Privacy Policy

Data protection



Unless otherwise stated below, the provision of your personal data is neither required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide has no consequences. This only applies if no other information is given in the subsequent processing operations.



"Personal data" is all information that relates to an identified or identifiable natural person.



Server log files

You can visit our website without providing any personal information.

Every time our website is accessed, usage data is transmitted to us or our web host / IT service provider through your Internet browser and stored in log data (so-called server log files). These stored data include e.g. the name of the page accessed, date and time of access, the IP address, the amount of data transferred and the requesting provider. Processing takes place on the basis of Art. 6 Para. 1 lit. f GDPR based on our overriding legitimate interest in ensuring the trouble-free operation of our website and in improving our offer.





Customer account / orders



Customer account

When opening a customer account, we collect your personal data to the extent specified there. Data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing takes place on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the lawfulness of the processing carried out based on your consent until you revoke it. Your customer account will then be deleted.



Collection, processing and transfer of personal data when placing orders

When ordering, we only collect and process your personal data insofar as this is necessary to fulfill and process your order and to process your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to make this available means that no contract can be concluded. Processing takes place on the basis of Art. 6 Para. 1 lit. b GDPR and is required for the performance of a contract with you.



Your data will be passed on, for example, to the shipping companies and dropshipping providers, payment service providers, service providers for order processing and IT service providers you have selected. In all cases, we strictly observe the legal requirements. The amount of data transmission is limited to a minimum.


Contact / Newsletter


Collection and processing when using the contact form

When using the contact form, we only collect your personal data (name, email address, message text) to the extent that you provide. The data processing serves the purpose of establishing contact. By submitting your message, you consent to the processing of the transmitted data. Processing takes place on the basis of Art. 6 Para. 1 lit. a GDPR with your consent.



You can revoke your consent at any time by notifying us without affecting the lawfulness of the processing carried out based on your consent until you revoke it. We only use your email address to process your request. Your data will then be deleted unless you have consented to further processing and use.



Use of the email address for sending newsletters

We use your email address, regardless of the contract, only for our own advertising purposes for sending the newsletter, provided you have expressly agreed to this. Processing takes place on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent until you revoke it. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.


Shipping service provider / inventory management



Forwarding of the email address to shipping companies for information about the shipping status

We will pass on your email address to the transport company as part of the contract, provided you have expressly agreed to this in the ordering process. The purpose of the transfer is to inform you of the shipping status by email. Processing takes place on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company without affecting the legality of the processing carried out based on your consent until the revocation.





Usage of the Shop-System



In order to provide the Services to its Users, Wix processes data of customers or visitors of the Users’ site or services (herein: “User Customers”). The processing of such data by Wix is hereinafter referred to as “Processing” (as such term is defined under the GDPR). The following Data Processing Agreement (“DPA”) sets forth the terms of such Processing by Wix.



This Agreement is in addition to the Wix Terms of Use, Privacy Policy and any other applicable Wix terms (herein the, “Terms of Use”, “Privacy Policy” and, collectively, the “Wix Policies”). The terms of the Wix Policies shall apply to this Agreement as applicable. In the event of contradiction between this DPA and any of Wix Policies, the provisions of this DPA shall govern. Any capitalized term that is not defined herein, shall have the meaning ascribed to such term in the Wix Policies.



To the extent the User Customer Data which is Processed by Wix on behalf of the User is subject to the General Data Protection Regulation (Regulation (EU) 2016/679; the “GDPR”), the Users acknowledge and agree that for purposes of the provision of the Services by Wix, each User is the Data Controller of such Personal Data, and by using the Wix Services, the User has instructed Wix to process such Personal Data on his/her/its behalf pursuant to this DPA.



Definitions

For the purposes of this DPA, the following terms have the following meaning:



   The terms “Controller”, “Data Subject”, “Personal Data”, “Personal Data Breach”, “Processing”, and “Processor”,  as used in these DPA, have the meanings given in the GDPR.

