Privacy policy

If you have any questions about data protection or would like to have all your data deleted, please contact: Datenschutz@3Bears.de.

Privacy Policy

Unless otherwise stated below, the provision of your personal data is neither required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it has no consequences. This shall apply only if no other information is provided during the subsequent processing operations.' "Personal data" means any information relating to an identified or identifiable natural person.

Server-Logfiles

You can visit our websites without providing any information about yourself.

Every time our website is accessed, usage data is transmitted to us or our web host / IT service provider by your Internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transmitted and the requesting provider.The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in ensuring the trouble-free operation of our website and in improving our offer.

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not TADPF certified. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's Standard Contractual Clauses.

Contact

Responsible
Contact us on request. The controller responsible for data processing is: 3Bears Foods GmbH, Zielstattstraße 40, 81379 Munich, Germany, /, datenschutz@3Bears.de

Contacting the customer on your own initiative by e-mail
If you enter into unsolicited business contact with us by e-mail, we will only collect your personal data (name, e-mail address, message text) to the extent provided by you. The purpose of the data processing is to process and respond to your contact request.If the contact is necessary for the implementation of pre-contractual measures (e.g. Advice on interest in buying, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If we contact us for other reasons, this data processing is carried out on the basis of Art. 6 (1) (f) GDPR on the basis of our overriding legitimate interest in processing and answering your enquiry. In this case, you have the right to object at any time to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR for reasons arising from your particular situation.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

Collection and processing when using the contact formWhen using the contact form, we collect your personal data (name, e-mail address, message text) only to the extent provided by you. The purpose of data processing is to establish contact.
If the implementation of pre-contractual measures (e.g. Advice on interest in buying, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If we contact us for other reasons, this data processing is carried out on the basis of Art. 6 (1) (f) GDPR on the basis of our overriding legitimate interest in processing and answering your enquiry. In this case, you have the right to object at any time to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR for reasons arising from your particular situation.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

Collection and processing of applications by e-mail

Site visitors can apply for vacancies advertised on our website by e-mail if they are interested. In doing so, we only collect your personal data to the extent provided by you. This includes your contact details (e.g. name, e-mail address, telephone number), information about your professional qualifications and training, information about professional training as well as performance-specific proof.

The purpose of the data processing is to contact you and to decide whether to establish an employment relationship with you. The provision of the data is necessary to carry out the application process. Your personal data is processed on the basis of Art. 6 (1) (b) GDPR in conjunction with Section 26 (1) BDSG for the implementation of pre-contractual measures (going through the application process as an employment contract initiation).

If you have given us your consent to the processing of personal data for inclusion in our applicant pool, e.g. by ticking a checkbox, the processing will be carried out on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent to us at any time, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal.

If special categories of personal data within the meaning of Art. 9 para. 1 GDPR are requested from applicants in the course of the application process, such as information on the degree of severe disability, this is done on the basis of Art. 9 para. 2 lit. b. GDPR so that we can exercise the rights arising from labour law and social security law and social protection law and fulfil our obligations in this regard.

We will retain your personal data for as long as it is necessary to make a decision about your application. Your data will then be deleted after six months at the latest, unless you have consented to further processing and use. If an employment relationship occurs following the application process, the data provided will be further processed on the basis of Art. 6 (1) (b) GDPR in conjunction with Section 26 (1) BDSG for the purposes of carrying out the employment relationship and then transferred to the personnel file.

Customer Account Orders

Customer AccountWhen you open a customer account, we collect your personal data to the extent specified there. The purpose of data processing is to improve your shopping experience and simplify order processing. The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal. Your customer account will then be deleted.

Collection, processing and disclosure of personal data for orders

When you place an order, we only collect and process your personal data to the extent that this is necessary to fulfil and process your order and to process your enquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. The processing is carried out on the basis of Art. 6 (1) (b) GDPR and is necessary for the performance of a contract with you.

Your data will be passed on, for example, to shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly observe the legal requirements. The scope of the data transfer is limited to a minimum.

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not TADPF certified. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's Standard Contractual Clauses.

