MHS Munich Home Systems GmbH
Kramergasse 32, D-82054 Sauerlach
Entry in the commercial register:
Registry court: District Court Munich. Register number: HRB 193900
Managing Director: Helmut Haimerl, Lars Keussen
Phone: +49 8104 647090
responsible for Data Protection:
Managing Director: Lars Keussen
Phone: +49 8104 647090
Status: 20 May 2018
General Information concerning data processing and legal basis
This data protection declaration explains the nature, scope and purpose of the processing of personal data within our online offering and the related websites, features and content (in the following collectively mentioned as “online offer” or “website”). The data protection declaration is valid regardless of the used domain, system, platforms and devices (e.g. desktop or mobile) on which the online offer is carried-out on.
For the definition of the terms used, such as “personal data” or their “processing” we refer to article 4 of the General Data Protection Regulations (DSGVO).
The users personal data processed in the context of this online offer includes inventory data (e.g. names and addresses of “customers”), contract data (e.g. services used, names of clerks, payment information), usage data (e.g. the visited websites of our online offer, interest in our products) and content data (e.g. entries in the contact form).
The term “user” includes all categories of data processing of the concerned person. These include our business partner, customers, interested parties and other visitors to our website.The used terms such as “user” are to be understood as gender-neutral.
We process personal user data only in compliance with the relevant data protection regulations. This means, the user’s data is only processed if legal permission is present. In particular this means, if data processing is needed resp. required by law for the provision of our contractual services (e.g. processing of orders) and online services or the user’s consent exists, as well as based on our legitimate interests (e. g. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of article 6 clause 1, littera f General Data Protection Regulations (DSGVO), specially in the range measurement, creation of profiles for advertising and marketing purposes as well as collection of access data and the use of the services of third parties.
Please note that the legal basis of consent is article 6, clause 1, littera a and article 7 General Data Protection Regulations (DSGVO), the legal basis for processing to fulfill our services and performance of contractual measures is article 6, clause 1, littera b General Data Protection Regulations (DSGVO), the legal basis for processing in order to fulfill our legal obligations is article 6, clause 1, littera c General Data Protection Regulations (DSGVO) and the legal basis for processing in order to protect our legitimate interests is article 6, clause 1, littera f General Data Protection Regulations (DSGVO).
We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are fulfilled and therefore protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
These security measures especially include the encrypted transmittance of data between your browser and our server.
Disclosure of data to third parties and third-party providers
Disclosure of data to a third party is only in context with legal regulations- We will only disclose the user’s data to third parties if for example this is based on article 6 clause 1, littera b General Data Protection Regulations (DSGVO), required for contract purposes or based on legitimate interests of economic and effective operation of our business in accordance with article 6 clause 1, littera f General Data Protection Regulations (DSGVO).
If we use subcontractors to provide our services, we will take appropriate legal precautions and appropriate technical and organizational measures to protect personal data in accordance with applicable law.
If, within the scope of this data protection declaration, content, tools or other means are used by other providers (in the following collectively mentioned as “third party providers”) and their registered office is located in a third country, it is to be assumed that data will be transferred to the countries of residence of the third party providers. Third countries are countries in which the General Data Protection Regulations (DSGVO) are not a directly applicable law; this means basically countries outside the EU resp. European Economic Area. The transfer of data to third countries occurs either with an adequate level of data protection, user consent or other legal authorization is provided.
Provisions of contractual services
We process inventory data (e.g. names and addresses as well as the user’s contact information), contract data (e.g. services used, names of contacts, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with article 6 clause 1, littera b General Data Protection Regulations (DSGVO).
Optionally, users can create a user’s account, especially in which they can review their orders. Within the context of registration, the user is informed of the required necessary data. The user accounts are not published and cannot be indexed by search machines. If users have terminated their user account, their data will be deleted with regards to the user account, unless retention is necessary for commercial or tax law reasons in accordance with article 6 clause 1, littera b General Data Protection Regulations (DSGVO). It is in the user’s responsibility to save their data in case of termination before the contract ends. We are entitled, to irretrievably delete all of the user’s data stored during the contractual duration.
Within registration and re-registration as well as use of our online services, we will stores the the IP address and the time of the user’s respective action. The storage is based on the grounds of our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. Principally, disclosure of these data to third parties does not take place, unless it is necessary for the prosecution of our claims or there is a legal obligation in accordance with article 6 clause 1, littera c General Data Protection Regulations (DSGVO).
