IONOS Order Processing Agreement (GPA)

We have concluded a Data Processing Agreement (DPA) with IONOS in accordance with Article 28 of the General Data Protection Regulation (GDPR). You can find out exactly what a DPA is and, in particular, what it should contain in our general section "Data Processing Agreement (DPA)."

This agreement is legally required because IONOS processes personal data on our behalf. It clarifies that IONOS may only process data it receives from us in accordance with our instructions and must comply with the GDPR. You can find the link to the Data Processing Agreement (DPA) at https://www.ionos.de/hilfe/datenschutz/allgemeine-informationen-zur-datenschutz-grundverordnung-dsgvo/auftragsverarbeitung/ .

Web analytics introduction

Summary of Privacy Policy Web Analytics
👥 Data Subject: Website visitors
🤝 Purpose: Evaluation of visitor information to optimize the website.
📓 Processed Data: Access statistics with data such as access locations, device information, access duration and time, navigation behavior, click behavior and IP addresses. Further information can be found in the web analytics tool used.
Retention Period: depends on the web analytics tool used
⚖️ Legal Basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is web analytics?

We use software on our website to evaluate visitor behavior, also known as web analytics or simply web analysis. This process collects data that is stored, managed, and processed by the respective provider of the analysis tool (also known as a tracking tool). This data is used to analyze user behavior on our website and is made available to us as the website operator. In addition, most tools offer various testing options. For example, we can test which offers or content are most popular with our visitors. For this purpose, we display two different offers for a limited period. After the test (known as an A/B test), we know which product or content our website visitors find more interesting. For these test procedures, as well as for other analytical procedures, user profiles can be created and the data stored in cookies.

Why do we use web analytics?

We have a clear goal for our website: to offer the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting services, while also ensuring that you feel completely comfortable on our website. Using web analytics tools, we can closely monitor the behavior of our website visitors and then improve our website accordingly, both for you and for us. For example, we can determine the average age of our visitors, where they come from, when our website is most visited, and which content or products are particularly popular. All this information helps us optimize the website and tailor it to your needs, interests, and wishes.

What data is processed?

The exact data stored depends, of course, on the analysis tools used. However, as a rule, we store information such as the content you view on our website, which buttons or links you click, when you open a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to access the website, or which computer system you use. If you have consented to the collection of location data, this data may also be processed by the provider of the web analysis tool.

Your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are considered personal data. However, your IP address is usually stored pseudonymously (i.e., in an unrecognizable and shortened form). For testing, web analysis, and web optimization purposes, no direct data such as your name, age, address, or email address is stored. All such data, if collected, is stored pseudonymously. This means that you cannot be personally identified.

The following example schematically illustrates how Google Analytics works as an example of web tracking with JavaScript code.

How long the data is stored always depends on the provider. Some cookies store data for only a few minutes or until you leave the website, while other cookies can store data for several years.

Duration of data processing

We will inform you below about the duration of the data processing when we have more information. Generally, we process personal data only for as long as is absolutely necessary to provide our services and products. This retention period may be extended if legally required, for example, in the case of accounting purposes.

Right to object

You also have the right and option to revoke your consent to the use of cookies or third-party providers at any time. This can be done through our cookie management tool or other opt-out options. You can also prevent data collection by cookies, for example, by managing, disabling, or deleting cookies in your browser.

Legal basis

The use of web analytics requires your consent, which we obtained via our cookie pop-up. According to Art. 6, paragraph 1, letter a GDPR (consent), this consent constitutes the legal basis for processing personal data, which may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors to improve our website technically and economically. Web analysis allows us to identify errors on the website, identify attacks, and improve efficiency. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interest) . However, we only use these tools if you have given your consent.

Since web analytics tools use cookies, we recommend that you also read our general privacy policy on cookies. To find out exactly what data of yours is stored and processed, you should consult the privacy policies of the respective tools.

Information about specific web analytics tools, if available, can be found in the following sections.

Google Analytics Privacy Policy

Google Analytics Privacy Policy Summary
👥 Data subject: Website visitors
🤝 Purpose: Evaluation of visitor information to optimize the website.
📓 Processed data: Access statistics with data such as access locations, device information, access duration and time, navigation behavior and click behavior. More information on this can be found later in this privacy policy.
📅 Storage duration: individually adjustable, Google Analytics stores 4 data for 14 months by default
. ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is Google Analytics?

On our website, we use the analytical tracking program Google Analytics in version Google Analytics 4 (GA4) from the American company Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. By combining different technologies, such as cookies, device IDs, and login data, you can be identified as a user across devices. This means your actions can also be analyzed across different platforms.

