Privacy policy
Introduction
With the following data protection declaration we would like to explain to you which types of your personal data (hereinafter also referred to as “data”) we process, for which purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer") ).
The terms used are not gender specific.
Change privacy settings History of privacy settings Revoke consentTo manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.
The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.
- Introduction
- Controller
- Overview of the processing
- Safety measures
- Transmission and disclosure of personal data
- Data processing in third countries
- Use of cookies
- Blogs and publication media
- Contacting us
- Provision of the online offer and web hosting
- Newsletter and Breitenkommunikation
- Online marketing
- Affiliate Programs and Affiliate Links
- Presence in social networks
- Plugins and embedded functions as well as content
- Deletion of data
- Modification and update of the privacy policy
- Rights of data subjects
- Cookies and traffic reports
- Privacy policy for the use of the Scalable Central Measurement System
- definitions
Status: November 30, 2021
Controller
Elina Leitz
Hauswiesenstrasse 7
75323 Bad Wildbad
Email address: lina@petitchapeau.de
Imprint: https://www.petitchapeau.de/impressum/
Overview of the processing
The following summary summarizes the types of data processed and the purposes of their processing and refers to the individuals concerned.
Types of processed data
- Inventory data (eg names, addresses).
- Content data (eg text input, photographs, videos).
- Contact details (eg e-mail, telephone numbers).
- Meta / communication data (eg device information, IP addresses).
- Usage data (eg visited websites, interest in content, access times).
- Location data (data indicating the location of the end user's terminal).
- Contract data (eg subject of the contract, term, customer category).
Categories of affected persons
- Interested persons.
- Communication partner.
- Users (eg website visitors, users of online services).
Purposes of processing
- Affiliate tracking.
- Providing our online offer and user-friendliness.
- Visit Action evaluation.
- Cross-device tracking (cross-device processing of user data for marketing purposes).
- Direct marketing (eg by e-mail or by post).
- Feedback (eg collecting feedback via online form).
- Interest-based and behavioral marketing.
- Contact requests and communication.
- Conversion measurement (measurement of the effectiveness of marketing measures).
- Profiling (creating user profiles).
- Remarketing.
- Reach measurement (eg access statistics, recognition of returning visitors).
- Safety measures.
- Tracking (eg interest / behavioral profiling, use of cookies).
- Contractual services and service.
- Management and answering of inquiries.
- Target group formation (determination of target groups relevant for marketing purposes or other output of content).
Relevant legal basics
In the following, we share the legal basis of the General Data Protection Regulation (DSGVO), on the basis of which we process the personal data. Please note that in addition to the provisions of the GDPR, the national data protection regulations may apply in your home or country of residence.
- Consent (Art. 6 para. 1 S. 1 lit. a DSGVO) - The data subject has given their consent to the processing of their personal data for a specific purpose or for several specific purposes.
- Fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 S. 1 lit. b DSGVO) - Processing is necessary for the performance of a contract to which the data subject is a party, or for the implementation of pre-contractual measures that are carried out at the request of the data subject.
- Protection of vital interests (Art. 6 para. 1 S. 1 lit. - The processing is necessary to protect the vital interests of the data subject or another natural person.
- Justified interests (Art. 6 para. 1 S. 1 lit. f.DSGVO) - The processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, outweigh this.
National data protection regulations in Germany: In addition to the data protection regulations of the General Data Protection Regulation, national regulations on data protection in Germany apply. This includes in particular the law on the protection against misuse of personal data in data processing (Bundesdatenschutzgesetz - BDSG). In particular, the BDSG contains special rules on the right of access, the right of cancellation, the right to object, the processing of special categories of personal data, processing for other purposes and for transmission, as well as automated decision-making in individual cases, including profiling. Furthermore, it regulates the data processing for employment purposes (§ 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. Furthermore, state data protection laws of the individual federal states can be applied.
Safety measures
We will take appropriate technical and organizational measures in accordance with the law, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, the different probabilities of occurrence and the extent to which the rights and freedoms of individuals are threatened to ensure a level of protection appropriate to the risk.
Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling the physical and electronic access to the data as well as their access, input, transfer, availability and segregation. We have also set up procedures to ensure the enjoyment of data subject rights, the erasure of data and responses to the threat to data. Furthermore, we consider the protection of personal data already in the development or selection of hardware, software and procedures according to the principle of data protection, through technology design and privacy-friendly default settings.
Transmission and disclosure of personal data
As part of our processing of personal information, data may be transmitted to or disclosed to other entities, companies, legally independent organizational units or individuals. The recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a web page. In such case, we comply with the legal requirements and in particular conclude corresponding contracts or agreements that serve to protect your data with the recipients of your data.
Data processing in third countries
If we process data in a third country (ie, outside the European Union (EU), the European Economic Area (EEA)) or processing in the context of the use of third party services or the disclosure or transfer of data to other persons, entities or companies takes place, this is done only in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we only process or release the data in third countries with a recognized level of data protection, which include US processors certified under the “Privacy Shield”, or on the basis of special guarantees, such as contractual obligations Process so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Articles 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).
Cookies are text files that contain data from websites or domains visited and are stored on the user's computer by a browser. A cookie is primarily used to store information about a user during or after their visit to an online offer. The stored information can include, for example, the language settings on a website, the login status, a shopping cart or the location where a video was viewed. The term cookies also includes other technologies that perform the same functions as cookies (e.g. if user information is stored using pseudonymous online identifiers, also known as “user IDs”)
The following cookie types and functions are distinguished:
- Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
- Permanent Cookies: Permanent Cookies bleiben auch nach dem Schließen des Browsers gespeichert. So kann beispielsweise der Login-Status gespeichert oder bevorzugte Inhalte direkt angezeigt werden, wenn der Nutzer eine Website erneut besucht. Ebenso können die Interessen von Nutzern, die zur Reichweitenmessung oder zu Marketingzwecken verwendet werden, in einem solchen Cookie gespeichert werden.
- First party cookies: First-party cookies are set by ourselves.
- Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (also: essential or absolutely necessary) cookies: Cookies können zum einen für den Betrieb einer Webseite unbedingt erforderlich sein (zB um Logins oder andere Nutzereingaben zu speichern oder aus Gründen der Sicherheit).
- Statistics, marketing and personalization cookies: Furthermore, cookies are usually also used in the context of range measurement and when the interests of a user or his behavior (e.g. viewing certain content, using functions, etc.) are stored in a user profile on individual websites. Such profiles are used to show users, for example, content that corresponds to their potential interests. This process is also known as “tracking”, ie following up the potential interests of users. . Insofar as we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or in the context of obtaining consent.
Notes on legal bases: The legal basis on which we process your personal data with the help of cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the informed consent. Otherwise, the data processed by means of cookies will be processed on the basis of our legitimate interests (eg in the course of a business operation of our online offer and its improvement) or, if the use of cookies is required, in order to fulfill our contractual obligations.
General information on revocation and opposition (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data using cookie technologies (collectively referred to as “opt-out”). You can first explain your objection using the settings of your browser, e.g. by deactivating the use of cookies (which can also restrict the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be made using a variety of services, especially in the case of tracking, via the websites http://optout.aboutads.info and http://www.youronlinechoices.com/ be explained. In addition, you can receive further objection notices in the context of the information on the service providers and cookies used.
Processing of cookie data based on consentBefore we process or process data in the context of the use of cookies, we ask the user for a revocable consent. Before consent has been given, cookies may be used that are necessary for the operation of our online offer. Their use is based on our interest and the interest of the users in the expected functionality of our online offer.
- Processed data types: Usage data (eg visited websites, interest in content, access times), meta / communication data (eg device information, IP addresses).
- Affected people: Users (eg website visitors, users of online services).
- Legal basis: 6 para. 1 p. 1 lit. a DSGVO), entitled interests (Art. 6 para. 1 p. 1 lit. f.DSGVO).
Blogs and publication media
We use blogs or comparable means of online communication and publication (hereinafter “publication medium”). The data of the readers are only processed for the purposes of the publication medium to the extent that it is necessary for its presentation and communication between authors and readers or for security reasons. We also refer to the information on the processing of visitors to our publication medium in the context of this data protection notice.
