Data protection
We are very happy about your interest in our company. Data protection has a particularly high priority for the management of Katnook. Use of the Katnook website is generally possible without providing any personal data. If a data subject wants to use special services from our company via our website, processing of personal data could be necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain a consent of the data subject.
The processing of personal data, for example the name, address, email address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to Katnook. Using this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, those affected are informed by this data protection declaration about the rights entitled to them.
As the controller, the Katnook has implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, internet -based data transfers can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us in alternatives, for example by phone.
1. Definitions
The data protection declaration of the Katnook is based on the terminology used by the European directive and regulation giver when issuing the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
In this data protection declaration we use the following terms:
- a) Personal data is all information that relates to an identified or identifiable natural person (hereinafter "data subject"). A natural person is regarded as identifiable, which is directly or indirectly, in particular by assigning to an identifier such as a name, to an identification number, location data, for an online detection or one or more special features, the expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person can be identified.
- b) A data subject affected is every identified or identifiable natural person whose personal data is processed by the person responsible for the processing.
- c) Processing is every process carried out with or without the help of automated procedures or any such series of transaction in connection with personal data such as collecting, collecting, organizing, ordering, storing, adapting or changing, reading, querning, The use, disclosure by transmission, distribution or another form of provision, comparison or link, restriction, deletion or destruction.
- d) Restriction of processing restriction of processing is the marking of stored personal data with the aim of restricting your future processing.
- e) Profiling profiling is every type of automated processing of personal data that is used in the fact that this personal data is used to evaluate certain personal aspects that relate to a natural person, in particular to aspects regarding work performance, economic situation, Health, personal preferences, interests, reliability, behavior, place of residence or change of location of this natural person to analyze or predict.
- f) Pseudonymization Pseudonymization is the processing of personal data in a way in which the personal data can no longer be assigned to a specific data without the involvement of additional information, provided that the additional information is kept separately and are subject to technical and organizational measures that ensure that ensure that the personal data is not assigned to an identified or identifiable natural person.
- g) The responsible person or responsible for the processing or the controller is the natural or legal person, authority, institution or other body that decides alone or together with others about the purposes and means of processing personal data. If the purposes and funds of this processing are specified by the Union law or the right of the Member States, the responsible or person can be provided for the certain criteria of his naming under Union law or the law of the Member States.
- h) Order processor is processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the person responsible.
- i) Recipient recipient is a natural or legal person, authority, institution or other body that is disclosed personal data, regardless of whether it is a third party or not. However, authorities that may receive personal data in the context of a certain investigation mandate according to the Union law or the law of the Member States are not considered a recipient.
- J) Third third party is a natural or legal person, authority, institution or other body in addition to the person concerned, the person responsible, the processor and the persons who are authorized to process the personal data under the direct responsibility of the person responsible or the processor.
- K) Consent to consent, every person who has been given in an informed manner and unequivocally by the data subject in the form of an explanation or other clear confirmation, with which the data subject indicate that they are understood to understand that they are processed with the processing of them Personal data agrees.
2. Name and address of the person responsible for processing
Responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable to the Member States of the European Union and other provisions with data protection law is:
Katnook
Winkelgasse 2
37308 Heilbad Heiligenstadt
Germany
Tel.: DFGDFG
Email: blog @ katnook.de
Website: katnook.de
3. Cookies
The Katnook website uses cookies. Cookies are text files that are stored and saved on a computer system via an internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a clear identification of the cookies. It consists of a string of which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A certain internet browser can be recognized and identified via the clear cookie ID.
By using cookies, Katnook can provide users of this website with more user-friendly services that would not be possible without the cookie setting.
Using cookies, the information and offers on our website can be optimized in the interests of the user. As already mentioned, cookies enable us to recognize the users of our website. The purpose of this recognition is to facilitate the use of our website. For example, the user of a website that uses cookies does not have to enter its access data again every time you visit the website, because this is taken over by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping cart in the online shop. The online shop remembers the articles that a customer put in the virtual shopping cart over a cookie.
The person concerned can prevent the setting of cookies at any time by means of a corresponding setting of the internet browser used and thus permanently contradict the setting of cookies. Furthermore, cookies already set can be deleted via an internet browser or other software programs. This is possible in all common internet browsers. If the person concerned disabled the setting of cookies in the internet browser used, not all functions of our website can be fully usable.
4. Entiring general data and information
The Katnook website collects a number of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the log files of the server. The (1) used browser types and versions, (2) the operating system used by the accessing system, (3) can be recorded by the website, from which an accessing system comes to our website (so -called referrer), (4) The sub -web pages that an accessible system on our website (5) The date and time of access to the website, (6) an Internet protocol address (IP address), (7) of the Internet service provider of the accessing system and (8) other similar data and information that serves the security in the event of attacks on our information technology systems.
When using this general data and information, the Katnook does not draw any conclusions about the person concerned. Rather, this information is needed to correctly deliver the content of our website, (2) to optimize the content of our website as well as the advertising for it, (3) to ensure the permanent functionality of our information technology systems and the technology of our website as well 4) In order to provide law enforcement agencies in the event of a cyber attack, the information necessary for prosecution. This anonymously collected data and information is therefore statistically evaluated by the Katnook and also with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are saved separately by all personal data provided by a data subject.
