Privacy Policy

Unless further information is provided below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obligated to provide the data. Failure to provide it will have no consequences. This only applies if no other information is provided during the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.

Your data may be transferred to third countries outside the EU, particularly to Canada and the USA, and processed there. An adequacy decision of the EU Commission exists for Canada. An adequacy decision of the EU Commission exists for the USA: the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to those of the EU Commission's standard contractual clauses.

Contact person
​
Please contact us if you wish. The person responsible for data processing is: Farah Saeed, Theodor-Fahr-Straße 3, 22419 Hamburg , Germany, +49 15117665261, Kundenservice@alwera.de

Customer's proactive contact via email
If you initiate business contact with us via email, we will only collect your personal data (name, email address, message text) to the extent you provide it. This data processing serves to process and respond to your contact request.
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing will be carried out on the basis of Art. 6 (1) (f) GDPR, based on our predominantly legitimate interest in processing and responding to your inquiry. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time for reasons arising from your particular situation.
We will only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

If your request is related to a contract, processing will be based on Art. 6 (1) (b) GDPR; otherwise, processing will be based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR.

Collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, email address, message text) only to the extent you provide it. Data processing serves the purpose of establishing contact.
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing will be carried out on the basis of Art. 6 (1) (f) GDPR, based on our predominantly legitimate interest in processing and responding to your inquiry. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time for reasons arising from your particular situation.
We will only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

WhatsApp Business
If you contact us via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process the mobile phone number stored with WhatsApp, your name, and other data to the extent you provide it. We use a mobile device for the service, whose address book only stores data from users who have contacted us via WhatsApp. Personal data will therefore not be passed on to WhatsApp without your prior consent.
Your data will be transmitted by WhatsApp to a Meta Platforms Inc. server in the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself according to the TADPF and is thus committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g., advice in the event of a purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing is based on Art. 6 (1) (f) GDPR, based on our predominantly legitimate interest in providing a quick and easy way to contact you and in answering your inquiry. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time for reasons arising from your particular situation.
We will only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .

You can revoke contact via WhatsApp at any time.

Orders

Your data may be transferred to third countries outside the EU, particularly to Canada and the USA, and processed there. An adequacy decision of the EU Commission exists for Canada. An adequacy decision of the EU Commission exists for the USA: the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to those of the EU Commission's standard contractual clauses.

Reviews Advertising

Website logo for Google Customer Reviews
The website logo for Google Customer Reviews of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) is integrated into our website.
The purpose of the integration is to advertise the number and results of our reviews received so far via Google and participation in this program.
To display the logo on our website and to show you personalized ads on Google, Google uses cookies. This may include, among other things, your IP address being processed and transmitted to Google.
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
Further information on terms of use and data protection when using Google Customer Reviews can be found at https://www.google.com/shopping/customerreviews/static/tos/de/1_01_tos.html and at https://policies.google.com/privacy?hl=de

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. Google uses cookies to analyze your use of the website. The information generated by cookies is usually transferred to a Google server in the USA and stored there.

IP anonymization is active on this website. Your IP address will be shortened by Google within the EU. Only in exceptional cases will the full IP address be transmitted to the USA and shortened there.

You can prevent Google Analytics from collecting your data by installing the browser plug-in available at the following link:

https://tools.google.com/dlpage/gaoptout
Download page for browser add-on to deactivate Google Analytics.
Available for Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Edge.
tools.google.com

Google Ads (conversion tracking)

We use Google Ads Conversion Tracking to analyze the success of our advertising efforts on Google. A cookie is set as soon as you click on an ad served by Google. The information collected is used to compile conversion statistics.

Use of the Trusted Shops rating system (Trustbadge)
We use the rating system of Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne (“Trusted Shops”) on our website.
Trusted Shops and we are jointly responsible for the collection of your data when you use the service and the transmission of this data to Trusted Shops. This is based on an agreement between us and Trusted Shops regarding the joint processing of personal data.
Accordingly, we and Trusted Shops are equally responsible for fulfilling the obligations under the GDPR, in particular for fulfilling the information obligations under Articles 13 and 14 GDPR and for granting the rights of data subjects under Articles 15–21 GDPR. Further information can be found at https://help.etrusted.com/hc/de/article_attachments/4422901015569 .
Trusted Shops enables us to collect customer reviews and display them on our website via the “Trustbadge” to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Trusted Shops to submit a review and then submit a review. We or Trusted Shops will process the following data: email address, order information (order total, order number, and, if applicable, purchased product). This data may also be used to verify your review.
When you visit our website and display the Trustbadge, we or Trusted Shops also process the following data: your IP address, the date and time of the visit, the amount of data transferred and the requesting provider.
Processing is based on Art. 6 (1) (a) GDPR with your consent, provided that you have expressly consented to the transfer of your data and to receiving the request for feedback. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection at Trusted Shops can be found at: https://www.trustedshops.de/impressum-datenschutz/#datenschutz .

