Data protection
privacy policy
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data has no consequences. This only applies if no other information is provided in the subsequent processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
contact
responsible person
Please contact us if you wish. The person responsible for data processing is: Malehlohonolo Romdhani, Methfesselstraße 2, 38106 Braunschweig Germany, 01623274904, info@zamatacosmetics.com
customer's initiative contact via email
If you initiate business contact with us by email, we will only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves to process and answer your contact request.
If the contact is for the implementation of pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves the purpose of establishing contact.
If the contact is for the implementation of pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
WhatsApp Business
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored with WhatsApp, your name if provided, and other data to the extent provided by you. We use a mobile device for the service, in whose address book only data from users who have contacted us via WhatsApp is stored. Personal data will therefore not be passed on to WhatsApp without you having already consented to this.
Your data is transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in providing a quick and easy way to contact us and in answering your query. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found athttps://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .
customer account orders
customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your customer account will then be deleted.
Reviews Advertising
Data collection when writing a comment or review
When you comment on/rate an article or post, we only collect your personal data (name, email address, comment text) to the extent you provide it. The processing serves the purpose of enabling a comment/rate and displaying comments/rates.
For the purpose of verifying your rating/comment, we also collect the following data: order number, , , .
By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your personal data will then be deleted.
When your comment/review is published, only the name you provide will be published.
In addition, when you submit a comment/review, your IP address is saved for the purpose of preventing misuse of the comment or review function and ensuring the security of our information technology systems. By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your IP address will then be deleted.
We use your email address, regardless of the contract processing, exclusively for our own advertising purposes to send newsletters, provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.
Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) to send the newsletter as part of order processing.
We pass on the information you provide when registering for the newsletter (email address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as IP address, browser type and device, and the time. Usage profiles can be created from this data under a pseudonym. The data collected is not used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transferred to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in a targeted, promotionally effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement .
inventory management
use of an external inventory management system
We use a merchandise management system to process the contract as part of order processing. For this purpose, your personal data collected as part of the order will be sent to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal .
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 (1) (b) GDPR.
payment service providers
Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the PayPal Express payment service.
To integrate this payment service, PayPal must collect, save and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you visit the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Using PayPal Check-Out
We use the PayPal Check-Out payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Cookies may be stored here that enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 Paragraph 1 Letter f of GDPR due to our overriding legitimate interest in offering a customer-oriented range of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. To do this, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if PayPal makes advance payments.
You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time by notifying PayPal for reasons arising from your particular situation. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have selected.
third-party providers
When paying using a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Local third-party providers can be, for example:
purchase on account via PayPal
When paying using the purchase on account payment method, the data required for payment processing is first sent to PayPal. To carry out this payment method, the data is then sent by PayPal to Ratepay GmbH (Franklinstrasse 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Ratepay may carry out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies in accordance with the process already described above. The data processing serves the purpose of credit checks for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default if Ratepay makes advance payments. Further information on data protection and which credit agencies use Ratpay can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/ .
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .
cookies
Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is visited again.
We use the consent management tool GDPR Legal Cookie from beeclever GmbH (Universitätsstraße 3, 56070 Koblenz a. Rh.; "beeclever") on our website. The tool enables you to give your consent to data processing via the website, in particular the setting of cookies, as well as to exercise your right to withdraw consent you have already given.
The purpose of data processing is to obtain and document the necessary consent for data processing and thus to comply with legal obligations. Cookies can be used for this purpose. The following information, among others, can be collected and sent to beeclever: anonymized IP address, date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 (1) (c) GDPR.
Further information on terms of use and data protection at beeclever can be found at: https://gdpr-legal-cookie.com/pages/terms-conditions and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.
Analysis Advertising Tracking Communication
Use of Google Analytics 4
We use the web analysis service Google Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities and to provide the website operator with other services related to website activity and internet usage.
The following information may be collected, among others: IP address, date and time of the page visit, click path, information about the browser you use and the device you use, pages visited, referrer URL (website you used to access our website), location data, purchasing activities. Google may link your data with other data, such as your search history, your personal accounts, your usage data from other devices and any other data Google has about you.
