Data protection - Le langage des fleurs: Your data safe

Privacy Policy

1. Information on the Collection of Personal Data and Contact Details of the Data Controller

1.1

Thank you for visiting our website.

In the following, we would like to inform you about how we process your personal data when you use our website. Personal data generally means any information that can be used to identify you personally.

1.2

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Le langage des fleurs
Franziskanerstraße 2
81669 Munich
Germany

Phone: +49 89 23239779
Email: office@le-langage-des-fleurs.de

1.3

To protect your data during transmission, we use state-of-the-art encryption technologies via HTTPS (e.g. SSL or TLS).


2. Data Collection When Visiting Our Website

Each time our website is accessed, our system automatically collects data and information transmitted by your browser to our server (so-called server log files).

The following technically necessary data is collected:

  • The website visited
  • Date and time of access
  • Amount of data transferred (in bytes)
  • Source/reference from which you accessed our website
  • Operating system used
  • Browser used
  • IP address used (where applicable, in anonymised form)

The legal basis for processing this data is Article 6(1)(f) GDPR, based on our legitimate interest in improving the stability and maintaining the functionality of our website.

The collected data will not be disclosed to third parties or used for any other purpose.

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's device. For this purpose, the user's IP address must remain stored for the duration of the session.

We reserve the right to review the server log files retrospectively if there are concrete indications of unlawful use.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected.

Where the data is collected for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, it will be deleted no later than seven days after collection. Storage beyond this period is possible. In such cases, users' IP addresses are deleted or anonymised so that they can no longer be assigned to the accessing client.

The collection of data for the provision of the website and the storage of data in log files are essential for the operation of the website. Consequently, users have no right to object to this processing.


3. Contact

If you contact us via the contact form, the data entered into the input form will be transmitted to us and stored. The specific data collected can be seen from the respective input form.

If you contact us by email, only the data you provide in your email will be transmitted to us.

The data is used exclusively for processing your enquiry and our correspondence with you.

Where the user has given consent, the legal basis for processing is Article 6(1)(a) GDPR.

The legal basis for processing data transmitted in the course of sending an email is Article 6(1)(f) GDPR.

If the email contact is aimed at concluding a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected, provided that no statutory retention obligations apply.

For personal data collected via the contact form and personal data transmitted by email, this is the case once the respective conversation with the user has ended.

A conversation is deemed to have ended when it can be concluded from the circumstances that the matter in question has been fully resolved.

Users may withdraw their consent to the processing of their personal data at any time.

If a user contacts us by email, they may object at any time to the storage of their personal data. In such a case, the conversation cannot be continued.


4. Cookies

Our website uses cookies.

Cookies are text files that are stored on the user's device.

When a user visits a website, a cookie may be stored on the user's operating system.

Some functions of our website cannot be provided without the use of cookies. For this purpose, it is necessary that the browser can be recognised even after changing pages.

The user data collected through technically necessary cookies is not used to create user profiles.

Our legitimate interest in processing personal data pursuant to Article 6(1)(f) GDPR also lies in the purposes described above.

Furthermore, our website may use cookies that enable the analysis of users' browsing behaviour (so-called third-party cookies).

Further information regarding the scope, purpose, legal basis and the available options for objecting to such processing can be found in the relevant sections of this Privacy Policy.

As a user, you have full control over the use of cookies.

By changing your browser settings, you can disable, restrict or delete the transmission of cookies.

If you disable cookies for our website, you may no longer be able to use all functions of the website to their full extent.

The transmission of Flash cookies can also be prevented by changing the settings of the Flash Player.

Help regarding browser settings can be found in your browser's help menu or via the following links:

Some of the cookies used on this website are deleted automatically when you close your browser (so-called session cookies).

Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognise your browser the next time you visit our website (persistent cookies).

If cookies are set, they collect and process certain user information to an individual extent, such as browser data, location data and IP address information.

Persistent cookies are automatically deleted after a predefined period, which may vary depending on the respective cookie.

5. Data Processing for Order Fulfilment

5.1

If you wish to place an order in our online shop, it is necessary for the conclusion of the contract that you provide the personal data required to process your order.

The personal data you provide will be processed for the purpose of handling and fulfilling your order.

To process your order, we work in part with external service providers. For this purpose, it may be necessary to transmit the personal data required for order processing.

Where we commission shipping companies to deliver your goods, we will pass on the data necessary for the delivery to the respective shipping provider.

For payment processing, we transmit your data to the appointed financial institution where necessary. If we use payment service providers, you will find further information below.

