Imprint:
Legal Disclosure
Information according to § 5 TMG:
Business Owner:
Patrick Magalhaes
SweatnDance Studios
Kyffhäuser Str. 31
50674 Cologne, Germany
Tax-number: 223/5032/6136
VAT: DE306795153
contact:
E-Mail: info@sweatndance.com
Source: http://www.e-recht24.de
Disclaimer
Liability for Content
As a service provider, we are responsible for our own content on these pages in accordance with § 7 (1) TMG under general laws. However, pursuant to §§ 8 to 10 TMG, we are not obligated to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information under general laws remain unaffected. Liability in this regard, however, is only possible from the time of knowledge of a specific legal violation. Upon becoming aware of such violations, we will remove the content immediately.
Liability for Links
Our offer contains links to external websites of third parties over whose content we have no control. Therefore, we cannot assume any responsibility for these external contents. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognizable at the time of linking. A permanent content control of the linked pages is, however, not reasonable without concrete evidence of a violation of the law. Upon becoming aware of such violations, we will remove such links immediately.
Copyright
The content and works created by the operators of these pages are subject to German copyright law. The duplication, processing, distribution, or any form of commercialization beyond the scope of copyright law require the written consent of the respective author or creator. Downloads and copies of these pages are permitted for private, non-commercial use only. Insofar as the content on this site was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is marked as such. Should you nevertheless become aware of a copyright infringement, we ask for an appropriate notification. Upon becoming aware of violations, we will remove such content immediately.
Source: eRecht24 Disclaimer
Photo credit:
© Roxana Haus Photography
© Juicy Pictures Photography
© Wix GmbH
Privacy Policy
We are delighted by your interest in our company. Data protection is of particular importance to the management of SweatnDance. The use of the SweatnDance website is generally possible without providing any personal data. However, if a data subject wishes to use specific services of our company via our website, the processing of personal data could become necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, email address, or telephone number of a data subject, will always be in line with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to SweatnDance. Through this privacy policy, our company seeks to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy explains the rights of data subjects.
SweatnDance, as the data controller, has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, such as by telephone.
1. Definitions
The privacy policy of SweatnDance is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be both easy to read and understandable for the public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
We use the following terms, among others, in this privacy policy:
a) Personal Data
Personal data refers to any information relating to an identified or identifiable natural person (the "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing refers to any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, restriction, erasure, or destruction.
d) Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
e) Profiling
Profiling refers to any form of automated processing of personal data consisting of using such data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
f) Pseudonymization
Pseudonymization refers to the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures ensuring that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or Data Controller
The controller or data controller is the natural or legal person, public authority, agency, or other body that determines, alone or jointly with others, the purposes and means of the processing of personal data.
h) Processor
A processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
i) Recipient
A recipient is a natural or legal person, public authority, agency, or other body to whom personal data is disclosed, whether a third party or not.
j) Third Party
A third party is a natural or legal person, public authority, agency, or other body other than the data subject, controller, processor, and persons under the direct authority of the controller or processor.
k) Consent
Consent refers to any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they signify agreement to the processing of personal data relating to them.
2. Name and Address of the Controller
The data controller for purposes of the GDPR and other applicable data protection laws is:
SweatnDance
Owner: Patrick Magalhaes
Hans-Sachs-Str. 18
50931 Cologne, Germany
Tel.: +49 (0) 221 22205901
Email: info@sweatndance.com
Website: www.sweatndance.com
3. Cookies
The SweatnDance website uses cookies. Cookies are text files that are stored on a computer system via an Internet browser.
Many Internet sites and servers use cookies. Most cookies contain a cookie ID, a unique identifier for the cookie. It consists of a string of characters by which web pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited websites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain different cookies.
By using cookies, SweatnDance can provide users with more user-friendly services that would not be possible without cookie placement.
Data subjects can, at any time, prevent the setting of cookies through our website by configuring their Internet browser settings accordingly and may thus permanently deny the setting of cookies. Additionally, cookies already set can be deleted at any time via an Internet browser or other software programs. If a data subject deactivates the setting of cookies in their Internet browser, some functionalities of our website may not be fully usable.
