regulated by laws. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law.

In addition, the TDDDG supplements the provisions of the GDPR with regard to the use of cookies.

2.3 The Controller

The controller for data processing on this website is the controller within the meaning of the GDPR. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

You can reach the controller at:

RCP Handels GmbH & Co. KG

In de Tarpen 42 22848 Norderstedt Germany

hello@rollei.de

2.4 Data Protection Officer

We have appointed a data protection officer for our company. You can reach them at:

MAKON GmbH

Europaallee 33, 67657 Kaiserslautern

datenschutz@makon-beratung.de

2.5 How data is generally processed on this website

As we have already established, there is data (e.g., IP address) that is collected automatically. This data is primarily needed for the technical provision of the homepage. Insofar as we use personal data beyond this or collect other data, we will inform you about it or ask for your consent.

Other personal data you consciously provide to us.

Detailed information on this can be found below.

2.6 Your rights

The GDPR grants you comprehensive rights. These include, for example, the right to free information about the origin, recipient, and purpose of your stored personal data. You can also request the rectification, blocking, or erasure of this data or lodge a complaint with the competent data protection supervisory authority. You can revoke any given consent at any time.

You will find details on these rights and how to exercise them in the last section of this privacy policy.

2.7 Data protection – Our view

For us, data protection is more than just an annoying obligation! Personal data has great value, and careful handling of this data should be a matter of course in our digitized world. Furthermore, as a website visitor, you should be able to decide for yourself what happens to your data, when, and by whom. Therefore, we commit ourselves to comply with all legal provisions, collect only the data necessary for us, and, of course, treat it confidentially.

2.8 Disclosure and deletion

The disclosure and deletion of data are also important and sensitive topics. Therefore, we would like to briefly inform you in advance about our general approach to this.

Data is only disclosed on a legal basis and only if it is unavoidable. This may be the case, in particular, if it concerns a so-called processor and a data processing agreement has been concluded in accordance with Art. 28 GDPR.

We delete your data when the purpose and legal basis for processing cease to exist and no other legal obligations prevent the deletion. Art. 17 GDPR also provides a 'good' overview of this.

Please refer to this privacy policy for all further information and contact the controller with specific questions.

2.9 Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the hoster. This includes both the automatically collected and stored log files (more details below) as well as all other data provided by website visitors.

External hosting serves the purpose of providing our website securely, quickly, and reliably, and in this context, it fulfills our contractual obligations towards our potential and existing customers.

The legal basis for the processing is Art. 6 para. 1 lit. a, b and f GDPR, as well as § 25 para. 1 TDDDG, insofar as consent includes the storage of cookies or access to information in the end device of the website visitor or user within the meaning of the TDDDG.

Our hoster processes only such data as is necessary to fulfill its service obligations and acts as our data processor, meaning it is subject to our instructions. We have concluded a corresponding data processing agreement with our hoster.

We use the following hoster:

Shopify

Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

https://www.shopify.com/legal/privacy.

2.10 Legal bases

The processing of personal data always requires a legal basis. Art. 6 para. 1 sentence 1 GDPR provides for the following possibilities:

a) The data subject has given consent to the processing of his or her personal data for one or more specific purposes;

b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

c) processing is necessary for compliance with a legal obligation to which the controller is subject;

d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;

e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

In the following sections, we will inform you about the specific legal basis for each processing activity.

3. What happens on our website

By visiting our website, we process your personal data.

To best protect this data from unauthorized access by third parties, we use SSL or TLS encryption. You can recognize this encrypted connection by the fact that "https://" or a lock symbol is displayed in the address bar of your browser.

Below you will find out what data is collected when you visit our website, for what purpose this is done, and on what legal basis.

3.1 Data collection when visiting the website

When you visit the website, information is automatically stored in so-called server log files. This includes the following information:

Browser type and browser version

Operating system used

Referrer URL

Hostname of the accessing computer

Time of the server request

IP address

This data is temporarily required to display our website to you permanently and without problems. In particular, this data serves the following purposes:

Website system security

Website system stability

Error resolution on the website

Establishing a connection to the website

Displaying the website

Data processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR and is based on our legitimate interest in processing this data, in particular our interest in the functionality and security of the website.

Where possible, this data is stored pseudonymized and deleted after the respective purpose has been achieved.

Insofar as the server log files enable the identification of the data subject, the data is stored for a maximum period of 14 days. An exception exists if a security-relevant event occurs. In this case, the server log files are stored until the security-relevant event has been eliminated and conclusively clarified.

Otherwise, no merging with other data takes place.

3.2 Cookies

3.2.1 General

This website uses so-called cookies. These are data sets, pieces of information, that are stored in the browser of your device and are related to our website.

By setting cookies, navigation on the website can be made easier for visitors in particular.

In our cookie consent tool, you will find all information about the cookies we use on our website (possibly after your consent).

3.2.2 Rejecting cookies

You can manage all cookies that are not technically necessary directly via our cookie consent tool.

The setting of cookies can be prevented by adjusting your browser settings.

Here you will find the corresponding links to frequently used browsers:

Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox

Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en

Microsoft Edge: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d

Safari: https://support.apple.com/en-us/guide/mdm/mdmf7d5714d4/web and https://support.apple.com/en-us/guide/safari/sfri11471/mac If you use a different browser, it is recommended that you enter the name of your browser and 'delete and manage cookies' into a search engine and follow the official link for your browser.

Alternatively, you can also manage your cookie settings at www.aboutads.info/choices/ or www.youronlinechoices.com.

However, we must point out that a comprehensive blocking/deletion of cookies may lead to impairments in the use of the website.

3.2.3 Technically necessary cookies

We use technically necessary cookies on this website so that our website functions without errors and in accordance with applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies.

The legal basis for this is, depending on the individual case, Art. 6 Para. 1 lit. b, c and/or f GDPR.

3.2.4 Technically unnecessary cookies

In addition, we also use cookies on our website that are not technically necessary. These cookies serve, among other things, to analyze the browsing behavior of website visitors or to offer website functions that are not strictly technically necessary.

The legal basis for this is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

Technically unnecessary cookies are only set with your consent, which you can revoke at any time in the cookie consent tool.

3.3 Data processing through user input

3.3.1 Ratings

On our website, we offer the possibility to write and submit a review. This can then be published on our website.

The data processed are those provided by the user when submitting the review

specified. This primarily includes the name, optionally contact details, and the content of the review.

The legal basis for data processing is consent pursuant to Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time.

If the review is published, the name and content may be made public.

3.3.2 Comment Function

The website visitor has the option to leave a comment on our website.

For security reasons, we collect the IP address to prevent abuse and to be able to take legal action if necessary, as well as the content of the comment and the specified (user) name for publication on our website.

Furthermore, we process your email address to ensure that you are a real user and not an automated program (spam). The email address may also be used to contact you in case of questions or replies to your comment.

The data is processed with consent pursuant to Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time.

The collected data will be stored as long as the comment is publicly accessible on the website or as long as required for legal reasons. Afterwards, the data will be deleted, unless legal retention periods prevent this.