For example, when you click a link, this event is stored in a cookie and sent to Google Analytics. The reports we receive from Google Analytics help us better tailor our website and our services to your needs. Below, we'll discuss the tracking tool in more detail, specifically explaining which data is processed and how you can prevent this.

Google Analytics is a tracking tool used to analyze data traffic on our website. These measurements and analyses are based on a pseudonymous user identification number. This number does not contain personal information such as name or address, but is used to attribute events to a device. GA4 uses an event-based model that captures detailed information about user interactions such as page views, clicks, scrolling, and conversion events. GA4 also includes various machine learning features to better understand user behavior and certain trends. GA4 is based on modeling using machine learning features. This means that missing data can also be extrapolated from the collected data to optimize the analysis and make predictions.

For Google Analytics to function properly, a tracking code is integrated into our website's code. When you visit our website, this code records various events you perform on our website. GA4's event-based data model allows us, as website operators, to define and track specific events to analyze user interactions. In addition to general information, such as clicks or page views, we can also track specific events that are important to our business. Such specific events could include, for example, submitting a contact form or purchasing a product.

As soon as you leave our website, this data is sent to the servers of Google Analytics and stored there.

Google processes the data, and we receive reports about your user behavior. These reports may include the following:

• Audience Reports: We use audience reports to understand our users better and determine who is interested in our service.

• Screen Reports: Screen Reports make it easier for us to analyze and improve our online advertising.

• Acquisition Reports: Acquisition reports provide us with useful information on how to get more people interested in our service.

• Behavioral reports: This tells us how you interact with our website. We can track the path you take on our site and which links you click.

• Conversion reports: A conversion is the process by which you perform a desired action as a result of a marketing message. For example, when you convert a regular website visitor into a buyer or newsletter subscriber. These reports help us understand how you perceive our marketing efforts. This helps us increase our conversion rate.

• Real-time reports: Here we always know what's happening on our website. For example, we can see how many users are currently reading this text.

In addition to the above-mentioned analysis reports, Google Analytics 4 also offers the following features:

• Event-based data model: This model captures very specific events that can occur on our website. For example, playing a video, purchasing a product, or subscribing to our newsletter.

• Advanced analytics features: These features allow us to better understand your behavior on our website or certain general trends. For example, we can segment user groups, perform comparative audience analyses, or track your path through our website.

• Predictive modeling: Based on collected data, missing data can be extrapolated using machine learning to predict future events and trends. This can help us develop better marketing strategies.

• Cross-platform analysis: Data can be collected and analyzed from both websites and apps. This allows us to analyze user behavior across platforms, provided you have given your consent for data processing.

Why do we use Google Analytics on our website?

Our goal with this website is clear: we want to provide you with the best possible service. Google Analytics statistics and data help us achieve this goal.

The statistically analyzed data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it's more easily found by interested parties on Google. On the other hand, the data helps us better understand you as a visitor. This way, we know exactly what we need to improve on our website to best serve you. The data also helps us tailor our advertising and marketing efforts more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.

What data does Google Analytics store?

Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This way, Google Analytics recognizes you as a new user and assigns you a user ID. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This allows us to analyze pseudonymous user profiles.

To analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data will then be stored in the corresponding property. The Google Analytics 4 property is the default for every newly created property. Depending on the property used, data is stored for different periods.

Your interactions across platforms are measured through identifiers such as cookies, app instance IDs, user IDs, or user-defined event parameters, provided you have given your consent. Interactions are all types of actions you perform on our website. If you also use other Google systems (such as a Google Account), data generated through Google Analytics may be linked to third-party cookies. Google does not share Google Analytics data unless we, as the website operator, give our consent. Exceptions may be made if required by law.

According to Google, Google Analytics 4 does not record or store IP addresses. However, Google uses the IP address data to derive location information and deletes this data immediately afterward. Therefore, all IP addresses collected from users in the EU are erased before the data is stored in a data center or on a server.

Because Google Analytics 4 focuses on event-based data, the tool uses significantly fewer cookies compared to previous versions (such as Google Universal Analytics). However, there are some specific cookies used by GA4. These include, for example:

Name: _ga
Value: 2.1326744211.152312883227-5
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. It is generally used to distinguish between website visitors.
Expiration: after 2 years

Name: _gid
Value: 2.1687193234.152312883227-1
Purpose: The cookie is also used to distinguish between website visitors.
Expiry date: after 24 hours

Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose: Used to throttle request rate. If Google Analytics is offered through Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.
Expiration: after 1 minute

Note: This list cannot be considered exhaustive, as Google changes its cookie policy from time to time. GA4 also aims to improve data protection. Therefore, the tool offers several options to control data collection. For example, we can set the storage duration ourselves and also manage data collection.