5. Registration on our website
The data subject has the option of registering on the website of the person responsible for processing, stating personal data. Which personal data is transmitted to those responsible for the processing results from the respective input mask that is used for registration. The personal data entered by the data subject are collected and stored exclusively for internal use in the person responsible for the processing and for their own purposes. The controller can arrange for the processing to one or more order processors, for example a parcel service provider, who also uses the personal data exclusively for an internal use that is attributable to the controller.
By registering on the website of the person responsible for the processing, the IP address assigned by the Internet service provider (ISP) of the data subject, the date and the time of the registration are saved. This data is stored against the background that the abuse of our services can be prevented, and that this data enables the crimes committed if necessary. In this respect, the storage of this data is necessary to secure the controller for the processing. In principle, this data is not passed on to third parties, provided that there is no legal obligation to pass on or the passing on of law enforcement is used.
The registration of the data subject, with a voluntary information on personal data, serves the person responsible for processing to offer the data subject content or services that can only be offered due to the nature of the item. Registered persons are free to change the personal data provided when registering or to have it deleted entirely from the database of the person responsible for the processing.
The person responsible for processing gives every data subject at any time on request which personal data about the data subject is stored. Furthermore, the personal data responsible for the processing corrects or deletes or refer to the person concerned, provided that there are no legal retention obligations. In this context, the entirety of the employees of the person responsible for processing are available to the data subject.
6. Subscription of our newsletter
On the Katnook website, users are given the opportunity to subscribe to our company's newsletter. Which personal data is transmitted to the person responsible for the processing when ordering the newsletter results from the input mask used.
The Katnook informs its customers and business partners at regular intervals by means of a newsletter about the company's offers. The newsletter of our company can only be received by the data subject if (1) the data subject has a valid email address and (2) the person concerned registered for the newsletter shipping. For legal reasons, a confirmation email is sent to the e-mail address entered by a data subject for the first time for the newsletter shipping in the double opt-in procedure. This confirmation email serves to check whether the owner of the email address as a data subject has authorized the reception of the newsletter.
When registering for the newsletter, we also save the IP address of the computer system used by the data IP) assigned by the data subject at the time of registration as well as the date and time of registration. The collection of this data is necessary in order to be able to understand the (possible) misuse of the email address of a data subject at a later date and therefore serves to secure the controller for the processing.
The personal data collected as part of a registration for the newsletter are used exclusively to send our newsletter. Furthermore, subscribers to the newsletter could be informed by email if this is necessary for the operation of the newsletter service or in this regard, as could be the case in the event of changes to the newsletter offer or in changing the technical circumstances. The personal data collected as part of the newsletter service is not passed on to third parties. The subscription of our newsletter can be terminated at any time by the data subject. The consent in the storage of personal data that the data subject gave us for the newsletter shipping can be revoked at any time. For the purpose of revoking the consent, there is a corresponding link in every newsletter. Furthermore, there is also the possibility to register from the newsletter shipping directly on the website of the person responsible for processing or to communicate this in other ways to the person responsible for processing.
7. Newsletter tracking
The Katnook newsletters contain so -called tracking pixels. A tracking pixel is a miniature graphic that is embedded in such emails that are sent in HTML format to enable a log file recording and a log file analysis. This allows statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, the Katnook can recognize whether and when an email was opened by a data subject and which links in the email were called up by the data subject.
Those collected in the newsletters in the newsletters are stored and evaluated by the person responsible for processing in order to optimize the newsletter shipping and to better adapt the content of future newsletters to the interests of the data subject. This personal data will not be passed on to third parties. Affected persons are entitled to revoke the separate declaration of consent, which is given by the double opt-in procedure. After a revocation, this personal data is deleted by the person responsible for processing. A deregistration from receiving the newsletter automatically interprets the Katnook as a revocation.
8. Contact options via the website
Due to legal regulations, the Katnook website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address of the so-called electronic mail (email address). If a data subject contacts the person responsible for the processing by email or using a contact form, the personal data transmitted by the data subject will be automatically stored. Such on a voluntary basis by a data subject to the personal data transmitted for the processing are stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties.
9. Comment function in the blog on the website
The Katnook offers users on a blog that is on the website of the controller responsible for the possibility of leaving individual comments on individual blog posts. A blog is a portal, which is usually visible on a website, in which one or more people, which bloggers or web bloggers are called, can post articles or thoughts in so-called blog posts. The blog posts can usually be commented on by third parties.
If a data subject leaves a comment on the blog published on this website, in addition to the comments left by the data subject, information is also stored and published at the time of the comment in and the user name (pseudonym) selected by the data subject. Furthermore, the IP address awarded by the Internet service provider (ISP) of the data subject is co-protocol. This storage of the IP address takes place for safety reasons and in the event that the data subject violates the rights of third parties by a handed over or illegal content. This personal data is therefore stored in the own interest of the person responsible for the processing, so that this could be exccuked if necessary. This personal data collected is not passed on to third parties, provided that such a transfer is not required by law or serves the legal defense of the person responsible for the processing.
