    <div class="cms-sections">
                                            
            
            
            
                                        
                                    
                            <div class="cms-section  pos-0 cms-section-default"
                     style="">

                            <div class="cms-section-default boxed">
        
                            
                
                
    
    
    
    
            
    
                
            
    <div class="cms-block  pos-0 cms-block-text"
         style="">
                            
                    <div class="cms-block-container"
                 style="padding: 20px 20px 20px 20px;">

                                    <div class="cms-block-container-row row cms-row ">
                                    
    <div class="col-12" data-cms-element-id="e447e3d586fa477db1d8b758313ea239">
                        
    <div class="cms-element-text">
                                                        <div class="gaisbock-data">
<p>Of Gaisbock GmbH</p>
<p>As of: March 8, 2023</p></div><p></p>
<h2><strong>Introduction</strong></h2>
<p>This privacy policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online offering and the associated websites, functions, and content, as well as external online presences, such as our social media profiles. (hereinafter collectively referred to as the "online offering")</p>
<p>- The first section of the privacy policy provides information about the controller of the processing as well as an overview of our processing operations.</p>
<p>- The second section provides information about your rights, the relevant legal norms, and general information about our data processing.</p>
<p>- The third section contains information about the individual processing operations. This section is divided into further areas, such as core services, reach measurement, or marketing.</p>
<p>- The fourth and final section contains a glossary within the scope of providing our services with explanations and descriptions of the terms used in the privacy policy. That is, if you are unfamiliar with the terms used (such as "personal data" or "cookie"), please refer to the last section. Furthermore, all terminology used (e.g., "controller" or "user") is to be understood in a gender-neutral manner.</p>
<p> </p>
<h2><strong>TABLE OF CONTENTS</strong></h2>
<h3>Section I – Controller and Overview of Data Processing Controller</h3>
<p>Responsible person</p>
<p>- Contact Data Protection Officer</p>
<p>- Types of processed data</p>
<p>- Processing of special categories of data (Art. 9 para. 1 GDPR)</p>
<p>- Categories of data subjects affected by the processing</p>
<p>- Purpose of processing</p>
<p>- Automated individual decision-making (Art. 22 GDPR)</p>
<h2> </h2>
<h3>Section II – Data Subject Rights, Legal Bases, and General Information</h3>
<p>- Rights of data subjects</p>
<p>- Right of withdrawal</p>
<p>- Right to object</p>
<p>- Cookies and right to object in direct marketing</p>
<p>- Data deletion and archiving obligations</p>
<p>- Changes and updates to the privacy policy</p>
<p>- Relevant legal bases</p>
<p>- Security of data processing</p>
<p>- Disclosure and transmission of data</p>
<p>- Transfers to third countries</p>
<p> </p>
<h3>SECTION III – PROCESSING PROCESSES</h3>
<p>- Core Area of Data Processing</p>
<p>- Order Processing in the Online Shop </p>
<p>- Customer Account</p>
<p>- Credit Check</p>
<p>- Response to Inquiries and Customer Support</p>
<p>- Business Analysis and Market Research</p>
<p>- External Online Presences</p>
<p>- Online Presence in Social Media</p>
<p>- Web Servers and Security</p>
<p>- Server Logs</p>
<p>- Own Global Single Sign-On Procedure</p>
<p>- Embedded Content and Features</p>
<p>- ervices and Content from Google</p>
<p>- Functions and Content from Facebook</p>
<p>- Functions and Content from Instagram</p>
<p>- Functions and Content from Pinterest</p>
<p>- Marketing</p>
<p>- Newsletter Dispatch and Success Measurement</p>
<p>- Communication via Mail, Email, Fax, or Telephone</p>
<p>- Contests and Competitions</p>
<p>- Reach Measurement, Online Marketing, and Technology Partners</p>
<p>- Google Tag Manager</p>
<p>- Google Analytics</p>
<p>- Google AdWords</p>
<p>- Google Double Click</p>
<p>- Facebook Pixel</p>
<p> </p>
<h3>SECTION IV - DEFINITION OF TERMS</h3>
<p> </p>
<h3><strong>SECTION I - DATA CONTROLLER AND OVERVIEW OF DATA PROCESSING</strong></h3>
<h4>Data Controller:</h4>
<p>Gaisbock GmbH</p>
<p>Bahnhofstrasse 10, 6056 Kägiswil, Switzerland</p>
<p>Management: Ramon Riebli &amp; Alois Britschgi<br />Owner: Ramon Riebli</p>
<p>Phone: +41 41 662 89 88</p>
<p>Email: info@gaisbock.ch</p>
<p> </p>
<p>Contact Data Protection Officer:</p>
<p>Email: info@gaisbock.ch</p>
<p> </p>
<h4>Types of Processed Data:</h4>
<p>- Inventory data (e.g., names, addresses).</p>
<p>- Contact details (e.g., email, phone numbers).</p>
<p>- Content data (e.g., text inputs, photographs, videos).</p>
<p>- Contract data (e.g., subject matter of the contract, duration, customer category).</p>
<p>- Payment data (e.g., bank details, payment history).</p>
<p>- Usage data (e.g., visited web pages, interest in content, access times).</p>
<p>- Meta/contact data (e.g., device information, IP addresses).</p>
