Privacy Policy

Data protection

Privacy policy

With this data protection declaration we would like to inform you about the type, scope and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data are all data that have a personal reference to you, e.g. name, address, e-mail address or your user behaviour. The data protection declaration applies to all data processing operations carried out by us, both within the scope of our core activity and for the online media we maintain.

Who is responsible for data processing in our company

Responsible for data processing:

Kaiser Friedrich Pharma GmbH

Armin Amin Khan
Eberstädter Marktstraße 18
D-64297 Darmstadt-Eberstadt

Germany

Managing Director: Armin Amin Khan
Darmstadt District Court, HRB 105920 | Company headquarters: Darmstadt | VAT ID number DE 262948520
Data protection declaration: https://www.kfp-shop.de/datenschutz

06172850900

service@kfp-pharma.de

https://www.kfp-shop.de/impressum

Contact details of our data protection officer

You can contact our data protection officer by e-mail at datenschutz@kfp-pharma.de or at our postal address with the addition "to the data protection officer".

Processing of your data within the scope of the core activity of our company

If you are our customer or business partner or are interested in our services, the type, scope and purpose of processing your data is based on the contractual or pre-contractual relationship existing between us. In this sense, the data processed by us includes all those data which are or were provided by you for the purpose of using the contractual or pre-contractual services and which are required to process your enquiry or the contract concluded between us. Unless otherwise stated in the further notes of this data protection declaration, the processing of your data and it’s transfer to third parties is limited to the data required to answer your inquiries and/or to fulfill the contract concluded between you and us, to protect our rights and are necessary and appropriate for the fulfillment of legal obligations. We will inform you about which data is required for this purpose before or during the data collection process. If we use third party providers to provide our services, the data protection information of the respective third party providers applies.

Data concerned:

Inventory data (e.g. names, addresses)

Payment data (e.g. bank details, invoices)

Contact details (e.g. e-mail address, telephone number, postal address)

Contract data (e.g. subject matter of the contract, contract period)

Persons concerned: Interested parties, business and contractual partners

Processing purpose: processing of contractual services, communication and answering contact requests, office and organisational procedures

Legal basis: Fulfilment of contract and pre-contractual enquiries, Article 6(1)(b) GDPR, legal obligation, Article 6(1)(c) GDPR, legitimate interest, Article 6(1)(f) GDPR

Your rights under the GDPR

According to the GDPR, you are entitled to the rights listed below, which you can assert at any time with the person responsible named in section 1 of this data protection declaration:

Right of information: You have the right to demand information from us as to whether and which data we process form you.

Right of rectification: You have the right to ask for the rectification of incorrect data or the completion of incomplete data.

Right of deletion: You have the right to ask for your data to be deleted.

Right of limitation: You have the right to request in certain cases that we limit the processing of your data.

Right of data transfer: You have the right to request that we transfer your data to you or to another responsible party in a structured, common and machine-readable format.

Right of complaint: You have the right to complain to a supervisory authority. The supervisory authority of your usual place of residence, your place of work or our registered office is responsible.

Right of withdrawal

You have the right to revoke your consent to data processing at any time.

Right of objection

You have the right to object at any time to the processing of your data, which we based on our legitimate interest pursuant to Art. 6 Paragraph 1 letter f GDPR. If you exercise your right of objection, we would ask you to explain the reasons. We will then no longer process your personal data, unless we can prove to you that there are compelling legitimate reasons for data processing that outweigh your interests and rights.

Irrespective of the above, you have the right at any time to object to the processing of your personal data for purposes of advertising and data analysis.

Please send your objection to the contact address of the person responsible stated above.
When do we delete your data?

We delete your data when we no longer need it or when you tell us to do so. This means that - unless otherwise stated in the individual data protection notices in this privacy policy - we delete your data,

if the purpose of the data processing has ceased to exist and thus the respective legal basis mentioned in the individual data protection notices no longer exists, i.e. if, for example, the data processing is no longer necessary for the purpose of the data processing.

after termination of the contractual or membership relationships existing between us (Art. 6 para. 1 letter a GDPR) or

after the loss of our legitimate interest in the further processing or storage of your data (Art. 6 para. 1 lit. f GDPR)

if you make use of your right of revocation and no other legal basis for processing within the meaning of Art. 6 Para. 1 letters b-f GDPR intervenes,

if you make use of your right of objection and there are no compelling legitimate reasons preventing the deletion.

However, if we have to keep your data (or certain parts of your data) for other purposes, for example because of tax retention periods (usually 6 years for business correspondence or 10 years for accounting documents) or the assertion, exercise or defense of legal claims arising from contractual relationships (up to four years) make this necessary or the data is used to protect the rights of another natural or legal person, we will only delete (that part of) your data after thesedeadlines have expired. Until the expiry of these periods, however, we will limit the processing of this data to these purposes (fulfilment of the storage obligations).

Cloud services

We use cloud services in particular

for storing and processing documents,

to send documents by e-mail or to exchange files of any kind,

for our calendar-based appointment management,

to prepare and execute presentations and spreadsheets,

to publish files of any kind,

for internal and external communication via chats, audio and video conferences.