10. Routine deletion and blocking of personal data
The person responsible for the processing processes and stores personal data of the data subject only for the period that is necessary to achieve the storage purpose or provided this by the European directive and regulation giver or another legislator in laws or regulations, which the person responsible for processing is subject to.
If the storage purpose does not apply or if a storage period prescribed by the European directive and regulator or another competent legislator, the personal data is routinely blocked or deleted in accordance with the statutory regulations.
11. Rights of the data subject
- a) Right to confirm every data subject has the right granted by the European directive and regulation giver to request confirmation of whether they are processed in terms of personal data. If a data subject wishes to claim this right of confirmation, they can contact an employee of the controller at any time.
- b) Right to information Each person affected by the processing of personal data has the right granted by the European directive and regulation giver to receive at any time from the free information responsible for the processing about the personal data stored for him and a copy of this information. Furthermore, the European guideline and regulation giver of the data subject has granted information about the following information:
- The processing purposes
- The categories of personal data that are processed
- The recipients or categories of recipients, compared to the personal data have been disclosed or are still being disclosed, in particular for recipients in third countries or in international organizations
- If possible, the planned duration for which the personal data is stored, or, if this is not possible, the criteria for determining this duration
- the existence of a right to correct or delete the personal data relating to it or to restrict the processing by the person responsible or a right to object to this processing
- the existence of a right to complain to a supervisory authority
- If the personal data is not collected by the data subject: all available information about the origin of the data
- The existence of automated decision-making including profiling in accordance with Article 22 (1) and 4 GDPR and-at least in these cases-meaningful information about the logic involved as well as the scope and the desired effects of such a processing for the data subject
- c) Right to correction Every person affected by the processing of personal data has the right granted by the European directive and regulator to request the immediate correction of incorrect personal data. The person concerned also has the right to request the completion of incomplete personal data - also by means of a supplementary declaration - taking into account the purposes of processing. If a data subject wishes to make use of this right of correction, they can contact an employee of the controller at any time.
- d) Right to deletion (right to be forgotten) Each person affected by the processing of personal data has the right granted by the European directive and regulator to request that the personal data relate to them are immediately deleted, provided one of the following Reasons apply and as far as the processing is not necessary:
- The personal data was collected for such purposes or processed in any other way, for which they are no longer necessary.
- The data subject revokes their consent, on which the processing in accordance with Art. 6 Para. 1 letter a GDPR or Art. 9 Para. 2 letter A GDPR, and there is no other legal basis for processing.
- The data subject objects to the processing in accordance with Art. 21 Para. 1 GDPR, and there are no priority legitimate reasons for the processing, or the person concerned submits contradiction against the Processing one.
- The personal data was illegally processed.
- The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States, which the person responsible is subject to.
- The personal data was collected in relation to offered services of the information society in accordance with Art. 8 Para. 1 GDPR.
- e) Right to restrict the processing Every person affected by the processing of personal data has the right granted by the European directive and regulator to request the controller to restrict processing if one of the following requirements is met:
- The data subject contest the correctness of the personal data, for a duration that enables the person responsible to check the correctness of the personal data.
- The processing is illegal, the data subject rejects the deletion of personal data and instead requires the restriction of the use of personal data.
- The person responsible no longer needs the personal data for the purposes of processing, but the person concerned needs them to assert, exercise or defend legal claims.
- The data subject has lodged an objection to the processing in accordance with Art. 21 Para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible predominate against those of the person concerned.
- f) Right to data portability Every person affected by the processing of personal data has the right granted by the European directive and regulation giver to receive the personal data relating to them, which was provided by the data subject to a person responsible, in a structured, common and machine-readable format . It also has the right to transmit this data to another person responsible without disabilities by the person responsible, to whom the personal data was provided, provided that the processing on consent in accordance with Art. 6 Para. 1 letter a GDPR or Art. 9 ABS . 2 letter A GDPR or on a contract in accordance with Art. 6 Para. 1 letter b GDPR and the processing is carried out using automated procedures, provided that the processing is not necessary for the perception of a task that is in the public interest or in the exercise of public violence, which was transferred to the person responsible. Furthermore, the person concerned has the right to obtain the personal data directly to another person when exercising their right to data portability in accordance with Art. 20 Para. 1 GDPR, if this is technically feasible and if This does not affect the rights and freedoms of other people. In order to assert the right to data portability, the data subject can contact an employee of Katnook at any time.
- g) Right to object every person affected by the processing of personal data has the law granted by the European directive and regulation giver, for reasons that result from their special situation, at any time against the processing of personal data relating to them based on Art. 6 Paragraph 1 letter E or F GDPR to object. This also applies to a profiling based on these provisions. In the event of an objection, Katnook will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend Legal claims. If Katnook processes personal data in order to operate direct mail, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling, insofar as such direct advertising is connected. If the data subject objects to Katnook for processing for direct marketing purposes, the Katnook will no longer process the personal data for these purposes. In addition, the person concerned has the right, for reasons that arise from their particular situation, against the processing of personal data relating to them, which at Katnook for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Para. 1 GDPR to be carried out, object, unless such processing is necessary to fulfill a task in the public interest. To exercise the right to object, the data subject can contact any Katnook employee or another employee directly. The person concerned is also free to exercise their right to object using automated procedures in connection with the use of the services of the information society, regardless of the Directive 2002/58/EC, in which technical specifications are used.