3.3.3 Contact

a) Email

If you contact us by email, we process your email address and, if applicable, other data contained in the email. This data is stored on the mail server and partly on the respective end devices. Depending on the matter, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose ceases to apply and it is possible according to legal requirements. 

b) Telephone

If you contact us by telephone, call data may be stored pseudonymized on the respective end device and by the telecommunications provider used. Personal data collected during the phone call will only be processed to handle your request. Depending on the matter, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose ceases to apply and it is possible according to legal requirements. 

c) Contact Form

We offer a contact form. This serves to establish contact with our company. 

In this form, we usually process your first and last name, your telephone number, your email address, a postal address, and the content of the message. The data is stored on our web server and forwarded internally to the respective responsible email addresses. 

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in answering your request and in an uncomplicated contact option. If the contact aims at the conclusion of a contract, an additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

We delete this data at the latest 3 months after receipt, unless it is needed for an existing contractual relationship.

We integrate the contact form from

Shopify

Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

https://www.shopify.com/legal/privacy.

Typeform

www.typeform.com

on our website.

d) Chat

e) Helpscout

www.helpscout.com

f) WhatsApp

To communicate with customers or third parties, we use WhatsApp as an instant messaging service. This service is offered by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. 

To prevent WhatsApp or third parties from gaining access to communication content, communication takes place via end-to-end encryption. However, this creates metadata to which WhatsApp has access and which WhatsApp shares with the parent company Meta in the USA. 

Further information can be found here: 

https://www.whatsapp.com/legal/#privacy-policy.  

This data is stored until the data subject requests its deletion, revokes consent for storage, or the purpose for storage ceases to apply. Mandatory legal provisions regarding retention periods remain unaffected. 

When transferring data to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Details here: 

https://www.whatsapp.com/legal/business-data-transfer-addendum.  

The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legitimate interest lies in the fastest and most effective communication possible with customers and third parties.

If consent has been requested, the legal basis is Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time. 

g) Appointment Booking Tool

Calendly

To allow you to book an appointment with us, we integrate the functions of Calendly on our website. This service is offered by Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA. 

The data requested for this purpose is used for the planning, execution, and follow-up of the appointment and stored on Calendly's servers.

Calendly uses cookies for data collection and storage on our website. These cookies are only set with your consent. You can revoke and manage your consent at any time in our cookie consent tool. The legal basis for this is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's end device or the storage of cookies within the meaning of the TDDDG.

Furthermore, the legal basis for the use of Calendly is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in direct interaction with customers, potential customers, and other interested parties and in processing inquiries directly and as quickly as possible. 

The data will be stored until the data subject requests deletion, revokes consent for storage, or the purpose for storage ceases to apply. Mandatory legal provisions regarding retention periods remain unaffected. 

When transferring data to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Further information can be found here: 

https://calendly.com/de/pages/privacy

https://calendly.com/pages/dpa.  

3.3.4 Questionnaires/Forms

a) Typeform

We use Typeform on our website. This is a service by TYPEFORM SL, C/Bac de Roda, 163, 08018 Barcelona, Spain, for creating online forms and online surveys.

This service allows us to create online forms for collecting messages, inquiries, or other input for our website and integrate them there. 

Typeform receives your data that you enter into the form on our website. We have concluded a data processing agreement with Typeform in accordance with Art. 28 GDPR. 

Typeform uses cookies for data collection and storage on our website. These cookies are only set with consent. This consent can be revoked and managed at any time in our cookie consent tool. The legal basis for this is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's end device or the storage of cookies within the meaning of the TDDDG.

Furthermore, the legal basis for the use of Typeform is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in creating online forms and integrating them functionally on our website. Insofar as the data processing via the form serves to provide our contractual services, the legal basis is Art. 6 para. 1 lit. b GDPR.

The data entered by the website visitor into the form is stored on Typeform's servers until the website visitor requests its deletion, a given consent for storage is revoked, or the purpose for storing the data ceases to apply. Mandatory legal provisions regarding retention periods remain unaffected.

Further information on Typeform's data processing can be found here:

https://admin.typeform.com/to/dwk6gt/

3.4 Cookie Consent Tool

3.4.1 Cookiebot

To ensure that only cookies for which there is a legal basis are set on our website, we use the Consent Management Tool Cookiebot from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. 

This service is used to obtain the website visitor's consent for storing certain cookies in their browser or for using certain technologies, and to document this in compliance with data protection regulations. 

When this website is accessed, the consent given by the website visitor or the revocation of consent is stored as a Cookiebot cookie in the website visitor's browser. For this purpose, a connection to Cookiebot's servers is established. 

The legal basis is Art. 6 para. 1 lit. c GDPR. Cookiebot is used to obtain the legally required consent for the use of cookies. 

The collected data will be stored until the website visitor asks us to delete it or Cookiebot itself deletes it, or until the purpose for storing the data ceases to apply. This does not affect mandatory legal retention periods. 

3.5 Website Builder System

3.5.1 Shopify

We use Shopify to create our website. This is a service of Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.

This service allows us to display our online shop.

Shopify uses cookies for, among other things, browsing security and preventing cross-site request forgery (session cookies), as well as for secure transactions.

The service is technically necessary to display our website. The legal basis for processing is Art. 6 para. 1 lit. f GDPR.

We have concluded a data processing agreement with Shopify. The data collected on our website is processed on Shopify's servers. If data is transferred to Shopify Inc. in Canada, the adequacy decision of the EU Commission applies. If data is transferred to Shopify Inc. in the USA, the standard contractual clauses apply.

Further information:

https://www.shopify.de/legal/datenschutz.

3.6 Newsletter

3.6.1 Klaviyo

We use Klaviyo for our newsletter service. This service is provided by Klaviyo, Inc., 125 Summer Street, Boston MA, 02111, USA.

This service allows for the organization and analysis of newsletter dispatches. The data entered to receive the newsletter is stored on the service's servers.  

With the help of Klaviyo, interactions with the newsletter can be analyzed. Furthermore, conversion rates can be determined, and newsletter users can be categorized to tailor the newsletter to different target groups.  

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time by unsubscribing from the newsletter. The lawfulness of processing already carried out remains unaffected by any revocation.  

The data will be deleted at the end of the contract between us and Klaviyo, unless the website visitor revokes their consent beforehand. If this is the case, the data will be deleted from the mailing list. 

When transferring data to the USA, the standard contractual clauses (SCC) of the EU Commission apply. This contract text can be viewed here: https://www.klaviyo.com/privacy/dpa.

Further details: 

https://www.klaviyo.com/legal/privacy/privacy-notice.

3.7 Mailing Service

3.7.1 Shopify

We use Shopify's features as a mailing service. This service is offered by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.

It is a service that allows for efficient organization and sending of emails. Shopify's mailing function enables businesses to send a variety of emails, including transactional emails, marketing emails, and other notifications.

Processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR, insofar as we use the mailing service to contact our leads. Consent can be revoked at any time.

When sending emails for concrete contract initiation or within an existing contractual relationship, the legal basis for processing is Art. 6 para. 1 lit. b GDPR, as the services used serve customer administration and the fulfillment of our contractual services.

The data will be deleted at the end of the contract between us and Shopify.

Further information:

https://www.shopify.com/legal/privacy.

3.8 Analytics and Tracking Tools

3.8.1 Google Analytics

We use Google Analytics on this website. Google Analytics is a web analytics service. This service is offered by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses cookies to recognize the user and thus analyze user behavior. These cookies are only set with consent. Consent can be revoked at any time and managed in our cookie consent tool.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.

