Privacy policy

Privacy Policy

The controller responsible for data processing is:

Tobias Huber

Zwischen den Wegen 34

78239 Rielasingen-Worblingen

Email: t.huber@elke-plastic.com

Telephone: 07731924430

We are pleased about your interest in our website. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.

1. Access data and hosting

You can visit our websites without providing any information about yourself. Each time a website is accessed, the web server merely automatically stores a so-called server log file which contains, for example, the name of the requested file, your IP address, the date and time of the access, the volume of data transferred and the requesting provider (access data) and documents the access. This access data is evaluated exclusively for the purpose of ensuring trouble-free operation of the site and improving our offering. This serves to safeguard our legitimate interests, which prevail in the context of a balancing of interests, in a correct presentation of our offering pursuant to Art. 6 (1) sentence 1 lit. f GDPR. All access data is deleted at the latest seven days after the end of your visit to the site. All access data is processed only for as long as this is necessary to achieve the above-mentioned processing purposes.

 Hosting

The services for hosting and displaying the website are partly provided by our service providers within the scope of processing on our behalf. Unless otherwise explained within the scope of this privacy policy, all access data as well as all data collected in the forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by way of a decision: Canada, New Zealand, Japan, United Kingdom, USA.

The adequacy decision for the USA applies as the basis for the third-country transfer, insofar as the respective service provider is certified. Until certification by our service providers, the data transfer continues to be based on this basis: standard data protection clauses of the European Commission.

Our service providers are based in and/or use servers in these countries: Australia, India, Singapore.
For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on these safeguards:  standard data protection clauses of the European Commission

2. Data processing for contract execution and contact

2.1 Data processing for contract execution

For the purpose of contract execution (including enquiries about and the handling of any existing claims under the law on warranty, on defective performance and on the right of withdrawal, as well as any statutory update obligations) pursuant to Art. 6 (1) sentence 1 lit. b GDPR, we collect personal data if you voluntarily provide it to us within the scope of your order. Mandatory fields are marked as such, since in these cases we absolutely require the data for the execution of the contract and cannot dispatch the order without it being provided. Which data is collected can be seen from the respective input forms.

Further information on the processing of your data, in particular on the disclosure to our service providers for the purpose of order, payment and shipping handling, can be found in the following sections of this privacy policy. After complete execution of the contract, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law pursuant to Art. 6 (1) sentence 1 lit. c GDPR, unless you have expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

Merchandise management system

For order and contract execution we use merchandise management systems of external service providers. Our service providers act for us within the scope of order processing. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

2.2 Customer account

Insofar as you have given your consent to this pursuant to Art. 6 (1) sentence 1 lit. a GDPR by deciding to open a customer account, we use your data for the purpose of opening the customer account as well as for storing your data for further future orders on our website. The deletion of your customer account is possible at any time and can be carried out either by means of a message to the contact option described in this privacy policy or via a function provided for this purpose in the customer account. After deletion of your customer account, your data will be deleted, unless you have expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

 Contact

Within the scope of customer communication, we collect personal data pursuant to Art. 6 (1) sentence 1 lit. b GDPR to process your enquiries if you voluntarily provide it to us when contacting us (e.g. via contact form, live chat tool or email). Mandatory fields are marked as such, since in these cases we absolutely require the data to process your contact. Which data is collected can be seen from the respective input forms. After complete processing of your enquiry, your data will be deleted, unless you have expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

3. Data processing for the purpose of shipping handling

For the performance of the contract pursuant to Art. 6 (1) sentence 1 lit. b GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

 Disclosure of data to shipping service providers for the purpose of shipping notification

Insofar as you have given us your express consent to this during or after your order, we pass on your email address and telephone number to the selected shipping service provider on the basis of this consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR, so that the latter can contact you prior to delivery for the purpose of delivery notification or coordination.
The consent can be revoked at any time by means of a message to the contact option described in this privacy policy. After revocation, we delete the data you provided for this purpose, insofar as you have not expressly consented to a further use of your data or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

4. Data processing for payment handling

When handling payments in our online shop, we cooperate with these partners: technical service providers, credit institutions, payment service providers.