<p> </p>
<h4>Processing of Special Categories of Data (Art. 9 para. 1 GDPR):</h4>
<p>No special categories of data are processed.</p>
<p> </p>
<h4>Categories of Persons Affected by Processing:</h4>
<p>- Customers / Prospects / Business Partners.</p>
<p>- Visitors and users of the online offer.</p>
<p>Hereinafter, we collectively refer to the affected persons as "users."</p>
<p> </p>
<h4>Purpose of Processing:</h4>
<p>- Provision of the online offer, its content, and functions.</p>
<p>- Provision of contractual services, service, and customer care.</p>
<p>- Response to contact inquiries and communication with users.</p>
<p>- Marketing, analysis of purchasing behavior, usage behavior, advertising, and market research.</p>
<p>- Security measures.</p>
<p> </p>
<h4>Automated Individual Decision-Making (Art. 22 GDPR):</h4>
<p>- Credit check in the case of advance performance in accordance with Art. 22 GDPR.</p>
<p>Date: August 2019</p>
<p> </p>
<h3><strong>SECTION II - RIGHTS OF DATA SUBJECTS, LEGAL BASIS, AND GENERAL INFORMATION</strong></h3>
<h4>Rights of Data Subjects:</h4>
<p>You have the right to request confirmation as to whether data concerning you is being processed and to obtain information about this data and further information and a copy of the data in accordance with Art. 15 GDPR. You have the right, in accordance with Art. 16 GDPR, to request the completion of data concerning you or the rectification of inaccurate data concerning you.</p>
<p>You have the right, pursuant to Art. 17 GDPR, to demand that the data concerning you be deleted without delay, or alternatively, in accordance with Art. 18 GDPR, to demand a restriction of the processing of the data.</p>
<p>You have the right, in accordance with Art. 20 GDPR, to receive the data concerning you that you have provided to us and to demand its transmission to other controllers.</p>
<p>Furthermore, in accordance with Art. 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority.</p>
<p> </p>
<h4>Right to Withdraw Consent:</h4>
<p>You have the right to revoke consent given in accordance with Art. 7 para. 3 GDPR with effect for the future.</p>
<p> </p>
<h4>Right to Object</h4>
<p>You have the right to object to the future processing of data concerning you in accordance with Art. 21 GDPR at any time. The objection can be made in particular against processing for the purposes of direct marketing.</p>
<p> </p>
<h4>Cookies and Right to Object in Direct Marketing</h4>
<p>We use temporary and permanent cookies, i.e., small files that are stored on users' devices (explanation of the term and function, see last section of this privacy policy). Some of the cookies are used for security or are necessary for the operation of our online offer (e.g., for displaying the website) or to save the user's decision when confirming the cookie banner. In addition, we or our technology partners use cookies for reach measurement and marketing purposes, as users are informed about in the course of the privacy policy.</p>
<p>A general objection to the use of cookies for online marketing purposes, especially in the case of tracking, can be declared via the US-American website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that in this case, not all functions of this online offer may be available.</p>
<p> </p>
<h4>Deletion of Data and Archiving Obligations</h4>
<p>The data processed by us will be deleted or restricted in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal retention obligations preventing their deletion. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.</p>
<p>In accordance with legal requirements in Germany, the storage takes place in particular for 10 years in accordance with §§ 147 para. 1 AO, 257 para. 1 nos. 1 and 4, para. 4 HGB (books, records, management reports, accounting documents, commercial books, for taxation-relevant documents, etc.) and 6 years in accordance with § 257 para. 1 nos. 2 and 3, para. 4 HGB (commercial letters).</p>
<p> </p>
<h4>Changes and Updates to the Privacy Policy</h4>
<p>We ask you to inform yourself regularly about the content of our privacy policy. We will adjust the privacy policy as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation action (e.g., consent) or individual notification.</p>
<p> </p>
<h4>Relevant Legal Bases</h4>
<p>In accordance with Art. 13 GDPR, we inform you of the legal bases of our data processing. If the legal basis is not mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and the performance of contractual measures as well as responding to inquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.</p>
<p>The bases for commercial communication outside of business relationships, in particular by mail, telephone, fax, and email, are contained in § 7 UWG.</p>
<p> </p>
<h4>Security of Data Processing</h4>
<p>We take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk; These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability, and its separation. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and the response to data breaches. We also consider the protection of personal data during the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default (Art. 25 GDPR).</p>
<p>Security measures include in particular the encrypted transmission of data between your browser and our server.</p>
