• Privacy Policy


We take the protection of your data very seriously.

That is why we do not use cookies that contain your personal data.

Privacy Policy Settings

1. Data protection at a glance

General information

This section provides a simple overview of what happens to your personal data when you visit this website. Personal data is any information that can be used to identify you. For more detailed information on data protection, please refer to our privacy policy, which you will find listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the ‘Information on the responsible body’ section of this privacy policy.
How do we collect your data?
We collect your data when you provide it to us. This may include data that you enter in a contact form, for example.

Other data is collected automatically or with your consent when you visit the website by our IT systems. This is primarily technical data, such as internet browser, operating system and time of page view. This data is collected as soon as you enter the website.

How will we use your data?

Some data is collected to help ensure that the website is provided without errors. Other data may be used to analyse your usage of the website. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for the purposes of making contract offers, taking orders or responding to other enquiries relating to orders.

With regard to your data, what rights do you have?

You have the right to request information about your stored personal data, including its origin, recipient and purpose, free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. Under certain circumstances, you also have the right to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the relevant supervisory authority.

Please contact us if you have any questions about this or other data protection issues.

2. Hosting

We use the following provider to host the content of our website:

All-Inkl

The provider is All-Inkl.com – Neue Medien Münnich, which is owned by René Münnich and is located at Hauptstraße 68, 02742 Friedersdorf (hereinafter referred to as ‘All-Inkl’). For details, please refer to All-Inkl’s privacy policy. https://all-inkl.com/datenschutzinformationen/.

Use of All-Inkl is based on Art. 6(1) lit. f GDPR. We have a legitimate interest in ensuring that our website is as reliable as possible. If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1) a GDPR and §25(1) TDDDG, provided that the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting), as defined by the TDDDG. Consent can be withdrawn at any time.

order processing

We have concluded an order processing contract (AVV) for the use of the aforementioned service. This contract is required by data protection law to ensure that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

3. General information and mandatory information

Privacy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially, in accordance with statutory data protection regulations and this privacy policy.

Various personal data is collected when you use this website. Personal data is information that can be used to identify you personally. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this is done.

Please note that transmitting data over the Internet (e.g. when communicating by email) can have security gaps. It is not possible to provide complete protection of data against access by third parties.

Information about the responsible authority

Responsibility for data processing on this website lies with:

Kerstin Wagner
Hospitalstraße 21
53840 Troisdorf
Germany

Phone: +49 2241-75569 (Deutschland)
E-Mail: keriwa@web.de

The responsible body is the natural or legal person who decides, either alone or jointly with others, on the purposes and means of processing personal data (e.g. names and email addresses).

Storage period

Unless this privacy policy specifies a more specific storage period, your personal data will remain with us until the purpose of processing the data no longer applies. If you make a legitimate request for deletion or withdraw your consent for us to process your data, we will delete it unless we have other legally permissible reasons for storing it (e.g. tax or commercial law retention periods). In the latter case, we will delete it once these reasons no longer apply.

This is general information on the legal basis for processing data on this website

If you have given us your consent to process your personal data, we will do so on the basis of Art. 6(1)(a) GDPR, provided that special categories of data are processed in accordance with Art. 9(2)(a) GDPR, provided that special categories of data are processed in accordance with Art. 9(1) GDPR. If you have expressly consented to the transfer of personal data to third countries, we also process your data on the basis of Art. 49(1)(a) GDPR. If you have consented to cookies being stored or to access being granted to information on your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25(1) of the Federal Data Protection Act (BDSG). Consent can be withdrawn at any time. If your data is necessary for the performance of a contract or for the implementation of pre-contractual measures, we will process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we process your data if it is necessary to fulfil a legal obligation on the basis of Art. 6(1)(c) GDPR. Data processing may also be carried out on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. The relevant legal basis in each case is explained in the following paragraphs of this privacy policy.

Recipients of personal data

As part of our business activities, we collaborate with various external parties. In some cases, this involves transferring personal data to these parties. We only pass on personal data to external parties if it is necessary to fulfil a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities) or if we have a legitimate interest in doing so in accordance with Art. 6(1) lit. f GDPR, or if another legal basis permits the transfer of data. When using processors, we only disclose our customers’ personal data on the basis of a valid processing agreement. In the case of joint processing, we conclude a contract for joint processing.

Withdrawing your consent for data processing

Many data processing operations can only be carried out with your express consent. You can withdraw any consent you have already given at any time. However, the legality of any data processing carried out prior to the revocation remains unaffected.

Right to object to data collection in specific cases and to direct marketing (Art. 21 GDPR)

If data processing is based on Art. 6(1)(a) or (f) of the GDPR, you have the right to object to such processing at any time for reasons arising from your particular situation. If the legal basis for processing is either E or F of the GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your personal data, unless we can prove that there are compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (objection pursuant to Art. 21(1) GDPR).