The software applications that we use for these purposes are made available to us by the provider(s) listed below on their servers. We access these servers via the Internet. If you provide us with your data in the course of communication with us or in other processes explained by us in this data protection declaration, we will process this data in the cloud service we use. This means that your data is stored on the servers of the third party cloud service provider. The third party providers process usage and metadata to secure their servers and to optimise their services. In particular, we process and store your contact, customer and contract data.

If we make files of any kind publicly available via our website using the cloud service we use, the respective third party provider of the cloud service may store cookies on your computer system, provided you access these files. The service provider may process the data collected in this way to analyse your usage behaviour or browser settings.

We would like to point out that, depending on the country in which the service provider named below is based, the data collected via his platform may be transmitted to and processed on servers outside the area of the European Union. In this case there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will not be possible or will be difficult. If the service provider we use offers the processing of the data exclusively within the EU, we intend - if not already implemented at the moment - to process your data exclusively there.

Data concerned:

inventory data (e.g. names, addresses),

Contact details (e.g. e-mail addresses, telephone and mobile numbers)

Content data (e.g. photos, videos, texts),

Usage data (e.g. times of access, websites visited, interest in content),

Metadata (e.g. IP address, computer system information)

Persons concerned: Interested parties, communication partners, customers, employees (e.g. applicants, current and former employees)

Processing purpose: organisation of office and administrative tasks

Legal basis: Consent, Article 6(1)(a) GDPR, performance of contract and pre-contractual enquiries, Article 6(1)(b) GDPR, legitimate interest, Article 6(1)(f) GDPR

Cloud service providers used:

Microsoft Cloud Services

Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA

Website: https://www.microsoft.com/de-de/microsoft-365/onedrive/online-cloud-storage

Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters which are stored on the terminal device you are using. Cookies are primarily used to exchange information between the terminal device you are using and our website. This includes, for example, the language settings on a website, the login status or the location where a video was viewed.

Two types of cookies are used when you visit our website:

Temporary cookies (session cookies): These store a so-called session ID, which can be used to assign various requests from your browser to the shared session. The session cookies are deleted when you log out or close your browser.

Permanent cookies: Permanent cookies remain stored even after you close your browser. This enables our website to recognise your computer when you return to our website. Information on language settings or log-in information, for example, is stored in these cookies. In addition, these cookies can be used to document and save your surfing behaviour. This data can be used for statistical, marketing and personalisation purposes.

In addition to the above classification, cookies can also be differentiated according to their purpose:

Necessary cookies: These are cookies that are absolutely necessary for the operation of our website, to save logins or shopping carts for the duration of your session or cookies that are set for security reasons.

Statistical, marketing and personalisation cookies: These are cookies that are used for analysis purposes or to measure reach. Such "tracking" cookies may be used to store information on search terms entered or the frequency of page views. In addition, the surfing behaviour of an individual user (e.g. viewing certain content, using functions etc.) can also be stored in a user profile. Such profiles are used to display content to users that corresponds to their potential interests. Insofar as we use services via which cookies are stored on your terminal device for statistical, marketing and personalisation purposes, we will inform you separately in the following sections of our data protection declaration or in the context of obtaining your consent.

Data concerned:

Usage data (e.g. access times, websites clicked

Communication data (e.g., information about the machine in use, IP address).
Persons concerned: Users of our online services

Purpose of processing: Displaying our website, ensuring the operation of our website, improving our Internet offer, communication and marketing

Legal basis:

Legitimate interest, Art. 6 para. 1 lit. f GDPR

If we do not obtain your consent to the use of cookies, we will base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website, in particular the contents and functions. You have to use the security settings of your browser to object to the use of cookies set by us within the scope of our legitimate interest. There you have the possibility to specify whether you do not accept cookies from the outset or only accept cookies on request or whether you specify that cookies are deleted each time you close your browser. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to their full extent.

Consent, Art. 6 para. 1 lit. a GDPR

If we ask you before your visit to our website to be allowed to set certain cookies on your end device and you agree to this, the legal basis is to be seen in the consent you have given. As part of the consent, we will inform you which cookies we set in detail. If you do not give your consent, only the so-called technically necessary cookies will be set, which are necessary for the proper operation of our website and it’s display in your browser. If you have consented to the setting of cookies, you have the possibility to revoke your consent at any time.

Web hosting

For the maintenance of our website we use a provider on whose server our website is stored and made available for retrieval on the Internet (hosting). The provider can process all of the data transmitted via the browser you are that is generated when you use our website. This includes in particular your IP address, which the provider requires in order to be able to deliver our online offer to the browser you are using, as well as all the entries you have made via our website. In addition, the provider used by us can collect the following:

the date and time of access to our website

Time zone difference to Greenwich Mean Time (GMT)

Access status (HTTP status)

the amount of data transmitted

the Internet service provider of the accessing system

the type of browser you use and its version

the operating system you use

the website from which you may have accessed our website

the pages or sub-pages that you visit on our website.