4.1 Data processing for transaction handling

Depending on the selected payment method, we pass on the data necessary for the handling of the payment transaction to our technical service providers or to the commissioned credit institutions or to the selected payment service provider, insofar as this is necessary for the handling of the payment. This serves the performance of the contract pursuant to Art. 6 (1) sentence 1 lit. b GDPR. In part, the payment service providers themselves collect the data required for the handling of the payment, e.g. on their own website or via a technical integration in the ordering process. In this respect, the privacy policy of the respective payment service provider applies.

Depending on the selected payment method, data transfers to third countries outside the EU/EEA may occur for which the European Commission has determined an adequate level of data protection by way of a decision. Insofar as a data transfer takes place to third countries outside the EU/EEA for which the European Commission has not issued a decision on an adequate level of data protection, the cooperation is based on standard data protection clauses of the European Commission.

If you have any questions about our partners for payment handling or about the basis of our cooperation with them, please contact the contact option named in this privacy policy.

4.2 Data processing for the purpose of fraud prevention and the optimisation of our payment processes

Where applicable, we provide the aforementioned service providers with further data which they use, together with the data necessary for the handling of the payment, for the purpose of fraud prevention and the optimisation of our payment processes (e.g. invoicing, handling of disputed payments, support of accounting). Pursuant to Art. 6 (1) sentence 1 lit. f GDPR, this serves to safeguard our legitimate interests, which prevail in the context of a balancing of interests, in our protection against fraud or in efficient payment management.

4.3 Identity and creditworthiness check when selecting Klarna payment services

Klarna direct debit, purchase on account via Klarna, Klarna instalment purchase
If you decide to use the payment services of Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter Klarna), we ask for your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR that we may transmit the data necessary for the handling of the payment and an identity and creditworthiness check to Klarna. In Germany, the credit agencies named in Klarna's privacy policy may be used for the identity and creditworthiness check. Klarna uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, performance or termination of the contractual relationship. You can revoke your consent at any time by means of a message to the contact option named in this privacy policy. This may have the consequence that we can no longer offer you certain payment options. You can also revoke your consent to this use of personal data at any time vis-à-vis Klarna.

4.4 Identity and creditworthiness check when selecting purchase on account via PayPal and Ratepay

If you decide on the payment method purchase on account (offered via Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin (hereinafter Ratepay) and PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg (hereinafter PayPal)), we ask for your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR that we may transmit the data necessary for the handling of the payment and an identity and creditworthiness check to Ratepay. In Germany, the credit agencies named in Ratepay's privacy policy may be used for the identity and creditworthiness check. Ratepay uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, performance or termination of the contractual relationship. You can revoke your consent at any time by means of a message to the contact option named in this privacy policy. This may have the consequence that we can no longer offer you certain payment options. Additional information on data protection at PayPal can be found here.

4.5 Engagement of debt collection service providers

We pass on your data to a commissioned debt collection service provider, Akzepta Inkasso GmbH, Elsenheimerstraße 43, 80687 Munich, Germany, insofar as our payment claim has not been settled despite a prior reminder. In this case, the claim is collected directly by the debt collection service provider. This serves the performance of the contract pursuant to Art. 6 (1) sentence 1 lit. b GDPR as well as the safeguarding of our legitimate interests, which prevail in the context of a balancing of interests, in an effective assertion or enforcement of our payment claim pursuant to Art. 6 (1) sentence 1 lit. f GDPR.

5. Advertising by email, post, telephone

5.1 Email newsletter with registration, newsletter tracking with separate consent

If you register for our newsletter, we use the data required for this or separately provided by you in order to regularly send you our email newsletter on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR. Unsubscribing from the newsletter is possible at any time and can be carried out either by means of a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we delete your email address from the recipient list, insofar as you have not expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

If you have additionally given us your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR to the analysis of our newsletters, we also analyse your handling of our newsletter by measuring, storing and evaluating opening rates and click rates for the purpose of designing future newsletter campaigns ("newsletter tracking").

For this evaluation, the emails sent contain one-pixel technologies (e.g. so-called web beacons, tracking pixels) that are stored on our website. For the evaluations, we link in particular the following "newsletter data"

• the page from which the page was requested (so-called referrer URL),
• the date and time of the access,
• the description of the type of web browser used,
• the IP address of the requesting computer,
• the email address,
• the date and time of registration and confirmation

and the one-pixel technologies with your email address or your IP address and, where applicable, an individual ID. Links contained in the newsletter may also contain this ID.