4. Collection of General Data and Information
Each time the SweatnDance website is accessed by a data subject or an automated system, a series of general data and information is collected and stored in the server log files. The data collected may include:
-
Browser types and versions used,
-
The operating system used by the accessing system,
-
The website from which an accessing system arrives at our site (referrer),
-
Subpages accessed via an accessing system on our website,
-
The date and time of website access,
-
An Internet Protocol (IP) address,
-
The accessing system's Internet Service Provider (ISP), and
-
Other similar data and information used for security purposes in the event of cyberattacks on our IT systems.
SweatnDance does not draw conclusions about the data subject from this general data and information. Instead, the information is required to:
-
Deliver the content of our website correctly,
-
Optimize our website’s content and advertisements,
-
Ensure the continued functionality of our IT systems and website, and
-
Provide law enforcement authorities with the necessary information for prosecution in the event of a cyberattack.
These anonymized data and information are evaluated statistically and with the aim of increasing data protection and security, thereby ensuring the highest possible level of protection for the personal data processed by us. The anonymous data in the server log files are stored separately from all personal data provided by a data subject.
5. Registration on Our Website
Data subjects can register on the SweatnDance website by providing personal data. The specific personal data collected depends on the input fields used for registration. These personal data are collected exclusively for internal use by the data controller and for their own purposes. The data controller may transfer the information to one or more processors (e.g., shipping services), who will also use the data solely for internal purposes attributable to the data controller.
Additionally, during registration, the IP address assigned by the ISP, the date, and the time of registration are stored. This data storage is necessary to prevent misuse of our services and, if needed, to enable the investigation of criminal offenses. Therefore, this data is retained to protect the data controller.
Registered data subjects are free to modify or delete their personal data at any time. The data controller provides, upon request, information about what personal data is stored about the data subject and will correct or delete data upon request unless there is a legal obligation to retain it.
6. Subscription to Our Newsletter
The SweatnDance website offers users the option to subscribe to a company newsletter. The personal data collected during newsletter registration is specified in the input form used for this purpose.
Newsletters are sent only to those who (1) have a valid email address and (2) have registered to receive the newsletter. A confirmation email using the double-opt-in process is sent to verify authorization.
When registering for the newsletter, the IP address of the registering system and the date and time of registration are also stored. This is to trace any potential misuse of email addresses and provide legal protection for the data controller.
The data collected for newsletter subscription is used exclusively for sending the newsletter. Occasionally, newsletter subscribers may receive additional emails if necessary for the service (e.g., in case of changes to the newsletter offering or technical updates). Data collected for newsletters is not shared with third parties.
Subscribers can cancel their subscription and withdraw consent for data storage at any time. Each newsletter includes an unsubscribe link, or users can contact the data controller directly to opt out.
Newsletter distribution is managed via “MailChimp,” a service by Rocket Science Group, LLC, based in the U.S. MailChimp complies with the EU-U.S. Privacy Shield Framework, ensuring compliance with European data protection standards. Further information can be found in MailChimp’s Privacy Policy.
MailChimp may process data in pseudonymized form to improve its services, but it does not use recipient data for its purposes or share it with third parties.
7. Newsletter Tracking
The newsletters from SweatnDance contain what are known as tracking pixels. A tracking pixel is a miniature graphic embedded in emails sent in HTML format to allow for log file recording and log file analysis. This enables a statistical evaluation of the success or failure of online marketing campaigns. By analyzing the embedded tracking pixel, SweatnDance can determine whether and when an email was opened by the recipient and which links within the email were clicked by the recipient.
Personal data collected through the tracking pixels embedded in the newsletters is stored and analyzed by the data controller in order to optimize the newsletter distribution and better tailor the content of future newsletters to the recipient's interests. This personal data will not be shared with third parties. The data subject has the right to withdraw the separate consent provided through the Double Opt-In procedure at any time. Upon withdrawal, this personal data will be deleted by the data controller. Unsubscribing from the newsletter is automatically considered a withdrawal of consent by SweatnDance.
8. Contact via the Website
The SweatnDance website contains information required by law to enable quick electronic communication with our company, including a general email address. If a data subject contacts the data controller via email or a contact form, the personal data provided by the data subject will be automatically stored. Such voluntarily provided personal data will be stored for the purpose of processing or contacting the data subject. This personal data will not be shared with third parties.
9. Routine Deletion and Blocking of Personal Data
The data controller processes and stores personal data of the data subject only for the period required to achieve the storage purpose or as mandated by European or other legislative authorities under laws or regulations that the data controller is subject to.