Comments and contributions: When users leave comments or other posts, their IP addresses can be stored based on our legitimate interests. This is for our own security, if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we may be sued for the comment or post and are therefore interested in the identity of the author.
Furthermore, we reserve the right, based on our legitimate interests, to process users' information for the purpose of spam detection.
On the same legal basis, we reserve the right, in the case of surveys, to store the IP addresses of users for the duration of their use and to use cookies to avoid multiple votes.
The information provided in the comments and contributions to the person, any contact and website information as well as the content information is stored by us until the opposition of the user permanently.
- Processed data types: Inventory data (eg names, addresses), contact data (eg e-mail, telephone numbers), content data (eg text input, photographs, videos), usage data (eg visited websites, interest in content, access times), meta / communication data (eg device information , IP addresses).
- Affected people: Users (eg website visitors, users of online services).
- Purposes of processing: Contractual services and service, feedback (eg collecting feedback via online form), security measures, administration and answering of inquiries.
- Legal basis: Performance of the contract and pre-contractual inquiries (Art. 6 para. 1 S. 1 lit. DSGVO), entitled interests (Art. 6 para. 1 S. 1 lit. f.DSGVO), consent (Art. 6 para. 1 p. 1 lit. a DSGVO), protection of vital interests (Art. 6 para. 1 S. 1 lit.
Contacting us
When contacting us (eg via contact form, e-mail, telephone or via social media), the details of the requesting persons are processed, as far as this is necessary to answer the contact requests and any requested measures.
Responding to the contact requests in the context of contractual or pre-contractual relationships is to fulfill our contractual obligations or to answer (pre) contractual requests and otherwise on the basis of legitimate interests in answering the requests.
- Processed data types: Inventory data (eg names, addresses), contact data (eg e-mail, telephone numbers), content data (eg text input, photographs, videos).
- Affected people: Communication partner.
- Purposes of processing: Contact requests and communication.
- Legal basis: Performance of the contract and pre-contractual inquiries (Art. 6 para. 1 S. 1 lit. DSGVO), entitled interests (Art. 6 para. 1 S. 1 lit. f.DSGVO).
Provision of the online offer and web hosting
To provide our online offer safely and efficiently, we use the services of one or more web hosting providers whose servers (or servers managed by them) can access the online offer. For these purposes, we may use infrastructure and platform services, computing capacity, storage and database services, as well as security and technical maintenance services.
The data processed in the provision of the hosting offer may include all information relating to the use and communication of the users of our online offer. This includes, on a regular basis, the IP address necessary to deliver the content of online content to browsers, and all submissions made within our online offer or web pages.
E-mail delivery and hosting: The webhosting services we use also include the sending, receiving and saving of e-mails. For these purposes, the addresses of the recipients and senders as well as further information regarding the e-mail delivery (eg the participating providers) as well as the contents of the respective e-mails are processed. The aforementioned data may also be processed for purposes of SPAM detection. We ask you to note that e-mails on the Internet are generally not encrypted. As a rule, e-mails are encrypted on the transport route, but (if no so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We can therefore take no responsibility for the transmission of emails between the sender and the reception on our server.
Collection of access data and log files: We ourselves (or our web hosting provider) collect data for each access to the server (so-called server log files). The server logfiles can contain the address and name of the retrieved web pages and files, the date and time of retrieval, transferred data volumes, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP address. Addresses and the requesting provider belong.
The server log files can be used for security purposes, for example, to avoid overloading the servers (especially in the case of abusive attacks, so-called DDoS attacks) and second, to ensure the utilization of the servers and their stability.
- Processed data types: Content data (eg text input, photographs, videos), usage data (eg visited websites, interest in content, access times), meta / communication data (eg device information, IP addresses).
- Affected people: Users (eg website visitors, users of online services).
- Legal basis: Justified interests (Art. 6 para. 1 S. 1 lit. f.DSGVO).
We send newsletters, e-mails and other electronic notifications (hereinafter “newsletter”) only with the consent of the recipient or legal permission. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the consent of the user. In addition, our newsletters contain information about our services and us.
To subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name for personal address in the newsletter, or other information as required for the purpose of the newsletter.
