HUUS

Privacy policy

Privacy policy

(Data protection declaration (GDPR compatible))

  1. Information on the collection of personal data and contact details of the person responsible
  2. Data collection when visiting our website
  3. Cookies
  4. Data processing for order processing
  5. Data processing when opening a customer account and for contract processing
  6. Contacting
  7. Use of single sign-on procedures
  8. Use of your data for direct advertising
  9. Use of social media: social plugins
  10. Use of social media: video
  11. Online marketing
  12. Web analysis services
  13. Retargeting / remarketing / recommendation advertising
  14. Using a live chat system
  15. Tools and others
  16. Rights of the data subject
  17. Duration of storage of personal data

  1. Information on the collection of personal data and contact details of the person responsible

1.1 Thank you for visiting our website. In the following, we would like to inform you about how we handle your personal data when you use our website. Personal data is basically all data with which you can be personally identified.

1.2 The person responsible for the processing of data on our website in accordance with the Data Protection Basic Regulation (GDPR):

Huus UG

Knaackstrasse 71

10435 Berlin

Germany

Phone: +491729532452

e-mail: hello@huus.io

1.3 To protect the security of your data during transmission, we use state-of-the-art encryption procedures (eg SSL or TSL) via HTTPS.

  1. Data collection when visiting our website

Whenever you visit our website, our system automatically records data and information that your browser sends to our server (so-called "server log files"). The following data, which is technically necessary for us, is collected:

- Our visited website

- Date and time of access

- Quantity of data sent in bytes

- Source/reference from which you accessed the site

- Operating system used

- Used browsers

- IP address used (possibly: in anonymized form

The legal basis for the processing is Art. 6 para. 1 lit. f GDPR due to our legitimate interest in improving the stability and maintaining the functionality of our website. The data will not be passed on or used in any other way. The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session. We reserve the right to subsequently check the server log files if there are concrete indications of illegal use. The data will be deleted as soon as they are no longer required for the purpose of their collection. In the case of the collection of data for the purpose of providing the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an allocation of the calling client is no longer possible. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection on the part of the user.

  1. Cookies

Our website uses cookies.

Cookies are text files that are stored on the user's terminal device. If a user calls up a website, a cookie can be stored on the user's operating system. Some functions of our website cannot be offered without the use of cookies. This requires the browser to be recognized even after a page change. The user data collected by technically necessary cookies is not used to create user profiles. In the above-mentioned purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 Para. 1 lit. f) GDPR.

In addition, our website uses cookies that enable an analysis of the surfing behavior of the users (so-called third party cookies). Further information on the scope, purpose, legal basis and objection possibilities can be found in the respective sections of the relevant chapter of this data protection declaration.

You as a user have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate, restrict or delete the transmission of cookies. If you deactivate cookies for our website, it is possible that not all functions of the website can be fully used. You can prevent the transmission of flash cookies by changing the settings of the flash player.

Help on the settings can be found in the respective help menu of your browser under the following links: Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies Firefox: https://support.mozilla.org/de/kb/cookies-allow-and-reject

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647 Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac

Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Some of the cookies used here are deleted again after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie.

  1. Data processing for order processing

4.1 If you would like to order in our web shop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order. The data provided by you

will be processed for the processing of your order.

In some cases we work together with external service providers to process your order. For this purpose we have to pass on the personal data required for this purpose.

If we commission transport companies with the delivery of your goods, we will pass on your data required for the delivery of the goods to the respective transport company. For the processing of payments, we will pass on your data to the commissioned credit institution as necessary. If we use payment service providers, you will also be informed about this in the following. The legal basis for the passing on of your data is Art. 6 para. 1 lit. b GDPR.

4.2 Use of payment service providers

-Paypal

If you choose the payment method PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment by installations" via PayPal, payment will be processed by PayPal (Europe) Sarl et Cie, SCA , 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal").

In accordance with Art. 6 Para. 1 lit. b GDPR, we pass on your personal data to PayPal as required. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment by installations" via PayPal.

For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 letter f GDPR due to PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit assessment with regard to the statistical probability of non-payment to decide on the provision of the respective payment method. The credit report may contain probability values ​​(so-called score values). Insofar as score values ​​are included in the result of the creditworthiness information, these are based on a scientifically recognized mathematical-statistical procedure. Among other things, but not exclusively, address data are included in the calculation of the score values.

Which further data is collected by PayPal can be found in the respective PayPal privacy policy. This can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary to process payments in accordance with the contract.

- Shopify Payments

We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2 If you choose a payment method offered through the payment service provider Shopify Payments, the payment will be processed through the technical service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on the information you provide during the ordering process together with the information about your order (name, address, account number, bank code, credit card number (if applicable), invoice amount, currency and transaction number) in accordance with Art. 6 para. 1 lit. b GDPR. Your data will only be passed on for the purpose of payment processing with Stripe Payments Europe Ltd. and only insofar as it is necessary for this purpose. You can find more detailed information on Shopify Payments' data protection at the following Internet address: https://www.shopify.com/legal/privacy

For information on data protection laws regarding Stripe Payments Europe Ltd. please visit: https://stripe.com/de/privacy

4.3 Google Pay

If you select the payment method "Google Pay" (a service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google")), the payment processing will be arranged via the "Google Pay" application of your Android (at least 4.4 "KitKat") operated mobile device with NFC function. Payment is made using one of your payment cards deposited with Google Pay or a payment system verified there (eg PayPal). To release a payment via Google Pay of more than EUR 25, you must first unlock your mobile device. The information you provide when ordering is passed on to Google for the purpose of payment processing. Google generates a unique transaction number which is transmitted to the order website to verify the payment. This transaction number is simply a numeric token that does not contain any information about your details. The actual transaction is carried out between the user and the order website by debiting the means of payment deposited with Google Pay. Personal data may be processed during the described procedures. In this case the processing is carried out for the

Purposes of payment processing in accordance with Art. 6 para. 1 letter b GDPR.