Here we show you an overview of the most important types of data collected with Google Analytics:

Heatmaps: Google creates so-called heatmaps. Heatmaps show you exactly where you click. This gives us information about where you travel on our site.

Session duration: Google defines session duration as the time you spend on our site without leaving. After 20 minutes of inactivity, your session ends automatically.

Bounce Rate : A bounce is when you view only one page on our website and then leave our website.

Account creation: When you create an account on our website or place an order, Google Analytics collects this data.

Location: IP addresses are not recorded or stored in Google Analytics. However, shortly before the IP address is deleted, inferences are used for location data.

Technical data: Technical information includes your browser type, your internet provider or your screen resolution.

Source: Google Analytics. We are also interested in which website or advertisement brought you to our site.

Other data includes contact information, any reviews, media playback (for example, when you play a video on our site), content shared via social media, or adding it to your favorites. This list is not exhaustive and is only intended to provide a general overview of data storage by Google Analytics.

How long and where is the data stored?

Google has servers all over the world. You can see exactly where Google's data centers are located here: https://www.google.com/about/datacenters/locations/?hl=de

Your data is distributed across various physical storage media. This offers the advantage of faster access and better protection against tampering. Every Google data center has appropriate contingency plans for your data. For example, if Google's hardware fails or natural disasters cripple servers, the risk of service interruption at Google remains low.

The data retention period depends on the properties used. The retention period is always defined separately for each individual property. Google Analytics offers four options for controlling the retention period:

• 2 months: this is the shortest storage period.

• 14 months: By default, GA4 stores the data for 14 months.

• 26 months: the data can also be stored for 26 months.

• Data will only be deleted if we delete it manually

There's also the option to have data deleted only if you stop visiting our website within the specified period. In this case, the retention period will be reset each time you visit our website again within the specified period.

Once the specified period has expired, the data will be deleted once a month. This retention period applies to your data linked to cookies, user IDs, and advertising IDs (e.g., DoubleClick domain cookies). Reporting results are based on aggregated data and are stored independently of user data. Aggregated data is the combination of individual pieces of data into a larger unit.

How can I delete my data or prevent data from being stored?

Under European Union data protection law, you have the right to access your data and to update, delete, or restrict its use. You can use the browser add-on to disable the Google Analytics JavaScript (analytics.js, gtag.js) to prevent Google Analytics 4 from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only disables data collection by Google Analytics.

If you wish to disable, delete or manage cookies in general, you will find the corresponding links to the respective instructions for the most popular browsers under the section “Cookies”.

Legal basis

The use of Google Analytics requires your consent, which we obtained via our cookie pop-up. According to Art. 6, paragraph 1, letter a GDPR (consent), this consent constitutes the legal basis for processing personal data, which may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors to improve our website technically and economically. Google Analytics helps us identify website errors, identify attacks, and improve efficiency. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interest) . However, we only use Google Analytics if you have given your consent.

Google also processes your data in the United States, among other places. Google actively participates in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the US. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en .

Google also uses so-called standard contractual clauses (Art. 46 (2) and (3) GDPR). Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards, even if it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the associated SCCs here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms and Conditions, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/ .

We hope we've provided you with the most important information about data processing by Google Analytics. If you'd like to learn more about the tracking service, we recommend these two links: https://marketingplatform.google.com/about/analytics/terms/de/ and https://support.google.com/analytics/answer/6004245?hl=de .

If you would like to know more about data processing, please use Google's privacy policy at https://policies.google.com/privacy?hl=de .

Google Analytics Data Processing Agreement (DPA)

We have concluded a data processing agreement (DPA) with Google in accordance with Article 28 of the General Data Protection Regulation (GDPR). You can find out exactly what a DPA is and specifically what it should contain in our general section "Data Processing Agreement (DPA)."

This agreement is legally required because Google processes personal data on our behalf. It clarifies that Google may only process data it receives from us in accordance with our instructions and must comply with the GDPR. You can find the link to the terms and conditions for order data processing at https://business.safety.google/intl/de/adsprocessorterms/ .

Google Analytics reports on demographics and interests

We have activated the advertising reporting features in Google Analytics. The demographics and interests reports contain information on age, gender, and interests. This gives us a better understanding of our users without being able to attribute this data to individual persons. More information about the advertising features can be found at https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad .

You can opt out of the use of your Google Account activities and information under “Ads Settings” at https://adssettings.google.com/authenticated by checking the box.

Google Analytics e-commerce measurement

We also use e-commerce measurement from the web analytics tool Google Analytics for our website. This allows us to analyze precisely how you and all our other customers interact with our website. E-commerce measurement primarily focuses on purchasing behavior. We can use the data obtained to tailor and optimize our service to your needs and expectations. It also allows us to target our online advertising efforts more effectively, ensuring our ads are only seen by people who are also interested in our products or services. E-commerce measurement records, for example, which orders have been placed, how long it took to purchase the product, the average order value, or shipping costs. All of this data can be recorded and stored under a specific ID.

Google Analytics in consent mode

Depending on your consent, your personal data will be processed by Google Analytics in consent mode. You can choose whether or not to consent to the use of Google Analytics cookies. This also allows you to choose which data Google Analytics may process about you. The collected data is primarily used to measure user behavior on the website, to display targeted advertising, and to provide us with web analytics reports. As a rule, you consent to data processing by Google through a cookie consent tool. If you do not consent to data processing, only aggregated data will be collected and processed. This means that data cannot be attributed to individual users and therefore no user profile is created for you. You can also consent only to statistical measurements. No personal data is processed and therefore not used for advertising or advertising success.

Google Analytics IP anonymization

We have implemented Google Analytics IP anonymization on this website. This feature was developed by Google to help this website comply with applicable data protection regulations and recommendations from local data protection authorities, which prohibit storing the full IP address. IP anonymization or masking occurs as soon as the IP addresses enter the Google Analytics data collection network and before the data is stored or processed.

More information about IP anonymization can be found at https://support.google.com/analytics/answer/2763052?hl=de .

Google Analytics without cookies

We use Google Analytics (GA for short) on our website, but without setting cookies in your browser. We've already explained what cookies are above, so hopefully you remember what we said. Just briefly and specifically regarding GA: Cookies are used to store data useful for GA in your browser on your device. By disabling the use of cookies, no personal data that could be used to create a user profile is stored in such cookies. While Google Analytics can perform various measurements and web analyses, the data collected for this purpose is stored only on Google servers, and your privacy is much more respected and protected.

Introduction to social media

Social Media Privacy Policy Summary
👥 Data Subjects: Website visitors
🤝 Purpose: Presentation and optimization of our services, contact with visitors, interested parties, etc., advertising
📓 Processed data: Data such as telephone numbers, email addresses, contact details, user behavior data, information about your device and your IP address.
Further information can be found in the social media tool used.
📅 Storage duration: depends on the social media platforms used
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are social media?

In addition to our website, we are also active on various social media platforms. User data may be processed to allow us to target users who are interested in us through social networks. Furthermore, elements from a social media platform may also be integrated directly into our website. This is the case, for example, if you click a social media button on our website and are redirected directly to our social media presence. Social media refers to websites and apps that registered members can use to create content, share content publicly or in specific groups, and network with other members.

Why do we use social media?

Social media platforms have been the place where people communicate and socialize online for years. Our social media presence allows us to introduce interested parties to our products and services. Thanks to the social media elements integrated into our website, you can quickly and easily switch to our social media content.

The data stored and processed through your use of a social media platform is primarily used for web analytics. The purpose of these analyses is to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, the analyzed data can be used to draw conclusions about your interests and create user profiles. This also allows the platforms to offer you personalized advertising. For this purpose, cookies are usually placed in your browser, which store data about your user behavior.

As a rule, we assume that we remain responsible under data protection law even when we use the services of a social media platform. However, the European Court of Justice has ruled that in certain cases, the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we will point this out separately and operate on the basis of an agreement to that effect. The essence of the agreement is then presented below for the respective platform.

Please note that when using social media platforms or our integrated features, your data may also be processed outside the European Union, as many social media platforms, such as Facebook and Twitter, are US-based companies. As a result, you may no longer be able to exercise or enforce your rights regarding your personal data as easily.

What data is processed?

The exact data stored and processed depends on the provider of the social media platform in question. Typically, however, this includes data such as phone numbers, email addresses, information you enter in a contact form, user data such as which buttons you click, who you like or follow, which pages you visited when, information about your device, and your IP address. Most of this data is stored in cookies. Data can be linked to your profile, especially if you have a profile on the social media platform you visit and are logged in.

All data collected via a social media platform is also stored on the provider's servers. This means that only the providers have access to the data and can provide you with the relevant information or make changes.

