Privacy Policy

1) Information on the collection of personal data and contact details of the responsible person

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. In this context, personal data is all data with which you can be personally identified.

1.2 The controller of data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Maik Daniel, Hostbox.io, Osnabrücker Str. 24, 10589 Berlin, Germany, Tel.: +49 (0) 30 2218 2287 4, Fax: +49 (0) 30 2218 2287 3, E-Mail: mail@hostbox.io. The controller of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller). You can recognise an encrypted connection by the string “https://” and the lock symbol in your browser line.

2) Data collection when visiting our website

When you use our website for information purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect the data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you reached the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

3) Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your terminal device. In some cases, these cookies are automatically deleted after you close your browser (so-called “session cookies”), in other cases, these cookies remain on your end device for a longer period of time and allow you to save page settings (so-called “persistent cookies”). In the latter case, you can find the storage period in the overview of the cookie settings of your web browser.
If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b DSGVO either for the performance of the contract, in accordance with Art. 6 para. 1 lit. a DSGVO in the case of consent given or in accordance with Art. 6 para. 1 lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
You can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases or generally.
Please note that if you do not accept cookies, the functionality of our website may be limited.

4) Contacting

4.1 – Own live chat system
On this website, for the purpose of operating a live chat system that serves to answer live enquiries, your communicated chat name and your communicated chat content are collected as data and stored for the course of the chat. The chat and your provided chat name are stored exclusively in the so-called RAM (random access memory) and deleted immediately as soon as we or you have ended the chat conversation, but no later than 2 hours after the last message in the chat history. Cookies are used to operate the chat function. Cookies are small text files that are stored locally in the cache of the site visitor’s Internet browser. The cookies make it possible to recognise the Internet browser of the site visitor in order to distinguish between the individual users of the chat function of our website.
Insofar as the information collected in this way has a personal reference, the processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in effective customer service and the statistical analysis of user behaviour for optimisation purposes.
In order to avoid the storage of cookies, you can set your internet browser so that no more cookies can be stored on your computer in the future or so that cookies that have already been stored are deleted. However, switching off all cookies may mean that the chat function on our website can no longer be carried out.

4.2 Own rating reminder (not sent by a customer rating system)
We use your e-mail address for a one-time reminder to submit a rating of your order for the rating system we use, provided that you have given us your express consent to do so during or after your order in accordance with Art. 6 para. 1 lit. a DSGVO.
You can revoke your consent at any time by sending a message to the data controller.

4.3 Own function for making online appointments
We process your personal data within the framework of the online appointment arrangement provided. You can see which data we collect for the online appointment arrangement from the respective input form or the appointment request for the appointment arrangement. If certain data is required in order to make an online appointment, we will indicate this accordingly in the entry form or the appointment request. If we provide you with a free text field in the input form, you can describe your request in more detail there. You can then also control which additional data you would like to enter. The data you provide will be stored and used exclusively for the purpose of making an appointment. When processing personal data that is necessary for the fulfilment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b DSGVO serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 (1) a DSGVO. Consent given can be revoked at any time by sending a message to the responsible person named at the beginning of this declaration.

4.4 In the context of contacting us (e.g. via contact form or e-mail), personal data is processed – exclusively for the purpose of processing and responding to your request and only to the extent necessary for this purpose. The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f DSGVO. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted when the circumstances indicate that the matter concerned has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

4.5 WhatsApp Business
We offer visitors to our website the possibility to contact us via the messaging service WhatsApp of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called “business version” of WhatsApp.
If you contact us via WhatsApp on the occasion of a specific transaction (e.g. an order placed), we store and use the mobile phone number you use on WhatsApp as well as – if provided – your first name and surname in accordance with Art. 6 Para. 1 lit. b. DSGVO to process and respond to your request. On the basis of the same legal basis, we may ask you to provide further data (order number, customer number, address or email address) via WhatsApp in order to be able to assign your request to a specific process.
If you use our WhatsApp contact for general enquiries (such as about the range of services, availability or our website), we will store and use the mobile phone number you used on WhatsApp and – if provided – your first name and surname in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in providing the requested information efficiently and promptly.
Your data will only ever be used to respond to your request via WhatsApp. It will not be passed on to third parties.
Please note that WhatsApp Business obtains access to the address book of the mobile device we use for this purpose and automatically transfers telephone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. For the operation of our WhatsApp business account, we use a mobile device whose address book only stores the WhatsApp contact data of those users who have also contacted us via WhatsApp.
This ensures that each person whose WhatsApp contact data is stored in our address book has already consented to the transmission of his or her WhatsApp telephone number from the address books of his or her chat contacts in accordance with Art. 6 (1) lit. a DSGVO when using the app on his or her device for the first time by accepting the WhatsApp terms of use. A transmission of data of such users who do not use WhatsApp and/or have not contacted us via WhatsApp is excluded in this respect.
For the purpose and scope of the data collection and the further processing and use of the data by WhatsApp, as well as your rights in this regard and setting options for protecting your privacy, please refer to the WhatsApp data protection information: https://www.whatsapp.com/legal/?eea=1#privacy-policy