Further information, in particular information on how Google handles your data, can be found here: Terms of use of Google Pay https://payments.google.com/payments/apis

secure/u/0/get_legal_document?ldo=0&ldt =googlepaytos&ldl=the privacy of Google: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=pri vacynotice&ldl=en

  1. Data processing when opening a customer account and for contract processing

If you open a customer account with us, personal data will be collected and processed in accordance with Art. 6 para. 1 lit. b GDPR. The scope of the data can be seen from the input form. The data entered by you will be stored and used by us for the purpose of contract processing.

You can delete your customer account at any time. This can be done by sending a message to the address of the person responsible or, if offered, directly in the customer account. In this case we will also block your data with regard to tax and commercial law retention periods and delete them after these periods have expired. This can only be opposed by your consent to permanent storage or legally permitted further use of your data on our part.

  1. Contacting

If you contact us via contact form, the data entered in the input mask will be transmitted to us and stored. The collected data can be taken from the respective input mask. If you contact us by e-mail, only the data you enter there will be transmitted to us.

The data will be used exclusively for processing the conversation and your request. The legal basis for the processing of the data is Art. 6 para. 1 lit. a) GDPR if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 letter f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b) GDPR. The data will be deleted as soon as they are no longer required for the purpose for which they were collected and provided that there are no statutory retention obligations to the contrary. For personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be concluded from the circumstances that the matter in question has been conclusively clarified. The user has the opportunity to revoke his or her consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued.

  1. Use of single sign-on procedures

Facebook Connect Sign in

We use on our website the "Facebook Connect", a plugin of the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA) (hereinafter referred to as "Facebook"). You can use it to create a customer account or to log in using the so-called Single Sign On technology if you have a Facebook profile. If you call up one of our websites that has such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the Facebook plugin is then

directly to your browser and integrated into the page. In this way Facebook receives the information that

your browser has called up the respective website, even if you do not have a Facebook profile or are not logged in to Facebook at the moment. This information (including your IP address) is transmitted by your browser directly to a Facebook server and stored there, whereby transmission to the USA is also possible.

Our legitimate interest lies in enabling a quick and uncomplicated registration process for our customers. The legal basis is therefore Art. 6 para. 1 lit. f GDPR.

The legitimate interest of Facebook lies in the insertion of personalized advertising based on the surfing behavior of the users. The legal basis is therefore Art. 6 para. 1 lit. f GDPR.

You can also register and log in on our website with your Facebook data without using the Facebook button.

Only if you have given your express consent prior to the registration process with regard to the exchange of data with Facebook in accordance with Art. 6 Para. 1 lit. a GDPR will we receive the general and publicly accessible information stored in your profile when you use the Facebook button from Facebook. This information is only passed on in accordance with your personal data protection settings on Facebook. This information includes the user ID, name, profile picture, age and gender.

Please note that after changes to the privacy policy and terms of use of Facebook, when you give your consent, your profile pictures, your friends' user IDs and your friend list may also be transferred, provided you have marked them as "public" in your privacy settings on Facebook.

The data transmitted to us by Facebook is stored and processed by us to create a user account with the necessary data. Based on your consent, data (eg information on your surfing or purchasing behavior) can also be transferred by us to your Facebook profile.

The consent given can be revoked at any time by sending a message to the person responsible for processing your data.

Further information can be found in the Facebook privacy policy:

http://www.facebook.com/policy.php

If you do not want the data collected on our website to be assigned to your Facebook profile, you must log out of Facebook before visiting our website.

You can also completely prevent the loading of the Facebook plugins with add-ons for your browser, eg with "Adblock Plus" (https://adblockplus.org/de/).

  1. Use of your data for direct advertising

8.1 Newsletters

On our website you can subscribe to a free newsletter. When registering for the newsletter, the data from the input mask is transmitted to us. Only your email address is mandatory. If you make further voluntary entries, these will only be used for personal contact.

The legal basis for the processing of your data after registration for the newsletter is

Consent of the user Art. 6 para. 1 letter a GDPR. We obtain this by sending you a confirmation e-mail after registering for the newsletter, which contains a confirmation link. When you click on this link, you also give your consent to receive the newsletter.

When you send your registration for the newsletter, we save your IP address as well as the date and time of registration. This storage serves the purpose of tracing a possible misuse of your e-mail address.

We use the data we collect when you register for the newsletter exclusively for the purpose of sending the newsletter.

You can cancel your subscription to the newsletter at any time. For this purpose there is a corresponding link in every newsletter. This also enables you to revoke your consent to the storage of personal data collected during the registration process.

8.2 Newsletter for existing customers

If you purchase goods or services on our website and enter your e-mail address, we may subsequently use this to send you a newsletter. In such a case, the newsletter will only be used to send direct advertising for our own similar goods or services.

The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG and Art. 6 (1) lit. f GDPR. In this respect, data processing is based solely on our justified interest in personalized direct advertising.

If you have already objected to the use of your email address for direct marketing purposes, you will not receive this newsletter. However, you have the possibility of objecting to the use of your e-mail address for the advertising purpose mentioned here at a later date and at any time by notifying us. After receipt of your objection, the use of your e-mail address for advertising purposes will be immediately discontinued.

8.3 Sending the newsletter via MailChimp

We send our newsletter via The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/; hereinafter referred to as "Mailchimp"). We pass on your data entered during the registration for the newsletter to Mailchimp in accordance with art. 6 para. 1 lit. f GDPR to protect our legitimate interest in the use of an effective, secure and user-friendly newsletter system.

MailChimp uses this data to send the newsletter to you on our behalf and for statistical analysis of the newsletter on our behalf. For this purpose, the emails contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. In this way it can be traced whether a newsletter message has been opened and which links from it have been clicked on. MailChimp thus automatically generates general, non-personal statistics about the reaction behavior to newsletters.