- h) Automated decisions in individual cases including profiling Every person affected by the processing of personal data has the right granted by the European directive and regulation giver not to be subject to a decision based on automated processing- including profiling- that has a legal effect based on their opposite or considerably affects them in a similar way if the decision (1) is not necessary for the conclusion or fulfillment of a contract between the data subject and the person responsible, or (2) on the basis of legal provisions of the Union or the Member States, which the person responsible is subject to is permissible and these legal provisions contain appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject or (3) with the express consent of the data subject. If the decision (1) is necessary for the conclusion or fulfillment of a contract between the data subject and the person responsible, or (2) it takes place with the express consent of the data subject, the Katnook takes appropriate measures to take the rights and freedoms and the legitimate interests to maintain the data subject, including at least the right to obtain the intervention of a person on the part of the person responsible, to state their own point of view and to contest the decision. If the data subject wishes to assert rights with regard to automated decisions, they can contact an employee of the controller at any time.
- i) Right to revoke a data protection consent. Each person affected by the processing of personal data has the right granted by the European directive and regulation giver to revoke consent to the processing of personal data at any time. If the person concerned wants to assert their right to revoke consent, they can contact an employee of the controller at any time.
12. Data protection regulations on the use and use of Adobe Analytics (Omnithure) / Adobe Marketing Cloud
The person responsible for processing has integrated components of the Adobe company on this website. Adobe Analytics (Omnithure) or the Adobe Marketing Cloud (hereinafter referred to as "Omnithure") is an instrument that enables more efficient online marketing and web analysis. Omnite is part of the Adobe Marketing Cloud. The Adobe Marketing Cloud enables real -time analyzes of visitor flows on websites. The real-time analyzes include project reports and allow an ad hoc analysis of the website visitors. Customer interactions are shown in such a way that the person responsible for processing gives a better overview of the online activities of the users of this website by displaying the data in simple and interactive dashboards and converting them into reports. This enables those responsible for the processing to receive information in real time and to identify problems that occur faster.
The operating company of these services is the Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland.
Omnithure puts a cookie on the information technology system of the person concerned (cookies have already been explained in advance; the corresponding can be read above). The person responsible for the processing ensures that the tracking data sets transmitted to the data center are anonymized by a server association. Anonymization is implemented by replacing the last part of the IP address. The person responsible for the processing has made the settings on the basis of which the IP address of the data subject are anonymized independently of one another before a processing for geolocalization and range measurement. On behalf of the person responsible for the processing, Adobe will use the data obtained via our website and information to evaluate the user behavior of the data subject. Adobe will also use the data to create reports on user activities on our behalf and to provide other services for our company in connection with the use of our website. The IP address of the data subject is not merged with other personal data by Adobe.
The data subject can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting of the internet browser used and thus permanently contradict the setting of cookies. Such an attitude of the internet browser used would also prevent Omniture from putting a cookie on the data subject's information technology system. In addition, the cookies already set by Omnithure can be deleted at any time via an internet browser or other software programs.
There is also the possibility for the data subject to object to the use of the data generated by the Adobe cookie, related to the use of this website and to prevent them from processing this data by Adobe. To do this, the person concerned must press the Anglde-button under the link http://www.adobe.com/de/privacy/opt-out.html that sets an opt-out cookie. The opt-out cookie, set with the object, is stored on the information technology system used by the data subject. If the cookies on the person concerned are deleted according to an objection, the person concerned must call the link again and set a new opt-out cookie.
With the setting of the opt-out cookies, however, there is the possibility that the website of the person responsible for the processing is no longer fully usable for the data subject.
Adobe's applicable data protection regulations can be accessed at http://www.adobe.com/de/privacy.html.
13. Data protection regulations on the use and use of Facebook
The person responsible for processing has integrated components of the Facebook company on this website. Facebook is a social network.
A social network is a social meeting point operated on the Internet, an online community that generally enables users to communicate with each other and to interact in virtual space. A social network can serve as a platform to exchange opinions and experiences or enable the Internet community to provide personal or company -related information. Facebook enables users of the social network, among other things, to create private profiles, the upload of photos and network via friendship requests.
Facebook operating company is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. For the processing of personal data, if a data subject lives outside the USA or Canada, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
Through each calling one of the individual pages of this website, which is operated by the person responsible for the processing and on which a Facebook component (Facebook plug-in) was integrated, the internet browser on the information technology system of the data subject is automatically -Tomponent causes a representation of the corresponding Facebook component from Facebook. An overall overview of all Facebook plug-ins can be called up at https://developers.facebook.com/docs/plugins/?locale=de_de. As part of this technical procedure, Facebook becomes aware of which specific subpage of our website is visited by the person concerned.