<p>Employees are obliged to maintain confidentiality with regard to data protection, instructed and informed about possible liability consequences.</p>
<p> </p>
<h4>Disclosure and Transmission of Data</h4>
<p>If we disclose, transfer, or grant access to data to other persons and companies (contract processors or third parties) within the scope of our processing, this only takes place on the basis of legal permission (e.g., if a transfer of the data to third parties, such as payment service providers, is necessary for the performance of the contract pursuant to Art. 6 para. 1 lit. b GDPR), you have consented, a legal obligation provides for this, or on the basis of our legitimate interests (e.g., when using agents, web hosts, etc.).</p>
<p>If we commission third parties with the processing of data on the basis of a so-called "data processing agreement", this is done on the basis of Art. 28 GDPR.</p>
<p>If we disclose, transmit, or otherwise grant access to data to other companies in our group of companies, this is done in particular for administrative purposes as a legitimate interest and, beyond that, on the basis of a data processing agreement.</p>
<p> </p>
<h4>Transfers to Third Countries</h4>
<p>If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosure, or transmission of data to third parties, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, a legal obligation, or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. GDPR are met. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to that of the EU (e.g., for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").</p>
<p> </p>
<h3><strong>SECTION III - PROCESSING PROCESSES</strong></h3>
<p>In the following presentation, you will receive an overview of the processing activities we have carried out, which we have subdivided into further areas of activity. Please note that the areas of activity serve only as a guide and that processing activities may overlap (e.g., the same data may be processed in multiple procedures).</p>
<p> </p>
<p>For the sake of clarity and understanding, you will find frequently recurring terms in Section IV of this privacy policy.</p>
<p> </p>
<h4>Core area of data processing</h4>
<p>In this area, you will find information about our core services and tasks, such as responding to inquiries and providing our contractual services and associated ancillary tasks.</p>
<p> </p>
<h4>Order processing in the online shop</h4>
<p>We process our customers' data as part of the ordering process in our online shop to enable them to select and order the chosen products and services, as well as to enable payment and delivery or execution.</p>
<p>- Processed data: Inventory data, contact data, contract data, payment data.</p>
<p>- Concerned parties: Customers, interested parties, business partners.</p>
<p>- Purpose of processing: Provision of contractual services within the operation of an online shop, billing, delivery, customer service.</p>
<p>- Type, scope, functioning of processing: Persistent cookies for shopping cart and login status.</p>
<p>- Legal basis: Art. 6 para. 1 lit. b (execution of order processes) and c (legally required archiving) GDPR.</p>
<p>- Necessity/interest in processing: The data is necessary for the establishment and fulfillment of the contract.</p>
<p>- Processing in third countries: No, only upon customer request for delivery or payment.</p>
<p>- Deletion of data: The data will be deleted after the expiry of statutory warranty and comparable obligations, the necessity of storing the data is reviewed every three years; in the case of statutory archiving obligations, deletion will take place after their expiry (end of commercial (6 years) and tax (10 years) storage obligation). Information in the customer account remains until it is deleted.</p>
<p> </p>
<h4>Customer account</h4>
<p>A customer account (which also includes the wish list) requires registration. Subsequently, users can track their orders, among other functions, after entering their login data.</p>
<p>- Processed data: Inventory data (first name, last name; email address; password (encrypted)), contact data, contract data, payment data, product data/product preferences, usage data, referrer data.</p>
<p>- Concerned parties: Customers, interested parties.</p>
<p>- Purpose of processing: Creation and operation of a customer account to manage the contractual relationship.</p>
<p>- Type, scope, functioning of processing: Registration process, cancellation option.</p>
<p>- Legal basis: Art. 6 para. 1 lit. b. GDPR.</p>
<p>- Protection measures: The public account information of the users is not visible or searchable by external entities, such as search engines or other users. Users are responsible for securely storing their access data.</p>
<p>- Necessity/interest in processing: The customer account is optional, data necessary for its operation. Mandatory fields are marked as such. Furthermore, each user decides on additional information themselves.</p>
<p>- Disclosure external and purpose: No.</p>
<p>- Processing in third countries: No.</p>
<p>- Deletion of data: Information in the customer account remains until it is deleted, followed by archiving in case of a legal obligation (end of commercial (6 years) and tax (10 years) storage obligation).</p>