If you want to know exactly what data is stored and processed by social media providers and how you can object to this data processing, you should carefully read the company's privacy policy. We also recommend contacting the provider directly if you have any questions about data storage and processing or if you want to exercise your rights.

Duration of data processing

We will inform you below about the duration of data processing when we have more information. The social media platform Facebook, for example, stores data until it is no longer needed for its own purposes. However, customer data that is compared with our own user data is deleted within two days. Generally, we process personal data only as long as is absolutely necessary to provide our services and products. This retention period may be exceeded if legally required, for example, in the case of accounting purposes.

Right to object

You also have the right and option to withdraw your consent to the use of cookies or third-party providers, such as embedded social media features, at any time. This can be done through our cookie management tool or other opt-out options. You can also prevent data collection by cookies, for example, by managing, disabling, or deleting cookies in your browser.

Since social media tools may use cookies, we also recommend that you read our general cookie privacy policy. To find out exactly what data is stored and processed about you, please consult the privacy policies of the tools in question.

Legal basis

If you have consented to the processing and storage of your data through integrated social media components, this consent serves as the legal basis for data processing (Article 6 (1) (a) GDPR) . In principle, your data will also be stored and processed based on our legitimate interest (Article 6 (1) (f) GDPR) in communicating quickly and efficiently with you or other customers and business partners, provided you have given your consent. However, we only use these tools if you have given your consent. Most social media platforms also place cookies in your browser to store data. We therefore recommend that you carefully read our privacy policy regarding cookies and consult the privacy policy or cookie guidelines of the respective service provider.

Information about specific social media platforms – where available – can be found in the following sections.

Facebook Privacy Policy

Facebook Privacy Policy Summary
👥 Data Subjects: Website visitors
🤝 Purpose: Optimization of our service performance
📓 Processed data: Data such as customer data, user behavior data, information about your device and your IP address.
More information can be found below in the privacy policy
Retention period: until the data is no longer usable for Facebook's purposes
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are Facebook Tools?

We use selected Facebook tools on our website. Facebook is a social media network owned by Meta Platforms Inc., or, for the European region, Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. These tools allow us to make the best possible offer to you and those interested in our products and services.

If data is collected and transmitted from you via our embedded Facebook components or via our Facebook page (fan page), both we and Facebook Ireland Ltd. are responsible for this. Facebook is solely responsible for the further processing of this data. Our mutual obligations are also laid out in a publicly accessible agreement at https://www.facebook.com/legal/controller_addendum. This agreement stipulates, for example, that we must clearly inform you about the use of Facebook tools on our site. Furthermore, we are also responsible for ensuring that the tools are securely integrated into our website in accordance with data protection laws. Facebook, on the other hand, is responsible for the data security of, for example, Facebook products. If you have any questions about Facebook's data collection and processing, you can contact the company directly. If you direct your inquiry to us, we are obligated to forward it to Facebook.

Below we provide an overview of the various Facebook tools, what data is sent to Facebook and how you can delete this data.

Among many other products, Facebook also offers what it calls "Facebook Business Tools." This is the official term used by Facebook. However, because the term is relatively unknown, we've decided to simply call them Facebook Tools. These include:

• Facebook pixel

• Social plugins (such as the “Like” or “Share” button)

• Facebook login

• Account Kit

• APIs (programming interfaces)

• SDKs (collection of programming tools)

• Platform integrations

• plugins

• codes

• Specifications

• Documentation

• Technologies and services

Through these tools, Facebook extends its services and has the ability to obtain information about user activities outside of Facebook.

Why do we use Facebook tools on our website?

We want to show our services and products only to people who are genuinely interested in them. Using advertisements (Facebook Ads), we can reach precisely these people. However, Facebook needs information about people's needs and desires to show users suitable ads. Therefore, the company receives information about user behavior (and contact information) on our website. This allows Facebook to collect better user data and show interested people suitable ads about our products and services. These tools thus enable customized advertising campaigns on Facebook.

Facebook calls data about your behavior on our website "event data." This data is also used for measurement and analysis services. For example, Facebook can create "campaign reports" on our behalf about the impact of our advertising campaigns. Furthermore, these analyses give us better insight into how you use our services, website, or products. This allows us to optimize your user experience on our website with some of these tools. For example, you can use social plugins to share content from our site directly to Facebook.

What data is stored by Facebook tools?

By using individual Facebook tools, personal data (customer data) may be sent to Facebook. Depending on the tools used, customer data such as name, address, phone number, and IP address may be transmitted.

Facebook uses this information to match the data with the data it has about you (if you are a Facebook member). Before sending customer data to Facebook, it is hashed. This means that a data set of any size is converted into a string. This is also used to encrypt the data.

