Privacy policy

3.1. View our offer

• Surmane
• Address,
• E-mail address,
• Account number,
• bank sort number,
• if applicable, credit card number,
• invoice amount,
• Currency and
• Transaction number

to the payment service provider you have chosen (e.g. Paypal, Adyen, credit card company, etc.). The transmission is necessary, otherwise we cannot process the order. The data is used exclusively to carry out and implement payment processing and is transmitted securely via the “SSL” encryption process. The service providers we offer are certified according to PCI DSS. These may transfer, process and store personal data outside the EU. For more information, please check the data protection regulations of your service provider.

3.3. Data processing for customer support or customer care

3.3.1. Informational purposes

If you have opened a customer account, we will list you as an existing customer. In this case, we process your contact details in order to send you occasional information, for example about new products, special promotions, expanded or improved functions, etc.

3.3.2. Interest-based advertising

• the submitted email address
• the IP address of the device used,
• the date and time of registration,
• the manner of addressing,
• Date, content and time of the confirmation email,
• the IP address of the device used for confirmation and
• the date and time of your confirmation.

The legal basis for this is Article 6 Paragraph 1 Letter b) GDPR. This processing is necessary to fulfill your request. We store the data until the end of the statutory limitation period, as this allows us to prove the legality of sending the newsletter. After the respective limitation period has expired, we will retain the personal data required by law for the periods specified by law. You can object to this processing at any time with future effect. All you need to do is click on the unsubscribe button in the respective email or send a short note via email. For this purpose, please use the contact details of our company data protection officer.

3.3.4. contact form

If a visitor's concern is not answered by our comprehensive FAQ section, we offer them the opportunity to ask the question using our contact form. If you decide to send us such a request, we will process the following data:

• submitted last name and first name
• the specified topic of the concern
• the submitted email address
• Telephone number provided if applicable
• Regarding
• the concern you described
• the IP address of the device used
• the date and time of the request

to process your request. The legal basis for this is Article 6 Paragraph 1 Letter b) GDPR. This processing is necessary to fulfill your request. The data can be stored in a CRM system, e.g. Zendesk (see above). We delete the requests if they are no longer required to be stored. You can object to this processing at any time with future effect. A short note via email is sufficient. To exercise your objection, please use the contact details of our company data protection officer.

3.3.5. Right to object

You can object to data processing for the aforementioned purposes at any time, free of charge, separately for the respective communication channel and with effect for the future. All you need to do is send an email or postal letter to the contact details listed under 1.

If you object, we will block the affected contact address from further processing of advertising data. We will process your objection as quickly as possible and implement the appropriate blocking measures immediately after the review. We would like to point out that in exceptional cases, relevant information or product recommendations may be sent even after your objection has been received. This is solely for technical reasons and does not mean that we will not implement your objection. Thank you very much for your understanding.

3.4 Data processing when concluding the contract, for the implementation and termination of the contract

Our goal is to make as many people as possible happy with our products. If you have decided to order from us, we will process the data required for the conclusion, implementation or termination of such a (purchase) contract. These include in particular:

• E-mail address
• if applicable, first name, last name
• Delivery or residential address
• Billing and payment data

The legal basis for this is Article 6 Paragraph 1 Letter a), Letter b) GDPR. To the extent that we do not use your contact details for customer support or customer care (see detailed information under 3.3.), we store the data collected for contract processing until the purpose no longer applies or until the expiry of possible contractual cancellation, warranty and guarantee rights. After this period has expired, we will retain the personal data required by law for the periods specified by law. For this period (usually six to ten years from the conclusion of the contract), the data will be processed again solely in the event of an inspection by the tax authorities.

4. Data processing to provide our offer

Below we would like to inform you about the data processing required to provide our offer:

4.1. Website optimization

We will not sell or rent your data to third parties for their marketing purposes without your express consent. Only in order to be able to offer our visitors the best possible customer experience, to improve the quality of our offering from time to time and to protect the interests of our customers, we will pass on certain data to third parties under certain circumstances; However, the transfer is always subject to strict restrictions, which are described in more detail below:

4.2. Cookies – General information

We use so-called cookies on our website based on Article 6 Paragraph 1 Letter f) GDPR. Our interest in optimizing our offers is to be viewed as legitimate within the meaning of the aforementioned regulation. Cookies are small files that your browser creates automatically and that are stored on your device (laptop, tablet, smartphone, etc.) when you use our offerings. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware. The cookie stores information that arises in connection with the specific end device used. However, this does not mean that we receive direct knowledge of your identity. On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website or that you have already logged in to your customer account. If you use our offer again at a later date, the cookie will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again. In addition, for the purpose of user-friendliness, we use temporary cookies that are stored on your device for a specific period of time. These will be automatically deleted after you leave our website.