The aforementioned data is stored as log files on the servers of our provider. This is necessary to ensure the stability and security of the operation of our website.

E-mail transmission: In addition to hosting our website, we have also commissioned our provider to send, receive and store our e-mails. For this purpose, our provider processes the e-mail addresses of the recipients and senders as well as other data (meta-communication data such as time, IP address etc.) arising from e-mail communication as well as the content of the respective e-mails. We would like to draw your attention to the fact that e-mails are generally sent unencrypted. We therefore assume no responsibility for the transmission path of the e-mails between the sender and receipt on our server.

Data concerned:

Content data (e.g. posts, photos, videos)

Usage data (e.g. access times, websites clicked)

Communication data (e.g. information about the device used, IP address)

Persons concerned: Users of our website

Purpose of processing: Displaying our website, ensuring the operation of our website

Legal basis: Legitimate interest, Art. 6(1)(f) GDPR

Web host(s) commissioned by us:

domainfactory GmbH

Service provider: domainfactory GmbH

Website: Oskar-Messter-Str. 33 85737 Ismaning Germany

Content Delivery Network

We use a Content Delivery Network (CDN) to display our website. A CDN is a network of regionally distributed servers connected via the Internet. Scaling storage and delivery capacities are made available via the CDN. This optimises the loading times of our website and guarantees an optimal data throughput even during large load peaks. User enquiries on our website are routed via servers of the CDN. Statistics are generated from these data streams. On the one hand, this serves to identify potential threats to our website from malware at an early stage and, on the other hand, to constantly improve our offer and make our website more user-friendly for you as a user.

Data concerned:

Content data (e.g. posts, photos, videos)

Usage data (e.g. access times, websites clicked)

Communication data (e.g. information about the device used, IP address)

Processing purpose: technical optimisation of the internet presence, analysis of errors and user behaviour

Legal basis: Legitimate interest, Art. 6(1)(f) DSGVO

CDN service providers used:

Amazon CloudFront

Service provider: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA

Website: https://aws.amazon.com/de/

Cloudflare

service providers: Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA

Website: https://www.cloudflare.com/

Scope of data collection: https://blog.cloudflare.com/what-cloudflare-logs/

DigitalOcean

service providers: DigitalOcean LLC, 101 Avenue of the Americas, New York, New York 10013, USA

Website: https://www.digitalocean.com

service providers: Instart Logic, Inc, 450 Lambert Avenue, Palo Alto, CA 94306, USA

Website: https://www.instart.com

Limelight

service providers: Limelight Networks, 222 South Mill Avenue, 8th Floor, Tempe, AZ 85281, 222 South Mill Avenue, 8th Floor, Tempe, Arizona 85281, USA

Website: https://de.limelight.com

Stackpath

service providers: StackPath, LLC, 2021 McKinney Avenue, Suite 1100, Dallas, Texas 75201, USA

Website: https://www.stackpath.com

Contact

If you contact us via e-mail, social media, telephone, fax, post, our contact form or in any other way and provide us with personal data such as your name, telephone number or e-mail address or provide further information about yourself or your request, we process this data to answer your request within the framework of the pre-contractual or contractual relationship existing between us.

Data concerned:

Stock data (e.g. names, addresses)

Contact details (e.g. e-mail address, telephone number, postal address)

Content data (texts, photos, videos)

Contract data (e.g. subject matter of the contract, contract period)

Persons concerned: Interested parties, customers, business and contractual partners

Processing purpose: communication and answering of contact requests, office and organisational procedures

Legal basis: Fulfilment of contract and pre-contractual enquiries, Article 6(1)(b) GDPR, legitimate interest, Article 6(1)(f) GDPR

Registration, login and user account

You have the possibility to register on our website to create a user account. For this purpose, it is necessary to enter personal data, which results from the input mask. The data requested there includes in particular your name, your e-mail address, a user name if applicable, and password. This data is stored and processed by us in order to set up a user account for you and to enable you to (repeatedly) log in. The data can be changed or deleted by you at any time. The data will not be passed on to third parties unless this serves technical and organisational processing of the existing usage contract between us. In order to protect you and us from abusive registrations, we store the IP address assigned to you at the time of registration as well as the date and time of registration.

Data concerned:

Stock data (e.g. names, addresses)

Contact details (e.g. e-mail address, telephone number, postal address)

Contract data (e.g. subject matter of the contract, contract period)

Payment data (e.g. bank details, invoices)

Content data (e.g. posts, photos, videos)

Usage data (e.g. access times, websites clicked)

Communication data (e.g. information about the device used, IP address)

Processing purpose: processing of contractual services, communication as well as answering contact requests, security measures.

Legal basis: Fulfilment of contract and pre-contractual enquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 lit. c GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR

Deletion: See the point: "When do we delete your data? In addition, we would like to draw your attention to the fact that we will delete the data collected during registration as well as the content data stored in the account, subject to any conflicting statutory retention obligations, as soon as you delete your account. We therefore ask you, if you want or need to access the content data stored in your account even after your account has been deleted, to save it otherwise before deleting the account.