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing. This also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection pursuant to Art. 21(2) GDPR).

You have the right to lodge a complaint with the relevant supervisory authority

Data subjects have the right to lodge a complaint with a supervisory authority in the event of violations of the GDPR, particularly in the Member State of their habitual residence, place of work or place of the alleged violation. This right exists independently of any other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if it is technically feasible.

Information, correction and deletion

Within the framework of the applicable legal provisions, you have the right to obtain information free of charge at any time about your stored personal data, its origin and recipients, and the purpose of data processing, and, if applicable, a right to correct or delete this data. You can contact us at any time if you have any questions about this or other issues relating to personal data.

Right to restriction of processing

You have the right to request that we restrict the processing of your personal data. Contact us at any time to exercise this right. This right applies in the following cases:

  • If you dispute the accuracy of the personal data we have stored, we will need time to verify it. During this time, you have the right to request that we restrict the processing of your personal data.
  • If we are processing your personal data unlawfully, you can request that we restrict processing instead of deleting your data.
  • If we no longer need your personal data but you do need it to exercise, defend, or assert legal claims, you have the right to request that we restrict processing your personal data instead of deleting it.
  • If you have lodged an objection pursuant to Art. 21(1) GDPR, we must balance your interests with ours. As long as it is unclear whose interests prevail, you have the right to request the restriction of processing your personal data.

If you have restricted the processing of your personal data, apart from storage, this data may only be processed with your consent, for the assertion, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for important reasons of public interest of the European Union or a Member State.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries sent to us, the site operator uses SSL or TLS encryption. You can identify an encrypted connection by the change in the browser’s address line from “http://” to “https://” and by the lock symbol in the browser line.

With SSL or TLS encryption enabled, third parties cannot read the data you transmit to us.

4. Data collection on this website

Cookies

Our websites use so-called ‘cookies’. Cookies are small data packets and do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them.

Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to evaluate user behaviour or for advertising purposes.

Cookies that are necessary for the electronic communication process, for the provision of certain functions requested by you (e.g. for the shopping basket function) or for the optimisation of the website (e.g. cookies for measuring the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and similar recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be restricted.

You can find out which cookies and services are used on this website in this privacy policy.

Contact Form

If you send us enquiries via the contact form, we will store the details you provided in the form, including your contact details, for the purpose of processing the enquiry and for follow-up questions. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6(1) lit. b GDPR if your enquiry relates to the performance of a contract or the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively processing enquiries addressed to us (Art. 6(1)(f) GDPR), or on your consent (Art. 6(1)(a) GDPR) if requested. Consent can be withdrawn at any time.

The data you enter into the contact form will be retained by us until you request its deletion, withdraw your consent for us to store it, or the purpose for storing it no longer applies (e.g. once your enquiry has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Enquiry by email, phone or fax

If you contact us by email, telephone or fax, we will store and process your enquiry, including any personal data arising from it (e.g. name and enquiry details), for the purpose of processing your request. We will not pass on this data without your consent.

The processing of this data is based on Art. 6(1) lit. b GDPR if your enquiry relates to the performance of a contract or the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively processing enquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if requested. Consent can be withdrawn at any time.

Data sent to us via contact enquiries will be retained until you request its deletion, withdraw your consent for its storage, or the storage purpose no longer applies (e.g. once your enquiry has been processed). Mandatory legal provisions – particularly statutory retention periods – remain unaffected.

5. Social Media

Social media elements with Shariff Wrapper

Auf dieser Website werden Elemente von sozialen Medien verwendet (z.B. Facebook, X, Instagram, Pinterest, XING, LinkedIn, Tumblr).

Social media elements can usually be recognised by their respective logos. To protect your data on this website, we only use these elements with the ‘Shariff’ solution. This application prevents the social media elements integrated into the website from transferring your personal data to the relevant provider when you first visit the site.

A direct connection to the provider’s server is only established (i.e. consent is given) when you activate the respective social media element by clicking on the corresponding button. As soon as you activate a social media element, the relevant provider receives information about your visit to this website, including your IP address. If you are logged into your social media account at the same time (e.g. Facebook), the provider can assign your visit to this website to your user account.

Activating the plugin constitutes consent within the meaning of Art. 6(1) lit. a GDPR and §25(1) TDDDG. You can revoke this consent at any time with effect for the future.

This service is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6(1) lit. c GDPR. 1 lit. c GDPR.

Instagram

This website incorporates features of the Instagram service. These features are provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram will then receive information about your visit to this website.

If you are logged into your Instagram account, you can share content from this website on your Instagram profile by clicking on the Instagram button. This enables Instagram to link your visit to this website to your user account. Please note that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how Instagram uses it.

