Privacy policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when you use our website. Personal data includes all data by which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is LMT Labs UG (limited liability), c/o Gym Yilmaz GmbH - RGB, Landwehrstraße 39, 80336 Munich, Germany, Tel.: +49 89 20005282, E-Mail: info@puresaltz.de. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website for informational purposes only, i.e., if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to the page server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/referrer from which you came to the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to subsequently review the server log files if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string “https://” and the lock symbol in your browser line.

3) Hosting & Content Delivery Network

3.1 GoDaddy

For hosting our website and displaying page content, we use the system of the following provider: Go Daddy Operating Co LLC, 14455 North Hayden Road, Suite 226, Scottsdale, AZ 85260, USA

All data collected on our website is processed on the provider’s servers.
We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-U.S. Data Privacy Framework (EU-U.S. Data Privacy Framework), which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

3.2 Shopify

For hosting our website and displaying page content, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”)

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

All data collected on our website is processed on the provider’s servers. We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

3.3 Shopify

We use a content delivery network of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”)

Data may also be transferred to:

Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada
Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA

This service enables us to deliver large media files such as graphics, page content, or scripts more quickly via a network of regionally distributed servers. Processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

For data transfers to the USA, the data recipient has joined the EU-U.S. Data Privacy Framework (EU-U.S. Data Privacy Framework), which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e., small text files that are stored on your device. Some of these cookies are automatically deleted after you close your browser (so-called “session cookies”), while others remain on your device for a longer period and enable the saving of page settings (so-called “persistent cookies”). In the latter case, you can find the storage duration in the overview of the cookie settings of your web browser.

If personal data is processed through individual cookies used by us, processing is carried out in accordance with Art. 6(1)(b) GDPR either for the performance of the contract, in accordance with Art. 6(1)(a) GDPR in the event consent has been given, or in accordance with Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

You can set your browser so that you are informed about the setting of cookies and can decide individually on their acceptance, or you can exclude the acceptance of cookies for certain cases or generally.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact

5.1 Brevo

For review reminders, we use the services of the following provider: Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany

Exclusively on the basis of your express consent pursuant to Art. 6(1)(a) GDPR, we transmit your e-mail address and, if applicable, other customer data to the provider so that the provider can contact you by e-mail with a review reminder.

You can revoke your consent at any time with effect for the future vis-à-vis us or the provider.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

5.2 When you contact us (e.g., via contact form or e-mail), personal data is processed – exclusively for the purpose of processing and responding to your request and only to the extent necessary for that purpose.

The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that no statutory retention obligations conflict with this.

6) Data Processing When Opening a Customer Account

Pursuant to Art. 6(1)(b) GDPR, personal data is further collected and processed to the extent necessary if you provide it to us when opening a customer account. You can find which data is required for opening an account in the input mask of the corresponding form on our website.

Deletion of your customer account is possible at any time and can be effected by sending a message to the above address of the controller. After deletion of your customer account, your data will be deleted provided that all contracts concluded via it have been fully processed, no statutory retention periods conflict, and no legitimate interest on our part in continued storage persists.

7) Use of Customer Data for Direct Marketing

7.1 Subscription to Our E-Mail Newsletter

If you subscribe to our e-mail newsletter, we will regularly send you information about our offers. The only mandatory information required for sending the newsletter is your e-mail address. Providing additional data is voluntary and is used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you only receive newsletters after you have expressly confirmed your consent to receive the newsletter by clicking a verification link sent to the specified e-mail address.

By activating the confirmation link, you grant us your consent to use your personal data pursuant to Art. 6(1)(a) GDPR. In doing so, we store the IP address entered by your internet service provider (ISP) as well as the date and time of registration in order to be able to trace possible misuse of your e-mail address at a later point in time. The data collected by us when you subscribe to the newsletter is used strictly for the intended purpose.

You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the controller named at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list without undue delay, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

7.2 Sending the E-Mail Newsletter to Existing Customers

If you have provided us with your e-mail address when purchasing goods and/or services, we reserve the right to regularly send you offers by e-mail for similar goods and/or services from our range to those already purchased. For this purpose, we do not need to obtain separate consent from you in accordance with Section 7(3) UWG (German Act Against Unfair Competition). In this respect, data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising pursuant to Art. 6(1)(f) GDPR. If you initially objected to the use of your e-mail address for this purpose, we will not send you e-mails.

