Search

Dis­co­ver the wide ran­ge of AW com­pli­ant products:

Dis­co­ver the wide ran­ge of AW com­pli­ant products:

Your cookie settings

Data protection

This data pro­tec­tion decla­ra­ti­on tells you about the type, scope and pur­po­se of the pro­ces­sing of per­so­nal data (her­ein­af­ter refer­red to as “data”) in the con­text of pro­vi­ding our ser­vices as well as within our online offe­ring and the asso­cia­ted web­sites, func­tions and con­tent as well as exter­nal online pre­sen­ces, such as our social media pro­fi­le (her­ein­af­ter coll­ec­tively refer­red to as “online offe­ring”). With regard to the terms used, such as “pro­ces­sing” or “per­son respon­si­ble”, we refer to the defi­ni­ti­ons in Artic­le 4 of the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR).

Responsible person

Astrid Späth
Cele­ry juice & Co
Sacken­ba­cher Str. 22
97816 Lohr am Main
Email: hi@celeryjuice.com

Types of data processed

  • Inven­to­ry data (e.g., per­so­nal mas­ter data, names or addresses).
  • Cont­act details (e.g., email, tele­pho­ne numbers).
  • Con­tent data (e.g., text ent­ries, pho­to­graphs, videos).
  • Usa­ge data (e.g., web­sites visi­ted, inte­rest in con­tent, access times).
  • Meta/communication data (e.g., device infor­ma­ti­on, IP addresses).Categories of affec­ted per­sons­Vi­si­tors and users of the online offe­ring (her­ein­af­ter we coll­ec­tively refer to the affec­ted per­sons as “users”).
  • Pur­po­se of pro­ces­sing – pro­vi­si­on of the online offer, its func­tions and content.
  • Ans­we­ring cont­act requests and com­mu­ni­ca­ting with users.
  • Safe­ty measures.
  • Reach measurement/marketing

Terms used “Per­so­nal data” is all infor­ma­ti­on that rela­tes to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son (her­ein­af­ter “data sub­ject”); A natu­ral per­son is con­side­red iden­ti­fia­ble if he or she can be iden­ti­fied direct­ly or indi­rect­ly, in par­ti­cu­lar by refe­rence to an iden­ti­fier such as a name, an iden­ti­fi­ca­ti­on num­ber, loca­ti­on data, an online iden­ti­fier (e.g. coo­kie) or one or more spe­cial fea­tures, which are an expres­si­on of the phy­si­cal, phy­sio­lo­gi­cal, gene­tic, psy­cho­lo­gi­cal, eco­no­mic, cul­tu­ral or social iden­ti­ty of that natu­ral person.

“Pro­ces­sing” means any ope­ra­ti­on or series of ope­ra­ti­ons rela­ting to per­so­nal data, car­ri­ed out with or wit­hout the aid of auto­ma­ted pro­ce­du­res. The term is broad and encom­pas­ses vir­tual­ly every way data is handled.

“Pseud­ony­miza­ti­on” means the pro­ces­sing of per­so­nal data in such a way that the per­so­nal data can no lon­ger be attri­bu­ted to a spe­ci­fic data sub­ject wit­hout the use of addi­tio­nal infor­ma­ti­on, pro­vi­ded that this addi­tio­nal infor­ma­ti­on is kept sepa­ra­te­ly and is sub­ject to tech­ni­cal and orga­niza­tio­nal mea­su­res that ensu­re that the per­so­nal data not be assi­gned to an iden­ti­fied or iden­ti­fia­ble natu­ral person.

“Pro­fil­ing” means any type of auto­ma­ted pro­ces­sing of per­so­nal data, which con­sists in using that per­so­nal data to eva­lua­te cer­tain per­so­nal aspects rela­ting to a natu­ral per­son, in par­ti­cu­lar aspects rela­ting to work per­for­mance, eco­no­mic situa­ti­on, health, per­so­nal Ana­ly­ze or pre­dict the pre­fe­ren­ces, inte­rests, relia­bi­li­ty, beha­vi­or, loca­ti­on or move­ments of that natu­ral person.

The “con­trol­ler” is the natu­ral or legal per­son, public aut­ho­ri­ty, insti­tu­ti­on or other body that alo­ne or joint­ly with others deci­des on the pur­po­ses and means of pro­ces­sing per­so­nal data.

“Pro­ces­sor” means a natu­ral or legal per­son, public aut­ho­ri­ty, insti­tu­ti­on or other body that pro­ces­ses per­so­nal data on behalf of the con­trol­ler.
Rele­vant legal bases In accordance with Artic­le 13 GDPR, we will inform you of the legal bases for our data pro­ces­sing. For users from the scope of the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR), i.e. the EU and the EEC, the fol­lo­wing appli­es, unless the legal basis is sta­ted in the data pro­tec­tion decla­ra­ti­on:
The legal basis for obtai­ning con­sent is Artic­le 6 Para­graph 1 Let­ter a and Artic­le 7 GDPR;
The legal basis for pro­ces­sing to ful­fill our ser­vices and car­ry out con­trac­tu­al mea­su­res as well as ans­wer inqui­ries is Artic­le 6 Para­graph 1 Let­ter b GDPR;
The legal basis for pro­ces­sing to ful­fill our legal obli­ga­ti­ons is Artic­le 6 (1) © GDPR;
In the event that the vital inte­rests of the data sub­ject or ano­ther natu­ral per­son requi­re the pro­ces­sing of per­so­nal data, Artic­le 6 Para­graph 1 Let­ter d GDPR ser­ves as the legal basis.
The legal basis for the pro­ces­sing neces­sa­ry to car­ry out a task that is in the public inte­rest or in the exer­cise of offi­ci­al aut­ho­ri­ty ves­ted in the per­son respon­si­ble is Artic­le 6 (1) (e) GDPR.
The legal basis for pro­ces­sing to pro­tect our legi­ti­ma­te inte­rests is Artic­le 6 (1) (f) GDPR.
The pro­ces­sing of data for pur­po­ses other than tho­se for which they were coll­ec­ted is deter­mi­ned in accordance with the pro­vi­si­ons of Artic­le 6 (4) GDPR.
The pro­ces­sing of spe­cial cate­go­ries of data (accor­ding to Art. 9 Para. 1 GDPR) is deter­mi­ned in accordance with the pro­vi­si­ons of Art. 9 Para. 2 GDPR.
Secu­ri­ty mea­su­res We take appro­pria­te tech­ni­cal and orga­niza­tio­nal mea­su­res in accordance with the legal requi­re­ments, taking into account the sta­te of the art, the imple­men­ta­ti­on cos­ts and the type, scope, cir­cum­s­tances and pur­po­ses of the pro­ces­sing as well as the dif­fe­rent pro­ba­bi­li­ty of occur­rence and seve­ri­ty of the risk to the rights and free­doms of natu­ral per­sons to ensu­re a level of pro­tec­tion appro­pria­te to the risk.