The information collected here is usually transmitted to a Google server in the USA and stored there. On July 10, 2023, the European Commission adopted an adequacy decision for the USA. Google LLC is certified under the EU-US Data Privacy Framework. However, since Google servers are located worldwide and data transfer to third countries (e.g., Singapore) cannot be ruled out, the standard contractual clauses (SCC) of the EU Commission apply.

The use of Google Analytics involves IP anonymization. The IP address of the respective user is truncated within EU member states (or the European Economic Area) on servers within the EU so that traceability to a natural person is no longer possible. Furthermore, Google commits to adequate data protection through the Google Ads data processing terms and creates an evaluation of website usage and website activity and provides the services associated with the use. The Google Ads data processing terms apply to companies subject to the EU General Data Protection Regulation (GDPR) of the European Economic Area (EEA), the California Consumer Privacy Act (CCPA), or similar regulations. 

An additional browser plugin can prevent the collected information (such as the IP address) from being sent to Google and used by Google. You can find the plugin and further information here: https://tools.google.com/dlpage/gaoptout?hl=de

Otherwise, the storage period depends on the type of data processed. Each customer can choose how long Google Analytics stores data before it is automatically deleted. The maximum lifespan of a Google Analytics cookie is two years.

For more information about Google's data usage, please visithttps://support.google.com/analytics/answer/6004245?hl=de. For all further inquiries, you can also contact us directly at support-deutschland@google.com .

3.8.2 YouTube

We embed YouTube videos on this website. YouTube is an online video platform. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

As soon as you start a video on our website, a connection to YouTube's servers is established. After starting a video, YouTube may place cookies on the website visitor's device to store settings and preferences and subsequently display personalized advertising. The information obtained from this is also used for video statistics, improving user-friendliness, and preventing fraud attempts.

The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's terminal device or the storage of cookies within the meaning of the TDDDG. This consent can be revoked at any time.

Further information:

https://policies.google.com/privacy?hl=de.

3.8.3 Google Conversion Tracking

This website uses Google Conversion Tracking. Google Conversion Tracking is a web analytics service. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Conversion Tracking uses cookies for identification. We learn the number of users and what actions were performed on the website by the website visitors.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

The data will be deleted as soon as it is no longer required for the processing purposes.

Further details:

https://policies.google.com/privacy?hl=de.

3.8.4 Google Ads Remarketing

On this website, we use Google Ads Remarketing. Google Ads Remarketing is a web analytics service. This service is offered by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads Remarketing uses cookies for the following purpose: Website visitors can be assigned to a specific target group and accordingly be provided with personalized advertising.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Further details:

https://www.google.com/settings/ads/onweb/

https://policies.google.com/technologies/ads?hl=de.

3.8.5 Google Tag Manager

On this website, we use Google Tag Manager. Google Tag Manager is a web analytics service. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager does not store cookies and does not analyze independently. It merely serves to manage the tools integrated via it. However, the IP address of the website visitor is recorded, which can be transferred to Google's parent company in the USA.

The legal basis for processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in easily integrating and managing various tools on our website.

Further details:

https://policies.google.com/privacy?hl=en.

3.8.6 Google Ads

We use Google Ads on this website. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

The service enables us to link advertisements in the Google search engine to specific keywords and to display targeted advertisements based on existing user data. Cookies are used for conversion tracking.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

For data transfers to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Further details:

https://privacy.google.com/businesses/controllerterms/mccs/.

3.8.7 Google AdSense

We use Google AdSense on this website. Google AdSense is a service that integrates advertisements into a website. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

When selecting advertisements, in non-personalized mode, so-called "contextual information" (e.g., location, website content) is used. Google AdSense uses cookies to combat fraud and abuse.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

For data transfers to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Further details:

https://privacy.google.com/businesses/controllerterms/mccs/

https://adssettings.google.com/authenticated

https://policies.google.com/technologies/ads

https://www.google.de/intl/de/policies/privacy/.

3.8.8 Meta Pixel

We use Meta Pixel on this website. Meta Pixel is a conversion tracking tool. This service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Meta-pixel enables us to track the behavior of website visitors after they have been redirected to the website via a Facebook ad.

Meta Pixel uses cookies for its own advertising purposes. The data is stored and processed by Facebook so that a connection to the respective user profile can be established.

The collected data is also transferred to the USA and other third countries.

For data transfers to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Insofar as personal data is collected and transmitted to Facebook on this website with the help of Meta Pixel, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for data processing in accordance with Art. 26 GDPR. This joint responsibility is limited exclusively to the collection and transmission of data to Facebook. There is an agreement on joint processing:

https://www.facebook.com/legal/controller_addendum.

We are responsible for providing data protection information when using the Facebook tool and for the data protection-compliant integration of the tool on the respective website. Facebook, on the other hand, is responsible for the data security of its products. It follows from this that data subject rights regarding data processed by Facebook must be asserted directly with Facebook.

Further details:

https://de-de.facebook.com/about/privacy/

https://www.facebook.com/ads/preferences/?entry_product=ad_settings_scrnen

http://www.youronlinechoices.com/de/praferenzmanagement/

https://www.facebook.com/legal/EU_data_transfer_addendum

https://de-de.facebook.com/help/566994660333381.

3.8.9 Facebook Conversion API

On this website, we use the Facebook Conversion API. The Facebook Conversion API is a web analytics service. This service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

With the help of the Facebook Conversion API, we can record the website visitor's interaction with the website and transmit it to Facebook to optimize advertising performance on Facebook.

The collected data is also transferred to the USA and other third countries.

For data transfers to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

https://www.facebook.com/legal/EU_data_transfer_addendum

https://de-de.facebook.com/help/566994660333381

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Insofar as personal data is collected and transmitted to Facebook on this website with the help of Meta Pixel, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for data processing in accordance with Art. 26 GDPR. This joint responsibility is limited exclusively to the collection and transmission of data to Facebook. There is an agreement on joint processing:

https://www.facebook.com/legal/controller_addendum.

We are responsible for providing data protection information when using the Facebook tool and for the data protection-compliant integration of the tool on the respective website. Facebook, on the other hand, is responsible for the data security of its products. It follows from this that data subject rights regarding data processed by Facebook must be asserted directly with Facebook.

Further details:

https://de-de.facebook.com/about/privacy/.

3.8.10 Facebook Custom Audiences

We use Facebook Custom Audiences on this website. Facebook Custom Audiences is a web analytics service. This service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When using the online offer, personal data of the website visitor is collected. If the website visitor has given us consent to use Facebook Custom Audiences, this data is transmitted to Facebook to display relevant advertising to the website visitor and to define target groups.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

For data transfers to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

https://www.facebook.com/legal/terms/customaudience

https://www.facebook.com/legal/terms/dataprocessing.

3.8.11 Criteo

We use Criteo on this website. Criteo is a web analytics service. This service is provided by Criteo SA, 32 Rue Blanche, 75009 Paris, France.

Based on the website visitor's previous usage behavior, Criteo displays interest-based advertisements.

Criteo uses cookies for the following purpose: to recognize the website visitor and to analyze user behavior. For this purpose, user data is linked to a pseudonymous user profile.

https://www.criteo.com/de/privacy/.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's terminal device or the storage of cookies within the meaning of the TDDDG.