Double opt-in procedure: The registration for our newsletter basically takes place in a so-called double opt-in procedure. This means that you will receive an e-mail after logging in, requesting confirmation of your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. Registration for the newsletter will be logged in order to prove the registration process in accordance with the legal requirements. This includes saving the login and confirmation times as well as the IP address. Likewise, changes to your data stored with the shipping service provider will be logged.
Deletion and limitation of processing: We can save the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the previous existence of consent is confirmed at the same time. In the event of obligations to permanently observe contradictions, we reserve the right to store the e-mail address in a blacklist for this purpose alone.
The logging of the registration process is based on our legitimate interests for the purpose of proving its proper course. Insofar as we commission a service provider with the dispatch of e-mails, this is done on the basis of our legitimate interests in an efficient and secure shipping system.
Notes on legal bases: The sending of the newsletter is based on the consent of the recipient or, if consent is not required, on the basis of our legitimate interests in direct marketing, if and insofar as this is permitted by law, eg in the case of existing customer advertising. Insofar as we entrust a service provider with the sending of e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests in order to prove that it has been performed in accordance with the law.
Content: Information about us, our services, promotions and offers.
measuring success: The newsletters contain a so-called "web beacon", ie a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, from its server. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of retrieval, is collected.
This information is used to improve the technicality of our newsletter based on the technical data or the target groups and their reading habits, based on their retrieval locations (which can be determined using the IP address) or access times. This analysis also includes determining if the newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our goal nor, if used, that of the shipping service provider to observe individual users. The evaluations serve to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The evaluation of the newsletter and the performance measurement are made, subject to the express consent of the users, on the basis of our legitimate interests for the purpose of using a user-friendly and secure newsletter system which serves both our business interests and the expectations of the users.
A separate revocation of the performance measurement is unfortunately not possible, in this case, the entire newsletter subscription must be terminated, or it must be contradicted.
- Processed data types: Inventory data (eg names, addresses), contact data (eg e-mail, telephone numbers), meta / communication data (eg device information, IP addresses), usage data (eg visited websites, interest in content, access times).
- Affected people: Communication partner.
- Purposes of processing: Direct marketing (eg by e-mail or by post).
- Legal basis: 6 para. 1 p. 1 lit. a DSGVO), entitled interests (Art. 6 para. 1 p. 1 lit. f.DSGVO).
- Opposition possibility (opt-out): You can cancel the receipt of our newsletter at any time, ie revoke your consent, or object to further reception. You can find a link to cancel the newsletter either at the end of each newsletter or else you can use one of the above-mentioned contact options, preferrably e-mail.
Online marketing
We process personal data for online marketing purposes, which can include, in particular, the marketing of advertising space or the presentation of advertising and other content (collectively referred to as “content”) based on the potential interests of users and the measurement of their effectiveness.
For these purposes, so-called user profiles are created and stored in a file (so-called “cookie”) or similar processes are used, by means of which the user information relevant to the presentation of the aforementioned content is saved. This information can include content viewed, websites visited, online networks used, but also communication partners and technical information such as the browser used, the computer system used and information on usage times. If users have consented to their location data being collected, this can also be processed.
The IP addresses of the users are also saved. However, we use available IP masking procedures (ie, pseudonymisation by shortening the IP address) to protect users. In general, no clear user data (such as e-mail addresses or names) are stored in the online marketing process, but pseudonyms. This means that we and the providers of online marketing processes do not know the actual identity of the users, only the information stored in their profiles.
The information in the profiles is usually stored in the cookies or similar procedures. These cookies can later generally also on other websites that use the same online marketing method, read and analyzed for purposes of displaying content as well as be supplemented with other data and stored on the server of the online marketing process provider.
By way of exception, clear data can be assigned to the profiles. This is the case if, for example, the users are members of a social network whose online marketing process we use and the network connects the profiles of the users in the aforementioned information. We ask you to note that users can make additional agreements with the providers, eg by consent during the registration process.
In principle, we only have access to summarized information about the success of our advertisements. However, in the context of so-called conversion measurements, we can examine which of our online marketing methods led to a so-called conversion, ie, for example, to a contract with us. The conversion measurement is used solely to analyze the success of our marketing efforts.