The mea­su­res include, in par­ti­cu­lar, ensu­ring the con­fi­den­tia­li­ty, inte­gri­ty and avai­la­bi­li­ty of data by con­trol­ling phy­si­cal access to the data, as well as the access, input, dis­tri­bu­ti­on, ensu­ring avai­la­bi­li­ty and its sepa­ra­ti­on. We have also set up pro­ce­du­res to ensu­re the exer­cise of the rights of tho­se affec­ted, the dele­ti­on of data and the respon­se to thre­ats to data. Fur­ther­mo­re, we take the pro­tec­tion of per­so­nal data into account when deve­lo­ping or sel­ec­ting hard­ware, soft­ware and pro­ces­ses, in accordance with the prin­ci­ple of data pro­tec­tion through tech­no­lo­gy design and through data pro­tec­tion-fri­end­ly default set­tings.
Coope­ra­ti­on with pro­ces­sors, joint con­trol­lers and third par­tie­sIf, as part of our pro­ces­sing, we dis­c­lo­se data to other peo­p­le and com­pa­nies (pro­ces­sors, joint con­trol­lers or third par­ties), trans­mit it to them or other­wi­se grant them access to the data, this only takes place on the basis of legal per­mis­si­on (e.g. if a trans­fer of data to third par­ties, such as pay­ment ser­vice pro­vi­ders, is neces­sa­ry to ful­fill the con­tract), users have con­sen­ted, a legal obli­ga­ti­on requi­res this or on the basis of our legi­ti­ma­te inte­rests (e.g. when using agents, web hosts, etc.).

If we dis­c­lo­se, trans­mit or other­wi­se grant access to data to other com­pa­nies in our group of com­pa­nies, this is done in par­ti­cu­lar for admi­nis­tra­ti­ve pur­po­ses as a legi­ti­ma­te inte­rest and, moreo­ver, on a basis that com­pli­es with legal requi­re­ments.
Trans­fers to third count­ries If we pro­cess data in a third coun­try (i.e. out­side the Euro­pean Uni­on (EU), the Euro­pean Eco­no­mic Area (EEA) or the Swiss Con­fe­de­ra­ti­on) or in the con­text of using third-par­ty ser­vices or dis­clo­sing or trans­fer­ring data to other peo­p­le or com­pa­ny, this only occurs if it occurs to ful­fill our (pre-)contractual obli­ga­ti­ons, based on your con­sent, based on a legal obli­ga­ti­on or based on our legi­ti­ma­te inte­rests. Sub­ject to express con­sent or con­trac­tual­ly requi­red trans­fer, we only pro­cess or lea­ve the data in third count­ries with a reco­gni­zed level of data pro­tec­tion, which include US pro­ces­sors cer­ti­fied under the “Pri­va­cy Shield” or on the basis of spe­cial gua­ran­tees, such as con­trac­tu­al obli­ga­ti­ons through so-cal­led stan­dard pro­tec­tion clau­ses the EU Com­mis­si­on, the exis­tence of cer­ti­fi­ca­ti­ons or bin­ding inter­nal data pro­tec­tion regu­la­ti­ons (Artic­les 44 to 49 GDPR, Infor­ma­ti­on page of the EU Com­mis­si­on).Rights of the data sub­jects­Right to infor­ma­ti­on: You have the right to request con­fir­ma­ti­on as to whe­ther the data in ques­ti­on is being pro­ces­sed and to request infor­ma­ti­on about this data as well as fur­ther infor­ma­ti­on and a copy of the data in accordance with the legal requirements.

Right to rec­ti­fi­ca­ti­on: You have accor­din­gly. In accordance with legal requi­re­ments, you have the right to request that the data con­cer­ning you be com­ple­ted or that incor­rect data con­cer­ning you be corrected.

Right to dele­ti­on and rest­ric­tion of pro­ces­sing: In accordance with the legal requi­re­ments, you have the right to demand that the data in ques­ti­on be dele­ted imme­dia­te­ly or, alter­na­tively, to request that the pro­ces­sing of the data be rest­ric­ted in accordance with the legal requirements.

Right to data por­ta­bi­li­ty: You have the right to recei­ve data con­cer­ning you that you have pro­vi­ded to us in a struc­tu­red, com­mon and machi­ne-rea­da­ble for­mat in accordance with legal requi­re­ments or to request that it be trans­mit­ted to ano­ther per­son responsible.