If you already have a customer account and are logged in, the information stored in the cookies will be assigned to your customer account.

On the other hand, we use cookies to statistically record the use of our offers and to evaluate them for the purpose of optimization for you, as well as to display information specifically tailored to you. These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined period of time. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. You can also use the Network Advertising Initiative’s collective opt-out option. However, completely deactivating cookies may mean that not all of the functions of our offerings are available to you. The storage period of cookies depends on their purpose and is not the same for everyone.

4.3 Google Analytics

For the purpose of needs-based design and ongoing optimization of our offering, we use the analysis service Google Analytics from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”) based on Article 6 Paragraph 1 Letter f) GDPR. ). Google creates pseudonymized usage profiles using cookies. The information generated by the cookie about your use of our websites such as

- Browser type/version,
- operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- time of server request,

are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the offers, to compile reports on the activities and to provide other services related to the use of the offers for the purposes of market research and needs-based design. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of you. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that assignment is not possible (so-called IP masking).

You can prevent the installation of cookies in advance by setting your browser software accordingly or object to further processing via the cookie by clicking the opt-out link; However, we would like to point out that in this case not all functions of our offers may be able to be used to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of our offering (including your IP address) and the processing of this data by Google by downloading and installing this browser add-on. We recommend using private mode on mobile devices. Further information on data protection in connection with Google Analytics can be found on the Google Analytics website.

4.4 Google Tag Manager

We use Google Tag Manager to manage website tags (website code). These make it easier for us to manage and further develop our offering and shorten your loading time. Google Tag Manager only implements website code. The Google Tag Manager itself does not set any cookies or collect any personal data. The tool simply integrates website code stored elsewhere by us, through which data may be collected. The tool only serves to make it easier to control the respective code, but does not itself access the data processed by the code. We will inform you about all tags integrated in this way in this data protection policy. Further information about Google Tag Manager and the usage guidelines can be found on the Google website.

4.5 Facebook Pixels

In order to use our Facebook campaigns as needed, to further optimize them and to measure their conversion, we use an individual so-called visitor action pixel from Facebook Ireland Ltd., 4 Grand Canal Square, based on Article 6 Paragraph 1 Letter f of the GDPR. Grand Canal Harbour, Dublin 2, Ireland (hereinafter: “Facebook”). This pixel is integrated into the code of our websites. On the one hand, we can ensure that the Facebook ads we initiate are only displayed to those Facebook users who have shown an interest in our offering. This ensures that our Facebook ads match the potential interest of the respective user and do not bother them. On the other hand, we can track the actions of Facebook users after they have seen or clicked on one of our Facebook ads. This helps us measure the conversion of the respective campaign for statistical, market research and billing purposes. The following information is processed during use:

-Time stamp,
- URL,
- Campaign-related information (in particular impression specification, form field, activated button)

The data collected in this way is anonymous to us and therefore does not allow us to draw any conclusions about the identity of the respective user. According to recital 47 of the GDPR, the processing carried out in this way for behavioral and interest-based advertising purposes is to be viewed as our recognized legitimate interest. The data is stored in accordance with the statutory retention periods and then automatically deleted.

If you log into your Facebook account after placing the pixel or visit our website while logged in, it is possible that this data will be stored and processed by Facebook, which we would like to inform you about. Facebook can connect this data to your Facebook account and also use it for its own advertising purposes, in accordance with Facebook's data usage policy: https://www.facebook.com/about/privacy/. You can find further information about the Facebook Pixel here. You can enable Facebook and its partners to place advertisements on and off Facebook. You can object to this special data processing at any time by either changing your Facebook settings accordingly or by simply informing us that you no longer wish to have this processed in the future. For this purpose, please use the contact details of our company data protection officer. Please be aware that the declared objection only applies to the device used. For further information, please see Facebook's data protection regulations and information on protecting your privacy.