The legal basis for the transfer of your data is Article 6(1)(b) GDPR.


5.2 Use of Payment Service Providers


5.3 Apple Pay

If you select Apple Pay (a service provided by Apple Distribution International, Hollyhill Industrial Estate, Hollyhill, Cork, Ireland) as your payment method, payment processing is carried out via the Apple Pay function on your device running iOS, watchOS or macOS using the payment card stored in Apple Pay.

Your transaction is protected by the security features of your device's hardware and software.

To authorise a payment, you must confirm it by entering your code and using the Face ID or Touch ID function of your device.

The information you provide during the ordering process, together with information relating to your order, is transmitted to Apple in encrypted form for the purpose of processing the payment.

Apple then encrypts this data again and transmits it to the payment service provider of the payment card stored in Apple Pay in order to complete the transaction.

The encryption ensures that only the website on which the order was placed can access the payment information.

Once the payment has been completed, Apple transmits the device account number and a transaction-specific dynamic security code to our website in order to confirm the payment.

Where personal data is processed during these procedures, such processing is carried out for the purpose of payment processing pursuant to Article 6(1)(b) GDPR.

If you use Apple Pay on an iPhone or Apple Watch to complete a purchase initiated through Safari on a Mac, the Mac and the authorising device communicate through an encrypted channel via Apple's servers. Apple may process or store data during this process. However, this is done in a format that does not allow Apple to identify you personally.

Further information on Apple's privacy practices is available at:

https://support.apple.com/de-de/HT203027


5.4 Bancontact

If you choose to pay via Bancontact using PayPal Checkout, payment processing is carried out by the payment service provider PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").

Further information about PayPal Checkout can be found in the relevant section below.


5.5 BLIK

If you choose to pay via BLIK using PayPal Checkout, payment processing is carried out by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").

Further information about PayPal Checkout can be found in the relevant section below.


5.6 Google Pay

If you select Google Pay (a service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland), payment processing is initiated via the Google Pay application on your NFC-enabled Android device (Android 4.4 "KitKat" or later).

Payment is made using one of the payment cards stored in Google Pay or another verified payment method (such as PayPal).

For payments exceeding EUR 25.00, you must first unlock your mobile device before the payment can be authorised.

The information provided during the ordering process is transmitted to Google for payment processing.

Google generates a unique transaction number which is transmitted to our website to verify the payment. This transaction number is merely a numerical token and contains no personal payment information.

The actual payment transaction takes place between the user and our website by charging the payment method stored in Google Pay.

Where personal data is processed during these procedures, such processing is carried out for payment processing in accordance with Article 6(1)(b) GDPR.

Google Pay Terms of Service:

https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de

Google Pay Privacy Notice:

https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

Google Privacy Policy:

https://business.safety.google/privacy/


5.7 iDEAL

If you choose to pay via iDEAL using PayPal Checkout, payment processing is carried out by PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.

Further information about PayPal Checkout can be found in the relevant section below.


5.8 MyBank

If you choose to pay via MyBank using PayPal Checkout, payment processing is carried out by PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.

Further information about PayPal Checkout can be found in the relevant section below.


5.9 PayPal Checkout

We use PayPal Checkout on this website (PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg; hereinafter "PayPal").

PayPal Checkout is an online payment solution that supports both PayPal payment methods and local payment methods offered by third-party providers.

If you choose PayPal, Credit Card via PayPal, Direct Debit via PayPal, or Pay Later via PayPal, we will transfer the payment data required to process your payment to PayPal. Such transfer is carried out in accordance with Article 6(1)(b) GDPR.

For the payment methods Credit Card via PayPal, Direct Debit via PayPal, and Pay Later via PayPal, PayPal reserves the right to carry out a credit assessment.

For this purpose, PayPal may transfer the necessary payment data to credit reference agencies.

The legal basis for this processing is Article 6(1)(f) GDPR, based on PayPal's legitimate interest in determining your creditworthiness.

You may object to this processing by contacting PayPal directly. However, PayPal may still process your personal data where this is necessary for the contractual processing of the payment.

If you choose PayPal Invoice, your payment data will first be transmitted to PayPal in accordance with Article 6(1)(b) GDPR.

PayPal then transfers your data to Ratepay GmbH, Ritterstraße 12–14, 10969 Berlin, Germany, for payment processing.

Ratepay carries out an identity and credit check in its own name.

The legal basis is Article 6(1)(f) GDPR, based on the legitimate interest in determining your creditworthiness.