Com­plaint to the super­vi­so­ry aut­ho­ri­ty: You also have the right, in accordance with legal requi­re­ments, to sub­mit a com­plaint to the respon­si­ble super­vi­so­ry aut­ho­ri­ty.
Right of revo­ca­tionY­ou have the right to revo­ke your con­sent with effect for the future.Right to objectRight to object: You have the right, for reasons ari­sing from your par­ti­cu­lar situa­ti­on, to object at any time to the pro­ces­sing of your per­so­nal data, which is car­ri­ed out on the basis of Artic­le 6 (1) (e) or (f) of the GDPR; This also appli­es to pro­fil­ing based on the­se pro­vi­si­ons. If your per­so­nal data is pro­ces­sed for the pur­po­se of direct adver­ti­sing, you have the right to object at any time to the pro­ces­sing of your per­so­nal data for the pur­po­se of such adver­ti­sing; This also appli­es to pro­fil­ing inso­far as it is con­nec­ted to such direct adver­ti­sing.Coo­kies and the right to object to direct adver­ti­sing “Coo­kies” are small files that are stored on users’ com­pu­ters. Dif­fe­rent infor­ma­ti­on can be stored within the coo­kies. A coo­kie is pri­ma­ri­ly used to store infor­ma­ti­on about a user (or the device on which the coo­kie is stored) during or after their visit to an online offe­ring. Tem­po­ra­ry coo­kies, or “ses­si­on coo­kies” or “tran­si­ent coo­kies,” are coo­kies that are dele­ted after a user lea­ves an online offe­ring and clo­ses their brow­ser. Such a coo­kie can, for exam­p­le, store the con­tents of a shop­ping cart in an online shop or a log­in sta­tus. Coo­kies that remain stored even after the brow­ser is clo­sed are refer­red to as “per­ma­nent” or “per­sis­tent”. For exam­p­le, the log­in sta­tus can be saved if users visit it after seve­ral days. The inte­rests of users can also be stored in such a coo­kie, which is used for ran­ge mea­su­re­ment or mar­ke­ting pur­po­ses. “Third-par­ty coo­kies” are coo­kies that are offe­red by pro­vi­ders other than the per­son respon­si­ble for ope­ra­ting the online offe­ring (other­wi­se, if they are only their coo­kies, they are refer­red to as “first-par­ty cookies”).

We can use tem­po­ra­ry and per­ma­nent coo­kies and explain this in our data pro­tec­tion declaration.

If we ask users to con­sent to the use of coo­kies (e.g. as part of coo­kie con­sent), the legal basis for this pro­ces­sing is Artic­le 6 Para­graph 1 Let­ter a. GDPR. Other­wi­se, the users’ per­so­nal coo­kies are pro­ces­sed in accordance with the fol­lo­wing expl­ana­ti­ons in this data pro­tec­tion decla­ra­ti­on on the basis of our legi­ti­ma­te inte­rests (ie inte­rest in the ana­ly­sis, opti­miza­ti­on and eco­no­mic ope­ra­ti­on of our online offe­ring within the mea­ning of Art. 6 Para. 1 lit. f. GDPR) or if the use of coo­kies is neces­sa­ry to pro­vi­de our con­tract-rela­ted ser­vices, in accordance with Artic­le 6 Para­graph 1 Let­ter b. GDPR, or if the use of coo­kies is neces­sa­ry for the per­for­mance of a task that is in the public inte­rest or in the exer­cise of offi­ci­al aut­ho­ri­ty, in accordance with Artic­le 6 Para­graph 1 Let­ter e. GDPR, processed.

If users do not want coo­kies to be stored on their com­pu­ter, they are asked to deac­ti­va­te the cor­re­spon­ding opti­on in the sys­tem set­tings of their brow­ser. Saved coo­kies can be dele­ted in the browser’s sys­tem set­tings. The exclu­si­on of coo­kies can lead to func­tion­al rest­ric­tions of this online offer.

A gene­ral objec­tion to the use of coo­kies used for online mar­ke­ting pur­po­ses can be made for a lar­ge num­ber of ser­vices, espe­ci­al­ly in the case of track­ing, via the US web­site http://​www​.abou​ta​ds​.info/​c​h​o​i​c​es/ or the EU side http://​www​.you​ron​line​choices​.com/ be explai­ned. Fur­ther­mo­re, the sto­rage of coo­kies can be achie­ved by swit­ching them off in the brow­ser set­tings. Plea­se note that not all func­tions of this online offer may then be able to be used. Dele­ti­on of data The data pro­ces­sed by us will be dele­ted or its pro­ces­sing rest­ric­ted in accordance with legal requi­re­ments. Unless express­ly sta­ted in this data pro­tec­tion decla­ra­ti­on, the data stored by us will be dele­ted as soon as they are no lon­ger requi­red for their inten­ded pur­po­se and the dele­ti­on does not con­flict with any legal reten­ti­on obligations.

Unless the data is dele­ted becau­se it is requi­red for other legal­ly per­mis­si­ble pur­po­ses, its pro­ces­sing will be rest­ric­ted. This means that the data is blo­cked and not pro­ces­sed for other pur­po­ses. This appli­es, for exam­p­le, to data that must be retai­ned for com­mer­cial or tax reasons.Changes and updates to the data pro­tec­tion decla­ra­ti­on­We ask you to regu­lar­ly inform yours­elf about the con­tent of our data pro­tec­tion decla­ra­ti­on. We will adapt the data pro­tec­tion decla­ra­ti­on as soon as chan­ges to the data pro­ces­sing we car­ry out make this neces­sa­ry. We will inform you as soon as the chan­ges requi­re your coope­ra­ti­on (e.g. con­sent) or other indi­vi­du­al noti­fi­ca­ti­on. Busi­ness-rela­ted pro­ces­sing We also process

  • Con­tract data (e.g., sub­ject mat­ter of the con­tract, term, cus­to­mer category).
  • Pay­ment data (e.g., bank details, pay­ment history)

from our cus­to­mers, inte­res­ted par­ties and busi­ness part­ners for the pur­po­se of pro­vi­ding con­trac­tu­al ser­vices, ser­vice and cus­to­mer care, mar­ke­ting, adver­ti­sing and mar­ket rese­arch. Regis­tra­ti­on func­tion Users can crea­te a user account. As part of the regis­tra­ti­on, the requi­red man­da­to­ry infor­ma­ti­on is com­mu­ni­ca­ted to the users and pro­ces­sed on the basis of Artic­le 6 Para­graph 1 Let­ter b GDPR for the pur­po­ses of pro­vi­ding the user account. The data pro­ces­sed includes, in par­ti­cu­lar, log­in infor­ma­ti­on (name, pass­word and an email address). The data ente­red during regis­tra­ti­on will be used for the pur­po­ses of using the user account and its purpose.