Unsubscribing from newsletter tracking is possible at any time and can be carried out either by means of a message to the described contact option or via a link provided for this purpose in the newsletter.

The information is stored for as long as you have subscribed to the newsletter.

 Email newsletter without registration and your right to object

If we receive your email address in connection with the sale of a product or service, we reserve the right to regularly send you offers for products similar to those already purchased from our range by email. We will not send you such offers if you have already objected to this use of your email address or are entered in a Robinson list that must be observed by law.

You can object to this use of your email address at any time, easily and free of charge, i.e. without incurring any costs other than the transmission costs according to the basic tariffs, also by means of a message to the contact option described in this privacy policy or via a link provided for this purpose in the advertising email. After unsubscribing, we delete your email address from the recipient list, insofar as you have not expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

5.2 Newsletter dispatch

The newsletter and the newsletter tracking presented above are, where applicable, also sent by our service providers within the scope of processing on our behalf. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by way of a decision: Canada

5.3 Sending review requests by email

Insofar as you have given us your express consent to this during or after your order pursuant to Art. 6 (1) sentence 1 lit. a GDPR, we use your email address for the request to submit a review of your order via the review system we use. This consent can be revoked at any time by means of a message to the contact option described in this privacy policy or via a link provided for this purpose in the review request. After revocation of your consent, we delete your email address from the recipient list, insofar as you have not expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

The review requests are, where applicable, also sent by our service provider Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops").

In the course of sending review requests, we receive information on the respective status from Trusted Shops (e.g. whether the review request has been sent and whether it has arrived). This is done pursuant to Art. 6 (1) sentence 1 lit. f GDPR to fulfil our legitimate interest in receiving information about the review invitations in order to be able to make optimisations on this basis, as well as to fulfil the legitimate interest of Trusted Shops in being able to offer this service.

For the sending of review requests and for the collection and display of review or status information, we are jointly responsible with Trusted Shops.

Within the scope of the joint responsibility existing between us and Trusted Shops, please contact Trusted Shops preferentially for data protection questions and for asserting your rights; you can find their contact options here. Further information on data protection can be found via the following link here. Irrespective of this, you can also always contact us at the contact option described in this privacy policy. Your enquiry will then, if necessary, be forwarded to the other controller for response.

5.4 Postal advertising and your right to object

In addition, we reserve the right to use your first and last name as well as your postal address for our own advertising purposes, e.g. to send you interesting offers and information about our products by postal mail. This serves to safeguard our legitimate interests, which prevail in the context of a balancing of interests, in addressing our customers in an advertising manner pursuant to Art. 6 (1) sentence 1 lit. f GDPR. You can object to the storage and use of your data for these purposes at any time by means of a message to the contact option described in this privacy policy.
After revocation of your consent, we delete your address from the recipient list, insofar as you have not expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

5.5 Telephone advertising

Insofar as you have given your consent to this pursuant to Art. 6 (1) sentence 1 lit. a GDPR, we use the data required for this or separately provided by you for our own advertising purposes, e.g. to inform you about interesting offers and our products. You can revoke your consent at any time either by means of a message to the contact option described in this privacy policy or by an oral notification during each call. After revocation, we delete your telephone number, insofar as you have not expressly consented to a further use of your data or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

6. Cookies and other technologies

6.1 General information

In order to make the visit to our website attractive and to enable the use of certain functions, we use technologies including so-called cookies on various pages. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted again after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser on your next visit (persistent cookies). You can find the duration of the storage in the overview in the cookie settings of your web browser.

Protection of privacy on end devices

When using our online offering, we use absolutely necessary technologies in order to be able to provide the expressly requested digital service. The storage of information in your end device or the access to information that is already stored in your end device does not require consent in this respect.

For functions that are not absolutely necessary, the storage of information in your end device or the access to information that is already stored in your end device requires your consent. We point out that if consent is not given, parts of the website may not be fully usable. Any consents you have given remain in place until you adjust or reset the respective settings in your end device.

Any subsequent data processing through cookies and other technologies

We use such technologies that are absolutely necessary for the use of certain functions of our website. By means of these technologies, IP address, time of the visit, device and browser information as well as information on your use of our website are collected and processed. Within the context of a balancing of interests, this serves prevailing legitimate interests in an optimised presentation of our offering pursuant to Art. 6 (1) sentence 1 lit. f GDPR.