Unless otherwise stated, please assume that cookies used will be stored for a period of two years.
Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is the consent. Otherwise, users' data will be processed based on our legitimate interests (ie interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.
Facebook Pixel: With the help of the Facebook pixel, Facebook is on the one hand able to determine the visitors to our online offer as a target group for the presentation of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to only send Facebook ads to those users on Facebook and within the services of the partners cooperating with Facebook (so-called “Audience Network”). https://www.facebook.com/audiencenetwork/ ) who have also shown an interest in our online offer or who have certain characteristics (e.g. interest in certain topics or products that can be seen from the websites visited) that we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we would also like to ensure that our Facebook ads correspond to the potential interest of the users and are not annoying. With the help of the Facebook pixel, we can also understand the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion measurement").
- Processed data types: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (data indicating the location of an end user's end device).
- Affected people: Users (e.g. website visitors, users of online services), interested parties.
- Purposes of processing: Tracking (eg interest / behavioral profiling, use of cookies), remarketing, visit action evaluation, interest-based and behavioral marketing, profiling (creating user profiles), conversion measurement (measuring the effectiveness of marketing measures), range measurement (eg access statistics, recognition of returning visitors), target group formation (Determination of target audience for marketing purposes or other content distribution), cross-device tracking (cross-device processing of user data for marketing purposes).
- Safety measures: IP masking (pseudonymization of the IP address).
- Legal basis: 6 para. 1 p. 1 lit. a DSGVO), entitled interests (Art. 6 para. 1 p. 1 lit. f.DSGVO).
- Opposition possibility (opt-out): We refer to the data protection notices of the respective providers and the options for objection specified for the providers (so-called “opt-out”). If no explicit opt-out option has been specified, you can turn off cookies in your browser settings. However, this can limit the functions of our online offer. We therefore also recommend the following opt-out options, which are offered in summary for the respective areas:
a) Europe: https://www.youronlinechoices.eu.
b) Canada: https://www.youradchoices.ca/choices.
c) United States: https://www.aboutads.info/choices.
d) Cross-regional: http://optout.aboutads.info.
Deployed services and service providers:
- Google Analytics: Online marketing and web analytics; Service Providers: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA; website: https://marketingplatform.google.com/intl/de/about/analytics/; Data protection: https://policies.google.com/privacy; Privacy Shield (ensuring data protection level when processing data in the US): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opposition possibility (opt-out): opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, Settings for the display of commercials: https://adssettings.google.com/authenticated.
- Facebook Pixel: Facebook pixels; Service Provider: https://www.facebook.com, Facebook Ireland, parent company: Facebook, 4 Hacker Way, Menlo Park, CA 2, USA; website: https://www.facebook.com; Data protection: https://www.facebook.com/about/privacy; Privacy Shield (ensuring data protection level when processing data in the US): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opposition possibility (opt-out): https://www.facebook.com/settings?tab=ads.
Affiliate Programs and Affiliate Links
In our online offering we include so-called affiliate links or other references (which may include discount codes, for example) to the offers and services of third-party providers (collectively referred to as “affiliate links”). If users follow the affiliate links or subsequently take advantage of the offers, we may receive a commission or other benefits from these third parties (collectively referred to as “commission”).
In order to be able to track whether the users have taken advantage of the offers of an affiliate link used by us, it is necessary for the respective third-party providers to know that the users have followed an affiliate link used within our online offer. The assignment of the affiliate links to the respective business transactions or to other actions (e.g. purchases) serves solely the purpose of the commission statement and is canceled as soon as it is no longer required for the purpose.
For the purposes of the aforementioned assignment of the affiliate links, the affiliate links can be supplemented by certain values that are part of the link or otherwise, eg in a cookie, can be stored. The values may include, in particular, the source website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, the type of link used, the type of offer and an online user ID.
Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is the consent. Furthermore, their use may form part of our (pre-) contractual services, provided that the use of the third-party providers has been agreed within this framework. Otherwise, users' data will be processed based on our legitimate interests (ie interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.
- Processed data types: Contract data (eg subject matter, term, customer category), usage data (eg visited websites, interest in content, access times), meta / communication data (eg device information, IP addresses).