   User Customer Data means the Personal Data of User Customers as Processed by Wix on behalf of the Users.



Terms of Personal Data Processing by Wix:

1. Wix shall:​

1.1 Process User Customer Data for the provision of the Services to Wix Users and according to the Wix Policies.

1.2 Ensure that anyone acting on its behalf, will Process User Customer Data according to the provisions of the Privacy Policy and applicable data protection regulations.

1.3 Implement appropriate technical, organizational and security measures to protect the privacy and security of the User Customer Data.



2. Users shall:

2.1 Collect, use and process Personal Data in accordance with any and all applicable data protection laws and regulations, including without limitation the GDPR.

2.2 Have sole responsibility for the accuracy, quality, and legality of User Customer Data and the means by which it was obtained.

2.3 Ensure the appropriate level of security when using Wix Services, taking into consideration any risks with respect to User Customer Data.

2.4 Any storage and/or transfer of User Customer Data by User to any third-party or platform other than Wix shall be at the sole risk and responsibility of the User.



3. Each User hereby grants Wix general authorization to engage sub-processors without obtaining any further written, specific authorization from the User. If the User objects to any sub-processing by Wix such User should immediately discontinue their use of the Services. Wix shall execute an agreement with each sub-processor ensuring compliance by such sub-processor with terms ensuring at least the same level of protection and security as those set out in this DPA.



4. By using any of Wix’s Services, the User agrees to the adequacy of the organizational, technical and security measures implemented by Wix to protect the Personal Data. Some of those measures can be seen here.



5. If Wix becomes aware of any Personal Data Breach, Wix will, without undue delay, provide notification of such, to the affected Users,  in accordance with applicable regulations. Wix shall use reasonable efforts to include the following information in such notifications: details of the nature of such breach and number of records affected, the category and estimated number of affected data subjects, anticipated consequences and any actual or proposed measures to be taken by Wix (or on its behalf) in order to mitigate the potential negative effects of such breach.



Wix’s notification of a Personal Data Breach will not be deemed as an acknowledgement by Wix of any fault or liability with respect to such incident.

​In the event of a Personal Data Breach, the User shall be obligated to take the measures required under applicable laws in connection with its User Customer Data.



6 Upon reasonable written request, Wix will:

6.1 Make available to the User certifications demonstrating Wix’s compliance with its obligations under this DPA and applicable law; and/or

6.2 Make available to the User information necessary to demonstrate compliance with its obligations under this DPA and applicable law.



7. Wix shall assist its Users, within reasonable timetables, by the appropriate measures and,  as reasonably possible (considering the nature of the Processing), in complying with data subject rights and all other relevant obligations under data privacy regulations, including the GDPR.



8. The Processing of the User Customer Data shall take place within the territory of the European Union, Israel or a third country, territory or one or more specified sectors within that third country of which the European Commission has decided that it ensures an adequate level of protection, including but not limited to the US under the EU-US Privacy Shield (transfer on the basis of an adequacy decision pursuant to paragraph 3 of Article 45 of the EU Regulation 2016/679 and decisions adopted on the basis of Article 25(6) of Directive 95/46/EC). Any transfer to and Processing in a third country outside the European Union that does not ensure an adequate level of protection according to the European Commission, shall be undertaken in accordance with the Standard Contractual Clauses (2010/87/EU) set out in Annex 1 (depending on the nature of the data exporter and data importer as controller or processor).



9. This DPA shall be in effect in relation to each User, for as long and such User, uses any of the Wix Services, provided however, that that in event in which Wix is obligated, according to the terms of this DPA or any Wix Policies, to keep Personal Data of a User Customer following the termination of the Services, this DPA shall continue to be in effect for as long as Wix holds such Personal Data.  



10. Upon termination of the use by the User of the Services, and unless Wix is required to retain such User Customer Data under Wix Policies, any agreement or applicable laws, Wix shall, including upon written request by the User, delete the User’s Personal Data as soon as reasonably practicable and according to Wix Policies and applicable laws.