Cloud services

To operate our website, we use cloud services from CentCloud, a provider based in Germany. Personal data, such as order, usage, and connection data, is processed on CentCloud's servers.

CentCloud acts as a processor within the meaning of the General Data Protection Regulation (GDPR) and processes data exclusively in accordance with our instructions.

A corresponding order processing agreement (AVV) was concluded with CentCloud to ensure secure and data protection-compliant processing.

Personal data, such as order, usage and connection data, are processed on CentCloud's servers.

CentCloud acts as a processor within the meaning of the General Data Protection Regulation (GDPR) and processes the data exclusively in accordance with our instructions.

A corresponding order processing agreement (AVV) was concluded with CentCloud to ensure data protection-compliant processing.

The data will only be stored for as long as necessary for the respective purposes or as required by law.

Use of the email address for sending newsletters
We use your email address to send you information and offers via newsletter, provided you have expressly consented to this. Data processing serves exclusively for the purpose of commercial communication. For this purpose, we process your email address and, if applicable, other data that you have voluntarily provided when registering for our newsletter.
The processing is based on Art. 6 (1) (a) GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list. Despite removal from the mailing list, we can still save your email address in a specific order. Blacklist to prevent you from receiving newsletter emails from us in the future. This storage is based on Art. 6 (1) (f) GDPR out of our and your legitimate interest in preventing the further use of your email address to send our newsletter. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.

Use of the email address for sending direct mail
We use your email address, which we received as part of the sale of a product or service, to electronically send advertising for our own products or services that are similar to those you have already purchased from us, unless you have objected to this use. Providing the email address is necessary to conclude the contract. Failure to provide it will result in no contract being concluded. Processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our predominantly legitimate interest in direct advertising. You can object to this use of your email address at any time by notifying us. The contact details for exercising your objection can be found in the legal notice. You can also use the link provided for this purpose in the advertising email. There are no costs for this other than the transmission costs according to the basic rates.

Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) to send the newsletter as part of order processing.
We will forward the information you provide during newsletter registration (email address, first and last name if applicable) to Klaviyo. Data processing serves the purpose of sending the newsletter and its statistical analysis.
To evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data, such as your IP address, browser type and device, and the time of access. This data can be used to create user profiles under a pseudonym. The collected data is not used to identify you personally. The collected data is used solely for statistical analysis to improve newsletter campaigns.
Your data is generally transferred to a Klaviyo server in the USA and stored there. For the USA, the EU Commission has an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself according to the TADPF and is thus committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR, based on our predominantly legitimate interest in a targeted, effective, and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement .

The newsletter will only be sent after the best possible registration (double opt-in)

Use of the mobile phone number for sending SMS advertising
Regardless of the contract processing, we will use your mobile phone number exclusively for our own advertising purposes to send SMS advertising, provided you have expressly consented to this.
The processing is based on Art. 6 (1) (a) GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of your consent until the revocation. Your mobile phone number will then be removed from the mailing list.

Your mobile phone number will be passed on to a service provider for sending SMS messages as part of order processing.

Payment service providers

Using PayPal Express
We use the PayPal Express payment service provided by PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The purpose of data processing is to offer you payment via the PayPal Express payment service.
To integrate this payment service, PayPal is required to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, and device location) when you visit the website. Cookies may also be used for this purpose. These cookies enable your browser to be recognized.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) (s) 1 TDDDG in conjunction with Art. 6 (1) (a) GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 (1) (b) GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS Use of PayPal Check-Out 




We use the PayPal Check-Out payment service provided by PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The purpose of processing your data is to offer you payment via this payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal, or "Pay Later" via PayPal, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is based on Art. 6 (1) (b) GDPR.

Cookies may be stored here that enable your browser to be recognized. The data processing that takes place in this process is based on Art. 6 (1) (f) GDPR, based on our predominantly legitimate interest in offering a customer-oriented range of payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.

