Data Protection Declaration

I. Definitions

• "personal data" means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
• "processing" means any operation carried out with or without the aid of automated procedures or any such series of operations relating to personal data, such as the collection, collection, organisation, classification, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, restriction, erasure or destruction;
• "Controller" means the natural or legal person, authority, body or other body which alone or jointly with others decides on the purposes and means of processing personal data; where the purposes and means of such processing are specified by Union law or by the law of the Member States, the controller or certain criteria for his appointment may be laid down by Union law or by the law of the Member States;
• "Recipient" means a natural or legal person, authority, institution or other body to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing;

II General Information

1. Responsible for data processing

Neuffer window + doors GmbH
Kronprinzstr. 8
70173 Stuttgart
Germany

Phone: +49 711 860 60 - 180
Fax: +49 711 860 60 - 111
E-mail: [email protected]

2. Contact data of the company data protection officer

OBSECOM GmbH
Königstr 40
70173 Stuttgart
Germany

Phone: 0711 / 4605025-40
Fax: 0711 / 4605025-49
E-Mail: datenschutz@noSpamobsecom.de
Website: www.obsecom.de

3. Legal bases

We process personal data on the basis of at least one of the following legal bases:

• consent of the data subject to the processing of personal data concerning him/her for one or more specific purposes (Art. 6 para. 1 sentence 1 lit. a DSGVO);
• fulfilment of a contract with the data subject or for the implementation of pre-contractual measures taken at the request of the data subject (Art. 6 para. 1 sentence 1 lit. b DSGVO);
• Fulfilment of a legal obligation to which we are subject (Art. 6 Par. 1 S. 1 lit. c DSGVO);
• protection of our legitimate interests or those of a third party (Art. 6 para. 1 sentence 1 lit. f DSGVO)

In this data protection declaration we refer below to the respective legal basis of individual processing procedures.

4. Forwarding of data to recipients

We pass on personal data to recipients (contractors or other third parties) only to the required extent and only under one of the following conditions:

• The person concerned has consented to the transfer;
• The transfer serves the fulfilment of contractual obligations or pre-contractual measures on the initiative of the data subject;
• We are legally obliged to pass them on;
• The passing on takes place on the basis of justified interests of us or a third party.

5. Third countries

The transfer of personal data to a country or an international organisation outside the European Union (EU) or the European Economic Area (EEA) is subject to legal or contractual permits only in accordance with the requirements of Art. 44 ff. DSGVO. This means that the country concerned is subject to an adequacy decision by the EU Commission pursuant to Art. 45 DSGVO, suitable guarantees for data protection pursuant to Art. 46 DSGVO or binding internal data protection regulations pursuant to Art. 47 DSGVO.

6. Rights of the persons concerned

As a person concerned, you have the following rights:

In accordance with Art. 15 DSGVO, you can request information about your personal data processed by us; furthermore, you can request information about the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the origin of your data, if these were not collected from you, the existence of automated decision-making including profiling and, if applicable, the existence of an automated decision making process. you have the right to obtain meaningful information about their details, such as the logic, scope and effects, the existence of a right to have your data concerning you corrected or deleted, the right to restrict or oppose such processing, the existence of a right of appeal to the supervisory authority, whether personal data have been transferred to a third country or to an international organisation and, if so, the appropriate safeguards in connection with the transfer;

• According to Art. 16 DSGVO you can demand the immediate correction of incorrect or the completion of your personal data stored with us;
• According to Art. 17 DSGVO, you can request the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
• According to Art. 18 DSGVO you can demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, you need the data no longer required by us to assert, exercise or defend legal claims or you have filed an objection to the processing in accordance with Art. 21 DSGVO, but it has not yet been determined whether our legitimate reasons for data processing outweigh your interest;
• In accordance with Art. 20 DSGVO, you may request the transfer of your personal data that you have provided to us in a structured, current and machine-readable format or the transfer to another person responsible;
• According to Art. 21 DSGVO, you may object to the processing of your personal data if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising and the legal basis for the processing of the personal data are legitimate interests in accordance with Art. 6 para. 1 sentence 1 letter f DSGVO;
• According to art. 7 para. 3 DSGVO you can revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future;
• Under Article 77 DSGVO, you may complain to a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place where the alleged infringement occurred.