When

commenting/evaluating an article or a post, we collect your personal data (name, e-mail address, comment text) only to the extent provided by you. The processing serves the purpose of enabling commenting/rating and displaying comments/ratings.

For the purpose of verifying your review/comment, we also collect the following data: , , , e-mail address.

By submitting the comment/rating, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal. Your personal data will then be deleted.

When your comment/review is published, the name and email address you provided will be published.

In addition, when you submit the comment/rating, your IP address will be stored for the purpose of preventing misuse of the comment or rating function and ensuring the security of our information technology systems. By submitting the comment/rating, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal. Your IP address will then be deleted.

Use of your personal data for sending postal advertisingWe use your personal data (name, address) that we have received in the course of the sale of a product or service to send you postal advertising, unless you have objected to this use. The provision of this data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded.
The processing is carried out on the basis of Art. 6 (1) (f) GDPR on the basis of our overriding legitimate interest in direct marketing. You can object to this use of your address data at any time by notifying us. The contact details for exercising the objection can be found in the imprint.

Use of the e-mail address for sending newslettersWe use your e-mail address exclusively for our own advertising purposes for sending newsletters, regardless of the execution of the contract, provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.

Use of Klaviyo

We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; We pass on the information provided by you during the newsletter registration (e-mail address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as e.g. IP address, browser type and device as well as the time. This data can be used to create usage profiles under a pseudonym. The data collected is not used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns. Your data is usually transmitted to and stored by Klaviyo servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself according to the TADPF and is thus obliged to comply with European data protection principles. The processing of your personal data is carried out on the basis of Art. 6 (1) (f) GDPR on the basis of our overriding legitimate interest in a targeted, effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time, on grounds relating to your particular situation.
You can find more information about data protection at Klaviyo under https://www.klaviyo.com/legal/privacy-notice and under https://www.klaviyo.com/legal/data-processing-agreement.

Use of the e-mail address for availability notifications

We offer the service of notification of availability on our website. If an item is not available for a short time, you have the option of entering your e-mail address on the respective item and being informed by us by e-mail if it is available, if you have agreed to this. You will receive a one-time notification by e-mail about the availability of the respective item when the goods are available. The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the mailing list.

Data protection provisions about the application and use of WhatsApp as a means of communication

The controller uses WhatsApp as a means of communication between employees, customers, business partners, shareholders and steakholders. WhatsApp is a widely used application that can be used to chat, make phone calls and send voice messages, among other things. The operating company of the service is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use the WhatsApp marketing tool from the company chatarmin.com, based in Vienna, Austria. The purpose of the processing is to handle operational communication.

The legal basis is Art. 6 para. 1 lit. f GDPR. WhatsApp is used to handle communication. WhatsApp stores personal communication data and itself accesses personal data, in particular the phone book of mobile devices, more precisely: all phone numbers of the persons stored in the phone are read out.

The communication processed via WhatsApp, the telephone numbers collected and all other data are or could be transmitted to third parties, in particular Facebook or other companies as well as American or international secret services. If you do not want us to store your phone number in one of our mobile devices and/or communicate with you via WhatsApp, please simply inform us.

In such a case, we would of course use alternative means of communication (e.g. telephone call). Further information and the applicable data protection provisions of WhatsApp can be found at https://www.whatsapp.com/legal/#privacy-policy Further information about our WhatsApp software can be found on the Chatarmin website.

Forwarding

of the e-mail address to the shipping company for information about the shipping statusWe will pass on your e-mail address to the transport company as part of the contract processing, provided that you have expressly agreed to this during the ordering process. The purpose of the disclosure is to inform you about the shipping status by e-mail. The processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can withdraw your consent at any time by notifying us or the transport company, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal.

Use of an external merchandise management systemWe use a merchandise management system for contract processing as part of order processing. For this purpose, your personal data collected in the context of the order will be transmitted to
Wawision, Holzbachstraße 4, 86152 Augsburg.

The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 (1) (b) GDPR.