Credit card via PayPal, direct debit via PayPal & “Pay later” via PayPal
For certain payment methods such as credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values ​​(score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, data. Your legitimate interests will be taken into account in accordance with the statutory provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in protection against payment default if PayPal makes an advance payment.
You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time by notifying PayPal, for reasons related to your particular situation. Providing this data is necessary for concluding the contract using your preferred payment method. Failure to provide this data will result in the contract not being concluded using your chosen payment method.

From third parties
When paying using a third-party payment method, the data required for payment processing will be transmitted to PayPal. This processing is based on Art. 6 (1) (b) GDPR. To process this payment method, PayPal may then forward the data to the respective provider. This processing is based on Art. 6 (1) (b) GDPR. Local third-party providers can include, for example:

• Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
• Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)

Purchase on account via PayPal
When paying using the purchase on account payment method, the data required for payment processing is first transmitted to PayPal. To process this payment method, PayPal transmits the data to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 (1) (b) GDPR. Ratepay may conduct a credit check based on mathematical-statistical procedures (probability or score values) using credit agencies according to the processes already described above. The data is processed for the purpose of credit checks for the initiation of a contract. The processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our predominantly legitimate interest in protecting against payment default when Ratepay makes advance payments. Further information on data protection and which credit agencies use Ratpay can be found at https://www.ratepay.com/legal-zahlungsdatenprivacy/ and https://www.ratepay.com/legal-zahlungskreditagencies/ .

Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .

Use of GDPR Legal Cookie
We use the consent management tool DSGVO Legal Cookie from iubenda srl ​​​​(Via San Raffaele 1, 20121 Milan, Italy; “iubenda”) on our website.
The tool enables you to give consent to data processing via the website, in particular the setting of cookies, as well as to exercise your right of revocation for consents already given.
The purpose of data processing is to obtain and document the necessary consent to data processing and thus comply with legal obligations. Cookies may be used for this purpose. Among other things, the following information may be collected and transmitted: anonymized IP address, date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, and consent status. This data will not be shared with other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 (1) (c) GDPR.
Further information on iubenda's terms of use and data protection can be found at: https://www.iubenda.com/nutzungsbedingungen/31059378 and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung .

Analysis Advertising Tracking Communication

Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. Google will use the information obtained on behalf of the website operator to evaluate your use of the website, to compile reports on website activity, and to provide the website operator with other services related to website activity and internet usage.
The following information may be collected, among other things: IP address, date and time of the page visit, click path, information about the browser and device you use (device), pages visited, referrer URL (website from which you accessed our website), location data, purchasing activities. Google may link your data with other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google has about you.

The IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area.

Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR. You may revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.

The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, the EU Commission has adopted an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is thus committed to adhering to European data protection principles. Both Google and US government authorities have access to your data.

Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .

Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The data processing serves the purpose of renting advertising space on the website and using this to target website visitors with interest-based advertising. Using this function, visitors to the provider's website are shown personalized, interest-based advertisements from the Google Display Network. Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to adhering to European data protection principles. Google may transfer this information to third parties where required to do so by law or where third parties process the data on Google's behalf. Under no circumstances will Google associate your IP address with any other data held by Google.
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
Further information and Google's privacy policy can be found at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/

Use of the Pinterest tag
We use the Pinterest tag of Pinterest Europe Limited (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland “Pinterest”) on our website.
The application serves the purpose of targeting website visitors with interest-based advertising on the Pinterest social network. For this purpose, the Pinterest conversion tag has been implemented on the website. This tag establishes a direct connection to the Pinterest servers when you visit the website. This transmits to the Pinterest server which of our pages you have visited. Pinterest assigns this information to your personal Pinterest user account if you are logged into the social network. When you visit Pinterest, you will then see personalized, interest-based Pinterest ads.
If you access our website via a pin on the Pinterest social network, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Pinterest and we can recognize that you clicked on the pin and were redirected to this page. The information collected with the help of the conversion cookie is used to create conversion statistics and thus to optimize our website. The following information, among others, can be processed: total number of users who clicked on one of our pins and were redirected to our website, subpages visited on our website (e.g. category or product pages), search queries on our website, your shopping cart contents, completed transactions.
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF. Data transfers are based, among other things, on standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
For more information about how Pinterest collects and uses data, your rights in this regard, and options for protecting your privacy, please see Pinterest’s privacy policy at https://policy.pinterest.com/de/privacy-policy .

