Your Cart is Empty
Give the gift of a "Good-Looking Feeling"!
Our gift voucher is the perfect gift idea for anyone who wants to give their loved ones a truly special treat. So what are you waiting for? Click the order button now!
This privacy policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online services and the associated websites, functions, and content, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "online services"). Regarding the terminology used, such as "processing" or "controller," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Responsible party:
Company: Verdandy GmbH
Street address: Webgasse 27/3/14
Postal code, city, country: 1060, Vienna, Austria
Company registration number: FN 423873v
Managing Directors: Martin Pichler, Manuel Rauner
Email: info@verdandy.com
Types of data processed:
- Inventory data (e.g., names, addresses).
- Contact details (e.g., email, phone numbers).
- Content data (e.g., text entries, photographs, videos).
- Contract details (e.g., subject matter of the contract, term, customer category).
- Payment details (e.g., bank details, payment history).
- Usage data (e.g., websites visited, interest in content, access times).
- Metadata/communication data (e.g., device information, IP addresses).
Processing of special categories of data (Art. 9 para. 1 GDPR):
No special categories of data are processed.
Categories of persons affected by the processing:
- Customers, prospective customers, visitors and users of the online service, business partners.
In the following, we will refer to the affected persons collectively as "users".
Purpose of processing:
- Provision of the online service, its content and shop functions.
- Provision of contractual services, service and customer care.
- Responding to contact requests and communicating with users.
- Marketing, advertising and market research.
- Security measures.
As of 09/2018
1. Terminology used
1.1. “Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.2. “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and encompasses virtually any handling of data.
1.3. The term “controller” refers to the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
2. Relevant legal bases
In accordance with Article 13 of the GDPR, we inform you of the legal bases for our data processing. Unless otherwise stated in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR; the legal basis for processing data to fulfill our services and implement contractual measures, as well as to respond to inquiries, is Article 6(1)(b) of the GDPR; the legal basis for processing data to comply with our legal obligations is Article 6(1)(c) of the GDPR; and the legal basis for processing data to protect our legitimate interests is Article 6(1)(f) of the GDPR. In the event that processing personal data is necessary to protect the vital interests of the data subject or another natural person, Article 6(1)(d) of the GDPR serves as the legal basis.
3. Changes and updates to the privacy policy
We ask that you regularly review the content of our privacy policy. We will update the privacy policy as soon as changes to our data processing activities make this necessary. We will inform you if any changes require action on your part (e.g., consent) or any other individual notification.
4. Safety measures
4.1. In accordance with Article 32 GDPR, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access to, input of, disclosure of, and ensuring the availability and separation of the data. Furthermore, we have established procedures to ensure the exercise of data subject rights, the erasure of data, and the response to data breaches. We also consider the protection of personal data during the development and selection of hardware, software, and processes, in accordance with the principles of data protection by design and by default (Article 25 GDPR).
4.2. Security measures include, in particular, the encrypted transmission of data between your browser and our server.
5. Disclosure and transfer of data
5.1. If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them, or otherwise grant them access to the data, this is done only on the basis of a legal permission (e.g., if the transfer of data to third parties, such as payment service providers, is necessary for the performance of a contract pursuant to Art. 6 para. 1 lit. b GDPR), if you have given your consent, if a legal obligation requires it, or on the basis of our legitimate interests (e.g., when using agents, hosting providers, tax, business and legal advisors, customer service, accounting, billing and similar services that allow us to efficiently and effectively fulfill our contractual obligations, administrative tasks and duties).
5.2. If we commission third parties to process data on the basis of a so-called "data processing agreement", this is done on the basis of Art. 28 GDPR.
6. Transfers to third countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)), or if this occurs in the context of using third-party services or disclosing or transferring data to third parties, this will only be done if it is necessary for the performance of our (pre-)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we will only process or have data processed in a third country if the special requirements of Articles 44 et seq. of the GDPR are met. This means, for example, that processing is based on special guarantees, such as the officially recognized finding of a level of data protection equivalent to that of the EU (e.g., for the USA through the "Privacy Shield") or compliance with officially recognized specific contractual obligations (so-called "standard contractual clauses").
