Privacy Policy

es und Rechtsgrundlage:

 
Data protection information

Information on the processing of your personal data

Table of contents

1. controller and data protection officer

1.1 Name and address of the controller

1.2 Name and address of the data protection officer

2 Purposes of processing and legal basis of the website

2.1 Logging of activities on our website (log files)

2.2 Contact form

2.3 Processing of orders for goods or products

2.4 Payment processing

2.5 Customer account

2.6 Trusted Shops seal of approval and Trusted Shops customer reviews

2.7 Trustami customer reviews (Art 13 and Art 14 GDPR)

3. purposes of data processing and legal bases outside the website

3.1 Contact by e-mail and fax

3.2 Advertising and marketing

3.3 Appearances in social media

3.4 Processing of applications (Art. 13 and Art. 14 GDPR)

4. data transfer and recipients in general

5. storage duration of the data in general

6. profiling and automated decision-making

7. cookies

7.1 Necessary cookies

7.2 Target-orientated cookies:

7.3 Marketing cookies:

7.4 Trusted Shops cookie

7.5 Cookie cdn.jsdelivr.net

7.6 Cookies paypal.com and paypalobjects.com

7.7 Google Tag Manager

7.8 Cookies www.google.com and www.google-analytics.com

7.9 Cookie fonts.gstatic.com

8. rights of data subjects/your rights to protect your personal data

9. right to lodge a complaint

10. other

The protection of your privacy is important to us. We strictly adhere to the legal provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other applicable legal provisions for the protection, lawful handling and confidentiality of personal data.

In the following, we would like to inform you about the processing of your personal data in the webshop www.cliniccare.de and in general about the processing of personal data by us as the controller. If you have any questions, please contact us using the contact details provided.

1. Controller and data protection officer
1.1 Name and address of the data controller

The controller within the meaning of the EU General Data Protection Regulation (GDPR) is

1.2 Name and address of the data protection officer
No data protection officer has been appointed (no obligation to appoint)

2. Purposes of processing and legal basis Website

2.1 Logging of activities on our website (log files)

When you visit our website, we collect and store access data in log files (so-called log files or access logs) in order to ensure the permanent functionality of the website. We process the following data in this context:

• IP address
• Date and time of access
• Websites from which you access our site (referrer URL)
• Operating system
• Name of the internet service provider
• Product and version information of the browser used
• Amount of data transferred, loading time
• Contact form

When the Trustami Trust Seal is accessed, the web server automatically saves data (access data) in the form of a server log file, which contains the name of the website accessed, the file, the date and time of access, your IP address in abbreviated form, the amount of data transferred, the notification of a successful access, the browser type, the user's operating system, the referrer URL (the previously visited page) and the requesting provider. This access data is not analysed and is automatically overwritten no later than seven days after the end of your visit to the site. The Trustami trust seal and the services advertised with it are an offer from Trustami GmbH, Schröderstraße 5, 10115 Berlin. Trustami's privacy policy at www.trustami.com/privacy applies to the processing of data collected by Trustami.

The legal basis for data processing is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. This lies in ensuring the functionality, security and accessibility of the website for all site visitors, if necessary in the establishment, defence and assertion of legal claims as well as trust in our web shop through the use of a recognised certificate, customer loyalty.

You have the right to object to this data processing (right of data subjects to object to data processing in the legitimate interest pursuant to Art. 21 para. 1 GDPR). In this case, we will only process your data if we have compelling legitimate grounds for further processing.

It is not possible to draw any direct conclusions about your identity from the information. The data will be automatically deleted once the aforementioned purposes have been achieved.

Data transfer: As a rule, we only pass on your data collected on the basis of the use of our website to the extent that this is absolutely necessary to fulfil the stated purposes (e.g. operation and maintenance of the website via external service providers). In the course of our cooperation with Trusted Shops GmbH, Cologne and Trustami GmbH (in each case use of special services - see description below for more details), we forward log file data to the companies. However, we may also be legally or officially obliged to forward data to third parties (e.g. forwarding data to law enforcement authorities).

Storage period: We store log file data for a period of 7 days from the end of your website visit.

2.2 Contact Form

There is a contact form on our website that can be used to contact us electronically. To use the contact form, please enter your e-mail address, subject and your message to us (mandatory fields) so that we can process and respond to your enquiry accordingly. In addition, you can also send us your name (first name and surname) and your order ID so that we can better respond to your enquiry.