You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the controller named at the beginning. You will only incur transmission costs according to the basic tariffs. Upon receipt of your objection, the use of your e-mail address for advertising purposes will be stopped without undue delay.

7.3 Brevo

Our e-mail newsletters and other promotional e-mail communication are sent via this provider: Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany

On the basis of our legitimate interest in effective and user-friendly e-mail marketing, we transfer the data you provided during registration to this provider pursuant to Art. 6(1)(f) GDPR so that the provider can send the e-mails on our behalf.

Subject to your express consent pursuant to Art. 6(1)(a) GDPR, the provider also carries out a statistical evaluation of the success of e-mail campaigns using web beacons and/or tracking pixels in the e-mails sent, which can measure open rates and specific interactions with the contents of the newsletter. Device information (e.g., time of access, IP address, browser type and operating system) is also collected and evaluated, but is not merged with other data sets.

You can revoke your consent to e-mail tracking at any time with effect for the future.

We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.

8) Data Processing for Order Handling

8.1 Insofar as necessary for contract performance for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6(1)(b) GDPR.

If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data you transmitted when placing the order in order to inform you personally within the scope of our statutory information obligations pursuant to Art. 6(1)(c) GDPR. Your contact data is used strictly for the intended purpose of notifications about updates owed by us and is processed by us only to the extent necessary for the respective information.

For processing your order, we also work with the following service provider(s) who support us in whole or in part in the performance of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

8.2 DHL Fulfillment

For order processing, we use the following provider: DHL Home Delivery GmbH, Sträßchensweg 10, 53113 Bonn, Germany

Name, address and, if applicable, other personal data are passed on to the provider exclusively for the purpose of processing the online order in accordance with Art. 6(1)(b) GDPR. Your data is only passed on insofar as this is actually necessary for processing the order.

8.3 Shopify Digital Download

For order processing, we use the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

8.4 Post & DHL Shipping (official)

For preparing shipment, we use the services of the following provider: Deutsche Post DHL Research And Innovation GmbH, Kurt-Schumacher-Str. 1, 53113 Bonn
Pursuant to Art. 6(1)(b) GDPR, we transmit digital shipping labels with your delivery information exclusively for the purpose of processing your online order from our order processing system to the provider, which then sends them to our local printers to enable printing. The data is only passed on insofar as this is actually necessary for processing.

8.5 Shopify Order Printer

For order processing, we use the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

Name, address and, if applicable, other personal data are passed on to the provider for the purpose of processing the online order in accordance with Art. 6(1)(b) GDPR. Your data is only passed on insofar as this is actually necessary for processing the order. The provider is also used for accounting purposes. The provider processes incoming and outgoing invoices as well as, if applicable, our company’s bank transactions in order to automatically record invoices, match them to transactions, and, in a partially automated process, prepare the financial accounting.

If personal data is processed in this context, processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in efficient organization and documentation of our business operations.

8.6 Use of Payment Service Providers (Payment Services)

- Amazon Pay

One or more online payment methods of the following provider are available on this website: Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg

If you select a payment method of the provider where you make advance payment (e.g., credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be transmitted to the provider in accordance with Art. 6(1)(b) GDPR. In this case, your data is transmitted exclusively for the purpose of payment processing with the provider and only to the extent necessary for this purpose.
- Apple Pay

If you choose the payment method “Apple Pay” of Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment is processed via the “Apple Pay” function of your device operated with iOS, watchOS or macOS by charging a payment card stored in “Apple Pay”. Apple Pay uses security features integrated into your device’s hardware and software to protect your transactions. To approve a payment, it is therefore necessary to enter a code set by you in advance and to verify it using your device’s “Face ID” or “Touch ID” function.

For the purpose of payment processing, the information you provided during the ordering process together with information about your order will be transmitted to Apple in encrypted form. Apple then re-encrypts this data with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the success of the payment.

If personal data is processed in the transmissions described, processing is carried out exclusively for the purpose of payment processing pursuant to Art. 6(1)(b) GDPR.

Apple retains anonymized transaction data, including the approximate purchase amount, the approximate date and time, and whether the transaction was successfully completed. The anonymization completely excludes any personal reference. Apple uses the anonymized data to improve “Apple Pay” and other Apple products and services.

If you use Apple Pay on iPhone or Apple Watch to complete a purchase you made via Safari on Mac, the Mac and the authorization device communicate via an encrypted channel on Apple’s servers. Apple does not process or store any of this information in a format that can identify you personally. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to “Wallet & Apple Pay” and disable “Allow Payments on Mac”.