Users can be infor­med by email about infor­ma­ti­on rele­vant to their user account, such as tech­ni­cal chan­ges. If users have ter­mi­na­ted their user account, their data rela­ting to the user account will be dele­ted, sub­ject to a legal reten­ti­on requi­re­ment. It is the users’ respon­si­bi­li­ty to back up their data befo­re the end of the con­tract if the con­tract is ter­mi­na­ted. We are entit­led to irre­trie­v­a­b­ly dele­te all user data stored during the term of the contract.

As part of the use of our regis­tra­ti­on and log­in func­tions and the use of the user account, we store the IP address and the time of the respec­ti­ve user action. The sto­rage is based on our legi­ti­ma­te inte­rests, as well as the user’s pro­tec­tion against misu­se and other unaut­ho­ri­zed use. In prin­ci­ple, this data will not be pas­sed on to third par­ties unless it is neces­sa­ry to pur­sue our claims or the­re is a legal obli­ga­ti­on to do so in accordance with Artic­le 6 Para­graph 1 Let­ter c. GDPR. The IP addres­ses will be anony­mi­zed or dele­ted after 7 days at the latest.
Comm­ents and con­tri­bu­ti­ons­If users lea­ve comm­ents or other con­tri­bu­ti­ons, their IP addres­ses may be stored for 7 days based on our legi­ti­ma­te inte­rests within the mea­ning of Art. 6 Para. 1 lit. f. GDPR. This is done for our secu­ri­ty if someone lea­ves ille­gal con­tent in comm­ents and posts (insults, for­bidden poli­ti­cal pro­pa­gan­da, etc.). In this case, we our­sel­ves can be pro­se­cu­ted for the com­ment or con­tri­bu­ti­on and are the­r­e­fo­re inte­res­ted in the iden­ti­ty of the author.

We also reser­ve the right to pro­cess user infor­ma­ti­on for spam detec­tion based on our legi­ti­ma­te inte­rests in accordance with Artic­le 6 Para­graph 1 Let­ter f of the GDPR.

On the same legal basis, in the case of sur­veys, we reser­ve the right to store users’ IP addres­ses for their dura­ti­on and to use coo­kies to avo­id mul­ti­ple voting.

The per­so­nal infor­ma­ti­on pro­vi­ded in the comm­ents and posts, any cont­act and web­site infor­ma­ti­on as well as the con­tent infor­ma­ti­on, will be stored per­ma­nent­ly by us until the user objects.Comment sub­scrip­ti­ons­The fol­low-up comm­ents can be made by users with their con­sent in accordance with Artic­le 6 Para­graph 1 lit. a GDPR can be sub­scri­bed to. Users recei­ve a con­fir­ma­ti­on email to check whe­ther they are the owner of the email address they ente­red. Users can unsub­scri­be from ongo­ing com­ment sub­scrip­ti­ons at any time. The con­fir­ma­ti­on email will con­tain infor­ma­ti­on about the can­cel­la­ti­on opti­ons. For the pur­po­se of pro­ving users’ con­sent, we store the regis­tra­ti­on time along with the users’ IP address and dele­te this infor­ma­ti­on when users unsub­scri­be from the subscription.

You can can­cel your sub­scrip­ti­on to our sub­scrip­ti­on at any time, i.e. revo­ke your con­sent. We can store the unsub­scri­bed email addres­ses for up to three years based on our legi­ti­ma­te inte­rests befo­re dele­ting them in order to be able to pro­ve that con­sent was pre­vious­ly given. The pro­ces­sing of this data is limi­t­ed to the pur­po­se of pos­si­ble defen­se against claims. An indi­vi­du­al request for dele­ti­on is pos­si­ble at any time, pro­vi­ded that the pre­vious exis­tence of con­sent is con­firm­ed at the same time. Retrie­val of pro­fi­le pic­tures from Grava­tar Within our online offe­ring and in par­ti­cu­lar in the blog, we use the Grava­tar ser­vice from Auto­mat­tic Inc., 60 29th Street #343, San Fran­cis­co, CA 94110, USA , a.

Grava­tar is a ser­vice whe­re users can regis­ter and store pro­fi­le pic­tures and their email addres­ses. If users lea­ve posts or comm­ents with the respec­ti­ve email address on other online pre­sen­ces (espe­ci­al­ly in blogs), their pro­fi­le pic­tures can be dis­play­ed next to the posts or comm­ents. For this pur­po­se, the email address pro­vi­ded by the user is sent to Grava­tar in encrypt­ed form to check whe­ther a pro­fi­le has been saved for it. This is the sole pur­po­se of trans­mit­ting the email address and it will not be used for other pur­po­ses but will be dele­ted afterwards.

The use of Grava­tar is based on our legi­ti­ma­te inte­rests within the mea­ning of Artic­le 6 Para­graph 1 Let­ter f) GDPR, as with the help of Grava­tar we offer post and com­ment aut­hors the oppor­tu­ni­ty to per­so­na­li­ze their posts with a pro­fi­le picture.

By dis­play­ing the images, Grava­tar lear­ns the user’s IP address, as this is neces­sa­ry for com­mu­ni­ca­ti­on bet­ween a brow­ser and an online ser­vice. Fur­ther infor­ma­ti­on on Gravatar’s coll­ec­tion and use of data can be found in Automattic’s data pro­tec­tion infor­ma­ti­on: https://​auto​mat​tic​.com/​p​r​i​v​a​cy/.