We process usage data (e.g. the visited web pages of our online offering, interest in our products) and content data (e.g. entries in the contact form or user profile) for advertising purposes in a user profile, to inform the user e.g. to display product instructions based on the previously used services.
When contacting us, (via contact form or e-mail) the information provided by the user is processed for the contact request in accordance with article 6 clause 1, littera b General Data Protection Regulations (DSGVO).
The user’s information can be stored in our Customer-Relationship-Management System (“CRM System”) or similar request organizations.
Collection of access data and logfiles
We obtain on the basis of our legitimate interests, data on every access to the server on which this service is located (so-called server log files) in accordance with article 6 clause 1, littera f General Data Protection Regulations (DSGVO). The access data includes name of the retrieved website, file, date and time of retrieval, amount of data transferred, message regarding successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Logfile information is stored for security purposes (e.g. to investigate misuse or fraudulent activities) for a maximum of seven days and then deleted. Data which further storage is required for evidential purposes shall be exempted from deletion until final clarification of the incident.
Cookies & range measurement
Cookies are information transmitted from our web server or third party web servers to the user’s web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
We use “session cookies” that are only stored for the duration of the current visit to our online presence (e.g. to enable the storage of your login status or the shopping cart function and thus principally enabling the use of our online offer). In a session cookies a random created explicit identification number is stored, a so called session ID. Furthermore, a cookie includes information regarding its origin and storage period. These cookies cannot store any other data. Session cookies are deleted, when the user has terminated our online offer and e.g. has logged off or closed the browser.
If users do not want cookies stored on their computer, they will be asked to disable the option in their browser’s system settings. Stored cookies can be deleted in the browser’s system settings. The exclusion of cookies can lead to functional restrictions of this online offer.
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services related to the use of this online offer and the internet usage. In this case, the user’s pseudonymous usage profiles can be created from the processed data.
We use Google Analytics to display advertisements within Google and its affiliate advertising services, only those users who have shown an interest in our online offering or who have certain characteristics (e.g. interests in specific topics or products of visited websites), which we transmit to Google (so-called “Remarketing” resp. “Google-Analytics-Audiences”). With the help of Remarketing Audiences, we would like to ensure that our ads are in line with the user’s potential interest and are not annoying.
We use Google Analytics to collect demographic data of the website users. These are age, gender and regional details of the users location. Users can prevent the storage of cookies by setting their browser software accordingly; users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offer and the processing of such data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
We only use Google Analytics with activated IP anonymization. This means that the users’ IP address will be shortened by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.
The IP address submitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offer and the processing of such data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
For more information about data usage by Google, settings and contradictory options, visit the websites of Google: https://www.google.com/intl/de/policies/privacy/partners (“data usage by Google in your use of websites or apps of our partners”) http://www.google.com/policies/technologies/ads (“data usage for advertising purposes”), http://www.google.de/settings/ads (“manage information used by Google to display advertisement”).
On the basis of our legitimate interests (e.g. interest in the analysis, optimization and economic operation of our online offer in accordance with article 6 clause 1, littera f General Data Protection Regulations (DSGVO) we use the marketing and remarketing services (“Google Marketing Services”) of the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, (“Google”).
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)
The Google marketing services allow us to display advertisements more aimed for and on our website, to present users only ads that are potentially in their interests. If ads for products are displayed to the user, which he’s been interested in on other websites, then this is referred to as “Remarketing”. For these purposes, when our and our other websites that use Google Marketing Services are activated, Google will immediately execute a Google code and so called remarketing tags are integrated in the website (invisible graphics or code, also known as “web beacons”. With their help, the user is provided with an individual cookie, this means a small file is stored (instead of cookies, comparable technologies can also be used). The cookies can be set by different domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. In this file it is noted which websites the user visited, what content he is interested in and what offers he has clicked, as well as technical information concerning the browser and operating system, referring websites, visit duration and other information regarding the use of the online offer. The IP address of the users is also recorded, whereby in the context of Google Analytics we announce that the IP address is shortened within the member states of the European Union or other parties to the Agreement on the European Economic Area and only in exceptional cases transmitted to the Google server in the US and shortened there. The IP address will not be merged with data of the user within other Google offers . The above mentioned information may also be linked by Google with such information from other sources. If the user then visits other websites, advertisement can be displayed adjusted to his interests.