In addition to contact information, "event data" is also sent. "Event data" refers to the information we receive about you on our website, such as which subpages you visit or which products you purchase from us. Facebook does not share the information received with third parties (such as advertisers) unless the company has given explicit permission or is legally obligated to do so. "Event data" can also be linked to contact information. This allows Facebook to offer more personalized ads. After the aforementioned matching process, Facebook deletes the contact information.

To deliver optimized ads, Facebook uses the event data only when combined with other data (collected by Facebook in other ways). Facebook also uses this event data for security, protection, development, and research purposes. Much of this data is transmitted to Facebook via cookies. Cookies are small text files used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, varying numbers of cookies are stored in your browser. We go into more detail about the individual Facebook cookies in the descriptions of the individual Facebook tools. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies .

How long and where is the data stored?

In principle, Facebook retains the data until it is no longer needed for its own services and Facebook products. Facebook has servers around the world where the data is stored. However, customer data is deleted within 48 hours after it has been compared with your own user data.

How can I delete my data or prevent data storage?

In accordance with the General Data Protection Regulation, you have the right to information, correction, portability and deletion of your data.

Your data will only be completely deleted if you completely delete your Facebook account. Here's how to delete your Facebook account:

1) Click on Settings on the right side of Facebook.

2) Then click on “Your Facebook Information” in the left column.

3) Now click on “Deactivate and remove”.

4) Now select “Delete Account” and then click on “Continue and delete account”.

5) Now enter your password, click “Next” and then “Delete Account”.

The data Facebook receives through our site is stored using cookies (e.g., for social plugins). You can disable, delete, or manage individual or all cookies in your browser. This works differently depending on which browser you use. In the "Cookies" section, you'll find the relevant links to instructions for the most popular browsers.

If you don't want cookies, you can configure your browser to notify you each time a cookie is set. This allows you to decide for each individual cookie whether or not to allow it.

Legal basis

If you have consented to the processing and storage of your data through integrated Facebook tools, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR) . In principle, your data will also be stored and processed based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in communicating quickly and efficiently with you or other customers and business partners. However, we only use these tools if you have given your consent. Most social media platforms also place cookies in your browser to store data. We therefore recommend that you carefully read our cookie policy and also review Facebook's privacy policy or cookie guidelines.

Facebook also processes your data in the United States, among other places. Facebook or Meta Platforms actively participates in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the US. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en .

Facebook also uses so-called standard contractual clauses (Art. 46 (2) and (3) GDPR). Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards, even if it is transferred to and stored in third countries (such as the US). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the US. These clauses are based on an implementing decision of the European Commission. You can find the decision and the associated SCCs here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

Facebook's data processing terms, which refer to the model contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing .

We hope we've provided you with the most important information about the use and processing of data by Facebook tools. If you'd like to learn more about how Facebook uses your data, we recommend reading the data policy at https://www.facebook.com/privacy/policy/ .

Facebook Login Privacy Policy

We've integrated the convenient Facebook login into our website. This allows you to easily log in with your Facebook account without having to create a separate user account. If you choose to log in using Facebook, you'll be redirected to the Facebook social media network. There, you can log in with your Facebook credentials. This login process stores and transmits data about you and your user behavior to Facebook.

Facebook uses various cookies to store data. Below, we show you the most important cookies that are set in your browser or already exist when you log in to our site using the Facebook login:

Name: fr
Value: 0jieyh4c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: This cookie is used to ensure the social plugin on our website works as well as possible.
Expiry date: after 3 months

Name: datr
Value: 4Jh7XUA2312883227SEmPsSfzCOO4JFFl
Purpose: Facebook sets the "datr" cookie when a web browser visits facebook.com. The cookie helps identify login activity and protect users.
Expiration date: after 2 years

Name: _js_datr
Value: deleted
Purpose: Facebook sets this session cookie for tracking purposes, even if you don't have a Facebook account or are logged out.
Expiry date: after the end of the session

Note: The cookies listed are just a small selection of the cookies available to Facebook. Other cookies include _fbp, sb, or wd. A complete list is not possible, as Facebook has a large number of cookies and uses them in different ways.

The Facebook login offers you a quick and easy registration process and also allows us to share data with Facebook. This allows us to better tailor our offerings and advertising campaigns to your interests and needs. The data we receive from Facebook in this way is public data such as

• your Facebook name

• your profile picture

• a saved email address

• friends lists

• button data (e.g. “Like” button)

• birthday date

• your language

• place of residence

In return, we provide Facebook with information about your activities on our website. This includes information about the device you use, which subpages you visit on our website, or which products you have purchased from us.