Your comments or ratings

You have the opportunity to comment on our contributions, to express your opinion or to upload content in the designated areas of our website. As we may under certain circumstances be held liable ourselves for any infringing content of your comment (insults, defamatory criticism, sedition, prohibited violence etc.), we will store your IP address for a period of 7 days in order to be able to determine your identity if necessary.

Legal basis: Art. 6 para. 1 lit. f GDPR

Data concerned:

Stock data (e.g. names, addresses)

Content data (e.g. posts, photos, videos)

Usage data (e.g. access times, websites clicked on)

Communication data (e.g. information about the device used, IP address)

Purpose of processing: performance of contractual obligations, communication and processing of enquiries, obtaining feedback, security measures.

Processing of your data when ordering in our online shop

If you place orders via our online shop, we will process the information you provided during the ordering process in order to be able to process your order. This includes, in particular, your name, address and electronic contact data, information on the payment process and the details of your specific order. We will inform you which data we require in detail during the ordering process.

If it is necessary to fulfil the contract concluded between us, to protect your vital interests or because of legal regulations, we will transfer your data to third parties, such as the logistics company commissioned with the delivery, to payment service providers for the purpose of payment processing and to our tax advisor, while respecting your rights. Insofar as we use third party providers to provide our services, the data protection information of the respective third party providers applies.

User accounts: You can voluntarily create a user account in which you can view and manage your orders. If you cancel your account, your data will be deleted. It is your responsibility to save your data before cancelling. We use transient cookies (for the term see above under cookies) to store the contents of the shopping cart and persistent cookies (for the term see above under cookies) to store the login status. When you place an order, register for a user account or log in again, we store your IP address and the time of the respective user action. The purpose of this storage is to protect our interests and your legitimate interests in protection against misuse and other unauthorised use.

Advertising measures: We may also use the data you have provided to inform you by post or e-mail about similar interesting products and/or services after you have placed an order.

Details of the shop system used by us

We use the blow-mentioned shop system from a third party provider “Shopware”, through which we process orders and incoming payments and administer our inventory. If you place an order in our online shop, we will pass on your name as well as your address and electronic contact data, information on processing of the payment process and the specific order to the provider of the shop system in order to process the order and payment processes.

Data concerned:

Stock data (e.g. names, addresses)

Payment data (e.g. bank details, invoices)

Contact details (e.g. e-mail address, telephone number, postal address)

Contract data (e.g. subject matter of the contract, contract period)

Usage data (e.g. access times, websites clicked)

Communication data (e.g. information about the device used, IP address)

Persons concerned: Customers, interested parties, business and contractual partners

Processing purpose: processing of orders, communication and, if applicable, marketing as well as answering enquiries, data security, office and organisational procedures

Legal basis: Fulfilment of contract and pre-contractual enquiries, Art. 6(1)(b) GDPR, legal obligation, Art. 6(1)(c) GDPR, legitimate interest, Art. 6(1)(f) GDPR

Payment service provider

In accordance with our legal obligations or because of our legitimate interests in efficient, secure and customer-oriented payment processing, persons who have concluded a contract or other legal relationship with us may use banks and credit institutions as well as other payment service providers for payment. The payment service providers offered by us process inventory data in this context, including name, address or also bank data such as account/credit card number, passwords, TANs, check numbers as well as information on the concluded contract and information on the recipient of the payment.

The data collected in this context is required so that the payment service provider can process payments. Only the payment service provider commissioned by us collects and processes this personal information. At no point do we receive any information about your bank account or credit card details. We are informed by our payment service provider whether the payment of our customers has been received or not. It is possible that our payment service providers may forward our customers' data to credit reference files in order to check the identity and creditworthiness of the payer. In this respect, we refer to the data protection declaration and general terms and conditionsof our payment service providers.

The general terms and conditions and data protection regulations of the respective payment service provider apply. You will find this information on the website of the service provider concerned or in the transaction application. For further information and for the assertion of your rights regarding revocation and information, we refer to the provisions of the respective service provider.

Data concerned:

Stock data (e.g. name, address),

User data (e.g. websites visited, interest in certain topics, times of access),

Payment data (e.g. bank details, invoices, payment history),

Data on business transactions (e.g. duration, customer category, subject matter of the contract),

Communication and metadata (e.g. IP address, information about the device or computer system)

Purpose of processing: Effective, secure and customer-oriented payment offers (service) and processing of payments according to contractual agreement

Legal basis: Fulfilment of contract and pre-contractual enquiries, Article 6(1)(b) GDPR, legitimate interests, Article 6(1)(f) GDPR

Possibilities of withdrawal: You can revoke your consent to the use of your personal data at any time by contacting the respective payment service provider. Despite the revocation, the payment service provider may still be entitled to process, use and transmit the personal data that is absolutely necessary for contractual payment processing. With regard to the storage and timely deletion of personal data, we refer to the respective data protection provisions of the payment service provider.