If users do not want a user image lin­ked to their Grava­tar email address to appear in the comm­ents, they should use an email address that is not stored with Grava­tar to com­ment. We would also like to point out that it is also pos­si­ble to use an anony­mous email address or no email address at all if users do not want their own email address to be sent to Grava­tar. Users can com­ple­te­ly pre­vent the trans­mis­si­on of data by not using our com­ment sys­tem. Retrie­val of emo­jis and smi­lies Within our Word­Press blog, gra­phic emo­jis (or smi­lies), i.e. small gra­phic files that express fee­lings, are used, which are obtai­ned from exter­nal ser­vers beco­me. The ser­ver pro­vi­ders coll­ect the IP addres­ses of the users. This is neces­sa­ry so that the emo­ji files can be deli­ver­ed to users’ brow­sers. The Emo­jie ser­vice is pro­vi­ded by Auto­mat­tic Inc., 60 29th Street #343, San Fran­cis­co, CA 94110, USA. Automattic’s pri­va­cy poli­cy: https://​auto​mat​tic​.com/​p​r​i​v​a​cy/. The ser­ver domains used are sworg and twe​mo​ji​.maxcdn​.com, which, as far as we know, are so-cal­led con­tent deli­very net­works, i.e. ser­vers that only ser­ve to quick­ly and secu­re­ly trans­mit files and the users’ per­so­nal data dele­ted upon transmission.

The use of the emo­jis is based on our legi­ti­ma­te inte­rests, i.e. inte­rest in an attrac­ti­ve design of our online offe­ring in accordance with Art. 6 Para. 1 lit. f. GDPR. Estab­li­shing cont­act­When cont­ac­ting us (e.g. via cont­act form, email, tele­pho­ne or via social media), the user’s details are used to pro­cess the cont­act request and its hand­ling in accordance with Artic­le 6 Para­graph 1 Let­ter b. (as part of con­trac­tual/p­re-con­trac­tu­al rela­ti­onships), Art. 6 Para­graph 1 lit get saved.

We dele­te the requests if they are no lon­ger neces­sa­ry. We review the neces­si­ty every two years; The sta­tu­to­ry archi­ving obli­ga­ti­ons also apply.Communication via Face­book Mes­sen­ger­We use Face­book Mes­sen­ger for com­mu­ni­ca­ti­on pur­po­ses and ask you to pro­vi­de the fol­lo­wing infor­ma­ti­on on the func­tion­a­li­ty, encryp­ti­on, risks of Face­book Mes­sen­ger, use of meta­da­ta within the Face­book group of com­pa­nies and yours Pos­si­ble objec­tions should be taken into account.
You do not have to use Face­book Mes­sen­ger and can cont­act us using alter­na­ti­ve methods, such as tele­pho­ne or email. Plea­se use the cont­act opti­ons pro­vi­ded to you or use the cont­act opti­ons pro­vi­ded on our website.

Face­book Mes­sen­ger is offe­red by Face­book Ire­land Ltd., 4 Grand Canal Squa­re, Grand Canal Har­bour, Dub­lin 2, Ire­land, wher­eby the data ente­red and other­wi­se coll­ec­ted as part of the com­mu­ni­ca­ti­on is car­ri­ed out in the USA by Face­book, 1 Hacker Way, Men­lo Park, CA 94025, USA.

Howe­ver, Face­book is cer­ti­fied under the Pri­va­cy Shield Agree­ment and the­r­e­fo­re gua­ran­tees that it will com­ply with Euro­pean and Swiss data pro­tec­tion law (https://​www​.pri​va​cys​hield​.gov/​p​a​r​t​i​c​i​p​a​n​t​?​i​d​=​a​2​z​t​0​0​0​0​0​0​0​G​n​y​w​A​A​C​&​s​t​a​t​u​s​=​A​c​t​ive).

Face­book also ensu­res that the com­mu­ni­ca­ti­on con­tent (i.e. the con­tent of your mes­sa­ge and atta­ched images) can­not be read and offers end-to-end encryp­ti­on of the con­tent. This means that the con­tent of the mes­sa­ges can­not be view­ed, not even by Face­book its­elf. Howe­ver, end-to-end encryp­ti­on requi­res acti­va­ti­on, which you must acti­va­te in your Mes­sen­ger set­tings using the “Secret Con­ver­sa­ti­ons” menu item. You should always use a cur­rent ver­si­on of Face­book Mes­sen­ger to ensu­re that the mes­sa­ge con­tent is encrypted.

We would like to point out to our com­mu­ni­ca­ti­on part­ners that even if encryp­ti­on is acti­va­ted, Face­book can find out that and when com­mu­ni­ca­ti­on part­ners com­mu­ni­ca­te with us as well as pro­cess tech­ni­cal infor­ma­ti­on about the device used by the com­mu­ni­ca­ti­on part­ner and, depen­ding on the set­tings of their device, loca­ti­on infor­ma­ti­on (so-cal­led meta­da­ta). Except for the encrypt­ed con­tent, it is pos­si­ble to trans­mit the data of com­mu­ni­ca­ti­on part­ners within the Face­book group of com­pa­nies, in par­ti­cu­lar for the pur­po­ses of opti­mi­zing the respec­ti­ve ser­vices and secu­ri­ty pur­po­ses. Com­mu­ni­ca­ti­on part­ners should also assu­me, at least as long as they have not objec­ted to this, that their data pro­ces­sed by Face­book Mes­sen­ger can be used for mar­ke­ting pur­po­ses or to dis­play adver­ti­sing tail­o­red to users.

If we ask com­mu­ni­ca­ti­on part­ners for con­sent befo­re com­mu­ni­ca­ting with them via Face­book Mes­sen­ger, the legal basis for our pro­ces­sing of their data is Artic­le 6 Para­graph 1 Let­ter a. GDPR. Fur­ther­mo­re, if we do not ask for your con­sent and, for exam­p­le, you cont­act us on your own initia­ti­ve, we use Whats­App in rela­ti­on to our con­trac­tu­al part­ners and as part of the con­tract initia­ti­on as a con­trac­tu­al mea­su­re in accordance with Artic­le 6 Para­graph 1 Let­ter b. GDPR and, in the case of other inte­res­ted par­ties and com­mu­ni­ca­ti­on part­ners, based on our legi­ti­ma­te inte­rests in fast and effi­ci­ent com­mu­ni­ca­ti­on and mee­ting the needs of our com­mu­ni­ca­ti­on part­ner in com­mu­ni­ca­ti­on via mes­sen­gers in accordance with Art. 6 Para. 1 lit. f. GDPR.