11. Wix shall have the right to amend and/or adjust any of the terms of this DPA as may be required from time-to-time, in order to comply with any applicable laws or regulations.



12. Any questions regarding this DPA or requests from Users to exercise Data Subject Rights as described herein or in the GDPR, should be addressed to the Wix Data Protection Officer at privacy@wix.com. Wix will attempt to resolve any complaints regarding the use of your User Customer Data in accordance with this DPA and Wix Policies.



Annex 1 - Standard Contractual Clauses (PROCESSORS)

For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection



The entity identified as “User” in the DPA (the “data exporter”) And Wix.com Ltd 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (the “data importer”) each a ‘party’; together ‘the parties’,



HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.

Clause 1 - Definitions

   'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject' and 'supervisory authority' shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data1;

   'the data exporter' means the controller who transfers the personal data;

   'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;

   'the subprocessor' means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;

   'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;

   'technical and organisational security measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.



Clause 2 - Details of the transfer

The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.



Clause 3 - Third-party beneficiary clause

   The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.

   The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.

   The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

   The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.


Clause 4 - Obligations of the data exporter

The data exporter agrees and warrants:

   that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;

   that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses;

   that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract;

   that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;

   that it will ensure compliance with the security measures;

   that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;

   to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;

   to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;

   that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and

   that it will ensure compliance with Clause 4(a) to (i).



Clause 5 - Obligations of the data importer

The data importer agrees and warrants:

   to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

   that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

   that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred;

   that it will promptly notify the data exporter about:

i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,

ii) any accidental or unauthorised access, and

iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;

   to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;

   at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;



Mandatory requirements of the national legislation applicable to the data importer which do not go beyond what is necessary in a democratic society on the basis of one of the interests listed in Article 13(1) of Directive 95/46/EC, that is, if they constitute a necessary measure to safeguard national security, defence, public security, the prevention, investigation, detection and prosecution of criminal offences or of breaches of ethics for the regulated professions, an important economic or financial interest of the State or the protection of the data subject or the rights and freedoms of others, are not in contradiction with the standard contractual clauses. Some examples of such mandatory requirements which do not go beyond what is necessary in a democratic society are, inter alia, internationally recognised sanctions, tax-reporting requirements or anti-money-laundering reporting requirements.



   to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;

   that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;

   that the processing services by the subprocessor will be carried out in accordance with Clause 11;

   to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.



Clause 6 - Liability

   The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.

   If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.

   If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.



Clause 7 - Mediation and jurisdiction

   The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:

   to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;

   to refer the dispute to the courts in the Member State in which the data exporter is established.



2) The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.



Clause 8 - Cooperation with supervisory authorities

   The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.

   The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.

   The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).


Clause 9 - Governing law

The Clauses shall be governed by the law of the Member State in which the data exporter is established.



Clause 10 - Variation of the contract

The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.



Clause 11 - Subprocessing

   The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses3. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor's obligations under such agreement.

   The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

   The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.

   The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter's data protection supervisory authority.



Clause 12 - Obligation after the termination of personal data processing services

   The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.

   The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.



Appendix 1 to the Standard Contractual Clauses

This Appendix forms part of the Clauses and must be completed and signed by the parties



The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix



Data exporter

The data exporter is the entity identified as the “User” in the DPA.



Data importer

The data importer is Wix.com Ltd., the provider of the services.



Data subjects

Data subjects are defined as User Customers in the DPA.



Categories of data

The personal data is as defined in the DPA.



Processing operations

The personal data transferred will be subject to the following basic processing activities:

The objective of Processing of Personal Data by data importer is the performance of the Services pursuant to the Agreement.



Appendix 2 to the Standard Contractual Clauses

This Appendix forms part of the Clauses and must be completed and signed by the parties.



Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c):



The technical and organizational security measures implemented by the data importer are as described in: security- https://support.wix.com/en/about-wix/security  


Payment service



Using PayPal

All PayPal transactions are subject to the PayPal privacy policy which you can find here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full  


Cookies

Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be clearly identified when the website is called up again.



