Data protection
Privacy policy according to Article 13 DSGVO
The use of this website may involve the processing of personal data. In order to make this processing comprehensible to you, we would like to provide you with an overview of this with the following information. To ensure fair processing, we would also like to inform you about your rights under the European Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
- The person responsible for data collection and data processing is:
My Beauty Surgery GmbH
Rosenstrasse 17
85399 Halbergmoos
The company data protection officer is:
Mr Wolfgang Grunert
Our data protection officer can be reached at the following contact details:
grunert.wolfgang@cardomed.de
If you have any questions or comments about this information, or if you wish to contact us to exercise your rights, please send your request to:
My Beauty Surgery GmbH
Rosenstrasse 17, 85399 Hallbergmoos
Telephone number: 0811 29960654
Mobile: 0176 20420027
- General information on data processing, legal basis and storage period
We process personal data in compliance with the relevant data protection regulations, in particular the DSGVO and the BDSG. Data processing by us only takes place on the basis of legal permission. When you use this website, we process personal data only with your consent (Art. 6 Para. 1 Letter A /DSGVO), for the performance of a contract to which you are a party, or at your request for the performance of pre-contractual measures (Art. 6 Para. 1 Letter B / DSGVO), for the performance of a legal obligation (Art. 6(1)(C) / GDPR) or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights and freedoms which require the protection of personal data override (Art. 6(1)(F) / GDPR).
We collect the following data:
- Salutation, first name, last name
- E-mail address
- Address
- Telephone number (landline and/or mobile)
- Date of birth
- Weight/size
We collect this data for the purpose of contacting you, direct advertising, submitting offers and fulfilling our contractual and pre-contractual obligations.
Insofar as we have obtained your consent for processing operations involving personal data, Art. 6(1)(A) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
The legal basis for direct advertising as a result of the sale of our services is Section 7 (3) UWG.
- Contact form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time. We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.
- Enquiry by email, phone call, Whats App, Fecebook and Instagram
If you contact us by e-mail, telephone or fax, your enquiry including all personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time. The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
- Disclosure of data to third parties
Your personal data will not be transferred to third parties for purposes other than those listed below. Insofar as this is necessary for the processing of the contractual relationship with you in accordance with Art. 6 para. 1 p. 1 lit. B DSGVO, your personal data will be passed on to third parties. Recipients of the data are public bodies that receive data due to legal regulations (e.g. tax authorities, debt collection), internal bodies that are involved in the execution of the respective business processes (e.g. hospitals within the EU and outside the EU, financial service providers, insurance, accounting, sales, marketing, customer service, hotel, contractual partners, business partners), insofar as this is permitted by legal regulations.
Is there an obligation for me to provide data?
The provision of personal data is not required by law for our services. You are not obliged to provide the personal data. Without this data, however, we will generally not be able to provide you with an individual offer from our clinic partners or advise you further in this regard.
Sending cost estimates by email (email dispatch)
With the following instructions, we inform you about the contents of our email sending of cost estimates as well as the registration, sending and statistical evaluation procedure and your rights of objection. By requesting a free quote, you agree to receive it and to the procedure described. Email content: We send quotes, emails and other electronic notifications with promotional information only with the consent of the recipients or a legal permission. If the contents of these are specifically described in the context of a registration, they are decisive for the consent of the users. Otherwise, they contain information about our products, offers, promotions and our company.
- Declaration of consent
By ticking the consent box when completing the contact form, you expressly give your informed consent to the collection, processing and use of the personal information, including your health data, that you provide in order for us to obtain information for options and the costs of medical services that you are interested in or that we need to verify contractual agreements with the respective doctors. and/or clinics. This includes the transfer of your medical data to hospitals, clinics and other healthcare providers within and outside the EU before your procedure and the collection of your medical data after the procedure at one of our contracted clinics. You can revoke this consent at any time with effect for the future by informing us of your revocation. Contact information and detailed information on how we handle your personal data and protect your privacy can be found in the data protection information.