For this purpose, Ratepay may transmit your payment data to credit reference agencies.

Information about the credit agencies used by Ratepay is available at:

https://www.ratepay.com/legal-payment-creditagencies/

If you choose a local third-party payment method, your payment data will first be transmitted to PayPal pursuant to Article 6(1)(b) GDPR.

PayPal then transfers your payment data to the provider you selected for the purpose of completing the payment, also pursuant to Article 6(1)(b) GDPR:

  • iDEAL (Currence Holding BV, Amsterdam, Netherlands)
  • giropay (Paydirekt GmbH, Frankfurt am Main, Germany)
  • Sofort (SOFORT GmbH, Munich, Germany)
  • Bancontact (Bancontact Payconiq Company, Brussels, Belgium)
  • eps (PSA Payment Services Austria GmbH, Vienna, Austria)
  • BLIK (Polski Standard Płatności Sp. z o.o., Warsaw, Poland)
  • Przelewy24 (PayPro SA, Poznań, Poland)
  • MyBank (PRETA S.A.S., Paris, France)

Further information can be found in PayPal's Privacy Policy:

https://www.paypal.com/de/webapps/mpp/ua/privacy-full


5.10 Shop Pay

We also offer payment via Shop Pay (Shopify International Limited, Victoria Buildings, 1–2 Haddington Road, Dublin 4, D04 XN32, Ireland).

When using Shop Pay, your personal data is processed.

Your data is transferred to Shop Pay pursuant to Article 6(1)(a) GDPR (consent) and Article 6(1)(b) GDPR (performance of a contract), solely to the extent necessary.

You may withdraw your consent at any time. Such withdrawal does not affect the lawfulness of any processing carried out before the withdrawal.

Further information regarding Shop Pay's privacy practices is available at:

https://www.shopify.com/pay

and

https://www.shopify.de/legal/datenschutz


5.11 Stripe

If you select a payment method provided by Stripe, payment processing is carried out by Stripe Payments Europe Ltd., Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland (hereinafter "Stripe").

For the purpose of payment processing, we transmit your personal data together with your order information (name, address, account number, bank sort code, where applicable your credit card number, invoice amount, currency and transaction number) to Stripe, solely to the extent necessary and pursuant to Article 6(1)(b) GDPR.


5.12 Shopify Payments

We use the payment service Shopify Payments, 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2, Ireland.

If you choose a payment method offered through Shopify Payments, payment processing is technically carried out by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland.

For this purpose, we transmit the information you provide during the ordering process together with your order details (name, address, account number, bank sort code, where applicable credit card number, invoice amount, currency and transaction number) pursuant to Article 6(1)(b) GDPR.

Your data is transferred solely for the purpose of processing the payment and only to the extent necessary.

Further information about Shopify Payments can be found at: https://www.shopify.com/legal/privacy

Further information about Stripe's privacy practices is available at: https://stripe.com/privacy

6. Data Processing When Creating a Customer Account and for Contract Performance

If you create a customer account with us, personal data will be collected and processed in accordance with Article 6(1)(b) GDPR.

The scope of the data collected is apparent from the respective registration form.

The data you provide will be stored and used for the performance of the contract.

You may delete your customer account at any time by contacting the Data Controller at the address provided above or, where available, directly via your customer account.

In this case, your data will be restricted with regard to statutory retention obligations under tax and commercial law and deleted once these retention periods have expired, unless you have expressly consented to further storage or we are otherwise legally entitled to continue processing your data.


7. Contact for Review Reminders

7.1 Review Reminder via Net Reviews ("Echte Bewertungen")

Subject to your express consent pursuant to Article 6(1)(a) GDPR, we transmit your email address to the review platform Net Reviews (Simplified Joint Stock Company, 18–20 Avenue Robert Schuman, CS 40494, 13002 Marseille, France), operating under www.echte-bewertungen.com.

You will receive a review reminder by email from www.echte-bewertungen.com.

You may withdraw your consent at any time by notifying either the Data Controller or www.echte-bewertungen.com.

7.2 Review Reminder via Google Customer Reviews

Subject to your express consent pursuant to Article 6(1)(a) GDPR, we transmit your email address to Google Customer Reviews (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

Google will send you a review reminder by email.

You may withdraw your consent at any time by notifying either the Data Controller or Google.