5) Data processing when opening a customer account

Pursuant to Art. 6 para. 1 lit. b DSGVO, personal data will continue to be collected and processed to the extent necessary in each case if you provide us with this data when opening a customer account. The data required for opening an account can be found in the input mask of the corresponding form on our website. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. After deletion of your customer account, your data will be deleted, provided that all contracts concluded via it have been fully processed, no legal retention periods are opposed and no legitimate interest on our part in the continued storage exists.

6) Comment function

In the context of the comment function on this website, in addition to your comment, information on the time of the creation of the comment and the commentator name you have chosen will be stored and published on this website. Furthermore, your IP address will be stored for security reasons in order to enable an attribution to the author in case of illegal comments. Your e-mail address will be stored for the purpose of contacting you in the event that a third party should object to your published content as being illegal.
You as a user can subscribe to the follow-up comments. For this purpose, you will receive a confirmation e-mail to ensure that you are the owner of the e-mail address provided (double opt-in procedure). The legal basis for data processing in the case of comment subscriptions is Art. 6 para. 1 lit. a DSGVO. You can unsubscribe from ongoing comment subscriptions at any time with effect for the future; for more information on the unsubscription option, please refer to the confirmation email.

7) Use of customer data for direct advertising

Registration for our e-mail newsletter
If you register for our e-mail newsletter, we will regularly send you information about our offers. The only mandatory data for sending the newsletter is your e-mail address. The provision of further data is voluntary and will be used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you will only receive newsletters if you have expressly confirmed your consent to receive the newsletter by activating a verification link sent to the specified e-mail address.
By activating the verification link, you give us your consent to use your personal data in accordance with Art. 6 Para. 1 lit. a DSGVO. We store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data we collect when you register for the newsletter is used strictly for the intended purpose. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the responsible person named at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use your data in a manner that goes beyond this, which is permitted by law and about which we inform you in this declaration.

8) Data processing for order processing

8.1 – Transmission of image files for order processing via upload function
On our website, we offer customers the possibility to order the personalisation of products by submitting image files via an upload function. The submitted image motif is used as a template for the personalisation of the selected product.
Using the upload form on the website, the customer can transmit one or more image files from the memory of the end device used directly to us via automated, encrypted data transmission. We then record, store and use the transmitted files exclusively for the production of the personalised product as defined in the respective service description on our website. If the transmitted image files are passed on to special service providers for the production and processing of the order, you will be explicitly informed of this in the following paragraphs. Any further transfer will not take place. If the transmitted files or the digital motifs contain personal data (in particular images of identifiable persons), all the processing operations just mentioned will be carried out exclusively for the purpose of processing your online order in accordance with Art. 6 para. 1 lit. b DSGVO. After the order has been processed, the transmitted image files are automatically and completely deleted.

  • Transmission of image files for order processing by e-mail
    On our website, we offer customers the possibility to order the personalisation of products by sending image files by e-mail. The submitted image motif is used as a template for the personalisation of the selected product.
    Using the e-mail address provided on the website, the customer can transmit one or more image files to us from the memory of the end device used. We then collect, store and use the files transmitted in this way exclusively for the production of the personalised product as defined in the respective service description on our website. If the transmitted image files are passed on to special service providers for the production and processing of the order, you will be explicitly informed of this in the following paragraphs. Any further transfer will not take place. If the transmitted files or the digital motifs contain personal data (in particular images of identifiable persons), all the processing operations just mentioned will be carried out exclusively for the purpose of processing your online order in accordance with Art. 6 para. 1 lit. b DSGVO. After final processing of the order, the transmitted image files are automatically and completely deleted.