Further information on data protection for Apple Pay can be found at the following internet address: https://support.apple.com/de-de/HT203027
- Google Pay

If you choose the payment method “Google Pay” of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), payment is processed via the “Google Pay” app on your mobile device running at least Android 4.4 (“KitKat”) and equipped with an NFC function by charging a payment card stored in Google Pay or another verified payment system (e.g., PayPal). To approve a payment via Google Pay in excess of 25 euros, it is necessary to first unlock your mobile device using the verification method set up (e.g., facial recognition, password, fingerprint or pattern).

For the purpose of payment processing, the information you provided during the ordering process together with information about your order is transmitted to Google. Google then transmits your payment information stored in Google Pay in the form of a one-time transaction number to the originating website, which is used to verify that payment has been made. This transaction number contains no information about the actual payment data of the payment instruments stored in Google Pay, but is created and transmitted as a one-time valid numerical token. For all transactions via Google Pay, Google acts solely as an intermediary to process the payment process. The transaction is carried out exclusively in the relationship between the user and the originating website by charging the payment instrument stored in Google Pay.

If personal data is processed in the transmissions described, processing is carried out exclusively for the purpose of payment processing pursuant to Art. 6(1)(b) GDPR.

Google reserves the right to collect, store and evaluate certain transaction-specific information for each transaction made via Google Pay. This includes the date, time and amount of the transaction, merchant location and description, a description of the purchased goods or services provided by the merchant, photos you added to the transaction, the name and e-mail address of the seller and buyer or sender and recipient, the payment method used, your description of the reason for the transaction and, if applicable, the offer associated with the transaction.

According to Google, this processing is carried out exclusively pursuant to Art. 6(1)(f) GDPR on the basis of the legitimate interest in proper accounting, verification of transaction data, and optimization and maintenance of the functionality of the Google Pay service.

Google also reserves the right to combine the processed transaction data with additional information collected and stored by Google when using other Google services.

The terms of use of Google Pay can be found here:

https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Further information on data protection for Google Pay can be found at the following internet address:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
- PayPal

One or more online payment methods of the following provider are available on this website: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

If you select a payment method of the provider where you make advance payment, your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be transmitted to the provider in accordance with Art. 6(1)(b) GDPR. In this case, your data is transmitted exclusively for the purpose of payment processing with the provider and only to the extent necessary for this purpose.

If you select a payment method where we make advance performance, you will also be asked during the ordering process to provide certain personal data (first and last name, street, house number, postal code, city, date of birth, e-mail address, telephone number, and, if applicable, data relating to an alternative payment method).

In order to safeguard our legitimate interest in determining your ability to pay in such cases, we will forward this data to the provider for the purpose of a credit assessment in accordance with Art. 6(1)(f) GDPR. Based on the personal data you provide as well as other data (such as shopping cart, invoice amount, order history, payment experience), the provider checks whether the payment option you selected can be granted with regard to payment default and/or receivables default risks.

The credit assessment may contain probability values (so-called score values). Insofar as score values are included in the result of the credit assessment, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things, but not exclusively, address data.

You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data insofar as this is necessary for contractual payment processing.
- PayPal Checkout

This website uses PayPal Checkout, an online payment system from PayPal that consists of PayPal’s own payment methods and local payment methods from third-party providers.

When paying via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “Pay Later” via PayPal, we transmit your payment data within the scope of payment processing to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). The transfer is carried out in accordance with Art. 6(1)(b) GDPR and only insofar as this is necessary for payment processing.

For the payment methods credit card via PayPal, direct debit via PayPal or – if offered – “Pay Later” via PayPal, PayPal reserves the right to carry out a credit assessment. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6(1)(f) GDPR on the basis of PayPal’s legitimate interest in determining your ability to pay. PayPal uses the result of the credit assessment with regard to the statistical probability of payment default for the purpose of deciding on the provision of the respective payment method. The credit assessment may contain probability values (so-called score values). Insofar as score values are included in the result of the credit assessment, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things, but not exclusively, address data. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data insofar as this is necessary for contractual payment processing.