In addition, we use technologies to fulfil the legal obligations to which we are subject (e.g. in order to be able to provide evidence of consents to the processing of your personal data) as well as for web analytics and online marketing. Further information on this, including the respective legal basis for the data processing, can be found in the following sections of this privacy policy. Where applicable, we also use technologies that are not listed individually in this privacy policy. More detailed information on these technologies, including the respective legal basis for the data processing, can be found on the Usercentrics platform. You can reach this by clicking on the fingerprint button in the bottom right or left corner of the page.

Cookie settings

You can find the cookie settings for your browser under the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

Insofar as you have consented to the use of the technologies pursuant to Art. 6 (1) sentence 1 lit. a GDPR, you can revoke your consent at any time by means of a message to the contact option described in the privacy policy. Alternatively, you can click on the fingerprint button in the bottom right or left corner of the page. If cookies are not accepted, the functionality of our website may be restricted.

6.2 Use of the Usercentrics Consent Management Platform to manage consents

On our website we use the Usercentrics Consent Management Platform ("Usercentrics") in order to inform you about the cookies and the other technologies that we use on our website, as well as to obtain, manage and document your consent to the processing of your personal data by these technologies where this is legally required. Pursuant to Art. 6 (1) sentence 1 lit. c GDPR, this is necessary to fulfil our legal obligation pursuant to Art. 7 (1) GDPR, to which we are subject, to be able to provide evidence of your consent to the processing of your personal data. Usercentrics is an offering of Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, which processes your data on our behalf. When you visit our website, the web server of Usercentrics stores a so-called server log file which also contains your anonymised IP address, the date and time of the visit, device and browser information as well as information on your consent behaviour. Your data is deleted after three years, unless you have expressly consented to a further use of your data pursuant to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use the data beyond this in a manner that is permitted by law and about which we inform you in this declaration.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by way of a decision: USA.

The adequacy decision for the USA applies as the basis for the third-country transfer, insofar as the respective service provider is certified. A certification exists.

6.3 Information on third-country transfer (data transmission to third countries)

We use technologies of service providers on our website whose registered office and/or server locations may be located in third countries, outside the EU or the EEA. If there is no adequacy decision of the EU Commission for that country, an adequate level of data protection must be ensured by means of other suitable safeguards.

Suitable safeguards in the form of contractually agreed standard contractual clauses of the EU Commission or binding internal data protection rules (Binding Corporate Rules) are generally possible, but require a prior examination by the contracting parties as to whether an adequate level of protection can be ensured. According to the case law of the ECJ, it may be necessary for this purpose to take additional protective measures.

With the technology providers we use that process personal data in a third country, we have, as a matter of principle, agreed the standard data protection clauses issued by the EU Commission. Where possible, we also agree additional safeguards that are intended to ensure that adequate data protection is guaranteed in the third countries without an adequacy decision.

Notwithstanding this, it may occur that, despite all contractual and technical measures, the level of data protection in the third country does not correspond to that of the EU. For these cases, we ask you, if necessary within the scope of the cookie consent, for your consent pursuant to Art. 49 (1) lit. a GDPR to the transmission of your personal data to a third country.
In this regard, there is in particular the risk that local authorities of the third country may, from a European data protection perspective, obtain rights of access to your personal data that are not sufficiently restricted, that we as the data exporter or you as the data subject may not become aware of this and/or that you may possibly also have no adequate legal remedies available to prevent this and/or to take action against such access.

In particular, the following countries currently count among the third countries without an adequacy decision of the EU Commission (example list):

• China
• Russia
• Taiwan

You can find out to which third countries a data transmission by us takes place in the data protection notices of the respective tool used and/or of the service for consent management / Consent Manager Platform (CMP) used by us.

7. Use of cookies and other technologies

On our website we use the following cookies and other technologies of third-party providers. Unless otherwise stated for the individual technologies, this is done on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR. After the purpose has ceased to apply and the use of the respective technology by us has ended, the data collected in this connection is deleted. You can revoke your consent at any time with effect for the future. Further information on your options for revocation can be found in the section "Cookies and other technologies". Further information, including the basis of our cooperation with the individual providers, can be found at the individual technologies. If you have any questions about the providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

7.1 Use of Adobe services

We use the technologies presented below of Adobe Systems, Software Ireland Limited, Ireland, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland ("Adobe"). The information automatically collected by the Adobe technologies about your use of our website is generally transmitted to a server of Adobe, Inc., 345 Park Avenue San Jose, CA 95110-2704, USA, and stored there. If your IP address is collected via the Adobe technologies, it is shortened before storage on Adobe's servers by the activation of corresponding settings, or completely replaced by a generic IP address.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by way of a decision: Canada, Japan, Switzerland, United Kingdom, USA.