If the storage purpose no longer applies or the storage period prescribed by European or other legislative authorities expires, the personal data will routinely be blocked or deleted in accordance with legal requirements.
10. Rights of the Data Subject
a) Right to Confirmation
Every data subject has the right to request confirmation from the data controller about whether their personal data is being processed. If a data subject wishes to exercise this right, they can contact a member of the data controller's staff at any time.
b) Right to Information
Every data subject has the right to obtain, at any time, free information from the data controller about the personal data stored about them, as well as a copy of this information. Additionally, the data subject is entitled to receive the following information:
-
The purposes of processing
-
The categories of personal data processed
-
The recipients or categories of recipients to whom personal data have been or will be disclosed, particularly in third countries or to international organizations
-
If possible, the planned duration for which personal data will be stored or, if not possible, the criteria for determining that duration
-
The existence of a right to rectification or deletion of personal data, or restriction of processing, or a right to object to such processing
-
The existence of a right to lodge a complaint with a supervisory authority
-
If the personal data was not collected from the data subject: all available information about the origin of the data
-
The existence of automated decision-making, including profiling, as per Article 22(1) and (4) GDPR, and meaningful information about the logic involved, as well as the scope and the intended effects of such processing on the data subject
Furthermore, the data subject is entitled to know whether personal data has been transferred to a third country or to an international organization. If so, the data subject is entitled to information about the appropriate safeguards in relation to such transfer.
If a data subject wishes to exercise this right to information, they can contact a member of the data controller’s staff at any time.
c) Right to Rectification
Every data subject has the right to request the immediate rectification of incorrect personal data concerning them. Furthermore, the data subject has the right to request the completion of incomplete personal data — including by providing a supplementary statement — considering the purposes of the processing.
If a data subject wishes to exercise this right to rectification, they can contact a member of the data controller’s staff at any time.
d) Right to Deletion (Right to be Forgotten)
Every data subject has the right to request the immediate deletion of personal data concerning them, provided one of the following reasons applies and processing is not necessary:
-
The personal data were collected or otherwise processed for purposes no longer necessary.
-
The data subject withdraws their consent on which the processing is based under Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal basis for the processing.
-
The data subject objects to the processing under Art. 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects under Art. 21(2) GDPR.
-
The personal data was unlawfully processed.
-
Deletion of the personal data is necessary for compliance with a legal obligation under Union law or the law of member states.
-
The personal data were collected in relation to the offer of information society services under Art. 8(1) GDPR.
If one of the above reasons applies and a data subject wishes to request the deletion of personal data stored by SweatnDance, they can contact a staff member of the data controller at any time. The staff member of SweatnDance will ensure that the deletion request is processed promptly.
If the personal data was made public by SweatnDance and the company, as the data controller, is required to delete it under Art. 17(1) GDPR, SweatnDance will take appropriate measures, including technical measures, to inform other data controllers processing the published personal data that the data subject has requested the deletion of all links to these personal data or copies or replications of these personal data, unless processing is necessary.
e) Right to Restrict Processing
Every data subject has the right to request restriction of processing of personal data if one of the following conditions applies:
-
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the data.
-
The processing is unlawful and the data subject opposes the deletion of the personal data and requests the restriction of its use instead.
-
The controller no longer needs the personal data for processing, but the data subject requires it for the establishment, exercise, or defense of legal claims.
-
The data subject has objected to processing under Art. 21(1) GDPR and it is not yet determined whether the legitimate grounds of the controller override those of the data subject.
If one of the above conditions is met and a data subject wishes to request a restriction of processing of personal data stored by SweatnDance, they can contact a staff member of the data controller at any time. The staff member of SweatnDance will ensure that the processing restriction is applied.
f) Right to Data Portability
Every data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit these data to another controller without hindrance from the controller to whom the data was provided, provided that processing is based on consent under Art. 6(1)(a) or Art. 9(2)(a) GDPR, or a contract under Art. 6(1)(b) GDPR, and the processing is carried out by automated means.
Additionally, the data subject has the right to request that personal data be transmitted directly from one controller to another, where technically feasible and provided that the rights and freedoms of others are not affected.
To exercise the right to data portability, the data subject can contact a staff member of SweatnDance at any time.
g) Right to Object
Every data subject has the right to object, for reasons related to their particular situation, to the processing of their personal data based on Art. 6(1)(e) or (f) GDPR. This applies also to profiling based on these provisions.