4.6 Facebook Look-Alike Campaigns

In order to target our Facebook campaigns in a target group-optimized manner and to measure their conversion, we use the possibility of creating so-called Facebook look-alike audiences based on Art. 6 Para. 1 lit. a) and lit. f) GDPR is offered by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, (“Facebook”). Further information about Facebook's look-alike campaigns can be found on Facebook at: https://www.facebook.com/business/help/365463786964246

This processing for behavioral and interest-based advertising purposes is to be viewed as our recognized legitimate interest according to Recital 47 of the GDPR. If you are part of the Facebook look-alike audience, we will transmit your email address and your device ID to Facebook. You can object to this special data processing at any time by either changing your Facebook settings: https://www.facebook.com/settings/?tab=ads or informing us that you no longer want this processing in the future. For this purpose, please use the contact details of our company data protection officer.

4.7 YouTube integrations

We offer our visitors and customers a wealth of information on our websites. In addition to texts and photos, we also have informative videos available, for example in our blog posts. For this purpose, we use integrations from YouTube, a service provided by YouTube LLC, based on Article 6 Paragraph 1 Letter f) GDPR. 901 Cherry Ave. San Bruno, CA 94066. USA (hereinafter: “Youtube”). For this purpose, we set a cookie from YouTube when you visit the respective page, which establishes a connection to the YouTube servers. The information generated by the cookie about your use of our websites such as

- Browser type/version,
- operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of server request or
- Visited website or subpage

are transferred to a YouTube server in the USA and stored there. The processing to improve our websites by enriching and complementing the content with informative videos is to be viewed as our legitimate interest. You can prevent the installation of cookies in advance by setting the browser software accordingly or object to this processing by deleting cookies via your browser settings or changing the corresponding settings in the data protection center. You can find more information about the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy under YouTube's data protection regulations.

4.11 Google Adwords conversion tracking

To control and improve our campaigns, we use the online advertising program “Google AdWords” and the analysis tool Conversion Tracking, a service from Google Inc., 1600 Amphitheater Parkway, Mountain View, based on Article 6 Paragraph 1 Letter f) GDPR , CA 94043, USA (hereinafter: “Google”). If you click on an ad placed by Google, a cookie for conversion tracking will be stored on your computer. The information generated by the cookie:

-Ad clicked,
-Browser type/version,
-operating system used,
-Location,
-Referrer URL (the previously visited page),
-Host name of the accessing computer (IP address),
-time of server request,

are transferred to a Google server in the USA and stored there. These cookies expire after 30 days, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google AdWords customer receives a different cookie. There is therefore no possibility that cookies can be tracked via the websites of AdWords customers. The information collected using the cookie is used to create conversion statistics for us as AdWords customers. Here we find out the total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users. This processing for behavioral and interest-based advertising purposes is to be viewed as our recognized legitimate interest according to Recital 47 of the GDPR.

You can prevent this processing in advance by generally preventing the installation of cookies through an appropriate browser setting in your browser (deactivation option) or by setting it so that cookies from the domain “googleadservices.com. You can also object to the processing by switching the slider in the Google settings to “Off”.

4.8 Google Dynamic Remarketing

Based on Article 6 Paragraph 1 Letter f) GDPR, we use the remarketing or “similar target group” tool from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereinafter: “Google”). This function serves the purpose of analyzing visitor behavior and visitor interests. Google uses cookies to carry out the analysis of website usage, which forms the basis for creating interest-based advertisements. The cookies record visits to the website as well as anonymized data about the use of the website. There is no storage of personal data from visitors to the website. If you subsequently visit another website in the Google advertising network, you may be shown advertisements that most likely take into account previously accessed product and information areas and may be similar to them. Your data may be processed via Google servers in the USA. According to recital 47 of the GDPR, the processing carried out in this way for behavioral and interest-based advertising purposes is to be viewed as our recognized legitimate interest.

You can object to this data processing at any time by downloading and installing this browser add-on. You can also permanently deactivate the use of third-party cookies by configuring the Network Advertising Initiative deactivation page accordingly. Detailed information about Google Remarketing and the associated data protection declaration can be found at: https://www.google.com/privacy/ads/

4.9 Google Optimize

For the purpose of needs-based design and ongoing optimization of our websites, we use the analysis service Google Optimize, a web analysis service from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ( hereinafter: “Google”) and part of Google Analytics. Google sets a cookie to enable you to analyze page views and page activity. The information generated by the cookie about your use of our websites such as

-Your user behavior on our websites,
-Browser type/version,
-operating system used,
-Referrer URL (the previously visited page),
-Host name of the accessing computer (IP address),
-time of server request

are transferred to a Google server in the USA and stored there.

