Privacy Notice
Contents
1. Foreword and selected Terms
2. Responsible body and data Protection Officer
3. Overview
4. Legal Basis for Processing Personal Data
5. Your Rights under the General Data Protection Regulation
6. External Hosting
7. Automatic Server Log Files
8. Use of Cookies
9. Cookie settings with Cookiebot
10. Email Communication, Telephone and Fax
11. Direct Marketing and Newsletters
12. Analysis Tools, Tracking and Advertising
13. Plugins and Content Delivery Networks
14. Social Media Appearances
1. Foreword and selected Terms
On the one hand, this data protection declaration informs visitors and users of our website about the online data processing operations in which personal data is processed. On the other hand, you will receive information about our processing operations, which do not primarily take place online.
· GDPR stands for the European General Data Protection Regulation.
· BDSG is an abbreviation for the Federal Data Protection Act in its current version.
· Personal data is all individual information that allows conclusions to be drawn about a natural person (for definition, see Art. 4 Para. 1 GDPR). This includes, for example, names, email addresses, telephone numbers, but also data such as IP addresses or customer numbers.
· The processing of personal data includes all processes, such as the collection, storage, transmission, archiving or deletion of personal data (definition Art. 4 Para. 2 GDPR).
· The data subject within the meaning of data protection law is any natural person whose personal data is processed.
· Further definitions of terms can be found in the General Data Protection Regulation, which can be found in Article 4 of the GDPR (definitions).
2. Responsible Body and Data Protection Officer
Name and address of the Responsible Body
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
United Soft Media Verlag GmbH
Thomas-Wimmer-Ring 11
D-80539 Munich
E-Mail: info@usm.de
Phone: +49/(0)89/29088-175
Name and Address of the Data Protection Officer
The data protection officer of the person responsible is:
DSB External Data Protection Officer Stuttgart
Fabian HenkelKantstraße 141277 RutesheimEmail: info@externer-datenschutzanwalt-stuttgart.de
Web: https://www.externer-datenschutzanwalt-stuttgart.de
3. Overview
The following content gives you a brief overview of the processing of personal data; more detailed information can be found in the passages presented in detail.
Security on our Website ( TLS encryption )
Our website is provided with a TLS certificate, which is used to encrypt data transfer processes. This happens, for example, if you send us a message via a form. As a precaution, we would like to point out that 100% security in electronic data processing is not possible and there is always a residual risk.
Data that you transmit to us
On this page, we process the data that you enter yourself, for example in a form. In this case, the purpose of processing results from the type of form and, on the other hand, from this data protection declaration. Even if, for example, you send us a message by email or otherwise contact us, we process your data in accordance with the purpose of the contact.
Automatic server Log Files
On the other hand, our server automatically records all accesses and thus also IP addresses (log files); this serves to ward off attacks, analyze access numbers and ensure smooth operation.
Use of Cookies
Cookies help us to provide various services; further information can be found in this data protection declaration.
Analysis and Tracking Tools
In addition to the pure server log files, which also provide us with information about page views, we use analysis tools. These tools give us detailed insights into the content visited on our site, the flow of behavior and, for example, the country from which access took place. In order for such services to work, cookies must be set for site visitors or scripts must be executed.
Plugins and Content Delivery Networks
We sometimes use plugins and content delivery networks; well-known examples of such services would be the YouTube video service or the Google Maps map service. If such services are integrated via a website, access data is transmitted to the services. Typically this is your IP address and other metadata, such as time and date of access. As a rule, this is provided by setting cookies.
Newsletter / Direct Marketing
a) Direct marketing to existing customers in the legitimate interest
We reserve the right to send our customers newsletters on the basis of Section 7 Paragraph 3 UWG and Art. 6 Paragraph 1 Letter f GDPR. You can of course object to receiving direct marketing information at any time.
b) Direct marketing based on your consent
If you give us your consent, we will send you newsletters until you revoke it. You can revoke your consent to us at any time with future effect.
Other Data Recipients
a) Data Processors
We use processors in accordance with the requirements of Art. 28 GDPR, for example in the areas of IT services, web hosting, email hosting or printing services. They process personal data for us according to our instructions.
b) Use of non-specialist Services
If necessary (for example to execute the contract), we pass on your data to, for example, banks, other payment service providers, shipping service providers, our tax advisor or lawyer.
c) Legal Obligations
In addition, in certain cases we are obliged to make a report to the responsible authorities on the basis of the Money Laundering Act. In addition, we are subject to other legal obligations, such as commercial laws or tax law, in this context we must pass on certain data, for example, to tax authorities.
d) Investigation of Crimes
If it is necessary to investigate a crime, we pass on data to the law enforcement authorities.