<p> </p>
<h4>Credit check</h4>
<p>If we advance payment (e.g., purchase on account), we reserve the right to obtain an identity and credit check in order to assess the credit risk based on mathematical-statistical procedures from specialized service companies (credit agencies) to safeguard legitimate interests. We process the information received from the credit agencies about the statistical probability of a payment default as part of a sound discretion decision on the establishment, execution, and termination of the contractual relationship. In the event of a negative result of the credit check, we reserve the right to refuse payment on account or other advance payment.</p>
<p>- Processed data: Name, postal address, date of birth, information about the type of contract, bank details.</p>
<p>- Special categories of personal data: No.</p>
<p>- Legal basis: Art. 6 para. 1 lit. f. GDPR; If based on user consent: Art. 6 para. 1 lit. a., Art. 7 GDPR.</p>
<p>- Concerned parties: Customers, interested parties.</p>
<p>- Purpose of processing: Assessment of the probability of defaulting on receivables.</p>
<p>- Type, scope, functioning of processing: We process the information received from the credit agencies about the statistical probability of a payment default as part of a sound discretion decision on the establishment, execution, and termination of the contractual relationship. In the event of a negative result of the credit check, we reserve the right to refuse payment on account or other advance payment.</p>
<p>- Necessity/interest in processing: Business interests.</p>
<p>- Processing in third countries: No.</p>
<p>- Automated individual decision-making according to Art. 22 GDPR: The decision on whether we advance payment is made solely on the basis of automated individual decision-making in accordance with Art. 22 GDPR, which our software makes based on the information from the credit agency without the involvement of employees.</p>
<p> </p>
<h4>Answering inquiries and customer support</h4>
<p>We process the information in the inquiries we receive via our contact form and through other channels, e.g., via email, to respond to the inquiries. For these purposes, the inquiries may be stored in our customer relationship management system (CRM system) or similar procedures that serve us to manage inquiries. For customer relationship management purposes, we use so-called CRM software. With the help of the software, we can answer inquiries more effectively and quickly.</p>
<p>- Processed data: Inventory data, contact data, contract data, payment data, usage data, metadata; e.g.</p>
<p>- Concerned parties: Customers, interested parties, business partners, website visitors.</p>
<p>- Purpose of processing: Answering inquiries.</p>
<p>- Type, scope, functioning of processing: Registration process, cancellation option.</p>
<p>- Legal basis: Art. 6 para. 1 lit. a./ b. GDPR.</p>
<p>- Necessity/interest in processing: Necessary to answer inquiries, optimization, user-friendliness, business interests.</p>
<p>- Protection measures: Data processing agreement.</p>
<p>- Processing in third countries: USA.</p>
<p>- Guarantee for processing in third countries: www.privacyshield.gov.</p>
<p>- Deletion of data: We delete inquiries if they are no longer necessary. We review the necessity every two years; inquiries from customers who have a customer account are stored permanently and refer to the deletion information in the customer account. In the case of legal archiving obligations, deletion will take place after their expiry (end of commercial (6 years) and tax (10 years) storage obligation).</p>
<p> </p>
<h4>Business analyses and market research</h4>
<p>To operate our business economically, recognize market trends, customer and user preferences, we analyze the data available to us on business transactions, contracts, inquiries, etc. For this purpose, we combine the personal data of customers from registrations and orders with the behavior-related data of customers.</p>
<p>As part of the business evaluation, we combine user data regardless of the devices used (e.g., if users use our online offering on a mobile or stationary device).</p>
<p>- Processed data: Inventory data, contact data, contract data, payment data, usage data and metadata, e.g., activity data on our online channels originating from emails, e.g., data on the accessed page, page history, the device used, geo-data, and data on the pseudonymized identification of the user profile).</p>
<p>- Legal basis: Art. 6 para. 1 lit. f. GDPR.</p>
<p>- Concerned parties</p>
<h4>- Services Used:</h4>
<p>- Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA or for users within the European Union: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) - Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&amp;status=Active.</p>
<p>- Google/YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Privacy Policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&amp;status=Active.</p>
<p>- Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Policy/Opt-Out: http://instagram.com/about/legal/privacy/.</p>
<p>- Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) - Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&amp;status=Active.</p>