If the PayPal payment method “Purchase on account” is available and selected, your payment data is first transmitted to PayPal to prepare the payment, after which PayPal forwards it to Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin (“Ratepay”) to carry out the payment. The legal basis in each case is Art. 6(1)(b) GDPR. In this case, Ratepay carries out an identity and credit assessment in its own name to determine your ability to pay in accordance with the principle already mentioned above and passes on your payment data to credit agencies on the basis of the legitimate interest in determining your ability to pay in accordance with Art. 6(1)(f) GDPR. A list of the credit agencies that Ratepay may use can be found here: https://www.ratepay.com/legal-payment-creditagencies/

If you use a payment method of a local third-party provider, your payment data is first passed on to PayPal to prepare the payment in accordance with Art. 6(1)(b) GDPR. Depending on your selection of an available local payment method, PayPal then transmits your payment data to the corresponding provider to carry out the payment in accordance with Art. 6(1)(b) GDPR:

- Apple Pay (Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
- iDeal (Currence Holding BV, Beethovenstraat 300 Amsterdam, Netherlands)
- bancontact (Bancontact Payconiq Company, Rue d'Arlon 82, 1040 Brussels, Belgium)
- blik (Polski Standard Płatności sp. z o.o., ul. Czerniakowska 87A, 00-718 Warsaw, Poland)
- eps (PSA Payment Services Austria GmbH, Handelskai 92, Gate 2
1200 Vienna, Austria)
- MyBank (PRETA S.A.S, 40 Rue de Courcelles, F-75008 Paris, France)
- Przelewy24 (PayPro SA, Kanclerska 15A, 60-326 Poznań, Poland)

For further information on data protection, please refer to PayPal’s privacy policy: https://www.paypal.com/de/legalhub/paypal/privacy-full
- Shopify Payments

One or more online payment methods of the following provider are available on this website: Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

8.7 Electronic Cancellation Option for Continuing Obligations with Consumers

Consumers who have entered into contracts on this website for paid continuing obligations (such as subscription contracts) have the option to terminate them via an electronic button in accordance with the applicable notice periods.

Clicking the button leads to a confirmation page on which the consumer can provide further details regarding the termination, clearly identify themselves, and then declare the termination electronically.

The collection of personal data and its transmission to us is carried out in accordance with Art. 6(1)(b) GDPR and only insofar as it is necessary for the proper processing of the termination. Also on the basis of Art. 6(1)(b) GDPR, the personal data provided is used to confirm receipt of the termination declaration and the time of termination electronically in text form. A further legal basis for processing is Art. 6(1)(c) GDPR. We are legally obliged to provide an electronic cancellation option for consumer contracts concluded by way of electronic commerce relating to paid continuing obligations.

9) Web Analytics Services

9.1 Shopify Analytics

This website uses the web analytics service of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

Using cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymized visitor data, including information about the device used such as the IP address and browser information, in order to evaluate it for statistical analyses of user behavior on our website and to create pseudonymized user profiles. Among other things, it is possible to evaluate movement patterns (so-called heatmaps) that show the duration of page visits and interactions with page content (e.g., text entries, scrolling, clicks and mouse-overs). Pseudonymization generally excludes direct personal identifiability. Data is not merged with personal data collected in other ways.

All processing described above, in particular reading or storing information on the device used, is carried out only if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website.

We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

9.2 Shopify Network Intelligence

On this website, the function “Shopify Network Intelligence” of the following provider is used: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”)

By means of the function, certain customer data (order and search histories, location information and transaction details), insofar as collected, is automatically transmitted to Shopify in pseudonymized form, prepared by Shopify and then processed for statistical and analysis purposes.

The analysis results may also incorporate pseudonymized data from customers of other Shopify merchants, without any merchant gaining individual access to these external data sets beyond its own customer base.

As part of the processing, Shopify does not gain access to identifiable data, but encrypts the information automatically during the transmission process using a special algorithm.

Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in the statistical evaluation of our shop reach and the acceptance of our offer for optimization purposes.

As part of the processing mentioned above, data may also be transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

10) Page Functionalities

10.1 Facebook Plugins

Our website uses plugins of the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins enable direct interactions with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page by means of a so-called “2-click” or “Shariff” solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection to the provider’s servers is established yet.

If you are logged into an existing user profile on the provider’s social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin again by clicking it once more. However, the revocation does not affect the data that has already been transmitted to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.2 Instagram Plugins

Our website uses plugins of the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins enable direct interactions with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page by means of a so-called “2-click” or “Shariff” solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection to the provider’s servers is established yet.

Only when you activate the plugins and thereby give your consent to data transfer pursuant to Art. 6(1)(a) GDPR does your browser establish a direct connection to the provider’s servers. In doing so, regardless of whether you are logged into an existing user profile, certain information about your device used (including your IP address), your browser and your page history is transmitted to the provider and may be further processed there.