The adequacy decision for the USA applies as the basis for the third-country transfer, insofar as the respective service provider is certified. A certification exists.

Our service providers are based in and/or use servers in countries outside the EU and the EEA. For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on standard data protection clauses of the European Commission. 

 Adobe Fonts

For the uniform presentation of the contents on our website, data (IP address, time of the visit, device and browser information) is collected, transmitted to Adobe and subsequently processed by Adobe by means of the script code "Adobe Fonts". We have no influence on this subsequent data processing. The data processing is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR.

7.2 Use of Google services

We use the technologies presented below of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by the Google technologies about your use of our website is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there. Unless otherwise stated for the individual technologies, the data processing is carried out on the basis of an agreement concluded for the respective technology between joint controllers pursuant to Art. 26 GDPR. Further information about the data processing by Google can be found in Google's privacy notices.

Our service providers are based in and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by way of a decision.

Our service providers are based in and/or use servers in countries outside the EU and the EEA. For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on standard data protection clauses of the European Commission. 

 Google Analytics

For the purpose of website analysis, data (IP address, time of the visit, device and browser information as well as information on your use of our website) is automatically collected and stored with Google Analytics, from which usage profiles are created using pseudonyms. Cookies can be used for this purpose. If you visit our website from the EU, your IP address is stored on a server located in the EU to derive location data and is then immediately deleted before the traffic is forwarded to further servers of Google for processing. The data processing is carried out on the basis of an agreement on order processing by Google.

For the purpose of the optimised marketing of our website, we have activated the data sharing settings for "Google products and services" . This enables Google to access the data collected and processed by Google Analytics and subsequently to use it to improve Google services. The data sharing with Google within the scope of these data sharing settings is carried out on the basis of an additional agreement between controllers. We have no influence on the subsequent data processing by Google.

For the purpose of the optimised marketing of our website, we use the so-called User ID function. With the help of this function, we can assign a unique, permanent ID to your interaction data of one or more sessions on our online presences and thus analyse your user behaviour across devices and sessions.

For web analytics, the so-called "cross-device tracking" is enabled by the extension function of Google Analytics, Google Signals. Insofar as your internet-enabled devices are linked to your Google account and you have activated the setting "personalised advertising" in your Google account, Google can create reports on your usage behaviour (in particular the cross-device user numbers), even if you change your end device. No processing of personal data by us takes place in this respect; we merely receive statistics created on the basis of Google Signals.

For web analytics and advertising purposes, the so-called DoubleClick cookie enables, by the extension function of Google Analytics, a recognition of your browser when visiting other websites. Google will use this information to compile reports on website activities and to provide further services associated with the use of the website.

If you do not give us consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR to the use of Google Analytics, no cookies are stored on or read from your device. The data processing described in the previous paragraphs does not take place. In order to close gaps in web analytics through behavioural and conversion modelling, pings with data (user agent, information on your consent behaviour, screen resolution, IP address) are sent to Google.

 Google AdSense

Our website markets space for advertisements from third-party providers via Google AdSense. These advertisements are displayed to you at various places on this website. Via the so-called DoubleClick cookie, the display of interest-based advertising is enabled by the collection and processing of data (IP address, time of the visit, device and browser information as well as information on your use of our website) as well as the automatic assignment of a pseudonymous UserID, with the help of which the interests are determined on the basis of visits to this and other websites.

 Google Ads

For advertising purposes in the Google search results as well as on the websites of third parties, the so-called Google Remarketing cookie is set when you visit our website, which automatically enables interest-based advertising by the collection and processing of data (IP address, time of the visit, device and browser information as well as information on your use of our website) and by means of a pseudonymous CookieID and on the basis of the pages you have visited. Data processing beyond this only takes place insofar as you have activated the setting "personalised advertising" in your Google account. If, in this case, you are logged in to Google during the visit to our website, Google uses your data together with Google Analytics data to create and define target group lists for cross-device remarketing.