Payment service provider

Use of Amazon PaymentsOn our website, we use the payment service Amazon Payments of Amazon Payments Europe s.c.a. (38 avenue John F. Kennedy, L-1855 Luxembourg; "Amazon Payments"). The purpose of the data processing is to be able to offer you payment via the Amazon Payments payment service. In order to integrate this payment service, it is necessary for Amazon Payments to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you visit the website. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time to this processing of personal data concerning you on grounds relating to your particular situation.
By selecting and using "Amazon Payments", the data required for payment processing will be transmitted to Amazon Payments in order to be able to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 (1) (b) GDPR. Further information on data processing when using the Amazon Payments payment service can be found in the corresponding privacy policy at: https://pay.amazon.com/de/help/201212490

Using Klarna Payment Options

We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna"). By selecting and using payment via Klarna, the data required for payment processing will be transmitted to Klarna in order to be able to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 (1) (b) GDPR.

Cookies may be stored that enable your browser to be recognised. The data processing that takes place in this way is carried out on the basis of Art. 6 (1) (f) GDPR out of our overriding legitimate interest in a customer-oriented offer of different payment methods. You have the right to object at any time to this processing of personal data concerning you on grounds relating to your particular situation.

"Pay Later" (invoice), "Pay Now" (payment by direct debit, credit card, instant transfer), "Financing" (installment purchase)

In the case of individual payment methods such as "Pay Later" (invoice), "Pay Now" (payment by direct debit, credit card, instant bank transfer), "Financing" (installment purchase), Klarna reserves the right to obtain a credit report on the basis of mathematical-statistical procedures using credit agencies.

For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, e-mail address, IP address as well as data in connection with the order, to a credit agency for the purpose of identity and creditworthiness check and uses the information received about the statistical probability of a payment default for a balanced decision on the justification, implementation or termination of the contractual relationship. The credit report can contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical methods and whose calculation includes address data, among other things. Your interests worthy of protection will be taken into account in accordance with the legal provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 (1) (f) GDPR out of our overriding legitimate interest in protection against non-payment if Klarna makes advance payments. For reasons arising from your particular situation, you have the right to object at any time to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR by notifying Klarna. The provision of the data is necessary for the conclusion of the contract with the payment method of your choice. Failure to provide the contract will result in the contract not being concluded with the payment method you have chosen.

Further information, in particular to which credit agencies Klarna shares your personal data, can be found under https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies.

For general information about Klarna, please visit: https://www.klarna.com/de/. Your personal data will be treated by Klarna in accordance with the applicable data protection regulations and in accordance with the information in Klarna's privacy policy under https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy.

Cookies

Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when you return to the website.

Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide on their acceptance individually, as well as prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, we would like to point out that you may not be able to use all the functions of this website to their full extent.

You can find out how to manage (including disabling) cookies in the main browsers under the links below:

Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Technically necessary cookies

Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser and offer you services even after you have changed pages. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

The use of cookies or comparable technologies is based on § 25 para. 2 TDDDG. The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our offer.

You have the right to object at any time to this processing of personal data concerning you on grounds relating to your particular situation.

Use of Cookiebot
We use the consent management tool Cookiebot of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark on our website; "Cookiebot"). The tool enables you to give consent to data processing via the website, in particular the setting of cookies, as well as to make use of your right of revocation for consents that have already been given. The purpose of data processing is to obtain and document the necessary consents to data processing and thus to comply with legal obligations. Cookies may be used for this purpose. In doing so, the following information may be collected and transmitted to Cookiebot, among others: anonymized IP address, date and time of consent, URL from which consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to other third parties. The data processing is carried out in order to comply with a legal obligation on the basis of Art. 6 (1) (c) GDPR. You can find more information about data protection at Cookiebot at: https://www.cookiebot.com/de/privacy-policy/

Analysis Advertising Tracking Affiliate

Use of Google Analytics 4We use the web analysis service Google Analytics of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google"). The data processing serves the purpose of analysing this website and its visitors as well as for marketing and advertising purposes. To this end, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet use to the website operator. The following information may be collected, among other things: IP address, date and time of page access, click path, information about the browser and device you use, pages visited, referrer URL (website from which you accessed our website), location data, purchase activity. Your data may be linked by Google to other data, such as your search history, your personal accounts, your usage data from other devices and any other data that Google has about you.