You can prevent the installation of cookies in advance by setting your browser software accordingly or object to this processing by deleting cookies via your browser settings. You can find more information about Google's data protection regulations under the link below.

4.10 Trusted Shops

The Trusted Shops trust badge is integrated on this website to display our Trusted Shops seal of approval and any reviews collected, as well as to offer Trusted Shops products to buyers after an order.

This serves to protect our legitimate interests, which predominate in the context of a balancing of interests, in the optimal marketing of our offer in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. The Trustbadge and the services advertised with it are an offer from Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne.

When you access the trust badge, the web server automatically saves a so-called server log file, which contains, for example, your IP address, date and time of retrieval, amount of data transferred and the requesting provider (access data) and documents the retrieval. This access data is not evaluated and is automatically overwritten no later than seven days after the end of your site visit.

Further personal data will only be transferred to Trusted Shops if you have consented to this, decide to use Trusted Shops products after completing an order or have already registered for use. In this case, the contractual agreement between you and Trusted Shops applies.

5. Recipients outside the EU

As shown above, data may also be transmitted to recipients based outside the European Union or the European Economic Area. This applies in particular to the processing of analysis or targeting technologies mentioned, which can result in data transmission to the service provider's servers. Other recipients may be affiliated service providers that we need to provide our services, e.g. hosters, CRM tools, analysis service providers. These servers may be located outside the EU, particularly in the USA. We take utmost care to ensure that these service providers ensure data protection standards equivalent to those of the GDPR and that applicable guidelines are adhered to. We only work with service providers who are certified according to the so-called EU-US Privacy Shield. For this certification, the EU Commission has determined the adequacy of the data protection level in accordance with Article 45 of the GDPR under file number C/2016/4176. The use of these certified service providers therefore meets European standards for legally compliant data processing. In addition, we have had all service providers based in other EU countries provide us with appropriate contractual guarantees that ensure compliance with these EU standards and the enforcement of the rights of those affected, for example on the basis of so-called standard contractual clauses from the EU Commission.

6. Your rights

6.1. overview

In addition to the right to object to your consent given to us, you are entitled to the following additional rights if the relevant legal requirements are met:

Right to information about your personal data stored by us in accordance with Art. 15 GDPR,
in cases of transfers in accordance with Art. 46, 47 or 49 Para. 1 No. 2 GDPR, the right to information or reference to the appropriate or

- reasonable guarantees and the possibility of obtaining a copy of them or where they are available,
- Your personal data stored by us in accordance with Art. 15 GDPR,
- Right to correct incorrect data or to complete correct data in accordance with Art. 16 GDPR,
- Right to delete your data stored by us in accordance with Art. 17 GDPR,
- Right to restrict the processing of your data in accordance with Art. 18 GDPR,
- Right to data portability in accordance with Art. 20 GDPR.

6.2. Right to object

Under the conditions of Article 21 Para. 1 GDPR, data processing can be objected to for reasons arising from the particular situation of the data subject.

The above general right of objection applies to all processing purposes described in these data protection regulations, which are processed on the basis of Article 6 Paragraph 1 Letter f) GDPR. In contrast to the special right of objection aimed at data processing for advertising purposes (see 3.3 above), we are only obliged under the GDPR to implement such a general objection if you give us reasons of overriding importance for this (e.g. a possible danger to life or health). You also have the option of contacting the supervisory authority responsible for us, the State Commissioner for Data Protection and Freedom of Information for North Rhine-Westphalia, Kavalleriestrasse 2-4, 40213 Düsseldorf.

7. Data Security

We use the highest standards of information security for our infrastructure and the processing of your data. For example, we use computer protection mechanisms such as firewalls and data encryption. Physical access controls apply to our buildings and data. Access to our customers' personal information is only possible for those employees who need it to carry out their work.

All data you personally transmit, including your payment details, will also be transmitted using the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard that is also used in online banking, for example. You can recognize a secure SSL connection by, among other things, the appended s to http (i.e. https://...) in the address bar of your browser or by the lock symbol in the lower area of the browser.
We also use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously monitored in line with technological developments, regularly adapted to the respective risk and improved if necessary.