If you wish to assert the above rights, you can contact us or our data protection officer at any time using the above contact details.

7. Deletion and restriction of personal data

Unless otherwise provided for in this data protection declaration, personal data will be deleted if this data is no longer necessary for the purposes for which it was collected or processed in any other way and if there is no legal obligation to keep it in safekeeping. We also delete the personal data processed by us upon request in accordance with Art. 17 DSGVO if the conditions stipulated therein are met. If personal data are required for other and legally permissible purposes, they will not be deleted, but their processing will be restricted in accordance with Art. 18 DSGVO. In the event of a restriction, the data will not be processed for other purposes. This applies, for example, to personal data that must be kept by us for commercial or tax reasons. Documents in accordance with § 257 Paragraph 1 Nos. 2 and 3 HGB and § 147 Paragraph 1 Nos. 2, 3, 5 AO are kept for 6 years, documents in accordance with § 257 Paragraph 1 Nos. 1 and 4 HGB and documents in accordance with § 147 Paragraph 1 Nos. 1, 4, 4a AO for 10 years.

8. Cookies

Im Rahmen unseres Internetangebotes werden Cookies eingesetzt. Cookies sind kleine Textdateien, die Ihr Browser automatisch erstellt und die auf Ihrem Endgerät (Laptop, Tablet, Smartphone, PC, o.ä.) speichert, wenn Sie unsere Seite besuchen. Cookies richten auf Ihrem Endgerät keinen Schaden an, enthalten keine Viren oder sonstige Schadsoftware. In dem Cookie werden Informationen abgelegt, die sich jeweils im Zusammenhang mit dem spezifisch eingesetzten Endgerät ergeben. Dies bedeutet jedoch nicht, dass wir dadurch unmittelbar Kenntnis von Ihrer Identität erhalten. Cookies dienen hauptsächlich dazu, das Internetangebot nutzerfreundlicher, effektiver und sicherer zu gestalten.

Wir setzen Session-Cookies ein, um während Ihres Besuchs auf unserer Seite zu erkennen, dass Sie einzelne Seiten unseres Internetangebotes bereits besucht haben. Auch werden durch solche Cookies bestimmte Funktionalitäten bereitgestellt. Session-Cookies werden nach dem Ende Ihres Besuchs auf unserem Internetangebot gelöscht.

Darüber hinaus setzen wir ebenfalls zur Optimierung der Benutzerfreundlichkeit und der statistischen Auswertung der Nutzung unseres Angebots temporäre Cookies ein, die für einen bestimmten festgelegten Zeitraum auf Ihrem Endgerät gespeichert werden. Besuchen Sie unsere Seite erneut, um unsere Dienste in Anspruch zu nehmen, wird automatisch erkannt, dass Sie zu einem früheren Zeitpunkt bereits bei uns waren und welche Eingaben und Einstellungen sie getätigt haben, damit Sie diese nicht noch einmal eingeben müssen.

Die durch Cookies verarbeiteten Daten sind für die genannten Zwecke zur Wahrung unserer sich daraus ergebenden berechtigten Interessen sowie der Dritter nach Art. 6 Abs. 1 S. 1 lit. f DSGVO erforderlich.

Die meisten Browser akzeptieren Cookies automatisch. Möchten Sie dies nicht, können Sie Ihren Browser jedoch so konfigurieren, dass keine Cookies auf Ihrem Endgerät gespeichert werden oder stets ein Hinweis erscheint, bevor ein neuer Cookie angelegt wird. Ein genereller Widerspruch gegen den Einsatz der zu Zwecken des Onlinemarketing eingesetzten Cookies kann für eine Vielzahl von Diensten z.B. auch unter http://www.youronlinechoices.com/ oder die Deaktivierungsseite der Netzwerkwerbeinitiative http://optout.networkadvertising.org erklärt werden. Die Deaktivierung von Cookies kann jedoch dazu führen, dass Sie nicht alle Funktionen unseres Internetangebotes nutzen können.