Use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. You can revoke your consent at any time.

Soweit mit Hilfe des hier beschriebenen Tools personenbezogene Daten auf unserer Website erfasst und an Facebook bzw. Instagram weitergeleitet werden, sind wir und die Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland gemeinsam für diese Datenverarbeitung verantwortlich (Art. 26 DSGVO). Die gemeinsame Verantwortlichkeit beschränkt sich dabei ausschließlich auf die Erfassung der Daten und deren Weitergabe an Facebook bzw. Instagram. Die nach der Weiterleitung erfolgende Verarbeitung durch Facebook bzw. Instagram ist nicht Part of shared responsibility. Our joint obligations have been set out in a joint processing agreement. The wording of the agreement can be found at:https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool, as well as for ensuring that the tool is implemented on our website in a manner that complies with data protection laws. Facebook is responsible for the security of its products, including Facebook and Instagram. You can assert your rights as a data subject (e.g. information requests) regarding data processed by Facebook or Instagram directly with Facebook. However, if you exercise these rights with us, we must forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ und https://de-de.facebook.com/help/566994660333381.

Further information on this can be found in Instagram’s privacy policy:https://privacycenter.instagram.com/policy/.

The company is certified under the EU-US Data Privacy Framework (DPF). This agreement aims to ensure that data processed in the United States complies with European data protection standards. All companies certified under the DPF undertake to comply with these standards. Further information can be obtained from the provider via the following link:https://www.dataprivacyframework.gov/participant/4452.

6. Plugins and Tools

YouTube with enhanced data protection

This website embeds videos from YouTube. It is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit a website that incorporates YouTube, a connection to YouTube’s servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, YouTube can assign your browsing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in extended data protection mode. According to YouTube, videos played in this mode are not used to personalise your browsing experience on the platform. Adverts played in this mode are also not personalised. No cookies are set in extended data protection mode. However, local storage elements similar to cookies are stored in the user’s browser and can contain personal data and be used for recognition purposes. Details on extended data protection mode can be found here:https://support.google.com/youtube/answer/171780.

Gegebenenfalls können nach der Aktivierung eines YouTube-Videos weitere Datenverarbeitungsvorgänge ausgelöst werden, auf die wir keinen Einfluss haben.

We use YouTube to present our online offerings in an appealing way. This constitutes a legitimate interest within the meaning of Art. 6(1) f GDPR. 1 lit. f GDPR. If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1) a GDPR and § 25(1) TMG. 1 lit. a GDPR and § 25 para. 1 TDDDG, provided that the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting), as defined in the TDDDG. Consent can be withdrawn at any time.

Further information on data protection at YouTube can be found in their privacy policy at:https://policies.google.com/privacy?hl=de.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:https://www.dataprivacyframework.gov/participant/5780.

Vimeo without Tracking (Do-Not-Track)

This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages with embedded Vimeo videos, your browser establishes a connection with the Vimeo servers. The Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. However, we have configured Vimeo so that it does not track your user activities or set any cookies.

We use Vimeo to present our online offerings in an appealing way. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been obtained, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and can be withdrawn at any time. 1(a) GDPR and can be withdrawn at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on ‘legitimate business interests’. Further details can be found here:https://vimeo.com/privacy.

Further information on the handling of user data can be found in Vimeo’s privacy policy at:https://vimeo.com/privacy.

The company is certified under the EU-US Data Privacy Framework (DPF). This agreement aims to ensure that data processed in the United States complies with European data protection standards. All companies certified under the DPF undertake to comply with these standards. Further information can be obtained from the provider via the following link:https://www.dataprivacyframework.gov/participant/5711.

Google Fonts (local hosting)

This site uses Google Fonts, which are provided by Google, to ensure consistent font display. Google Fonts are installed locally. No connection to Google servers is established.

Further information about Google Fonts can be found athttps://developers.google.com/fonts/faq and in Google’s privacy policy:https://policies.google.com/privacy?hl=de.

Google Maps

This site uses Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. This service enables us to embed maps on our website.

In order to use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to and stored on a Google server in the USA. The provider of this site has no influence over this data transfer. When Google Maps is activated, Google may use Google Fonts to display fonts uniformly. When you access Google Maps, your browser loads the required web fonts into its cache to display text and fonts correctly.

We use Google Maps to make our online offers more appealing and to help visitors find the locations we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6(1) f GDPR. 1 lit. f GDPR. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, provided that the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting), as defined in the TDDDG. Consent can be withdrawn at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on how user data is handled, please refer to Google’s privacy policy:https://policies.google.com/privacy?hl=de.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:https://www.dataprivacyframework.gov/participant/5780.

Source: https://www.e-recht24.de