General Information on Deletion Periods of Personal Data
We process the data as long as this is necessary for the respective purpose. If necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and processing of a contract; we are also obliged to comply with statutory retention requirements. If data processing is based on your consent, we will delete your data after your revocation.
Transfer of personal Data to a Third Country
We try to have all service providers and services provided by providers within the European Union. A transfer to a third country is possible if you have given us your consent and/or we have concluded a contract for order processing in accordance with Article 28 of the GDPR, taking appropriate guarantees into account. In individual cases we may use plugins or tools that are hosted in third countries, but we use these on the basis of our legitimate interests. In these cases, we will point out the circumstance if necessary.
Legal or contractual obligation to provide Personal Data
This website can generally be visited without providing personal data. For purchases in our online shop, it is necessary to provide personal data in order to conclude a purchase contract.
4. Legal basis for Processing Personal Data
The legal bases for the processing of personal data are exceptional circumstances that allow the processing of personal data. The essential legal bases are shown in particular in Art. 6 GDPR. The legal basis on which we process personal data is described in the individual processing operations in this data protection declaration.
Consent given (Art. 6 Para. 1 lit. a GDPR)
Consent is one of these legal bases and requires that the person giving consent gives it in an informed manner and on a voluntary basis. Consent based on Art. 6 Para. 1 lit a GDPR can generally be revoked at any time without giving reasons.
Contract-related data Processing (Art. 6 Para. 1 lit. b GDPR)
The processing of personal data to initiate or implement contracts is also a legal basis and is defined in Art. 6 Para. 1 lit. b GDPR.
Legal Obligation (Art. 6 Para. 1 lit. c GDPR)
The exception to data processing based on a legal obligation can be found in Art. 6 Para. 1 lit. c GDPR, for example we are obliged to comply with certain retention periods according to commercial law and tax law.
Legitimate Interests (Art. 6 Para. 1 lit. f GDPR)
The processing of personal data on the basis of a balancing of interests in accordance with Art. 6 Para. 1 lit. f GDPR allows processing after careful weighing of financial or legal interests against the legitimate interests of the data subject .
5. Your Rights under the General Data Protection Regulation
Every natural person is entitled to certain rights, which are defined in particular in Articles 15 to 21 and 77 of the GDPR. In principle, you have the following rights, which you can demand from us.
Right to revoke your Consent in Accordance with Art. 7 GDPR
You can revoke your consent to us at any time without giving reasons with effect for the future.
Right to Information according to Art. 15 GDPR (restrictions possible according to Section 34 BDSG)
You have the right at any time to request information about the data you process and the purposes of the processing.
Right to Rectification according to Art. 16 GDPR
If you discover that we are processing incorrect or incomplete data about you, you have the right to rectification.
Right to Deletion according to Art. 17 GDPR (Restrictions possible according to § 35 BDSG)
You have the right at any time to request the deletion of your personal data that we process about you. If complete deletion is not possible, for example because we have to fulfill legal retention obligations or we can assert legitimate interests for other reasons, we will restrict your data until these reasons no longer apply.
Right to Restriction of Processing according to Art. 18 GDPR
You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:
- If you dispute the accuracy of the personal data we hold about you, we will generally need time to verify this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
- If the processing of your personal data was/is occurring unlawfully, you can request that data processing be restricted instead of deletion.
- If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of deletion.
- If you have lodged an objection in accordance with Article 21 Para. 1 GDPR, a balance must be made between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state.
Right to data Portability according to Art. 20 GDPR
You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the data to be transferred directly to another person responsible, this will only be done if it is technically feasible.
Right to object to certain Processing Operations and Direct Advertising in accordance with Art. 21 GDPR
If the data processing is carried out on the basis of Art. 6 Para. 1 lit. e or f GDPR, you have the right at any time, for reasons arising from your particular situation, to object to the processing of your personal data; This also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims ( Objection according to Art. 21 Para. 1 GDPR).
If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; This also applies to profiling insofar as it is connected to such direct advertising. If you object, your personal data will no longer be used for direct advertising purposes (objection according to Art. 21 Para. 2 GDPR).
Right to lodge a Complaint with a Supervisory Authority in accordance with Art. 77 GDPR in Conjunction with in Accordance with Section 19 BDSG
In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.
6. External Hosting
This website is hosted externally. The personal data collected on this website is stored on the servers of the hosting provider. This can include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access and other data generated via a website.
External hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offering by a professional provider (Art. 6 Para. 1 lit. f GDPR).
Our host(s) will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data.
Service provider used
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Order processing
We have concluded an order processing contract (AVV) with our hosting service provider. Personal data will only be processed according to our instructions and in compliance with the GDPR. The subcontractor Amazon Web Services is also subject to these instructions.
7. Automatic Server Log Files
Our web server automatically logs all access and thus also the IP addresses of visitors. This serves to defend against attacks, analyze access numbers and ensure smooth operation. We have a legitimate interest in this (Art. 6 lit. f GDPR).