Your IP address will be shortened by us on our own servers beforehand. Google therefore only receives pseudonymized data.
Google uses technologies such as cookies, web storage in the browser and tracking pixels, which enable an analysis of your use of the website. The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR.
Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
The information generated in this way about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. Both Google and US government authorities have access to your data.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .
Use of Hotjar
We use the analysis tool of Hotjar Ltd. (Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julians STJ1000, Malta; “Hotjar”) on our website.
The data processing serves the purpose of needs-based design, optimization and analysis of our website.
The tool records the movements of visitors on the website at random. This creates a log of mouse movements, scrolling behavior, time spent and clicks on the website (so-called heat map).
For this purpose, Hotjar uses cookies, among other things. The following information may be collected: IP address (in anonymized form), information about the device you are using (screen size, device, unique device identifier), information about the browser you are using, location data (country only), preferred language for displaying the website, operating system used. Detailed information about the cookies used, their function and the storage period can be found here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies .
User profiles are created from this data under a pseudonym. The data is not used to personally identify the visitor to the website and is not merged with personal data of the bearer of the pseudonym. Hotjar is contractually prohibited from selling the collected data to other third parties.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Hotjar is not certified according to the TADPF. The data transfer takes place on the basis of appropriate protective measures, among other things. Hotjar will provide you with further information on the measures taken on request.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection when using Hotjar can be found here: https://www.hotjar.com/legal/policies/privacy#enduserenglish .
Using Shopify Statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and made available in reports, analyses and statistics. The following device information is collected and processed, among others: information about the web browser, IP address, time zone and some of the cookies installed on your device. When you navigate the website, information about the websites or products accessed, the referrer URL (website through which you accessed our website) and information about how you interact with the website is also collected. Technologies such as cookies as well as web beacons, tags and pixels (electronic files for collecting information about how you navigate the website) are used for this.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz , information about the order processing agreement at https://www.shopify.com/de/legal/dpa and information about the cookies used at https://www.shopify.com/de/legal/cookies .
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The data processing serves the purpose of renting advertising space on the website and using it to target website visitors with interest-based advertising. This function enables visitors to the provider's website to be shown personalized, interest-based advertising from the Google Display Network. Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. Google may transfer this information to third parties if this is required by law or if third parties process this data on Google's behalf. Under no circumstances will Google associate your IP address with any other data held by Google.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information and Google’s privacy policy can be found at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/
We use the Pinterest Tag of Pinterest Europe Limited (Palmerston House, 2nd, Fenian Street, Floor, Dublin 2, Ireland "Pinterest") on our website.
The purpose of the application is to target website visitors with interest-based advertising on the Pinterest social network. For this purpose, the Pinterest conversion tag has been implemented on the website. This tag establishes a direct connection to the Pinterest servers when you visit the website. This transmits to the Pinterest server which of our pages you have visited. Pinterest assigns this information to your personal Pinterest user account if you are logged into the social network. When you visit Pinterest, you will then be shown personalized, interest-based Pinterest ads.
If you access our website via a pin on the Pinterest social network, a cookie for conversion tracking is stored on your computer. These cookies are valid for a limited time, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, Pinterest and we can recognize that you clicked on the pin and were redirected to this page. The information collected using the conversion cookie is used to create conversion statistics and thus optimize our website. The following information may be processed, among others: total number of users who clicked on one of our pins and were redirected to our website, subpages visited on our website (e.g. category or product pages), search queries on our website, your shopping cart contents, completed transactions.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified according to the TADPF. The data transfer takes place on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about how Pinterest collects and uses data, as well as your rights and options for protecting your privacy, please see Pinterest's privacy policy at https://policy.pinterest.com/de/privacy-policy .
Use of TikTok Pixel
We use the TikTok pixel from TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”) on our website. Both companies are jointly responsible for data processing (hereinafter “TikTok”).