Fur­ther infor­ma­ti­on on the pur­po­ses, types and scope of pro­ces­sing of your data by Face­book, as well as the rele­vant rights and set­ting opti­ons to pro­tect your pri­va­cy, can be found in Facebook’s data pro­tec­tion infor­ma­ti­on: https://​www​.face​book​.com/​a​b​o​u​t​/​p​r​i​v​acy.

You can object to com­mu­ni­ca­ti­on with us via Face­book Mes­sen­ger at any time and ask us not to con­ti­nue com­mu­ni­ca­ti­on via Face­book Mes­sen­ger and to dele­te the com­mu­ni­ca­ti­on con­tent. We dele­te the Face­book mes­sa­ges as soon as we can assu­me that we have ans­we­red any infor­ma­ti­on pro­vi­ded by the user, if no refe­rence to a pre­vious con­ver­sa­ti­on is to be expec­ted and the dele­ti­on does not con­flict with any legal reten­ti­on requirements.

Final­ly, we would like to point out that, for reasons of your secu­ri­ty, we reser­ve the right not to ans­wer inqui­ries via Face­book Mes­sen­ger. This is the case if, for exam­p­le, con­trac­tu­al details requi­re spe­cial sec­re­cy or an ans­wer via mes­sen­ger does not meet the for­mal requi­re­ments. In such cases, we will refer you to more ade­qua­te com­mu­ni­ca­ti­on chan­nels. News­let­ter With the fol­lo­wing infor­ma­ti­on we will inform you about the con­tents of our news­let­ter as well as the regis­tra­ti­on, ship­ping and sta­tis­ti­cal eva­lua­ti­on pro­ce­du­res as well as your rights to object. By sub­scrib­ing to our news­let­ter, you agree to its receipt and the pro­ce­du­res described.

Con­tent of the news­let­ter: We only send news­let­ters, emails and other elec­tro­nic noti­fi­ca­ti­ons with pro­mo­tio­nal infor­ma­ti­on (her­ein­af­ter “news­let­ter”) with the con­sent of the reci­pi­ent or legal per­mis­si­on. If the con­tents are spe­ci­fi­cal­ly descri­bed when regis­tering for the news­let­ter, they are decisi­ve for the user’s con­sent. Our news­let­ters also con­tain infor­ma­ti­on about our ser­vices and us.

Dou­ble opt-in and log­ging: Regis­tra­ti­on for our news­let­ter takes place using a so-cal­led dou­ble opt-in pro­ce­du­re. This means that after you regis­ter you will recei­ve an email asking you to con­firm your regis­tra­ti­on. This con­fir­ma­ti­on is neces­sa­ry so that no one can log in with someone else’s email address. Regis­tra­ti­ons for the news­let­ter are log­ged in order to be able to pro­vi­de evi­dence of the regis­tra­ti­on pro­cess in accordance with legal requi­re­ments. This includes sto­ring the regis­tra­ti­on and con­fir­ma­ti­on times as well as the IP address. Chan­ges to your data stored by the ship­ping ser­vice pro­vi­der are also logged.

Regis­tra­ti­on data: To regis­ter for the news­let­ter, it is suf­fi­ci­ent to pro­vi­de your email address. Optio­nal­ly, we ask you to pro­vi­de a name so that you can be addres­sed per­so­nal­ly in the newsletter.

The news­let­ter is sent and the asso­cia­ted mea­su­re­ment of suc­cess is based on the con­sent of the reci­pi­ent in accordance with Artic­le 6 Para­graph 1 Let­ter a, Artic­le 7 GDPR in con­junc­tion with Sec­tion 7 Para­graph 2 No. 3 UWG or if con­sent is not requi­red , based on our legi­ti­ma­te inte­rests in direct mar­ke­ting in accordance with Art. 6 Para. 1 accor­ding to f. GDPR in con­junc­tion with Sec­tion 7 Para. 3 UWG.

The regis­tra­ti­on pro­cess is log­ged on the basis of our legi­ti­ma­te inte­rests in accordance with Artic­le 6 Para­graph 1 Let­ter f of the GDPR. Our inte­rest is in using a user-fri­end­ly and secu­re news­let­ter sys­tem that ser­ves our busi­ness inte­rests, meets the expec­ta­ti­ons of users and also allows us to pro­vi­de evi­dence of consent.

Termination/revocation – You can ter­mi­na­te your receipt of our news­let­ter at any time, i.e. revo­ke your con­sent. You will find a link to unsub­scri­be from the news­let­ter at the end of each news­let­ter. We can store the unsub­scri­bed email addres­ses for up to three years based on our legi­ti­ma­te inte­rests befo­re dele­ting them in order to be able to pro­ve that con­sent was pre­vious­ly given. The pro­ces­sing of this data is limi­t­ed to the pur­po­se of pos­si­ble defen­se against claims. An indi­vi­du­al request for dele­ti­on is pos­si­ble at any time, pro­vi­ded that the pre­vious exis­tence of con­sent is con­firm­ed at the same time​.Hos​ting and email deli­ver­y­The hos­ting ser­vices we use ser­ve to pro­vi­de the fol­lo­wing ser­vices: infra­struc­tu­re and plat­form ser­vices, com­pu­ting capa­ci­ty, sto­rage space and data­ba­se ser­vices, E‑mail deli­very, secu­ri­ty ser­vices and tech­ni­cal main­ten­an­ce ser­vices that we use for the pur­po­se of ope­ra­ting this online offer.