- In addition to the IP address, the server log usually records other metadata about the session; you can find this data below.
- Date and time of retrieval
- Information about the browser type and version browser used
- Information about the operating system used
- Device (client)
- Referrer URL (which page you used to land on our website)
- Hyperlinks accessed
We only process this data for the purposes mentioned above. We delete server log files after three months at the latest.
8. Use of Cookies
Our websites use so-called “cookies”. Cookies are small data packages and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them.
Cookies can come from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).
Cookies have various functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.
You can find out which cookies and services are used on this website in this data protection declaration.
Legal Basis for the use of Cookies
Cookies that are necessary to carry out the electronic communication process, to provide certain functions you require (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience). (necessary cookies) are stored on the basis of Art. 6 Para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TTDSG); consent can be revoked at any time.
The individual legal bases for the use of various tools that use cookies can be found in the respective passages in our data protection declaration.
9. Cookie Settings with Cookiebot
Our website uses Cookiebot 's consent technology to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “ Cookiebot ”).
Cookiebot 's servers to obtain your consent and other declarations regarding cookie use. Cookiebot then stores a cookie in your browser in order to be able to assign you the consent given or its revocation. The data collected in this way will be stored until you request us to delete it, delete the Cookiebot cookie yourself or the purpose for storing the data no longer applies. Mandatory legal retention obligations remain unaffected.
Cookiebot is used to obtain the legally required consent for the use of cookies . The legal basis for this is Article 6 Paragraph 1 Letter c GDPR.
Data Processing Agreement
We have concluded a Data Processing Agreement for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that we only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
10. Email Communication, Telephone and Fax
Communication by Email
If you write us an email, we will process your data according to the content and purpose of the message. As a rule, processing is carried out on the basis of pre-contractual measures or as part of the implementation of a contractual relationship on the basis of Article 6 Paragraph 1 Letter b GDPR and Article 6 Paragraph 1 Letter f GDPR. It is in our legitimate interest to process your request quickly and efficiently.
If it is a product or service-related message, we generally process your data on the basis of our legitimate interests in accordance with Article 6 (1) (b) GDPR.
Please note that we store all incoming emails in accordance with proper accounting principles for a period of ten years, starting from the first day of the following year in which the message was received. If you ask us to delete the data, we will from now on restrict the processing of your data and only store it for the purpose of complying with retention periods in our legitimate interest.
Communication by Telephone or Fax
Even if you contact us by telephone or fax, we process your data either to initiate and implement contractual relationships (if the content is product or service-related) and/or in our legitimate interest, analogous to contacting us via email. Mail.
We do not record the content of the conversation, but we may take notes to process your request. This will be stored until the purpose of the data processing has been achieved and we no longer have any legitimate interests in the processing. If necessary, the content of the conversation is stored anonymously for statistical purposes. Of course, you can request deletion at any time.
11. Direct Marketing and Newsletters
Direct Marketing to existing Customers in legitimate Interests
We reserve the right to use the data collected as part of a purchase contract or service contract for direct advertising by email or post in accordance with Section 7 Paragraph 3 UWG if the customer does not object or has objected to this use. Direct advertising only includes offers for similar products or services to the products or services the user has already purchased from us. We use your data for direct marketing purposes in legitimate interests for up to five years after the last purchase.
We have a legitimate, economic interest (Art. 6 Para. 1 lit. f GDPR) in informing our customers about new products and improving our services. Of course, you can object to receiving direct advertising at any time. Direct your objection to the responsible body mentioned above. In every newsletter you will find a link with which you can object to receiving the newsletter.
Direct Marketing based on your Consent
You have the option of giving your consent to receive direct marketing content (our newsletter), the legal basis is Art. 6 Para. 1 lit. a GDPR. To ensure that the email address you provide is correct, we use the so-called double opt-in procedure. If the double opt-in procedure is not available due to temporary technical reasons, we will send you an email to which you can reply without text to confirm your identity.
Revocation
You can revoke your consent at any time with future effect; you will find an “unsubscribe” link in every newsletter. Alternatively, please direct your objection to the responsible body.
We process your data for the purpose of sending our email newsletters until you revoke your consent. Processing takes place as described until you withdraw your consent.
Use of Mailchimp
This website uses Mailchimp services to send newsletters. Provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
Mailchimp is a service that, among other things, can be used to organize and analyze the sending of newsletters. If you enter data for the purpose of subscribing to the newsletter (e.g. email address), it will be stored on Mailchimp's servers in the USA.