We process the data and information provided exclusively for the purpose of responding to your enquiry or contacting you. The data is used on the legal basis of legitimate interest Art. 6 para. 1 lit. f GDPR (our legitimate interest lies in the provision and use of various communication offers) and, if applicable, contract fulfilment Art. 6 para. 1 lit. b GDPR. If we base the data processing contact form on the legal basis of legitimate interest, you have the right to object in accordance with Art. 21 para. 1 GDPR. In this case, we will only process your data if we have compelling legitimate grounds for further processing.

As an alternative to using the contact form, you can contact us via the email address provided, by phone or by post.

Data transfer: We only pass on your data to third parties to the extent that this is necessary to process the communication (e.g. passing on data to the e-mail provider).

Storage period: Data transmitted to us via the electronic contact form will be stored for a period of 3 years from the end of the calendar year in which the communication took place.

2.3 Processing of goods and product orders

When placing orders via our webshop (this website), you provide us with personal data. We use this data to process the goods or product orders (collection of orders, sorting, labelling, sending the goods, invoicing/billing, carrying out any necessary queries, etc.). In individual cases, we clarify the creditworthiness of those ordering goods via a specialised service provider (Schufa Holding AG, arvato Infoscore GmbH, atriga GmbH).

Our legal basis for this data processing is Art. 6 para. 1 lit. b GDPR (pre-contract, contract, contract fulfilment, fulfilment of post-contractual obligations), legal obligation Art. 6 para. 1 lit. c GDPR (fulfilment of legal storage obligations §147 Fiscal Code, §257 Commercial Code), and, if applicable, legitimate interest Art. 6 para. 1 lit. f GDPR (collection, assertion and defence of legal claims; in the case of credit checks, protection of the property/assets of the person responsible).

Forwarding of data: We forward the personal data collected to third parties insofar as this is absolutely necessary to process the order.

Data is passed on to communication service providers in the processing of order-related communication, data may be passed on to credit checkers if it is recognised that clarification of creditworthiness is necessary in the event of an incident, data is passed on to our service provider plentysystems AG (in connection with merchandise management).

Furthermore, limited data is transferred to logistics companies and shipping service providers when shipping goods and products. Our legal basis for this data processing is your consent (Art. 6 para. 1 lit. a GDPR). It is not possible to dispatch goods and products without passing on data to logistics companies and shipping service providers. You can revoke your consent at any time with effect for the future.

Storage period: Your data will only be stored for the duration required to fulfil the purpose, and beyond that for as long as we are legally obliged to store/keep data. In accordance with Section 147 of the German Fiscal Code and Section 257 of the German Commercial Code, we must retain records/documents relevant for tax or accounting purposes for a period of 10 years from the end of the calendar year to which they relate.

2.4 Payment processing

We offer you various payment options (PayPal, PayPal Express, Sofortüberweisung, payment by VISA or Mastercard, Giropay and prepayment). The payment options PayPal, PayPal Express, VISA or Mastercard payment, Giropay and purchase on account are processed via the service provider PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg ("PayPal") - for this purpose we forward your personal data to PayPal for the purpose of payment processing. For the payment option PayPal/PayPal Express you need a PayPal user account, the payment options VISA or Mastercard payment, Giropay and purchase on account are possible without a PayPal user account.

If you choose the prepayment payment option, we do not cooperate with specialised service providers.

The legal basis for data processing is Art. 6 para. 1 lit. b GDPR - data processing is necessary for the fulfilment of the contract (processing of payment). The provision of personal data (payment information) is necessary for the purchase of our goods and products, without provision a purchase of goods/products is not possible. Please note that PayPal, as a payment service provider, independently carries out credit checks in individual cases and reserves the right to pass on data to third parties. Information on the processing of your personal data by the payment service providers can be found at https://www.paypal.com/us/legalhub/privacy-full

Storage period: We store your personal data in accordance with our legal obligations to store/retain data. In accordance with Section 147 of the German Fiscal Code and Section 257 of the German Commercial Code, we must retain records/documents relevant for tax or accounting purposes for a period of 10 years from the end of the calendar year to which they relate.

2.5 Customer account

We offer you the opportunity to create a customer account on our website/online shop to facilitate future ordering processes and product reservations. To create a customer account, please provide us with the personal data marked as mandatory fields and set a personal user password for your customer account. In order to facilitate future order processes, you can also provide us with the delivery address and other data after registration (e.g. telephone number for queries about ordering or despatching goods). Your customer account is also used to store/save orders placed or goods purchased (your purchasing behaviour) (facilitating repeat orders).