III Individual processing procedures

1. Hosting

To provide our Internet services, we use services of hosting companies, such as provision of web servers, storage space, database services, security services and maintenance services.

In doing so, we or our hosting provider process personal data of users of our Internet offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 lit. f DSGVO.

2. Access data and log files

When you visit our website or the individual pages, the browser on your terminal automatically sends information to the server of our website. This information is stored in so-called log files by us or our hosting provider and deleted after 12 months at the latest.

The following information is stored:

• IP address of the requesting computer,
• Date and time of access,
• Name and URL of the retrieved file,
• Website from which access is made (referrer URL),
• the browser used and, if applicable, the operating system of your computer
• Status codes and transferred data volume
• Name of your access provider.

These data are processed for the following purposes:

• Provision of the Internet offer including all functions and contents
• Ensuring a smooth connection of the website,
• Ensuring comfortable use of our website,
• Ensuring system security and stability
• Anonymised statistical evaluation of accesses
• Optimization of the website
• Passing on to law enforcement authorities in the event of unlawful interference/attack on our systems
• other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest follows from the purposes described above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about a person.

3. Contact form

If you use the contact form, you will be asked for your name, gender and e-mail address so that we can get in touch with you personally. Further information can be provided voluntarily. Data processing for the purpose of contacting us and responding to your request is carried out voluntarily in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO on the basis of your consent. All personal data collected in connection with the contact form will be deleted after your request has been dealt with, unless storage is required for the documentation of other processes (e.g. subsequent conclusion of contract).

4. Evaluation reminder by e-mail

If you have given us your express consent to this during or after your order by activating an appropriate checkbox or clicking a button provided for this purpose, we will use your e-mail address for the purpose of reminding you to submit an evaluation of your order via the evaluation system used by us. The data will be processed in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO on the basis of your voluntary consent. This consent can be revoked at any time by sending us a message. The data collected in this context will be deleted after your enquiry has been dealt with, unless storage is required for the documentation of other processes.

5. Applications

If you are applying for a job, please send your application documents to the e-mail address [email protected] Data processing for the purpose of deciding whether to establish an employment relationship is carried out voluntarily in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO on the basis of your consent. Application documents will be kept for a period of up to 6 months after completion of the application procedure, taking into account the opposition deadlines of the General Equal Treatment Act (AGG), and will then be deleted. Further storage of the application documents for a period of up to two years will only take place if you have given your prior consent to the data being stored.

6. E-mail direct mail to customers

If you are a customer of ours and have received your e-mail address in connection with the sale of goods or services, we may use your e-mail address for direct advertising for our own similar goods or services. The legal basis of the processing is our legitimate interest in direct marketing pursuant to Art. 6 para. 1 lit. f DSGVO.

7. Newsletter

If you would like to receive our newsletter, we need your e-mail address. Further information can be provided voluntarily. Data processing for the purpose of sending the newsletter is carried out pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO on the basis of your voluntary consent by means of the so-called double opt-in procedure. The e-mail address will be used and stored for this purpose until you revoke your consent or unsubscribe from receiving the newsletter. You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your cancellation/deregistration request at any time to the e-mail address stated under item II.

We send our newsletters with a so-called pixel-code. A pixel-code is a miniature graphic embedded in the HTML format of the newsletter sent to enable an analysis of reader behavior. In this context, we store whether and at what time a newsletter was opened by you and which of the links contained in the newsletter were called up by you. We use this data to create statistical evaluations of the success or failure of a marketing campaign in order to optimize newsletter distribution and better match the content of future newsletters to your interests. The data collected will not be passed on to third parties and will be deleted after statistical evaluation.

8. MailChimp

The newsletter is sent via MailChimp. MailChimp is provided by the Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA (hereinafter "MailChimp"). MailChimp serves the dispatch and the evaluation of the range of our newsletters. For this purpose, your e-mail address and any other data required by MailChimp for the provision of the newsletter will be processed on our behalf. The legal basis for processing by MailChimp is Art. 6 Para. 1 letter f DSGVO and our legitimate interest in using a user-friendly and secure newsletter system.