- Affected people: Users (eg website visitors, users of online services).
- Purposes of processing: Affiliate tracking.
- Legal basis: 6 para. 1 p. 1 lit. a DSGVO), performance of the contract and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. DSGVO), entitled interests (Art. 6 para. 1 S. 1 fs DSGVO).
Presence in social networks
We maintain online presence within social networks to communicate with or provide information about our users.
We point out that data of the users outside the area of the European Union can be processed. This can result in risks for the users, because for example the enforcement of the rights of the users could be made more difficult. With respect to US providers that are certified under the Privacy Shield or offer comparable guarantees of a secure level of data protection, we point out that they are committed to respecting EU privacy standards.
Furthermore, the data of the users within social networks is usually processed for market research and advertising purposes. For example, user profiles can be created on the basis of the user behavior and resulting user interests. The usage profiles can in turn be used, for example, to switch advertisements inside and outside the networks that are supposed to correspond to the interests of the users. For these purposes, cookies are usually stored on the computers of the users, in which the user behavior and the interests of the users are stored. Furthermore, in the usage profiles, data can also be stored independently of the devices used by the users (in particular if the users are members of the respective platforms and are logged in to them).
For a detailed description of the respective forms of processing and the possibilities of opting out (opt-out), we refer to the privacy statements and information provided by the operators of the respective networks.
Also in the case of requests for information and the assertion of data subject rights, we point out that these can be claimed most effectively from the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, then you can contact us.
- Processed data types: Inventory data (eg names, addresses), contact data (eg e-mail, telephone numbers), content data (eg text input, photographs, videos), usage data (eg visited websites, interest in content, access times), meta / communication data (eg device information , IP addresses).
- Affected people: Users (eg website visitors, users of online services).
- Purposes of processing: Contact inquiries and communication, tracking (eg interest / behavioral profiling, use of cookies), remarketing, coverage measurement (eg access statistics, recognition of returning visitors).
- Legal basis: Justified interests (Art. 6 para. 1 S. 1 lit. f.DSGVO).
Deployed services and service providers:
- Instagram: Social network; Service Providers: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website: https://www.instagram.com; Data protection: http://instagram.com/about/legal/privacy.
- Facebook: Social network; Service Providers: Facebook Ireland, 4 Grand Canal Harbor, Grand Canal Harbor, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; Data protection: https://www.facebook.com/about/privacy; Privacy Shield (ensuring data protection level when processing data in the US): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opposition possibility (Opt-Out): Settings for advertisements: https://www.facebook.com/settings?tab=ads; Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/terms/page_controller_addendum, Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.
- LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring data protection level when processing data in the US): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opposition possibility (opt-out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
- Twitter: Social network; Service Provider: Twitter Inc., 1355 Market Street, 900 Suite, San Francisco, CA 94103, USA; Data protection: https://twitter.com/de/privacy, (Settings) https://twitter.com/personalization; Privacy Shield (ensuring data protection level when processing data in the US): https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
- YouTube: Social network; Service Providers: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA; Data protection: https://policies.google.com/privacy; Privacy Shield (ensuring data protection level when processing data in the US): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opposition possibility (opt-out): https://adssettings.google.com/authenticated.
- Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; Data protection: https://privacy.xing.com/de/datenschutzerklaerung.
Plugins and embedded functions as well as content
We include functional and content elements in our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). This can be, for example, graphics, videos or social media buttons as well as contributions (hereinafter uniformly referred to as “content”).
The integration always presupposes that the third-party providers of this content process the IP address of the user, since without the IP address they would not be able to send the content to their browser. The IP address is therefore required for the display of this content or functions. We endeavor to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and contain, among other things, technical information on the browser and operating system, the websites to be referred to, the time of visit and other information on the use of our online offer, as well as being linked to such information from other sources.
Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is the consent. Otherwise, users' data will be processed based on our legitimate interests (ie interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.
- Processed data types: Usage data (eg visited websites, interest in content, access times), meta / communication data (eg device information, IP addresses).
- Affected people: Users (eg website visitors, users of online services).
- Purposes of processing: Providing our online offer and user-friendliness.