If the person concerned is logged into Facebook at the same time, Facebook recognizes each time our website is accessed by the data subject and throughout the duration of the respective stay on our website which specific subpage of our website visits the person concerned. This information is collected by the Facebook component and assigned the respective Facebook account of the person concerned by Facebook. If the data subject acts one of the Facebook buttons integrated on our website, for example the "Like" button, or if the person concerned makes a comment, Facebook assigns this information to the person concerned's personal Facebook user account and stores this personal data .
Facebook always receives information about the Facebook component that the person concerned has visited our website if the person concerned is logged in on Facebook at the time of calling our website; This takes place regardless of whether the person concerned clicks on the Facebook component or not. If such transmission of this information is not wanted to Facebook by the data subject, the transmission can prevent it from being logged out of your Facebook account before calling our website.
The data guideline published by Facebook, which can be called up at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. There is also explaining which setting options Facebook offers to protect the privacy of the person concerned. In addition, different applications are available that enable a data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.
14. Data protection regulations on the use and use of Google Adsense
The person responsible for processing has integrated Google Adsense on this website. Google Adsense is an online service via which a mediation of advertising on third pages is made possible. Google Adsense is based on an algorithm, which selects the advertisements displayed on third sides to match the content of the respective third side. Google Adsense allows interest -related targeting of the Internet user, which is implemented by generation of individual user profiles.
The Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland is the operating company of Google Adsense component.
The purpose of the Google Adsense component is the integration of advertisements on our website. Google adsense puts a cookie on the information technology system of the data subject. What cookies are has already been explained above. With the setting of the cookies, the alphabet Inc. is made possible to analyze the use of our website. Through each calling one of the individual pages of this website, which is operated by the person responsible for the processing and on which a Google adsense component was integrated, the Internet browser is automatically prompted on the information technology system of the person concerned by the respective Google Adsense component , To transmit data for the purpose of online advertising and the billing of commissions to Alphabet Inc. As part of this technical procedure, Alphabet Inc. receives knowledge of personal data, such as the IP address of the data subject, which the Alphabet Inc. serve, among other things, to understand the origin of visitors and clicks and subsequently enable commission bills.
The data subject can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting of the internet browser used and thus permanently contradict the setting of cookies. Such a setting of the internet browser used would also prevent the Alphabet Inc. from putting a cookie on the data subject's information technology system. In addition, a cookie already set by Alphabet Inc. can be deleted at any time via the Internet browser or other software programs.
Google Adsense also uses so -called tracking pixels. A tracking pixel is a miniature graphic that is embedded on websites to enable a log file recording and a log file analysis, which means that a statistical evaluation can be carried out. Based on the embedded tracking pixel, the Alphabet Inc. can recognize whether and when a website was opened by a data subject and which links have been clicked on by the data subject. Among other things, tracking pixels serve to evaluate the flow of visitors to a website.
Personal data and information about Google Adsense, which also includes the IP address and is necessary for the recording and billing of the advertisements displayed, are transferred to the Alphabet Inc. to the United States of America. This personal data is stored and processed in the United States of America. Alphabet Inc. may pass on these personal data collected via the technical procedure to third parties.
Google-Adsense is explained in more detail under this link https://www.google.de/intl/de/adsense/start/.
15. Data protection regulations on the use and use of Google Analytics (with anonymization function)
The person responsible for processing has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, collection and evaluation of data on the behavior of visitors to websites. Among other things, a web analysis service collects data about the website of which a data subject came to a website (so-called referrer), which sub-pages of the website accessed or how often and for which length of stay was considered. A web analysis is mainly used to optimize a website and for the cost-benefit analysis of internet advertising.
The Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland is the operating company of Google Analytics Component.
The person responsible for processing uses the addition “_gat._anonymizeiP” for web analysis via Google Analytics. This additive is reduced and anonymized by the IP address of the Google's Internet connection if the European Union or a different contracting state of the Agreement via the European Economic Area is accessed and anonymized.
The purpose of the Google Analytics component is to analyze visitor flows on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website in order to compile online reports for us online reports that show the activities on our website, and to provide further services with the use of our website.
Google Analytics places a cookie on the information technology system of the person concerned. What cookies are has already been explained above. With the setting of the cookies, Google is made possible to analyze the use of our website. Through each calling one of the individual pages of this website, which is operated by the person responsible for the processing and on which a Google Analytics component was integrated, the Internet browser is automatically initiated on the person's information technology system by the respective Google Analytics component , To transmit data for the purpose of online analysis to Google. As part of this technical procedure, Google receives knowledge of personal data, such as the IP address of the data subject who serve Google, among other things, to understand the origin of the visitors and clicks and subsequently enable commission bills.
The cookies, such as the access time, the place, from which access was used and the frequency of visiting our website by the data subject, is stored. Every time our website is visited, this personal data, including the IP address of the internet connection used by the data subject, will be transferred to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties.
The data subject can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting of the internet browser used and thus permanently contradict the setting of cookies. Such a setting of the internet browser used would also prevent Google from putting a cookie on the data subject's information technology system. In addition, a cookie already set by Google Analytics can be deleted via the Internet browser or other software programs.