The personal data collected is stored on servers in the USA. MailChimp has joined the EU/U.S. PrivacyShield and thus fulfils the requirements of the European Union to legitimise the transfer of personal data to the USA. Information on the EU/U.S. PrivacyShield guarantees can be found at: www.privacyshield.gov/participant.

For more information on how MailChimp handles your personal data, please refer to the relevant data protection declaration: mailchimp.com/legal/privacy/.

9. Registration / user account

You have the opportunity to register on our website by entering your personal data. Registration is voluntary and is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO on the basis of your voluntary consent. Which personal data is transmitted is determined by the respective input mask used for registration. The collected personal data is used for the purposes of our offer as well as to contact us for information relevant to the offer and registration. Via a personal user access you can view your personal data and make changes to this data. Your data will be stored until you delete the user account or instruct us to delete your data. If we are obliged to store your personal data due to legal, in particular tax and commercial retention periods, the processing of your personal data will be restricted accordingly until the expiry of the retention periods and subsequently this data will be deleted.

When you register on our website or use the user account, we store the IP address and the time of the respective usage action. The data is stored on the basis of our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO for the provision of our services. The storage is also in your interest to protect you from misuse and other unauthorized use. The user account and the data stored in this context also serve in particular to make shopping easier and to enable access to historical orders. A passing on of this data to third parties does not take place in principle, unless it is necessary for the fulfilment of contractual obligations according to art. 6 para. 1 lit. b DSGVO or for the pursuit of any claims to which we are entitled or there is a legal obligation according to art. 6 para. 1 lit. c DSGVO.

10. Contract data

In connection with and for the purpose of fulfilling pre-contractual measures and contractual obligations via our Internet offer, which take place at the request of the person concerned, we process the data required by the person concerned to fulfil the contract. These include:

Data of the contractual partner, e.g. name, address and contact data, if necessary deviating delivery or invoice addresses or recipients and if necessary the date of birth;

• Contract data, such as subject matter of the contract, term, customer category;
• Payment data such as bank details, credit card data, payment history.
• The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b DSGVO.

The data will only be passed on to third parties insofar as this is necessary to fulfil pre-contractual measures and contractual obligations, e.g. to banks, payment service providers, credit card companies for processing payment and to dispatch service providers for the dispatch of goods.

11. Userlike Chat

Our website uses the userlike chat function. Provider is Userlike UG, Probsteigasse 44-46, 50670 Cologne, Germany (hereinafter "Userlike"). The data will be processed for the purpose of contacting us in response to your request pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO on the basis of your voluntary consent. Userlike uses "cookies". You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. All personal data collected in connection with the chat conversation will be deleted after your request has been dealt with, unless storage is required for the documentation of other processes (e.g. subsequent conclusion of contract).

For further information on how Userlike handles your personal data, please refer to Userlike's privacy policy at: www.userlike.com/de/terms.

IV. online store

1 Trusted Shops Buyer Protection

Our website uses the Trusted Shops Trustbadge. The provider is Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne (hereinafter "Trusted Shops"). With the Trustbadge the seal of approval of Trusted Shops and evaluations is faded in by us. When the trust badge is called, personal data such as IP address, date and time of the call, transferred data volume and the requesting provider processes the call are automatically documented. These access data are not evaluated and are automatically overwritten at the latest 7 days after the end of your page visit. The legal basis for the use of the Trustbadge of Trusted Shops is our legitimate interest in an optimal marketing of our offer according to art. 6 par. 1 lit. f DSGVO.

Further personal data will only be transmitted to Trusted Shops (e.g. for the request to provide feedback) if you have consented to this, decide to use Trusted Shops products after completion of an order or have already registered for use. In this case the contractual agreement between you and Trusted Shops applies.

Further information on how Trusted Shops handles your personal data can be found in the privacy policy of Trusted Shops: www.trustedshops.de/impressum/.