For website analysis and event tracking, we measure your subsequent usage behaviour via Google Ads Conversion Tracking if you have arrived at our website via a Google Ads advertisement. For this purpose, cookies can be used and data (IP address, time of the visit, device and browser information as well as information on your use of our website on the basis of events specified by us, such as the visit of a website or newsletter registration) can be recorded, from which usage profiles are created using pseudonyms.

If you do not give us consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR to the use of Google Ads, no cookies are stored on or read from your device. The data processing described in the previous paragraphs does not take place. In order to close gaps in web analytics through behavioural and conversion modelling, pings with data (user agent, information on your consent behaviour, screen resolution, IP address, page URL, information on advertisement clicks in URL parameters) are sent to Google. Your IP address is used to derive the IP country.

 Google Maps

For the visual presentation of geographical information, data on your use of the Maps functions, in particular the IP address as well as location data, is collected by Google Maps, transmitted to Google and subsequently processed by Google. We have no influence on this subsequent data processing.

 Google reCAPTCHA

For the purpose of protection against misuse of our web forms as well as against spam by automated software (so-called bots), Google reCAPTCHA collects data (IP address, time of the visit, browser information as well as information on your use of our website) and carries out an analysis of your use of our website by means of so-called JavaScript and cookies. In addition, other cookies stored in your browser by Google services are evaluated. The data processing is carried out on the basis of an agreement on order processing by Google. The users of a customer who access websites protected by reCAPTCHA are no longer subject to Google's privacy policy and terms of use.

 Google Fonts

For the uniform presentation of the contents on our website, data (IP address, time of the visit, device and browser information) is collected, transmitted to Google and subsequently processed by Google by means of the script code "Google Fonts". We have no influence on this subsequent data processing.

 Google Tag Manager

By means of the Google Tag Manager, we can manage various codes and services on our website. When implementing the individual tags, Google may also process personal data (e.g. IP address, online identifiers (including cookies)). The data processing is carried out on the basis of an agreement on order processing by Google.

By using the Google Tag Manager, an integration of various services/technologies can be achieved.
If you do not wish to use individual tracking services and have therefore deactivated them, the deactivation remains in place for all affected tracking tags that are integrated by the Google Tag Manager.

 YouTube Video Plugin

For the integration of third-party content, data (IP address, time of the visit, device and browser information) is collected via the YouTube Video Plugin in the extended data protection mode used by us, transmitted to Google and subsequently processed by Google, only if you play a video.

7.3 Use of Meta services

 Use of Meta Pixel

We use the Meta Pixel within the scope of the technologies presented below of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Facebook (by Meta)" or "Meta Platforms Ireland"). With the Meta Pixel, data (IP address, time of the visit, device and browser information as well as information on your use of our website on the basis of events specified by us, such as the visit of a website or newsletter registration) is automatically collected and stored, from which usage profiles are created using pseudonyms. Within the scope of the so-called advanced data matching, information for matching purposes is moreover collected and stored in hashed form, with which individuals can be identified (e.g. names, email addresses and telephone numbers). For this purpose, a cookie is automatically set by the Meta Pixel when you visit our website, which automatically enables a recognition of your browser when visiting other websites by means of a pseudonymous CookieID. Meta Platforms Ireland will combine this information with further data from your Facebook account and use it to compile reports on the website activities and to provide further services associated with the use of the website, in particular personalised and group-based advertising.
The information automatically collected by the technologies of Meta Platforms Ireland about your use of our website is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Further information about the data processing by Meta Platforms Ireland can be found in the privacy notices of Meta Platforms Ireland.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by way of a decision: Brazil, USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA applies as the basis for the third-country transfer, insofar as the respective service provider is certified. A certification exists.

Our service providers are based in and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Mexico. For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on these safeguards:  standard data protection clauses of the European Commission.

 Meta Ads Manager

Via Meta Ads Manager, we advertise for this website on Facebook (by Meta) as well as on other platforms. We determine the parameters of the respective advertising campaign. Meta Platforms Ireland is responsible for the exact implementation, in particular the decision on the placement of the advertisements with individual users. Unless otherwise stated for the individual technologies, the data processing is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR. The joint responsibility is limited to the collection of the data and its transmission to Meta Platforms Ireland. The subsequent data processing by Meta Platforms Ireland is not covered by this.