The personal data of the website visitor and the cookies stored in the browser are stored by Criteo for a maximum of 13 months from the date of collection.

Criteo and we are joint controllers within the meaning of Art. 26 GDPR.

Further information:

https://www.criteo.com/de/privacy/how-we-use-your-data/

https://www.criteo.com/privacy/.

3.8.12 Pinterest Tag

We use Pinterest Tag on this website. Pinterest Tag is a web analytics service. This service is provided by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

With the help of Pinterest Tag, interactions on a website can be recorded. This data can then be used to display relevant advertising to the website visitor on other websites of the Pinterest Tag advertising network.

Pinterest Tag uses cookies to recognize the website visitor and to analyze user behavior.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's terminal device or the storage of cookies within the meaning of the TDDDG.

The collected data is also transferred to the USA and other third countries. For data transfers to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Further information:

https://policy.pinterest.com/de/privacy-policy

https://help.pinterest.com/de/business/article/track-conversions-with-pinterest-tag.

3.8.13 Shopify Analytics

We integrate the functions of Shopify Analytics on our website. This service is provided by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.

Shopify Analytics offers comprehensive insights into the business performance of an online store by analyzing and visualizing data such as sales reports, customer behavior, marketing campaigns, and inventory levels.

For this purpose, Shopify Analytics records two bytes of the IP address of the calling system of the website visitor, the visited website, the website from which the website visitor reached the visited website (referrer), the subpages called from the visited website, the time spent on the website, and the frequency of calling the website. Shopify Analytics may set cookies. The legal basis for processing is then Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's terminal device or the storage of cookies within the meaning of the TDDDG. Otherwise, the legal basis for processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in analyzing our website. Further information: https://www.shopify.com/de/legal/privacy/app-users.

3.8.14 Calendly

We use the Calendly service for analysis and tracking purposes. This service is provided by Calendly LLC, 271 17th St NW, Atlanta, GA 30363, USA. Calendly allows us to analyze usage data and interactions on our website to improve the user experience and optimize the performance of our services.

The data processed in this context includes technical information such as IP addresses, browser types, operating systems, error logs, and usage data. This data is used to improve the stability and performance of our web applications and to identify and resolve technical issues. The service in question stores data on servers worldwide, including the USA, and may set cookies for data collection and storage. These cookies are only set with consent. This consent can be revoked at any time. The legal basis for the use of cookies is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent covers access to information on the user's end device or the storage of cookies within the meaning of the TDDDG.

The legal basis for processing the collected data is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in using this tool to optimize our website and integrate analytics and tracking functionalities.

The data will be stored until the data subject requests its deletion, revokes consent for storage, or the purpose for storage ceases to apply. Mandatory legal provisions regarding retention periods remain unaffected.

When transferring data to the USA, the Standard Contractual Clauses (SCC) of the EU Commission apply.

Further information:

https://calendly.com/legal/privacy-notice.

3.9 Social Media Plugins

3.9.1 Facebook

Elements of the social network Facebook are integrated into this website. This service is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

If the social media element is activated, a direct connection is established between the website visitor and Facebook's servers, and their IP address is transmitted to Facebook. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

If personal data is collected on this website with the help of Facebook and forwarded to Meta, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for data processing in accordance with Art. 26 GDPR. This joint responsibility is exclusively limited to the collection and forwarding of data to Facebook. There is an agreement on joint processing for this:

https://www.facebook.com/legal/controller_addendum. We are responsible for providing privacy information when using the Facebook tool and for securely integrating the tool on the respective website in compliance with data protection laws. Facebook, on the other hand, is responsible for the data security of its products. It follows from this that data subject rights regarding data processed by Facebook must be asserted directly with Facebook.

When transferring data to the USA, the Standard Contractual Clauses (SCC) of the EU Commission apply.

Further information:

https://www.facebook.com/legal/EU_data_transfer_addendum

https://de-de.facebook.com/help/566994660333381

https://www.facebook.com/policy.php

https://de-de.facebook.com/privacy/explanation.

3.9.2 Instagram

Elements of the social network Instagram are integrated into this website. This service is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If the social media element is activated, a direct connection is established between the website visitor and Instagram's servers, and their IP address is transmitted to Instagram. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account. As the website operator, we do not gain any knowledge of the content of the transmitted data.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

If personal data is collected on this website with the help of Facebook or Instagram and forwarded to Meta, the website operator and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for data processing in accordance with Art. 26 GDPR. This joint responsibility is exclusively limited to the collection and forwarding of data to Facebook or Instagram. There is an agreement on joint processing for this:

https://www.facebook.com/legal/controller_addendum.

The website operator is responsible for providing privacy information when using the Instagram tool and for securely integrating the tool on the respective website in compliance with data protection laws. Facebook or Instagram, on the other hand, is responsible for the data security of its products. It follows from this that data subject rights regarding data processed by Facebook or Instagram must be asserted directly with Facebook or Instagram.

When transferring data to the USA, the Standard Contractual Clauses (SCC) of the EU Commission apply.

https://www.facebook.com/legal/EU_data_transfer_addendum

https://de-de.facebook.com/help/566994660333381

https://www.facebook.com/policy.php

https://instagram.com/about/legal/privacy/.

3.9.3 TikTok

Elements of the social network TikTok are integrated into this website. This service is offered by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.

If the social media element is activated, a direct connection is established between the website visitor and TikTok's servers, and their IP address is transmitted to TikTok. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account. The website operator does not gain any knowledge of the content of the transmitted data.

The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

When transferring data to the USA, the Standard Contractual Clauses (SCC) of the EU Commission apply.

Further information:

https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE?tid=331689749201

https://ads.tiktok.com/i18n/official/policy/controller-to-controller.

3.10 Social Media Profile

In addition to our website, we also have a presence on social networks with our company. Here, we want to present our company and create the opportunity to get in touch with us.

We also use the option of placing advertisements and job advertisements on social media.

In the following, we inform you about what data we and the respective social network process when you visit and interact with our profile.

3.10.1 LinkedIn

We operate a LinkedIn profile on https://www.linkedin.com/. This social network is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

a) Interaction with our company profile

When you visit our LinkedIn profile and interact with us through it, we process personal data. On the one hand, the publicly available data on the profile. On the other hand, also the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our LinkedIn profile.

Insofar as a request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.

b) Page Insights

LinkedIn provides us with aggregated statistics and insights (so-called Page Insights) that give us information about how people interact with our company page. Among other things, we receive information about the number of profiles that view, comment on or otherwise interact with our posts, as well as aggregated demographic and other information that helps us learn about interaction with our page or our LinkedIn profile. Page Insights provided to us by LinkedIn consist of aggregated data, whereby LinkedIn does not provide us with any personal data of members in relation to Page Insights. We also have no way of linking Page Insights to individual members.

When placing advertisements, LinkedIn provides us with information about the types of people who see our advertisements and about the success of our advertisements. Personal data is only passed on to us if the person concerned has consented to such processing. We also receive information from LinkedIn that enables us to understand which of our advertisements led to a purchase being made or an action being taken.