Using TikTok Pixel
We use the TikTok pixel on our website from TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; "TikTok Ireland") and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; "TikTok UK"). Both companies are joint controllers for data processing (hereinafter "TikTok").
The data processing serves the purpose of identifying and analyzing our customers' website access, as well as improving customer engagement through targeted advertising and evaluating the effectiveness of advertisements on TikTok. To do this, TikTok uses technologies such as cookies and pixels that enable recognition of your browser. The following information, among others, may be collected and transmitted to TikTok: date and time of the visit, information about the browser and device type you use, screen resolution, IP address. TikTok can assign this information to your personal TikTok user account. User profiles can be created from the data collected in this way using pseudonyms. However, this does not allow personal identification of the user.
Your data may be transferred to third countries, such as the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified under the TADPF. Data transfers to the USA and to third countries without an adequacy decision are based, among other things, on standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
Further information on data protection can be found at https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller .

Plug-ins and other


Use of social plug-ins
We use social network plug-ins on our website. The integration of social plug-ins and the associated data processing serve the purpose of optimizing advertising for our products.
When social plug-ins are integrated, a link is established between your computer and the servers of the provider of the social network. The plug-in is displayed on the page by a message to your browser, provided you have expressly consented to this. Both your IP address and the information about which of our pages you have visited are transmitted to the provider's server. This applies regardless of whether you are registered or logged in to the social network. Data is also transmitted to users who are not registered or logged in. If you are connected to one or more of your social network accounts at the same time, the information collected can also be assigned to your corresponding profiles. When you use the plug-in functions (e.g. by clicking the button), this information is also assigned to your user account. You can prevent this assignment if you log out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
The social networks listed below are integrated into our website via social plug-ins. Further information on the scope and purpose of data collection and use, as well as your rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of our data when the service is integrated and the transmission of this data to Facebook. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . According to this agreement, we are particularly responsible for fulfilling the information obligations pursuant to Art. 13 and 14 GDPR, for adhering to the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33 and 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the agreement on joint processing. Meta Platforms Ireland is responsible for enabling the rights of data subjects in accordance with Articles 15 - 20 GDPR, for complying with the security requirements of Article 32 GDPR with regard to the security of the service and for complying with the obligations under Articles 33 and 34 GDPR insofar as a breach of the protection of personal data affects Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is thus committed to complying with European data protection principles.
For more information about the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, please see Facebook's privacy policy at https://www.facebook.com/about/privacy/ .

LinkedIn ( Linkedin Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland )
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn has certified itself according to the TADPF and is thus committed to complying with European data protection principles.

Pinterest from Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

Use of social plug-ins via “Shariff”
We use social network plug-ins on our website. To ensure you retain control over your data, we use the privacy-safe "Shariff" buttons.
Without your express consent, no connections will be established to the social network servers and no data will be transmitted.
"Shariff" was developed by specialists at the computer magazine c't. It enables greater privacy online and replaces the usual "share" buttons on social networks. Further information on the Shariff project can be found here: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html .
When you click the buttons, a pop-up window appears where you can log in to the respective provider using your data. Only after this active login will you establish a direct connection to the social networks.
By logging in, you consent to the transfer of your data to the respective social media provider. This includes, among other things, your IP address and information about which of our pages you have visited. If you are connected to one or more of your social network accounts at the same time, the collected information will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks listed below are integrated using the "Shariff" function.
Further information on the scope and purpose of the collection and use of data as well as your rights and options for protecting your privacy can be found in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is thus committed to complying with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388 .
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is thus committed to complying with European data protection principles.

LinkedIn ( Linkedin Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland )
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn has certified itself according to the TADPF and is thus committed to complying with European data protection principles.