By using Facebook Login, you consent to the processing of your data. You can revoke this consent at any time. For more information about Facebook's data processing, please visit Facebook's privacy policy at https://www.facebook.com/privacy/policy/ .

If you are logged in to Facebook, you can change your ad settings yourself at https://www.facebook.com/adpreferences/advertisers/?entry_product=ad_settings_screen.

Blogs and Publishing Media Introduction

Blogs and publication media Privacy Policy Summary
👥 Data subjects: Website visitors
🤝 Purpose: Presentation and optimization of our services as well as communication between website visitors, security measures and administration
📓 Processed data: Data such as contact details, IP address and published content.
Further information can be found in the tools used.
📅 Retention period: depends on the tools used
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests), Art. 6 para. 1 sentence 1 lit. b GDPR (contract)

What are blogs and publishing media?

We use blogs or other communication tools on our website that allow us to communicate with you and you with us. We may also store and process your data in these interactions. This may be necessary to ensure the content is displayed correctly, communication is effective, and security is enhanced. Our data protection policy provides a general description of how your data is processed. Exact details about data processing always depend on the tools and functions used. Detailed information about data processing can be found in the privacy policies of the individual providers.

Why do we use blogs and publishing media?

Our primary concern with our website is to provide you with interesting and engaging content, and at the same time, your opinions and content are important to us. Therefore, we want to foster a positive, interactive exchange between you and us. We can achieve just that through various blogs and publishing options. For example, you can comment on our content, comment on other comments, or, in some cases, write articles yourself.

What data is processed?

The exact data processed always depends on the communication features we use. Often, the IP address, user name, and published content are stored. This is primarily to ensure security, prevent spam, and take action against illegal content. Cookies may also be used for data storage. These are small text files that contain information stored in your browser. You can find more information about the collected and stored data in our individual sections and in the privacy policy of the respective provider.

Duration of data processing

We will inform you below about the duration of data processing when we have more information. For example, contribution and comment functions store data until you revoke their storage. Generally, personal data is stored only as long as is absolutely necessary to provide our services.

Right to object

You also have the right and ability to withdraw your consent to the use of cookies or third-party communication tools at any time. This can be done through our cookie management tool or other opt-out options. You can also prevent data collection by cookies, for example, by managing, disabling, or deleting cookies in your browser.

Because cookies can also be used for publication media, we also recommend that you read our general privacy policy regarding cookies. To find out exactly what data of yours is stored and processed, you should consult the privacy policies of the respective tools.

Legal basis

We use communication tools primarily based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in communicating quickly and effectively with you or other customers, business partners, and visitors. If the use serves to process or initiate contractual relationships, the legal basis is also Art. 6 para. 1 sentence 1 lit. b GDPR.

Certain processing operations, in particular the use of cookies and the use of comment or message functions, require your consent. If and to the extent you have consented to the processing and storage of your data by integrated publication media, this consent serves as the legal basis for data processing (Article 6 (1) (a) of the GDPR). Most of the communication features we use place cookies in your browser to store data. We therefore recommend that you carefully read our privacy policy regarding cookies and consult the privacy policy or cookie guidelines of the respective service provider.

Information about special tools – if available – can be found in the following sections.

Blog Posts and Comments Features Privacy Policy

We offer various online communication tools on our website. For example, we use blog posts and comment features. These allow you to comment on content or write articles. If you use this feature, your IP address may be stored for security reasons. This way, we protect ourselves from illegal content such as insults, unauthorized advertising, or prohibited political propaganda. To identify spam, we may also store and process user information based on our legitimate interest. If we initiate a survey, we also store your IP address for the duration of the survey so that we can ensure that all participants vote only once. Cookies may also be used for storage purposes. Any data we store about you (such as content or personal information) will remain stored until you object.

Online Map Services Introduction

Online Map Services Privacy Policy Summary
👥 Data Subjects: Website visitors
🤝 Purpose: Improving the user experience
📓 Processed Data: The data processed largely depends on the services used. This typically includes IP addresses, location data, search items, and/or technical data. Further details can be found in the respective tools used.
Retention Period: Depends on the tools used
⚖️ Legal Basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are online map services?

We also use online map services for our website as a comprehensive service. Google Maps is probably the service you're most familiar with, but there are also other providers specializing in creating digital maps. Such services allow you to display locations, directions, or other geographic information directly through our website. With an integrated map service, you no longer need to leave our website to view directions to a location, for example. To make the online map on our website work, map components are integrated using HTML code. The services can then display street maps, the Earth's surface, or aerial or satellite images. When you use the integrated map service, data is also transferred to the tool used and stored there. This data may also contain personal information.