Further information regarding Google's privacy practices is available at:

https://business.safety.google/privacy/


8. Use of Social Media: Social Plugins

8.1 Facebook Standard Plugin

Our website uses social plugins ("Plugins") provided by Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

These plugins are generally identifiable by the Facebook logo (typically a white "f" on a blue background).

Further plugin designs are available at:

https://developers.facebook.com/docs/plugins

When you visit a page on our website containing such a plugin, your browser establishes a direct connection with Facebook's servers. The content of the plugin is transmitted directly to your browser, even if you do not have a Facebook account or are not logged in.

This information (including your IP address) may be transmitted directly to Facebook servers in the United States and stored there.

If you are logged into Facebook, Facebook may directly associate your visit to our website with your Facebook profile.

If you interact with the plugin (for example by clicking the "Like" button or posting a comment), this information is likewise transmitted directly to Facebook and stored there.

Such activities may also be published on your Facebook profile and displayed to your Facebook friends.

Our legitimate interest lies in displaying personalised advertising and fully exploiting the commercial potential of our website. The legal basis is Article 6(1)(f) GDPR.

Facebook also has a legitimate interest in providing personalised advertising and improving its services.

If you do not wish Facebook to associate the information collected via our website with your Facebook profile, you must log out of Facebook before visiting our website.

You can also prevent Facebook plugins from loading by using browser extensions such as NoScript:

http://noscript.net/

Meta Platforms, Inc., based in the United States, is certified under the EU–U.S. Data Privacy Framework.

Further information is available at:

https://www.facebook.com/policy.php

https://www.facebook.com/legal/EU_data_transfer_addendum


8.2 Google+ Standard Plugin

Our website uses the Google+ social plugin provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland.

The plugin is usually identifiable by the "+1" symbol.

Additional plugin designs are available at:

https://developers.google.com/+/plugins

If you are logged into Google+ while visiting our website, Google+ may directly associate your visit with your Google+ profile.

Interactions with the plugin are likewise transmitted directly to Google+ servers and may also be processed on servers located in the United States.

Our legitimate interest lies in displaying personalised advertising and fully exploiting the commercial potential of our website pursuant to Article 6(1)(f) GDPR.

Google also has a legitimate interest in providing personalised advertising and improving its services.

If you do not wish Google+ to associate your visit with your profile, please log out of Google+ before visiting our website.

You can also prevent the loading of Google+ plugins by using browser extensions such as NoScript.

Google LLC, headquartered in the United States, is certified under the EU–U.S. Data Privacy Framework.

Further information:

https://www.google.de/intl/de/policies/privacy/

https://business.safety.google/privacy/


8.3 Instagram Standard Plugin

Our website uses social plugins provided by Instagram, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

The plugins are generally recognisable by the Instagram camera icon.

Further information is available at:

http://blog.instagram.com/post/36222022872/introducing-instagram-badges

When you visit a page containing such a plugin, your browser establishes a direct connection with Instagram's servers.

The plugin content is transmitted directly to your browser, regardless of whether you have an Instagram account or are logged in.

This information, including your IP address, may be transmitted to servers in the United States and stored there.

If you are logged into Instagram, Instagram may directly associate your visit with your Instagram profile.

If you interact with the plugin, this information is likewise transmitted directly to Instagram and may be published on your Instagram profile.

Our legitimate interest is based on Article 6(1)(f) GDPR and consists of displaying personalised advertising and maximising the commercial potential of our website.

If you do not wish Instagram to associate your visit with your profile, please log out before visiting our website.

You can also prevent Instagram plugins from loading by using browser extensions such as NoScript.

Meta Platforms, Inc. is certified under the EU–U.S. Data Privacy Framework.

Instagram's Privacy Policy is available at:

https://instagram.com/about/legal/privacy/


8.4 Pinterest Standard Plugin

Our website uses social plugins provided by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.

These plugins are generally recognisable by the "Pin it" button.

Further information is available at:

https://developers.pinterest.com/docs/getting-started/introduction/

When visiting a page containing a Pinterest plugin, your browser establishes a direct connection with Pinterest's servers.

The information transmitted includes your IP address and may be stored on servers in the United States.

If you are logged into Pinterest, your visit may be associated directly with your Pinterest account.

Interactions with the plugin may be published on your Pinterest profile.

Our legitimate interest is based on Article 6(1)(f) GDPR.

Pinterest also has a legitimate interest in providing personalised advertising and improving its services.

If you do not wish Pinterest to associate your visit with your profile, please log out before visiting our website.

Browser extensions such as NoScript can also prevent Pinterest plugins from loading.