We also have a legitimate interest in the statistical evaluation of the newsletter in order to optimize our advertising communication. For this purpose, the web beacons are used in accordance with article 6 paragraph 1 lit. f. GDPR, data of the individual newsletter recipients are also recorded (eg e-mail address, time of access, IP address, browser type and operating system ) and processed. These data allow conclusions to be drawn about the individual newsletter recipient. These data are processed by Mailchimp for the automatic generation of statistics, which can be used to identify whether a certain recipient has opened a newsletter message.

To deactivate this data analysis, you must unsubscribe from the newsletter.

MailChimp may also use the data itself in accordance with article 6 paragraph 1 letter f GDPR in order to satisfy its own legitimate interest in the design and optimization of the service in line with demand or for market research purposes to determine the countries from which the newsletter recipients come. However, Mailchimp will not use your data for the purpose of contacting you or pass it on to third parties.

Usually your data is transferred to a server of MailChimp in the USA and stored there. To protect your data in the USA, MailChimp is a data processing contract based on the standard contractual clauses of the European Commission. This data processing contract can be consulted at the following Internet address

http://mailchimp.com/legal/forms/data-processing-agreement/.

The privacy policy of MailChimp can be viewed here:

https://mailchimp.com/legal/privacy/

8.4 Advertising by letter post

If you have left your first and last name, your postal address and any other personal data as a result of placing an order with us, we reserve the right to store this data and send you our offers by post in order to protect our legitimate interest in personalized direct advertising in accordance with Art. 6 para. 1 letter f GDPR.

You can object to the storage and use of your data for this purpose at any time by sending a message to the person responsible.

8.5 Mailjet

We send our newsletter via the mail service provider Mailjet (SAS Mailjet, 13-13bis, Rue de l'Aubrac - 75012 Paris, France). In accordance with article 6 paragraph 1 letter f of the GDPR, we pass on to Mailjet the data you entered during registration for the newsletter in order to safeguard our legitimate interest in using a promotional, secure and user-friendly newsletter system. MailChimp uses this data to send the newsletter to you on our behalf. Mailchimp will not use your data for the purpose of contacting you or pass them on to third parties.

Mailjet may use your data in pseudonymous form, ie without allocation to a user, to optimize or improve its own services, eg for technical optimization of the dispatch and presentation of newsletters or for statistical purposes. The data protection regulations of Mailjet can be viewed here: https://www.mailjet.de/privacy-policy/.

  1. Use of social media: social plugins

9.1 Facebook as default plugin

We use our website social plugins ("Plugins") used by the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA) (hereinafter referred to as "Facebook").

You can usually recognize the plugins by the Facebook logo, usually a white "f" on a blue background. You can see other versions of the Facebook plugin here:

https://developers.facebook.com/docs/plugins

When you call up one of our websites in which such a plugin is integrated, your browser establishes a direct connection to the Facebook servers and transmits the content of the plugin directly to your browser, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook at the relevant time, Facebook can immediately assign your visit to our website to your Facebook profile. If you interact with a plugin (eg click on the "Like"/"Like" button or comment on something), this information is also transmitted directly to a Facebook server and stored there. The actions can be published on your Facebook profile and shown to your Facebook friends.

Our legitimate interest lies in the insertion of personalized advertising and the full financial potential of our website. The legal basis is Art. 6 para. 1 lit. f GDPR.

The legitimate interest of Facebook lies in the insertion of personalized advertising in the design of the service in accordance with requirements. The legal basis is Art. 6 para. 1 lit. f GDPR.

If you do not want the data collected via our website to be assigned to your Facebook profile, you must log out of Facebook before visiting our website. You can also prevent the loading of the Facebook plugins with add-ons for your browser, eg with the script blocker "NoScript" (http://noscript.net/).

Further information can be found in the Facebook privacy policy: http://www.facebook.com/policy.php

9.2 Instagram as default plug-in

We use our website social plugins ("Plugins") used by the social network Instagram (Instagram LLC., 1601 Willow Rd, Menlo Park, CA 94025, USA) (hereinafter "Instagram").

You can recognize the plugins mostly by the "Instagram camera", other versions of the Instagram plugin can be viewed here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges.

When you access one of our web pages that has such a plugin embedded, your browser establishes a direct connection to Instagram's servers and transmits the content of the plugin directly to your browser, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted by your browser directly to an Instagram server in the United States and stored there.

If you are logged in to Instagram at the relevant time, Instagram can immediately associate your visit to our website with your Instagram profile. When you interact with a plug-in (eg, click the "Instagram" button or comment on something), this information is also transmitted directly to an Instagram server and stored there. The actions can be published on your Instagram profile and displayed to your Instagram friends.

Our legitimate interest lies in the insertion of personalized advertising and the full financial potential of our website. The legal basis is Art. 6 para. 1 lit. f GDPR.

Instagram's legitimate interest lies in the insertion of personalized advertising to meet the needs of the service. The legal basis is Art. 6 para. 1 lit. f GDPR.

If you do not want the information collected through our site to be associated with your Instagram profile, you must log out of Instagram before visiting our site. You can also prevent the Instagram plugins from loading by using add-ons for your browser, eg the script blocker "NoScript" (http://noscript.net/).

Instagram's privacy policy: https://help.instagram.com/155833707900388/

9.3 LinkedIn as default plugin

We use our website social plugins ("Plugins") used by the social network LinkedIn (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA) (hereinafter "LinkedIn").

You can usually recognize the plugins by the LinkedIn logo or the "Recommend" button.

When you visit one of our websites that has such a plugin embedded, your browser establishes a direct connection to the LinkedIn servers and sends LinkedIn to send the content of the plugin directly to your browser, even if you do not have a LinkedIn profile or are not currently logged in to LinkedIn. This information (including your IP address) is transmitted from your browser directly to a LinkedIn server in the United States and stored there.