8.2 Insofar as necessary for the processing of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 Para. 1 lit. b DSGVO.
If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we will process the contact data (name, address, e-mail address) provided by you when placing the order in order to inform you personally by suitable means of communication (e.g. by post or e-mail) about upcoming updates within the legally stipulated period of time within the framework of our statutory duty to inform pursuant to Art. 6 (1) lit. c DSGVO. Your contact details will be used strictly for the purpose of informing you about updates owed by us and will only be processed by us for this purpose to the extent necessary for the respective information.
In order to process your order, we also work together with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

8.3 Use of payment service providers (payment services)

  • GoCardless
    If you choose a payment method from the payment service provider GoCardless (direct debit), the payment will be processed via the payment service provider GoCardless Ltd, Sutton Yard, 65 Goswell Road, London, EC1V 7EN, United Kingdom, to whom we will pass on the information you provided during the ordering process, together with information about the order, in accordance with Art. 6 (1) lit. b DSGVO. Your data will only be passed on for the purpose of processing payment with the payment service provider GoCardless Ltd. and only to the extent necessary for this purpose. You can find more information on the data protection of GoCarless at the URL https://gocardless.com/legal/privacy/.
  • Paypal
    When paying via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “payment by instalments” via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”) as part of the payment processing. The transfer takes place in accordance with Art. 6 Para. 1 lit. b DSGVO and only insofar as this is necessary for the payment processing.
    For the payment methods credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “payment by instalments” via PayPal, PayPal reserves the right to carry out a credit check. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of PayPal’s legitimate interest in determining your solvency. PayPal uses the result of the credit check in relation to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. For further information on data protection law, including information on the credit agencies used, please refer to PayPal’s data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
    You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

8.4 Credit assessment
If we make advance payments (e.g. delivery on account), we reserve the right to carry out a credit check on the basis of mathematical-statistical procedures in order to safeguard our legitimate interest in determining the solvency of our customers. We transmit the personal data required for a credit check to the following service provider in accordance with Art. 6 Para. 1 lit. f DSGVO:
SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany.
The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. We use the result of the credit assessment with regard to the statistical probability of non-payment for the purpose of deciding on the establishment, implementation or termination of a contractual relationship.
You can object to this processing of your data at any time by sending a message to the data controller or to the aforementioned credit agency. However, we may still be entitled to process your personal data if this is necessary to process payments in accordance with the contract.

9) Online marketing

9.1 Facebook Pixel for the creation of Custom Audiences (with Cookie Consent Tool)
Within our online offer, the so-called “Facebook Pixel” of the social network Facebook is used, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland (“Facebook”).
If a user clicks on an advertisement placed by us and played on Facebook, an addition is added to the URL of our linked page by Facebook Pixel. If our site allows data to be shared with Facebook via Pixel, this URL parameter is inscribed in the user’s browser via a cookie that our linked site sets itself. This cookie is then read by Facebook Pixel and enables the data to be forwarded to Facebook.
With the help of the Facebook Pixel, it is possible for Facebook, on the one hand, to determine the visitors to our online offer as a target group for the display of advertisements (so-called “Facebook Ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. This allows us to further evaluate the effectiveness of the Facebook ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
The data collected is anonymous for us, so it does not allow us to draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy (https://www.facebook.com/about/privacy/). The data may enable Facebook and its partners to place advertisements on and outside of Facebook.
The data processing associated with the use of the Facebook Pixel is only carried out with your express consent in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

9.2 – Google Ads Conversion Tracking
This website uses the online advertising programme “Google Ads” and, within the framework of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). We use Google Ads to draw attention to our attractive offers on external websites with the help of advertising media (so-called Google Adwords). We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. Our aim is to show you advertising that is of interest to you, to make our website more interesting for you and to achieve a fair calculation of the advertising costs incurred.
The conversion tracking cookie is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your end device. These cookies usually lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across Google Ads clients’ websites. The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. The use of Google Ads may also result in the transmission of personal data to the servers of Google LLC. in the USA.
Details on the processing triggered by Google Ads Conversion Tracking and on Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites.
All of the processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.
You can also permanently object to the setting of cookies by Google Ads conversion tracking by downloading and installing the Google browser plug-in available at the following link:
https://www.google.com/settings/ads/plugin?hl=de
Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.
Google’s privacy policy can be viewed here: https://www.google.de/policies/privacy/