If a data subject objects, SweatnDance will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is necessary for the establishment, exercise, or defense of legal claims.
If SweatnDance processes personal data for direct marketing purposes, the data subject has the right to object to the processing of their personal data for such marketing purposes, including profiling related to direct marketing. If the data subject objects to the processing for direct marketing purposes, SweatnDance will stop processing the personal data for these purposes.
Furthermore, the data subject has the right to object to the processing of their personal data for scientific, historical, or statistical purposes under Art. 89(1) GDPR, unless processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise the right to object, the data subject may contact any member of SweatnDance directly.
h) Automated Decisions in Individual Cases, Including Profiling
Every data subject has the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning them or similarly significantly affects them, unless the decision is:
-
Necessary for the entering into, or performance of, a contract between the data subject and the controller;
-
Based on Union or member state law, which permits such processing and provides appropriate safeguards for the rights and freedoms of the data subject; or
-
Based on the explicit consent of the data subject.
If the decision is necessary for the conclusion or performance of a contract or is based on explicit consent, SweatnDance will take appropriate measures to safeguard the rights and freedoms of the data subject, including at least the right to obtain human intervention, express their point of view, and contest the decision.
If the data subject wishes to exercise their rights concerning automated decisions, they can contact a staff
11. Data Protection in Applications and the Application Process
The data controller collects and processes personal data of applicants for the purpose of handling the application process. This processing may also occur electronically, especially when an applicant submits application documents electronically, for example, by email or through a web form on the website. If the data controller enters into an employment contract with an applicant, the transmitted data will be stored for the purpose of managing the employment relationship in compliance with legal requirements. If no employment contract is concluded, the application documents will be automatically deleted two months after the notification of rejection, unless other legitimate interests of the data controller prevent deletion. Other legitimate interests in this sense may include the obligation to provide evidence in a proceeding under the General Equal Treatment Act (AGG).
12. Data Protection Provisions Regarding the Use of Adobe Analytics (Omniture) / Adobe Marketing Cloud
The data controller has integrated components from Adobe on this website. Adobe Analytics (Omniture) or Adobe Marketing Cloud (hereinafter referred to as "Omniture") is a tool that enables more efficient online marketing and web analytics. Omniture is part of the Adobe Marketing Cloud, which enables real-time analysis of visitor flows on websites. Real-time analyses include project reports and allow for ad-hoc analysis of website visitors. Customer interactions are presented in a way that provides the data controller with a better overview of the online activities of users, as the data is displayed in simple and interactive dashboards and converted into reports. This allows the data controller to receive real-time information and identify emerging problems more quickly.
The operating company of these services is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland.
Omniture places a cookie on the affected person's information technology system (cookies were explained earlier; this can be read above). The data controller ensures through server settings that tracking data transmitted to Adobe's data center is anonymized before geolocation takes place. The anonymization is implemented by replacing the last part of the IP address. The data controller has made server-side settings to anonymize the IP address of the affected person before processing it for geolocation and reach measurement independently. Adobe will use the data obtained from our website on behalf of the data controller to evaluate the user's behavior. Furthermore, Adobe will use the data to create reports on user activities and provide other services related to the use of our website. Adobe will not merge the IP address of the affected person with other personal data.
The affected person can prevent the setting of cookies by our website, as previously stated, at any time by adjusting the settings of the internet browser used, thus permanently objecting to the setting of cookies. Such a setting of the internet browser would also prevent Omniture from placing a cookie on the affected person's system. Additionally, cookies already set by Omniture can be deleted at any time through an internet browser or other software programs.
Furthermore, the affected person has the option to object to the collection of data generated by the Adobe cookie regarding the use of this website and to prevent the processing of this data by Adobe. To do this, the affected person must click the opt-out button under the link http://www.adobe.com/de/privacy/opt-out.html, which sets an opt-out cookie. The opt-out cookie placed with the objection will be stored on the affected person's system. If the cookies are deleted on the affected person's system after an objection, the affected person must visit the link again and set a new opt-out cookie.
However, setting the opt-out cookie may result in the website of the data controller being less fully usable for the affected person.
The applicable data protection provisions of Adobe can be accessed at http://www.adobe.com/de/privacy.html.