The data processing serves the purpose of identifying and analyzing our customers' website accesses, as well as to better address customers by placing targeted advertisements and evaluating the effectiveness of advertisements on TikTok. To do this, TikTok uses technologies such as cookies and pixels that enable your browser to be recognized. The following information, among others, can be collected and transmitted to TikTok: date and time of the visit, information about the browser and device type you use, screen resolution, IP address. TikTok can assign this information to your personal TikTok user account. Usage profiles can be created from the data collected in this way using pseudonyms. However, this does not allow users to be personally identified.
Your data may be transferred to third countries, such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified according to the TADPF. Data transfer to the USA and to third countries without an adequacy decision is based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection can be found at https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller .
Plug-ins and Others
We use the invisible reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves the purpose of distinguishing between input by a human and automated, machine processing. In the background, Google collects and analyzes usage data that is used by Invisible reCaptcha to distinguish regular users from bots. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
This data is processed by Google within the European Union and may also be transferred to Google LLC servers in the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information about Google reC APTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”) on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
The function displays videos stored on YouTube in an iFrame on the website. The "Extended data protection mode" option is activated. This means that YouTube does not store any information about visitors to the website. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy, please see YouTube's privacy policy at https://www.youtube.com/t/privacy .
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of uniform display of fonts on our website. In order to load the fonts, a connection is established to Google servers when the page is accessed. Cookies may be used for this purpose. Your IP address and information about the browser you use are processed and sent to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq .
Rights of data subjects and storage period
duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law retention periods, and then deleted after the deadline has expired, unless you have consented to further processing and use.
rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
Furthermore, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR and to processing for direct marketing purposes.
right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
State Commissioner for Data Protection Lower Saxony
Prinzenstraße 5
30159 Hannover
Tel.: +49 511 1204500
Fax: +49 511 1204599
Email: poststelle@lfd.niedersachsen.de
right of objection
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
Once you have objected, the processing of the data in question will be stopped unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
last updated: November 29, 2023
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data has no consequences. This only applies if no other information is provided in the subsequent processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
server log files
You can visit our websites without providing any personal information.
Every time you access our website, usage data is transmitted to us or our web host/IT service provider through your Internet browser and stored in protocol data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offering.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.The processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offering.
contact
responsible person
Please contact us if you wish. The person responsible for data processing is: Malehlohonolo Romdhani, Methfesselstraße 2, 38106 Braunschweig Germany, 01623274904, info@zamatacosmetics.com
customer's initiative contact via email
If you initiate business contact with us by email, we will only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves to process and answer your contact request.
If the contact is for the implementation of pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves the purpose of establishing contact.
If the contact is for the implementation of pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
WhatsApp Business
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored with WhatsApp, your name if provided, and other data to the extent provided by you. We use a mobile device for the service, in whose address book only data from users who have contacted us via WhatsApp is stored. Personal data will therefore not be passed on to WhatsApp without you having already consented to this.
Your data is transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in providing a quick and easy way to contact us and in answering your query. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found athttps://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .
customer account orders
customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your customer account will then be deleted.
Collection, processing and transfer of personal data when placing orders
When you place an order, we only collect and process your personal data to the extent that this is necessary to fulfil and process your order and to process your enquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide the data means that no contract can be concluded. The processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR and is necessary for the fulfilment of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have chosen, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly adhere to the legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.Reviews Advertising
Data collection when writing a comment or review
When you comment on/rate an article or post, we only collect your personal data (name, email address, comment text) to the extent you provide it. The processing serves the purpose of enabling a comment/rate and displaying comments/rates.
For the purpose of verifying your rating/comment, we also collect the following data: order number, , , .
By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your personal data will then be deleted.
When your comment/review is published, only the name you provide will be published.
In addition, when you submit a comment/review, your IP address is saved for the purpose of preventing misuse of the comment or review function and ensuring the security of our information technology systems. By submitting the comment/review, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your IP address will then be deleted.
Shopauskunft customer review
We use the evaluation tool “shopauskunft.de” from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; “Shopauskunft”) for our website.