Transfers of personal data to the United States are based on the Standard Contractual Clauses approved by the European Commission.

Further information:

https://policy.pinterest.com/de/privacy-policy#section-residents-of-the-eea

https://about.pinterest.com/privacy-policy


8.5 X (formerly Twitter) Standard Plugin

Our website uses social plugins provided by X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

The plugins are recognisable by the X logo or the former blue Twitter bird.

Further information:

https://publish.twitter.com/

When visiting a page containing such a plugin, your browser establishes a direct connection with X's servers.

The plugin content, including your IP address, may be transmitted to servers in the United States.

If you are logged into X, your visit may be associated directly with your X profile.

Interactions with the plugin may be published on your X profile and made visible to your followers.

Our legitimate interest pursuant to Article 6(1)(f) GDPR consists of displaying personalised advertising and maximising the commercial potential of our website.

X also has a legitimate interest in providing personalised advertising and improving its services.

If you do not wish X to associate your visit with your profile, please log out before visiting our website.

You can also prevent X plugins from loading by using browser extensions such as NoScript.

X participates in the EU–U.S. Data Privacy Framework, ensuring an adequate level of data protection for transfers to the United States.

Further information:

https://x.com/privacy

https://x.com/de/privacy

9. Use of Social Media: Video

9.1 Use of Vimeo Videos

Our website incorporates plugins provided by the video platform Vimeo, operated by Vimeo, LLC, 555 West 18th Street, New York, NY 10011, USA.

When you access a page on our website containing such a plugin, your browser establishes a direct connection to Vimeo's servers. The content of the plugin is transmitted directly to your browser and integrated into the webpage.

As a result, Vimeo receives information that your browser has accessed the relevant page of our website, including your IP address. This also applies if you do not have a Vimeo account or are not logged into Vimeo.

This information is transmitted directly to a Vimeo server in the United States and stored there.

If you are logged into Vimeo, Vimeo can directly associate your visit to our website with your Vimeo account.

If you interact with one of the plugins (for example by clicking the play button of a video), this information is likewise transmitted directly to Vimeo and stored there.

This data processing is carried out in accordance with Article 6(1)(f) GDPR. Vimeo's legitimate interest lies in market research and the optimisation of its services.

If you do not wish Vimeo to associate your visit to our website with your Vimeo account, you must log out of Vimeo before visiting our website.

Further information regarding the purpose and scope of data collection, the further processing and use of the data by Vimeo, as well as your rights and privacy settings, can be found in Vimeo's Privacy Policy:

http://vimeo.com/privacy

Videos embedded from Vimeo on this website automatically include the Google Analytics tracking tool.

This is Vimeo's own tracking technology, over which we have no control and which cannot be influenced by us.

Google Analytics uses cookies for tracking purposes. The information generated by these cookies about your use of this website is generally transmitted to a Google server in the United States and stored there.

This processing is carried out pursuant to Article 6(1)(f) GDPR, based on Vimeo's legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes.

Transfers of personal data to the United States are based on the Standard Contractual Clauses approved by the European Commission.

Further details are available at:

https://vimeo.com/privacy


9.2 Use of YouTube Videos

This website uses the YouTube embedding function to display and play videos provided by YouTube, a service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland ("Google").

We use the Enhanced Privacy Mode, which, according to YouTube, does not store user information until the video is actually played.

Once you start playing an embedded YouTube video, YouTube uses cookies to collect information about your user behaviour.

According to YouTube, these cookies are used, among other things, to compile video statistics, improve user experience and prevent abusive activities.

If you are logged into your Google account, your data will be associated directly with your account.

If you do not wish this association with your YouTube profile, you must log out before activating the video.

Google stores your data as usage profiles, even if you are not logged in, and analyses this information.

Such analysis is carried out pursuant to Article 6(1)(f) GDPR, based on Google's legitimate interests in displaying personalised advertising, conducting market research and improving its services.

Our own legitimate interest pursuant to Article 6(1)(f) GDPR in embedding YouTube videos lies in analysing user behaviour, improving our website according to users' needs and maximising the commercial potential of our website.

You have the right to object to the creation of such user profiles. To exercise this right, you must contact YouTube directly.

Regardless of whether an embedded video is played, a connection to Google's DoubleClick network is established each time this website is accessed. This may trigger additional data processing operations over which we have no control.

Personal data may also be transferred to servers operated by Google LLC in the United States.