There is also the possibility for the data subject to object to the use of the data generated by Google Analytics, related to the use of this website, and to prevent this data from processing this data by Google. To do this, the person concerned must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout. This browser add-on reports Google Analytics via JavaScript that no data and information on the visits to website can be transmitted to Google Analytics. Google rates the installation of the browser add-on as a contradiction. If the data subject's information technology system is deleted, formatted or reinstalled at a later point in time, the data subject must be installed again in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person who is attributable to their sphere of influence, there is the possibility of reinstalling or renewing the browser add-on.
Further information and the applicable data protection regulations of Google can be called up at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link https://www.google.com/intl/de_de/analytics/.
16. Data protection regulations on the use and use of Google+
The person responsible for processing has integrated the Google+ button on this website as a component. Google+ is a so -called social network. A social network is a social meeting point operated on the Internet, an online community that generally enables users to communicate with each other and to interact in virtual space. A social network can serve as a platform to exchange opinions and experiences or enable the Internet community to provide personal or company -related information. Google+ enables users of the social network, among other things, to create private profiles, the upload of photos and network via friendship requests.
Google+ operating company is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
Through each calling one of the individual pages of this website, which is operated by the person responsible for the processing and on which a Google+ button was integrated, the internet browser on the information technology system of the data subject automatically initiates a representation of the corresponding Google+ by the respective Google+ button To download the Google button. As part of this technical procedure, Google receives knowledge of which specific subpage of our website is visited by the person concerned. More detailed information about Google+ can be called up at https://developers.google.com/+/.
If the person concerned is logged in at Google+ at the same time, Google recognizes each time our website is called up by the data subject and throughout the duration of the respective stay on our website which specific underside of our website visits the person concerned. This information is collected by the Google+ button and assigned to the respective Google+ account of the person concerned.
If the data subject acts one of the Google+buttons integrated on our website and thus submits a Google+1 recommendation, Google assigns this information to the person concerned's personal Google+user account and stores this personal data. Google saves the Google+1 recommendation of the data subject and makes them publicly accessible in accordance with the conditions accepted by the data subject. A Google+1 recommendation submitted by the data subject on this website is subsequently together with other personal data, such as the name of the Google+1 account used by the data subject and the photo stored in this stored photo in other Google services, For example, saved and processed and processed the search engine results of the Google search engine, the Google account of the data subject or in other bodies, for example on websites or in connection with advertisements. Google is also able to link the visit to this website with other personal data stored on Google. Google also records this personal information with the purpose of improving or optimizing the different services of Google.
Google always receives information via the Google+ button that the person concerned has visited our website if the person concerned is logged on to Google+ at the time of calling our website; This takes place regardless of whether the person concerned clicks the Google+button or not.
If a transmission of personal data to Google is not wanted by the data subject, this can prevent such a transmission by logging out of your Google+account before calling our website.
Further information and the applicable data protection regulations of Google can be called up at https://www.google.de/intl/de/policies/privacy/. Further information from Google about the Google+1 button can be called up at https://developers.google.com/+/web/Buttonspolicy.
17. Data protection regulations on the use and use of Google adwords
The person responsible for processing has integrated Google AdWords on this website. Google AdWords is a service for internet advertising, which allows advertisers to both switch ads in Google's search engine results and in the Google advertising network. Google AdWords enables an advertiser to determine certain keywords in advance, by means of which an advertisement in Google's search engine results is only displayed if the user calls up a key answer -relevant search result with the search engine. In the Google advertising network, the ads are distributed on topic-relevant websites by means of an automatic algorithm and taking into account the previously defined keywords.
Operator of the Services of Google AdWords is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
The purpose of Google AdWords is the application of our website by inserting interest -related advertising on the websites of third -party companies and in the search engine results of the search engine Google and a fading of external advertising on our website.
If a data subject comes to our website via a Google display, a so-called conversion cookie is stored on the information technology system of the data subject. What cookies are has already been explained above. A conversion cookie loses its validity after thirty days and does not serve to identify the person concerned. If the cookie has not yet expired, the conversion cookie has been able to understand whether certain sub-pages, for example the shopping cart from an online shop system, have been accessed on our website. With the conversion cookie, both we and Google can understand whether a data subject who has reached our website via an AdWords display generated sales, i.e. made a purchase or canceled.
The data and information collected by using the conversion cookies are used by Google to create visiting statistics for our website. These visiting statistics are used by us to determine the total number of users, which were conveyed to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords display and to optimize our AdWords ads for the future . Neither our company nor other Google Adwords advertising customers receive information from Google that the person concerned could be identified.
Using the conversion cookies, personal information, for example the website visited by the data subject, is stored. Each visit to our website, personal data, including the IP address of the internet connection used by the data subject, will be transferred to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties.
The data subject can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting of the internet browser used and thus permanently contradict the setting of cookies. Such a setting of the internet browser used would also prevent Google from putting a conversion cookie on the information technology system of the data subject. In addition, a cookie already set by Google AdWords can be deleted via the Internet browser or other software programs.
There is also the possibility for the person concerned to contradict Google's interest -related advertising. To do this, the person concerned must call up the link www.google.de/settings/ads from any of the internet browsers they use and make the desired settings there.
Further information and the applicable data protection regulations of Google can be called up at https://www.google.de/intl/de/policies/privacy/.
