The protection of your personal data is our top priority, which is why we only use your data in strict compliance with the applicable data protection principles.
From May 25, 2018, the requirements of the EU General Data Protection Regulation (hereinafter: GDPR) will apply across Europe. Please read our privacy policy carefully. If you have any questions or comments about our data protection regulations, you can contact the email address below at any time.
1. Overview
The following data protection notices inform you about the type and scope of the processing of so-called personal data by Maison Botanic UG (hereinafter referred to as "Maison Botanic," "we", "us" or "our"). Personal data is information that can be or can be assigned directly or indirectly to your person. The use of our websites www.maisonbotanic.com, www.maisonbotanic.de and all associated pages, applications and services (collectively referred to as "websites") are subject to these data protection provisions. When creating a customer account or with existing customers or when ordering as a guest by means of a corresponding declaration, you agree to these data protection provisions and expressly consent to the processing, use and disclosure of your personal data in the manner described here.
The data processing by Maison Botanic can essentially be divided into two categories:
For the purpose of contract execution or to prepare the contract, all data required for the execution of a sales contract with Maison Botanic are processed. Are external service providers involved in the processing of the contract, e.g. payment service providers, shipping service providers, optimization services, hosters, apps. etc. your data will be passed on to them to the extent required.
When you visit our website, various information is exchanged between your device and our server or the server of the services we use. This can also be personal data. The information collected in this way is used, among other things, to further optimize our website.
According to the requirements of the GDPR, you have different rights that you can assert against us. This includes the right to object to selected data processing, in particular data processing for advertising purposes. The possibility of contradiction is highlighted in printing so that it is easier to find. Further information on your rights can be found below in a separate paragraph and in the individual descriptions of the respective data processing. In principle, we process personal data only in accordance with the applicable statutory storage and retention requirements or until the respective purpose no longer applies.
Due to the protection of young people and data protection, we have decided that our offer should only be available to people who have already reached the age of sixteen. If you have not yet reached this minimum age, you can only use our offers if and to the extent that your parents have expressly consented to this and you have provided us with sufficient evidence of this consent.
If you have any questions about our data protection regulations, please do not hesitate to contact our company data protection officer:
datenschutz@maisonbotanic.com.
2. Name and contact details of the person responsible for processing and the company data protection officer
These data protection provisions apply to data processing by the above websites. Our company data protection officer can be reached at the address: Maison Botanic UG, Data Protection Department, In Der Knackenau 5, 82031 Grünwald or at datenschutz@maisonbotanic.com.
3. Purposes of data processing, legal bases and legitimate interests that are being pursued by us or a third party and categories of recipients
3.1. Calling up our offer
If you call up our website, information is automatically sent to our server by the page and the browser used on your device and temporarily stored in a so-called log file. The following information is recorded without your intervention and stored in the log file until it is automatically or manually deleted:
The processing of the above-mentioned data is based on Art. 6 Paragraph 1 lit.f) GDPR. Our legitimate interest follows from the purposes of data collection listed below. At this point, I would like to point out that we are not able to draw any conclusions about your identity from the data collected and that we do not draw any conclusions. The IP address of your end device and the other data listed above are used by us for the following purposes:
The data is stored in accordance with the statutory retention periods and then automatically deleted. We also use so-called cookies, tracking tools, targeting processes and interfaces to other services, e.g. to social media platforms, payment services or CRM systems. Which procedures are involved and how your data is used for this is explained in more detail below under section 4.
3.2. Data processing for payment processing
In order to fulfill the contract and above all for the purpose of processing payments, we provide the transaction data such as, for example, on the basis of Article 6 (1) lit.
to the payment service provider you have chosen (e.g. PayPal, Adyen, credit card company, etc.). The transmission is necessary, otherwise we cannot process the order. The data is used exclusively for the execution and implementation of payment processing and is securely transmitted using the "SSL" encryption method. The service providers we offer are PCI DSS certified. These transfer, process and, if necessary, store personal data outside the EU. For more information, please check the data protection provisions of your service provider.