We use the following payment service providers:

Amazon Pay

Service provider: Amazon Payments Europe S.C.A., 38 avenue J.F. Kennedy, L-1855, Luxembourg

Website: https://pay.amazon.de/

Apple Pay

Service provider: Apple Inc, Infinite Loop, Cupertino, CA 95014, USA

Website: https://www.apple.com/de/apple-pay/

Instant bank transfer

Service provider: SOFORT GmbH, Theresienhöhe 12, 80339 Munich

Website: https://www.sofort.de/index.html

Giropay

Service provider: giropay GmbH, An der Welle 4, 60322 Frankfurt am Main

Website: https://www.giropay.de/

iDeal

Service provider: Currence Holding B.V., Gustav Mahlerplein 33-35, 1082 MS Amsterdam, The Netherlands

Website: https://www.ideal.nl/en/

Mastercard

Service provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium

Website: https://www.mastercard.de/de-de.html

PayPal

Service provider: PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg

Website: https://www.paypal.com/de/webapps/mpp/home

Skrill

Service provider: Skrill Limited, 25 Canada Square, London E14 5LQ, United Kingdom

Website: https://www.skrill.com/de/

Stripe

Service provider: Stripe Inc, 510 Townsend Street, San Francisco, CA 94103, USA

Website: https://stripe.com/de

Visa

Service provider: Visa Europe Management Services Ltd, German Branch, Neue Mainzer Strasse 66-68, 60311 Frankfurt am Main

Website: https://www.visa.de/

Evaluation seal

In order to give you a first impression of the quality of our offers and services, we use the evaluation seal (also called evaluation widget) integrated on our website to display a selection of reviews from our customers and the overall rating formed from all reviewsIf you click on the widget, you will be redirected to the website of the respective provider. There you can call up all the reviews of our offer. You also have the possibility to rate us there.

The provider’s seal integrated on our website is displayed via an interface from the server of the respective provider. For this purpose, a data connection to the provider's server is established when you visit our website. This provides the provider with certain data that is required to play the content of the widget on your browser. This includes the IP address assigned to you and other access data.

Data concerned:

Usage data (e.g. access times, websites clicked)

Communication data (e.g., information about the device in use, IP address).

Persons concerned: Customers, users of our website

Processing purpose: Obtaining customer feedback, as well as marketing based on interests and behaviour

Legal basis: Consent, Article 6(1)(a) GDPR, legitimate interest, Article 6(1)(f) GDPR

We use the following evaluation seals:

Online advertising

We use services to display internet advertising. Through the services we use, certain user data is collected through a cookie or pixel. This includes, in particular, information from which website you accessed our website (so-called referrer), which pages of our website you accessed, how long you visited our pages and which interactions you made there. In addition, data is collected on the browser, computer system and type of deviceyou use. In addition, demographic information such as age or gender can also be collected as pseudonymous values via such a service. Provided that you have consented to the collection of your location data, depending on the provider, this data may also be processed. In order to collect and store this data, the respective service places a cookie or a so-called counting pixel on the terminal device you use, which is also used to collect the IP address assigned to you. However, this is shortened by a so-called IP masking procedure, so that the IP address can no longer be assigned to your visit to our website. As a matter of principle, no clear data such as names or e-mail addresses are stored when using the respective service. This is only the case if you are a member of a social network that offers one of the services listed below and merges your profile with the aforementioned data material.

The data is evaluated by the service we use to produce a report with statistical statements about the number of visitors generated by the advertising and the success of the advertising campaign. Among other things, the reports will show the total number of users who were forwarded to our website via our advertisements. In addition, the reports contain information on the end devices and browsers of the users, where the users were located, at which times the advertisement was clicked. However, the reports do not contain any information that could personally identify you as a user of our site.

Data concerned:

Usage data (e.g. access times, websites clicked)

Communication data (e.g. information about the device used, IP address)

Persons concerned: Users of our online offers
Purpose of processing: Measuring reach, monitoring the success of campaigns, remarketing as well as interest- and behaviour-based marketing

Legal basis: If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. aGDPR. Furthermore, we use the respective service on the basis of our legitimate interest in directing streams of visitors to our website, analyzing these streams of visitors in order to be able to continuously improve the functions, offers and user experience, Art. 6 para. 1 lit. f GDPR.

We use the following service providers for online advertising:

Bing Ads

Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

Registered office in Germany: Microsoft Deutschland GmbH, Walter-Gropius-Straße 5, 80807 Munich

Website: https://ads.microsoft.com/

Google AdSense

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

European headquarters: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland

Website: https://www.google.com/intl/de_de/adsense/start/

Google Ads

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

European headquarters: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland

Website: https://ads.google.com/home/

We send out a newsletter at regular intervals to inform our customers, business partners and interested parties about our offers and related news. You have the possibility to register for our newsletter on our website and to agree to receive the newsletter when registering. When you register for our newsletter, it is obligatory to provide your e-mail address. We store the e-mail address in order to be able to send you the newsletter. The provision of further data such as title or name is voluntary and is used to address you personally. As soon as you register for our newsletter, you will receive a confirmation e-mail to the e-mail address you entered when registering, using the so-called double opt-in procedure. This e-mail contains a link. If you click on this link, you confirm that you wish to receive the newsletter. In this way we ensure that your e-mail address has not been misused by a third party during registration. For the same reason, we save the date and time of registration and the IP address assigned to you when you registered. We do not pass on the aforementioned data to third parties.