13. Data Protection Provisions Regarding the Use of Facebook
The data controller has integrated components of the company Facebook on this website. Facebook is a social network.
A social network is an online platform that typically allows users to communicate with each other and interact in the virtual space. A social network can serve as a platform for exchanging opinions and experiences or allows the internet community to provide personal or business-related information. Facebook enables users of the social network to create private profiles, upload photos, and connect via friend requests.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. For the processing of personal data, the responsible entity, if the affected person lives outside the USA or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time a page of this website operated by the data controller is visited, which includes a Facebook component (Facebook plug-in), the browser on the affected person's system automatically prompts the corresponding Facebook component to download. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical procedure, Facebook becomes aware of which specific subpage of our website the affected person visits.
If the affected person is logged into Facebook at the same time, Facebook can recognize with every visit to our website and throughout the entire duration of their stay on our site which specific subpage of our site is being visited. This information is collected by the Facebook component and linked to the respective Facebook account of the affected person. If the affected person clicks one of the integrated Facebook buttons, such as the “Like” button or posts a comment, Facebook associates this information with the affected person’s personal Facebook account and stores this personal data.
Facebook receives information that the affected person has visited our website whenever the affected person is logged into Facebook at the time of visiting our website, regardless of whether the affected person interacts with the Facebook component. If the affected person does not want this data to be transmitted to Facebook, they can prevent this by logging out of their Facebook account before visiting our website.
The data policy published by Facebook, which can be accessed at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing, and use of personal data by Facebook. It also explains the privacy settings available to the affected person. Additionally, various applications are available that can suppress data transmission to Facebook. These applications can be used by the affected person to prevent data transmission to Facebook.
14. Data Protection Provisions Regarding the Use of Google AdSense
The data controller has integrated Google AdSense on this website. Google AdSense is an online service that facilitates the placement of advertisements on third-party websites. Google AdSense relies on an algorithm that selects advertisements to display on third-party websites based on their content. Google AdSense allows for interest-based targeting of internet users by generating individual user profiles.
The operating company of the Google AdSense component is Alphabet Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The purpose of the Google AdSense component is to incorporate advertisements on our website. Google AdSense places a cookie on the affected person's information technology system. The function of cookies was previously explained. The placement of the cookie allows Alphabet Inc. to analyze the use of our website. Each time one of the pages of this website, operated by the data controller and featuring a Google AdSense component, is accessed, the browser on the affected person's system is automatically prompted by the Google AdSense component to transmit data for the purpose of online advertising and commission billing to Alphabet Inc.
The affected person can prevent the setting of cookies by our website at any time by adjusting their browser settings, thus permanently objecting to the setting of cookies. This would also prevent Alphabet Inc. from placing a cookie on the affected person's system. Additionally, any cookie already set by Alphabet Inc. can be deleted at any time using an internet browser or other software programs.
Google AdSense also uses tracking pixels, which are miniature graphics embedded in webpages to enable log file recording and log file analysis, allowing statistical evaluation. Through the embedded tracking pixel, Alphabet Inc. can identify when a page was opened and which links were clicked by the affected person.
Personal data, including the IP address, is transmitted to Alphabet Inc. in the United States for the purpose of recording and billing ads. These data are stored and processed in the United States. Alphabet Inc. may share these data with third parties.
15. Data Protection Provisions Regarding the Use of Google Analytics (with Anonymization Function)
The data controller has integrated Google Analytics (with an anonymization function) on this website. Google Analytics is a web analytics service. Web analytics involves the collection, gathering, and analysis of data regarding visitors' behavior on websites. A web analytics service collects, among other things, data about how a visitor arrived at the website (known as the referrer), which subpages of the website were accessed, and the frequency and duration of visits to subpages. Web analytics is primarily used to optimize websites and to perform cost-benefit analysis of internet advertising.
The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The data controller uses the "_gat._anonymizeIp" extension for web analytics through Google Analytics. This extension shortens and anonymizes the IP address of the affected person's internet connection when accessing our website from a member state of the European Union or another contracting state of the European Economic Area.
The purpose of the Google Analytics component is to analyze visitor traffic on our website. Google uses the collected data and information to evaluate the use of our website, create online reports showing the activities on our websites, and provide further services related to the use of our website.