3.3. Data processing for customer support or customer care
3.3.1. Informational purposes
If you have opened a customer account, we will keep you as an existing customer. In this case, we process your contact details in order to send you occasional information, e.g. about new products, special offers, extended or improved functions, etc.
3.3.2. Interest-based advertising
So that you only receive information that is of supposed interest to you, we categorize and supplement your customer profile with further information. Both statistical information and information about yourself (e.g. master data or basic data of your customer profile) are used for this. The aim is to optimize our offer according to your actual or supposed personal interests and / or needs or with regard to your tea preferences and to provide you with appropriate recommendations and information and to inform you about news and other events. This way, we can ensure that you are not bothered with useless promotions.
The legal basis for the aforementioned processing is Article 6 (1) (f) GDPR or Section 7 (3) UWG. The processing of existing customer data for our own advertising purposes is to be regarded as a recognized legitimate interest according to recital 47 of the GDPR. You can object to this processing at any time, effective in the future. For this purpose, it is sufficient to click the unsubscribe button in the respective email or a short notice by email. For this purpose, please use the contact options of our company data protection officer.
3.3.3. Newsletter
We offer interested customers the opportunity to sign up to our newsletter via our website. The purpose of this is to provide our customers with the latest developments, such as special offers, exciting information about the world of Maison Botanic, etc. In order to be able to be sure that the entered email address can actually be assigned to the interested party, we use the so-called double opt-in procedure: After entering the email address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your email address be added to our mailing list. We only save the data collected during this process for documentation and verification purposes. These include in particular:
The legal basis for this is Article 6 Paragraph 1 lit. b) GDPR. This processing is necessary in order to meet your request. We store the data until the end of the statutory limitation period, as this enables us to prove the legality of sending the newsletter. After the respective limitation period has expired, we store the personal data required by law for the periods specified by law. You can object to this processing at any time with effect for the future. For this purpose, it is sufficient to click the unsubscribe button in the respective email or a short notice by email. For this purpose, please use the contact options of our company data protection officer.
3.3.4. Contact Form
If a visitor's concern is not cleared up by our FAQ area, we offer them the opportunity to ask the question using our contact form. If you decide to send us such a request, we will process the following data:
The legal basis for this is Art. 6 Paragraph 1 lit. b) GDPR. This processing is necessary in order to meet your request. The data can be saved in a CRM system, e.g. Zendesk (see above). We delete the inquiries if it is no longer necessary to save them. You can object to this processing at any time with effect for the future. A brief notification by email is sufficient for this. To exercise the objection, please use the contact options of our company data protection officer.
3.3.5. Withdrawal
You can object to data processing for the aforementioned purposes at any time free of charge, separately for the respective communication channel and with effect for the future. An email or a letter to the contact details mentioned under 1 is sufficient for this.
If you object, we will block the affected contact address for further advertising data processing. We will process your objection as quickly as possible and implement the appropriate blocking measures immediately after checking. We would like to point out that in exceptional cases, corresponding information or product recommendations may be sent even after receipt of your objection. This is then only for technical reasons and does not mean that we will not implement your objection. Thank you very much for your understanding.
3.4 Data processing when concluding a contract, for executing and terminating the contract
Our goal is to make as many people as possible happy with our products. If you have decided to order from us, we will process the data required for the conclusion, execution or termination of such a (purchase) contract. These include in particular:
The legal basis for this is Article 6 Paragraph 1 lit. a), lit. b) GDPR. Insofar as we do not use your contact details for customer support or customer care (see in detail under 3.3.), We save the data collected for contract processing until the purpose or until the expiry of possible contractual revocation, warranty and guarantee rights.
The duration of the storage of personal data is based on the respective statutory retention period (e.g. commercial and tax retention periods). After the period has expired, the relevant data will be routinely deleted, provided that they are no longer required for contract fulfillment or contract initiation and / or we have no legitimate interest in further storage.