After you have placed your order, we would like to ask you to rate and comment on your purchase from us. For this purpose, we will contact you by email, using the technical system "Legally Secure Rating Request (RBA)". We will process the data relating to your order (order number/invoice number, purchase value and shipping costs) as well as your email address. If necessary, we will also use this data for the purpose of verifying your rating.
We use the evaluation tool “shopauskunft.de” from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; “Shopauskunft”) for our website.
After you have placed your order, we would like to ask you to rate and comment on your purchase from us. For this purpose, we will contact you by email, using the technical system "Legally Secure Rating Request (RBA)". We will process the data relating to your order (order number/invoice number, purchase value and shipping costs) as well as your email address. If necessary, we will also use this data for the purpose of verifying your rating.
The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent, provided that you have expressly agreed to the transfer of your data and to receiving the request for evaluation.
You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz .
You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz .
review reminder
After your order, we would like to ask you to rate your purchase with us.
For this purpose, we use your personal data (name, email address, order information) independently of the contract processing to send you a review reminder by email after you have placed an order, provided that you have expressly consented to this.
The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Use of the email address for sending newslettersAfter your order, we would like to ask you to rate your purchase with us.
For this purpose, we use your personal data (name, email address, order information) independently of the contract processing to send you a review reminder by email after you have placed an order, provided that you have expressly consented to this.
The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation.
We use your email address, regardless of the contract processing, exclusively for our own advertising purposes to send newsletters, provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.
Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) to send the newsletter as part of order processing.
We pass on the information you provide when registering for the newsletter (email address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as IP address, browser type and device, and the time. Usage profiles can be created from this data under a pseudonym. The data collected is not used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transferred to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in a targeted, promotionally effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement .
inventory management
use of an external inventory management system
We use a merchandise management system to process the contract as part of order processing. For this purpose, your personal data collected as part of the order will be sent to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal .
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 (1) (b) GDPR.
payment service providers
Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the PayPal Express payment service.
To integrate this payment service, PayPal must collect, save and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you visit the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Using PayPal Check-Out
We use the PayPal Check-Out payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Cookies may be stored here that enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 Paragraph 1 Letter f of GDPR due to our overriding legitimate interest in offering a customer-oriented range of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. To do this, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if PayPal makes advance payments.
You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time by notifying PayPal for reasons arising from your particular situation. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have selected.
third-party providers
When paying using a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Local third-party providers can be, for example:
- Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
- giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)
purchase on account via PayPal
When paying using the purchase on account payment method, the data required for payment processing is first sent to PayPal. To carry out this payment method, the data is then sent by PayPal to Ratepay GmbH (Franklinstrasse 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Ratepay may carry out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies in accordance with the process already described above. The data processing serves the purpose of credit checks for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default if Ratepay makes advance payments. Further information on data protection and which credit agencies use Ratpay can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/ .
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .
Use of the payment service provider Stripe
We use the payment service Stripe from Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using Stripe, the data required for payment processing will be transmitted to Stripe in order to be able to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Stripe reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. To do so, Stripe transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests will be taken into account in accordance with the statutory provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Stripe makes advance payments.
You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time by notifying Stripe, for reasons arising from your particular situation. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have chosen.
All Stripe transactions are subject to the Stripe Privacy Policy, which can be found at https://stripe.com/de/privacy
cookies
Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is visited again.
Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the cookies from being stored and the data they contain from being transmitted. Cookies that have already been stored can be deleted at any time. However, we would like to point out that you may then not be able to use all of the functions of this website to their full extent.
The links below will provide you with information on how to manage (including deactivate) cookies in the most important browsers:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne
Technically necessary cookies
Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies for the purpose of making our service more user-friendly, effective and secure. Cookies also enable our systems to recognize your browser even after you change pages and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after you change pages.
The use of cookies or comparable technologies is based on Section 25 Paragraph 2 TDDDG. The processing of your personal data is based on Art. 6 Paragraph 1 Letter f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offering.
You have the right to object to the processing of personal data concerning you at any time for reasons related to your particular situation.