Google Analytics places a cookie on the affected person's information technology system. The function of cookies was explained above. By setting the cookie, Google is enabled to analyze the use of our website. Each time one of the pages of this website, operated by the data controller and featuring a Google Analytics component, is accessed, the browser on the affected person's system automatically transmits data to Google for the purpose of online advertising and commission billing.
16. Data Protection Provisions Regarding the Use and Implementation of Google+
The data controller has integrated the Google+ button on this website. Google+ is a social network. A social network is an online platform that generally allows users to communicate and interact with each other in a virtual space. A social network can serve as a platform for exchanging opinions and experiences or allow the internet community to share personal or business-related information. Google+ enables users of the social network to create private profiles, upload photos, and connect through friend requests.
The operator of Google+ is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA.
Each time a page of this website operated by the data controller, which includes a Google+ button, is accessed, the web browser on the affected person's system is automatically prompted by the respective Google+ button to download a representation of the corresponding Google+ button from Google. As part of this technical process, Google becomes aware of which specific subpage of our website the affected person is visiting. More information about Google+ is available at https://developers.google.com/+/.
If the affected person is logged into Google+ at the same time, Google can recognize with each visit to our website and throughout the entire duration of the visit which specific subpage the affected person is viewing. This information is collected by the Google+ button and linked to the respective Google+ account of the affected person.
If the affected person clicks one of the integrated Google+ buttons and submits a Google+1 recommendation, Google associates this information with the person's personal Google+ user account and stores this personal data. Google stores the Google+1 recommendation and makes it publicly available in accordance with the terms accepted by the affected person. A Google+1 recommendation given by the affected person on this website will be published along with other personal data, such as the name associated with the Google+1 account and the photo stored in the account, in other Google services (e.g., Google search engine results, the Google account, or on other websites or in connection with advertisements). Additionally, Google is able to link the visit to this website with other personal data stored by Google. Google records these personal data to improve or optimize the different Google services.
Google receives information that the affected person has visited our website whenever the affected person is logged into Google+ during the visit, regardless of whether the affected person clicks the Google+ button.
If the affected person does not wish for their personal data to be transmitted to Google, they can prevent this by logging out of their Google+ account before visiting our website.
Further information and the applicable data protection provisions from Google can be found at https://www.google.de/intl/de/policies/privacy/. Further instructions regarding the Google+1 button can be found at https://developers.google.com/+/web/buttons-policy.
17. Data Protection Provisions Regarding the Use and Implementation of Google AdWords
The data controller has integrated Google AdWords on this website. Google AdWords is an internet advertising service that allows advertisers to display ads in Google search engine results and in the Google advertising network. Google AdWords enables an advertiser to set specific keywords beforehand, so that an ad will only be shown in Google search results when the user retrieves a search result relevant to the keywords. In the Google advertising network, the ads are distributed to relevant websites based on a pre-set automatic algorithm.
The operator of Google AdWords services is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA.
The purpose of Google AdWords is to advertise our website by displaying interest-based advertisements on third-party websites and in Google search engine results, as well as to display third-party ads on our website.
If an affected person accesses our website through a Google ad, Google places a so-called conversion cookie on the affected person's system. What cookies are has been explained above. A conversion cookie expires after thirty days and is not used to identify the affected person. Through the conversion cookie, Google and we can track whether certain subpages, such as the shopping cart in an online store system, on our website were accessed. This enables us and Google to track whether an affected person who arrived at our website through an AdWords ad completed a purchase or abandoned it.
The data and information collected using the conversion cookie are used by Google to generate visit statistics for our website. These visit statistics help us determine the total number of users who were referred to us via AdWords ads, allowing us to assess the success or failure of a specific AdWords ad and optimize future ads. Neither our company nor other Google AdWords advertisers receive information from Google that could identify the affected person.
Through the conversion cookie, personal data, such as the websites visited by the affected person, are stored. Each time our website is visited, personal data, including the IP address of the affected person's internet connection, is transferred to Google in the United States. These personal data are stored by Google in the United States. Google may share these personal data with third parties.
The affected person can prevent the setting of cookies by our website at any time by adjusting their browser settings, thus permanently objecting to the setting of cookies. This would also prevent Google from placing a conversion cookie on the affected person's system. Furthermore, any cookie set by Google AdWords can be deleted at any time through the internet browser or other software programs.