The legal basis for data processing in connection with the customer account is your voluntary consent given when creating the customer account (Art. 6 para. 1 lit. a GDPR). Creating a customer account is voluntary and not a prerequisite for purchasing goods or products via our online shop. You can revoke your consent at any time with effect for the future without giving reasons by sending a message to the contact details given above. Any revocation does not affect the legality of the data processing carried out until the revocation.

Data transfer: Your data will not be passed on to third parties.

Storage period: Your personal data will be processed for the duration of the customer account; after deletion/deactivation of the customer account, the information linked to the customer account (e.g. purchases of goods) will also be removed.

If a customer account is not used for a longer period of time (no logging in, no orders via the account), we will ask you whether you wish to continue using your customer account. If you do not respond to our notification, we will delete the customer account/stop processing the data after a reasonable period of time. This is done in fulfilment of data protection principles/in your interest.

Miscellaneous: Please note that you will automatically remain logged in to your customer account even after leaving our website, unless you actively log out. When selecting your personal password, please ensure that it is sufficiently complex to protect your personal data. The password is used together with your e-mail address to access your customer account. Please treat your personal access data confidentially.

2.6 Trusted Shops seal of approval and Trusted Shops customer reviews

In order to display the Trusted Shops seal of approval, any reviews collected and to link to special offers from Trusted Shops GmbH, Subbelrather Straße 15c, 50823 Kön, Germany (hereinafter "Trusted Shops") - e.g. buyer protection - we have integrated functions of the Trusted Shops company on our website.

The integration serves to offer buyers the best possible security (use of a recognised certificate, guarantee of trustworthiness) and maximum convenience when purchasing our goods and products. We forward personal data to the company Trusted Shops to guarantee the functions.

Our legal basis for the use of Trusted Shops services and for forwarding data to Trusted Shops is legitimate interest (Art. 6 para. 1 lit. f GDPR). Our legitimate interest lies in ensuring our identity as a seller to protect the customer (promotion of trust). You have the right to object to this data processing (right of data subjects to object to data processing in the legitimate interest pursuant to Art. 21 para. 1 GDPR). In this case, we will only process your data if we have compelling legitimate grounds for further processing.

Data transfer: Your data will be transmitted to Trusted Shops GmbH.

Storage period: Your data will only be transmitted by us to Trusted Shops; we will not store it.

Information on the processing of personal data by Trusted Shops GmbH can be found at https://www.trustedshops.co.uk/imprint/#user-privacy-policy

2.7 Trustami customer reviews (Art 13 and Art 14 GDPR)

The "trust seal" of the company Trustami GmbH is integrated on our website. This is used to collect customer reviews of our products - reviews from various sales and review platforms are summarised. Customers can use the "trust seal" to view the experiences of other customers and incorporate them into their purchase decision.

Processing of personal data of users of rating and sales platforms: In connection with the Trustami "trust seal", customer ratings are collected and published. We do this on the legal basis of legitimate interest Art. 6 Para. 1 lit. f GDPR (sales promotion/increase in closing rates). We receive the published customer reviews via our partner Trustami GmbH or from sales and review platforms. The personal ratings provided and any non-anonymous user names (pseudonym or real name) published in connection with the rating are processed. 

Processing of website visitor data via integration of Trustami instances: If you as a website visitor select the Trustami - "Trust Seal", you will be redirected to a new website on which the information of the seal is displayed. Log file data is processed to ensure the functionality, security and accessibility of the website, this is done on the legal basis of legitimate interest Art. 6 para. 1 lit. f GDPR - see above for more details.

You have the right to object to this data processing (data subject's right to object to data processing in the legitimate interest pursuant to Art. 21 para. 1 GDPR). In this case, we will only process your data if we have compelling legitimate grounds for further processing.

3. Purposes of data processing and legal bases outside the website
3.1 Contact by e-mail and fax

If you contact us by email and/or fax, we will use your personal data exclusively to answer your enquiry (e.g. product enquiry, service enquiry, warranty processing, other) on the legal basis of legitimate interest Art. 6 para. 1 lit. f GDPR (communication processing). You have the right to object to this data processing (data subject's right to object to data processing in the legitimate interest pursuant to Art. 21 para. 1 GDPR). In this case, we will only process your data if we have compelling legitimate grounds for further processing.

We will only forward your personal data to the extent that this is necessary to respond to your enquiry (e.g. data transmission to email providers). Storage period: We store personal data for a period of 3 years from the end of the calendar year in which the communication took place.

3.2 Advertising and Marketing

We generally use your personal data for advertising and marketing purposes on the legal basis of legitimate interest Art. 6 para. 1 lit. f GDPR in order to send you advertising information tailored to your needs and interests (information about our company's products and services). In doing so, we take particular care not to violate legal regulations on authorised contact and the design of commercial communication (§7 UWG, §6 TMG).