4. Data processing for the provision of our offer
In the following we would like to inform you about the data processing necessary for the provision of our offer:
4.1. Webpage optimization
We will not sell or rent your data to third parties for their marketing purposes without your express consent. Only in order to be able to offer our visitors the best possible customer experience, to improve the quality of our offer from time to time and to protect the interests of our customers, we will pass on certain data to third parties under certain circumstances; however, the transfer always takes place in compliance with strict restrictions, which are described in more detail below:
4.2. Cookies – General Information
We use so-called cookies on our website on the basis of Art. 6 Para. 1 lit. f) GDPR. Our interest in optimizing our offers is to be regarded as justified within the meaning of the aforementioned regulation. Cookies are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you use our offers. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website or that you have already logged in to your customer account. If you use our offer again at a later point in time, the cookie will automatically recognize that you have already visited us and which inputs and settings you have made so that you do not have to re-enter them. In addition, we also use temporary cookies for the purpose of user-friendliness, which are stored on your end device for a specific period of time. These are automatically deleted after leaving our offer.
If you already have a customer account and are logged in, the information stored in the cookies will be assigned to your customer account.
On the other hand, we use cookies to statistically record the use of our offers and to evaluate them for the purpose of optimization as well as to show information that is specifically tailored to you. These cookies enable us to automatically recognize when you visit our site again that you have already visited us. These cookies are automatically deleted after a defined period of time. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. You can also use the Network Advertising Initiative's opt-out option. However, the complete deactivation of cookies may mean that not all functions of our offers are available to you. The storage duration of the cookies depends on their purpose and is not the same for everyone.
4.3 Google Analytics
For the purpose of the needs-based design and continuous optimization of our offer, we use the analysis service Google Analytics from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google") on the basis of Art. 6 Paragraph 1 lit. ). Google creates pseudonymised usage profiles using cookies. The information generated by the cookie about your use of our website such as
are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the offers, to compile reports on the activities and to provide other services related to the use of the offer for the purposes of market research and needs-based design. This information may also be passed on to third parties if this is required by law or if third parties process this data on behalf of us. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (so-called IP masking).
You can prevent the installation of cookies in advance by setting your browser software accordingly or you can object to further processing via the cookie by clicking the opt-out link; however, we point out that in this case not all functions of our offers can be used to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of our offer (including your IP address) and the processing of this data by Google by downloading and installing this browser add-on. We recommend using the private mode on mobile devices. Further information on data protection in connection with Google Analytics can be found on the Google Analytics website.
4.4 Google Tag Manager
We use the Google Tag Manager to manage website tags (website code). These make it easier for us to manage and further develop our offer and shorten your loading time. The Google Tag Manager only implements website code. The Google Tag Manager does not set any cookies itself and does not collect any personal data. The tool only integrates website code that we have stored elsewhere, which may be used to collect data. The tool only serves to facilitate the control of the respective code, but does not itself access the data processed by the code. We will inform you about all tags integrated in this way in this data protection statement. Further information on Google Tag Manager and the usage guidelines can be found on the Google website.
4.5 Facebook Pixel
In order to use our Facebook campaigns as required, to further optimize them and to measure their conversion, we use an individual so-called visitor action pixel from Facebook Ireland Ltd., 4 Grand Canal Square, on the basis of Art. 6 Para. 1 lit. Grand Canal Harbor, Dublin 2, Ireland (hereinafter: “Facebook”). This pixel is integrated into the code of our website. On the one hand, this enables us to ensure that the Facebook ads we initiate are only displayed to Facebook users who have also shown an interest in our offer. This ensures that our Facebook ads correspond to the potential interest of the respective user and do not bother them. On the other hand, we can track the actions of Facebook users after they have seen or clicked one of our Facebook ads. This helps us to measure the conversion of the respective campaign for statistical, market research and billing purposes. The following information is processed during use:
The data collected in this way is anonymous to us and does not allow us to draw any conclusions about the identity of the respective user. The processing that takes place in this way for behavioral and interest-based advertising purposes is to be regarded as our recognized legitimate interest in accordance with recital 47 of the GDPR. The data is stored in accordance with the statutory retention periods and then automatically deleted.