7. Rights of data subjects
7.1. You have the right to request confirmation as to whether data concerning you is being processed, and to access this data as well as further information and a copy of the data in accordance with Article 15 GDPR.
7.2. In accordance with Article 16 of the GDPR, you have the right to request the completion of your personal data or the rectification of inaccurate personal data concerning you.
7.3. In accordance with Article 17 GDPR, you have the right to request that the data in question be deleted without undue delay, or alternatively, in accordance with Article 18 GDPR, to request a restriction of the processing of the data.
7.4. You have the right to request that the data concerning you which you have provided to us be received in accordance with Art. 20 GDPR and to request its transmission to other controllers.
7.5. You also have the right, pursuant to Article 77 GDPR, to lodge a complaint with the competent supervisory authority.
8. Right of withdrawal
You have the right to withdraw your consent pursuant to Art. 7 para. 3 GDPR with effect for the future.
9. Right to object
You can object to the future processing of your personal data at any time in accordance with Article 21 of the GDPR. This objection can be made, in particular, against processing for direct marketing purposes.
10. Cookies and the right to object to direct marketing
10.1. "Cookies" are small files that are stored on users' computers. Various types of information can be stored within cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or even after their visit to an online service. Temporary cookies, also known as "session cookies" or "transient cookies," are deleted after a user leaves an online service and closes their browser. Such a cookie might, for example, store the contents of a shopping cart in an online store or a login status. "Permanent" or "persistent" cookies remain stored even after the browser is closed. These can, for example, store login status so that users remain logged in when they return to the site after several days. Similarly, user interests can be stored in such a cookie for audience measurement or marketing purposes. Third-party cookies are cookies from providers other than the operator of the online service (otherwise, if they are only the operator's own cookies, they are called first-party cookies).
10.2. We use temporary and permanent cookies and explain this in our privacy policy.
If users do not wish to have cookies stored on their computer, they are asked to deactivate the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. Disabling cookies may lead to functional limitations of this online service.
10.3. A general objection to the use of cookies for online marketing purposes can be declared for many services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ . Furthermore, the storage of cookies can be prevented by disabling them in your browser settings. Please note that this may prevent you from using all the functions of this website.
11. Deletion of data
11.1. The data we process will be erased or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated otherwise in this privacy policy, the data stored by us will be erased as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data is not erased because it is required for other legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
11.2. In accordance with legal requirements, records must be retained for 7 years pursuant to Section 132 Paragraph 1 BAO (accounting records, receipts/invoices, accounts, vouchers, business papers, statements of income and expenses, etc.), for 22 years in connection with real estate, and for 10 years for documents relating to electronically supplied services, telecommunications, broadcasting and television services provided to non-entrepreneurs in EU member states and for which the Mini One-Stop Shop (MOSS) is used.
12. Order processing in the online shop and customer account
12.1. We process our customers' data within the framework of order processes in our online shop to enable them to select and order the chosen products and services, as well as to pay for and deliver or execute them.
12.2. The processed data includes inventory data, communication data, contract data, payment data, and the data subjects are our customers, prospective customers, and other business partners. Processing is carried out for the purpose of providing contractual services within the framework of operating an online shop, invoicing, delivery, and customer service. We use session cookies to store the shopping cart contents and persistent cookies to store the login status.
12.3. Processing is based on Article 6 Paragraph 1 Letters b (performance of a contract) and c (compliance with legal requirements) of the GDPR. The information marked as required is necessary for the establishment and fulfillment of the contract. We only disclose data to third parties in connection with delivery, payment, or as permitted by law, to legal advisors and authorities. Data is only processed in third countries if this is necessary for the performance of the contract (e.g., at the customer's request for delivery or payment).
12.4. Users may optionally create a user account, which allows them, in particular, to view their orders. During registration, users will be informed of the required mandatory information. User accounts are not public and cannot be indexed by search engines. If users terminate their user account, their data relating to the user account will be deleted, unless its retention is necessary for commercial or tax law reasons in accordance with Art. 6 para. 1 lit. c GDPR. Information in the customer account remains until its deletion, with subsequent archiving in the event of a legal obligation. It is the users' responsibility to back up their data before the end of the contract if they have terminated their account.
12.5. During registration, subsequent logins, and use of our online services, we store the IP address and the time of each user action. This storage is based on our legitimate interests, as well as the user's interest in protection against misuse and other unauthorized use. This data is generally not shared with third parties, unless it is necessary for pursuing our claims or there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c GDPR.
12.6. Data is deleted after the expiry of statutory warranty periods and comparable obligations; the necessity of retaining the data is reviewed every three years; in the case of statutory archiving obligations, deletion occurs after their expiry (end of commercial (6 years) and tax (10 years) retention periods); information in the customer account remains until the account is deleted.
13. Business analyses and market research
13.1. In order to operate our business efficiently and to identify market trends and customer and user needs, we analyze the data we have on business transactions, contracts, inquiries, etc. We process inventory data, communication data, contract data, payment data, usage data, and metadata based on Article 6 Paragraph 1 Letter f of the GDPR. The data subjects include customers, prospective customers, business partners, visitors, and users of our online services. These analyses are conducted for the purposes of business evaluations, marketing, and market research. We may also consider the profiles of registered users, including information such as their purchase history. These analyses help us improve user-friendliness, optimize our services, and enhance our business efficiency. The analyses are for our internal use only and will not be disclosed externally, unless they are anonymous analyses with aggregated data.
13.2. If these analyses or profiles are related to specific individuals, they will be deleted or anonymized upon termination of the user's account, or otherwise two years after the conclusion of the contract. Furthermore, company-wide business analyses and general trend assessments will be created anonymously whenever possible.
14. Contact and Customer Service
14.1. When you contact us (via contact form or e-mail), the information provided by the user will be processed in accordance with Art. 6 para. 1 lit. b) GDPR for the purpose of processing and handling the contact request.
14.2. User data may be stored in our Customer Relationship Management system ("CRM system") or a comparable system for managing inquiries.
14.3. We delete inquiries when they are no longer needed. We review the necessity of retaining inquiries every two years; inquiries from customers with a customer account are stored permanently, and for deletion, customers are directed to the information in their customer account. Furthermore, statutory archiving obligations apply.
15. Collection of access data and log files
15.1. Based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR, we collect data about every access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address, and the requesting provider.
15.2. Log file information is stored for a maximum of seven days for security reasons (e.g., to investigate misuse or fraud) and then deleted. Data that needs to be retained for evidentiary purposes is exempt from deletion until the respective incident has been fully resolved.
16. Online presence on social media
16.1. Based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR, we maintain online presences within social networks and platforms in order to communicate with customers, prospective customers and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing policies of their respective operators apply.
16.2 Unless otherwise stated in our privacy policy, we process user data when users communicate with us within social networks and platforms, e.g. by posting on our online presences or sending us messages.
16.3. We use Google Analytics to display ads placed within Google's and its partners' advertising services only to users who have shown an interest in our online offerings or who exhibit certain characteristics (e.g., interests in specific topics or products, determined based on the websites they visit) that we transmit to Google (so-called "remarketing" or "Google Analytics audiences"). With the help of remarketing audiences, we also want to ensure that our ads correspond to the potential interests of users and are not perceived as intrusive.
17. Google Analytics
17.1. Based on our legitimate interests (i.e., our interest in analyzing, optimizing, and operating our online services economically, in accordance with Article 6(1)(f) of the GDPR), we use Google Analytics, a web analytics service provided by Google LLC ("Google"). Google uses cookies. The information generated by the cookie about users' use of the online services is generally transmitted to and stored on a Google server in the USA.
17.2. Google is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).
17.3. Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on activity within these online services, and to provide us with other services related to the use of these online services and internet usage. Pseudonymous user profiles may be created from the processed data.
17.4. We only use Google Analytics with IP anonymization enabled. This means that Google shortens the IP address of users within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
17.5. The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by adjusting their browser settings accordingly; users can also prevent Google from collecting and processing data generated by the cookie and related to their use of the online service by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de .
17.6. Further information on data usage by Google, settings and opt-out options can be found on Google's websites: https://www.google.com/intl/de/policies/privacy/partners ("How Google uses data when you use our partners' sites or apps"), https://policies.google.com/technologies/ads ("How Google uses data for advertising"), https://adssettings.google.com/authenticated ("Manage the information Google uses to show you ads").
18. Google Re/Marketing Services
18.1. Based on our legitimate interests (i.e., our interest in analyzing, optimizing and operating our online services economically within the meaning of Art. 6 para. 1 lit. f. GDPR), we use the marketing and remarketing services (hereinafter referred to as “Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).
18.2. Google is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
18.3. Google Marketing Services allow us to display advertisements on and for our website in a more targeted manner, so that users only see ads that potentially match their interests. For example, if a user is shown ads for products they have previously viewed on other websites, this is called "remarketing." For this purpose, when our website and other websites using Google Marketing Services are accessed, Google immediately executes a code and integrates so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") into the website. These tags store an individual cookie, i.e., a small file, on the user's device (comparable technologies may also be used instead of cookies). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, and googleadservices.com. This file records which websites the user visits, which content they are interested in, and which offers they click on. It also includes technical information about the browser and operating system, referring websites, visit time, and other information about the use of the online service. The user's IP address is also recorded. Regarding Google Analytics, we would like to inform you that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and is only transmitted in full to a Google server in the USA and shortened there in exceptional cases. The IP address is not combined with user data from other Google services. Google may also combine the aforementioned information with information from other sources. When the user subsequently visits other websites, they may be shown advertisements tailored to their interests.
18.4. User data is processed pseudonymously within the framework of Google Marketing Services. This means that Google does not store or process, for example, the name or email address of users, but rather processes the relevant data on a cookie-related basis within pseudonymous user profiles. From Google's perspective, this means that ads are not managed and displayed for a specifically identified person, but rather for the cookie holder, regardless of who that cookie holder is. This does not apply if a user has explicitly permitted Google to process the data without this pseudonymization. The information collected about users by Google Marketing Services is transmitted to Google and stored on Google's servers in the USA.
18.5. Among the Google marketing services we use is the online advertising program "Google AdWords." With Google AdWords, each AdWords customer receives a different "conversion cookie." Therefore, cookies cannot be tracked across the websites of different AdWords customers. The information collected using the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers receive information about the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can personally identify users.
18.6. We may integrate third-party advertisements based on the Google marketing service "DoubleClick". DoubleClick uses cookies that enable Google and its partner websites to display ads based on users' visits to this website or other websites on the internet.
18.7. We may integrate third-party advertisements based on the Google marketing service "AdSense". AdSense uses cookies that enable Google and its partner websites to display ads based on users' visits to this website or other websites on the internet.
18.8. We may also use the "Google Optimizer" service. Google Optimizer allows us to track the effects of various website changes (e.g., changes to input fields, design, etc.) through so-called "A/B testing." Cookies are stored on users' devices for these testing purposes. Only pseudonymous user data is processed.
18.9. Furthermore, we may use the "Google Tag Manager" to integrate and manage Google's analytics and marketing services on our website.
October 18. Further information on Google's use of data for marketing purposes can be found on the overview page: https://policies.google.com/technologies/ads . Google's privacy policy is available at [link to Google's privacy policy].
November 18th. If you wish to object to interest-based advertising by Google marketing services, you can use the settings and opt-out options provided by Google: https://adssettings.google.com/authenticated .
Furthermore, when using the Facebook pixel, we utilize the additional feature "Advanced Matching" (whereby data such as email addresses or Facebook IDs of users are transmitted (encrypted) to Facebook to create target groups ("Custom Audiences" or "Lookalike Audiences"). Further information on "Advanced Matching" can be found here: https://www.facebook.com/business/help/611774685654668 .
We also use the "Custom Audiences from File" feature of the social network Facebook, Inc. In this case, the email addresses of our newsletter recipients are uploaded to Facebook. The upload process is encrypted. The sole purpose of this upload is to determine the recipients of our Facebook ads. We want to ensure that the ads are only shown to users who have an interest in our information and services.
19. Facebook, Custom Audiences and Facebook Marketing Services
19.1. Within our online services, we use the so-called "Facebook Pixel" of the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are located in the EU, by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), based on our legitimate interests in the analysis, optimization and economic operation of our online services and for these purposes.
19.2. Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).
19.3. With the help of the Facebook pixel, Facebook can identify visitors to our website as a target audience for displaying advertisements (so-called "Facebook Ads"). Accordingly, we use the Facebook pixel to display the Facebook Ads we place only to Facebook users who have shown an interest in our website or who exhibit certain characteristics (e.g., interests in specific topics or products, determined based on the websites they visit) that we transmit to Facebook (so-called "Custom Audiences"). We also use the Facebook pixel to ensure that our Facebook Ads correspond to the potential interests of users and are not perceived as intrusive. Furthermore, the Facebook pixel allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").
19.4. Data processing by Facebook is governed by Facebook's Data Policy. General information on the display of Facebook ads can be found in Facebook's Data Policy: https://www.facebook.com/policy.php. Specific information and details about the Facebook Pixel and how it works can be found in Facebook's Help Center: https://www.facebook.com/business/help/651294705016616.
19.5. You can object to the collection of data by the Facebook pixel and the use of your data for displaying Facebook ads. To adjust which types of ads are displayed to you on Facebook, you can visit the page provided by Facebook and follow the instructions for managing your ad preferences: https://www.facebook.com/settings?tab=ads. These settings are platform-independent, meaning they apply to all devices, such as desktop computers and mobile devices.
19.6. You can also object to the use of cookies for audience measurement and advertising purposes via the Network Advertising Initiative's opt-out page (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
20. Communication via mail, email, fax or telephone
20.1 We use remote communication methods, such as mail, telephone, or email, for business transactions and marketing purposes. In doing so, we process inventory data, address and contact data, as well as contract data of customers, participants, prospective customers, and communication partners.
20.2 Processing is based on Article 6(1)(a), Article 7 GDPR, and Article 6(1)(f) GDPR in conjunction with legal requirements for advertising communications. Contact is only made with the consent of the contact partners or within the scope of legal permissions, and the processed data is deleted as soon as it is no longer required, or upon objection/withdrawal of consent, or when the legal basis for processing ceases to exist or statutory archiving obligations expire.
21st Newsletter
21.1. The following information explains the content of our newsletter, the registration, distribution, and statistical evaluation procedures, as well as your rights to object. By subscribing to our newsletter, you agree to receive it and to the procedures described.
21.2. Newsletter Content: We only send newsletters, emails, and other electronic notifications containing promotional information (hereinafter "newsletters") with the recipient's consent or where legally permitted. If the newsletter's content is specifically described during the registration process, this description is decisive for the user's consent. Otherwise, our newsletters contain information about our products, offers, promotions, and our company.
21.3. Double Opt-In and Logging: Registration for our newsletter uses a double opt-in process. This means that after registering, you will receive an email asking you to confirm your subscription. This confirmation is necessary to prevent anyone from subscribing using someone else's email address. Newsletter subscriptions are logged to document the registration process in accordance with legal requirements. This includes recording the registration and confirmation times, as well as the IP address. Changes to your data stored with the email service provider are also logged.
21.4. Mailing Service Provider: Newsletters are sent via "MailChimp," a newsletter distribution platform provided by the US company Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the mailing service provider's privacy policy here: https://mailchimp.com/legal/privacy/ . The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Framework and thus guarantees compliance with European data protection standards ( https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active ).
21.5. If we use a shipping service provider, the service provider may, according to its own information, use this data in pseudonymized form, i.e., without linking it to a specific user, to optimize or improve its own services, e.g., for the technical optimization of newsletter delivery and display, or for statistical purposes to determine the countries of origin of the recipients. However, the shipping service provider does not use the data of our newsletter recipients to contact them directly or to pass it on to third parties.
21.6. Registration details: To subscribe to the newsletter, simply provide your email address. Optionally, you can also provide your name for personalized addressing in the newsletter.
21.7. Performance Measurement - The newsletters contain a so-called "web beacon," i.e., a pixel-sized file that is retrieved from our server, or, if we use a mailing service provider, from their server, when the newsletter is opened. During this retrieval, technical information such as browser and system information, as well as your IP address and the time of retrieval, are collected. This information is used to technically improve the services based on the technical data or to analyze target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. The statistical analysis also includes determining whether the newsletters are opened, when they are opened, and which links are clicked. While this information can be technically assigned to individual newsletter recipients, it is neither our intention, nor, if applicable, that of the mailing service provider, to monitor individual users. Rather, the analyses serve to help us understand the reading habits of our users and to tailor our content to them, or to send different content according to their interests.
21.8. The newsletter is sent and its success is measured on the basis of the recipients' consent pursuant to Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 107 para. 2 TKG or on the basis of the legal permission pursuant to § 107 para. 2 and 3 TKG.
21.9. The logging of the registration process is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and serves as proof of consent to receive the newsletter.
October 21. Newsletter recipients can unsubscribe from our newsletter at any time, i.e., revoke their consent. A link to unsubscribe can be found at the end of each newsletter. This will simultaneously revoke their consent to performance measurement. A separate revocation of performance measurement is unfortunately not possible; in this case, the entire newsletter subscription must be canceled. Upon unsubscribing from the newsletter, personal data will be deleted unless its retention is legally required or justified, in which case its processing will be limited to these exceptional purposes. In particular, we may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them for newsletter distribution purposes, in order to be able to prove previously given consent. The processing of this data is limited to the purpose of defending against potential claims. An individual deletion request is possible at any time, provided that the prior existence of consent is confirmed.
22. Integration of third-party services and content
22.1. Within our online services, we use content or service offerings from third-party providers based on our legitimate interests (i.e., our interest in the analysis, optimization, and economic operation of our online services within the meaning of Art. 6 para. 1 lit. f GDPR) to integrate their content and services, such as videos or fonts (hereinafter referred to collectively as "Content"). This always requires that the third-party providers of this Content are aware of the users' IP addresses, as they could not send the Content to their browsers without the IP address. The IP address is therefore necessary for displaying this Content. We strive to use only Content from providers who use the IP address solely for delivering the Content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. These pixel tags allow information such as visitor traffic on the pages of this website to be evaluated. The pseudonymous information can also be stored in cookies on the user's device and may include, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online service, as well as be combined with such information from other sources.
22.2. The following overview lists third-party providers and their content, along with links to their privacy policies, which contain further information on data processing and, in some cases, the opt-out options already mentioned here.
- If our customers use third-party payment services (e.g. PayPal or instant bank transfer), the terms and conditions and privacy policies of the respective third-party providers apply, which can be accessed within the respective websites or transaction applications.
- External fonts from Google, LLC., https://www.google.com/fonts ("Google Fonts"). Google Fonts are integrated by making a server request to Google (usually in the USA). Privacy policy: https://policies.google.com/privacy , Opt-out: https://adssettings.google.com/authenticated .
- Maps from the third-party service "Google Maps" provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/ , Opt-out: https://www.google.com/settings/ads/ .
– Videos from the platform “YouTube” of the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/ , Opt-out: https://www.google.com/settings/ads/ .
Our website integrates features of the Instagram service. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to our pages with your user account. Please note that as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by Instagram. Instagram's privacy policy can be found here: http://instagram.com/about/legal/privacy/ .
Out of Stock