18. Data protection regulations on the use and use of Instagram
The person responsible for processing has integrated components of the Instagram service on this website. Instagram is a service that is to be qualified as an audiovisual platform and enables users to share photos and videos and also distribute such data in other social networks.
The operating company of Instagram is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland.
Through each calling one of the individual pages of this website, which is operated by the person responsible for the processing and on which an Instagram component (Insta-button) was integrated, the internet browser on the information technology system of the data subject is automatically used by the respective Instagram component prompted to download a representation of the corresponding component of Instagram. As part of this technical procedure, Instagram is aware of which specific subpage of our website is visited by the data subject.
If the data subject is logged in at Instagram at the same time, Instagram recognizes each time our website is called up by the data subject and throughout the duration of the respective stay on our website which specific subpage the person concerned visits. This information is collected by the Instagram component and assigned to the respective Instagram account of the data subject by Instagram. If the data subject acts on one of the Instagram buttons integrated on our website, the data and information transmitted are assigned to the personal Instagram user account of the data subject and stored and processed by Instagram.
Instagram always receives information via the Instagram component that the person concerned has visited our website if the person concerned is also logged in on Instagram at the time of calling our website; This takes place regardless of whether the person concerned clicks the Instagram component or not. If such a transmission of this information is not wanted by the data subject, this can prevent the transmission from being logged out of your Instagram account before calling our website.
Further information and the applicable data protection regulations of Instagram can be called up at https://help.instagram.com/15583370700388 and https://www.instagram.com/about/legal/privacy/.
19. Data protection regulations on the use and use of jetpack for WordPress
The person responsible for processing has integrated Jetpack on this website. Jetpack is a WordPress plug-in that offers additional functions to the operator of a website that is based on WordPress. Jetpack allows the website operator to have an overview of the visitors of the page. By displaying related contributions and publications or the possibility of sharing content on the page, the number of visitors is also possible. In addition, security functions are integrated in jetpack, so that a jetpack user website is better protected against brute force attacks. Jetpack also optimizes and accelerates the loading of the images integrated on the website.
The operating company of the Jetpack plug-ins for WordPress is the Aut O’Mattic A8c Ireland Ltd., Business Center, No.1 Lower Mayor Street, International Financial Services Center, Dublin 1, Ireland.
Jetpack puts a cookie on the information technology system of the person concerned. What cookies are has already been explained above. Through each calling one of the individual pages of this website, which is operated by the person responsible for the processing and on which a jetpack component was integrated, the internet browser on the information technology system of the data subject automatically initiates data for analysis purposes by the respective jetpack component to transmit to Automattic. As part of this technical procedure, Automattic receives knowledge of data that is subsequently used to create an overview of the website visits. The data obtained in this way serve to analyze the behavior of the data subject, which has accessed the website of the person responsible for the processing and are evaluated with the aim of optimizing the website. The data collected via the Jetpack component is not used without prior obtaining a separate express consent of the data subject to identify the data subject. The data is also noted. Quantcast uses the data for the same purposes as Automattic.
The data subject can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting of the internet browser used and thus permanently contradict the setting of cookies. Such a setting of the internet browser used would also prevent Automattic/Quantcast from putting a cookie on the data subject's information technology system. In addition, cookies already set can be deleted by Automattic via the Internet browser or other software programs.
Furthermore, the person concerned has the option of contradicting the use of the data generated by the jetpack cookie, referring to the use of this website and the processing of this data by Automattic/Quantcast. To do this, the person concerned must press the opt-out button under the link https://www.quantcast.com/opt-out/ who sets an opt-out cookie. The opt-out cookie, set with the object, is stored on the information technology system used by the data subject. If the cookies on the person concerned are deleted according to an objection, the person concerned must call the link again and set a new opt-out cookie.
With the setting of the opt-out cookies, however, there is the possibility that the website of the person responsible for the processing is no longer fully usable for the data subject.
The applicable data protection regulations of Automattic can be called up at https://automattic.com/privacy/. The applicable data protection regulations of QuantCast can be called up at https://www.quantcast.com/privacy/.
20. Payment method: Data protection regulations on Klarna as a payment method
The person responsible for processing has integrated components from Klarna on this website. Klarna is an online payment service provider that enables the purchase on account or a flexible installment payment. Klarna also offers further services, such as buyer protection or an identity and credit check.
Klarna's operating company is the Klarna Bank, Sveafen 46, 111 34 Stockholm, Sweden.
If the data subject selects either the "purchase on account" or "installment purchase" during the ordering process in our online shop as a payment option, the data subject automatically transmits data to Klarna. With the selection of one of these payment options, the data subject agrees to the transmission of personal data required to process the purchase or installment purchase or for identity and credit check.
The personal data transmitted to Klarna is usually the first name, last name, address, date of birth, gender, email address, IP address, telephone number, mobile phone number and other data necessary to process an invoice or installment purchase . For the processing of the purchase contract, the personal data that is related to the respective order are also necessary. In particular, there may be a mutual exchange of payment information such as bank details, card number, date of validity and CVC code, article number, item number, data on goods and services, prices and tax levies, information on the previous purchase behavior or other information on the financial situation of the data subject, .