Further information about YouTube's privacy practices is available at:

https://policies.google.com/privacy?hl=en

You can manage your personalised advertising settings here:

https://adssettings.google.com/authenticated

Google LLC, headquartered in the United States, is certified under the EU–U.S. Data Privacy Framework, ensuring an adequate level of data protection in accordance with EU data protection requirements.

Further information is available at:

https://privacy.google.com/businesses/gdprcontrollerterms/

 

10. Online Marketing

Use of Google Ads Conversion Tracking

This website uses the online advertising program Google Ads and, as part of Google Ads, the Conversion Tracking service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland ("Google").

We use advertising materials (so-called Google Ads) to promote our offers on external websites.

Our legitimate interest lies in displaying advertising that is relevant to you and ensuring a fair calculation of advertising costs.

The legal basis for this processing is Article 6(1)(a) GDPR, namely your express consent.

Google Ads uses cookies for conversion tracking. These cookies are set when you click on a Google Ads advertisement.

These cookies generally expire after 30 days and are not used for personal identification.

Each Google Ads customer receives a unique cookie, meaning that cookies cannot be tracked across the websites of different Google Ads customers.

The information collected is used to generate conversion statistics for Google Ads customers regarding the total number of users who clicked on an advertisement and were redirected to a page containing a conversion tracking tag.

You cannot be personally identified through this information.

If you wish to prevent tracking, you can disable the Google Conversion Tracking cookie via your browser settings.

Google LLC, headquartered in the United States, is certified under the EU–U.S. Data Privacy Framework, ensuring an adequate level of data protection in accordance with EU data protection requirements.

Further information regarding Google's privacy practices is available at:

http://www.google.de/policies/privacy/

https://business.safety.google/privacy/

You may also permanently disable conversion cookies by downloading and installing the browser plug-in available at:

https://www.google.com/settings/ads/plugin?hl=en

Please note that certain functions of this website may not be available or may only be available to a limited extent if cookies are disabled.

Further information regarding Google's privacy practices is available at:

https://business.safety.google/privacy/


11. Web Analytics Services

Google Analytics 4

We use Google Analytics 4, a web analytics service provided by Google Ireland Limited (Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland) (hereinafter referred to as "GA4").

Google Analytics uses cookies, which are small text files stored on your device that enable an analysis of your use of the website.

The information generated by these cookies about your use of this website (including your shortened IP address) is transmitted to a Google server, where it is stored and processed. This may include a transfer of data to the United States.

IP addresses are anonymised by default.

For IPv4 addresses, the last octet is removed, and for IPv6 addresses, the last 80 bits are set to zero in memory. This anonymisation prevents any direct personal identification.

However, a transfer of data to servers operated by Google LLC in the United States cannot be ruled out.

During your visit to our website, GA4 records your user behaviour in the form of events, including, for example:

  • Page views
  • First visit to the website
  • Session start
  • Click path
  • Interactions with the website
  • Scroll activity
  • Clicks on external links
  • Internal searches
  • Video interactions
  • File downloads
  • Viewed or clicked advertisements
  • Language settings

GA4 also collects:

  • Your approximate location (region)
  • Your anonymised IP address
  • Technical information about your browser and device (such as language settings and screen resolution)
  • Your internet service provider
  • The referring URL (the website or advertisement from which you reached our website)

On our behalf, Google uses this information to analyse your use of the website, compile reports on website activity and provide us with additional services relating to website and internet usage.

The anonymised IP address collected through Google Analytics 4 is not merged with any other Google data.

The data collected in this context is stored for two months.

The legal basis for this processing and for the setting of cookies is your express consent pursuant to Article 6(1)(a) GDPR.

You may withdraw your consent at any time with future effect, for example by disabling this Google service via the Cookie Consent Tool through which you originally granted your consent.

Without your consent, Google Analytics 4 will not be activated during your visit to our website.

Google LLC, headquartered in the United States, is certified under the EU–U.S. Data Privacy Framework, ensuring an adequate level of protection for personal data transferred from the European Union.

We have also concluded a Data Processing Agreement (DPA) with Google.

Further information about Google Analytics 4 can be found at:

https://policies.google.com/technologies/partner-sites

and

https://policies.google.com/privacy


Demographic Data

The Demographic Data feature of Google Analytics 4 enables the creation of statistics regarding the age, gender and interests of website visitors.

For this purpose, advertising information and data provided by third parties are analysed in order to identify target groups for specific marketing activities.

No personal identification of individual users takes place.

The data collected for this purpose is stored for two months.


User IDs

Where we use the User ID feature, your activities (including conversions) may be analysed across multiple devices.