If you log into your Facebook account after placing the pixel or if you visit our website while logged in, it is possible that this data will be saved and processed by Facebook, which we would like to inform you about. Facebook can connect this data to your Facebook account and also use it for its own advertising purposes, in accordance with Facebook's data usage guidelines: https://www.facebook.com/about/privacy/. You can find more information about the Facebook Pixel here. You can enable Facebook and its partners to place advertisements on and outside of Facebook. You can object to this special data processing at any time by either changing your Facebook settings accordingly or by simply informing us that you no longer want such processing in the future. For this, please use the contact options of our company data protection officer. Please be aware that the declared contradiction only applies to the device used. For more information, please refer to Facebook's data protection provisions and information on protecting your privacy.
4.6 Facebook Look-Alike-Campages
For target group-optimized control of our Facebook campaigns and to measure their conversion, we use the option of creating so-called Facebook look-alike audiences, which we use on the basis of Art. 6 Para. 1 lit. a) and lit.f) GDPR by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, (“Facebook”). You can find more information about Facebook's look-alike campaigns on Facebook at: https://www.facebook.com/business/help/365463786964246
This processing for behavioral and interest-based advertising purposes is to be regarded as our recognized legitimate interest according to Recital 47 of the GDPR. In the event that you are part of the Facebook look-alike audience, we will transmit your e-mail address and your device ID to Facebook. You can object to this special data processing at any time by either changing your Facebook settings: https://www.facebook.com/settings/?tab=ads or informing us that you no longer want this processing in the future. For this purpose, please use the contact options of our company data protection officer.
4.7 Youtube-Integration
On our website we offer our visitors and customers a wide range of information. In addition to texts and photos, we also have informative videos ready, for example in our blog posts. For this purpose, we use the integration of YouTube, a service provided by YouTube LLC, on the basis of Art. 6 Paragraph 1 lit.f) GDPR. 901 Cherry Ave. San Bruno, CA 94066. USA (hereinafter: “Youtube”). For this purpose, we set a YouTube cookie when you visit the respective page, which establishes a connection to the YouTube servers. The information generated by the cookie about your use of our website such as
are transferred to a YouTube server in the USA and stored there. The processing to improve our website by enriching and complementing the content with informative videos is to be regarded as our legitimate interest. You can prevent the installation of cookies in advance by setting the browser software accordingly or you can object to this processing by deleting cookies via your browser settings or changing the corresponding settings in the data protection center. You will find more information on the collection and use of data by YouTube and Google, your rights and options for protecting your privacy under YouTube's data protection provisions.
4.8 Google Dynamic Remarketing
We use the remarketing or "similar target group" tool from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereinafter: "Google") on the basis of Article 6 (1) (f) GDPR. This function is used to analyze visitor behavior and visitor interests. Google uses cookies to carry out the analysis of website usage, which forms the basis for creating interest-based advertisements. The cookies are used to record visits to the website and anonymised data on the use of the website. There is no storage of personal data of the visitors to the website. If you subsequently visit another website in the Google advertising network, you may see advertisements that are highly likely to take into account previously accessed product and information areas and may be similar to them. Your data may be processed via the Google server in the USA. The processing that takes place in this way for behavioral and interest-based advertising purposes is to be regarded as our recognized legitimate interest according to Recital 47 of the GDPR.