Evaluation of user behaviour

If you have agreed to this, we will evaluate your user behaviour when sending the newsletter. For this purpose, our newsletter contains tracking pixels and tracking links. This enables us to recognise whether and when you have opened the newsletter and whether and which links you have clicked on in the newsletter. Purpose: We evaluate the newsletter as described above to be able to measure a statistical evaluation of the success or failure of our newsletter. Legal basis: The legal basis for the processing of your data is Art. 6 para. 1 lit. a GDPR. Prevention: You can revoke your consent to receive the newsletter at any time by using the above-mentioned options. Deletion: We will delete your data after revocation.

Data concerned:

Content data (e.g. posts, photos, videos)

Usage data (e.g. access times, websites clicked)

Communication data (e.g. information about the device used, IP address)

Persons concerned: Users of our website

Purpose of processing: Displaying our website, ensuring the operation of our website

Legal basis: Consent, Article 6(1)(a) GDPR, legitimate interest, Article 6(1)(f) DSGVO GDPR

Deletion: The e-mail address is deleted either if you have not clicked on the confirmation link in the double opt-in procedure 1 month after sending the confirmation e-mail or immediately after you have unsubscribed from our newsletter.

Revocation: You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. We offer the following options through which you can revoke your consent:

Click on the link provided in the newsletter

through the contact data provided in the imprint of our website

Sendinblue GmbH

Service provider: Köpenicker Str. 126, 10179 Berlin, Germany

Website: https://www.newsletter2go.de

Advertising by e-mail, post or telephone

We process personal data for our promotional communication by e-mail, post or telephone. You can object to the receipt of our advertising measures at any time or revoke your previously given consent to receive our promotional communication at any time. In order to be able to prove in case of doubt that your consent has been given even after your objection or revocation, we may store your data for up to 4 years after your objection/revocation. We will not use your data for any further purposes after your objection/revocation. If you want us to delete your data beforehand, we will do so after you have confirmed to us that you have originally given your consent.

Data concerned:

Contact details (e.g. e-mail, telephone number, postal address)

inventory data (e.g. names, addresses)

Persons concerned: Communication partners

Purpose of processing: Direct advertising (marketing) by e-mail, post or telephone

Legal basis: Consent, Article 6(1)(a) GDPR, legitimate interest, Article 6(1)(f) GDPR

Affiliate programmes and affiliate links

We use affiliate links and/or other types of affiliate references on our website, for example in the form of search masks, widgets or discount codes. These links and references lead you to offers and services from third-party providers. If you click on one of these links or make use of one of these offers, we will receive a commission or other advantage from the respective third party provider.

In order for us to be able to receive our commission, the relevant third party providers must be informed that you have used an affiliate link on our website. To do this, the affiliate links used must be traced and assigned to the respective business transactions or other actions taken, such as purchases. This process is necessary to settle our commission with the third party provider. The data collected by us during this process will be stored until the final billing.

In order to ensure an allocation between affiliate link, business transaction and you as user, the affiliate links used by us can be supplemented by certain details. This information can be stored in the link itself or in a cookie. This information may include the original Internet page (referrer), the online identification code of our Internet presence, an online identification code of the respective offer, the type of affiliate link used, the type of offer, an online identification code of the respective user and the time of use of the link.

Data concerned:

Usage data (e.g. previously visited websites, usage times, interest in content)

Data on business transactions (e.g. duration, customer category, subject matter of the contract)

Communication and metadata (e.g. IP address, information about the device or computer system)

Purpose of processing: Recording which affiliate links, integrated in our website, were used by our visitors

Legal basis: Consent, Article 6(1)(a) GDPR, performance of contract and pre-contractual enquiries, Article 6(1)(b) DSGVO, legitimate interest, Article 6(1)(f) GDPR

Possibilities of withdrawal: It is possible to deactivate interest-based advertising by setting this at the following link http://www.aboutads.info/choices. You can also prevent the storage of cookies by setting your browser to prevent this. Cookies that have already been set can be deleted by you at any time.

We use the following affiliate service providers:

Amazon affiliate programme

Service provider: Amazon Europe Core S.à.r.l., Amazon EU S.á.r.l., and Amazon Media EU S.á.r.l., 38, avenue John. F. Kennedy, L-1855, Luxembourg and Amazon Instant Video Germany GmbH, Domagkstr. 28, 80807 Munich

Website: https://partnernet.amazon.de/

Web analysis and statistics

We use web analysis services to record and statistically evaluate the streams of visitors to our website. Such services collect, among other things, data aboutthe website from which you accessed our website (so-called referrers), which pages of our website you accessed, how long you visited our pages and which interactions you made there. In addition, data is collected on the browser, computer system and type of device you use. In addition, demographic information such as age or gender can also be collected as pseudonymous values via such a service. Provided that you have consented to the collection of your location data, depending on the provider, this data may also be processed.