Your IP address will be shortened beforehand by us on our own servers. Google thus only receives pseudonymized data.

Google uses technologies such as cookies, browser web storage and web beacons that enable an analysis of your use of the website. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR.

The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal.

We use the Advanced Consent Mode implementation. In this case, user data is transmitted to Google in the form of "pings" even if consent is not given. These pings may contain the following information, among others: IP address to derive the IP country (IP address is not logged), date and time of the page view, URL of the pages visited, user agent, referrer URL (website from which our website was accessed) or information about the triggering of website events such as a conversion. Based on this information, Google will model user data in order to be able to carry out a comprehensive usage analysis despite the refusal of consent.

The information generated by this about your use of this website is usually transmitted to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and thus committed itself to complying with European data protection principles. Both Google and U.S. government agencies have access to your data.

For more information on terms of use and data protection, please visit https://policies.google.com/technologies/partner-sites and https://policies.google.com/privacy?hl=de&gl=de.

Use of Hotjar
On our website, we use the analysis tool of Hotjar Ldt. (Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julians STJ1000, Malta; "Hotjar").
The data processing serves the purpose of the needs-based design, optimization and analysis of our website. The tool is used to record the movements of site visitors on the website on a random basis. This creates a log of mouse movements, scrolling behavior, dwell time and clicks on the website (so-called heat map). For this purpose, Hotjar uses cookies, among other things. The following information may be collected, among others: IP address (in anonymized form), information about the device you use (screen size, devices, unique device identifier), information about the browser you use, location data (only for the country), preferred language for displaying the website, operating system used. Detailed information on the cookies used, their function and the storage period can be found here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies. User profiles are created from this data under a pseudonym. The data will not be used to personally identify the visitor to the website and will not be merged with the personal data of the bearer of the pseudonym. Hotjar is contractually prohibited from selling the collected data to other third parties. Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Hotjar is not certified according to the TADPF. The data transfer is carried out on the basis of appropriate protective measures, among other things. Hotjar will provide you with further information on the measures taken upon request.The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can find more information about data protection when using Hotjar here: https://www.hotjar.com/legal/policies/privacy#enduserenglish.

Use of Shopify statisticsWe use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") in the context of order processing. Shopify is an affiliate of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada). For this purpose, data is stored for marketing and optimization purposes and made available in reports, analyses and statistics. The following device information is collected and processed, among others: information about the web browser, IP address, time zone and some of the cookies that are installed on your device. When you navigate the website, we also collect information about the web pages or products you viewed, the referrer URL (the web page from which you accessed our website), and information about how you interact with the website. This uses technologies such as cookies, as well as web beacons, tags, and pixels (electronic files used to collect information about how you navigate the Site). Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not TADPF certified. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's Standard Contractual Clauses. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can find more information about data protection at Shopify under https://www.shopify.com/de/legal/datenschutz, information about the order processing agreement under https://www.shopify.com/de/legal/dpa and information about the cookies used under https://www.shopify.com/de/legal/cookies.

Using the Meta Pixel

On our website, we use the Meta Pixel of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta").

Meta and we are jointly responsible for the collection of your data that takes place when the Service is integrated and for the transmission of this data to Meta. The basis for this is an agreement between us and Meta on the joint processing of personal data, which sets out the respective responsibilities. The agreement can be accessed at https://de-de.facebook.com/legal/terms/businesstools. According to this, we are responsible in particular for the fulfilment of the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the Service, as well as for compliance with the obligations under Art. 33, 34 GDPR, insofar as a personal data breach concerns our obligations under the joint processing agreement. Meta is responsible for enabling the rights of data subjects pursuant to Articles 15 - 20 of the GDPR, complying with the security requirements of Article 32 of the GDPR with regard to the security of the Service and the obligations under Articles 33, 34 of the GDPR to the extent that a personal data breach concerns Meta's obligations under the Joint Processing Agreement.