- Duration of storage, deletion and blocking of personal data
Unless otherwise stated in the following notes, we only store the data for as long as is necessary to achieve the processing purpose or to fulfil our contractual or legal obligations. Such legal retention obligations may arise in particular from commercial or tax law regulations.
If the purpose of storage no longer applies or if a storage period prescribed by the European Directive and Regulation or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
- Automated data processing of the server
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are Browser type and browser version Operating system used Referrer URL Host name of the accessing computer Time of the server request IP address This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - the server log files must be recorded for this purpose.
- Cookies
Our Internet pages use so-called "cookies". Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser. Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party[1] cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to analyse user behaviour or for advertising purposes. 8 / 14 Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); the consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted. You can find out which cookies and services are used on this website in this privacy policy.
- Privacy policy on the use and application of Facebook
The controller has integrated components of the company Facebook on this website. Facebook is a social network.
A social network is a social meeting place operated on the Internet, an online community that usually allows users to communicate and interact with each other in virtual space. A social network can serve as a platform for exchanging opinions and experiences or enables the internet community to provide personal or company-related information. Facebook allows social network users to create private profiles, upload photos and network via friend requests, among other things.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the controller of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. By each call of one of the individual pages of this website, which is operated by the data controller and on which a Facebook component (Facebook plug-in) has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at developers.facebook.com/docs/plugins/ can be called up. Within the scope of this technical procedure, Facebook receives information about which specific sub-page of our website is visited by the data subject. If the data subject is logged into Facebook at the same time, Facebook recognises which specific sub-page of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated on our website, for example the "Like" button, or if the data subject posts a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data. Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is simultaneously logged into Facebook at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, he or she can prevent the transmission by logging out of his or her Facebook account before accessing our website. The data policy published by Facebook, which can be found at en-en.facebook.com/about/privacy/ provides information on the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress the transmission of data to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.
- Privacy policy on the use and application of Facebook Custom Audiences Pixels
In order to present interest-based advertisements to visitors to our website during their visit to Facebook, we use "Custom Audiences Pixel" from Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). For this purpose, we have implemented a Facebook pixel on our website, which establishes a direct connection to the Facebook servers when you visit our website. This transmits to the Facebook server that you have visited our website and Facebook assigns this information to your personal Facebook user account. For more information on the collection and use of data by Facebook, as well as your rights in this regard and options for protecting your privacy, please refer to Facebook's privacy policy at https://www.facebook.com/about/privacy/.
- Privacy policy on the use and application of Instagram
Functions of the Instagram service are integrated on this website. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram then receives information about your visit to this website. If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram. Insofar as consent has been obtained, the use of the above-mentioned service is based on Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest in the widest possible visibility in social media. If personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook or Instagram. The processing carried out by Facebook or Instagram after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook or Instagram tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook and Instagram products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ and https://de-de.facebook.com/help/566994660333381. Further information on this can be found in Instagram's privacy policy: https://privacycenter.instagram.com/policy/. The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participantsearch/participant[1]detail?contact=true&id=a2zt0000000GnywAAC&status=Active
- Privacy policy on the use and application of Google Analytics (with anonymisation function)
The controller has integrated the Google Analytics component (with anonymisation function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, compilation and evaluation of data about the behaviour of visitors to websites. Among other things, a web analysis service collects data on the website from which a data subject has accessed a website (so-called referrers), which sub-pages of the website have been accessed or how often and for how long a sub-page has been viewed. A web analysis is mainly used to optimise a website and to analyse the costs and benefits of internet advertising.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The data controller uses the addition "_gat._anonymiseIp" for web analysis via Google Analytics. By means of this addition, the IP address of the Internet connection of the person concerned is shortened and anonymised by Google if access to our Internet pages is from a member state of the European Union or from another state party to the Agreement on the European Economic Area. The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Among other things, Google uses the data and information obtained to analyse the use of our website, to compile online reports for us that show the activities on our website, and to provide other services related to the use of our website. Google Analytics places a cookie on the data subject's IT system. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyse the use of our website. Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. During the course of this technical procedure, Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements. The cookie is used to store personal information, such as the access time, the location from which access was made and the frequency of visits to our website by the data subject. Each time our website is visited, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties. The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a cookie on the data subject's IT system. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programmes. Furthermore, the data subject has the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website and the processing of this data by Google. To do this, the data subject must install a browser add-on under the Link tools.google.com/dlpage/gaoptout and install it. This browser add-on informs Google Analytics via JavaScript that no data and information on website visits may be transmitted to Google Analytics. The installation of the browser add-on is recognised by Google as an objection. If the data subject's IT system is deleted, formatted or reinstalled at a later date, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person who is attributable to their sphere of control, it is possible to reinstall or reactivate the browser add-on.