  • Google Marketing Platform
    This website uses the online marketing tool Google Marketing Platform from the operator Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“GMP”).
    GMP uses cookies to serve ads that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed more than once. In addition, GMP can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a GMP ad and later, using the same browser, calls up the advertiser’s website and makes a purchase via this website. According to Google, GMP cookies do not contain any personal information.
    Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge as follows: Through the integration of GMP, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will obtain and store your IP address. The use of GMP may also result in the transmission of personal data to the servers of Google LLC. in the USA.
    All processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.
    The privacy policy of GMP by Google can be found here: https://www.google.de/policies/privacy/

10) Web analytics services

10.1 Google Analytics 4
This website uses Google Analytics 4, a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), to analyse the use of websites.
When using Google Analytics 4, so-called “cookies” are used as standard. Cookies are text files that are stored on your terminal device and enable an analysis of your use of a website. The information collected by cookies about your use of the website (including the IP address transmitted by your terminal device, shortened by the last few digits, see below) is usually transmitted to a Google server and stored and processed there. This may also result in the transmission of information to the servers of Google LLC, a company based in the USA, where the information is further processed.
When using Google Analytics 4, the IP address transmitted by your terminal device when you use the website is always collected and processed automatically and by default only in an anonymised manner, so that the information collected cannot be directly related to a person. This automatic anonymisation is carried out by Google shortening the IP address transmitted by your terminal device within member states of the European Union (EU) or other contracting states of the Agreement on the European Economic Area (EEA) by the last digits.
Google uses this and other information on our behalf to evaluate your use of the website, to compile reports on your website activities and usage behaviour and to provide us with other services related to your website and internet usage. In this context, the IP address transmitted and shortened by your terminal device within the scope of Google Analytics 4 will not be merged with other data from Google. The data collected in the context of the use of Google Analytics 4 will be stored for 2 months and then deleted.
Google Analytics 4 also enables the creation of statistics with statements about the age, gender and interests of website users on the basis of an evaluation of interest-based advertising and with the inclusion of third-party information via a special function, the so-called “demographic characteristics”. This makes it possible to determine and distinguish between groups of website users for the purpose of targeting marketing measures. However, data collected via the “demographic characteristics” cannot be assigned to a specific person and thus also not to you personally. This data collected via the “demographic characteristics” function is kept for two months and then deleted.
All processing described above, in particular the setting of Google Analytics cookies for the storage and reading of information on the end device used by you for the use of the website, only takes place if you have given us your express consent for this in accordance with Art. 6 (1) lit. a DSGVO. Without your consent, Google Analytics 4 will not be used during your use of the website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service via the “Cookie Consent Tool” provided on the website.
We have concluded a so-called order processing agreement with Google for our use of Google Analytics 4, which obliges Google to protect the data of our website users and not to pass it on to third parties.
To ensure compliance with the European level of data protection, even in the event of any transfer of data from the EU or EEA to the USA and possible further processing there, Google refers to the so-called standard contractual clauses of the European Commission, which we have contractually agreed with Google.
Further legal information on Google Analytics 4, including a copy of the aforementioned standard contractual clauses, can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.

10.2 – Matomo
On this website, data is collected and stored using the web analytics software Matomo (www.matomo.org), a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand (“Matomo”). Pseudonymised usage profiles can be created and evaluated from this data for the same purpose. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the site visitor’s internet browser. Among other things, the cookies enable the recognition of the internet browser. The data collected using Matomo technology (including your pseudonymised IP address) is processed on our servers.
The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym.
All processing described above, in particular the setting of cookies for reading out information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website.

11) Retargeting/ Remarketing/ Referral advertising

Google Ads Remarketing
Our website uses the functions of Google Ads Remarketing, with which we advertise for this website in Google search results, as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). For this purpose, Google sets a cookie in the browser of your terminal device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you visit. Further data processing will only take place if you have consented to Google linking your internet and app browsing history to your Google Account and using information from your Google Account to personalise the ads you see on the web. In this case, if you are logged into Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data will be temporarily linked by Google with Google Analytics data in order to form target groups. The use of Google Ads Remarketing may also involve the transmission of personal data to the servers of Google LLC. in the USA.
Details on the processing triggered by Google Ads Remarketing and on Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites.
You can permanently object to the setting of cookies by Google Ads Remarketing by downloading and installing the Google browser plug-in available at the following link:
https://support.google.com/ads/answer/7395996?
Further information and the privacy policy regarding advertising and Google can be found here:
https://www.google.com/policies/technologies/ads/
All processing described above, in particular the setting of cookies for reading out information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