Deletion of data
The data processed by us will be deleted in accordance with the legal requirements, as soon as their consent for processing is revoked or other authorizations cease to exist (eg, if the purpose of the processing of this data has ceased or they are not necessary for the purpose).
Unless the data is deleted because it is necessary for other and legitimate purposes, its processing is limited to these purposes. That is, the data is locked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons or whose storage is required to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.
Further information on the deletion of personal data may also be provided in the context of the individual data protection notices of this privacy policy.
Modification and update of the privacy policy
We ask you to regularly inform yourself about the content of our privacy policy. We will adjust the Privacy Policy as soon as the changes to the data processing we make require it. We will inform you as soon as the changes require your participation (eg consent) or other individual notification.
Rights of data subjects
As the data subject, you have various rights under the GDPR, which arise in particular from Articles 15 to 18 and 21 GDPR:
- Right to object: You have the right at any time, for reasons that arise from your particular situation, against the processing of personal data relating to you, which pursuant to Art. 6 para. 1 lit. e or f DSGVO takes an objection; this also applies to profiling based on these provisions. If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
- Withdrawal with consent: You have the right to revoke your consent at any time.
- Right: You have the right to obtain confirmation as to whether or not data in question is being processed and to obtain information on such data, as well as further information and a copy of the data in accordance with legal requirements.
- Right to rectification: You have the right, in accordance with the legal requirements, to demand the completion of the data concerning you or the correction of the incorrect data concerning you.
- Right to cancellation and limitation of processing: In accordance with the statutory provisions, you have the right to demand that data relating to you be deleted immediately, or alternatively to demand a restriction of the processing of data in accordance with the statutory provisions.
- Right to data portability: You have the right to receive data relating to you provided to us in accordance with the legal requirements in a structured, common and machine-readable format or to request their transmission to another person in charge.
- Complaint to the supervisory authority: You also have the right, in accordance with the law, to a supervisory authority, in particular in the Member State of your usual place of residence, employment or the place of alleged infringement, if you believe that the processing of your personal data infringes the GDPR ,
Cookies and traffic reports
We use "session cookies" from VG Wort, Munich, to measure access to texts in order to determine the likelihood of copying. Session cookies are small pieces of information that a provider stores in the working memory of the visitor's computer. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. Session cookies cannot save any other data. These measurements are carried out by Kantar Germany GmbH according to the scalable central measuring method (SZM). They help to determine the likelihood of individual texts being copied in order to remunerate the legal claims of authors and publishers. We do not collect any personal data via cookies.
Many of our pages are provided with JavaScript calls, through which we report the access to the collecting society Wort (VG Wort). We allow our authors to participate in the distributions of the VG Wort, which complies with the statutory remuneration for the use of copyrighted works in accordance with Art. § Ensure 53 UrhG.
A use of our offers is also possible without cookies. Most browsers are set to automatically accept cookies. However, you can disable the storage of cookies or set your browser to notify you when cookies are sent.
Privacy policy for the use of the Scalable Central Measurement System
Our website and our mobile website use the "Scalable Central Measurement Method" (SZM) from Kantar Germany GmbH to determine statistical parameters to determine the probability of texts being copied.
Anonymous measurements are taken. Alternatively, traffic metering uses a session cookie or a signature created from various automatically transmitted information from your browser to recognize computer systems. IP addresses are only processed in anonymous form.
The procedure was developed in compliance with data protection. The only goal of the procedure is to determine the copying probability of individual texts.
At no time individual users are identified. Your identity always remains protected. You will not receive advertising through the system.
definitions
This section provides an overview of the terminology used in this Privacy Policy. Many of the terms are taken from the law and defined above all in Art. 4 DSGVO. The legal definitions are binding. The following explanations, on the other hand, are intended above all to aid understanding. The terms are sorted alphabetically.
- Affiliate tracking: As part of the affiliate tracking links are logged with the help of the linking websites users to web pages with product or other offers. The operators of the respective linking websites can receive a commission if users follow these so-called affiliate links and then take advantage of the offers (eg buy goods or use services). For this, it is necessary that the providers can track whether users who are interested in certain offers, then perceive this on the occasion of the affiliate links. Therefore, the functionality of affiliate links requires that they be supplemented with certain values that become part of the link or otherwise stored, eg, in a cookie. The values include in particular the source website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user as well as tracking-specific values , such as, for example, ad ID, affiliate ID and categorization.