If you are logged in to LinkedIn at the relevant time, LinkedIn can immediately match your visit to our website to your LinkedIn profile. If you interact with a plugin (eg, click a LinkedIn button), this information is also sent directly to a LinkedIn server and stored there. The actions can be published on your LinkedIn profile and displayed to your LinkedIn friends.

Our legitimate interest lies in the insertion of personalized advertising and the full financial potential of our website. The legal basis is Art. 6 para. 1 lit. f GDPR. The legitimate interest of LinkedIn lies in the insertion of personalized advertising to meet the needs of the service. The legal basis is Art. 6 para. 1 lit. f GDPR.

If you do not want the information collected through our website to be associated with your LinkedIn profile, you must log out of LinkedIn before visiting our website. You can also prevent InLinkedIn plug-ins from loading by using add-ons for your browser, such as the "NoScript" script blocker (http://noscript.net/).

Privacy policy of LinkedIn:

https://www.linkedin.com/legal/privacy-policy

9.4 Pinterest as default plugin

We use social plug-ins ("Plug-ins") from the Pinterest social network (Pinterest Inc., 808 Brannan Street, San Francisco, CA, 94103, USA ) (hereinafter referred to as "Pinterest") on our website.

You can usually recognize the plugins by the "Pin it" button. You can find further designs of Pinterest plugins here: https://developers.pinterest.com/docs/getting-started/introduction/

When you call up one of our websites in which such a plugin is integrated, your browser establishes a direct connection to the servers of Pinterest and transmits the content of the plugin directly to your browser, even if you do not have a Pinterest profile or are not currently logged in to Pinterest. This information (including your IP address) is sent by your browser directly to a Pinterest server in the USA

and saved there.

If you are logged in to Pinterest at the relevant time, Pinterest can directly attribute your visit to our website to your Pinterest profile. If you interact with a plug-in (eg by clicking on a "pin it" button), this information is also transmitted directly to a Pinterest server and stored there. The actions can be published on your Pinterest profile and displayed to your Pinterest friends.

Our legitimate interest lies in the insertion of personalized advertising and the full financial potential of our website. The legal basis is Art. 6 para. 1 lit. f GDPR.

Pinterest's legitimate interest lies in the insertion of personalized advertising to meet the needs of the service. The legal basis is Art. 6 para. 1 lit. f GDPR.

If you do not want the information collected via our website to be associated with your Pinterest profile, you must log out of Pinterest before visiting our website. You can also prevent the loading of Pinterest plug-ins by using add-ons for your browser, eg the script blocker "NoScript" (http://noscript.net/).

Privacy policy of Pinterest:

https://about.pinterest.com/de/privacy-policy

9.5 Twitter as default plugin

We use social plugins ("plugins") of the online service Twitter (Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, US) (hereinafter referred to as "Twitter") on our website.

You can recognize the plugins by the Twitter logo, such as a blue "Twitter bird". You can find further versions of the Twitter plugin here:

https://about.twitter.com/de/resources/buttons

When you call up one of our websites in which such a plugin is integrated, your browser establishes a direct connection to the servers of Twitter and Twitter transmits the content of the plugin directly to your browser, even if you do not have a Twitter profile or are not currently logged in to Twitter. This information (including your IP address) is transmitted by your browser directly to a Twitter server in the USA and stored there.

If you are logged in to Twitter at the relevant time, Twitter can immediately associate your visit to our website with your Twitter profile. If you interact with a plugin (eg click on a "Twitter" button), this information is also transmitted directly to a Twitter server and stored there. The actions can be published on your Twitter profile and displayed to your Twitter friends.

Our legitimate interest lies in the insertion of personalized advertising and the full financial potential of our website. The legal basis is Art. 6 para. 1 lit. f GDPR. The legitimate interest of Twitter lies in the insertion of personalized advertising to meet the needs of the service. The legal basis is Art. 6 para. 1 lit. f GDPR.

If you do not want the data collected via our website to be associated with your Twitter profile, you must log out of Twitter before visiting our website. You can also prevent the Twitter plugins from loading with add-ons for your browser, eg with the script blocker "NoScript" (http://noscript.net/).

Twitter privacy policy: https://twitter.com/privacy

9.6 Xing plug-ins

We have integrated the "XING Share Button" on our website.

When you call up our website, your browser establishes a short-term connection to servers of XING SE, Caffamacherreihe 8, 20355 Hamburg, Germany (hereinafter referred to as "XING"), which are used to provide the "XING Share Button" functions (in particular the calculation/display of the counter value). However, XING does not store any personal data about you when you access this website, in particular IP addresses. Similarly, no evaluation of your usage behavior is carried out through the use of cookies in connection with the "XING Share Button".

Details can be found here:

https://www.xing.com/app/share?op=data_protection

  1. Use of social media: video

10.1 Using Vimeo videos

On our website we integrate plugins from the video portal Vimeo of Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA.

If a page on our website is called up with such a plugin, the browser establishes a direct connection to the Vimeo servers. The content of the plugin is transmitted by Vimeo directly to your browser and integrated into the page. This also informs Vimeo that your browser has called up the corresponding page (including your IP address). This happens even if you do not have a Vimeo account or are not currently logged in to Vimeo. This information is transmitted directly to a Vimeo server in the USA and stored there.

If you are logged in to Vimeo, Vimeo can immediately attribute your visit to our website to your Vimeo account. As soon as you interact with one of the plug-ins (eg clicking on the start button of a video), this information is also transmitted directly to a Vimeo server and stored there.

This data processing is carried out in accordance with Art. 6 Para. 1 letter a GDPR, namely your express consent.

To prevent the direct assignment of data to your Vimeo account, you must log out of Vimeo before visiting our website.