V. payment service providers

1. PayPal

This website uses PayPal as payment service provider. The provider is PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). PayPal acts as an online payment service provider and trustee and offers buyer and seller protection services. When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - purchase on account via PayPal, your name, e-mail address, purchased products, invoice amount, as well as invoice and delivery address will be passed on to PayPal in the context of payment processing. When using the payment methods credit card via PayPal, direct debit via PayPal or - if offered - purchase on account via PayPal, PayPal may carry out a credit check to check the creditworthiness and minimize payment defaults before deciding to release the payment process. In the credit assessment, probability values are used (so-called score values), the calculation of which includes address data. The calculation of these scoring values is based on a scientifically recognised mathematical-statistical procedure. In case of insufficient creditworthiness PayPal can refuse the chosen payment method. The legal basis for processing is Art. 6 para. 1 lit. b DSGVO.

If you do not agree with the data transmission, or you are of the opinion that your creditworthiness is not suitable for the chosen method of payment, please use another method of payment. For more information on how PayPal handles your personal information, please see the relevant privacy policy: www.paypal.com/de/webapps/mpp/ua/privacy-full.

2. Billpay

Billpay GmbH uses this Internet offer as a payment service provider. The provider is BillPay GmbH, Zinnowitzer Str. 1, 10115 Berlin, Germany (hereinafter "Billpay"). Billpay assumes the function of an online payment service provider and, upon conclusion of the contract, carries out a credit assessment for the purpose and on the basis of our justified interest in checking the creditworthiness and minimising payment defaults. The legal basis for processing is Art. 6 para. 1 lit. b DSGVO. If you select a Billpay payment method during the order process, your data (first and last name, street, house number, postcode, city, date of birth, telephone number and, in the case of a direct debit purchase, the specified account details) as well as the data in connection with your order will be transmitted to Billpay for identity and credit assessment. For the purpose of its own identity and credit assessment, Billpay or partner companies commissioned by Billpay transmit data to credit agencies and receive from these information and, where applicable, creditworthiness information on the basis of mathematical-statistical procedures, the calculation of which includes address data. Billpay may also use third party tools to detect and prevent fraud. Data obtained with these tools may be stored encrypted by third parties so that it can only be read by Billpay. In the event of insufficient creditworthiness, Billpay may refuse the chosen payment method.

If you do not agree with the data transmission, or you are of the opinion that your creditworthiness is not suitable for the chosen method of payment, please use another method of payment. For further information on how Billpay handles your personal data, please refer to the relevant data protection declaration: https://www.billpay.de/de/datenschutz-de/.

3. Klarna

Klarna uses this website as a payment service provider. The provider is Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). Klarna takes over the function of an online payment service provider as well as a trustee and credit checker. When paying via Klarna, your name, e-mail address, date of birth, purchased products or services, invoice amount, billing and delivery address, bank and credit card data and, if applicable, mobile phone number will be passed on to Klarna as part of payment processing. When using the payment methods purchase on account and payment by instalments, Klarna may carry out a credit check to check the creditworthiness and minimize payment defaults before deciding to release the payment transaction. In this context, your personal data can be compared with other credit agencies. In the credit assessment, probability values are used (so-called score values), the calculation of which includes address data. The calculation of these scoring values is based on a scientifically recognised mathematical-statistical procedure. In case of insufficient creditworthiness Klarna can refuse the chosen payment method. The legal basis for processing is Art. 6 para. 1 lit. b DSGVO.

If you do not agree with the data transmission, or you are of the opinion that your creditworthiness is not suitable for the chosen method of payment, please use another method of payment. For further information on how Klarna handles your personal data, please refer to the relevant data protection declaration: cdn.klarna.com/1.0/shared/content/legal/terms/0/de_en/privacy.