Additionally, the affected person can object to interest-based advertising by Google. To do this, the affected person must visit the link www.google.de/settings/ads from each of their internet browsers and make the desired settings.
Further information and the applicable privacy policies from Google can be found at https://www.google.de/intl/de/policies/privacy/.
18. Data Protection Provisions Regarding the Use and Implementation of Instagram
The data controller has integrated components from the service Instagram on this website. Instagram is a service that qualifies as an audiovisual platform, allowing users to share photos and videos and disseminate them across other social networks.
The operator of Instagram services is Instagram LLC, 1 Hacker Way, Building 14, First Floor, Menlo Park, CA, USA.
Each time a page on this website operated by the data controller, which includes an Instagram component (Insta button), is accessed, the web browser on the affected person's system is automatically prompted by the respective Instagram component to download a representation of the component from Instagram. As part of this technical process, Instagram becomes aware of which specific subpage of our website the affected person is visiting.
If the affected person is logged into Instagram at the same time, Instagram can recognize with each visit to our website and throughout the entire duration of the visit which specific subpage the affected person is viewing. This information is collected by the Instagram component and linked to the respective Instagram account of the affected person. If the affected person clicks one of the integrated Instagram buttons, the data and information transmitted are assigned to their personal Instagram user account and stored and processed by Instagram.
Instagram always receives information that the affected person has visited our website when the affected person is logged into Instagram at the time of visiting our website, regardless of whether the affected person clicks the Instagram component or not. If the affected person does not want this information to be sent to Instagram, they can prevent it by logging out of their Instagram account before visiting our website.
Further information and the applicable data protection provisions from Instagram can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.
19. Privacy Policy on the Use and Deployment of LinkedIn
The data controller has integrated components from LinkedIn Corporation on this website. LinkedIn is an internet-based social network that allows users to connect with existing business contacts as well as establish new business connections. Over 400 million registered individuals in more than 200 countries use LinkedIn, making it the largest platform for business contacts and one of the most visited websites worldwide.
The operator of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection issues outside of the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.
Whenever a page of our website, equipped with a LinkedIn component (LinkedIn Plug-In), is accessed, the component causes the browser of the affected person to automatically download the corresponding LinkedIn component representation. More information about LinkedIn plug-ins can be found at LinkedIn Plugins. Through this technical procedure, LinkedIn learns which specific page of our website is visited by the affected person.
If the person is logged into LinkedIn at the same time, LinkedIn can recognize with each visit to our website, and throughout the duration of their stay, which specific page of our website they visit. This information is collected by the LinkedIn component and linked to the respective LinkedIn account of the affected person. If the person clicks on a LinkedIn button integrated into our website, LinkedIn associates this information with the user's LinkedIn account and stores this personal data.
LinkedIn receives information about the visit to our website whenever the affected person is logged into LinkedIn at the time of accessing our website. This happens regardless of whether the person clicks on the LinkedIn component or not. If the affected person does not wish for this information to be transmitted to LinkedIn, they can prevent it by logging out of their LinkedIn account before visiting our website.
LinkedIn provides the option to opt-out of receiving email messages, SMS notifications, and targeted ads, as well as to manage ad settings at LinkedIn Privacy Settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, which may set cookies. These cookies can be declined at LinkedIn Cookie Policy. The applicable privacy policies of LinkedIn are available at LinkedIn Privacy Policy.
20. Privacy Policy on the Use and Deployment of YouTube
The data controller has integrated components from YouTube on this website. YouTube is an internet video portal that allows video publishers to upload video clips and allows other users to watch, rate, and comment on these videos for free. YouTube permits the publication of all types of videos, meaning full-length films, TV shows, music videos, trailers, or user-generated content can be accessed through the portal.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
When any page of this website that includes a YouTube component (YouTube Video) is accessed, the user's internet browser automatically triggers the download of the corresponding YouTube component. More information about YouTube can be found at About YouTube. Through this technical procedure, YouTube and Google learn which specific page of our website is visited by the affected person.
If the affected person is logged into YouTube at the same time, YouTube recognizes which specific page of our website they visit. This information is collected by YouTube and Google and linked to the respective YouTube account of the affected person.
YouTube and Google always receive information that the affected person has visited our website when the person is logged into YouTube at the time of visiting our website, regardless of whether they click on a YouTube video or not. If the affected person does not wish this information to be transmitted to YouTube and Google, they can prevent it by logging out of their YouTube account before accessing our website.