The purpose of the application is to address visitors to the website in a targeted manner with interest-based advertising on the social networks Facebook and Instagram. For this purpose, Meta's remarketing tag was implemented on the website. This tag establishes a direct connection to the Meta servers when you visit the website. This transmits to the Meta server which of our pages you have visited. Meta associates this information with your personal Facebook and/or Instagram user account. If you visit the social networks Facebook or Instagram, you will then be shown personalized, interest-based ads.

The application also serves the purpose of compiling conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag, as well as what actions are taken after being redirected to that site. However, we do not receive any information that can be used to personally identify users.

Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and thus committed itself to complying with European data protection principles.

The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can opt out of the Custom Audiences remarketing feature here. For more information about Meta's collection and use of data, your rights in this regard, and options to protect your privacy, please see Meta's Privacy Notice at https://www.facebook.com/about/privacy/.

Use of Google Ads Conversion Tracking
We use the online advertising program "Google Ads" on our website and in this context conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad served by Google, a cookie is placed on your computer for conversion tracking. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognise that you have clicked on the ad and have been redirected to that page. Each Google Ads customer receives a different cookie. Thus, there is no way that cookies can be tracked through the websites of Ads customers. The information obtained with the help of the conversion cookie serves the purpose of compiling conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users. We use the Advanced Consent Mode implementation. In this case, user data is transmitted to Google in the form of "pings" even if consent is not given. These pings may contain the following information, among others: IP address to derive the IP country (IP address is not logged), date and time of the page view, URL of the pages visited, user agent, referrer URL (website from which our website was accessed) or information about the triggering of website events such as a conversion. Based on this information, Google will model user data in order to be able to carry out a comprehensive usage analysis despite the refusal of consent. Your data may be transmitted to the servers of Google LLC in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and thus committed itself to complying with European data protection principles.

The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. For more information and Google's privacy policy, please visit: https://www.google.de/policies/privacy/

Use of Google Inc.'s Remarketing or Similar Audiences feature
We use the remarketing or "similar audience" function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google"). The purpose of the application is to analyse visitor behaviour and interests. Google uses cookies to carry out the analysis of website usage, which forms the basis for the creation of interest-based advertisements. The cookies are used to record visits to the website as well as anonymised data about the use of the website. There is no storage of personal data of visitors to the website. If you then visit another website on the Google Display Network, you'll see ads that are likely to reflect previously accessed product and information areas. Your data may be transmitted to servers of Google LLC in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and thus committed itself to complying with European data protection principles. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can find more information about Google Remarketing and the associated privacy policy at: https://www.google.com/privacy/ads/

Use of Microsoft AdvertisingOn our website, we use Microsoft Advertising from Microsoft Corporation (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; "Microsoft"). The data processing serves marketing and advertising purposes and the purpose of measuring the success of advertising measures (conversion tracking). We learn the total number of people who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, this does not allow these users to be personally identified. Microsoft Advertising uses technologies, such as cookies and web beacons, to help analyze your use of the site. When you click on an ad placed by Microsoft Advertising, a conversion tracking cookie is stored on your computer. This cookie has a limited validity and is not used for personal identification. If you visit certain pages of our website and the cookie has not expired, Microsoft and we can recognize that you clicked on the ad and were redirected to that page. The following information may be collected, among others: IP address, identifiers (identifiers) assigned by Microsoft, information about the browser you use and the device you use, referrer URL (website from which you accessed our website), URL of our website. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Microsoft has certified itself according to the TADPF and thus committed itself to complying with European data protection principles. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can find more information about data protection and the cookies used by Microsoft here.