4. Immediate bank transfer

This internet offer uses Sofortüberweisung as payment service provider. The provider is Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden, and Klarna GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "Klarna"). Sofortüberweisung takes over the function of an online payment service provider. In the case of payment via direct bank transfer, your name, purchased products or services, invoice amount, as well as invoice and delivery address will be passed on to direct bank transfer within the scope of payment processing. The legal basis for processing is Art. 6 para. 1 lit. b DSGVO. For more information on how Sofortüberweisung handles your personal data, please refer to the relevant data protection declaration: www.klarna.com/sofort/datenschutz/.

VI. statistics and analysis

1. Facebook pixel

We use the so-called "Facebook pixel" on our website. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is responsible for the processing of personal data of persons in the EU.

Facebook has joined the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimizing the transfer of personal data to the USA. Information on Facebook's voluntary commitment can be found at www.privacyshield.gov/participant.

The use of this technology enables Facebook to assign visitors to our website to specific groups (e.g. visitors to our website or according to the areas of interest we transmit to Facebook, so-called "custom audiences") for the insertion of specific advertisements and thus to recognize them. This ensures that these users are only shown advertisements that meet their interests and that inconvenience caused by inappropriate advertising is avoided. By using the Facebook pixel, we can also track the effectiveness of our Facebook ads for statistical purposes and track whether and how a user has used our offer after clicking on the ad.

For more information about the Facebook pixel and how it works, visit www.facebook.com/business/help/651294705016616. For details on how Facebook processes the data it collects and general information about Facebook advertisements, see Facebook's data policy available at the URL www.facebook.com/about/privacy/update In your Facebook account under the heading "Settings" you also have the possibility to object to the collection of your data via the Facebook pixel and its use for the insertion of specific advertisements. Notes on these settings can be found at www.facebook.com/settings (login required).

The use of the Facebook pixel helps us to advertise our products and services in an appropriate way without inconveniencing the advertising addressees with inappropriate advertising. The legal basis for the use of the Facebook pixel is therefore the legitimate interests of us and third parties in these purposes pursuant to Art. 6 para. 1 lit. f DSGVO.

2. Mouseflow

Our website uses Mouseflow. The provider is Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark (hereinafter "Mouseflow"). Mouseflow is an analysis tool that captures mouse clicks and movements, scrolling movements and other metadata. The data processing takes place for the purpose of optimizing our Internet offer. The legal basis is the legitimate interests of us in these purposes according to Art. 6 para. 1 lit. f DSGVO. Cookies are used for analysis and evaluation. This service records your IP address in anonymous form, which of our Internet pages you have visited and, if necessary, other data required by Mouseflow for the provision of the service. You can prevent collection by mouseflow by clicking on the link[https://mouseflow.de/opt-out] to obtain an opt-out cookie. This cookie means that no visitor data will be collected and stored by Mouseflow when you visit this website in the future. Attention: If you delete your cookies, the opt-out cookie will also be deleted and you may have to activate it again.

Further information on data protection and the cookies used at Mouseflow can be found on the Mouseflow website: mouseflow.de/privacy/.

VII. Google Services

Provider of the following Google services is Google Ireland Limited (Registernummer: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google").

The legal basis for the use of the following Google services is our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO.

Google has acceded to the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimising the transfer of personal data to the USA. Information on Google's commitment can be found at www.privacyshield.gov/participant.

For more information on how Google handles your personal data, please see Google's privacy policy: www.google.com/intl/de/policies/privacy/. Information on data use for advertising purposes by Google, setting and objection possibilities can be found on these websites:

www.google.de/policies/privacy/partners/

www.google.de/policies/technologies/ads/

www.google.de/settings/ads

www.google.com/ads/preferences/

1. Google Analytics

This website uses Google Analytics from Google. Google Analytics uses cookies. Google collects data about the visits of the users of our website and their usage behaviour. This data is used for the purpose of ensuring that our Internet offering is designed and continuously optimised to meet requirements, to measure the success of marketing measures and to compile statistical evaluations. In this context, pseudonymised user profiles are created and cookies are used. The information generated by the cookie about your use of this website such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), time of the server request are transferred to a Google server in the USA and stored there. User and event data will be deleted after 26 months. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are made anonymous so that an assignment is not possible. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website and from processing this data by Google by downloading and installing the browser plug-in available under the following link: tools.google.com/dlpage/gaoptout.