The purpose of processing this data is to analyze our reach and to adapt our content and advertisements to user interests. Based on the evaluation of this data, we can see how our content, our profile and our advertising are consumed. This enables us to create target group-specific content and place advertisements to better market our company and our services.

The processing is based on our legitimate interest according to Art. 6 para. 1 sentence 1 lit. f GDPR.

When processing personal data in the course of so-called Page Insights, processing takes place in joint responsibility with LinkedIn in accordance with Art. 26 para. 1 GDPR.

For this purpose, we have concluded a corresponding agreement with LinkedIn, which can be viewed here (https://legal.linkedin.com/pages-joint-controller-addendum).

The contact details of LinkedIn are:

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

For LinkedIn, you can contact the data protection officer at the following link:

https://www.linkedin.com/help/linkedin/ask/TSO-DPO.

3.10.2 Processing by LinkedIn

In connection with your visit to our company profile, LinkedIn may also process other personal data. In this case, the processing is the sole responsibility of LinkedIn and without our knowledge. Further information from LinkedIn on this can be found at:

https://de.linkedin.com/legal/privacy-policy.

3.11 Facebook

We operate a Facebook fan page at https://www.facebook.com/. This social network is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

3.11.1 Interaction with our company profile

When you visit our Facebook profile and interact with us through it, we process personal data. On the one hand, the publicly available data on the profile. On the other hand, also the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Facebook profile.

Insofar as a request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.

3.11.2 Page Insights

As explained in Meta's Privacy Policy under "How do we use your information?", Meta also collects and uses information to provide analytics services, known as Page Insights, to Page operators. This also applies to our Facebook page.

Page Insights are aggregated statistics created based on certain interactions of visitors with pages and their associated content (e.g., viewing a page or video, subscribing to a page, liking or unliking a page, etc.) and logged by Meta servers.

In connection with Page Insights, Meta provides us with aggregated statistics and insights that give us information about how people interact with our company page. We do not gain access to personal data, but only to the aggregated Page Insights. With the help of Page Insights, we can view anonymous statistics, e.g., on the reach of our account, page views, likes, etc. These also include evaluations by age, gender, and location of users (as indicated by them in their respective Facebook profiles). For the evaluation of reach, we can make settings or set corresponding filters regarding the selection of a period, the viewing of a specific post, and demographic groupings. This data is anonymized. We cannot draw conclusions about specific individuals from it.

The purpose of processing this data is to analyze our reach and to adapt our content and advertisements to user interests, so that visitors can derive the greatest possible benefit from it. Based on the evaluation of this data, we can see how our content, our profile, and our advertising are consumed. This enables us to create target group-specific content and place advertisements to better market our company and our services.

The processing is based on our legitimate interest according to Art. 6 para. 1 sentence 1 lit. f GDPR.

When processing personal data in the course of so-called Page Insights, processing takes place in joint responsibility with Facebook in accordance with Art. 26 para. 1 GDPR.

For this purpose, we have concluded a corresponding agreement with Facebook, which can be viewed here (https://www.facebook.com/legal/terms/page_controller_addendum).

The contact details for Facebook are:

Online contact: https://www.facebook.com/help/contact/1650115808681298

By post: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland.

For Facebook, you can contact the data protection officer at the following link:

https://www.facebook.com/help/contact/540977946302970.

Further information about Page Insights:

https://de-de.facebook.com/help/pages/insights.

3.11.3 Processing of personal data and cookies by Meta

When accessing a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for "German" IP addresses). Facebook also stores information about the end devices of its users (e.g., as part of the "Login Notification" function); where applicable, this allows Facebook to assign IP addresses to individual users. If you are currently logged into Facebook as a user, there is a cookie on your end device with your Facebook ID. This enables Facebook to track that you have visited this page and how you have used it. Facebook buttons embedded in websites allow Facebook to record your visits to these websites and assign them to your Facebook profile. Based on this data, content or advertising can be offered to you in a tailored manner.

Information on how to manage or delete personal data can be found in Facebook's Privacy Center:

https://www.facebook.com/privacy/center/.

More information on how Facebook handles data can be found here:

http://de-de.facebook.com/about/privacy.

3.12 Instagram

We operate an Instagram profile. This social media platform is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

3.12.1 Interaction with our company profile

When you visit our Facebook profile and interact with us through it, we process personal data. On the one hand, the publicly available data on the profile. On the other hand, also the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Instagram profile.

Insofar as a request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.

3.12.2 Insights

As explained in the Meta Privacy Policy under "How do we use your information?" (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect), Meta also collects and uses information to provide analytics services, known as Insights, to page operators. This also applies to our Instagram profile.

Insights are aggregated statistics created based on certain interactions of visitors with pages and the content associated with them, and logged by Meta servers. This includes, among other things, the following information:

How many people see and interact with our products, services or content, including posts, videos, Facebook pages, listings, shops and ads (when ads are shown on Meta products);

How people interact with our content, websites, apps and services;

Which group of people interacts with our content or which group of people uses our services.

Meta provides us with aggregated reports and insights that give us information about how well our content, features, products and services are performing.

We do not get access to personal data, but only to the aggregated reports.

For the evaluation of the reach, we can make settings or set corresponding filters regarding the selection of a period, the viewing of a specific post, and the demographic groupings. This data is anonymized. We cannot draw conclusions about specific individuals from this.

The processing of this data serves the purpose of analyzing our reach and adapting our content and advertisements to user interests so that visitors can derive the greatest possible benefit from it. Based on the evaluations of this data, we can see how our content, our profile and our advertising are consumed. This enables us to create target-group-specific content and place advertisements to better market our company and our services.

The processing is based on our legitimate interest according to Art. 6 para. 1 sentence 1 lit. f GDPR.

When processing personal data in the course of the so-called Insights, processing takes place under joint responsibility with Meta in accordance with Art. 26 para. 1 GDPR.

We have concluded a corresponding agreement with Meta, which can be viewed here (https://www.facebook.com/legal/terms/page_controller_addendum).

Meta's contact details are:

Online contact: https://www.facebook.com/help/contact/1650115808681298

Postal address: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland.

For Facebook, you can contact the data protection officer at the following link:

https://www.facebook.com/help/contact/540977946302970.

Further information about Insights:

https://de-de.facebook.com/help/pages/insights.

The complete Instagram privacy policy can be found here:

https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect

3.12.3 Processing of personal data and cookies by Meta

When accessing an Instagram page, the IP address assigned to your end device is transmitted to Meta. According to Meta, this IP address is anonymized (for "German" IP addresses). Meta also stores information about the end devices of its users (e.g., as part of the "Login Notification" function); where applicable, this allows Meta to assign IP addresses to individual users. If you are currently logged into Instagram as a user, there is a cookie on your end device with your Instagram ID. This enables Meta to track that you have visited this page and how you have used it. Meta buttons embedded in websites allow Meta to record your visits to these websites and assign them to your Instagram profile. Based on this data, content or advertising can be offered to you in a tailored manner.

Further information:

https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect.

3.12.4 Threads

We also use the features of Threads. Data collected when using the service, including IP address, application used, and device information, as well as websites visited, location, and mobile carrier, are processed by Meta Platform, Inc., as described above. This data may also be transferred to countries outside the European Union. The collected data is linked to the account or profile on Threads. There is no control over the specifics of the data processed by Threads, including its processing, use, or disclosure to third parties. Further information:

https://help.instagram.com/769983657850450/?helpref=uf_share

https://privacycenter.instagram.com/policy.