If necessary, we will obtain your express voluntary consent for contacting you for advertising and marketing purposes (promotional telephone calls). In this case, Art. 6 para. 1 lit. a GDPR in conjunction with §7a UWG is the legal basis for data processing.

You have the right to object to data processing in the legitimate interest in accordance with Art. 21 para. 2 GDPR. In this case, we will no longer process your data. You can revoke your consent at any time without giving reasons with effect for the future. Further information can be found in this data protection information under the section on data subject rights.

Data transfer: We only share your data with third parties to the extent necessary to fulfil our advertising and marketing objectives (e.g. email providers, advertising agencies, printing and mailing service providers).

Storage period: We process your data for the duration of an upright contractual relationship with us, after termination of this relationship for a maximum period of 2 years.

3.3 Appearances in Social Media

We operate publicly accessible presences in social networks/social media for the purposes of public relations work, the presentation of our offers and services and the provision of electronic contact channels.

Together with the operators of the social networks, we may be jointly responsible under data protection law for parts of the data processing resulting from your visit to our website. If this is the case, we have concluded a joint controllership agreement (Art. 26 GDPR) with the operator. In principle, you can assert your rights (for more details, see the section on data subjects' rights in this data protection information) against both us and the respective operator of the social network.

Please note that, despite any joint responsibility with the operators of the social networks, we only have limited influence on the data processing operations. Our options are largely determined by the corporate policy of the respective operator. We utilise all available options with regard to limiting the scope of data processing (e.g. limiting the personal data collected, limiting the storage period, etc.) and make appropriate settings.

Please note that we cannot rule out the possibility of your personal data being transferred to the USA. The "Adequacy decision for the EU-US Data Privacy Framework" applies.

Our legal basis for the use of data is legitimate interest (Art. 6 para. 1 lit. f GDPR). This lies in public relations work, building and promoting trust in our company and enabling us to reach certain target groups. You have the right to object to this data processing (data subject's right to object to data processing in the legitimate interest pursuant to Art. 21 para. 1 GDPR). In this case, we will only process your data if we have compelling legitimate grounds for further processing.

The operators of social networks use personal data for their own purposes, which include analysing your usage behaviour using analysis and tracking functions and personalised advertising based on your interests. You can find more information on this in the operators' data protection information.

Facebook: We operate a fan page on the "Facebook" platform of Meta Platforms Ireland Limited (Meta) and are - for parts of the data processing (Facebook Insights) - jointly responsible with Meta under data protection law. We have concluded a joint controllership agreement with Meta (Art. 26 GDPR). This agreement specifies which of the parties is responsible for which data processing operations. Meta uses the personal data and information collected for its own purposes and may also forward it to third parties (USA and other third countries). The "Adequacy decision for the EU-US Data Privacy Framework" exists for this purpose.

For information on Meta's data processing, please refer to the company's privacy policy: https://www.facebook.com/about/privacy/. 

You can customise your advertising settings yourself in your Facebook user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data transfer: We forward your data to Meta Platforms Ireland Limited.

3.4 Processing of applications (Art. 13 and Art. 14 GDPR)

We process personal data for the purpose of handling application procedures (receipt of applications including accompanying documents, sorting, assessment of suitability for the position in question, selection of applicants, contacting applicants, transfer of employment relationship, etc.). 

The legal basis for data processing is §26 BDSG ("Decision on the establishment of an employment relationship or, after the establishment of the employment relationship, for its implementation") in conjunction with Art. 6 para. 1 lit. f GDPR (legitimate interest - implementation of application procedures/personnel recruitment to enable the provision of our services; establishment, exercise and defence of legal claims).

We only process special categories of data (e.g. trade union and religious affiliation, health data) insofar as this is necessary to exercise rights or fulfil legal obligations under labour law, social security and social protection law and your interests worthy of protection do not outweigh this (Section 26 (3) BDSG).

Personal data relating to criminal convictions and offences (police clearance certificate) will only be processed if this is necessary to safeguard our legitimate interests (Art 10 in conjunction with Art 6 para 1 lit f GDPR) - selection of suitable applicants for work in the healthcare sector.

Source/origin of the data: As a rule, we collect personal data directly from the applicant as part of the application process. However, it is possible that we may also receive personal data from third parties (e.g. application via external job platforms, use of the services of recruitment agencies) to whom the applicant has made the data available for disclosure.