The users’ data are processed pseudonym in the context of the Google Marketing Services. This means Google stores and processes e.g. not the name or e-mail address of the users, but processes the cookie-related relevant data within pseudonymous user profiles. That means from Google’s perspective, the ads are not managed and displayed to a specifically identified person, but to the cookie owner, regardless of who that cookie owner is. This does not apply if a user has explicitly consented Google to process the data without this pseudonymization. The information collected about users through Google Marketing Services is transmitted to Google and stored on Google’s servers in the USA.
Among the Google Marketing Services we also use the online advertising program “Google AdWords”. In the case of Google AdWords, each AdWords customer receives a different “conversion cookie”. Cookies can not be tracked through the websites of AdWords customers. The information collected through the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers will see the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies the users.
We can also use the service “Google Optimizer”. Within the context of so called “A / B-Testings” the Google Optimizer allows us to understand the affect of various changes to a website (e.g. changes in the input fields, the design, etc.). For these test purposes, cookies are stored on the user’s devices. However, only pseudonym user data is processed.
Furthermore, we may use the “Google Tag Manager” to integrate and manage the Google Analytics and Marketing Services on our website.
For more information about Google’s data usage for marketing purposes, see the overview site: https://www.google.com/policies/technologies/ads. For Google’s data protection declaration see https://www.google.com/policies/privacy .
If you wish to opt-out of interest-based advertising through Google Marketing Services, you can use Google’s recruitment and opt-out options: http://www.google.com/ads/preferences.
Facebook Social Plugins
Based on our legitimate interests (e.g. interest in the analysis, optimization and economic operation of our online offer within the meaning of article 6 clause 1, littera f General Data Protection Regulations DSGVO) we use social plugins (“plugins”) of the social network facebook.com, which is operated by the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”). The plugins can feature interaction elements or content (e.g. videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white “f” on blue tile, the terms “Like” (“Gefällt mir”) or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of the Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When a user retrieves a feature of this online offering that includes such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the device of the user and incorporated by such to the online offer. Here, user profiles can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and hereby inform the users accordingly of our knowledge.
By integrating the plugins, Facebook receives the information that a user has accessed the corresponding site of the online offer. If the user is logged into Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example, press the Like button or leave a comment, the information is transmitted from your device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will receive this information and store their IP address. According to Facebook, only an anonymous IP address is stored in Germany.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options for protecting the users’ privacy, can be found in the data protection declaration of Facebook: https://www.facebook.com/about/privacy/.
If a user is a Facebook member and does not want Facebook to collect his via this online offer and link it to his member data stored on Facebook, he must log out of Facebook and delete his cookies before using our online offer. Other settings and inconsistencies regarding the use of data for promotional purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or with the US-American site http://www.aboutads.info/choices/ or the European site http://www.youronlinechoices.com/. The settings are platform independent, this means they are adopted for all devices, such as desktop computers or mobile devices.
Facebook, Custom Audiences and Facebook-Marketing-Services
Due to our legitimate interests in the analysis, optimization and economic operation of our online offer, we use within our online offer so called “Facebook Pixel” of the social network Facebook, operated by the Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA or if you are located in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”).
Facebook is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
With the help of the Facebook Pixels, it is for one possible for Facebook to determine the visitors of our online offer as a target group for the presentation of ads (so called “Facebook-Ads”). Accordingly, we use the Facebook Pixel to display the Facebook Ads only to those Facebook users who have shown an interest in our online offer or who have certain features (e.g. interests in certain topics or products which are determined by accessing certain websites), which we transfer to Facebook (so called “Custom Audiences”). With the help of the Facebook Pixels, we also want to ensure our Facebook ads are in line with the potential interest of users and are not annoying. With the help of the Facebook Pixels we can also understand the effectiveness of the Facebook advertisements for statistical and market research purposes, in which we see if users were redirected to our website after clicking on a Facebook ad (so called “Conversion”).
The Facebook Pixel is integrated when accessing our website directly through Facebook and can store a so-called cookie on your device, this means a small file. If you subsequently log in to Facebook or visit Facebook while logged on, your access to our online offer will be noted in your profile. You personal data collected are anonymous to us an do not provide us any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and can be used by Facebook as well as for its own marketing research and advertising purposes. If we should send data to Facebook for comparison purposes, it will be encrypted locally in the browser and then sent to Facebook via a secure https connection. This is done solely with the purpose of establishing a comparison with the data equally encrypted by Facebook.
Furthermore, when using the Facebook pixel we use the additional function “extended comparison” (data such as telephone numbers, e-mail addresses or the users’ Facebook ID) for the formation of target audiences (“Custom Audiences” or “Look Alike Audiences”) and transmitted (encrypted) to Facebook. Further notices to “extended comparison”: https://www.facebook.com/business/help/611774685654668).
Based on our legitimate interests, we also use the “Custom Audiences from File” method of the social network Facebook, Inc. In this case, the e-mail addresses of the newsletter recipients are uploaded to Facebook. The upload process takes place encrypted. The upload is solely used to identify recipients of our Facebook ads. We want to ensure that the ads are only displayed to users who are interested in our information and services.
The processing of the data by Facebook is part of Facebook’s data usage policy. Accordingly, general notes on the presentation of Facebook Ads, in the data usage policy of Facebook: https://www.facebook.com/policy.php. Special information and details about the Facebook Pixel and how it operates can be found in the help section of Facebook: https://www.facebook.com/business/help/651294705016616.
You may object to the collection by the Facebook Pixel and use of your data to display Facebook Ads. To set which types of ads you see within Facebook, you can go to Facebook’s set-up site and follow the instructions on the usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform independent, this means they are adopted for all devices, such as desktop computers or mobile devices.
To prevent the collection of your data by means of the Facebook Pixel on our website, please click the following link: Facebook-Opt-Out Notice: When you click the link, a “opt-out” cookie is stored on your device. If you delete the cookies in this browser, then you have to click the link again. Furthermore, the opt-out only applies within the browser you are using and only within our web domain on which the link was clicked.
With the following information, we will inform you about the contents of our newsletter as well as the registration, shipping and statistical evaluation procedures as also your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (in the following mentioned as “newsletter”) only with the consent of the recipient or a legal permission. If the contents of a newsletter are specifically described, they are authoritative for the user’s consent. Otherwise, our newsletters contains information regarding our products, offers, promotions and our company.
Double-opt-in and recording: The registration for our newsletter takes place in a so-called double opt-in procedure. This means you will receive an e-mail after logging in, requesting confirmation of your registration. This confirmation is necessary so that nobody can register with foreign e-mail addresses. The registration for the newsletter will be recorded in order to prove the registration process accordingly to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Also changes to your stored data with the shipping service provider, will be recorded.
Shipping service provider: The used newsletter software Newsletter2Go, Köpenicker Str. 126, 10179 Berlin, Tel. +49 30 31199404, E-Mail: firstname.lastname@example.org. Here, your data is transmitted to the Newsletter2Go GmbH. Newsletter2Go is prohibited from selling and using your data for purposes other than sending newsletters. Newsletter2Go is a German, certified provider, which was selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.
You will find further information here: https://www.newsletter2go.de/informationen-newsletter-empfaenger/
The granted consent to store the data, the e-mail address and their use for sending the newsletter can be objected at any time, for example via the “unsubscribe” link in the newsletter.
The data protection measures are always subject to technical renewal, for this reason, we ask you to inform yourself in regards to our data protection measures at regular intervals by viewing our data protection declaration.
Furthermore, the shipping service provider may, according to its own information, use these data in pseudonymous form, meaning without assignment to a user, to optimize or improve their own services, e.g. for the technical optimization of the dispatch and the presentation of the newsletters or for statistical purposes, to determine which countries the recipients are from. However, the shipping service provider does not use the data of our newsletter recipients to contact them directly or disclose third parties.
Registration data: To subscribe to the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to provide a name in the newsletter for the purpose of personal address.
Statistical Survey and Analysis – The newsletters contains a so-called “web-beacon”, this is a pixel-sized file that is retrieved from the shipping service provider’s server when the newsletter is opened. In the context of this call, first of all technical information, such as information about the browser and your system, as well as your IP address and time of access will be collected. This information is used to improve the technical performance of services based on the specifications or target groups and their reading habits, by means of their retrieval locations (which can be determined using the IP address) or access times. Statistical surveys also include determining if the newsletters will be opened, when they will be opened and which links will be clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our effort nor that of the shipping service provider to observe individual users. Much more, the evaluations serve us to review the reading habits of our users and to adapt our content to such or to send different content according to the interests of our users.
The use of the shipping service provider, carrying out statistical surveys and analyzes as well as recording the registration process, are based on our legitimate interests in accordance with article 6 clause 1, littera f General Data Protection Regulations (DSGVO). We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.
Termination/Objection – You may terminate the receipt of our newsletter at any time, meaning object your consent. Simultaneously, your consent for shipping by the shipping service provider and the statistical analyzes expire. Unfortunately, a separate objection of the shipment by the shipping service provider or the statistical evaluation is not possible. A link to cancel the newsletter can be found at the end of each newsletter. If the users have only subscribed to the newsletter and this registration is terminated, their personal data will be deleted.
Integration of services and contents of third parties
Based on our legitimate interests (e.g. interest in the analysis, optimization and economic operation of our online offer in accordance with article 6 clause 1, littera f General Data Protection Regulations DSGVO), we make use of content or services offered by third-party providers in order to provide their content and services, such as integrating videos or fonts (in the following collectively mentioned as “content”). This always presupposes that the third party providers of this content, perceive the IP address of the users, since they cannot send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We strive to use only content which respective providers use the IP address solely for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also mentioned as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include, but is not limited to, technical information about the browser and operating system, referring web sites, accessing time and other information regarding the use of our online offer.
The following presentation provides an overview of third party providers as well as their contents, in addition to links to their data protection statements, which contain further information on the processing of data and as already mentioned here, objection possibilities (so-called opt-out):
If our customers use the payment services of third parties (e.g. PayPal or (Sofortüberweisung) immediate transfer), the terms and conditions and the data protection notice of the respective third party providers, which are available within the respective websites or transaction applications are presented.
External fronts of the Google, Inc., https://www.google.com/fonts (“Google Fronts”). The integration of Google fonts is done by a server call to Google (usually in the USA). Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
Maps of the service “Google Maps” is provided by the third party provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
Videos of the platform “YouTube” of the third party provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
Functions of the provider Instagram are integrated within our online offer. These functions are offered by the Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the access to our pages with your user account. Please note that we as the provider of the site do not receive knowledge of the content of the transmitted data and their use by Instagram. Data protection declaration: http://instagram.com/about/legal/privacy/.
Our online offerings use features of the LinkedIn network. Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you visit one of our pages that contains LinkedIn features, it will connect to the LinkedIn servers. LinkedIn will be informed that you have accessed our website with your IP address. If you click LinkedIn’s “Recommend Button” and are logged in to your LinkedIn account, LinkedIn will be able to associate you and our user’s account when you access the website. Please note, that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn. Data protection declaration: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We use Social Plugin of the social network Pinterest which is operated by the Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). When you visit a page containing such a plugin, your browser connects directly to the servers of Pinterest. The plugin transmits protocol data to the server of Pinterest in the USA. This log data may include your IP address, the address of the sites you visit, including Pinterest features, browser type and settings, the date and time of the request, how you use Pinterest and cookies. Data protection declaration: https://about.pinterest.com/de/privacy-policy.
Web analysis and optimization using the Hotjar service of the third party provider Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe. With Hotjar, movements on the websites can be traced where Hotjar is used (so-called Heatmaps). For example, you can see how far users are scrolling and how often which buttons are clicked. Furthermore, technical data such as selected language, system, screen resolution and browser type are recorded. At least temporarily, here during the the access to our website profiles of users can be created. Furthermore, using Hotjar it is also possible to obtain feedback directly from the users of the website. By these means, we gain valuable information to make our websites even faster and more customer-friendly. Data protection declaration: https://www.hotjar.com/privacy. Opt-Out: https://www.hotjar.com/opt-out.
The user’s rights
Upon request, users have the right to receive information free of charge about their personal data that we have stored.
In addition, users have the right to request correction of inaccurate data, limit the processing and deletion of their personal data if applicable, assert their rights to data portability and in the event of unlawful processing, file a complaint with the appropriate regulatory authority.
Users can also generally object their consent with implications for the future.
Deletion of data
The data stored with us are deleted as soon as they are no longer needed for the intended purpose and the deletion does not conflict with any statutory storage requirements. Insofar the users’ data are not deleted if they are required for other and legally permitted purposes, their processing will be restricted. This means the data is disabled and not processed for other purposes. This applies, for example for data of users which must be stored for commercial or tax reasons.
According to legal requirements, storage takes place for 6 years in accordance with article 257, clause 1 Commercial Law HGB (commercials books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc.) and for 10 years in accordance with article 147, clause 1, General Fiscal Law AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
Right of Objection
Users may object to the processing of their personal data in accordance with legal requirements at any time. In particular, the objection may be made against processing for direct marketing purposes.
Amendments to the data protection declaration
We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or to changes in service and data processing. However, this only applies to declarations of data processing. If users’ consent is required or elements of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.
Users are requested to inform themselves regularly in regards to the content of the data protection declaration.