3.13 Pinterest

We operate a Pinterest profile. Pinterest is offered by Pinterest Europe Ltd. Palmerston House, 2nd Floor Fenian Street Dublin 2 Ireland.

3.13.1 Joint Controllership

We are jointly responsible for our profile with Pinterest. The underlying Joint Controller Agreement can be viewed here: https://business.pinterest.com/de/pinterest-advertising-services-agreement/rest-of-apac/.

Pinterest's data protection officer can be contacted here: https://help.pinterest.com/de/data-protection-officer-contact-form.

3.13.2 Data processing by Pinterest

When you visit our Pinterest page, Pinterest collects, among other things, log data that the browser automatically transmits when you visit the website (e.g., IP address, search history, browser type and settings, date and time of the request, etc.). Device information is also processed by Pinterest (e.g., device type, operating system).

Further information can be found here:

https://policy.pinterest.com/de/technical-information-we-collect-when-you-use-our-service and

https://policy.pinterest.com/de/privacy-policy.

Pinterest can also set cookies. The data processed in this context is partly assigned to the user's account.

Further information can be found here:

https://policy.pinterest.com/de/cookies.

3.13.3 Data processing by us

When Pinterest users communicate with us via our Pinterest profile, we receive the respective message from the user (including their Pinterest username).

We also process users' published comments.

Our data processing serves the purpose of presenting our published content on Pinterest and communicating with users.

The legal basis for this is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in presenting relevant information to interested users and communicating about it.

In our Pinterest profile, we have the "Pinterest Analytics" function available, which allows us to view statistical evaluations.

The data we receive from Pinterest are merely anonymous statistics about the visitors to our Pinterest profile. These statistics are not personal and no longer allow conclusions to be drawn about individual users.

3.13.4 Disclosure of data

If we receive messages from users, we do not transmit the content of these messages to other recipients.

Information about the transmission of data to third parties by Pinterest can be found here:

https://policy.pinterest.com/de/privacy-policy and https://help.pinterest.com/de/article/ads-performance-reporting.

3.13.5 Storage period

In connection with our Pinterest profile, we only store the messages we receive when Pinterest users communicate with us via our Pinterest profile. We delete these messages at the latest after the expiry of the statutory retention period.

The respective storage period by Pinterest is described in their data policy at https://policy.pinterest.com/de/privacy-policy.

3.14 TikTok

We operate a TikTok channel. TikTok is provided by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (hereinafter "TikTok Ireland"). Through our TikTok channel, we have the opportunity to present ourselves to TikTok users and to get in touch with them.

3.14.1 Interactions with our TikTok channel

Users can interact with our TikTok channel via their TikTok account, for example by liking or commenting on our posts. In doing so, we process the associated data such as the username and profile picture.

We use this data to optimize our content and its presentation and to adapt it to the respective user interests.

It is also possible to send us direct messages on our TikTok channel. Here, too, the username and profile picture are displayed to us.

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in optimizing our TikTok channel and the content published there. Furthermore, we have a legitimate interest in communicating with users to answer questions, address criticism, build relationships and exchange information. This allows us to improve our services and respond to the needs of potential customers. By communicating via TikTok, we reach younger customers in particular.

Comments are stored indefinitely on the channel and can be viewed by other users. The same applies to the use of the like function and direct messages.

3.14.2 TikTok Analytics

When accessing and using our TikTok channel, data for TikTok Analytics is also processed. These are aggregated statistics that are created and logged by TikTok based on certain interactions of visitors with our TikTok channel and provide information on how our channel is interacted with.

This data includes, but is not limited to:

• Follower growth

• Video views

• Profile views

• Likes, comments and shares

• Average watch time

• Percentage of viewers who watch the entire video

• Traffic sources (e.g. profile, For You feed)

• Geographical distribution of the audience

• Follower activity times.

The data is provided to us in aggregated form as statistics. We do not gain access to personal data, but only to the summarized statistics.

Further information on TikTok Analytics can be found here:

https://www.tiktok.com/creators/creator-portal/en-us/tiktok-content-strategy/understanding-your-analytics/.

The processing of this data serves exclusively to analyze and improve the content on our TikTok channel. Based on the evaluations of this data, we can see how our content and our TikTok channel are consumed. This allows us to create target-group-specific content and, if necessary, place advertisements to better market our company and our services.

The processing is based on our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

When processing personal data in the course of TikTok Analytics, the processing is carried out under joint responsibility with TikTok pursuant to Art. 26 para. 1 GDPR.

We have concluded a corresponding agreement with TikTok, which can be viewed here

can be viewed.

TikTok's contact details are:

Online contact: https://privacytiktok.zendesk.com/hc/en-us/requests/new.

Postal: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.

You can contact TikTok's data protection officer using this form:

https://www.tiktok.com/legal/report/DPO.

3.14.3 Processing of personal data by TikTok

When using TikTok's services, TikTok processes users' personal data. This includes data such as your IP address, location data, time zone settings, advertising IDs, app and browser versions, and device data (system, network type, device ID, screen resolution, operating system, audio settings and connected audio devices). The TikTok profiles and channels accessed, likes, messages and other usage data are also processed. If you are logged in with your own TikTok account, this data will be assigned to your account.

Further information on the processing of data by TikTok can be found here: https://www.tiktok.com/legal/page/eea/privacy-policy/de.

3.15 WhatsApp Channel

We operate a WhatsApp channel. The channel is run by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. WhatsApp channels allow information and relevant messages to be sent directly on WhatsApp by subscribing to channels from individuals and organizations. When a channel is subscribed to, messages are sent in the form of text messages, links to information, images, or videos. Channels are public, meaning anyone can find, follow, and view them. Since channels are public and the number of users is unlimited, channel status messages are visible to everyone and to WhatsApp. WhatsApp collects user information, such as their reactions, language choice, and the channels they follow. However, we, as the operator, do not have access to personal data. WhatsApp channels are designed so that operators do not receive any information such as the identity or contact details of users.

Information about data processing by WhatsApp: https://www.whatsapp.com/legal/channels-privacy-policy-eea?lang=de_DE.

3.15.1 YouTube

We operate a profile on YouTube. This is a video platform of Google Ireland Limited, with registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which allows us to publish video content and interact with our audience.

3.15.2 Data processing by us

We also process the data of profile visitors. In doing so, we process data from your use of our profile, which is provided to us by YouTube.

This information includes statistics on visits to our profile, reports on the playback time of our videos, user interaction (e.g. "likes" or comments), as well as information about individuals who actively interact with our page, e.g. by subscribing or using YouTube's communication features.

The data entered on YouTube, in particular the username and the content published under the account, is made visible and processed by us through interactions with our profile.

We process this data to enable communication and to optimize the reach and target audience of our content.

The legal basis for processing is a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR for the stated purposes.

3.15.3 Data processing by YouTube

When visiting or interacting with our YouTube channel, YouTube collects personal data such as IP address, device information, geographical information, and platform activities, including videos watched, interactions such as likes, comments, and subscriptions. This data may be collected through cookies and similar technologies stored on the device.