In this case, the analysis is not pseudonymised.

This is only possible if:

  • you have given your consent to the use of Google Analytics 4 pursuant to Article 6(1)(a) GDPR;
  • you have created a customer account on this website; and
  • you log into this account on multiple devices.

Google Signals

Where we use the Google Signals feature, we may receive cross-device reports about your usage behaviour.

However, we receive only aggregated statistical information and no personal data.

This analysis is only possible if:

  • you have enabled Personalised Advertising in your Google account;
  • your devices are linked to your Google account; and
  • you have given your consent to the use of Google Analytics pursuant to Article 6(1)(a) GDPR.

Cross-device analysis can be prevented by disabling Personalised Advertising in your Google account.

Further information about Google Signals is available at:

https://support.google.com/analytics/answer/7532985

Further information regarding Google's privacy practices can be found at:

https://business.safety.google/privacy/


12. Tools and Miscellaneous

12.1 Google Maps

We use the Google Maps API, provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland ("Google").

Google Maps is used to display interactive maps and provide route planning.

When using Google Maps, information about your use of this website, including your IP address and the (starting) address entered for route planning, may be transmitted to Google.

When you access a page on our website containing Google Maps, your browser establishes a direct connection with Google's servers.

The map content is transmitted directly by Google to your browser and integrated into the website.

As a result, we have no influence over the scope of the data collected by Google in this way.

To the best of our knowledge, this includes at least the following information:

  • Date and time of your visit to the relevant webpage
  • Internet address (URL) of the webpage visited
  • IP address
  • The starting address entered for route planning (where applicable)

We have no influence over the further processing and use of this data by Google and therefore cannot accept responsibility for it.

If you are logged into your Google account, your data will be directly associated with your Google account.

If you do not wish this association, you must log out of Google before visiting our website.

Google stores your data (including data of users who are not logged in) as usage profiles and analyses this information.

Such analysis is carried out pursuant to Article 6(1)(f) GDPR, based on Google's legitimate interests in displaying personalised advertising, conducting market research and improving its services.

You have the right to object to the creation of such user profiles. To exercise this right, you must contact Google directly.

If you do not want Google to collect, process or use data about you through our website, you can disable JavaScript in your browser settings.

Please note that if you do so, you may no longer be able to use the map functionality.

Further information regarding Google's collection, processing and use of data, your rights and available privacy settings can be found in Google's Privacy Policy:

https://policies.google.com/privacy

Google's Terms of Service:

http://www.google.de/intl/en/policies/terms/regional.html

Google Maps Terms of Service:

https://www.google.com/help/terms_maps/

Google LLC, headquartered in the United States, is certified under the EU–U.S. Data Privacy Framework, ensuring an adequate level of data protection in accordance with EU data protection requirements.

Further information regarding Google's privacy practices is available at:

http://www.google.de/policies/privacy/

https://business.safety.google/privacy/


12.2 Google reCAPTCHA

We use Google reCAPTCHA, provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland ("Google"), pursuant to Article 6(1)(f) GDPR, based on our legitimate interest in preventing misuse and spam.

reCAPTCHA is used to verify whether data entered on our website has been entered by a natural person.

When using reCAPTCHA, personal data (such as your IP address, mouse movements, time spent on the page and, where applicable, other information required for analysis) is transmitted to Google and processed on our behalf.

Google acts as our data processor within the meaning of Article 28 GDPR.

We have concluded a corresponding Data Processing Agreement (DPA) with Google governing the processing of personal data on our behalf.

When using Google reCAPTCHA, your personal data may also be transferred to servers operated by Google LLC in the United States.

Google LLC, headquartered in the United States, is certified under the EU–U.S. Data Privacy Framework, ensuring an adequate level of data protection.

Further information about Google's privacy practices is available at:

https://policies.google.com/privacy


12.3 Google Tag Manager

We use Google Tag Manager, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager enables us to integrate tracking tools, analytics services and other technologies into our website through the use of tags.

Tags are not code sections that independently record activities on a website. Instead, they are usually provided by other Google services or by third-party providers.

These tags may collect browser information, integrate buttons or set cookies.

Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. Its sole purpose is to manage and deploy the tools integrated through it.

Your IP address is processed via Google Tag Manager and may also be transmitted to Google's parent company in the United States.

The legal basis for the use of Google Tag Manager is your consent pursuant to Article 6(1)(a) GDPR.