If you are logged into an existing user profile on the provider’s social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin again by clicking it once more. However, the revocation does not affect the data that has already been transmitted to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.3 hCaptcha

On this website, we use the CAPTCHA service of the following provider: Intuition Machines, Inc., 350 Alabama St, San Francisco, CA 94110, USA

The service checks whether an entry is made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks and similar automated malicious access. To ensure that an action is performed by a human and not by an automated bot, the provider collects the IP address of the device used, identification data of the browser and operating system type used, as well as the date and duration of the visit and transmits these to the provider’s servers for evaluation.

The legal basis is our legitimate interest in establishing individual personal responsibility on the internet and preventing misuse and spam pursuant to Art. 6(1)(f) GDPR.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For the transfer of data to the USA, the provider relies on the European Commission’s Standard Contractual Clauses, which are intended to ensure compliance with the European level of data protection.

11) Tools and Miscellaneous

11.1 - sevDesk

For accounting purposes, we use the service of the cloud-based accounting software of the following provider: sevDesk GmbH, Hauptstraße 115, 77652 Offenburg, Germany

The provider processes incoming and outgoing invoices as well as, if applicable, our company’s bank transactions in order to automatically record invoices, match them to transactions and, in a partially automated process, prepare the financial accounting.

If personal data is processed in this context, processing is carried out on the basis of our legitimate interest in efficient organization and documentation of our business operations pursuant to Art. 6(1)(f) GDPR.

11.2 Cookie Consent Tool

This website uses a so-called “cookie consent tool” to obtain effective user consents for cookies requiring consent and cookie-based applications. The “cookie consent tool” is displayed to users when they access the website in the form of an interactive user interface, on which consents for certain cookies and/or cookie-based applications can be given by ticking boxes. By using the tool, all cookies/services requiring consent are only loaded if the respective user gives corresponding consent by ticking the box. This ensures that such cookies are only set on the user’s device if consent has been given.

The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed in this context.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning, or logging cookie settings, this is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

A further legal basis for processing is also Art. 6(1)(c) GDPR. As controller, we are subject to the legal obligation to make the use of technically non-essential cookies dependent on the respective user’s consent.

Where required, we have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

Further information about the operator and the settings options of the cookie consent tool can be found directly in the corresponding user interface on our website.

12) Rights of the Data Subject

12.1 Applicable data protection law grants you, vis-à-vis the controller, the following data subject rights (rights of access and intervention) with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective requirements for exercising these rights:

Right of access pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to erasure pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to be informed pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to withdraw consent pursuant to Art. 7(3) GDPR;
Right to lodge a complaint pursuant to Art. 77 GDPR.

12.2 RIGHT TO OBJECT

IF, AS PART OF A BALANCING OF INTERESTS, WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

13) Duration of Storage of Personal Data

The duration of storage of personal data is determined by the respective legal basis, the purpose of processing, and – where applicable – additionally by the respective statutory retention period (e.g., retention periods under commercial and tax law).

When processing personal data on the basis of express consent pursuant to Art. 6(1)(a) GDPR, the data concerned will be stored until you revoke your consent.

If there are statutory retention periods for data processed within the framework of legal or quasi-legal obligations on the basis of Art. 6(1)(b) GDPR, such data will be routinely deleted after expiry of the retention periods, provided that it is no longer required for the fulfillment or initiation of a contract and/or we have no legitimate interest in continued storage.

When processing personal data on the basis of Art. 6(1)(f) GDPR, such data will be stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

When processing personal data for direct marketing purposes on the basis of Art. 6(1)(f) GDPR, such data will be stored until you exercise your right to object pursuant to Art. 21(2) GDPR.

Unless otherwise stated in the other information in this declaration about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Status: 25.12.2025, 04:18:47 Uhr

Country/Region

Language

Country/Region

Language

Privacy policy

1) Introduction and Contact Details of the Controller

2) Data Collection When Visiting Our Website

3) Hosting & Content Delivery Network

4) Cookies

5) Contact

6) Data Processing When Opening a Customer Account

7) Use of Customer Data for Direct Marketing

8) Data Processing for Order Handling

9) Web Analytics Services

10) Page Functionalities

11) Tools and Miscellaneous

12) Rights of the Data Subject

13) Duration of Storage of Personal Data