Further information and the applicable privacy policy of Google can be found at https://www.google.de/intl/de/policies/privacy/ and under http://www.google.com/analytics/terms/de.html can be retrieved. Google Analytics is accessed under this link https://www.google.com/intl/de_de/analytics/ explained in more detail.
If you click here, the opt-out cookie will be set: Deactivate Google Analytics
- Privacy policy on the use and application of Google Remarketing
The controller has integrated Google Remarketing services on this website. Google Remarketing is a function of Google AdWords that allows a company to display advertisements to Internet users who have previously visited the company's website. The integration of Google Remarketing thus allows a company to create user-related advertising and consequently to display interest-relevant advertisements to the Internet user.
The operating company of the Google Remarketing services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The purpose of Google Remarketing is to display adverts relevant to your interests. Google Remarketing enables us to display adverts via the Google advertising network or to have them displayed on other websites that are tailored to the individual needs and interests of Internet users. Google Remarketing places a cookie on the data subject's IT system. What cookies are has already been explained above. By setting the cookie, Google is able to recognise the visitor to our website when they subsequently access websites that are also members of the Google advertising network. Each time a website on which the Google Remarketing service has been integrated is accessed, the data subject's internet browser automatically identifies itself to Google. As part of this technical process, Google receives knowledge of personal data, such as the IP address or the surfing behaviour of the user, which Google uses, among other things, to display interest-relevant advertising. Cookies are used to store personal information, such as the websites visited by the data subject. Each time our website is visited, personal data, including the IP address of the internet connection used by the data subject, is therefore transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties. The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a cookie on the data subject's IT system. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programmes. Furthermore, the data subject has the option of objecting to interest-based advertising by Google. To do this, the data subject must click on the following link from each of the Internet browsers they use www.google.de/settings/ads and make the desired settings there. Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/ can be retrieved.
- Privacy policy on the use and application of Google AdWords
The data controller has integrated Google AdWords on this website. Google AdWords is an internet advertising service that allows advertisers to place adverts in Google's search engine results as well as in the Google advertising network. Google AdWords allows an advertiser to specify certain keywords in advance, which are used to display an advert in Google's search engine results only when the user uses the search engine to retrieve a keyword-relevant search result. In the Google advertising network, the adverts are distributed to relevant websites using an automatic algorithm and taking into account the previously defined keywords. The operating company of the Google AdWords services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The purpose of Google AdWords is to advertise our website by displaying interest-relevant advertising on the websites of third-party companies and in the search engine results of the Google search engine and by displaying third-party advertising on our website. If a data subject reaches our website via a Google advert, a so-called conversion cookie is stored on the data subject's IT system by Google. What cookies are has already been explained above. A conversion cookie loses its validity after thirty days and is not used to identify the data subject. If the cookie has not yet expired, the conversion cookie is used to track whether certain sub-pages, such as the shopping basket from an online shop system, have been accessed on our website. The conversion cookie enables both us and Google to track whether a data subject who has reached our website via an AdWords ad has generated sales, i.e. completed or cancelled a purchase. The data and information collected through the use of the conversion cookie is used by Google to compile visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimise our AdWords ads for the future. Neither our company nor other Google AdWords advertisers receive information from Google that could be used to identify the data subject. The conversion cookie is used to store personal information, such as the websites visited by the data subject. Each time our website is visited, personal data, including the IP address of the Internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties. The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the data subject's IT system. In addition, a cookie already set by Google AdWords can be deleted at any time via the Internet browser or other software programmes. Furthermore, the data subject has the option of objecting to interest-based advertising by Google. To do this, the data subject must click on the following link from each of the Internet browsers they use www.google.de/settings/ads and make the desired settings there. Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/ can be retrieved.