Google LLC, headquartered in the United States, is certified under the EU–U.S. Data Privacy Framework, ensuring an adequate level of data protection in accordance with EU data protection requirements.

Further information regarding Google's privacy practices is available at:

http://www.google.de/policies/privacy/

Additional information can be found at:

https://business.safety.google/privacy/

13. Rights of the Data Subject

13.1

The applicable data protection legislation grants you comprehensive rights as a data subject with regard to the processing of your personal data by the Data Controller (rights of access and intervention). We inform you of these rights below:

Right of Access (Article 15 GDPR)

You have the right to obtain confirmation from the Data Controller as to whether personal data concerning you is being processed.

If this is the case, you also have the right to obtain information about:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom your personal data has been or will be disclosed;
  • the planned storage period or, where this is not possible, the criteria used to determine that period;
  • the existence of the right to rectification or erasure of your personal data;
  • the right to restriction of processing;
  • the right to lodge a complaint with a supervisory authority;
  • the origin of your personal data where it was not collected directly from you;
  • the existence of automated decision-making, including profiling, and, where applicable, meaningful information about the logic involved as well as the significance and envisaged consequences of such processing for you;
  • the safeguards pursuant to Article 46 GDPR where your personal data is transferred to third countries.

Right to Rectification (Article 16 GDPR)

You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and the completion of incomplete personal data stored by us.


Right to Restriction of Processing (Article 18 GDPR)

You have the right to request the restriction of the processing of your personal data:

  • while the accuracy of your personal data is being verified, if you contest its accuracy;
  • if you oppose the deletion of your personal data due to unlawful processing and instead request the restriction of its use;
  • if you require your personal data for the establishment, exercise or defence of legal claims after we no longer need it for the original processing purposes; or
  • if you have objected to processing based on your particular situation, pending verification of whether our legitimate grounds override yours.

Where the processing of your personal data has been restricted, such data may, apart from storage, only be processed:

  • with your consent;
  • for the establishment, exercise or defence of legal claims;
  • for the protection of the rights of another natural or legal person; or
  • for reasons of important public interest of the European Union or of a Member State.

You will be informed before any restriction of processing is lifted.


Right to Erasure ("Right to be Forgotten") (Article 17 GDPR)

You have the right to request the immediate deletion of your personal data where the conditions set out in Article 17(1) GDPR are met.

However, this right does not apply in particular where processing is necessary:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation;
  • for reasons of public interest; or
  • for the establishment, exercise or defence of legal claims.

Right to Notification (Article 19 GDPR)

Where you have exercised your right to rectification, erasure or restriction of processing, the Data Controller is obliged to notify every recipient to whom your personal data has been disclosed of such rectification, erasure or restriction, unless this proves impossible or involves disproportionate effort.

You also have the right to be informed about those recipients.


Right to Data Portability (Article 20 GDPR)

You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or, where technically feasible, to request that it be transmitted directly to another controller.


Right to Object and Right to Withdraw Consent (Articles 21 and 7(3) GDPR)

You have the right to object at any time to the processing of your personal data where such processing is based on Article 6(1)(e) or Article 6(1)(f) GDPR.

This also applies to profiling based on these provisions.

You also have the right to withdraw your consent to the processing of your personal data at any time with effect for the future.

Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of your consent before its withdrawal.


Right to Lodge a Complaint (Article 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

13.2 Right to Object

You have the right to object at any time, with future effect, to the processing of your personal data where we process your data on the basis of our overriding legitimate interests following a balancing of interests.

If you exercise this right to object, we will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing serves the establishment, exercise or defence of legal claims.


14. Retention Period for Personal Data

The retention period for personal data depends on the applicable statutory retention requirements.

Once these periods have expired, we routinely delete the relevant data, provided that it is no longer required for the performance or initiation of a contract and that we no longer have a legitimate interest in retaining it.


15. Use of the Withdrawal Button

When you use the withdrawal button, we process the personal data entered therein, including:

  • your name;
  • order and contract details;
  • communication data (withdrawal declaration);
  • the date and time of the withdrawal;
  • where applicable, your customer account information and IP address (when using the online form).

The processing is carried out for the purpose of identifying your contract and documenting your withdrawal.

We retain this data for documentation purposes for a maximum period of 10 years and automatically delete it thereafter, provided that no statutory retention obligations require a longer retention period.

The legal basis for this processing is:

  • Article 6(1)(b) GDPR (performance of a contract); and
  • Article 6(1)(c) GDPR (compliance with a legal obligation).


Version: July 1, 2026