Pinterest from Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

Use of social plug-ins using the “2-click solution”
We use social network plug-ins on our website using the "2-click solution." This means that no connection to the social network servers is established and no data is transmitted without your express consent.
With the standard integration of plug-ins, when you visit the pages of our website that contain such a plug-in, a link is established between your computer and the servers of the provider of the social network. The plug-in is displayed on the page by a message to your browser. Both your IP address and the information which of our pages you have visited are transmitted to the provider's server. This applies regardless of whether you are registered with the social network or logged in. Transmission also takes place for unregistered or non-logged-in users. If you are also logged in to the Facebook social network, this information is assigned to your personal user account. When you use the plug-in functions (e.g. by clicking the button), this information is also assigned to your user account. You can only prevent this by logging out before using the plug-in. So that you retain control over your data, we have decided to deactivate the corresponding button for the time being. You can recognize this by the grayed-out button. Without your express consent – ​​by activating the button – no data will be sent to the social network's server and no data will be transmitted.
Only when you activate the button does the button become active (highlighted in color) and a direct connection to the servers of the social network is established.
By activating the social network, you consent to the transfer of your data to the respective provider of the social network. This will include, among other things, your IP address and information about which of our pages you have visited. If you are simultaneously connected to one or more of your social network accounts, the collected information will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your social network user accounts before visiting our website and before activating the buttons.
The social networks listed below are integrated using the "2-click" function. Further information on the scope and purpose of data collection and use, as well as your rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is thus committed to complying with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
http://instagram.com/legal/privacy/
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is thus committed to complying with European data protection principles.

LinkedIn ( LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ):
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn has certified itself according to the TADPF and is thus committed to complying with European data protection principles.

Pinterest from Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA):
https://policy.pinterest.com/de/privacy-policy
https://help.pinterest.com/de/articles/personalization-and-data
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

Using Facebook's single sign-on feature
We use the single sign-on function (formerly Facebook Connect) of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data when integrating the service and the transmission of this data to Facebook. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . According to this agreement, we are particularly responsible for fulfilling the information obligations pursuant to Art. 13 and 14 GDPR, for adhering to the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33 and 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the agreement on joint processing. Meta Platforms Ireland is responsible for enabling the rights of data subjects in accordance with Articles 15 - 20 GDPR, for complying with the security requirements of Article 32 GDPR with regard to the security of the service and for complying with the obligations under Articles 33 and 34 GDPR insofar as a breach of the protection of personal data affects Meta Platforms Ireland's obligations under the joint processing agreement.
This feature allows website visitors to log in to the website using their existing Facebook account. Data processing serves the purpose of verification during registration, personalization, and interest-based advertising.
In order to offer the function on the website, a connection to the Facebook server is established. Cookies are used for this purpose. The following information, among others, may be collected and transmitted to Facebook: IP address, browser information, referrer URL (website from which you accessed our website), location data. This applies regardless of whether you are registered with the social network or logged in. Transmission also takes place for unregistered or unlogged-in users. If you are connected to one or more of your social network accounts at the same time, the collected information can also be assigned to your corresponding profiles. You can prevent this assignment if you log out of your social media accounts before visiting our website and before activating the buttons. Your data may be transmitted to the USA. For the USA, the EU Commission has an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
When using the single sign-on feature, the website visitor's Facebook profile is linked to a customer account for this website. Facebook provides us with personal data about the user, as specified during the login process. This may include, among other things, the following information: name, address, public profile information (e.g., name, profile picture, age, gender), email address, friends lists, and "likes."
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
For more information about the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, please see Facebook's privacy policy at https://www.facebook.com/about/privacy/ .

Use of YouTube
We use the YouTube video embedding feature provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is an affiliate of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
This feature displays videos stored on YouTube in an iFrame on the website. The "Enhanced Data Protection Mode" option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. For the USA, the EU Commission has adopted an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
For more information about the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy, please see YouTube's privacy policy at https://www.youtube.com/t/privacy .

Integration of the Händlerbund member logo
The Händlerbund member logo (Händlerbund eV, Kohlgartenstraße 11-13, 04315 Leipzig) is integrated into our website. When you visit our website, the browser used on your device automatically sends information to the Händlerbund eV server. This information is stored in a server log file for a limited period of time and for 7 days. The following information is collected without your intervention and stored until automatically deleted:

• IP address of the requesting computer,
• Date and time of access,
• Name and URL of the retrieved file,
• Website from which access is made (referrer URL),
• browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The temporary storage of the IP address by the system is necessary to enable delivery of the website. For this purpose, the IP address must be stored for the duration of the session. Storage in log files is done to ensure the functionality of the website. Furthermore, the data is used to optimize the website and ensure the security of the information technology systems. This data is not stored together with other personal data. The legal basis for data processing is Art. 6 (1) (f) GDPR.