12) Page functionalities

12.1 Facebook plugins with Shariff solution
Our website uses so-called social plugins (“plugins”) of the social network Facebook, which is operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
In order to increase the protection of your data when visiting our website, these buttons are not fully integrated into the page as plugins, but only using an HTML link. This type of integration ensures that when you call up a page of our website that contains such buttons, no connection is yet established with Facebook’s servers. When you click on the button, a new browser window opens and calls up the Facebook page where you can interact with the plugins there (if necessary after entering your login data).
For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook’s privacy policy: https://www.facebook.com/policy.php.

12.2 Instagram plugin as Shariff solution
Our website uses so-called social plugins (“plugins”) of the online service Instagram, which is operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (“Facebook”).
In order to increase the protection of your data when visiting our website, these buttons are not fully integrated into the page as plugins, but only using an HTML link. This type of integration ensures that when you call up a page of our website that contains such buttons, no connection is yet established with the servers of Instagram. When you click on the button, a new browser window opens and calls up the Instagram page, where you can interact with the plugins there (possibly after entering your login data).
For the purpose and scope of the data collection and the further processing and use of the data by Instagram, as well as your rights in this regard and setting options for protecting your privacy, please refer to Instagram’s privacy policy: https://help.instagram.com/155833707900388/.

12.3 LinkedIn plugin as Shariff solution
Our website uses so-called social plugins (“plugins”) of the online service LinkedIn, which is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”).
In order to increase the protection of your data when visiting our website, these buttons are not fully integrated into the page as plugins, but only using an HTML link. This type of integration ensures that when you call up a page of our website that contains such buttons, no connection is yet established with the servers of LinkedIn. When you click on the button, a new browser window opens and calls up the LinkedIn page on which you can interact with the plugins there (possibly after entering your login data).
For the purpose and scope of the data collection and the further processing and use of the data by LinkedIn, as well as your rights in this regard and setting options for protecting your privacy, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

12.4 Twitter plugin as Shariff solution
Our website uses so-called social plugins (“plugins”) of the microblogging service Twitter, which is operated by Twitter International Company, One Cumberland Place, Fenian Street
Dublin 2, D02 AX07 Ireland (“Twitter”).
In order to increase the protection of your data when visiting our website, these buttons are not fully integrated into the page as plugins, but only using an HTML link. This type of integration ensures that when you call up a page of our website that contains such buttons, no connection is yet established with the servers of Twitter. When you click on the button, a new browser window opens and calls up the Twitter page, where you can interact with the plugins there (possibly after entering your login data). Please note that when you interact with the plugin, information collected (including your IP address) is transmitted from your browser directly to a Twitter Inc. server in the USA and stored there.
For the purpose and scope of the data collection and the further processing and use of the data by Twitter, as well as your rights in this regard and setting options for protecting your privacy, please refer to Twitter’s data protection information: https://twitter.com/privacy

12.5 Use of Youtube videos
This website uses the Youtube embedding function to display and play videos from the provider “Youtube”, which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
The extended data protection mode is used here, which, according to the provider, only triggers the storage of user information when the video(s) is/are played. If the playback of embedded Youtube videos is started, the provider “Youtube” uses cookies to collect information about user behaviour. According to information from “Youtube”, these are used, among other things, to collect video statistics, to improve user-friendliness and to prevent abusive behaviour. If you are logged in to Google, your data will be directly assigned to your account when you click on a video. If you do not wish to have your data associated with your YouTube profile, you must log out before activating the button. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. The use of YouTube may also result in the transmission of personal data to the servers of Google LLC. in the USA.
Independently of a playback of the embedded videos, a connection to the Google network is established each time this website is called up, which may trigger further data processing operations without our influence.
All processing described above, in particular the reading of information on the end device used via the tracking pixel, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a DSGVO. Without this consent, Youtube videos will not be used during your visit to the site.
You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “cookie consent tool” provided on the website via alternative options communicated to you on the website.
Further information on data protection at “Youtube” can be found in the Youtube terms of use at https://www.youtube.com/static?template=terms and in Google’s data protection declaration at https://www.google.de/intl/de/policies/privacy.