We use these cookies for the purpose of making our website more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after changing pages and to offer you services. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change.



Processing takes place on the basis of Art. 6 Para. 1 lit. f GDPR based on our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.



Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent cookies from being stored and the data they contain from being transmitted. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to use all functions of this website to their full extent.



Under the links below you can find out how you can manage (and also deactivate) cookies in the most important browsers:

Chrome browser: https://support.google.com/accounts/answer/61416?hl=de



Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies



Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen



Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac  


Analysis / advertising



The data processing described below in this section, in particular the setting of cookies, is based on Art. 6 Para. 1 lit. f GDPR out of our overriding legitimate interest:



- on the needs-based and targeted design of the website, e.g. with analysis and statistics tools



- targeting site visitors with interest-based advertising, e.g. conversion tracking



You have the right for reasons that arise from your particular situation, at any time according to Art. 6 Para. 1 lit. to object to processing based on the GDPR relating to your personal data.



Use of Google Analytics

We use the web analysis service Google Analytics from Google LLC on our website. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google").



If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws.



Data processing serves the purpose of analyzing this website and its visitors. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.



Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymization is activated on this website.



As a result, Google will shorten your IP address beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transferred to a Google server in the USA and abbreviated there in exceptional cases.



Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines.



You can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install [https://tools.google.com/dlpage/gaoptout?hl=de].



To prevent data collection and storage by Google Analytics across devices, you can set an opt-out cookie. Opt-out cookies prevent the future collection of your data when you visit this website. You must perform the opt-out on all systems and devices used for this to have a comprehensive effect. If you delete the opt-out cookie, requests will be sent to Google again.



If you click here, the opt-out cookie will be set: Deactivate Google Analytics.



You can find more information on terms of use and data protection at https://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/ .

Use Google’s remarketing or "Similar Audiences" feature

We use the remarketing or "similar target group" function of Google LLC on our website (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google").



If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws.



The application serves the purpose of analyzing visitor behavior and visitor interests.

Google uses cookies to carry out the analysis of website use, which forms the basis for the creation of interest-based advertisements. Cookies are used to record visits to the website and anonymized data on the use of the website. There is no storage of personal data of the visitors of the website. If you visit another website in the Google Display Network below, you will see advertisements that are very likely to take account of previously accessed product and information areas.



Your data may be transferred to the United States. Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines.



You can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://support.google.com/ads/answer/7395996?hl=de



Alternatively, you can prevent the use of cookies by third parties by calling up the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/choices/ and implementing the further information on opt-out mentioned there.



You can find more information on Google remarketing and the associated data protection declaration at: https://www.google.com/privacy/ads/



Use of Google Ads conversion tracking

We use the "Google Ads" online advertising program on our website and, in this context, conversion tracking (visit campaign evaluation). Google Conversion Tracking is an analysis service provided by Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google").



If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws.



If you click on an advertisement placed by Google, a cookie for the conversion tracking is placed on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the advertisement and were forwarded to this page. Every Google Ads customer receives a different cookie. There is therefore no possibility that cookies can be traced via the websites of Ads customers.



The information that is obtained using the conversion cookie is used to create conversion statistics. Here we find out the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.



Your data may be transferred to the United States. Google has certified itself according to the US-EU data protection agreement "Privacy Shield" and thus committed to comply with the European data protection guidelines.



You can deactivate personalized advertising for you in the Google advertising settings. Instructions for this can be found at https://support.google.com/ads/answer/2662922?hl=de .

Alternatively, you can prevent the use of cookies by third parties by calling up the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/choices/ and implementing the further information on opt-out mentioned there.



You will then not be included in the conversion tracking statistics.

You can find more information and Google's privacy policy at: https://www.google.de/policies/privacy/



Use of Facebook remarketing

We use the remarketing function "Custom Audiences" from Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; "Facebook") on our website.



The application serves the purpose of targeting visitors to the website with interest-based advertising on the social network Facebook.