In doing so, we, or our hos­ting pro­vi­der, pro­cess inven­to­ry data, cont­act data, con­tent data, con­tract data, usa­ge data, meta and com­mu­ni­ca­ti­on data from cus­to­mers, inte­res­ted par­ties and visi­tors to this online offe­ring based on our legi­ti­ma­te inte­rests in the effi­ci­ent and secu­re pro­vi­si­on of this online offe­ring in accordance with Art. 6 Para. 1 lit. f GDPR in con­junc­tion with Art. 28 GDPR (con­clu­si­on of order pro­ces­sing con­tract). Coll­ec­tion of access data and log files We, or our hos­ting pro­vi­der, coll­ect data about every access based on our legi­ti­ma­te inte­rests within the mea­ning of Art. 6 Para­graph 1 lit. f. GDPR to the ser­ver on which this ser­vice is loca­ted (so-cal­led ser­ver log files). The access data includes the name of the web­site acces­sed, file, date and time of access, amount of data trans­fer­red, noti­fi­ca­ti­on of suc­cessful access, brow­ser type and ver­si­on, the user’s ope­ra­ting sys­tem, refer­rer URL (the pre­vious­ly visi­ted page), IP address and the reques­t­ing provider .

Log file infor­ma­ti­on is stored for secu­ri­ty reasons (e.g. to inves­ti­ga­te acts of abu­se or fraud) for a maxi­mum of 7 days and then dele­ted. Data who­se fur­ther sto­rage is requi­red for evi­den­tia­ry pur­po­ses is excluded from dele­ti­on until the respec­ti­ve inci­dent has been final­ly cla​ri​fied​.Goog​le Ana­ly­tics­We use Goog­le Ana­ly­tics, a web ana­ly­sis ser­vice pro­vi­ded by Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land (“Goog­le”) ) a. Goog­le uses coo­kies. The infor­ma­ti­on gene­ra­ted by the coo­kie about users’ use of the online offe­ring is usual­ly trans­fer­red to a Goog­le ser­ver in the USA and stored there.

Goog­le will use this infor­ma­ti­on on our behalf to eva­lua­te the use of our online offe­ring by users, to com­pi­le reports on the acti­vi­ties within this online offe­ring and to pro­vi­de us with other ser­vices rela­ted to the use of this online offe­ring and inter­net usa­ge. Pseud­ony­mous user pro­files can be crea­ted from the pro­ces­sed data.

We only use Goog­le Ana­ly­tics with IP anony­miza­ti­on acti­va­ted. This means that the user’s IP address is shor­ten­ed by Goog­le within mem­ber sta­tes of the Euro­pean Uni­on or in other con­trac­ting sta­tes to the Agree­ment on the Euro­pean Eco­no­mic Area. Only in excep­tio­nal cases will the full IP address be trans­mit­ted to a Goog­le ser­ver in the USA and shor­ten­ed there.

The IP address trans­mit­ted by the user’s brow­ser is not mer­ged with other Goog­le data. Users can pre­vent the sto­rage of coo­kies by set­ting their brow­ser soft­ware accor­din­gly; Users can also pre­vent Goog­le from coll­ec­ting the data gene­ra­ted by the coo­kie and rela­ting to their use of the online offe­ring and from pro­ces­sing this data by Goog­le by down­loa­ding and instal­ling the brow­ser plug-in available at the fol­lo­wing link: http://​tools​.goog​le​.com/​d​l​p​a​g​e​/​g​a​o​p​t​o​u​t​?​h​l​=de.

If we ask users for con­sent (e.g. as part of coo­kie con­sent), the legal basis for this pro­ces­sing is Art. 6 Para. 1 lit. a. GDPR. Other­wi­se, the users’ per­so­nal data will be pro­ces­sed on the basis of our legi­ti­ma­te inte­rests (ie inte­rest in the ana­ly­sis, opti­miza­ti­on and eco­no­mic ope­ra­ti­on of our online offe­ring within the mea­ning of Art. 6 Para. 1 lit. f. GDPR).

To the ext­ent that data is pro­ces­sed in the USA, we would like to point out that Goog­le is cer­ti­fied under the Pri­va­cy Shield Agree­ment and ther­eby gua­ran­tees that it will com­ply with Euro­pean data pro­tec­tion law (https://​www​.pri​va​cys​hield​.gov/​p​a​r​t​i​c​i​p​a​n​t​?​i​d​=​a​2​z​t​0​0​0​0​0​0​0​0​1​L​5​A​A​I​&​s​t​a​t​u​s​=​A​c​t​ive).

Fur­ther infor­ma­ti­on on data usa­ge by Goog­le, set­tings and objec­tion opti­ons can be found in Google’s data pro­tec­tion decla­ra­ti­on (https://​poli​ci​es​.goog​le​.com/​p​r​i​v​acy) as well as in the set­tings for the dis­play of adver­ti­sing by Goog­le (https://​adsset​tings​.goog​le​.com/​a​u​t​h​e​n​t​i​c​a​ted).

The users’ per­so­nal data will be dele­ted or anony­mi­zed after 14 months. Face­book pixel, cus­tom audi­en­ces and Face­book con­ver­si­on Within our online offe­ring, the so-cal­led “Face­book pixel” from the social net­work Face­book, which is ope­ra­ted by Face­book Ire­land Ltd., 4 Grand Canal Squa­re, Grand Canal Har­bour, Dub­lin 2, Ire­land (“Face­book”).