Why do we use online map services on our website?

Overall, our goal is to provide you with a pleasant experience on our website. And your time is only enjoyable if you can easily navigate our website and find all the information you need quickly and easily. That's why we thought an online map system could significantly improve our website service. Without leaving our website, you can use the map system to easily view directions, locations, or even points of interest. Of course, it's also very practical that you can see where we are at a glance, so you can find us quickly and easily. As you can see, there are many advantages, and we clearly consider online map services on our website an integral part of our customer service.

What data is stored by online mapping services?

When you access a page on our website that has an integrated online map function, personal data may be sent to and stored by the respective service. In most cases, this is your IP address, which can also be used to determine your approximate location. In addition to the IP address, data such as entered search terms and latitude and longitude coordinates is also stored. For example, if you enter an address for route planning, this data is also stored. The data is not stored by us, but on the servers of the integrated tools. Imagine this: You are on our website, but when you interact with a mapping service, this interaction actually takes place on their website. To ensure the service functions properly, at least one cookie is usually placed in your browser. Google Maps, for example, also uses cookies to record user behavior to optimize its own service and display personalized ads. You can find more information about cookies in our "Cookies" section.

How long and where is the data stored?

Each online map service processes user data differently. Where we have more information, we will inform you below about the duration of data processing in the relevant sections for the individual tools. In principle, personal data is only stored for as long as necessary to provide the service. For example, Google Maps stores certain data for a set period, while you must delete other data yourself. Mapbox, for example, stores the IP address for 30 days and then deletes it. As you can see, each tool stores data for different periods of time. We therefore recommend that you carefully review the privacy policies of the tools used.

The providers also use cookies to store data about your user behavior on the map service. You can find more general information about cookies in our "Cookies" section, but you can also read the privacy policies of the individual providers to see which cookies may be used. In most cases, however, this is only a sample list and is not exhaustive.

Right to object

You always have the option and right to access your personal data and object to its use and processing. You can also revoke the consent you have given us at any time. The easiest way to do this is usually through the cookie consent tool. However, there are other opt-out tools you can use. You can also manage, delete, or disable cookies set by the providers you use with just a few clicks. However, some features of the service may then no longer work as usual. How you manage cookies in your browser also depends on which browser you use. In the "Cookies" section, you will also find links to instructions for the major browsers.

Legal basis

If you have given consent to use an online map service, this consent serves as the legal basis for the associated data processing. According to Art. 6, paragraph 1, letter a GDPR (consent), this consent constitutes the legal basis for processing personal data collected by an online map service.

We also have a legitimate interest in using an online map service to optimize our website. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interest). However, we only use an online map service if you have given us your consent. We would like to emphasize this again here.

Information about special online map services – where available – can be found in the following sections.

Google Maps Privacy Policy

Google Maps Privacy Policy Summary
👥 Data Subjects: Website visitors
🤝 Purpose: Optimization of our service performance
📓 Processed data: Data such as entered search terms, your IP address as well as longitude and latitude coordinates.
Further information can be found below in this privacy policy.
📅 Storage duration: depends on the stored data
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is Google Maps?

We use Google Maps from Google Inc. on our website. Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services in Europe. Google Maps allows us to better show you locations and thus tailor our service to your needs. By using Google Maps, data is transferred to Google and stored on Google servers. We would now like to explain in more detail what Google Maps is, why we use this Google service, what data is stored, and how you can prevent this.

Google Maps is a web mapping service from Google. With Google Maps, you can search online for the exact locations of cities, landmarks, accommodations, or businesses using a PC, tablet, or app. If businesses are listed on Google My Business, additional information about the business is displayed next to the location. To provide directions, map fragments of a location can be integrated into a website using HTML code. Google Maps displays the Earth's surface as a street map, aerial, or satellite image. Street View and high-quality satellite imagery enable highly accurate representations.

Why do we use Google Maps on our website?

All our efforts on this site are aimed at providing you with a useful and meaningful experience. By integrating Google Maps, we can provide you with key information about various locations. You can see where we are at a glance. The directions always show you the best or fastest way to reach us. You can access directions for routes by car, public transport, on foot, or by bike. For us, offering Google Maps is part of our customer service.

What data does Google Maps store?

To provide Google Maps with its full service, the company must collect and store data about you. This includes the search terms you enter, your IP address, and your latitude and longitude coordinates. If you use the route planner function, the starting address y