12.6 Online applications via a form
On our website, we offer job applicants the opportunity to apply online via a corresponding form. In order to be included in the application process, applicants must provide us with all personal data required for an informed assessment and selection via the form.
The information required includes general personal information (name, address, telephone or electronic contact details) and performance-related evidence of the qualifications required for a position. Health-related information may also be required, which must be given special consideration under labour and social law in the interest of social protection in the applicant’s person.
In the course of sending the form, the applicant data is transmitted to us in encrypted form in accordance with the state of the art, stored by us and evaluated exclusively for the purpose of processing the application.
The legal basis for this processing is generally Art. 6 para. 1 lit. b DSGVO (for processing in Germany in conjunction with § 26 para. 1 BDSG), in the sense of which the application process is considered to be the initiation of an employment contract.
Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO (e.g. health data such as information on severely disabled status) are requested from applicants as part of the application process, the processing is carried out in accordance with Art. Art. 9 para. 2 lit. b. DSGVO so that we can exercise the rights arising from labour law and social security and social protection law and fulfil our obligations in this regard.
Cumulatively or alternatively, the processing of the special categories of data may also be based on Article 9(1)(h) of the GDPR if it is carried out for the purposes of preventive health care or occupational medicine, for the assessment of the applicant’s fitness for work, for medical diagnosis, health or social care or treatment or for the management of health or social care systems and services.
If the applicant is not selected in the course of the evaluation described above, or if an applicant withdraws his or her application prematurely, his or her data submitted on the form will be deleted at the latest after 6 months following notification. This period is calculated on the basis of our legitimate interest in answering any follow-up questions about the application and, if necessary, to be able to comply with our obligations to provide evidence under the regulations on equal treatment of applicants.
In the event of a successful application, the data provided will be further processed on the basis of Art. 6 para. 1 lit. b DSGVO (for processing in Germany in conjunction with Section 26 para. 1 BDSG) for the purposes of implementing the employment relationship.

12.7 Applications to job advertisements by e-mail
We advertise current vacancies on our website in a separate section, for which interested parties can apply by e-mail to the contact address provided.
In order to be included in the application process, applicants must provide us with all personal data required for a well-founded and informed assessment and selection together with their application by e-mail.
The required information includes general personal information (name, address, telephone or electronic contact details) as well as performance-related evidence of the qualifications required for a position. If necessary, health-related information may also be required, which must be given special consideration under labour and social law in the interest of social protection in the person of the applicant.
The components that an application must contain in order to be considered in each individual case and the form in which these components must be sent by e-mail can be found in the respective job advertisement.
After receipt of the application sent using the specified e-mail contact address, the applicant data will be stored by us and evaluated exclusively for the purpose of processing the application. For queries arising in the course of processing, we use, at our discretion, either the e-mail address provided by the applicant with his/her application or a telephone number provided.
The legal basis for this processing, including contacting us for queries, is generally Art. 6 Para. 1 lit. b DSGVO (for processing in Germany in conjunction with § 26 Para. 1 BDSG), in the sense of which the application process is considered to be the initiation of an employment contract.
Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO (e.g. health data such as information on severely disabled status) are requested from applicants as part of the application process, the processing is carried out in accordance with Art. 9 (2) lit. b. DSGVO. DSGVO so that we can exercise the rights arising from labour law and social security and social protection law and fulfil our obligations in this regard.
Cumulatively or alternatively, the processing of the special categories of data may also be based on Article 9(1)(h) of the GDPR if it is carried out for the purposes of preventive health care or occupational medicine, for the assessment of the applicant’s fitness for work, for medical diagnosis, health or social care or treatment or for the management of health or social care systems and services.
If the applicant is not selected in the course of the evaluation described above, or if an applicant withdraws his/her application prematurely, his/her data transmitted by e-mail and all electronic correspondence, including the original application e-mail, will be deleted at the latest after 6 months following notification. This period is measured on the basis of our legitimate interest in answering any follow-up questions about the application and, if necessary, to be able to comply with our obligations to provide evidence under the regulations on equal treatment of applicants.
In the event of a successful application, the data provided will be further processed on the basis of Art. 6 para. 1 lit. b DSGVO (for processing in Germany in conjunction with Section 26 para. 1 BDSG) for the purposes of implementing the employment relationship.