In order to collect and store this data, the web analysis service we use places a cookie on the terminal device you use, which is also used to collect the IP address assigned to you. However, this is shortened by a so-called IP masking procedure, so that the IP address can no longer be assigned to your visit to our website. No other clear data such as names or e-mail addresses are stored either. Neither we nor the service we use know the identity of visitors to our website.

Usage data (e.g. access times, websites clicked)

Communication data (e.g., information about the device in use, IP address).

Persons concerned: Users of our online offers

Purpose of processing: Measuring reach, monitoring the success of campaigns, remarketing as well as interest- and behaviour-based marketing

Legal basis: If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. a GDPR. Furthermore, we use the respective service on the basis of our legitimate interest in analying the flow of visitors to our website in order to be able to continuously improve the functions, offers and user experience, Art. 6 para. 1 lit. f GDPR.

We use the following web analysis services:

Google Analytics

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Headquarters within the EU: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland

Website: https://marketingplatform.google.com/intl/de/about/analytics/

Opt-out possibility: If you do not want your data to be used by Google Analytics, you can set a so-called opt-out plugin, which will prevent data from being collected from you on our website in future. You can obtain this plugin here: https://tools.google.com/dlpage/gaoptout?hl=de

The third-party plug-ins we use

,. We have embedded plugins in the form of “social media buttons” from the providers we use on our website. Which plugin belongs to which provider can be recognised by the respective logo with which the plugin is marked. If you call up a page of our website on which such a plug-in is implemented, a connection is automatically established with the respective provider of the plug-in between your browser and the provider's servers and the provider places a cookie on your device used.. A data transfer can also take place at this time if you do not have an account with the respective social network provider or if you have an account there but are not logged in at the moment of visiting our website. In addition, data is transmitted to the provider as a result of further interaction with the respective social plugin (e.g. clicking the "Like-Me-Button on Facebook, Re-Tweet-Button on Twitter).

Data concerned:

Usage data (e.g. access times, websites clicked )

Communication data (e.g. information about the device used, IP address)

Persons concerned: Users of our website

Purpose of processing: Displaying our website, offering content, ensuring the operation of our website

Legal basis: Consent via Cookie-Consent-Banner, Art. 6 Abs. 1 lit. a DSGVO, legitimate interests, Art. 6 Abs. 1 lit. f DSGVO

We use the following plugins:

Facebook

Service provider: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA

Headquarters in the EU: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Website: https://www.facebook.com/

Google (Invisible) reCAPTCHA

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Website: https://developers.google.com/recaptcha/docs/invisible

We operate online presences within the social networks listed below. If you visit one of these sites, the data listed below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and user profiles are created. In the user profiles, data can be stored regardless of the device you use. This is particularly the case if you are a member of the respective platform and are logged in to it. The user profiles can be used by the providers to display interest-related advertising to you. You have a right of revocation against the creation of user profiles. To exercise this right, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in when you visit our website, the respective provider may collect data about your usage behaviour on our website. In order to prevent your data from being linked in this way, you can log out of the provider's service before visiting our website.

For which purpose and to what extent data is collected by the provider, you can refer to the respective data protection declarations of the providers, which are provided below.

Data concerned:

Stock and contact data (e.g. name, address, telephone number, e-mail address)

Content data (e.g. posts, photos, videos)

Usage data (e.g. access times, websites clicked)

Communication data (e.g., information about the device used, IP address).

Processing purpose: communication and marketing, tracking and analysis of user behaviour

Legal basis: Consent, Article 6(1)(a) GDPR, legitimate interests Article 6(1)(f) GDPR

Possibilities for appeal: We refer to the information of the providers linked below regarding the respective possibilities of objection (opt-out).

We maintain online presences on the following social networks:

Facebook

Service provider: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA

Based in the EU: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Website: https://www.facebook.com/

Instagram

Service provider: Instagram Inc, 1601 Willow Road, Menlo Park CA 94025, USA

parent company: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA

Headquarters in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Website: https://www.instagram.com/

WhatsApp

Service provider: WhatsApp Inc. 1601 Willow Road Menlo Park, California 94025, USA

Headquarters in the EU: Whatsapp Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

parent company: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA

Website: https://www.whatsapp.com/

Online meetings, video conferences and screen sharing [nbsp] [nbsp]

We use third-party services to enable online meetings, video and/or audio conferencing as well as online seminars among employees and with interested parties or customers. If you communicate with us via such a service, the data collected in this communication process is processed both by us and by the third party provider. The data that may arise in such a communication process includes, in particular, your registration and contact details, contributions in the chat window, your video and audio contributions as well as shared screen content. The data processed by the third party provider used by us primarily includes user data and metadata (e.g. IP address, computer system information). As a rule, the third-party providers process this data in order to check and guarantee the security of the service. In addition, findings from data processing are used to optimise the third-party provider's offer and to carry out appropriate marketing measures. In this regard, please refer to the data protection information of the third party provider.