The transmission of the data in particular is the identity check, payment administration and fraud prevention. The person responsible for processing will transmit personal data in particular if there is a legitimate interest in the transmission. The personal data exchanged for the processing for the processing is sent by Klarna to business information. This transmission aims for identity and credit check.
Klarna also passes on the personal data to connected companies (Klarna Group) and service provider or subcontractor, insofar as this is necessary to fulfill the contractual obligations or the data should be processed on behalf.
To decide on the justification, implementation or termination of a contractual relationship, Klarna collects and uses information about the previous payment behavior of the data subject as well as probability values for their behavior in the future (so -called scoring). The calculation of the scoring is carried out on the basis of scientifically recognized mathematical-statistical procedures.
The person concerned has the option of revoking the consent to dealing with personal data at any time to Klarna. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.
The applicable data protection regulations of Klarna can be called up at https://cdn.klarna.com/1.0/shared/content/policy/data/de/data_protection.pdf.
21. Payment method: Data protection regulations on Sofortüberweisung as a payment method
The person responsible for processing has integrated components from Sofortüberweisung on this website. Sofortüberweisung is a payment service that enables cashless payment of products and services on the Internet. Sofortüberweisung shows a technical process through which the online retailer immediately receives a payment confirmation. In this way, a dealer is enabled to deliver goods, services or downloads to the customer immediately after ordering.
The operating company from Sofortüberweisung is the Klarna Bank, Sveafen 46, 111 34 Stockholm, Sweden.
If the data subject selects "Sofortüberweisung" as a payment option during the ordering process in our online shop, the data subject will automatically transmit data to Sofortüberweisung. With a selection of this payment option, the data subject agrees to a transmission of personal data required for payment processing.
In the event of a purchase via Sofortüberweisung, the buyer transmits the PIN and TAN to Sofort GmbH. Sofortüberweisung then carries out a transfer to the online retailer after the technical review of the account balance and retrieval of further data to check the account coverage. The implementation of the financial transaction is then automatically communicated to the online retailer.
The personal data exchanged with Sofortüberweisung are first name, last name, address, email address, IP address, telephone number, mobile phone number or other data that is necessary for payment processing. The transmission of the data aims for payment processing and fraud prevention. Sofortüberweisung is also sent to other personal data for the processing if there is a legitimate interest in the transmission. The personal data exchanged between Sofortüberweisung and the person responsible for the processing may be transmitted from Sofortüberweisung to business information. This transmission aims for identity and credit check.
Sofortüberweisung passes on the personal data to connected companies and service providers or subcontractors, insofar as this is necessary to fulfill the contractual obligations or the data should be processed on behalf.
The person concerned has the option of revoking the consent to dealing with personal data at any time to Sofortüberweisung. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.
The applicable data protection regulations of Sofortüberweisung can be called up at https://www.klarna.com/sofort/datenschutz/.
22. Legal basis of processing
Art. 6 I lit. a GDPR serves our company as a legal basis for processing processes in which we obtain consent for a specific processing purpose. If the processing of personal data for fulfilling a contract whose contracting party is the data subject is necessary, as is the case, for example, for processing processes that are necessary for the delivery of goods or the provision of other service or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing processes that are necessary for the implementation of pre -contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation through which processing of personal data is required, such as the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data could be necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor would be violated in our company and then had to pass on his name, age, his health insurance data or other vital information to a doctor, a hospital or other third parties. Then the processing would be based on Art. 6 I lit. d GDPR. Ultimately, processing processes could be based on Art. 6 I lit. f GDPR. Processing processes are based on this legal basis, which are not recorded by any of the aforementioned legal bases if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and fundamental freedoms of the person concerned do not predominate. Such processing processes are particularly permitted because they were particularly mentioned by the European legislator. In this respect, he took the view that a legitimate interest could be assumed if the person concerned is a customer of the person responsible (Recital 47 sentence 2 GDPR).
23. Obituarized interests in the processing, which are pursued by the person responsible or a third party
If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the implementation of our business in favor of the well-being of all our employees and our shareholders.
24. Duration for which the personal data is stored
The criterion for the duration of the storage of personal data is the respective statutory retention period. After the deadline, the corresponding data is routinely deleted, provided that they are no longer required to fulfill or initiate contract.
25. Legal or contractual provisions for providing personal data; Need for the conclusion of the contract; Commitment of the data subject to provide the personal data; Possible consequences of non -provision
We clarify that the provision of personal data is partially required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary to make a contract that a data subject provides us with personal data that we have to process. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with it. A non -provision of the personal data would result in the contract with the person concerned could not be concluded. Before providing personal data by the person concerned, the person concerned must contact one of our employees. Our employee clarifies the person concerned to the person concerned whether the provision of the personal data is required by law or contract or for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences the non -provision of the personal data would have.
26. Existing automated decision -making
As a responsible company, we do without automatic decision making or profiling.
This data protection declaration was made by the data protection declaration generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH, which is External data protection officer Augsburg is active in cooperation with the Cologne IT and data protection lawyer Christian Solmecke created.