You can object to this data processing at any time by downloading and installing this browser add-on. You can also permanently deactivate the use of third-party cookies by configuring the Network Advertising Initiative deactivation page accordingly. You can find detailed information on Google Remarketing and the associated data protection declaration at: https://www.google.com/privacy/ads/
4.9 Google Optimize
For the purpose of the needs-based design and continuous optimization of our websites, we use the analysis service Google Optimize, a web analysis service from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (on the basis of Art. 6 Para. 1 lit.f) GDPR ( hereinafter: "Google") and part of Google Analytics. Google sets a cookie to enable you to analyze the page views and page activity. The information generated by the cookie about your use of our website such as
are transmitted to a Google server in the USA and stored there.
You can prevent the installation of cookies in advance by setting your browser software accordingly or you can object to this processing by deleting cookies via your browser settings. You can find more information about Google's data protection provisions under the following link.
4.10 Google Web Fonts
This page uses so-called web fonts provided by Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”) for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to the Google servers.
This gives Google knowledge that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. If your browser does not support web fonts, a standard font will be used by your computer. Google LLC, based in the USA, is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU.
You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google's data protection declaration: https://www.google.com/policies/privacy/
4.11 Google Adwords Conversion-Tracking
To control and improve our campaigns, we use the online advertising program "Google AdWords" and the analysis tool Conversion Tracking, a service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, on the basis of Art. 6 Para. 1 lit. f) GDPR , CA 94043, USA (hereinafter: “Google”). If you click on an advertisement placed by Google, a conversion tracking cookie will be placed on your computer. The information generated by the cookie:
are transmitted to a Google server in the USA and stored there. These cookies lose their validity after 30 days, contain no personal data and are therefore not used for personal identification. If you visit certain Internet pages on our website and the cookie has not yet expired, we and Google can see that you clicked on the ad and were forwarded to this page. Every Google AdWords customer receives a different cookie. This means that there is no way that cookies can be tracked via the websites of AdWords customers. The information that is obtained with the help of the cookie is used to generate conversion statistics for us as AdWords customers. Here we find out the total number of users who clicked on our ad and were forwarded to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified. This processing for behavioral and interest-based advertising purposes is to be regarded as our recognized legitimate interest according to Recital 47 of the GDPR.
You can prevent this processing in advance by generally preventing the installation of cookies using a corresponding browser setting in your browser (deactivation option) or by setting this so that cookies from the “googleadservices.com. You can also object to the processing by switching the slider in the Google settings to "Off".
4.11.1 Usage of Vimeo-Videos
Our website includes plugins from the Vimeo video portal from Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA. When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to the Vimeo servers. Vimeo transmits the content of the plugin directly to your browser and integrates it into the page. Through this integration, Vimeo receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Vimeo account or are not currently logged in to Vimeo. This information (including your IP address) is sent directly from your browser to a Vimeo server in the USA and stored there.
If you are logged in to Vimeo, Vimeo can immediately assign your visit to our website to your Vimeo account. If you interact with the plugins (such as pressing the start button of a video), this information is also transmitted directly to a Vimeo server and stored there.
The data processing operations described are carried out in accordance with Article 6 (1) (f) GDPR on the basis of Vimeo's legitimate interest in market research and the needs-based design of the service.
If you do not want Vimeo to assign the data collected via our website directly to your Vimeo account, you must log out of Vimeo before visiting our website.
The purpose and scope of the data collection and the further processing and use of the data by Vimeo as well as your related rights and setting options to protect your privacy can be found in Vimeo's data protection information: https://vimeo.com/privacy
Vimeo, Inc., based in the USA, is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU.
The tracking tool Google Analytics is automatically integrated into videos from Vimeo that are integrated on our site. This is Vimeo's own tracking, to which we have no access and which cannot be influenced by our side. Google Analytics uses so-called “cookies” for tracking, these are text files that are saved on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
This processing takes place in accordance with Art. 6 Para. 1 lit.f GDPR on the basis of Vimeo's legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
4.12 Trusted Shops
The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops seal of approval and any reviews we may have collected, as well as to offer Trusted Shops products to buyers after an order has been placed.