<p>- Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy Policy/Opt-Out: https://about.pinterest.com/de/privacy-policy.</p>
<p> </p>
<h3>Web Server and Security</h3>
<h4>Server Logs</h4>
<p>The server hosting this online service collects so-called log files with data from users each time the online service is accessed. The data serves both statistical analysis for maintaining and optimizing server operation and for security purposes, such as detecting potential unauthorized access attempts.</p>
<p>- Processed Data: Usage data and metadata (name of accessed webpage, file, date and time of access, amount of data transmitted, message about successful retrieval, browser type and version, user's operating system, referrer URL (previously visited page), IP address, and requesting provider).</p>
<p>- Special categories of personal data: No.</p>
<p>- Legal basis: Art. 6 para. 1 lit. f GDPR.</p>
<p>- Concerned parties: Customers, prospects, visitors to the online service.</p>
<p>- Purpose of processing: Optimization of server operation and security monitoring.</p>
<p>- Necessity / interest in processing: Security, business interests.</p>
<p>- Processing in third countries: No.</p>
<p>- Deletion of data: After 30 days from collection.</p>
<p> </p>
<h4>Own Global Single-Sign-On Procedure</h4>
<p>We use our own "Single-Sign-On" procedure, which allows our users to log in with a user account within the online presence of our corporate group.</p>
<p>- Processed Data: Master data (name, email address, password (only processed at Facebook), user ID, user handle);</p>
<p>- External disclosure: Companies of the Nature’s Design group.</p>
<p>- Privacy Policy: Please refer to this privacy policy.</p>
<p>- Processing in third countries: USA.</p>
<p>- Guarantee for processing in third countries: Privacy Shield www.privacyshield.gov.</p>
<p> </p>
<h4>Embedded Content and Features</h4>
<p>In this section, we inform you about the content, software, or features (short "content") of other providers that we embed in our online service based on Art. 6 para. 1 lit. f GDPR (so-called "embedding"). Embedding is done to make our online service more interesting for our users or for legal reasons, such as presenting videos or social media posts within our online service at all. Embedding can also serve to improve the speed or security of the online service, for example, when software elements or fonts are obtained from other sources. In all cases, the processed data include user usage and metadata, as well as the IP address necessarily transmitted to the provider for embedding the content, with the affected persons being visitors to our online service. The categories of data subjects include users of our online service, customers, and prospects. Further explanations can be found in the definitions of terms, especially regarding the functionalities and protective measures, at the end of this privacy policy. The deletion of data is determined by the data protection conditions of the providers of the embedded content.</p>
<p> </p>
<h4>Services and Content from Google</h4>
<p>We use the following services and content from the provider Google: YouTube – Videos; Google Maps – Maps; Google Fonts – Fonts; Google – Recaptcha (bot detection for form entries).</p>
<p>- Processed Data: Usage data, metadata.</p>
<p>- Type, scope, functionality of processing: Permanent cookies, third-party cookies, interest-based marketing, tracking.</p>
<p>- Special protective measures: Pseudonymization, opt-out.</p>
<p>- Opt-Out: http://tools.google.com/dlpage/gaoptout?hl=de, https://adssettings.google.com/.</p>
<p>- External disclosure: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.</p>
<p>- Privacy Policy: https://www.google.com/policies/privacy.</p>
<p>- Processing in third countries: USA.</p>
<p>- Guarantee for processing in third countries: Privacy Shield www.privacyshield.gov.</p>
<p>- Data deletion: The data will be deleted in accordance with Google's provisions.</p>
<p> </p>
<h4>Functions and Content from Facebook</h4>
<p>Within our online service, functions and content of the Facebook service may be integrated. This may include content such as images, videos, or texts and buttons with which users can express their liking for the content, subscribe to the authors of the content, or our contributions.</p>
<p>- Processed Data: Usage data, metadata; if users are registered with the service, the above data Communication via Mail, Email, Fax, or Telephone Sending of informational material, telephonic contact.</p>
<p>- Processed Data: Usage data, master data, address and contact data, contract data.</p>
<p>- Special categories of personal data: No.</p>
<p>- Legal basis: Art. 6 para. 1 lit. a, Art. 7 GDPR, Art. 6 para. 1 lit. f GDPR in conjunction with legal requirements for advertising communications.</p>
<p>- Concerned parties: Customers, participants, prospects, communication partners.</p>
<p>- Purpose of processing: Advertising communication.</p>
<p>- Type, scope, functionality of processing: Contact is made only with the consent of the communication partners or within the framework of legal permissions.</p>
<p>- Necessity / interest in processing: Information and business interests.</p>
<p>- External disclosure and purpose: No.</p>
<p>- Deletion of data: With objection/revocation or expiration of legal authorization.</p>