We would like to point out that, depending on the country in which the service provider listed below is based, the data collected via the service may be transferred and processed outside the territory of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be maintained and that your rights will not be able to be enforced or can only be enforced with difficulty.

Data concerned:

Stock data (e.g. names, addresses)

Contact details (e.g. e-mail address, telephone number)

Shared content (e.g. photos, videos, texts, audio recordings)

User data (e.g. times of access, websites visited, interest in content)

Meta and communication data (e.g. IP address, computer system information)

Persons concerned: Interested parties, customers, communication partners

Processing purpose: processing of contact requests, internal and external communication with employees as well as interested parties and customers, fulfilment of our contractual obligations, service offer

Legal basis: Consent, Article 6(1)(a) DSGVO, performance of contract and pre-contractual enquiries, Article 6(1)(b) DSGVO, legitimate interest, Article 6(1)(f) DSGVO

Services used by us:

Microsoft Teams

Services offered: video conferences, chats, voice conferences

Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

Website: https://www.microsoft.com/de-de/microsoft-365/microsoft-teams/group-chat-software

Skype

Services offered: Instant messaging, video conferences, voice conferences

Service provider: Skype Communications SARL, 23-29 Rives de Clausen, L-2165 Luxembourg, Luxembourg

parent company: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

Website: https://www.skype.com/de/

Content services

We use certain services in order to be able to display certain content or graphics (videos, images, music, fonts, maps) on our website. In doing so, the services we use process the IP address assigned to you at the time of your visit to our website, as this is the only way to display the respective content in the browser you are using. In addition, the providers of these services may place further cookies on your end device, which are used to collect information about your usage behaviour, your interests, the device and browser you use and the time and duration of your session. The providers regularly use this data for analysis, statistics and marketing purposes. In addition, this information may also be combined with information from other sources. This applies in particular if you yourself maintain an account with the service provider and are logged in at the time of the session.

We would like to point out that depending on the country of residence of the service provider named below, the data specified below may be transferred and processed on servers outside the area of the European Union. In this case there is a risk that the level of data protection prescribed by the DSGVO may not be observed and that the enforcement of your rights may not be possible or may be made more difficult.

Data concerned:

Usage data (e.g. access times, websites clicked on)

Communication data (e.g. information on the device used, IP address)

Persons concerned: Users of our Internet presence

Purpose of processing: Playing our Internet pages, offering contents, guaranteeing the operation of our Internet pages

Legal basis: Consent via Cookie-Consent-Banner, Art. 6 Abs. 1 lit. a DSGVO, legitimate interests, Art. 6 Abs. 1 lit. f DSGVO

We use the following content services:

Getty Images

Service provider: Getty Images, Inc, 605 5th Avenue South, Suite 400, Seattle, Washington 98104, USA

Headquarters in the EU: Getty Images Deutschland GmbH, Auenstr. 5, 80469 Munich

Website: https://www.gettyimages.de/

Google Maps

We use Google Maps on our website. Google collects and processes the IP address of the visitor. When you visit a website on which Google Maps is integrated, your IP address and your location data (the latter usually not without your consent) are transmitted to Google, regardless of whether Google Maps is actually used or you are logged into your Google account. Your IP address will be assigned to your Google Account if you are logged in when you visit our website.

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Headquarters in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Website: https://www.google.de/maps

Opt-out possibility: https://tools.google.com/dlpage/gaoptout?hl=de

YouTube

We use components from YouTube on this website to integrate videos on our website so that they can be played via your internet browser when you visit our website. During your visit to our website, both YouTube and Google are informed about which page or subpage you have accessed by transmitting your IP address to Google's external servers in the USA. This information is transmitted regardless of whether the videos displayed are actually being viewed or clicked or whether you are logged in to your YouTube or Google account. This information is collected and assigned to your Google account, provided that you are logged in when you access our website.

service provider: YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA

Website: https://www.youtube.com/

Opt-out possibility: https://tools.google.com/dlpage/gaoptout?hl=de

Security measures

We also take state-of-the-art technical and organisational security measures in order to comply with the provisions of the data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties.

Up-to-dateness and amendment of this data protection declaration

This data protection declaration is currently valid and dated October 2020. Due to changed legal or official requirements, it may become necessary to adapt this data protection declaration.

This data protection declaration was created using the data protection generator of SOS Recht. SOS Recht is an offer from Mueller.legal Rechtsanwälte Partnerschaft, based in Berlin.

How may we help you?

Privacy Policy

Data protection

Privacy policy

Contact details of our data protection officer

Processing of your data within the scope of the core activity of our company

Right of withdrawal

Right of objection

Cloud services

Cloud service providers used:

Microsoft Cloud Services

Web host(s) commissioned by us:

domainfactory GmbH

Content Delivery Network

CDN service providers used:

Amazon CloudFront

Cloudflare

DigitalOcean

Never miss any of our regular offers with our VIP-Newsletter!