For this purpose, the remarketing tag from Facebook was implemented on the website. This tag connects directly to the Facebook servers when you visit the website. This tells the Facebook server which of our pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit the social network Facebook, you will then be shown personalized, interest-related Facebook ads.



Your data may be transferred to the United States. Facebook has certified itself according to the US-EU data protection agreement "Privacy Shield" and thus committed to comply with the European data protection guidelines.



You can deactivate the remarketing function "Custom Audiences" here.

You can find more information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy in Facebook's data protection information at https://www.facebook.com/about/privacy/ .



Use of Google AdSense

We use the Google LLC AdSense function on our website (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google").



If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws.



The data processing serves the purpose of renting advertising space on the website and targeting visitors to the website with interest-based advertising.



This function is used to display personalized, interest-based advertising ads from the Google Display Network to visitors to the provider's website. Google uses cookies that enable an analysis of your use of the website.



The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. Under no circumstances will Google link your IP address with other Google data. Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines.



You can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://support.google.com/ads/answer/7395996?hl=de .



Alternatively, you can prevent the use of cookies by third parties by calling up the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/choices/ and implementing the further information on opt-out mentioned there.



You can find more information and Google's privacy policy at: https://www.google.com/policies/technologies/ads/ , https://www.google.de/policies/privacy/ .

Plug-ins



Use of YouTube

We use the function for embedding YouTube videos from Google Ireland Limited on our website (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube"). YouTube is one with Google LLC (1600 Amphitheater Parkway, Mountain View, CA) 94043, USA; “Google”) affiliate.



The function displays videos stored on YouTube in an iFrame on the website. The option "Extended data protection mode" is activated. As a result, YouTube does not store any information about visitors to the website. Only when you watch a video, information about it is transmitted to YouTube and stored there. Your data may be transferred to the United States. Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines.



You can find more information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy in YouTube's data protection information (https://www.youtube.com/t/privacy) .



Use of Google Maps

We use the function for embedding Google Maps from Google LLC on our website (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google").



If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws.



The function enables the visual display of geographic information and interactive maps. Google also collects, processes and uses data from visitors to the website when calling up the pages in which GoogleMaps maps are integrated.



Your data may also be transferred to the United States. Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines.



Processing takes place on the basis of Art. 6 Para. 1 lit. f GDPR from the legitimate interest in the needs-based and targeted design of our website.



You can find more information on the collection and use of data by Google in Google's data protection information at https://www.google.com/privacypolicy.html . There you also have the option of changing your settings in the data protection center so that you can manage and protect your data processed by Google.



Use of Google reCAPTCHA

We use the reCAPTCHA service from Google LLC on our website (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google").



If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws. The purpose of the query is to differentiate between the input by a human being or by automated, mechanical processing. Your entry will be transmitted to Google and used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and, if necessary, also transmitted to the USA. Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines.



Processing takes place on the basis of Art. 6 Para. 1 lit. f GDPR for the legitimate interest of protecting our website against automated spying, misuse and SPAM.



Further information on Google reCAPTCHA and the associated data protection declaration can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy .



Data subject rights and storage period



Duration of storage

After completion of the contract, the data will be stored for the duration of the warranty period, then taking legal, especially tax and commercial retention periods into account and then deleted after the deadline, unless you have consented to further processing and use.



Rights of the data subject

If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability.



In addition, according to Art. 21 Para. 1 GDPR you have a right to object to processing based on Art. 6 Para. 1 f GDPR and processing for the purpose of direct advertising.



Contact us on request. The contact details can be found in our imprint.



Right to lodge a complaint with the supervisory authority

According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.



Right to object

The personal data processing listed here is based on our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR, you have the right to object to this processing at any time with future effect for reasons that arise from your particular situation.



After the objection has been made, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.



If personal data processing takes place for the purposes of direct advertising, you can object to this processing at any time by notifying us. After the objection has been made, we stop processing the data concerned for the purpose of direct advertising.



Last update: 10/2020