<p> </p>
<h4>Contests and Competitions</h4>
<p>As part of contests and competitions ("contests"), we process the data of participants to conduct the contests. Further information on the processing of your data within the individual contests as well as any consent to the publication of their names or contest contributions will be provided to users within the terms and conditions of participation of the respective contests.</p>
<p>- Processed Data: Master data, contact data, content data (e.g., contributions to contests).</p>
<p>- Special categories of personal data: No.</p>
<p>- Legal basis: Art. 6 para. 1 lit. b GDPR.</p>
<p>- Concerned parties: Participants.</p>
<p>- Purpose of processing: Conducting the contests, notifying winners, sending prizes, potentially presenting winners.</p>
<p>- External disclosure and purpose: Shipping companies for prize shipment, potentially partners and sponsors of prizes.</p>
<p>- Processing in third countries: No, except for shipping prizes abroad.</p>
<p>- Deletion of data: As soon as the data are no longer needed for conducting the contest (e.g., for queries regarding prizes); in the case of the publication of winners or contest contributions, these generally remain online permanently; otherwise, archiving in the event of a legal obligation (end of commercial (6 years) and tax (10 years) retention periods).</p>
<p> </p>
<h4>Reach Measurement, Online Marketing, and Technology Partners</h4>
<p>In this section, we inform you about the services of technology partners used for reach measurement and online marketing purposes. Their use is based on Art. 6 para. 1 lit. f GDPR and our interest in increasing user-friendliness, optimizing our offer, and its economic efficiency. The processed data in all cases include usage and metadata. Special categories of data are not processed. Customers, prospects, and other visitors to our online service are affected. Further explanations can be found in the definitions of terms, especially regarding functionalities and protective measures, at the end of this privacy policy. Data deletion is determined, unless otherwise specified, in accordance with the data protection policies of the technology partners.</p>
<p> </p>
<h4>Google Analytics</h4>
<p>We use Google Analytics for reach measurement and audience building purposes.</p>
<p>- Processed Data: Usage data, metadata, customer ID with us (Google only receives the customer ID as pseudonymous data without the associated master data, such as names, addresses, or customer email).</p>
<p>- Type, scope, functionality of processing: Permanent cookies, third-party cookies, tracking, interest-based marketing, profiling, custom audiences, remarketing.</p>
<p>- Special protective measures: Pseudonymization, IP masking, conclusion of an order processing agreement, opt-out.</p>
<p>- Opt-Out: http://tools.google.com/dlpage/gaoptout?hl=de (Browser Add-On), https://adssettings.google.com/ (Ad settings).</p>
<p>- External disclosure: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.</p>
<p>- Privacy Policy: https://www.google.com/policies/privacy.</p>
<p>- Processing in third countries: USA. - Guarantee for processing in third countries: Privacy Shield www.privacyshield.gov.</p>
<p>- Deletion of data: 26 months.</p>
<p>- Disable Webtracking: Webtracking</p>
<p> </p>
<h4>Google AdWords</h4>
<p>We use Google AdWords to display ads on Google websites and Google partner websites and to measure their success.</p>
<p>- Processed Data: Usage data (conversion data), metadata.</p>
<p>- Type, scope, functionality of processing: Permanent cookies, third-party cookies, tracking, conversion measurement, interest-based marketing, profiling.</p>
<p>- Special protective measures: Pseudonymization, IP masking, conclusion of an order processing agreement, opt-out.</p>
<p>- Opt-Out: https://adssettings.google.com/.</p>
<p>- External disclosure: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.</p> 
<p>- Privacy Policy: https://www.google.com/policies/privacy.</p>
<p>- Processing in third countries: USA.</p>
<p>- Guarantee for processing in third countries: Privacy Shield www.privacyshield.gov.</p>
<p>- Deletion of data: The data will be deleted in accordance with Google's provisions.</p>
<p> </p>
<h4>Google Display Network</h4>
<p>Google's DoubleClick technology allows us to address visitors to our website with targeted advertising on the websites of our advertising partners as part of marketing campaigns for our products.</p>
<p>- Processed Data: Usage data, metadata.</p>
<p>- Type, scope, functionality of processing: Permanent cookies, third-party cookies, tracking, conversion measurement, interest-based marketing, remarketing, cross-device tracking, profiling.</p>
<p>- Special protective measures: Pseudonymization, IP masking, conclusion of an order processing agreement, opt-out.</p>
<p>- Opt-Out: https://adssettings.google.com/.</p>
<p>- External disclosure: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. - Privacy Policy: https://www.google.com/policies/privacy.</p>
<p>- Processing in third countries: USA.</p>
<p>- Guarantee for processing in third countries: Privacy Shield www.privacyshield.gov.</p>
<p>- Deletion of data: The data will be deleted in accordance with Google's provisions.</p>
<p> </p>
<h4>Facebook Pixel and Facebook Customer Audience Pixel</h4>
<p>We use the Facebook Pixel for audience building and success measurement of the advertisements we place on Facebook.</p>
<p>- Processed Data: Usage data, metadata; if users are registered with Facebook, the data will be linked to their Facebook profiles and the data belonging to them (in particular master data).</p>
<p>- Type, scope, functionality of processing: Permanent cookies, third-party cookies, tracking, conversion measurement, interest-based marketing, profiling, cross-device tracking, remarketing, cross-device tracking, custom audiences from website, custom audiences from file, lookalike audiences</p>