12.8 Google Customer Reviews (formerly Google Certified Merchant Programme)
We work with Google as part of the “Google Customer Reviews” programme. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). This programme gives us the opportunity to collect customer reviews from users of our website. This involves asking you, after you have made a purchase on our website, whether you would like to take part in an email survey from Google. If you give your consent in accordance with Art. 6 para. 1 lit. a DSGVO, we will transmit your email address to Google. You will receive an email from Google Customer Reviews asking you to rate the purchase experience on our website. The rating you provide will then be aggregated with our other ratings and displayed in our Google Customer Reviews logo and in our Merchant Center dashboard. In addition, your review will be used for Google Seller Reviews. The use of Google Customer Reviews may also involve the transmission of personal data to the servers of Google LLC. in the USA.
You can revoke your consent at any time by sending a message to the data controller or to Google.
Further information on Google’s data protection in connection with the Google Customer Reviews programme can be found at the following link: https://support.google.com/merchants/answer/7188525?hl=de.
Further information on the data protection of Google seller reviews can be found at this link: https://support.google.com/google-ads/answer/2375474.

13) Tools and miscellaneous

13.1 – Buchhaltungsbutler
We use the service of the cloud-based accounting software BuchhaltungsButler GmbH, Ausbau 1, 15910 Unterspreewald, Germany, to do our accounting. BuchhaltungsButler processes incoming and outgoing invoices and, if applicable, also the bank transactions of our company in order to automatically record invoices, match them to the transactions and create the financial accounting from this in a partially automated process.
If personal data is also processed in this process, the processing is carried out in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of our legitimate interest in the efficient organisation and documentation of our business transactions.
You can find more information about BuchhaltungsButler GmbH, the automated processing of data and the data protection provisions at https://www.buchhaltungsbutler.de/.

-Lexoffice
We use the service of the cloud-based accounting software “lexoffice” of Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg.
Lexoffice processes incoming and outgoing invoices and, if applicable, also the bank transactions of our company in order to automatically record invoices, match them to the transactions and create the financial accounting from this in a semi-automated process.
If personal data is also processed in this process, the processing is carried out in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of our legitimate interest in the efficient organisation and documentation of our business transactions.
You can find more information about lexoffice, the automated processing of data and the data protection provisions at https://www.lexoffice.de/datenschutz/.

13.2 Cookie consent tool
This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies and cookie-based applications requiring consent. The “cookie consent tool” is displayed to users in the form of an interactive user interface when they access the page, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user gives the corresponding consent by ticking the corresponding box. This ensures that such cookies are only set on the respective end device of the user if consent has been granted.
The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed.
If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Further legal basis for the processing is Art. 6 para. 1 lit. c DSGVO. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.
Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.

13.3 – Google Maps
On our website we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for displaying interactive (land) maps in order to visually present geographical information. By using this service, our location is shown to you and a possible approach is made easier.
When you call up those sub-pages in which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there; this may also involve transmission to the servers of Google LLC. in the USA. This occurs regardless of whether Google provides a user account via which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish to have your data associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage and evaluation are carried out in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of Google’s legitimate interest in displaying personalised advertising, market research and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus also the map display on this website can then not be used.
You can view Google’s terms of use at https://www.google.de/intl/de/policies/terms/regional.html, and the additional terms of use for Google Maps at https://www.google.com/intl/de_US/help/terms_maps.html.
Detailed information on data protection in connection with the use of Google Maps can be found on the Google website (“Google Privacy Policy”): https://www.google.de/intl/de/policies/privacy/.
Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. In order to exercise your revocation, please follow the option described above for making an objection.

14) Rights of the data subject

14.1 The applicable data protection law grants you the following data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective prerequisites for exercising these rights:

  • Right to information pursuant to Art. 15 DSGVO;
  • Right to rectification pursuant to Art. 16 DSGVO;
  • Right to erasure pursuant to Art. 17 DSGVO;
  • Right to restriction of processing pursuant to Art. 18 DSGVO;
  • Right to information pursuant to Art. 19 DSGVO;
  • Right to data portability pursuant to Art. 20 DSGVO;
  • Right to withdraw consent granted pursuant to Art. 7(3) DSGVO;
  • Right to lodge a complaint pursuant to Art. 77 DSGVO.

14.2 RIGHT OF OBJECTION
IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE RIGHT TO OBJECT AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

15) Duration of the storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a DSGVO, this data is stored until the data subject revokes his/her consent.
If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfilment or initiation of a contract and/or we have no justified interest in continuing to store it.
When processing personal data on the basis of Art. 6(1)(f) DSGVO, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Art. 6(1)(f) DSGVO, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21(2) DSGVO.
Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.