- Privacy policy on the use and application of Google Tag Manager
This website uses Google Tag Manager. The Tag Manager does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. Google's privacy policy for this tool can be found here: https://www.google.de/tagmanager/use-policy.html
- Privacy policy on the use and application of Google Doubleclick
Doubleclick by Google is a service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Doubleclick by Google uses cookies to present you with advertisements that are relevant to you. In the process, a pseudonymous identification number (ID) is assigned to your browser in order to check which advertisements were displayed in your browser and which advertisements were called up. The cookies do not contain any personal information. The use of DoubleClick cookies only enables Google and its partner websites to serve ads based on previous visits to our website or other websites on the Internet. The information generated by the cookies is transferred by Google to a server in the USA for analysis and stored there. Google observes the data protection provisions of the "Privacy Shield" agreement and is registered with the "Privacy Shield" programme of the US Department of Commerce. A transfer of data by Google to third parties only takes place on the basis of legal regulations or within the framework of commissioned data processing. Under no circumstances will Google combine your data with other data collected by Google.
By using our website, you consent to the processing of data about you by Google and to the processing of such data as described above and for the purposes set out above. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website. Furthermore, you can prevent the collection of the data generated by the cookies and related to your use of the websites to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link under the item DoubleClick deactivation extension.
- Hetzner Online GmbH
Hetzner offers cloud products which run in Nuremberg and Falkenstein on servers in Hetzner's own data centre parks in Germany. The provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereinafter referred to as Hetzner). Details can be found in Hetzner's privacy policy: https://www.hetzner.com/de/rechtliches/datenschutz. The use of Hetzner is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Order processing We have concluded an order processing agreement (AVV) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
- Strato
The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin (hereinafter referred to as "Strato"). When you visit our website, Strato collects various log files including your IP addresses. Further information can be found in Strato's privacy policy: https://www.strato.de/datenschutz/. Strato is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. Order processing We have concluded an order processing agreement (AVV) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
- Wordfence
Wordfence We have integrated Wordfence on this website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter "Wordfence"). Wordfence serves to protect our website from unwanted access or malicious cyberattacks. For this purpose, our website establishes a permanent connection to Wordfence's servers so that Wordfence can compare its databases with the accesses made on our website and block them if necessary. Wordfence is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyberattacks. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/. Source: https://www.e-recht24.de
- Clarity
This website uses Clarity. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, https://docs.microsoft.com/en-us/clarity/ (hereinafter referred to as "Clarity").
Clarity is a tool for analysing user behaviour on this website. In particular, Clarity records mouse movements and creates a graphical representation of which part of the website users scroll to most frequently (heat maps). Clarity can also record sessions so that we can view page usage in the form of videos. We also receive information about general user behaviour within our website.
Clarity uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or the use of device fingerprinting). Your personal data is stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA.
If consent has been obtained, the above-mentioned service is used exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TDDDG. Consent can be revoked at any time. If consent has not been obtained, this service is used on the basis of Art. 6 para. 1 lit. f GDPR; the website operator has a legitimate interest in effective user analysis.
Further details on Clarity's data protection can be found here: https://docs.microsoft.com/en-us/clarity/faq.
The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
- SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "https://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
- Objection to advertising emails
We hereby object to the use of contact data published as part of our obligation to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
- Cancellation policy
Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR) IF DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR). IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR)