Privacy Policy - Viertler Marine

Privacy Information

I. Subject of this Privacy Policy

We are pleased about your interest in our website and our offerings on our web pages. The protection of your personal data (hereinafter referred to as “data”) is a major and very important concern for us. Personal data is considered to be any information that allows a conclusion to be drawn about your identity as a user of our service (e.g., name, email address, postal address).

In the following, we would therefore like to inform you in detail about which data is collected during your visit to our website and use of our offerings there, and how this data is subsequently processed or used by us, as well as what accompanying protective measures we have taken in technical and organizational terms.

We hereby expressly object to the use of contact data published on our website by third parties for sending unsolicited advertising and information materials. We expressly reserve the right to take legal action in the event of unsolicited sending of advertising information.

II. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection provisions is:

Viertler GmbH
Europastraße 7a
65385 Rüdesheim am Rhein

Phone: +49 67 22 99 59-0
Email: service@viertler-marine.de

Authorized representative:
The GmbH is represented by the Managing Director
Ingo Viertler.

III. Data Processing

1. Processing of Personal Data

We collect and use personal data of our users only to the extent necessary to provide a functional website and our content and services. The collection and use of personal data of our users takes place regularly only with the user’s consent. An exception applies in cases where prior obtaining of consent is not possible for factual reasons and the processing of the data is permitted by legal regulations.

2. Legal Basis for the Processing of Personal Data

2.1. Insofar as we obtain consent from the data subject for processing operations of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

2.2. When processing personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

2.3. Insofar as processing of personal data is necessary for compliance with a legal obligation to which our authority is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

3. Deletion of Data / Storage Duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

IV. Provision of the Website for Informational Use

1. Description and scope of data processing

The scope and nature of the collection and use of your data differs depending on whether you visit our website only to retrieve information or directly contact us. For the purely informational use of our website, it is generally not necessary for you to provide personal data.

Rather, in this case, we only collect and use the data that your Internet browser automatically transmits to us, such as:

Date and time of accessing one of our web pages
Your browser type
The browser settings
The operating system used
The last page you visited
The amount of data transferred and the access status (file transferred, file not found, etc.) and
Your IP address.

We collect and use this data during an informational visit exclusively in non-personal form. This is done to enable the use of the web pages you have accessed, for statistical purposes, and to improve our internet offering. We store the IP address only for the duration of your visit; no personal evaluation takes place.

2. Legal Basis

The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. a, b GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

4. Duration of storage

The data is deleted as soon as it is no longer necessary for achieving the purpose of its collection. In the case of collecting data to provide the website, this is the case when the respective session has ended.

5. Objection and removal option

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website.

V. Contacting us through our website

1. Description and scope of data processing

If you contact us through our website, it is necessary for further correspondence that you provide additional data. This includes the data required for the respective processing, in particular your telephone number/email address or postal address. You can provide this information voluntarily, and it is used solely for the purpose of making the requested callback. If you send us an inquiry via the contact form or by email, your data will be used exclusively for correspondence with you.

2. Legal basis for data processing

The use of individual services/login areas is based on the user’s registration on the website. The legal basis for processing the data after registration for the individual services/login areas by users is, if consent is given by the users, Art. 6 Para. 1 lit. a GDPR.

If you use our contact form for inquiries concerning an existing contract or a possible conclusion of a contract, the legal basis for data processing is the implementation of (pre-)contractual measures at the request of the data subject, Art. 6 Para. 1 Sentence 1 lit. b GDPR.

3. Purpose of data processing

The collection of user data serves to enable the use of individual services/login areas.

4. Duration of storage

The data is deleted as soon as it is no longer necessary for achieving the purpose of its collection. The personal data provided for the use of individual services/login areas is stored until the user unsubscribes from the respective service.

5. Objection and removal option

Unsubscribing from individual services is possible at any time. In the event of unsubscribing, the personal data will be deleted immediately.

VI. Newsletter

1. Description and scope of data processing

To be able to send you our newsletter, we use the so-called double opt-in procedure. Only if you have explicitly confirmed to us beforehand that you want to receive the newsletter, we will send you an activation email and ask you to confirm that you want to receive our newsletter by clicking on a link contained in this email. For the processing of the data, your consent is obtained during the registration process and reference is made to this privacy policy.

2. Legal basis for data processing

The newsletter is sent based on the user’s registration on the website. The legal basis for processing the data after registration for the newsletter by users is, if consent is given, Art. 6 Para. 1 lit. a GDPR.

3. Purpose of data processing

The collection of user data serves to deliver the newsletter.

4. Duration of storage

The data is deleted as soon as it is no longer necessary for achieving the purpose of its collection. The user’s email address is thus stored from the time of registration for the newsletter until the subscription is terminated.

5. Objection and removal option

The newsletter subscription can be cancelled by the user at any time. For this purpose, there is a corresponding link in every newsletter. In the event of cancellation, the personal data will be deleted immediately.

VII. Use of Cookies

1. General Information

We use cookies on our websites. Cookies are small text files that usually consist of letters and numbers and are stored on the user’s computer when visiting certain websites.

Some of these cookies are essential for the functionality of our website, while other cookies help us improve our website by providing insights into how you use the website.

By default, we only use necessary cookies. Necessary cookies enable the core functionalities of our website. The website cannot be displayed correctly without these cookies, or certain areas may not function properly. Required cookies can only be prevented through appropriate settings in your browser.

We only use cookies that are not necessary for the function of the website (“non-essential cookies”) if you have given your consent through our cookie banner. You can return to our privacy information at any time and withdraw your consent or make changes. The following additional options exist regarding cookies:

If you do not want cookies to be stored on your computer, you can disable the corresponding option in your browser’s system settings. Stored cookies can be deleted in the browser’s system settings. Please note that deactivating cookies may lead to functional limitations of this website.
You can object to the use of cookies for website tracking and advertising purposes via the Network Advertising Initiative http://optout.networkadvertising.org/ or the American website http://www.aboutads.info/choices or the European website http://www.youronlinechoices.com/uk/your-ad-choices/.

2. Google Analytics

If you have given your consent, Google Analytics 4, a web analytics service provided by Google LLC, is used on this website. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

2.1 Description and Scope

Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

We use the User-ID function. With the help of the User ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyze user behavior across devices.

We use Google Signals. This allows Google Analytics to collect additional information about users who have enabled personalized ads (interests and demographic data) and ads can be delivered to these users in cross-device remarketing campaigns.

IP address anonymization is enabled by default in Google Analytics 4. Due to IP anonymization, your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, your user behavior is recorded in the form of “events”. Events can be:

Page views
First visit to the website
Start of session
Visited web pages
Your “click path”, interaction with the website
Scrolls (whenever a user scrolls to the end of the page (90%))
Clicks on external links
Internal search queries
Interaction with videos
File downloads
Seen / clicked advertisements
Language setting

In addition, the following is recorded:

Your approximate location (region)
Date and time of visit
Your IP address (in shortened form)
Technical information about your browser and the devices you use (e.g., language setting, screen resolution)
Your internet provider
The referrer URL (which website / which advertising medium you came to this website from)

2.2. Purposes of processing

On behalf of the operator of this website, Google will use this information to evaluate your potentially pseudonymous use of the website and to compile reports on website activities. The reports provided by Google Analytics serve to analyze the performance of our website.

2.3 Recipients

Recipients of the data are/may be

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

2.4 Third country transfer

For the USA, the European Commission adopted its adequacy decision on July 10, 2023. Google LLC is certified under the EU-US Privacy Framework. As Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.

2.5 Storage duration

The data we send that is linked to cookies is automatically deleted after 2 months. The maximum lifetime of Google Analytics cookies is 2 years. The deletion of data whose retention period has been reached occurs automatically once a month.

2.6 Legal basis

The legal basis for this data processing is your consent according to Art. 6 Para. 1 S. 1 lit. a GDPR.

In addition, the website operator has a legitimate interest in analyzing and improving its advertising offers, Art. 6 Para. 1 lit. f GDPR:

2.7 Withdrawal

You can revoke your consent at any time with effect for the future by accessing the cookie settings and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in limited functionality on this and other websites. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google as well as the processing of this data by Google by

a. not granting your consent to the setting of the cookie or
b. downloading and installing the browser add-on to deactivate Google Analytics HERE.

For more information about Google Analytics’ terms of use and Google’s privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/en/ and https://policies.google.com/?hl=en.

3. Use of Google Maps

If you have given your consent, this website uses the Google Maps service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

3.1. Description and scope

Google Maps is a web service for displaying interactive (land) maps to visually represent geographical information. By using it, we can show you interactive maps directly on the website and allow you to conveniently use the map function

Due to your visit to our website, Google receives information that you have accessed the corresponding subpage of our website, as well as the date and time of the visit to the respective website and IP address. This happens regardless of whether you are logged in to Google. However, if you are logged in, your data will be associated with your account. If you do not want the association with your Google profile, you must log out before activating a map.

Even when accessing those subpages into which the Google Maps map is embedded, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there, which may also involve transmission to Google LLC’s servers in the USA. This includes, among other things, the search terms you entered, your IP address, and the latitude and longitude coordinates. The storage takes place regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not want the association with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

If you use the route planner function, the entered start address will also be stored. This data storage, however, happens on Google Maps websites. We can only inform you about this, but have no influence on it. Since we have integrated Google Maps into our website, Google sets at least one cookie in your browser. This cookie stores data about your user behavior.

3.2 Purpose of processing

The processing of your data is carried out so that Google Maps can fully offer its service. Google also uses this data to optimize its own services and provide individualized, personalized advertising for you.

3.3 Recipients

Recipients of the data are/may be

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

3.4 Third country transfer

3.5 Storage duration

Google’s servers are located in data centers around the world, although most servers are in America. For this reason, your data is increasingly stored in the USA. Here you can find an overview of Google’s data centers: https://www.google.com/about/datacenters/inside/locations/?hl=en

Google stores some data for a set period of time. For other data, Google only offers the option to delete it manually. The company anonymizes certain information (such as advertising data) in server logs by deleting part of the IP address and cookie information after 9 and 18 months, respectively.

3.6 Legal Basis

The legal basis for this data processing is your consent according to Art. 6 para. 1 s. 1 lit. a in conjunction with Art. 49 para. 1 lit. a GDPR.

3.7 Revocation

We have obtained your consent for the aforementioned processing of your data in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future. You can declare your revocation in writing or by accessing the cookie settings and changing your selection there.

You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. If you do not agree with the future transmission of your data to Google within the scope of using Google Maps, it is also possible to completely deactivate the Google Maps web service by disabling the JavaScript application in your browser. Google Maps and thus the map display on this website can then no longer be used.

4. Matomo

We use the web analytics service Matomo to analyze and regularly improve the use of our website. Through the statistics obtained, we can improve our offer and make it more interesting for you as a user. The legal basis for the use of Matomo is your consent pursuant to Art. 6 para. 1 s. 1 lit. a) GDPR.

For this evaluation, cookies are stored on your computer. We store the information collected exclusively on our servers in Germany. You can prevent the evaluation by deleting existing cookies. If you prevent the storage of cookies, we point out that you may not be able to use this website to its full extent. Preventing the storage of cookies is also possible by adjusting the settings in your browser accordingly. Preventing the use of Matomo is possible by removing the following checkmark and thus activating the opt-out plugin: https://matomo.gedk.de/index.php?module=CoreAdminHome=optOut=de

This website uses Matomo with the extension “AnonymizeIP”. As a result, IP addresses are processed in shortened form, which means that direct personal identification can be ruled out. The IP address transmitted by your browser via Matomo is not merged with other data collected by us.

The Matomo program is an open-source project. You can obtain information on data protection from the third-party provider at http://matomo.org/privacy-policy.

5. Integration of YouTube Videos

We have embedded YouTube videos in our online offering, which are stored on http://www.YouTube.com of Google Ireland Limited (Registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland and can be played directly from our website. The legal basis for the use of YouTube is your consent pursuant to Art. 6 para. 1 s. 1 lit. a) and Art. 49 para. 1 s. 1 lit. a GDPR.

The videos are embedded in such a way that data about you as a user is only transferred to YouTube when you play the videos. We have no influence on the data transfer to Google that then takes place.

The processing of the data is carried out under joint responsibility between Google and us in accordance with Art. 26 GDPR. It has been agreed with Google that the primary responsibility under GDPR for the processing of personal data lies with Google and that all obligations under GDPR with regard to the processing of personal data will be fulfilled by Google (in particular the information obligations pursuant to Articles 12 et seq. GDPR, ensuring data subject rights pursuant to Articles 15 et seq. GDPR, reporting of data breaches pursuant to Articles 33, 34 GDPR).

By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website and data on location (GPS data), IP address and devices used, including information about objects near your device, such as WiFi access points, radio masts and Bluetooth-enabled devices, as well as sensor data from your device (see YouTube privacy information from the provider). This happens regardless of whether you are logged in to Google or YouTube. However, if you are logged in, your data will be associated with your account. If you do not wish your profile to be associated with YouTube, you must log out before activating a video. YouTube stores your data as usage profiles and uses them for purposes of providing services, maintaining and improving services, measuring performance, developing new services, and providing personalized services, including content and advertisements. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

The processing of data within this service also takes place in the USA. The information generated by the cookies about the use of our website is usually transferred to a Google server in the USA and stored there. There are corresponding risks associated with the processing of your data in the USA. By giving your consent via our cookie banner, you agree to the processing of your data in the USA despite potential access by US authorities, Art. 49 Para. 1 S. 1 lit. a GDPR.

You can find further information on the purpose and scope of data collection and its processing by YouTube in the privacy information. There you will also find further information on your rights and setting options to protect your privacy:

You can find YouTube’s privacy information at https://policies.google.com/privacy and opt-out of personalized advertising at https://adssettings.google.com/authenticated.

6. Facebook Pixel

This website uses Facebook’s visitor action pixel to measure the effectiveness of our marketing efforts. The provider of this service is Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). According to Facebook, the collected data is also transferred to the USA and other third countries.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook advertisement. This enables the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The collected data is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage policy. This allows Facebook to enable the display of advertisements on Facebook pages as well as outside of Facebook. This use of the data cannot be influenced by us as the site operator.

The use of Facebook Pixel is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in effective advertising measures including social media. If corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; this consent can be revoked at any time. You can revoke your consent at any time with effect for the future by accessing the cookie settings and changing your selection there.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can find further information on protecting your privacy in Facebook’s privacy policy: https://de-de.facebook.com/about/privacy/.

You can also deactivate the remarketing function “Custom Audiences” in the settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

If you don’t have a Facebook account, you can opt out of usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

7. Integration of social networks (Facebook, X, Instagram, Pinterest)

We use so-called social plugins that allow you to share content via social networks. We employ techniques to protect your privacy that prevent data transfer to social network providers when our pages are accessed. Data transfer only occurs when you actively click on the respective plugin.

a. Facebook

We use a plugin from Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on our website. You can recognize this by the Facebook logo or the “Like-Button” (“Gefällt mir”). You can find an overview of Facebook plugins here: https://developers.facebook.com/docs/plugins/?locale=de_DE.

If you access a page on our website, in the event that you actively click the Facebook button, a direct connection is established between your browser and the Facebook server, and a cookie is set. According to Facebook, the collected data is also transferred to the USA and other third countries. Please note that the protection of personal data in the USA does not meet the data protection level required by the EU. In particular, there are no enforceable rights that secure the protection of your data against access by government authorities. There is therefore a risk that these government authorities may access the personal data without the data transmitter or recipient being able to effectively prevent this. If you do not want Facebook to associate your visit to this website with your Facebook user account, please log out of your Facebook user account.

The processing of the data is carried out under joint responsibility of Facebook and us in accordance with Art 26 GDPR. The primary responsibility for processing personal data within the scope of the plugins lies with Facebook, and all obligations under the GDPR are fulfilled by Facebook with regard to the processing of personal data (in particular the information obligations pursuant to Articles 12 et seq. GDPR, ensuring data subject rights pursuant to Articles 15 et seq. GDPR, reporting of data breaches pursuant to Articles 33, 34 GDPR).

Facebook’s privacy information can be found at https://www.facebook.com/about/privacy/ Settings for the processing of personal data and opt-outs can be made at the following link: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com

b. X

Our website may incorporate plugins from the short message network X International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND (X). You can recognize the X plugins (tweet button) by the X logo on our site. An overview of tweet buttons can be found here (https://about.x.com/resources/buttons). The legal basis for the use of X is your consent in accordance with Art. 6 para. 1 S. 1 lit. a) and Art. 49 para. 1 S. 1 lit. a GDPR.

When you access a page on our website, if you actively click the X button, a direct connection is established between your browser and the X server, and a cookie is set. X thereby receives the information that you have visited our site with your IP address. If you click the X “tweet button” while logged into your X account, you can link the contents of our pages to your X profile. This allows X to associate the visit to our pages with your user account. We point out that we, as the provider of the pages, do not receive knowledge of the content of the transmitted data or its use by X.

The data collected by X is also transferred to the USA. Due to the adequacy decision for the EU-U.S. Data Privacy Framework adopted by the European Commission on July 10, 2023, transfers of personal data to certain organizations in the USA can now be made on this basis. Nevertheless, an adequate level of data protection cannot be assumed for all transfers to organizations in the USA. Data exporters from the EU must first check in advance that the organization to which the data is being transferred is certified under the EU-U.S. Data Privacy Framework.

The processing of the data is carried out under joint responsibility of X and us in accordance with Art 26 GDPR. The primary responsibility for processing personal data within the scope of the plugins lies with X, and all obligations under the GDPR are fulfilled by X with regard to the processing of personal data (in particular the information obligations pursuant to Articles 12 et seq. GDPR, ensuring data subject rights pursuant to Articles 15 et seq. GDPR, reporting of data breaches pursuant to Articles 33, 34 GDPR).

If you do not wish X to be able to associate the visit to our pages, please log out of your X user account.

For more information, please refer to X’s privacy policy at https://x.com/privacy

c. Instagram

Our website may also use so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The legal basis for the use of Instagram is your consent in accordance with Art. 6 para. 1 S. 1 lit. a) and Art. 49 para. 1 S. 1 lit. a GDPR.

The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”.

When you access a page of our website, if you actively click the Instagram button, your browser establishes a direct connection to Instagram’s servers. The content of the plugin is transmitted directly from Instagram to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram.

This information, including your IP address, is transmitted directly by your browser to an Instagram server in the USA and stored there. If you are logged into Instagram, Instagram can immediately associate your visit to our website with your Instagram account. If you interact with the plugins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there.

The collected data is also transferred to the USA. Please note that the protection of personal data in the USA does not meet the level of data protection required by the EU. In particular, there are no enforceable rights that secure the protection of your data against access by state authorities. There is therefore a risk that these state authorities may be able to access the personal data without the data transmitter or recipient being able to effectively prevent this.

The processing of the data is carried out under joint responsibility of Instagram and us in accordance with Art. 26 GDPR. The primary responsibility for processing personal data within the scope of the plugins lies with Instagram, and all obligations from the GDPR are fulfilled by Instagram with regard to the processing of personal data (in particular the information obligations according to Articles 12 et seq. GDPR, ensuring data subject rights according to Articles 15 et seq. GDPR, reporting of data breaches according to Articles 33, 34 GDPR).

The information is also published on your Instagram account and displayed to your contacts there.

If you do not want Instagram to associate the data collected via our website directly with your Instagram account, you must log out of Instagram before visiting our website.

For more information, please refer to Instagram’s privacy policy at https://help.instagram.com/155833707900388.

d. Pinterest

Our website may also use social plugins (“Plugins”) from Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). The legal basis for the use of Pinterest is your consent in accordance with Art. 6 para. 1 s. 1 lit. a) and Art. 49 para. 1 s. 1 lit. a GDPR.

If you access a page on our website that contains such a plugin, a direct connection is established between your browser and the Pinterest server, and a cookie is set, if you actively click the Pinterest button. Pinterest thereby receives the information that you have visited our site with your IP address.

If you click the X “tweet button” while logged into your X account, you can link the content of our pages to your X profile. This allows X to associate the visit to our pages with your user account. We point out that as the provider of the pages, we do not receive any knowledge of the content of the transmitted data or its use by X.

The processing of the data is carried out under joint responsibility of Pinterest and us in accordance with Art. 26 GDPR. The primary responsibility for processing personal data within the scope of the plugins lies with X, and all obligations from the GDPR are fulfilled by X with regard to the processing of personal data (in particular the information obligations according to Articles 12 et seq. GDPR, ensuring data subject rights according to Articles 15 et seq. GDPR, reporting of data breaches according to Articles 33, 34 GDPR).

If you do not wish X to be able to associate the visit to our pages, please log out of your X user account.

For more information, please refer to X’s privacy policy at https://x.com/privacy

VIII. Our Social Media Presences

You can find us with presences within social networks and platforms so that we can communicate with you there and inform you about our services. We point out that your data may be processed outside the European Union and that the data is usually processed for market research and advertising purposes. User profiles can be created from the usage behavior and resulting interests of the users. These usage profiles can in turn be used to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For this purpose, cookies may be stored on the users’ computers, in which the usage behavior and interests of the users are stored. Other data may also be stored in these usage profiles, especially if the users are members of the respective platforms and are logged in to them.

The processing of users’ personal data is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR and in joint responsibility between the platform providers and us according to Art. 26 GDPR. It has been agreed with them that the primary responsibility according to GDPR for the processing of personal data lies with the platform providers and all obligations from the GDPR regarding the processing of personal data are fulfilled by the respective platform providers (in particular the information obligations according to Article 12 ff. GDPR, ensuring data subject rights according to Article 15 ff. GDPR, reporting of data breaches according to Article 33, 34 GDPR).

For information about the respective processing and the respective objection options, we refer to the privacy information of the providers linked below:

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), Facebook pages based on an agreement on joint processing of personal data – Privacy information: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com,

Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy information/ Opt-Out: http://instagram.com/about/legal/privacy/.

Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND) – Privacy information: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization,

Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy information/ Opt-Out: https://about.pinterest.com/de/privacy-policy.

In case of asserting data subject rights, we recommend that these are asserted with the providers, as the providers have direct access to the data. However, if you would like our support, you can contact us using the contact details provided above.

IX. Rights of the Data Subject

We would like to inform you about your rights under the GDPR as a “data subject”. Accordingly, you have the following rights regarding your personal data:

Right to information (Art. 15 para. 1, 2 GDPR)
Right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR)
Right to restriction of processing (“blocking”, Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object to processing (Art. 21 GDPR)
Right to withdraw consent (Art. 7 para. 3 GDPR)
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Additionally, we summarize key points of the data subject rights under the GDPR for you as follows, although this presentation does not claim to be exhaustive, but merely addresses the basic features of the data subject rights under the GDPR:

1. Right to information

You can request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request the following information from the controller:

the purposes for which the personal data is being processed;
the categories of personal data being processed;
the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
the planned duration of storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage duration;
the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
the existence of a right to lodge a complaint with a supervisory authority;
all available information on the source of the data if the personal data is not collected from the data subject;

2. Right to rectification

According to Art. 16 GDPR, you have the right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is inaccurate or incomplete.

3. Right to erasure

Under the conditions of Art. 17 GDPR, you can request from the controller that the personal data concerning you be erased immediately, and the controller is obliged to erase this data immediately if one of the following reasons applies:

The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
You withdraw your consent on which the processing was based according to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
The personal data concerning you have been unlawfully processed.
The deletion of personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
The personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

4. Restriction of processing (“Blocking”)

Under the conditions of Art. 18 GDPR, you can request the restriction of processing of personal data concerning you:

If the processing of personal data concerning you has been restricted, these data may – with the exception of their storage – only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

5. Right to data portability

You have the right according to Art. 20 GDPR to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where

the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR and
the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.

The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

6. Right to object

You have the right, under the conditions of Art. 21 GDPR, to object at any time, on grounds relating to your particular situation, to processing of personal data concerning you which is based on Art. 6(1)(e) GDPR; this also applies to profiling based on these provisions.

The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

You have the possibility, in the context of the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by automated means using technical specifications Right to withdraw data protection consent declaration.

7. Right to withdraw consent

You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

8. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.9. SSL or TLS encryption

To protect your transmitted data, such as orders or inquiries that you send to us as the site operator, we use SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.