The purpose and scope of data collection and the further processing and use of the data by Vimeo, as well as your rights and settings options for protecting your privacy, can be found in Vimeo's privacy policy: http://vimeo.com/privacy

For videos from Vimeo that are integrated on this website, the tracking tool Google Analytics is automatically integrated. This is Vimeo's own tracking, which we have no access to and cannot be influenced by our site. Google Analytics uses "cookies" for tracking. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

This processing is carried out in accordance with Art. 6 para. 1 letter a GDPR on the basis of your express consent. 10.2 Use of YouTube videos

On this website, we use the YouTube embedding feature to display and play videos from "YouTube", a provider belonging to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). We use the extended data protection mode which, according to the provider, only starts to store user information when the video(s) are played. When you start playing embedded YouTube videos, the provider "YouTube" uses cookies to collect information about your user behavior. According to "Youtube", these are used, among other things, to collect video statistics, improve user-friendliness and prevent abusive behavior. If you are logged in to Google, your information will be associated directly with your account.

If you don't want the assignment with your profile on YouTube, you have to log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles and evaluates them.

Such an evaluation is carried out in particular in accordance with Art. 6 Para. 1 lit.a GDPR on the basis of your express consent.

You have a right of objection to the creation of these user profiles, and to exercise this right you must contact YouTube. Irrespective of any reproduction of the embedded videos, each time you access this website a connection to the Google network "DoubleClick" is established, which may trigger further data processing operations without our influence.

Data may also be transmitted to the servers of Google LLC. in the USA. Further information on data protection at "YouTube" can be found in the provider's data protection declaration at: https://www.google.de/intl/de/policies/privacyOpt-out possible at

https://adssettings.google.com/authenticated.

  1. Online marketing

Use of Google Ads conversion tracking

This website uses the online advertising program "Google Ads" and, in the context of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

This involves advertising our offers on external websites with the help of advertising material (so-called Google Adwords). Our legitimate interest lies in displaying advertising that is of interest to you and in achieving a fair calculation of advertising costs. The legal basis is Art. 6 para. 1 lit.a GDPR, namely your express consent.

Google Ads uses conversion tracking cookies that are set when you click on an AdWords ad served by Google.

These cookies usually expire after 30 days and are not used for personal identification. Each Google Ads client receives a different cookie, so cookies cannot be tracked on the websites of ads clients.

The information obtained in this way is used to generate conversion statistics for ad customers about the total number of users who have clicked on their ad and been redirected to a page with a conversion tracking tag.

They cannot be personally identified.

If you want to prevent tracking, you can disable the Google Conversion Tracking cookie on your internet browser under User Preferences.

Here you will find information about Google's privacy policy:

http://www.google.de/policies/privacy/

You can permanently disable the conversion cookies by adjusting your browser settings or download and install the browser plug-in available at the following link: http://www.google.com/settings/ads/plugin?hl=de

In this case, it may not be possible to use certain functions of this website or only to a limited extent.

  1. Web analysis services

12.1 Google Universal Analytics

We use the web analysis service Google Analytics (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) for this website.

Google Analytics uses “cookies”. These are text files which are stored on your computer and which enable an analysis of your use of the website.

The information thus generated about your use of this website (including the abbreviated IP address) is transferred to a Google server and stored there, whereby a transfer to the USA is possible.

We use Google Analytics with the extension "_anonymizeIp()", which ensures anonymization of the IP address by shortening it and excludes a direct personal reference. Your IP address is therefore shortened by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area. In exceptional cases, the full IP address is transferred to a Google server, including in the United States, and is only truncated there. In these exceptional cases this processing is carried out in accordance with Art. 6 (1) lit. f GDPR. Our legitimate interest lies in the statistical analysis of user behavior for optimization and marketing purposes.

On our behalf, Google uses this information to evaluate your use of the website, to create reports on website activities and to provide us with further services associated with the use of the website and the Internet. There is no consolidation of your IP address collected in this context with other data from Google.

You can prevent the storage of cookies by adjusting your browser settings accordingly. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the following browser plugin:

http://tools.google.com/dlpage/gaoptout?hl=de

Alternatively, you can set an out-out cookie:

This opt-out cookie only works in this browser and only for this domain. If you delete your cookies in this browser, you will have to click on this link again.

This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under "My data", "personal data".

Privacy policy of Google:

https://support.google.com/analytics/answer/6004245?hl=de

12.2 Hotiar (hotjar Ltd.)

We use on this website the Hotjar web analytics service provided by Hotjar Ltd (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe Tel: +1 (855) 464-6788 ). This tool allows you to track movements on our websites (so-called heat maps). For example, you can see how far you scroll and which buttons you click on how often. In this way, we obtain the necessary information to make our websites faster and more customer-friendly. Our legitimate interest lies in the design of our website in line with our interests and for marketing purposes. The legal basis is Art. 6 Para. 1 lit. a GDPR, namely your express consent.

Areas of the website where personal data of you or third parties are displayed are automatically hidden by Hotjar and are not analyzed. You can prevent the use of the Hotjar tool by using a "Do Not Track" header. This is a setting that is supported by all common browsers in current versions. If you use our website with different browsers, you must set up the "Do Not Track Header" separately for each of these browsers/computers. Detailed instructions with information about your browser can be found here: https://www.hotjar.com/opt-outMore information about Hotjar Ltd. and about the Hotjar tool can be found here: https://www.hotjar.com

The privacy policy of Hotjar Ltd. can be found here:

https://www.hotjar.com/privacy

12.3 Inspectlet

We use the web analysis service Inspectlet (Inspectlet, Santa Clara, USA)(www.inspectlet.com)).Inspectlet collects and stores pseudonymised visitor data and creates pseudonymised user profiles for the purpose of evaluation. Inspectlet uses cookies to recognize the browser and thus enable a more precise determination of the statistical data.

However, your IP address will be pseudonymized immediately after collection and before it is saved in order to exclude any personal reference.