- Visit Action Evaluation: “Visit action evaluation” (English “Conversion Tracking”) describes a procedure with which the effectiveness of marketing measures can be determined. For this purpose, a cookie is usually stored on the users' devices within the websites on which the marketing measures are carried out and then retrieved again on the target website. For example, we can see whether the advertisements we placed on other websites were successful).
- Cross-Device Tracking: Cross-device tracking is a form of tracking in which users' behavioral and interest information is captured across devices in so-called profiles by assigning users an online identifier. As a result, user information can generally be analyzed for marketing purposes, regardless of the browsers or devices used (eg mobile phones or desktop computers). For most providers, the online ID is not linked to clear data, such as names, postal addresses or e-mail addresses.
- IP masking: “IP masking” is a method in which the last octet, ie the last two numbers of an IP address, is deleted so that the IP address can no longer be used to uniquely identify a person. Therefore, IP masking is a means of pseudonymising processing methods, especially in online marketing
- Interest-based and behavioral marketing: Interest and / or behavioral marketing is when potential interests of users in ads and other content are predicted as accurately as possible. This is done on the basis of information about their pre-behavior (eg visiting certain websites and staying on them, buying behavior or interaction with other users), which are stored in a so-called profile. As a rule, cookies are used for these purposes.
- Conversion measurement: Conversion measurement is a method by which the effectiveness of marketing measures can be determined. As a rule, a cookie is stored on the devices of the users within the websites on which the marketing measures take place, and then retrieved again on the destination website. For example, we can see if the ads we show on other websites have been successful.
- Personal data: “Personal data” is all information that relates to an identified or identifiable natural person (hereinafter “data subject”); A natural person is regarded as identifiable who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or one or more special features, which express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
- Profiling: "Profiling" is any type of automated processing of personal data that consists of using this personal data to identify certain personal aspects that relate to a natural person (depending on the type of profiling, this includes information on age, to analyze, evaluate or predict the gender, location data and movement data, interaction with websites and their content, shopping behavior, social interactions with other people (e.g. the interests in certain content or products, the click behavior on a website or the whereabouts ). Cookies and web beacons are often used for profiling purposes.
- Audience measurement: The range measurement (also known as web analytics) serves to evaluate the flow of visitors to an online offer and may include the behavior or interests of visitors to certain information, such as content of websites. With the help of the range analysis, website owners can recognize, for example, at what time visitors visit their website and what content they are interested in. As a result, they can, for example, better adapt the contents of the website to the needs of their visitors. For purposes of reach analysis, pseudonymous cookies and web beacons are often used to detect returning visitors for more accurate analysis of how to use an online offer.
- remarketing: "Remarketing" or "retargeting" is used when, for example, it is noted for advertising purposes which products a user was interested in on a website in order to remind the user of these products on other websites, for example in advertisements.
- Tracking: One speaks of "tracking" when the behavior of users can be traced across several online offers. As a rule, behavioral and interest information with regard to the online offers used is stored in cookies or on the servers of the tracking technology providers (so-called profiling). This information can then be used, for example, to show users advertisements that are likely to correspond to their interests.
- Responsible: “Responsible person” is the natural or legal person, authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data.
- Processing: “Processing” is any process carried out with or without the aid of automated processes or any such series of processes in connection with personal data. The term is broad and encompasses practically every handling of data, be it the collection, evaluation, storage, transmission or deletion.
- Audience Education: One speaks of target group formation (or “Custom Audiences”) when target groups are determined for advertising purposes, eg the insertion of advertisements. For example, based on a user's interest in certain products or topics on the Internet, it can be concluded that this user is interested in advertisements for similar products or in the online shop in which he viewed the products. One speaks of “lookalike audiences” (or similar target groups), in turn, when the content assessed as suitable is displayed to users whose profiles or interests presumably correspond to the users for whom the profiles were created. Cookies and web beacons are generally used for the purpose of creating custom audiences and lookalike audiences.
Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke