(translated by DeepL.com)
1. Data protection at a glance
The following notes provide a simple overview of what happens to your personal information when you visit this website. Personal information is any information that personally identifies you. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.
Data collection on this website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. His contact details can be found in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This can be data that you enter in a contact form, for example.
Other data is collected automatically or with your consent by our IT systems when you visit the website. These are mainly technical data (e.g. internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure that the website is provided without errors. Other data can be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right to receive information free of charge about the origin, recipient and purpose of your stored personal data at any time. You also have the right to demand the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. In addition, you have the right to demand, under certain circumstances, the restriction of the processing of your personal data. Furthermore, you have the right of appeal to the competent supervisory authority.
You can contact us at any time at the address given in the imprint for this and other questions on the subject of data protection.
Analysis tools and third-party tools
When you visit this website, your surfing behaviour can be statistically evaluated. This is mainly done with so-called analysis programs.
You will find detailed information on these analysis programs in the following data protection declaration.
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated by a website.
The use of the hoster is for the purpose of fulfilling the contract vis-à-vis our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our hoster will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.
We use the following hoster:
Oskar-Messter-Str. 33, 85737 Ismaning
(EU-Webserver-Standort: Straßburg, Frankreich)
3. General notes and mandatory information
The operators of this homepage take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This data protection declaration explains which data we collect and for what purpose we use it. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can be subject to security vulnerabilities. A complete protection of the data against access by third parties is not possible.
Note on the responsible party (GDPR related)
Responsible for data processing on this website is:
Carl D. Erling
Eisenacher Str. 119, 10777 Berlin
The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke any consent already given at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
Right of complaint to the competent supervisory authority
In the event of infringements of the GDPR, the persons concerned have the right to appeal to a supervisory authority, in particular in the EU Member State of their habitual residence, workplace or place of presumed infringement. The right of appeal shall be without prejudice to other administrative or judicial remedies.
Right to data transferability
You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information about, deletion and correction
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of data processing and, if applicable, a right to correction or deletion of this data. You can contact us at any time at the address given in the imprint for this and other questions on the subject of personal data.
Right to limitation of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the imprint. The right to limit the processing exists in the following cases:
- If you dispute the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the examination, you have the right to demand the restriction of the processing of your personal data.
- If the processing of your personal data has taken place unlawfully, you can demand the restriction of data processing instead of deletion.
- If we no longer need your personal data, but you need it for the exercise, defence or assertion of legal claims, you have the right to demand the restriction of the processing of your personal data instead of deletion.
- If you have raised an objection in accordance with Art. 21 para. 1 GDPR, you must weigh your interests against ours. As long as it is not yet clear whose interests predominate, you have the right to demand that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, such data may not be processed - apart from its storage - without your consent or for the purpose of asserting, exercising or defending legal rights or protecting the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
Objection to advertising e-mails
We hereby object to the use of contact data published within the scope of the imprint obligation to send unsolicited advertising and information material. The operators of these pages expressly reserve the right to take legal action against unsolicited mailing or e-mailing of spam and other similar advertising materials.
4. Data collection on this website
Our Internet pages use so-called “cookies”. Cookies are small text files and do not cause any damage on your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for the processing of payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behaviour or display advertisements.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is given. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of his services. If consent to the storage of cookies has been requested, the storage of the cookies in question will be carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR); the consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the scope of this data protection declaration and, if necessary, request your consent.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Visited website
- Time at time of access
- Amount of transmitted data in bytes
- Source/reference from which you accessed the site
- Used Browser
- Operating system used
- Used IP address
This data is not merged with other data sources.
These data are recorded on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of his website - for this purpose the server log files must be recorded.
Our server is configured to automatically delete these log files after 7 days.
If you submit enquiries to us via the contact form, your details from the enquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this has been requested.
The data entered by you in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular retention periods - remain unaffected.
Inquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your inquiry including all personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your inquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), provided that the enquiry was made.
The data sent to us by you via contact enquiries remains with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your enquiry has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
5. Social media
Social media plugins with “Shariff”
Social media plug-ins are used on this website (e.g. Facebook, Twitter, Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually recognize the plugins by the respective social media logos. To ensure the privacy of this website, we use these plugins only in conjunction with the so-called “Shariff” solution. This application prevents the plugins integrated on this website from transferring data to the respective provider the first time the user enters the site.
Only when you activate the respective plugin by clicking on the corresponding button will a direct connection to the provider’s server be established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited this website with your IP address. If you are simultaneously logged into your respective social media account (e.g. Facebook), the respective provider can assign the visit to this website to your user account.
Activating the plugin constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future.
Facebook plugins (Like & Share button)
On this website plugins of the social network Facebook are integrated. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
The Facebook plugins can be identified by the Facebook logo or the “Like” button on this website. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/?locale.
If you do not want Facebook to be able to assign your visit to this website to your Facebook user account, please log out of your Facebook user account.
The Facebook plugins are used on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a justified interest in the widest possible visibility in the social media.
The Twitter plugin is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in the social media. If the relevant consent has been requested, processing shall be carried out exclusively on the basis of Art. 6 para. 1 letter a GDPR; consent may be revoked at any time.
Data transmission to the USA is based on the standard contractual clauses of the EU https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
You can change your privacy settings on Twitter in the account settings at https://twitter.com/account/settings.
On this website we use social plugins from the Pinterest social network, which is operated by Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
When you access a page that contains such a plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transfers protocol data to the Pinterest server in the USA. This log data may include your IP address, the address of the websites visited that also contain Pinterest functions, the type and settings of the browser, the date and time of the request, your use of Pinterest and cookies.
The data is stored and analysed on the basis of Art. 6 para. 1 lit. f GDPR The website operator has a legitimate interest in the widest possible visibility in the social media. If the relevant consent has been requested, the data will be processed exclusively on the basis of Art. 6 para. 1 letter a DGDPR; consent may be revoked at any time.
Our social media appearances
(this section is translated with deepL.com)
Data processing through social networks
We maintain publicly accessible profiles on social networks. The social networks we use are listed below.
Social networks such as Facebook, Google+, etc. can generally comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). When you visit our social media sites, numerous data protection-relevant processing processes are triggered. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the relevant social media portal. In this case, data is collected, for example, via cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-related advertising can be displayed inside and outside the respective social media presence. If you have an account on the social network, interest-based advertising can be displayed on all devices on which you are logged in or were logged in.
Our social media sites should ensure the most comprehensive possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. The analysis processes initiated by the social networks may be based on different legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a DSGVO).
Responsible and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are responsible together with the operator of the social media platform for the data processing processes triggered during this visit. You can assert your rights (information, correction, deletion, restriction of processing, data transferability and complaints) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite joint responsibility with the social media portal operators, we do not have full influence on the data processing processes of the social media portals. Our possibilities depend largely on the corporate policy of the respective provider.
The data collected directly by us via our social media presence will be deleted from our systems as soon as the purpose for its storage ceases to apply, you request that we delete it, revoke your consent for storage or the purpose for data storage ceases to apply. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of your data, which are stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their data protection declaration, see below).
Social networks in detail
We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified according to the EU-US Privacy Shield.
You can adjust your advertising settings independently in your user account. Please click on the following link and log in:https://www.facebook.com/settings?tab=ads
6. Analysis tools and advertising
Matomo (formerly Piwik)
This website uses the open source web analysis service Matomo. Matomo uses technologies that enable the recognition of the user across pages for the analysis of user behaviour (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is made anonymous before being saved.
With the help of Matomo we are able to collect and analyse data on the use of our website by website visitors. This enables us to find out, among other things, when which pages were called up and from which region they came. We also collect various log files (e.g. IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymised analysis of user behaviour in order to optimise both his website and his advertising. If the relevant consent has been requested (e.g. consent to the storage of cookies), processing will be carried out exclusively on the basis of Art. 6 para. 1 letter a GDPR; consent may be revoked at any time.
We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.
PW Page Hit Counter
This website uses a simple internal page counter which measures the number of certain pages viewed.
No user profiles are created, but a cookie may be set for a maximum of 60 minutes.
The IP address is not recorded. A personal identification of a visitor is therefore not possible.
MailChimp - Newsletter
We offer you the opportunity to register for our free newsletter via our website.
For newsletter distribution we use MailChimp, a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA, hereinafter referred to as “The Rocket Science Group”.
Through certification according to the EU-US Privacy Shield
The Rocket Science Group guarantees that EU data protection requirements will also be met when processing data in the USA. In addition, The Rocket Science Group offers further data protection information at http://mailchimp.com/legal/privacy/ .
If you subscribe to our newsletter, the data requested during the subscription process, such as your e-mail address and, optionally, your name and address, will be processed by The Rocket Science Group. In addition, your IP address, the date of your registration and the time will be saved. As part of the further registration process, your consent to the sending of the newsletter will be obtained, the content specifically described and referred to this privacy statement.
The newsletter sent via The Rocket Science Group also contains a so-called tracking pixel, also known as “web beacon”. With the help of this pixel-code we can evaluate whether and when you have read our newsletter and whether you have followed any links contained in the newsletter. In addition to other technical data, such as the data of your computer system and your IP address, the data processed is stored so that we can optimize our newsletter offer and respond to the wishes of readers. The data will thus increase the quality and attractiveness of our newsletter offering.
The legal basis for the dispatch of the newsletter and the analysis is Art. 6 para. 1 lit. a.) DSGVO.
In accordance with Art. 7 para. 3 DSGVO, you may revoke your consent to receive the newsletter at any time with effect for the future. All you have to do is inform us of your revocation or click on the unsubscribe link contained in each newsletter.
text White & Partner www.ratgeberrecht.eu
Conclusion of a data processing agreement
We have concluded a so-called “Data Processing Agreement” with MailChimp, in which we commit MailChimp to protect the data of our customers and not to pass it on to third parties.
8. Plugins and Tools
YouTube with enhanced data protection
This website integrates videos from YouTube. The operator of the site is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in enhanced privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this site before they watch the video. However, the enhanced privacy mode does not necessarily preclude the sharing of information with YouTube partners. For example, YouTube connects to the Google DoubleClick network whether or not you are watching a video.
When you launch a YouTube video on this site, it connects to the YouTube servers. This tells the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, you allow YouTube to associate your browsing habits directly with your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to gather video statistics, improve the user experience and prevent fraud.
Once a YouTube video is launched, it may trigger other data processing operations over which we have no control.
YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Vimeo without tracking (Do-Not-Track)
This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our sites equipped with Vimeo videos, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. However, we have set up Vimeo so that Vimeo will not track your user activities and will not set cookies.
Vimeo is used in the interest of an attractive presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If the appropriate consent has been requested, the processing will be carried out exclusively on the basis of Art. 6 para. 1 letter a GDPR; consent may be revoked at any time.
Data transmission to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests”. Details can be found here: https://vimeo.com/privacy.
We use the map service of OpenStreetMap (OSM). Provider is the Open-Street-Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.
When you visit a Web site that includes OpenStreetMap, your IP address and other information about your behavior on that Web site is reported to OSMF. OpenStreetMap may store cookies in your browser or use similar recognition technologies.
OpenStreetMap is used in the interest of an appealing presentation of our online offers and easy findability of the locations we have indicated on the website. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Google Web Fonts (local hosting)
This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.
We use technical and organisational security measures to ensure that our users’ personal data is protected against loss, incorrect changes or unauthorised access by third parties. In particular, we endeavour to prevent any automatic reading out of our website and its data stock by third parties.
We have concluded a contract for order data processing with the European operator of our server (server location EU).
Security software II.
The Site uses security software (Web Application Firewall) to prevent unauthorized access to user accounts. For this purpose, IP addresses are stored temporarily or permanently if it was attempted to access the user or administration accounts of this Internet site several times by entering incorrect access data.
The data is stored on the basis of Art. 6 Para. 1 letter f DSGVO (legitimate interest) and does not affect normal web visitors.
Due to the further development of our web pages and offers about them or due to changed legal or official specifications it may become necessary to change this data protection declaration. You can view and print out the current data protection declaration on our website at any time.
- December, 2020 -