With the help of the Face­book pixel, Face­book is able to deter­mi­ne the visi­tors to our online offe­ring as a tar­get group for the dis­play of adver­ti­se­ments (so-cal­led “Face­book ads”). Accor­din­gly, we use the Face­book pixel to only show the Face­book ads we place to tho­se Face­book users who have shown an inte­rest in our online offe­ring or who have cer­tain cha­rac­te­ristics (e.g. inte­rests in cer­tain topics or pro­ducts) based on the infor­ma­ti­on they visit web­sites) that we trans­mit to Face­book (so-cal­led “Cus­tom Audi­en­ces”). With the help of the Face­book pixel, we also want to ensu­re that our Face­book ads cor­re­spond to the poten­ti­al inte­rest of the users and do not appear annoy­ing. With the help of the Face­book pixel, we can also under­stand the effec­ti­ve­ness of Face­book adver­ti­se­ments for sta­tis­ti­cal and mar­ket rese­arch pur­po­ses by see­ing whe­ther users were redi­rec­ted to our web­site after cli­cking on a Face­book adver­ti­se­ment (so-cal­led “con­ver­si­on”).

The pro­ces­sing of data by Face­book takes place within the frame­work of Facebook’s data usa­ge poli­cy. Accor­din­gly, gene­ral infor­ma­ti­on on the dis­play of Face­book ads in Facebook’s data usa­ge gui­de­lines: https://​www​.face​book​.com/​p​o​l​icy. You can find spe­ci­fic infor­ma­ti­on and details about the Face­book Pixel and how it works in the Face­book help sec­tion: https://​www​.face​book​.com/​b​u​s​i​n​e​s​s​/​h​e​l​p​/​6​5​1​2​9​4​7​0​5​0​1​6​616.

If we ask users for con­sent (e.g. as part of coo­kie con­sent), the legal basis for this pro­ces­sing is Art. 6 Para. 1 lit. a. GDPR. Other­wi­se, the users’ per­so­nal data will be pro­ces­sed on the basis of our legi­ti­ma­te inte­rests (ie inte­rest in the ana­ly­sis, opti­miza­ti­on and eco­no­mic ope­ra­ti­on of our online offe­ring within the mea­ning of Art. 6 Para. 1 lit. f. GDPR).

Face­book is cer­ti­fied under the Pri­va­cy Shield Agree­ment and ther­eby gua­ran­tees that it will com­ply with Euro­pean data pro­tec­tion law (https://​www​.pri​va​cys​hield​.gov/​p​a​r​t​i​c​i​p​a​n​t​?​i​d​=​a​2​z​t​0​0​0​0​0​0​0​G​n​y​w​A​A​C​&​s​t​a​t​u​s​=​A​c​t​ive).

You can object to the coll­ec­tion by the Face­book pixel and the use of your data to dis­play Face­book ads. To set which types of adver­ti­se­ments are shown to you within Face­book, you can go to the page set up by Face­book and fol­low the ins­truc­tions the­re on the set­tings for usa­ge-based adver­ti­sing: https://​www​.face​book​.com/​s​e​t​t​i​n​g​s​?​t​a​b​=​ads. The set­tings are plat­form-inde­pen­dent, mea­ning they are appli­ed to all devices, such as desk­top com­pu­ters or mobi­le devices.

You can also opt out of the use of coo­kies, which are used to mea­su­re reach and for adver­ti­sing pur­po­ses, via the deac­ti­va­ti­on page of the Net­work Adver­ti­sing Initia­ti­ve (http://​optout​.net​work​ad​ver​ti​sing​.org/) and also the US web­site (http://​www​.abou​ta​ds​.info/​c​h​o​i​ces) or the Euro­pean web­site (http://​www​.you​ron​line​choices​.com/​u​k​/​y​o​u​r​-​a​d​-​c​h​o​i​c​es/).Online pre­sen­ces in social media­We main­tain online pre­sen­ces within social net­works and plat­forms in order to be able to com­mu­ni­ca­te with cus­to­mers, inte­res­ted par­ties and users acti­ve the­re and to inform them about our services.

We would like to point out that user data may be pro­ces­sed out­side the Euro­pean Uni­on. This can result in risks for users becau­se, for exam­p­le, it could make it more dif­fi­cult to enforce users’ rights. With regard to US pro­vi­ders who are cer­ti­fied under the Pri­va­cy Shield, we would like to point out that they ther­eby under­ta­ke to com­ply with EU data pro­tec­tion standards.

Fur­ther­mo­re, user data is usual­ly pro­ces­sed for mar­ket rese­arch and adver­ti­sing pur­po­ses. For exam­p­le, usa­ge pro­files can be crea­ted based on user beha­vi­or and the resul­ting inte­rests of the user. The usa­ge pro­files can in turn be used, for exam­p­le, to place adver­ti­se­ments insi­de and out­side the plat­forms that pre­su­ma­b­ly cor­re­spond to the inte­rests of the users. For the­se pur­po­ses, coo­kies are usual­ly stored on the users’ com­pu­ters, in which the usa­ge beha­vi­or and inte­rests of the users are stored. Fur­ther­mo­re, data can also be stored in the usa­ge pro­files regard­less of the devices used by the users (par­ti­cu­lar­ly if the users are mem­bers of the respec­ti­ve plat­forms and are log­ged in to them).

The pro­ces­sing of users’ per­so­nal data is based on our legi­ti­ma­te inte­rests in effec­tively informing users and com­mu­ni­ca­ting with users in accordance with Artic­le 6 Para­graph 1 Let­ter f of the GDPR. If the users are asked by the respec­ti­ve plat­form pro­vi­ders for their con­sent to the data pro­ces­sing descri­bed abo­ve, the legal basis for the pro­ces­sing is Artic­le 6 Para­graph 1 Let­ter a., Artic­le 7 GDPR.

For a detail­ed descrip­ti­on of the respec­ti­ve pro­ces­sing and the objec­tion opti­ons (opt-out), we refer to the infor­ma­ti­on pro­vi­ded by the pro­vi­ders lin­ked below.

Even in the case of requests for infor­ma­ti­on and the asser­ti­on of user rights, we would like to point out that the­se can most effec­tively be asser­ted with the pro­vi­ders. Only the pro­vi­ders have access to user data and can take appro­pria­te mea­su­res and pro­vi­de infor­ma­ti­on direct­ly. If you still need help, you can cont­act us.

en_USEng­lish