Our legitimate interest lies in the statistical analysis of user behavior for optimization and marketing purposes. The legal basis is Art. 6 para. 1 lit. f GDPR.

The information generated by the cookie about your use of this website (including the pseudonymized IP address) is transferred to a server in the USA and stored there in order to safeguard the above-mentioned interests.

You can prevent the setting of cookies by adjusting your browser settings. If cookies are not accepted, the functionality of our website may be restricted.

You can obtain an opt-out cookie from Inspectlet under the following link, which means that no visitor data of your browser will be collected and stored by Inspectlet in the future:

http://www.inspectlet.com/optout

12.4 Optimizely

We use the web analytics service Optimizely (Optimizely, Inc., 631 Howard Street, Suite 100, San Francisco, CA 94105, USA) (hereinafter referred to as "Optimizely"). Optimizely uses cookies to enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a server of Optimizely in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Optimizely in advance within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a server of Optimizely in the USA and shortened there. On behalf of the operator of this website, Optimizely will use this information to evaluate your use of the website and to compile reports on website activities. The IP address transmitted by your browser within the framework of Optimizely is not combined with other data from Optimizely.

Our legitimate interest lies in the statistical analysis of user behavior for optimization and marketing purposes. The legal basis is Art. 6 Para. 1 lit. a GDPR, namely your express consent.

You can prevent the storage of cookies by adjusting your browser software accordingly. You can also deactivate Optimizely tracking by following the instructions on http://www.optimizely.com/opt_out.

Switching off all cookies may mean that some functions on our website can no longer be executed.

Privacy policy of Optimizely:

https://www.optimizely.com/privacy/

12.5 Pingdom (Pingdom AB)

We use the Pingdom monitoring service (Pingdom AB, Kopparbergsvägen 8, 722 13, Västerås, Sweden). Pingdom uses cookies, "to recognize the browser and to enable us to analyze your access, as well as the loading behavior ("performance") and availability of our website. This serves to improve the loading behavior and the presentation of the content on the website.

The legal basis is Art. 6 para. 1 lit. a GDPR Your express consent.

You can generally deactivate the use of cookies on your computer by making the appropriate browser settings. However, deactivating all cookies may mean that some functions on our Internet pages can no longer be fully used.

Pingdom Privacy Policy:

https://www.pingdom.com/legal/privacy-policy/

12.6 TrackJS (TrackJS LL)

We use an error tracking service from TrackJS, LLC, Minnesota, USA. To safeguard our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes, TrackJS collects, evaluates and stores pseudonymized visitor data from which pseudonymized user profiles can be created and evaluated. TrackJS uses cookies in order to recognize the browser, thus enabling a more precise determination of statistical data. Your IP address is also collected, but is pseudonymized immediately after collection and before storage, so that no personal reference can be made.

The legal basis is Art. 6 para. 1 lit. a GDPR, namely your express consent.

In order to object to the collection and storage of your pseudonymized visitor data for the future, you can make appropriate browser settings.

12.7 Shopify Analytics

We use the web analytics service from Shopify (Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland).

To safeguard our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes, Shopify collects, evaluates and stores pseudonymized visitor data from which pseudonymized user profiles can be created and evaluated. Shopify uses cookies in order to recognize the browser, thus enabling a more precise determination of the statistical data. Your IP address is also collected, but is pseudonymized immediately after collection and before storage, so that a personal reference is excluded.

The legal basis is Art. 6 para. 1 lit. a GDPR, namely your express consent. Shopify does not associate your IP address with other Shopify data.

In order to object to the collection of data and the creation of pseudonymized user profiles and the setting of cookies for the future, you can generally deactivate the use of cookies on your computer by setting your Internet browser so that no more cookies are stored on your computers in the future

can be deleted or already stored cookies can be deleted. However, switching off all cookies may mean that some functions on our Internet pages can no longer be fully used.

The Shopify privacy policy can also be found at

https://www.shopify.de/legal/datenschutz

  1. Retargeting / remarketing / recommendation advertising

13.1 Criteo (Criteo SA)

On this website, we use the service of Criteo SA, 32 Rue Blanche, 75009 Paris, France ("Criteo"). Our legitimate interest lies in targeting the customer with personalized, interest-based advertising and thus in exploiting the financial potential of our website. For this purpose, cookies are used to collect pseudonymized data about your interests and thus to adapt the advertising individually to the stored information. This enables us to display advertising to you that most probably corresponds to your product and information interests. The legal basis is according to Art. 6 para. 1 lit. a GDPR. Cookies are only set after your express consent.

You can generally deactivate the use of cookies on your computer by making the appropriate browser settings. In this case you will no longer participate in this retargeting. However, deactivating all cookies can also mean that some functions on our website can no longer be used in full.

You can also use the opt-out cookie:

Criteo contest (http://www.criteo.com/de/privacy/)

Criteo Privacy Policy:

http://www.criteo.com/de/privacy/

13.2 Facebook Custom Audience using the pixel method

On this website, we use the "Facebook pixel" of Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"), which allows us to track the behavior of users after they have seen or clicked on a Facebook advertisement, if we have given express permission. This process is used to evaluate the effectiveness of the Facebook Ads for statistical and market research purposes and may help to optimize future advertising efforts. The data collected is anonymous to us, so we cannot draw any conclusions about the identity of the users. However, data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Usage Guidelines (https://www.facebook.com /about/privacy/).

You can enable Facebook and its partners to serve ads on and off Facebook. For these purposes, a cookie may be stored on your end device. These processing operations are only carried out if you have given your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Consent to the use of the Facebook pixel may only be given by users over the age of 13. If you are younger, please ask your legal guardian for permission. You can deactivate the use of cookies on your computer by adjusting your browser settings accordingly. However, this may mean that some functions on our Internet pages can no longer be fully used. You can also deactivate the use of cookies by third-party providers such as Facebook on the following Digital Advertising Alliance website:

http://www.aboutads.info/choices/

13.3 Google AdWords Remarketing

Our website uses the functions of Google Ads (formerly "Google AdWords") Remarketing, hereby we advertise this website in Google search results, as well as on third party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google"). For this purpose, Google sets a cookie in the browser of your end device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you have visited, and which usually expires after 30 days. The processing is based on our legitimate interest in the optimal marketing of our website and the exhaustion of the financial potential of our website. The legal basis is Art. 6 Para. 1 lit. a GDPR namely your express consent.

Any further data processing will only take place if you have agreed with Google that your internet and app browsing history will be linked by Google to your Google Account and that information from your Google Account will be used to personalize ads you view on the web. Are

if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to form target groups.

You can permanently disable the setting of cookies for ad preferences by downloading and installing the browser plug-in available at the following link:

https://www.google.com/settings/ads/onweb/

Alternatively, you can inform yourself about the setting of cookies and adjust the settings for them at the Digital Advertising Alliance at the Internet address www.aboutads.info. Finally, you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. If cookies are not accepted, the functionality of our website may be restricted.

Privacy policy regarding advertising and Google:

https://policies.google.com/technologies/ads?hl=de

13.4 Pinterest Tag Conversion Tracking

On our website we use the conversion tracking technology "Pinterest Tag" of Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (hereinafter referred to as "Pinterest").

When you enter our website via a pin on Pinterest, a cookie is placed on your computer which interacts with a built-in "tag" (JavaScript code) from Pinterest. These cookies have a validity of 180 days. They are not used for your personal identification.

If a user is redirected from a pin to Pinterest on pages of this website and the cookie has not expired, the tag records and can track certain user movements (eg search queries on the website, visits to product pages). This enables Pinterest to compile statistics on the usage behavior on our website after being forwarded from a Pinterest Pin. We can use these statistics to improve our services.

If personal user data are processed in this process, this is done in accordance with Art. 6 Para. 1 letter a GDPR on the basis of your consent. You can revoke this consent at any time with effect for the future. In order to exercise your right of revocation, please follow the procedure described above for lodging an objection. However, we ourselves do not receive any information with which users can be personally identified. If you do not wish to be recorded by tracking, you can also object to this by deactivating the cookie of the Pinterest tag conversion tracking via your Internet browser under User Settings. You will then not be included in the conversion tracking statistics. Pinterest's privacy policy: https://policy.pinterest.com/de/privacy-policy.

  1. Using a live chat system

14.1 Intercom

On this website we use the live chat system of Intercom, Inc, 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Ireland, (www.intercom.com).

Anonymized data is collected and stored for the purpose of web analysis and for operating the live chat system to answer live support requests. From this anonymized data, user profiles can be created under a pseudonym. Cookies can also be used for this purpose. These cookies enable the recognition of the Internet browser. Insofar as the information collected in this way has a personal reference, the legal basis for processing is Art. 6 Para. 1 letter f GDPR.

Our legitimate interest lies in effective customer service and the statistical analysis of user behavior for optimization purposes. The data will not be used to personally identify the visitor to this website without the consent of the person concerned. No data will be merged with personal data about the bearer of the pseudonym.

You can avoid the storage of cookies by setting your internet browser in such a way that no more cookies can be stored on your computer in the future or that already stored cookies are deleted. However, this may mean that some functions on our website can no longer be executed.

You have the possibility to object to the collection and storage of data for the purpose of creating a pseudonymized user profile at any time with effect for the future. Please send us your objection informally by e-mail to our e-mail address stated at the beginning of the data protection declaration.

14.2 Shopify Chat

On this website we use the live chat system of Shopify International Limited, Victoria Buildings, 2nd floor 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.

Anonymized data is collected and stored for the purpose of web analysis and for operating the live chat system to answer live support requests. From this anonymized data, user profiles can be created under a pseudonym. Cookies can also be used for this purpose. These cookies enable the recognition of the Internet browser. Insofar as the information collected in this way has a personal reference, the legal basis for processing is Art. 6 Para. 1 letter f GDPR.

Our legitimate interest lies in effective customer service and the statistical analysis of user behavior for optimization purposes. the data will not be used to personally identify the visitor to this website without the consent of the person concerned. No data will be merged with personal data about the bearer of the pseudonym.

You can avoid the storage of cookies by setting your internet browser in such a way that no more cookies can be stored on your computer in the future or that already stored cookies are deleted. However, this may mean that some functions on our website can no longer be executed.

You have the possibility to object to the collection and storage of data for the purpose of creating a pseudonymized user profile at any time with effect for the future. Please send us your objection informally by e-mail to our e-mail address stated at the beginning of the data protection declaration. For further information on data processing at Shopify, please refer to the Shopify privacy policy: https://www.shopify.com/legal/privacy

  1. Tools and others

15.1 Google reCAPTCHA

We use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") in accordance with Art. 6 Para. 1 lit. f GDPR due to our legitimate interest in preventing abuse and spam.

reCAPTCHA is a function that is designed to ensure that an entry is made by a natural person.

The service sends your IP address and possibly other data required by Google for the service reCAPTCHA to Google.

When using Google reCAPTCHA, your personal data may also be transferred to the servers of Google LLC. in the USA.

Details of Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/

15.2 Google Maps

We use "Google Maps" (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Maps is used to display interactive maps and to provide directions. By using Google Maps, information about the use of this website including your IP address and the (start) address entered in the route planner function can be transmitted to Google. When you call up a website of our Internet presence that contains Google Maps, your browser establishes a direct connection with the Google servers. The map content is transmitted by Google directly to your browser and integrated into the website by it. We therefore have no influence on the extent of the data collected by Google in this way. According to our state of knowledge, this is at least the following data:

- the date and time of the visit to the website concerned,

- Internet address or URL of the web page accessed,

- IP address, (start) address entered during route planning.

We have no influence on the further processing and use of the data by Google and therefore cannot accept any responsibility for this. If you are logged in to Google, your data will be assigned directly to your Google Account. If you do not want this assignment, you must log out of Google. Google stores your data (including the data of users who are not logged in) as user profiles and evaluates them. Such evaluation is carried out in accordance with Art. 6 Para. 1 letter a GDPR on the basis of your express consent.

If you do not want Google to collect, process or use data about you via our website, you can also deactivate JavaScript in your browser settings. In this case, however, you cannot use the map display. For the purpose and scope of data collection and the further processing and use of data by Google, as well as your rights and setting options for the protection of your privacy, please refer to Google's data protection information

(https://policies.google.com/privacy?hl=de).

The Google terms of use can be found here:

http://www.google.de/intl/de/policies/terms/regional.html

the terms of use for Google Maps are available here:

https://www.google.com/intl/de_US/help/terms_maps.html

You can find further information on data protection here:

http://www.google.de/intl/de/policies/privacy/

15.3 Google Web Fonts

We use so-called web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") for the uniform display of fonts. As soon as you visit our website, your browser loads the required Web Fonts into the browser cache.

To do this, your browser must connect to Google's servers, which will transmit your IP address to Google. In this case, your personal data may also be transferred to the servers of Google LLC. in the USA.

According to Art. 6 para. 1 lit. a GDPR, the legal basis is your express consent.

If your browser does not support web fonts or you refuse to use them, a standard font will be used by your computer.

Details about Google Web Fonts can be found here:

https://developers.google.com/fonts/faq

as well as in the privacy policy of Google:

https://www.google.com/policies/privacy/

15.4 CloudFlare.

We use the provider Cloudflare (CloudFlare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA). CloudFlare offers a worldwide distributed content delivery network with DNS.

With the help of a CDN, large files, graphics and scripts can be delivered faster and better by regional servers connected via the Internet. User data is processed only for the aforementioned purposes and to maintain the security and functionality of the CDN. To do this, the browser you use must connect to the CDN servers. This transfers your IP address to the server. Under certain circumstances Cloudflare may also store cookies on your computer with your permission in accordance with Art. 6 lit. a GDPR.

We have concluded a corresponding agreement on order processing with Cloudflare on the basis of the GDPR and the EU standard contract clauses.

Cloudflare can collect statistical data about the visit of this website.

is raised:

Name of the website called up, file, date and time of the call, amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.provider.

Cloudflare uses the protocol data for statistical evaluations for the purpose of operation, security and optimization of the offer:

https://www.cloudflare.com/de-de/privacypolicy/

  1. Rights of the data subject

16.1 The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the Controller with regard to the processing of your personal data, about which we inform you below:

- Right to information according to Art. 15 GDPR:

You may request confirmation from the data controller as to whether personal data concerning you are being processed by the data controller. In addition, you have the right to be informed about the purpose, the categories of personal data, the recipients, the planned duration of the storage and about the existence of other rights such as correction of the data or the existence of a right of appeal to a supervisory authority, the origin of your data if it was not collected by us, the existence of automated decision making including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing concerning you, as well as your right to be informed about the guarantees that apply pursuant to Art. 46 GDPR when your data is transferred to third countries;

- Right of correction according to Art. 16 GDPR:

You have the right to have the incorrect data concerning you corrected and/or to have your incomplete data stored by us completed without delay; the correction or completion must be carried out immediately.

- Right to restrict processing in accordance with Art. 18 GDPR:

You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data which you dispute is checked, if you refuse to have your data deleted due to unlawful data processing and demand instead the restriction of the processing of your data, if you require your data for the assertion, exercise or defense of legal claims, after we no longer require this data after the purpose has been achieved, or if you have lodged an objection for reasons of your particular situation, as long as it has not yet been established whether our justified reasons outweigh the objection;

If the processing of personal data relating to you has been restricted, such data may be processed, with the exception of storage, only with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State. If the restriction on processing is restricted, you will be informed by the controller before the restriction is lifted.

- Right to deletion in accordance with Art. 17 GDPR:

You have the right to request the immediate deletion of your personal data if the requirements of Art. 17 para. 1 GDPR are fulfilled. However, this right of deletion does not apply in particular - not conclusively - if the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion , exercise or defense of legal claims

- Right to information in accordance with Art. 19 GDPR:

If you have exercised your right to rectification, erasure or limitation of processing, the controller is obliged to notify all recipients to whom your personal data have been disclosed of this rectification, erasure or limitation of processing, unless this is impossible or involves a disproportionate effort . You also have the right to be informed of these recipients.

- Right to data transferability according to Art. 20 GDPR:

You have the right to receive your personal data communicated to us in a structured, common and machine-readable format or to request that it be transferred to another person responsible, as far as this is technically possible;

- Right of revocation according to Art. 7 para. 3 GDPR:

You have the right to object at any time to the processing of personal data concerning you that is carried out pursuant to Art. 6 paragraph 1 letter e) or f) DPA; this also applies to profiling based on these provisions.

You also have the right to revoke your declaration of consent under data protection law at any time with effect for the future. Revocation of consent does not affect the lawfulness of the processing that has taken place on the basis of the consent until revocation.

- Right of appeal under Art. 77 GDPR:

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place where the alleged infringement occurred, if you consider that the processing of personal data concerning you is in breach of the DPA.

16.2 Right of objection

You have the right to object to the processing of your data at any time with effect for the future, if we process your data on the basis of our predominant legitimate interest after weighing up the interests.

If you make use of this right of objection, we will stop processing your data unless there are demonstrably predominant, compelling reasons for termination worthy of protection or if the further processing serves the exercise or defense of legal claims.

  1. Duration of storage of personal data

The duration of the storage of personal data depends in each case on statutory retention periods. After these periods have expired, we routinely delete the data if they are no longer required for the fulfillment or initiation of the contract and/or if we have no legitimate interest in the continued storage.