Use of GDPR Legal CookieWe use the consent management tool GDPR Legal Cookie from beeclever GmbH (Universitätsstraße 3, 56070 Koblenz a. Rh.; "beeclever") on our website. The tool enables you to give your consent to data processing via the website, in particular the setting of cookies, as well as to exercise your right to withdraw consent you have already given.
The purpose of data processing is to obtain and document the necessary consent for data processing and thus to comply with legal obligations. Cookies can be used for this purpose. The following information, among others, can be collected and sent to beeclever: anonymized IP address, date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 (1) (c) GDPR.
Further information on terms of use and data protection at beeclever can be found at: https://gdpr-legal-cookie.com/pages/terms-conditions and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.
Analysis Advertising Tracking Communication
Use of Google Analytics 4
We use the web analysis service Google Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities and to provide the website operator with other services related to website activity and internet usage.
The following information may be collected, among others: IP address, date and time of the page visit, click path, information about the browser you use and the device you use, pages visited, referrer URL (website you used to access our website), location data, purchasing activities. Google may link your data with other data, such as your search history, your personal accounts, your usage data from other devices and any other data Google has about you.
Your IP address will be shortened by us on our own servers beforehand. Google therefore only receives pseudonymized data.
Google uses technologies such as cookies, web storage in the browser and tracking pixels, which enable an analysis of your use of the website. The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR.
Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
The information generated in this way about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. Both Google and US government authorities have access to your data.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .
Use of Hotjar
We use the analysis tool of Hotjar Ltd. (Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julians STJ1000, Malta; “Hotjar”) on our website.
The data processing serves the purpose of needs-based design, optimization and analysis of our website.
The tool records the movements of visitors on the website at random. This creates a log of mouse movements, scrolling behavior, time spent and clicks on the website (so-called heat map).
For this purpose, Hotjar uses cookies, among other things. The following information may be collected: IP address (in anonymized form), information about the device you are using (screen size, device, unique device identifier), information about the browser you are using, location data (country only), preferred language for displaying the website, operating system used. Detailed information about the cookies used, their function and the storage period can be found here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies .
User profiles are created from this data under a pseudonym. The data is not used to personally identify the visitor to the website and is not merged with personal data of the bearer of the pseudonym. Hotjar is contractually prohibited from selling the collected data to other third parties.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Hotjar is not certified according to the TADPF. The data transfer takes place on the basis of appropriate protective measures, among other things. Hotjar will provide you with further information on the measures taken on request.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection when using Hotjar can be found here: https://www.hotjar.com/legal/policies/privacy#enduserenglish .
Using Shopify Statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and made available in reports, analyses and statistics. The following device information is collected and processed, among others: information about the web browser, IP address, time zone and some of the cookies installed on your device. When you navigate the website, information about the websites or products accessed, the referrer URL (website through which you accessed our website) and information about how you interact with the website is also collected. Technologies such as cookies as well as web beacons, tags and pixels (electronic files for collecting information about how you navigate the website) are used for this.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz , information about the order processing agreement at https://www.shopify.com/de/legal/dpa and information about the cookies used at https://www.shopify.com/de/legal/cookies .
Using the Meta Pixel
We use the meta pixel of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are jointly responsible for the collection of your data when the service is integrated and the transmission of this data to Meta. The basis for this is an agreement between us and Meta on the joint processing of personal data, in which the respective responsibilities are defined. The agreement can be accessed at https://de-de.facebook.com/legal/terms/businesstools . According to this, we are particularly responsible for fulfilling the information obligations in accordance with Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations under Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the agreement on joint processing. Meta is responsible for enabling the rights of data subjects in accordance with Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects Meta's obligations under the joint processing agreement.
The purpose of the application is to target website visitors with interest-based advertising on the social networks Facebook and Instagram. For this purpose, the Meta remarketing tag has been implemented on the website. This tag establishes a direct connection to the Meta servers when you visit the website. This transmits to the Meta server which of our pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalized, interest-based ads.
The application also serves the purpose of creating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag, as well as what actions were taken after being redirected to this website. However, we do not receive any information that can be used to personally identify users.