Use of the Pinterest TagWe use the Pinterest Tag of Pinterest Europe Limited (Palmerston House, 2nd, Fenian Street, Floor, Dublin 2, Ireland "Pinterest") on our website. The purpose of the application is to address visitors to the website in a targeted manner with interest-based advertising on the social network Pinterest. To do this, the Pinterest conversion tag was implemented on the website. This tag establishes a direct connection to the Pinterest servers when you visit the website. This transmits to the Pinterest server which of our pages you have visited. Pinterest associates this information with your personal Pinterest account when you are logged in to the social network. When you visit Pinterest, you'll see personalized, interest-based Pinterest ads. If you access our website via a pin on the social network Pinterest, a cookie is stored on your computer for conversion tracking. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not expired, Pinterest and we can recognise that you have clicked on the pin and have been redirected to that page. The information obtained with the help of the conversion cookie serves the purpose of compiling conversion statistics and thus optimizing our website. The following information may be processed, among other things: total number of users who clicked on one of our pins and were redirected to our website, subpages visited on our website (e.g. category or product pages), search queries on our website, your shopping cart contents, completed transactions. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not TADPF certified. The data transfer is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. For more information on Pinterest's collection and use of data, your rights in this regard and options for protecting your privacy, please refer to Pinterest's privacy policy under https://policy.pinterest.com/de/privacy-policy.

Use of TikTok PixelWe use the TikTok Pixel of TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; "TikTok Ireland") and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; "TikTok UK"). Both companies are the joint controllers for data processing (hereinafter referred to as "TikTok"). The purpose of data processing is to identify and analyze our customers' website access, as well as to better address customers by placing targeted ads and evaluating the effectiveness of ads on TikTok. To do this, TikTok uses technologies such as cookies and pixels that enable your browser to be recognized. The following information may be collected and transmitted to TikTok, among others: date and time of the visit, information about the browser and device type you use, screen resolution, IP address. TikTok may associate this information with your personal TikTok user account. The data collected in this way can be used to create user profiles using pseudonyms. However, this does not allow users to be personally identified. Your data may be transferred to third countries, such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified by the TADPF. The transfer of data to the USA and third countries without an adequacy decision is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. You can find more information about data protection under https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller.

Use of the Awin Partner Program
We use the "Awin" partner program of AWIN AG (Eichhornstraße 3, 10785 Berlin; "Awin"). When you click on an ad with an affiliate link, Awin places a conversion tracking cookie on your computer. The cookies serve the purpose of correct billing within the framework of the affiliate program by recording the success of an advertising medium. The cookies recognize that you have clicked on the ad and the origin of the order with the advertiser can be traced. In addition, Awin uses so-called fingerprinting. This allows the device you are using to be recognized. Among other things, Awin can recognize that the affiliate link on this website has been clicked or viewed. Awin records, among other things: Your transaction data (e.g. order value, product type, sales channel, use of a voucher) and your user name in the form of an individual sequence of numbers, so that no identity is recognizable, but contains information about the specific user actions and the device used by the user. Your data may be transferred to third countries such as the USA. For the USA, there is no adequacy decision of the EU Commission. The data transfer is carried out, among other things, on the basis of standard contractual clauses as suitable safeguards for the protection of personal data, available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. The Privacy Policy with detailed information on Awin's use of the data can be found at https://www.awin.com/de/datenschutzerklarung.

Plug-ins and others

Use of the Google Tag ManagerWe use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google"). This application is used to manage JavaScript tags and HTML tags, which are used to implement tracking and analysis tools in particular. The purpose of data processing is to design and optimise our website in line with requirements.Google Tag Manager itself does not store cookies nor does it process personal data. However, it allows the triggering of other tags that can collect and process personal data. Further information on terms of use and data protection can be found here.

Use of social plug-ins
We use social network plug-ins on our website. The integration of social plug-ins and the data processing that takes place in the process serves the purpose of optimising advertising for our products.When social plug-ins are integrated, a link is established between your computer and the servers of the providers of the social network, and the plug-in is displayed on the page by means of a message to your browser, provided that you have expressly consented to this. In this process, both your IP address and the information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered or logged in to the social network. A transfer also takes place in the case of non-registered or non-logged in users. If you are connected to one or more of your social network accounts at the same time, the information collected may also be associated with your corresponding profiles. When using the plug-in functions (e.g. by pressing the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. The social networks listed below are integrated into our website by means of a social plug-in. You can find more detailed information on the scope and purpose of the collection and use of the data as well as on your rights in this regard and options for protecting your privacy in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which sets out the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. According to this, we are responsible in particular for the fulfilment of the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the Service, as well as for compliance with the obligations under Art. 33, 34 GDPR, insofar as a personal data breach concerns our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects under Articles 15 - 20 of the GDPR, complying with the security requirements of Article 32 of the GDPR with regard to the security of the Service and the obligations under Articles 33, 34 of the GDPR to the extent that a personal data breach affects Meta Platforms Ireland's obligations under the Joint Processing Agreement. Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and thus committed itself to complying with European data protection principles. You can find more information about the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy in Facebook's privacy policy under https://www.facebook.com/about/privacy/.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and thus committed itself to complying with European data protection principles.