This serves to safeguard our legitimate interests, which predominate in the context of a weighing of interests, in optimal marketing of our offer in accordance with Art. 6 Para. 1 S. 1 lit. The Trustbadge and the services advertised with it are an offer from Trusted Shops GmbH, Subbelrather Str.15C, 50823 Cologne.
When the Trustbadge is called up, the web server automatically saves a so-called server log file, which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. This access data is not evaluated and is automatically overwritten no later than seven days after the end of your visit to the website.
Further personal data will only be transferred to Trusted Shops if you have given your consent, decide to use Trusted Shops products after completing an order or have already registered for use. In this case, the contractual agreement made between you and Trusted Shops applies.
4.13 Shopify
Our website uses Shopify as well as several tools provided by Shopify. This is an e-commerce platform that we use to offer our customers an exceptional online experience. For more information on how Shopify handles customer data, visit https://www.shopify.com/legal/privacy/customers
4.14 Easy GDPR
Our website uses Easy GDPR. This is a tool that offers our users simplified access to personal data. You can find more information about how EasyGDPR handles user data in the privacy policy: https://easygdpr.zendesk.com/hc/en-us/articles/360008641212-Privacy-Policy
4.15 Translation Lab
Our website usesTranslation Lab by Sherpas Design. It is a languge translation app. It translates the website content into variour languages. Their Private Policy you can find here: https://sherpas.design/blogs/news/privacy-policy
4.16 GDPR Legal Cookie
Our website uses GDPR Legal Cookie by Beeclever GmbH. It is a Cookie consent and tracking app for Shopify. Their Private Policy you can find here: https://www.gdpr-legal-cookie.com/pages/datenschutzerklarung
4.17 Promotion Popup
Our website uses Promotion Popup by Secomapp. Promotion Popup helps to increase conversion rates. Their Private Policy you can find here: https://www.secomapp.com/privacy-policy/
4.18 Sales PopUp - Conversion Pro
Our website uses Sales Popup App. Sales pop ups creates urgency and allows us to show our visitors what items have been bought recently to build the trust and creating social proof that our store needs among new store visitors. Their Private Policy you can find here: https://sales-pop.carecart.io/privacy_policy/
4.19 Shopify Email
Our website uses Shopify Email to create Email Marketing Campagnes. Their Private Policy you can find here: https://www.shopify.com/legal/privacy
5. Social Plugins
Our website uses social plugins ("plugins") from various social networks. With the help of these plugins you can e.g. exchange content or recommend products.
Your browser establishes a direct connection with the servers of the respective social network as soon as you call up a page on our website. The content of the plugin is transmitted directly from the social network to your browser, which integrates it into the website. Of course, plugins can be deactivated with one click.
By integrating the plugins, the social network receives the information that you have accessed the corresponding page on our website. If you are logged into the social network, it can assign the visit to your account. If you interact with the plugins, for example press the Facebook Like button or leave a comment, the corresponding information is transmitted directly from your browser to the social network and stored there.
The purpose and scope of the data collection and the further processing and use of the data by the social networks as well as your rights and setting options to protect your privacy can be found in the data protection information of the respective networks or websites.
If you do not want social networks to collect data about you via our website, you must log out of these networks before visiting our website.
We use the following plugins on our website:
Facebook, Google+, Twitter & Instagram
Even if you are not logged into the social networks, data can be sent to the networks from websites with active social plugins. An active plug-in places a cookie with an identifier every time you visit the website. Since your browser sends this cookie every time you connect to a network server without being asked, the network could in principle use it to create a profile of which websites the user belonging to the identifier has visited. And it would then also be possible to assign this identifier to a person again later - for example when logging into the social network later.