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
You can deactivate the "Custom Audiences" remarketing function here. For more information about how Meta collects and uses data, your rights in this regard, and options for protecting your privacy, please see Meta's privacy policy at https://www.facebook.com/about/privacy/ .
You can deactivate the "Custom Audiences" remarketing function here. For more information about how Meta collects and uses data, your rights in this regard, and options for protecting your privacy, please see Meta's privacy policy at https://www.facebook.com/about/privacy/ .
Use of Google Ads Conversion Tracking
We use the online advertising program “Google Ads” on our website and, as part of this, conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. This means that there is no way that cookies can be tracked across Ads customers' websites.
The information collected using the conversion cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.
Your data may be transferred to the servers of Google LLC in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
We use the online advertising program “Google Ads” on our website and, as part of this, conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. This means that there is no way that cookies can be tracked across Ads customers' websites.
The information collected using the conversion cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.
Your data may be transferred to the servers of Google LLC in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information and Google’s privacy policy can be found at: https://www.google.de/policies/privacy/
Use of Google AdSenseFurther information and Google’s privacy policy can be found at: https://www.google.de/policies/privacy/
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The data processing serves the purpose of renting advertising space on the website and using it to target website visitors with interest-based advertising. This function enables visitors to the provider's website to be shown personalized, interest-based advertising from the Google Display Network. Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. Google may transfer this information to third parties if this is required by law or if third parties process this data on Google's behalf. Under no circumstances will Google associate your IP address with any other data held by Google.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information and Google’s privacy policy can be found at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/
Use of the remarketing or "similar audiences" function of Google Inc.
We use the remarketing or "similar audiences" function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The application serves the purpose of analyzing visitor behavior and interests. Google uses cookies to analyze website usage, which forms the basis for creating interest-based advertisements. The cookies record visits to the website and anonymized data about website usage. No personal data of website visitors is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously viewed product and information areas.
Your data may be transferred to Google LLC servers in the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information about Google Remarketing and the associated privacy policy can be found at: https://www.google.com/privacy/ads/
Using the Pinterest TagWe use the remarketing or "similar audiences" function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The application serves the purpose of analyzing visitor behavior and interests. Google uses cookies to analyze website usage, which forms the basis for creating interest-based advertisements. The cookies record visits to the website and anonymized data about website usage. No personal data of website visitors is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously viewed product and information areas.
Your data may be transferred to Google LLC servers in the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information about Google Remarketing and the associated privacy policy can be found at: https://www.google.com/privacy/ads/
We use the Pinterest Tag of Pinterest Europe Limited (Palmerston House, 2nd, Fenian Street, Floor, Dublin 2, Ireland "Pinterest") on our website.
The purpose of the application is to target website visitors with interest-based advertising on the Pinterest social network. For this purpose, the Pinterest conversion tag has been implemented on the website. This tag establishes a direct connection to the Pinterest servers when you visit the website. This transmits to the Pinterest server which of our pages you have visited. Pinterest assigns this information to your personal Pinterest user account if you are logged into the social network. When you visit Pinterest, you will then be shown personalized, interest-based Pinterest ads.
If you access our website via a pin on the Pinterest social network, a cookie for conversion tracking is stored on your computer. These cookies are valid for a limited time, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, Pinterest and we can recognize that you clicked on the pin and were redirected to this page. The information collected using the conversion cookie is used to create conversion statistics and thus optimize our website. The following information may be processed, among others: total number of users who clicked on one of our pins and were redirected to our website, subpages visited on our website (e.g. category or product pages), search queries on our website, your shopping cart contents, completed transactions.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified according to the TADPF. The data transfer takes place on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about how Pinterest collects and uses data, as well as your rights and options for protecting your privacy, please see Pinterest's privacy policy at https://policy.pinterest.com/de/privacy-policy .
We use the TikTok pixel from TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”) on our website. Both companies are jointly responsible for data processing (hereinafter “TikTok”).