Pinterest by Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not TADPF certified.

How to use Google reCAPTCHA

On our website, we use the reCAPTCHA service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google"). The query serves the purpose of distinguishing between input by a human or by automated, machine processing. For this purpose, your input will be transmitted to Google and used there. In addition, the IP address and, if applicable, other data required by Google for the reCAPTCHA service will be transmitted to Google. This data is processed by Google within the European Union and, if necessary, also transmitted to servers of Google LLC in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and thus committed itself to complying with European data protection principles.

You can find more information about Google reCAPTCHA and the associated privacy policy at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy.

Use of YouTubeOn our website, we use the function for embedding YouTube videos of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube"). YouTube is a joint venture with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google") affiliate company.The function displays videos stored on YouTube in an iFrame on the website. The option "Extended data protection mode" is activated. As a result, YouTube does not store any information about visitors to the website. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself according to the TADPF and is thus obliged to comply with European data protection principles. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. For more information on the collection and use of data by YouTube and Google, about your rights in this regard and options for protecting your privacy, please refer to YouTube's privacy policy under https://www.youtube.com/t/privacy.

Use of VimeoOn our website, we use plug-ins from Vimeo Inc. (555 West 18th Street, New York, New York 10011, USA; "Vimeo") for the integration of videos from the "Vimeo" portal.
When you access pages of our website with such a plug-in, a connection to Vimeo's servers is established and the plug-in is displayed on the page by means of a message to your browser. As a result, both your IP address and information about which of our pages you have visited are transmitted to Vimeo's servers.
If you are logged in to Vimeo, Vimeo assigns this information to your personal user account. When using the plug-in functions (e.g. by starting a video by pressing the corresponding button), this information is also assigned to your Vimeo account. Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Vimeo has certified itself according to the TADPF and is thus obliged to comply with European data protection principles. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Article 6 (1) (a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent before its withdrawal. For more information on the purpose and scope of the collection as well as on the further use and processing of the data by Vimeo, as well as on your rights in this regard and options for protecting your privacy, please refer to Vimeo's privacy policy: https://vimeo.com/privacy

Integration of the logo of the "FairCommerce"
initiativeThe logo of the initiative "FairCommerce" (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website. When you access our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until it is automatically deleted:

IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The temporary storage of the IP address by the system is necessary to enable the website to be delivered. To do this, the IP address must be stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of the information technology systems. This data is not stored together with other personal data. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR.

After

the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law, and then deleted after the expiry of the period, unless you have consented to further processing and use.

Rights of the data subjectIf the legal requirements are met, you are entitled to the following rights in accordance with Art. 15 to 20 GDPR: Right to information, to correction, to deletion, to restriction of processing, to data portability.
In addition, according to Art. 21 (1) GDPR, you have a right to object to processing based on Art. 6 (1) f GDPR as well as to processing for the purpose of direct marketing.

Right to lodge a complaint with the supervisory authorityIn accordance with Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.

You can lodge a complaint with the supervisory authority responsible for us, which you can reach at the following contact details:

Bavarian State Office for Data Protection Supervision (BayLDA)Promenade 1891522 AnsbachPhone: +49 981 1800930Fax: +49 981 180093800E-Mail: poststelle@lda.bayern.de

Right to objectAre the personal data processing listed here based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation. After an objection has been made, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

If the personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After an objection has been made, we will stop processing the data concerned for the purpose of direct marketing.

last update: 2024-10-22