YouTube uses this information to operate and improve the platform, display personalized advertising, and conduct analytics and measurements to understand how users interact with content. Furthermore, data processing helps to evaluate and improve the reach and effectiveness of the content.

The processing of data by YouTube is based, among other things, on your consent, which is expressed by accepting the cookie policies on YouTube.

The data collected by YouTube may be shared within the Google group of companies and with third parties located in countries outside the European Union, including the USA. Google LLC is certified under the EU-U.S. Data Privacy Framework, which ensures that an adequate level of data protection is maintained even when transferred to third countries.

We have no influence on the scope of data processed by YouTube, the type of processing and use, or the disclosure of this data to third parties. We also have no effective control options in this regard.

Information about what data is processed by YouTube and for what purposes it is used can be found in YouTube's privacy policy: https://policies.google.com/privacy?hl=de&gl=de.

3.16 Google Business Profile

We have a Google Business Profile. We use the information service provided by Google and the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

3.16.1 Data processing by Google

The Google page and its functions are used under one's own responsibility. This applies in particular to the use of social and interactive functions (e.g. commenting, sharing, rating, direct messages). When visiting and interacting with our Google Business Profile entry, Google also collects your IP address and other information that is present on the end device in the form of so-called cookies. If applicable, Google may thus be able to assign IP addresses to individual users or user accounts. This information is used to provide us, as the operator of the Google Business Profile entry, with statistical information about the use of Google services. The data collected in this context is processed by Google and, if applicable, transferred to countries outside the European Union. Google generally describes what information Google receives and how it is used in its privacy policy.

If you contact us via our Google Business Profile entry or other Google services via direct message, we cannot rule out that these messages may also be read and evaluated by Google (both by employees and automatically). We therefore advise against sharing personal data with us there. Instead, another form of communication should be chosen as early as possible.

The use of this service is subject to Google's privacy policy, which you have already agreed to by using it.

Further information can be found in the privacy policy at the following link: https://policies.google.com/privacy?hl=de.

3.16.2 Data processing by us

As the provider of our Google Business Profile entry, we do not collect or process any further data from the use of this Google service.

If you contact us or publish a review about us, we process your published profile data, as well as the content of the review/comment.

The legal basis is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our company and enabling the evaluation of our services in order to present our company and our services well to the outside world.

3.17 Third-party content

3.17.1 Google reCAPTCHA

This website uses Google reCAPTCHA. Google reCAPTCHA is a plugin offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The service allows to determine whether a data entry is made by a human or by an automated program. This analysis starts automatically in the background as soon as the website is entered. For this purpose, various information is collected and transmitted to Google. There is no notification of this analysis.

The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Further details:

https://policies.google.com/privacy?hl=de

https://policies.google.com/terms?hl=de.

3.17.2 Dieter Live-API

To display our privacy policy, we use the Live-API from Dieter macht den Datenschutz. This is a service of simply Legal GmbH, Burkarderstraße 36, 97082 Würzburg.

The API is a technical interface. When our privacy policy is called up, a connection to the servers of simply Legal GmbH is established. Your IP address is thereby transmitted to simply Legal GmbH.

Further information on how simply Legal GmbH handles data:

https://www.dieter-datenschutz.de/datenschutz/.

3.17.3 Fera

fera.ai

3.17.4 Stamped

www.stamped.io

3.18 Audio and Video Conferencing

3.18.1 Zoom

We use Zoom for communication with customers. Zoom is an online conferencing tool. This service is offered by Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA.

When communicating with this tool via video or audio conferences, personal data is processed by us and the tool provider. The data collected includes all information you provide when using the tool. In addition, metadata regarding the conference is processed. Furthermore, technical information required for the function of online communication is processed. All files shared within the tool are also stored on the tool provider's servers.

Zoom may also set cookies. These cookies are only set with consent. Consent can be revoked at any time. The legal basis for this is Art 6 para. 1 lit. a GDPR.

Otherwise, the legal basis for the processing of data by Zoom is Art. 6 para. 1 lit. b GDPR. The communication is related to the fulfillment of a contract or is necessary for the fulfillment of pre-contractual obligations. Furthermore, this tool is used to facilitate communication with our company. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

This data is stored until the data subject requests its deletion, the consent for storage has been revoked, or the purpose for storage has ceased to exist. Cookies remain on the end device until the user deletes them. Mandatory legal provisions on retention periods remain unaffected.

When transferring data to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Further information:

https://zoom.us/de-de/privacy.html.

3.19 Data transfer to providers on our platform

When you use our platform to avail of services or purchase products, we share certain personal data with the providers (e.g. service providers, sellers) to enable the processing of the respective services. This data transfer is necessary for the providers to provide their services or deliver products.

We may transfer the user's name for identification, contact details for contact in case of queries or problems, address for the provision of the service or delivery of products, order data for the transmission of details of the requested service or ordered products, and, if necessary, payment information for payment processing (this is usually encrypted and in accordance with applicable security standards) to the providers.

The legal basis for data transfer is Art. 6 para. 1 lit. b GDPR, as it is necessary for the fulfillment of the contractual relationship between you and the provider.

Providers are obliged to use the transmitted data exclusively for the processing of the requested services or deliveries and to protect the data in accordance with applicable data protection laws. They are direct contractual partners and therefore bear their own responsibility for the processing of personal data. For questions regarding their data processing, you can contact the provider directly.

3.20 Payment services

3.20.1 PayPal

We use PayPal on our website. PayPal is a payment service provider. This service is offered by PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made via this website. The respective contract and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

We also have a legitimate interest in processing this data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

When transferring data to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

3.20.2 Apple Pay

We use Apple Pay on this website. Apple Pay is a payment service provider. This service is offered by Apple Inc., Infinite Loop, Cupertino, CA 95014, USA.

For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made via this website. The respective contract and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

We also have a legitimate interest in processing this data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details:

https://www.apple.com/legal/privacy/de-ww/.

3.20.3 Google Pay

We use Google Pay on this website. Google Pay is a payment service provider. This service is offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made via this website. The respective contract and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

We also have a legitimate interest in processing this data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details:

https://policies.google.com/privacy.

3.20.4 Klarna

We use Klarna on this website. Klarna is a payment service provider. This service is offered by Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden.

For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made via this website. The respective contract and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

We also have a legitimate interest in processing this data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details:

https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

https://www.klarna.com/de/datenschutz/.

3.20.5 Sofortüberweisung

We use Sofortüberweisung on this website. Sofortüberweisung is a payment service provider. This service is offered by Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany.

For the purpose of payment processing, the payment data of the website visitor will be processed by the payment service provider as soon as a purchase is made via this website. For this purpose, the PIN and a valid TAN are transmitted to Sofort GmbH, which then logs into the online banking account. The account balance is checked, and the corresponding transfer is executed. In addition, transactions, the overdraft credit limit, and the existence of other accounts and their balances are queried. The respective terms and conditions and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

Furthermore, we have a legitimate interest in processing this data in accordance with Art. 6 para. 1 lit. f GDPR, to ensure a quick and reliable payment process.

Further details:

https://www.sofort.de/datenschutz.html

https://www.klarna.com/sofort/.

3.20.6 Shopify Payment

This website uses Shopify Payment. Shopify Payment is a payment service provider. This service is offered by Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.