With the help of Mailchimp we can analyze our newsletter campaigns . When you open an email sent with Mailchimp, a file contained in the email (so-called web beacon ) connects to Mailchimp's servers in the USA. This makes it possible to determine whether a newsletter message was opened and which links, if any, were clicked on. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. They are used exclusively for statistical analysis of newsletter campaigns . The results of these analyzes can be used to better adapt future newsletters to the interests of the recipients.
If you do not want Mailchimp to analyze you, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.
Data processing is based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you provide to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.
After you have been unsubscribed from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests.
For more information, please see Mailchimp's privacy policy at: https://mailchimp.com/legal/terms/.
Data Processing Agreement
We have concluded a Data Processing Agreement for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that we only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
12. Analysis Tools, Tracking and Advertising
Google Tag Manager
We use Google Tag Manager. Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated through it. However, Google Tag Manager collects your IP address, which may also be transferred to Google's parent company in the United States.
The use of the Google Tag Manager is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in quickly and easily integrating and managing various tools on his website. If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit . B. Device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Google Analytics
We use the web analysis service Google Analytics. Provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows us to analyze the behavior of website visitors. The website operator receives various usage data, such as: E.g. page views, length of stay, operating systems used and origin of the user. This data is summarized in a user ID and assigned to the website visitor's respective device.
Furthermore, we can use Google Analytics to record, among other things, your mouse and scrolling movements and clicks. Furthermore, Google Analytics uses various modeling approaches to supplement the collected data sets and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
Google Signals
We use Google signals. When you visit our website, Google Analytics collects, among other things, your location, search history and YouTube history as well as demographic data (visitor data). This data can be used for personalized advertising with the help of Google Signal. If you have a Google account, Google Signal's visitor data will be linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on the user behavior of our users.
Google Analytics E-Commerce Measurement
We use the “E-Commerce Measurement” feature from Google Analytics. With the help of e-commerce measurement, we can analyze the purchasing behavior of website visitors to improve its online marketing campaigns. Information such as orders placed, average order values, shipping costs and the time from viewing a product to purchasing it are recorded. This data can be summarized by Google under a transaction ID that is assigned to the respective user or their device.
Data Processing Agreement
We have concluded Data Processing Agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
13. Plugins and Content Delivery Networks
YouTube
We embed videos from the YouTube website on our website. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our websites on which YouTube is integrated, a connection to YouTube's servers is established. The YouTube server is informed which of our pages you have visited.
Furthermore, YouTube can store various cookies on your device or use comparable technologies for recognition (e.g. device fingerprinting). In this way, YouTube can receive information about visitors to this website. This information is used, among other things, to collect video statistics, improve user experience and prevent fraud attempts.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an attractive presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Further information on how to handle user data can be found in YouTube's privacy policy at: https://policies.google.com/privacy?hl=de.
14 . Social Media Appearances
We maintain publicly accessible social media profiles. You can find the social networks we use in detail below.
Social networks such as Facebook, Twitter, etc. can usually comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presence triggers numerous data protection-relevant processing operations. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account on the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be shown to you inside and outside of the respective social media presence. If you have an account with the relevant social network, interest-based advertising can be displayed on all devices on which you are logged in or were logged in.
Please also note that we cannot understand all processing processes on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and data protection regulations of the respective social media portals.
Legal Basis
Our social media presence is intended to ensure the broadest possible presence on the Internet. This is a legitimate interest within the meaning of Article 6 (1) (f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases that must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 Para. 1 lit. a GDPR).
Responsible Person and Assertion of Rights
If you visit one of our social media sites (e.g. Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered by this visit. In principle, you can exercise your rights (information, correction, deletion, restriction of processing, data portability and complaint) both. us as well as against the operator of the respective social media portal (e.g. Facebook).
Please note that despite our shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options depend largely on the corporate policy of the respective provider.
Storage Period
The data we collect directly via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Saved cookies remain on your device until you delete them. Mandatory legal provisions – especially retention periods – remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their data protection declaration, see below).
Social Networks in Detail
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta ). According to Meta, the collected data will also be transferred to the USA and other third countries. We have entered into a joint processing agreement (Controller Addendum) with Meta . This agreement specifies which data processing operations we or Meta are responsible for when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381. Details can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381. Details on how they handle your personal data can be found in Instagram's privacy policy: https://help.instagram.com/519522125107875.
Youtube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube's privacy policy: https://policies.google.com/privacy?hl=de.
TikTok
We have a profile on TikTok . The provider is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. Details on how they handle your personal data can be found in TikTok 's privacy policy : https://www.tiktok.com/legal/privacy-policy?lang=de. Data transfer to non-secure third countries is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.tiktok.com/legal/privacy-policy?lang=de.
Discord
We have a profile on Discord . The provider is Discord Inc., 444 De Haro St Suite 200, San Francisco, CA 94107, USA. Details on how they handle your personal data can be found in Discord 's privacy policy : https://www.discord.com/privacy.