On the basis of the statistics created via Meta Pixel about visitor activities on our website, we operate group-based advertising on Facebook (by Meta) via Custom Audiences by determining the characteristics of the respective target group. Within the scope of the advanced data matching (see above) taking place to determine the respective target group, Meta Platforms Ireland acts as our processor.

On the basis of the pseudonymous cookie ID set by the Meta Pixel and the data collected about your usage behaviour on our website, we operate personalised advertising via Custom Audiences.

Via Conversions (via Meta Pixel or Conversions API), we measure, for web analytics and event tracking, your subsequent usage behaviour if you have arrived at our website via an advertisement of Meta Ads Manager. The data processing is carried out on the basis of an agreement on order processing by Meta Platforms Ireland.

7.4 Other providers of web analytics and online marketing services

 Use of Vimeo Video Plugin for the integration of third-party content

For the integration of third-party content, data (IP address, time of the visit, device and browser information) is collected via the Video Plugin of Vimeo Inc., 330 West 34th Street, 5th Floor, New York 10011, USA ("Vimeo"), transmitted to Vimeo and subsequently processed by Vimeo. The data processing is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR. Google Analytics is automatically integrated in the Vimeo Video Plugin. For the purpose of website analysis, data (IP address, time of the visit, device and browser information as well as information on your use of our website) is automatically collected and stored with Google Analytics, from which usage profiles are created using pseudonyms. Cookies can be used for this purpose. Google Analytics is an offering of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google about your use of our website is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there. If you visit our website from the EU, your IP address is stored on a server located in the EU to derive location data and is then immediately deleted before the traffic is forwarded to further servers of Google for processing. We have no influence on and no access to the data processing by Vimeo, including the settings and the results of Google Analytics.

Our service providers are based in and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by way of a decision.

Our service providers are based in and/or use servers in countries outside the EU and the EEA. For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on standard data protection clauses of the European Commission. 

8. Integration of the Trusted Shops Trustbadge / other widgets

Insofar as you have given your consent to this pursuant to Art. 6 (1) sentence 1 lit. a GDPR, Trusted Shops widgets are integrated on this website for the display of the Trusted Shops services (e.g. quality seal, collected reviews) as well as for offering the Trusted Shops products to buyers after an order.

The Trustbadge and the services advertised with it are an offering of Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops"), with which we are jointly responsible under data protection law pursuant to Art. 26 GDPR. Within the scope of these data protection notices, we inform you in the following about the essential contents of the contract pursuant to Art. 26 (2) GDPR.

Within the scope of the joint responsibility existing between us and Trusted Shops SE, please contact Trusted Shops preferentially for data protection questions and for asserting your rights, using the contact options indicated in the data protection information. Irrespective of this, however, you can always contact the controller of your choice. Your enquiry will then, if necessary, be forwarded to the other controller for response.

 Data processing when integrating the Trustbadge / other widgets

The Trustbadge is provided by a US-American CDN provider (Content Delivery Network). An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which for the USA can be accessed here. Service providers used from the USA are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information can be found here. Insofar as service providers used are not certified under the DPF, standard contractual clauses have been concluded as a suitable safeguard.

When the Trustbadge is accessed, the web server automatically stores a so-called server log file which also contains your IP address, the date and time of the access, the volume of data transferred and the requesting provider (access data) and documents the access. The IP address is anonymised immediately after collection, so that the stored data cannot be assigned to your person. The anonymised data is used in particular for statistical purposes and for error analysis.

 Data processing after completion of the order

Insofar as you have given your consent, the Trustbadge, after completion of the order, accesses order information stored in your end device (order amount, order number, where applicable purchased product) as well as email address, and your email address is hashed by means of a cryptological one-way function. The hash value is subsequently transmitted, together with the order information, pursuant to Art. 6 (1) sentence 1 lit. a GDPR to Trusted Shops.
This serves to check whether you are already registered for services of Trusted Shops. If this is the case, the further processing takes place in accordance with the contractual agreement made between you and Trusted Shops. Insofar as you are not yet registered for the services or do not give your consent to the automatic recognition via the Trustbadge, you will subsequently receive the possibility to register manually for the use of the services or to conclude the protection within the scope of your possibly already existing user contract.