<p> </p>
<h3><strong>SECTION IV - DEFINITION OF TERMS</strong></h3>
<p>In this section, you will find an overview of the terms used in this privacy policy. Many of these terms are taken from the law and are primarily defined in Article 4 of the GDPR. The legal definitions are binding. The following explanations are primarily intended to aid understanding. The terms are sorted alphabetically.</p>
<p> </p>
<h4>A/B Tests</h4>
<p>A/B tests are used to improve the usability and performance of online offerings. Users are shown different versions of a website or its elements, such as input forms, where the placement of content or labels of navigation elements may vary. Subsequently, based on user behavior, such as longer dwell time on the website or more frequent interaction with the elements, it can be determined which of these websites or elements better meet the users' needs.</p>
<p> </p>
<h4>Affiliate Links</h4>
<p>"Affiliate links" are links that direct users from linking websites to websites with product or other offers. The operators of the linking websites may receive a commission if users follow the affiliate links and subsequently take advantage of the offers. For this purpose, it is necessary for the providers to track whether users who are interested in certain offers subsequently take advantage of them on the initiative of the affiliate links. Therefore, for the functionality of affiliate links, it is necessary to supplement them with certain values that become part of the link or are otherwise stored, e.g., in a cookie. These values include, in particular, the referring website (referrer), timestamp, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user, as well as tracking-specific values such as advertising material ID, partner ID, and categorizations.</p>
<p> </p>
<h4>After-Sales</h4>
<p>"After-sales" refers to marketing procedures in which, for example, customers of an online shop are presented with advertising offers from other providers (which usually orient themselves based on the services or products purchased in the online shop). Otherwise, the functionality of after-sales corresponds to the functionality of affiliate links.</p>
<p> </p>
<h4>Aggregated Data</h4>
<p>Aggregated data are summarized data that do not allow conclusions to be drawn about a person and are therefore not personal. For example, the visiting times on a website can be stored as average values.</p>
<p> </p>
<h4>Anonymous Data</h4>
<p>Anonymity exists when a person cannot be identified by the data available to the controller, using the means available to him. In particular, aggregated data can be anonymous.</p>
<p> </p>
<h4>Data Processing/Data Processor</h4>
<p>A "data processor" is a natural or legal person, authority, agency, or other body that processes personal data on behalf of the controller.</p>
<p> </p>
<h4>Special Categories of Personal Data</h4>
<p>Such data are referred to as data from which racial and ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the unique identification of a natural person, health data, or data on the sexual life or sexual orientation of a natural person, emerge.</p>
<p> </p>
<h4>Data Subject</h4>
<p>See "personal data".</p>
<p> </p>
<h4>Clicktracking</h4>
<p>"Clicktracking" allows tracking user movements within an entire online offering. Since the results of these tests are more accurate when user interaction can be tracked over a certain period (e.g., being able to see if a user returns frequently), cookies are usually stored on users' computers for these test purposes.</p>
<p> </p>
<h4>Conversion</h4>
<p>"Conversion", or "conversion measurement", refers to a procedure that allows the effectiveness of marketing measures to be determined. For this purpose, a cookie is usually stored on users' devices within the websites where the marketing measures take place and then retrieved again on the target website (e.g., we can thus trace whether the advertisements we placed on other websites were successful).</p>
<p> </p>
<h4>Cookies</h4>