For the purpose of payment processing, the payment data of the website visitor will be processed by the payment service provider as soon as a purchase is made via this website. The respective terms and conditions and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

Furthermore, we have a legitimate interest in processing this data in accordance with Art. 6 para. 1 lit. f GDPR, to ensure a quick and reliable payment process.

Further details:

https://www.shopify.de/legal/datenschutz.

3.20.7 American Express

We use American Express on this website. American Express is a payment service provider. This service is offered by American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany.

For the purpose of payment processing, the payment data of the website visitor will be processed by the payment service provider as soon as a purchase is made via this website. The respective terms and conditions and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

Furthermore, we have a legitimate interest in processing this data in accordance with Art. 6 para. 1 lit. f GDPR, to ensure a quick and reliable payment process.

American Express may transmit data to its parent company in the USA. For this purpose, American Express has Binding Corporate Rules (BCR).

Further details:

https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html

3.20.8 Mastercard

We use Mastercard on this website. Mastercard is a payment service provider. This service is offered by Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium.

For the purpose of payment processing, the payment data of the website visitor will be processed by the payment service provider as soon as a purchase is made via this website. The respective terms and conditions and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

Furthermore, we have a legitimate interest in processing this data in accordance with Art. 6 para. 1 lit. f GDPR, to ensure a quick and reliable payment process.

Mastercard may transmit data to its parent company in the USA. For this purpose, Mastercard has Binding Corporate Rules (BCR).

Further details:

https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf

https://www.mastercard.de/de-de/datenschutz.html.

3.20.9 VISA

We use VISA on this website. VISA is a payment service provider. This service is offered by Visa Europe Services Inc., London Branch, 1 Sheldon Square, London W2 6TT, Great Britain.

For the purpose of payment processing, the payment data of the website visitor will be processed by the payment service provider as soon as a purchase is made via this website. The respective terms and conditions and data protection provisions of the payment service provider apply to the respective transaction.

The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.

Furthermore, we have a legitimate interest in processing this data in accordance with Art. 6 para. 1 lit. f GDPR, to ensure a quick and reliable payment process.

For data transfers to the USA, the EU Commission's standard contractual clauses (SCC) apply.

Further details:

https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.  

3.21 Services for order processing

3.21.1 Plentymarkets

www.plentymarkets.de

3.22 Shipping service provider

For the shipping of goods ordered via our website, we work with various shipping service providers (e.g. DHL, DPD, UPS, Hermes). As part of the necessary delivery of the goods, we pass on your data (name, delivery address and, if applicable, other information required for shipping) to the respective shipping service provider.

The data transfer is based on Art. 6 para. 1 lit. b GDPR for the fulfillment of our contract. We will only transmit your email address or telephone number to the shipping service provider if you have expressly consented to this during the ordering process, for example, to enable a package notification. This consent can be revoked at any time for the future.

Further information on the data protection of our shipping service providers can be found in their respective privacy policies, which can be viewed on their websites.

3.23 Online marketplaces

We sell goods or services on online marketplaces. For this purpose, we use the following providers:

3.23.1 Amazon

We operate an Amazon shop under the following name: Rollei, which can be accessed here: https://www.amazon.de/stores/Rollei/Rollei/page/F045BA9E-1B64-4F9B-88E9-7619FAF4CBF1.

Amazon is offered by Amazon Europe Core S.à r.l., 38 avenue John F. Kennedy, L-1855 Luxembourg.

a) Data processing by Amazon

When visiting our Amazon shop, Amazon primarily processes your personal data. How this data processing takes place and what data is processed by Amazon can be found in Amazon's privacy policy: https://www.amazon.de/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ.

b) Data processing by us

If an item or service is purchased through our Amazon shop, we receive the buyer's username and the billing and delivery address from Amazon.

If "Fulfilled by Amazon" is used, Amazon manages the delivery, is responsible for customer service, and handles all issues related to the order. Further information can be found here:

https://www.amazon.de/gp/help/customer/display.html?nodeId=G239KSGYPUFUY8TQ.

If the items are not marked "Fulfilled by Amazon", we manage the delivery of the order ourselves.

Further information can be found here:

https://www.amazon.de/gp/help/customer/display.html?nodeId=GEF528GN65XSJ7V8

In this case, we also process all customer service inquiries, unless we indicate that customer service is provided by Amazon or the order is marked with the Amazon Prime badge.

c) Payment processing

Amazon handles payment processing. We do not receive any payment information. Amazon only informs us that payment has been made.

3.24 Affiliate Marketing

3.24.1 Adcell

www.adcell.de

4. Other important information

Finally, we would like to inform you in detail about your rights and how you will be informed about changes to data protection requirements.

4.1 Your Rights in detail

4.1.1 Right to information according to Art. 15 GDPR

You can request information as to whether personal data concerning you is being processed. If so, you can request further information on the nature and manner of processing. A detailed list can be found in Art. 15 para. 1 lit. a to h GDPR.

4.1.2 Right to rectification according to Art. 16 GDPR

This right includes the rectification of inaccurate data and the completion of incomplete personal data.

4.1.3 Right to erasure according to Art. 17 GDPR

This so-called 'right to be forgotten' gives you the right, under certain conditions, to demand the erasure of personal data by the controller. This is generally the case if the purpose of the data processing has ceased to exist, if consent has been revoked, or if the initial processing took place without a legal basis. A detailed list of reasons can be found in Art. 17 para. 1 lit. a to f GDPR. This "right to be forgotten" also corresponds to the controller's obligation under Art. 17 para. 2 GDPR to take appropriate measures to bring about a general erasure of the data.

4.1.4 Right to restriction of processing according to Art. 18 GDPR

This right is subject to the conditions according to Art. 18 para. 1 lit. a to d.

4.1.5 Right to data portability according to Art. 20 GDPR

This regulates the fundamental right to receive one's own data in a common format and to transmit it to another controller. However, this only applies to data processed based on consent or contract according to Art. 20 para. 1 lit. a and b and as far as this is technically feasible.

4.1.6 Right to object according to Art. 21 GDPR

You can generally object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct marketing and/or profiling.

4.1.7 Right not to be subject to a decision based solely on automated processing according to Art. 22 GDPR

You generally have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. However, this right also has restrictions and additions in Art. 22 para. 2 and 4 GDPR.

4.1.8 Further rights

The GDPR includes comprehensive rights to inform third parties about whether or how you have exercised rights under Art. 16, 17, 18 GDPR. However, this only applies insofar as this is possible or can be carried out with reasonable effort.

We would like to draw your attention again to your right to revoke granted consent according to Art. 7 para. 3 GDPR. However, the legality of the processing carried out up to that point will not be affected.

Furthermore, we would also like to draw your attention to your rights under §§ 32 et seq. BDSG, which, however, are largely congruent in content with the rights just described.

4.1.9 Right to lodge a complaint according to Art. 77 GDPR

You also have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of personal data concerning you infringes this regulation.

5. What if the GDPR is abolished tomorrow or other changes occur?

The current status of this data protection declaration is 04.07.2024. From time to time, it is necessary to adapt the content of the data protection declaration to react to actual and legal changes. We therefore reserve the right to change this data protection declaration at any time. We will publish the changed version at the same place and recommend that you read the data protection declaration regularly.

Created with friendly support from Dieter macht den Datenschutz