Our pages integrate plug-ins from the social network Facebook, provider Facebook Inc. 1 Hacker Way, Menlo Park, California 94025, USA, and Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. You can recognize the Facebook plug-ins by the Facebook logo or the "Like" button on our website. You can find an overview of the Facebook plug-ins here: https://developers.facebook.com/docs/plugins/
When you visit our website, the plug-in establishes a direct connection between your browser and the Facebook server. As a result, Facebook receives the information that you have visited our pages with your IP address. If you click on the Facebook Like button while you are logged into your Facebook account, you can link the content of our pages in your Facebook profile. In this way, Facebook can link your visit to our website to your user account.
In addition, we maintain an online presence on Facebook, the so-called fan page, in order to be able to communicate with customers, interested parties and users active there and to inform them about our services.
When using the fan page or the plug-ins, your data may be processed outside the European Union. This can result in risks for you, for example because it can make it difficult for you to enforce your rights. In cases in which personal data is transferred to the USA, Facebook has subscribed to the EU-US Privacy Shield: (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.)
Twitter
Our website uses so-called social plugins ("plugins") from the microblogging service Twitter, which is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The plugins are marked with a Twitter logo, for example in the form of a blue "Twitter bird". When you visit a page on our website that contains such a plugin, your browser connects directly to the Twitter servers.
The content of the plugin is transmitted directly from Twitter to your browser and integrated into the page. Through the integration, Twitter receives the information that your browser has accessed the corresponding page on our website, even if you do not have a Twitter profile or are currently not logged in to Twitter. This information (including your IP address) is sent directly from your browser to a Twitter server in the USA and stored there. If you are logged into Twitter, Twitter can immediately assign your visit to our website to your Twitter account.
If you interact with the plugins, e.g. by clicking the "Twitter" button, the corresponding information is also transmitted directly to a Twitter server and stored there. The information is also published on your Twitter account and shown to your contacts. The purpose and scope of the data collection and the further processing and use of the data by Twitter as well as your rights and setting options to protect your privacy can be found in the Twitter data protection declaration: https://twitter.com/privacy
If you do not want Twitter to associate the data collected via our website directly with your Twitter account, you must log out of Twitter before visiting our website. You can also completely prevent the Twitter plugins from loading by using add-ons for your browser.
Google+
We use plug-ins from Google+ operated by Google Inc, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). You can find an overview of Google's plugins and their appearance here: developers.google.com/+/web/
Pinterest Instagram
We use plugins from Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, USA ("Pinterest"). You can find the link to Pinterest's privacy policy here: Pinterest's privacy policy: about.pinterest.com/privacy/
We use plugins from the Instagram social network operated by Instagram, LLC Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). You can find the link to Instagram's privacy policy here: Instagram's privacy policy: instagram.com/Über/Rechtliches/Privatphere/#
If you do not want social networks to collect information about you via active plugins, you can either simply deactivate the social plugins on our website with a single click or select the "Block third-party cookies" function in your browser settings. Then the browser will not send any cookies to the server for embedded content from other providers. With this setting, however, in addition to the plugins, other cross-location functions can no longer work.
Personal data can be transmitted in the following situations
To processors: We may pass on your personal data to processors who provide services on our behalf (including providers of payment processing, technology support, web hosting and email communication).
In connection with company transfers: We may pass on your personal data to other companies in connection with a merger or sale of our company, financing or acquisition of a company, or negotiations in this regard.
With affiliated companies: We may share your data with affiliated companies; in this case we require these companies to comply with this data protection guideline.
Affiliated companies include our subsidiaries and joint venture partners.
Advertising and Marketing Partner
Analytics organizations
With other users: If you share personal information or otherwise interact with other users in the public areas, this information can be viewed by all users and publicly disseminated to the outside world.
When you interact with other users or register through a third party social media service, your contacts on the third party social media service can see your name, profile, pictures, and description of your activity.
Other users can also see descriptions of your activity, communicate with you and view your profile.
To public authorities, in particular law enforcement authorities, if we are legally obliged to provide such data or if we need to protect or enforce our rights.
Auditors, lawyers and tax consultants.
We may also pass on your data to meet legal and regulatory requirements and to protect us from fraud, illegal activities (such as identifying and responding to incidents of hacking or misuse of our websites and mobile applications) as well as claims and other liability claims to protect and prevent them.
6. Privacy for children
Our services are not aimed at anyone under the age of 14. We do not knowingly collect personally identifiable information from anyone under the age of 14. If you are a parent or guardian and you know that your child has provided us with personal information, please contact us. If We learn that We have collected Personal Information from anyone under the age of 14 without verification of parental consent, We will take steps to remove that information from Our Servers.
If we need to rely on consent as a legal basis for processing your data, and your country requires a parent's consent, we may obtain your parent's consent before we collect and use that data.
7. Links to other websites
Our service may contain links to other websites that are not operated by us. If you click on a third party's link, you will be redirected to that third party's website. We strongly encourage you to check the privacy policy of every website you visit.
We have no control over and are not responsible for the content, privacy policies, or practices of any third party websites or services.
8. Changes to the data protection regulations
We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page.
We will notify you by email and / or a prominent notice on our service before the change takes effect and we will update the "last updated" date at the top of this Privacy Policy.
We encourage you to regularly review this privacy policy for changes. Changes to this Privacy Policy are effective when they are posted on this page.
9. Recipients outside the EU
As shown above, data can also be transmitted to recipients based outside the European Union or the European Economic Area. This applies in particular to the processing of analysis and targeting technologies mentioned, which can cause data to be transmitted to the service provider's servers. Other recipients can be affiliated service providers that we need to provide our services, e.g. hosters, CRM tools, analysis service providers. These servers can be located outside the EU, especially in the USA. We strictly ensure that these service providers guarantee data protection standards that are equivalent to those of the GDPR and that the applicable guidelines are complied with. We only work with service providers who are certified according to the so-called EU-US Privacy Shield. For this certification, the EU Commission has determined the adequacy of the data protection level in accordance with Art. 45 GDPR under file number C / 2016/4176. The use of these certified service providers thus fulfills the European standards for legally compliant data processing. In addition, we have obtained suitable contractual guarantees from all service providers based in other EU countries, which ensure compliance with these EU standards and the enforcement of the rights of data subjects, e.g. on the basis of so-called standard contractual clauses of the EU Commission.
10. Your Rights
10.1. Overview
In addition to the right to object to your consent given to us, you have the following further rights if the respective legal requirements are met:
Right to information about your personal data stored by us in accordance with Art. 15 GDPR, in the cases of transfers according to Art. 46, 47 or 49 Paragraph 1 No. 2 GDPR, the right to information or reference to the appropriate or
10.2. Right to object/withdrawal
Under the conditions of Art. 21 Para. 1 GDPR, data processing can be objected to for reasons arising from the particular situation of the person concerned.
The above general right of objection applies to all processing purposes described in these data protection provisions, which are processed on the basis of Art. 6 Para. 1 lit.f) GDPR. In contrast to the special right to object to data processing for advertising purposes (see 3.3 above), we are only obliged to implement such a general objection under the GDPR if you give us reasons of overriding importance (e.g. a possible danger to life or health). You can also contact the supervisory authority responsible for us, the State Commissioner for Data Protection and Freedom of Information Munich.
11. Data security
We use the highest standards of information security for our infrastructure and the processing of your data. For example, we use protective mechanisms for computers, such as firewalls and data encryption. Physical access controls apply to our buildings and data. Access to personal information from our customers is only possible for those employees who need it to carry out their work.
All data transmitted by you personally, including your payment data, are also transmitted using the generally accepted and secure SSL (Secure Socket Layer) standard. SSL is a secure and proven standard that is also used, for example, in online banking. You can recognize a secure SSL connection by the s attached to the http (i.e. https: //…) in the address bar of your browser or by the lock symbol in the lower area of the browser.
We also use suitable technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously monitored in line with technological developments, regularly adapted to the respective risk and improved if necessary.