2. Google Analytics Remarketing

This website uses Google Analytics Remarketing from Google. Google Analytics Remarketing is used to present advertisements to visitors that refer to the content of previously visited websites. Google uses cookies to recognize visitors who visit websites from the Google advertising network. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision of analytics remarketing. The IP address transmitted by your browser will under no circumstances be merged with other Google data. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. However, if you do not wish to use Google's remarketing feature, you can disable it by making the appropriate settings at http://www.google.com/settings/ads.

3. Google AdWords with conversion tracking

This website uses Google AdWords and Google AdWords for conversion tracking. Google Conversion Tracking is used to track and evaluate your clicks on ads, purchases, subscriptions, phone calls, app downloads and other actions on our website. Cookies are used for analysis and evaluation. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision of conversion tracking. The IP address transmitted by your browser will under no circumstances be merged with other Google data. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

4. Google Web Fonts

This website uses external fonts from Google, so-called web fonts, to display fonts. To do this, your browser loads the required web fonts into the browser cache when you call up the website. If your browser does not support this function, your computer will use a standard font to display the website. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision of the web fonts. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google.

5. Google Maps

This website uses Google Maps from Google to display site plans, maps, terrain data, or geographical maps. This service records your IP address, which of our Internet pages you have visited and, if necessary, other data required by Google for the provision of the maps (e.g. location data). The information generated is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. The terms of use for Google Maps can be found at: www.google.com/intl/de_en/help/terms_maps.html.

6. Google Tag Manager

This website uses the Google Tag Manager for tagging. This service allows website tags to be managed through an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn collect data if necessary. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager.

7. Google Hosted Libraries

This website uses Google Hosted Libraries for the dynamic display of website content. To do this, your browser loads the required JavaScript library into the browser cache when you call up the website. If your browser does not support this function, an alternative method for building the website will be used. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision of the hosted libraries. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google.

8. Google Customer Reviews

This website uses Google customer reviews to show the number and quality of reviews and to collect feedback from users who have made purchases on our website. To do this, your browser loads a JavaScript library into the browser cache when you call up the website. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google.

VIII. Social Media Plugins

We use social media plugins from social networks on our website. If a page of our Internet offer is called with such a plugin, your browser establishes a direct connection with the server of the respective provider, whereby the respective provider gets knowledge of which page of our offer was called and from which IP address. The same applies to the operation of the component, e.g. licking or sharing a content or commenting on a post. The above is independent of whether you click or use the component in question.

If you are simultaneously logged in to the social network of the respective provider, the respective provider can assign the visit to the page of our Internet offer directly to your user account there. If you click on the button of the respective plugin, corresponding information will be transmitted to the respective provider and published there as a contribution in the profile of your social network. If you do not want the provider to be able to assign the data collected on our Internet offer to your respective user account with the provider, you must first log out of the corresponding social network. The purpose of the plugins is to make our website better known and to share content from our website in social networks. We have a legitimate interest in making our website more widely known. The legal basis for the use of the following Social Media Plugins are our legitimate interests according to Art. 6 Para. 1 lit. f DSGVO.

1. Google+ button

Our website uses the Google+ plugin. Provider is Google Ireland Limited (Registernummer: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google"). The plugin is recognizable by the Google+ logo. In this context, your IP address is recorded, which of our Internet pages you have visited, and, if applicable, other data that Google may collect in connection with the connection. With a signed in Google Account, it's also possible for Google to associate your web page visit with your Google Account. The personal data collected is stored on servers in the USA. Google has joined the EU/U.S. PrivacyShield and thus meets the requirements of the European Union to legitimise the transfer of personal data to the USA. Information about the EU/U.S. PrivacyShield guarantees can be found at: www.privacyshield.gov/participant. For more information on how Google handles your personal data, please see Google's privacy policy: www.google.com/intl/de/policies/privacy/.

2. Facebook plugins

We use Facebook social network functionalities on our website. Facebook enables social network participants to communicate and interact to share opinions and experiences or publish information. The platform is provided by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is responsible for the processing of personal data of persons in the EU.