For this purpose, the Trustbadge accesses the following information after completion of your order, which is stored in the end device used by you: order amount, order number and email address. This is necessary so that we can offer you the buyer protection. A transmission of the data to Trusted Shops only takes place when you actively decide to conclude the buyer protection by clicking on the correspondingly designated button in the so-called Trustcard. Insofar as you decide to use the services, the further processing is governed by the contractual agreement with Trusted Shops pursuant to Art. 6 (1) lit. b GDPR, in order to be able to complete your registration for the buyer protection and to secure the order as well as to be able to subsequently send you review invitations by email, where applicable.

Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 (1) lit. f GDPR for the purpose of ensuring trouble-free operation. In doing so, processing in third countries (USA, Great Britain and Israel) may take place. An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which for the USA can be accessed here, for Great Britain here and for Israel here. Service providers used from the USA are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information can be found here. Insofar as service providers used are not certified under the DPF, standard contractual clauses have been concluded as a suitable safeguard.

9. Social media

 Social buttons of Facebook (by Meta), Instagram (by Meta)

On our website, social buttons of social networks are used. These are merely integrated into the page as HTML links, so that when our website is accessed, no connection with the servers of the respective provider is yet established. If you click on one of the buttons, the website of the respective social network opens in a new window of your browser. There you can, for example, activate the Like or Share button.

 Our online presence on Facebook (by Meta), Instagram (by Meta), Youtube

Insofar as you have given your consent to this pursuant to Art. 6 (1) sentence 1 lit. a GDPR vis-à-vis the respective social media operator, when you visit our online presences on the above-mentioned social media, your data is automatically collected and stored for market research and advertising purposes, from which usage profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. As a rule, cookies are used for this purpose. Please refer to the privacy notices of the providers linked below for the detailed information on the processing and use of the data by the respective social media operator as well as a contact option and your rights and setting options in this regard for the protection of your privacy. Should you nevertheless need help in this regard, you can contact us.

Facebook (by Meta) is an offering of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. The data processing within the scope of the visit of a Facebook (by Meta) fan page is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR. Further information (information on Insights data) can be found here.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by way of a decision: Brazil, USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA applies as the basis for the third-country transfer, insofar as the respective service provider is certified. A certification exists.

Our service providers are based in and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Mexico.
For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on these safeguards:  standard data protection clauses of the European Commission.

Instagram (by Meta) is an offering of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, and stored there. The data processing within the scope of the visit of an Instagram (by Meta) fan page is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR. Further information (information on Insights data) can be found here.

Our service providers are based in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by way of a decision: Brazil, USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA applies as the basis for the third-country transfer, insofar as the respective service provider is certified. A certification exists.

Our service providers are based in and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Mexico.
For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on these safeguards: standard data protection clauses of the European Commission.

YouTube is an offering of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google about your use of our online presence on YouTube is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there.

Our service providers are based in and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection by way of a decision.

Our service providers are based in and/or use servers in countries outside the EU and the EEA. For these countries there is no adequacy decision of the European Commission. Our cooperation with them is based on standard data protection clauses of the European Commission. 

10. Contact options and your rights

10.1 Your rights

As a data subject, you have the following rights:

• pursuant to Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein;
• pursuant to Art. 16 GDPR, the right to request without undue delay the correction of incorrect or the completion of your personal data stored by us;
• pursuant to Art. 17 GDPR, the right to request the deletion of your personal data stored by us, insofar as the further processing is not necessary
  • for the exercise of the right to freedom of expression and information;
  • for the fulfilment of a legal obligation;
  • for reasons of public interest or
  • for the assertion, exercise or defence of legal claims;
• pursuant to Art. 18 GDPR, the right to request the restriction of the processing of your personal data, insofar as
  • the accuracy of the data is contested by you;
  • the processing is unlawful but you refuse its deletion;
  • we no longer need the data, but you need it for the assertion, exercise or defence of legal claims, or
  • you have lodged an objection to the processing pursuant to Art. 21 GDPR;
• pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
• pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or place of work or of our company's registered office for this purpose.

10.2 Contact options

If you have any questions about the collection, processing or use of your personal data, about information, correction, restriction or deletion of data, as well as revocation of consents given or objection to a particular use of data, please contact us directly via the contact details in our legal notice (Impressum).