The data processing serves the purpose of identifying and analyzing our customers' website accesses, as well as to better address customers by placing targeted advertisements and evaluating the effectiveness of advertisements on TikTok. To do this, TikTok uses technologies such as cookies and pixels that enable your browser to be recognized. The following information, among others, can be collected and transmitted to TikTok: date and time of the visit, information about the browser and device type you use, screen resolution, IP address. TikTok can assign this information to your personal TikTok user account. Usage profiles can be created from the data collected in this way using pseudonyms. However, this does not allow users to be personally identified.
Your data may be transferred to third countries, such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified according to the TADPF. Data transfer to the USA and to third countries without an adequacy decision is based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection can be found at https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller .
Using Shopify Inbox
We use the live chat system Shopify Inbox from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of direct and efficient communication between you and us as the provider. Data is stored and processed for the operation of the system and for the purposes of optimizing the service.
To operate the live chat system, cookies can be used to enable the browser to be recognized. The following information can be collected and processed: IP address and personal data provided by you when using the chat system.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz and https://www.shopify.com/de/legal/dpa .
We use the live chat system Shopify Inbox from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of direct and efficient communication between you and us as the provider. Data is stored and processed for the operation of the system and for the purposes of optimizing the service.
To operate the live chat system, cookies can be used to enable the browser to be recognized. The following information can be collected and processed: IP address and personal data provided by you when using the chat system.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz and https://www.shopify.com/de/legal/dpa .
Plug-ins and Others
Using Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of needs-based design and optimization of our website.
The Google Tag Manager itself does not store cookies, nor does it process personal data. However, it does enable the triggering of additional tags that can collect and process personal data.
Further information on terms of use and data protection can be found here .
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of needs-based design and optimization of our website.
The Google Tag Manager itself does not store cookies, nor does it process personal data. However, it does enable the triggering of additional tags that can collect and process personal data.
Further information on terms of use and data protection can be found here .
Use of Google reCAPTCHA
We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The query serves the purpose of distinguishing between input by a human and automated, machine processing. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and may also be transmitted to Google LLC servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information about Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy .
Use of Google invisible reCAPTCHAWe use the invisible reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves the purpose of distinguishing between input by a human and automated, machine processing. In the background, Google collects and analyzes usage data that is used by Invisible reCaptcha to distinguish regular users from bots. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
This data is processed by Google within the European Union and may also be transferred to Google LLC servers in the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information about Google reC APTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Using Cloudfront
We use the content delivery network Cloudfront CDN of Amazon Web Services EMEA SARL (38 avenue John F. Kennedy, L-1855, Luxembourg; “Cloudfront”) on our website.
This is a nationwide network of servers in various data centers to which our web server connects and through which certain content from our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly. The following information may be collected, among others: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudfront has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in designing the website in a needs-based and targeted manner. You have the right to object to the processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time for reasons arising from your particular situation.
For more information about data protection when using Cloudfront, see https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html and https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf .
use of YouTubeThis is a nationwide network of servers in various data centers to which our web server connects and through which certain content from our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly. The following information may be collected, among others: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudfront has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in designing the website in a needs-based and targeted manner. You have the right to object to the processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time for reasons arising from your particular situation.
For more information about data protection when using Cloudfront, see https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html and https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf .
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”) on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
The function displays videos stored on YouTube in an iFrame on the website. The "Extended data protection mode" option is activated. This means that YouTube does not store any information about visitors to the website. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy, please see YouTube's privacy policy at https://www.youtube.com/t/privacy .
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of uniform display of fonts on our website. In order to load the fonts, a connection is established to Google servers when the page is accessed. Cookies may be used for this purpose. Your IP address and information about the browser you use are processed and sent to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TDDDG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq .
Rights of data subjects and storage period
duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law retention periods, and then deleted after the deadline has expired, unless you have consented to further processing and use.
rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
Furthermore, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR and to processing for direct marketing purposes.
right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
State Commissioner for Data Protection Lower Saxony
Prinzenstraße 5
30159 Hannover
Tel.: +49 511 1204500
Fax: +49 511 1204599
Email: poststelle@lfd.niedersachsen.de
right of objection
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
Once you have objected, the processing of the data in question will be stopped unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
last updated: November 29, 2023