Facebook has joined the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimizing the transfer of personal data to the USA. Information on Facebook's voluntary commitment can be found at www.privacyshield.gov/participant.

Information about Facebook's collection, processing and use of personal data can be found in the data policy available at www.facebook.com/about/privacy/update It also describes settings to protect your privacy and methods to prevent the transmission of data to Facebook. An overview of the available Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=en_EN.

3. Twitter Tweet button

Our website uses the Twitter plugin. The provider is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA or Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. The plugin is recognizable by the Twitter logo. In this context, your IP address, which of our Internet pages you have visited and, if applicable, other data that Twitter may collect in connection with the connection are recorded. With a registered Twitter account, Twitter is also able to associate your visit to the website with your Twitter account. The personal data collected is stored on servers in the USA. Twitter has joined the EU/U.S. PrivacyShield and thus meets the requirements of the European Union to legitimise the transfer of personal data to the USA. Information about the EU/U.S. PrivacyShield guarantees can be found at: www.privacyshield.gov/participant. For more information on what settings in your Twitter account you can use to protect your privacy, please visit twitter.com/account/settings. For more information on how Twitter handles your personal data, please refer to Twitter's privacy policy twitter.com/privacy.

IX. Valuation Platforms

1. Trusted Shops

Our website uses the Trusted Shops Trustbadge. The provider is Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne (hereinafter "Trusted Shops"). With the Trustbadge the seal of approval of Trusted Shops and evaluations is faded in by us. When the trust badge is called, personal data such as the IP address, the date and time of the call, the amount of data transferred and the requesting provider are automatically processed and the call is documented. These access data are not evaluated and are automatically deleted at the latest 7 days after the end of your visit to the site. The legal basis for the use of the Trustbadge of Trusted Shops is our legitimate interest in an optimal marketing of our offer according to art. 6 par. 1 lit. f DSGVO.

Further personal data will only be transferred to Trusted Shops if you have consented to this, decide to use Trusted Shops products after completing an order or have already registered for use. In this case the contractual agreement between you and Trusted Shops applies.

Further information on how Trusted Shops handles your personal data can be found in the privacy policy of Trusted Shops: www.trustedshops.de/impressum/.

X. Media contents

We use in the context of our Internet offer partly foreign contents, which are loaded directly from servers of the offerers named in detail in the following. The purpose of integrating this content is to make our website more attractive. The purpose of making our website more attractive is also our legitimate interest in the use of such third-party content. The legal basis for the use of the following Social Media Plugins are our legitimate interests according to Art. 6 Para. 1 lit. f DSGVO.

1 YouTube

Our website uses media content from the YouTube platform. Provider is Google Ireland Limited (Registernummer: 368047), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google").

The purpose is to display the contents of the YouTube platform on our website. This service collects your IP address and any other data required by Google for YouTube. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google.

Google has acceded to the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimising the transfer of personal data to the USA. Information on Google's commitment can be found at www.privacyshield.gov/participant.

For more information on how Google handles your personal data, please see Google's privacy policy: www.google.com/intl/de/policies/privacy/.

2. Bootstrap Fonts

This website uses external fonts from Bootstrap to display fonts. Provider is StackPath, LLC, 2021 McKinney Avenue, Suite 1100

Dallas, Texas 75201, USA (hereinafter "StackPath"). To do this, your browser loads the required fonts into the browser cache when you visit the website. If your browser does not support this function, your computer will use a standard font to display the website. This service collects your IP address, which of our web pages you have visited and, if necessary, other data required to provide the fonts. The information generated about your use of this website is stored on a server in the USA. StackPath has joined the EU/U.S. PrivacyShield and thus meets the requirements of the European Union to legitimize the transfer of personal data to the USA. Information about the EU/U.S. PrivacyShield guarantees can be found at: www.privacyshield.gov/participant.

For more information on how StackPath handles your personal information, please see our Privacy Policy at: www.bootstrapcdn.com/privacy-policy/.