<p>"Cookies" are small files that are stored on users' computers. Different information can be stored within the cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit within an online offering. Temporary cookies, or "session cookies" or "transient cookies," are cookies that are deleted after a user leaves an online offering and closes their browser. In such a cookie, for example, the contents of a shopping cart in an online shop or a login status within a community can be stored. Cookies that are called "permanent" or "persistent" are cookies that remain stored even after the browser is closed. For example, the login status in a community can be stored in such a cookie if users visit it again after several days. In addition, such a cookie can store the interests of users, which are used for reach measurement or marketing purposes (see, e.g., remarketing). Cookies from providers other than the controller operating the online offering are called "third-party cookies" (otherwise, if they are only its cookies, they are called "first-party cookies").</p>
<p> </p>
<h4>Cross-Device Tracking</h4>
<p>Cookies and fingerprints are device-specific. In order to evaluate the interests of users in the context of smartphone usage for advertisements on desktop PCs, cross-device tracking is necessary. For this purpose, for example, logins on social networks such as Facebook can be used. Alternatively, location data, IP addresses, and user behavior are used to achieve up to 98% more accurate user targeting. Cookies and web beacons are usually used for cross-device tracking purposes.</p>
<p> </p>
<h4>Custom Audiences</h4>
<p>"Custom audiences" (or "custom target groups") are determined when target groups for advertising purposes, e.g., display of advertisements, are defined. For example, based on a user's interest in certain products or topics on the internet, it can be inferred that this user is interested in advertisements for similar products or the online shop where they viewed the products. "Lookalike audiences" refers, in turn, to the display of content deemed suitable for users whose profiles or interests presumably correspond to those of the users for whom the profiles were created. For the purpose of creating custom audiences and lookalike audiences, cookies and web beacons are usually used. "Custom Audiences from Website" means that the target groups are formed based on visitors to the own website. "Custom Audiences from File" means that, for example, a list of email addresses is uploaded to the respective advertising network or platform to create the target groups.</p>
<p> </p>
<h4>Demographic Data</h4>
<p>Demographic data are general information about groups of people or individuals, e.g., characteristics such as age, gender, place of residence, and social characteristics such as profession, marital status, or income. Demographic data are collected for reach measurement and online marketing purposes for the purposes of interest-based marketing or for business analyses, which are used, for example, to determine target groups.</p>
<p> </p>
<h4>Third Party</h4>
<p>A "third party" is a natural or legal person, authority, agency, institution, or other body, other than the data subject, the controller, the data processor, and the persons authorized to process personal data under the direct responsibility of the controller or processor.</p>
<p> </p>
<h4>Third Country</h4>
<p>Third countries are understood to be states in which the GDPR is not directly applicable, i.e., in principle, states that are not members of the European Union (EU) or the European Economic Area (EEA).</p>
<p> </p>
<h4>Embedding</h4>
<p>See "Embedding".</p>
<p> </p>
<h4>Consent</h4>
<p>Consent of the data subject is any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.</p>
<p> </p>
<h4>Embedding</h4>
<p>Embedding (also "embedding") involves integrating foreign content or software functions (see plugins) into one's own online presence so that they are displayed or executed.</p>

                                        </div>
            </div>
                    </div>
                            </div>
            </div>
                        </div>
                </div>
                        </div>