 
Integration of the logo of the “FairCommerce” initiative
The logo of the “FairCommerce” initiative (Händlerbund eV, Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website.
When you visit our website, the browser used on your device automatically sends information to the
sent to the Händlerbund eV server. This information is temporarily stored in a so-called server log file for 7 days.
Information is collected without your intervention and stored until it is automatically deleted:
IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The temporary storage of the IP address by the system is necessary to enable delivery of the website.
The IP address must be stored for the duration of the session. The storage in log files is done to ensure the functionality of the
website. In addition, the data is used to optimize the website and to ensure the security of the
information technology systems. This data is not stored together with other personal data.
The legal basis for data processing is Art. 6 (1) (f) GDPR.

Integration of the buyer seal logo
The buyer seal logo (Händlerbund Management AG, Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website.
When you visit our website, the browser used on your device automatically sends information to the
sent to the Händlerbund Management AG server. This information is temporarily stored in a so-called server log file for 7 days.
The following information is collected without your intervention and stored until it is automatically deleted:
IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
browser used, protocol and, if applicable, the operating system of your computer as well as the name of your access provider.
The temporary storage of the IP address by the system is necessary to enable delivery of the website.
The IP address must be stored for the duration of the session. The storage in log files is done to ensure the functionality of the
website. In addition, the data is used to optimize the website and to ensure the security of the
information technology systems. This data is not stored together with other personal data.
The legal basis for data processing is Art. 6 (1) (f) GDPR.

Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of ensuring a consistent display of fonts on our website. To load the fonts, a connection to Google servers is established when the page is accessed. Cookies may be used for this purpose. Among other things, your IP address and information about the browser you use are processed and transmitted to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. Your personal data is processed with your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq .

Use of Adobe Fonts
We use Adobe Fonts from Adobe Systems Software Ireland Limited (4-6 Riverwalk Citywest Business Campus,
Dublin 24, Ireland; “Adobe”).
The data processing serves the purpose of uniform display of fonts on our website. To load the fonts,
When you visit a page, a connection is established to Adobe servers. Cookies may be used for this purpose. Among other things, your IP address
Address as well as information about the browser and operating system you use are processed and transmitted to Adobe.
Your data may be transferred to third countries, such as the USA and India. There is no EU adequacy decision for India.
Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy
Framework (TADPF). Adobe has certified itself according to the TADPF and is thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with
Art. 6 (1) (a) GDPR. Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR.
a GDPR. You can revoke your consent at any time without affecting the legality of the processing based on your consent until the revocation.
processing carried out.
Further information on data processing and data protection can be found at https://www.adobe.com/de/privacy/policy.html
at https://www.adobe.com/de/privacy/policies/adobe-fonts.html
.
Use of FontAwesome
We use Font Awesome from Fonticons Inc. (307 S Main St., Suite 202, Bentonville, AR, 72712-9214 USA) on our website.
Awesome”). The data processing serves the purpose of uniform display of fonts and icons on our website.
To load fonts, a connection to FontAwesome servers is established when the page is accessed.
Cookies may be used for this purpose. This includes, among other things, your IP address and information about the browser you use.
processed and transferred to Font Awesome. Your data may be transferred to third countries, such as the USA. For the USA,
The EU Commission has an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Font Awesome is not
certified according to TADPF.
The use of cookies or similar technologies is based on your consent in accordance with Section 25 (1) (1) TDDDG in conjunction with
Art. 6 (1) (a) GDPR. Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR.
a GDPR. You can revoke your consent at any time without affecting the legality of the processing based on your consent until the revocation.
processing carried out.
Further information on data processing and data protection can be found at https://fontawesome.com/privacy
as well as under
https://fontawesome.com/support
.

Rights affected and storage period

Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then in accordance with statutory retention periods, in particular those under tax and commercial law, and then deleted after the expiry of the period unless you have consented to further processing and use.

Rights of the data subject
If the legal requirements are met, you are entitled to the following rights under Articles 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, according to Art. 21 (1) GDPR, you have the right to object to processing based on Art. 6 (1) (f) GDPR and to processing for direct marketing purposes.
Right to lodge a complaint with a supervisory authority (Article 77 GDPR).

Right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.

You can lodge a complaint with the supervisory authority responsible for us, which you can reach at the following contact details:

Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22, 7th floor
20459 Hamburg
Phone: +49 40 428544040
Fax: +49 40 428544000
Email: mailbox@datenschutz.hamburg.de

Right of objection
If the personal data processing listed here is based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with future effect for reasons arising from your particular situation.
Once you have objected, the processing of the data in question will be stopped unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After your objection, we will stop processing the data concerned for direct marketing purposes.