The privacy policies of YouTube, which are available at YouTube Privacy Policy, provide information about the collection, processing, and use of personal data by YouTube and Google.
21. Payment Method: Privacy Policy Regarding PayPal
The data controller has integrated components of PayPal on this website. PayPal is an online payment service provider. Payments are processed through so-called PayPal accounts, which represent virtual private or business accounts. Additionally, PayPal allows virtual payments via credit cards for users without a PayPal account. A PayPal account is managed via an email address, and therefore, there is no traditional account number. PayPal enables online payments to third parties or receiving payments. PayPal also acts as a trustee and provides buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If the affected person selects "PayPal" as a payment method during the order process in our online shop, personal data is automatically transmitted to PayPal. By selecting this payment option, the person consents to the transmission of personal data necessary for the payment processing.
The personal data transmitted to PayPal typically includes first name, last name, address, email address, IP address, phone number, mobile number, or other necessary data for payment processing. This includes personal data relevant to the purchase contract.
The transmission of data aims at payment processing and fraud prevention. The data controller will transmit personal data to PayPal, particularly if there is a legitimate interest in the transmission. PayPal may transfer personal data to credit agencies for identity and credit checks.
PayPal may forward personal data to affiliated companies and service providers or subcontractors as necessary to fulfill contractual obligations or for data processing purposes.
The affected person can revoke their consent to PayPal's handling of personal data at any time. This revocation does not affect personal data that must be processed, used, or transmitted for (contractual) payment processing.
The applicable privacy policy for PayPal can be accessed at PayPal Privacy Policy.
22. Legal Basis for Processing
Article 6(1) lit. a GDPR serves as the legal basis for processing activities where consent is obtained for a specific processing purpose. If the processing of personal data is necessary to fulfill a contract with the affected person, as is the case with processing activities required for the delivery of goods or the provision of other services or compensation, the processing is based on Article 6(1) lit. b GDPR. The same applies to processing activities required to carry out pre-contractual measures, such as inquiries regarding our products or services. If our company is subject to a legal obligation requiring the processing of personal data, such as fulfilling tax obligations, the processing is based on Article 6(1) lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the affected person or another individual. For example, if a visitor is injured on our premises, their name, age, health insurance information, or other vital data may need to be shared with a doctor, hospital, or other third parties. In this case, the processing would be based on Article 6(1) lit. d GDPR. Finally, processing activities may be based on Article 6(1) lit. f GDPR. This legal basis applies to processing activities that are not covered by any of the previous legal grounds, if the processing is necessary for the legitimate interests of our company or a third party, provided the interests, rights, and freedoms of the affected person do not override those interests. Such processing activities are specifically allowed by the European legislature, who considered that a legitimate interest might exist if the affected person is a customer of the controller (Recital 47, sentence 2 of the GDPR).
23. Legitimate Interests Pursued by the Controller or a Third Party
If the processing of personal data is based on Article 6(1) lit. f GDPR, our legitimate interest is the conduct of our business for the benefit of the well-being of all our employees and shareholders.
24. Duration of Storage of Personal Data
The criterion for the duration of storage of personal data is the respective statutory retention period. After the expiration of this period, the corresponding data will be routinely deleted, unless it is required for the fulfillment of a contract or the initiation of a contract.
25. Legal or Contractual Obligations to Provide Personal Data; Necessity for Contract Conclusion; Obligation of the Affected Person to Provide Personal Data; Consequences of Non-Providing
We inform you that the provision of personal data is partly required by law (e.g., tax regulations) or may arise from contractual arrangements (e.g., information about the contracting party). In some cases, it may be necessary to provide personal data for the conclusion of a contract, which will then be processed by us. The affected person is, for example, obligated to provide personal data when we enter into a contract with them. Failure to provide the personal data would mean that the contract cannot be concluded. Before providing personal data, the affected person should contact one of our employees, who will clarify whether the provision of personal data is legally or contractually required or necessary for the conclusion of the contract and what consequences non-provision would have.
26. Existence of Automated Decision-Making
As a responsible company, we refrain from using automated decision-making or profiling.
This privacy policy was created using the Privacy Policy Generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH, which acts as an external data protection officer in Bayreuth, in cooperation with the lawyer for IT and data protection law, Christian Solmecke.