Processed data: We process the data or information that applicants provide to us as part of the application or that we receive from third parties for this purpose (e.g. first name, surname, nationality, contact details, certificates, qualifications and previous activities) or that we request separately. In individual cases, we also process special categories of data (e.g. health data, religious affiliation, degree of disability) or the police clearance certificate.

Applications are only possible if personal data is provided/disclosed; if this data is not provided, it will not be possible to apply or consider the application.

Data transfer: In the event of successful applications, we transmit data to the payroll accountant/tax consultant commissioned by us, the tax office, health insurance fund(s) and the pension insurance institution.

Storage period: We generally delete applicant data after 6 months from the end of the respective application process. In individual cases, we retain data for as long as is necessary for the establishment, defence and assertion of legal claims.

4. Data transfer and recipients in general

We only pass on personal data to the extent that this is absolutely necessary to fulfil the stated purposes. For all data transfers, we ensure that only the absolutely necessary information is transferred and fulfil the data protection requirements for data transfer (e.g. strict obligation to follow instructions for processors via Art 28 contracts, obligation to secrecy and confidentiality, obligation to fully comply with an adequate level of protection in the processing of personal data).

If necessary, we may also be obliged by law or by the authorities to disclose data to third parties (e.g. disclosure of data to law enforcement authorities and courts).

Details on data transfers and recipients can be found in the explanations on the processing purposes.

5. Storage period of the data in general

Your data will only be stored for as long as is technically and organisationally necessary to achieve the stated purposes and to fulfil our legal obligations. If necessary, we may also retain your personal data for certain periods of time on the legal basis of legitimate interest (e.g. collection, assertion and defence of legal claims). When determining the periods, we take care not to infringe your rights and freedoms. If data retention is no longer required, we will delete your data immediately.

Detailed information on the specified storage period can be found under the respective processing purpose.

6. Profiling and automated decision-making
We do not carry out profiling measures (evaluation of certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location), nor do we make decisions on the basis of this information.

7. Cookies
Cookies are used on our website. Cookies are small files that are stored either for the duration of your browser session in the cache of your Internet browser (session cookies) or for a specified period on your hard drive (permanent cookies). Cookies make it possible to recognise you so that you can be provided with content tailored to your needs and wishes more quickly and in a more targeted manner on future visits to our website.

For the use of cookies, we usually obtain your express consent via a cookie banner (legal basis Art. 6 para. 1 lit. a GDPR), cookies that are technically necessary for the operation of the website (and therefore must be set initially) are used on the legal basis of legitimate interest Art. 6 para. 1 lit. f GDPR.

Overview of the cookies used:

7.1 Necessary Cookies

These technically necessary cookies ensure basic website functions.

PayPal Cookies

Automatische Spracherkennung

7.2 Zielorientierte Cookies:

Von Google Analytics eingesetzte Cookies

Google Analytics 4

 [1] The stream ID is used instead of ABCDEF. The name of the cookie is therefore different depending on the property or data stream. Google Analytics therefore sets the general _ga cookie and an additional cookie for each built-in property or data stream.

[2] This cookie is only set if you have optionally activated Google Signal.

7.3 Marketing Cookies:

Google Tag Manager

Google Ads

You can revoke your consent at any time without giving reasons with effect for the future. To do this, please activate the cookie banner by clicking on the symbol at the bottom left ("Privacy settings") on the website and select the appropriate settings.

You have the right to object to data processing in the legitimate interest (data subject's right to object pursuant to Art. 21 para. 1 GDPR). In this case, we will only process your data if we have compelling legitimate grounds for further processing.

In the following, we inform you about the processing purposes and backgrounds pursued with the respective cookie:

7.4 Cookie Trusted Shops
This website uses services of the company Trusted Shops GmbH, Subbelrather Straße 15c, 50823 Kön, Germany (hereinafter "Trusted Shops"), including the Trusted Shops seal of approval (Trustbadge), Trusted Shops customer ratings and the saving of items in the shopping basket. In order to ensure the functionality of the Trusted Shops GmbH functions integrated on our website, it is necessary to set the Trusted Shops cookie. The information generated by the cookie (including information about the use of the website, orders placed) is transmitted to Trusted Shops GmbH servers and processed by Trusted Shops GmbH for the purposes mentioned, as well as used for its own purposes.

The data forwarding to Trusted Shops is based on the legal basis of legitimate interest Art. 6 para. 1 lit. f GDPR (trust in our webshop through the use of a recognised certificate, customer loyalty). You can find more information on the use of data by Trusted Shops and on Trusted Shops data protection at https://www.trustedshops.co.uk/

7.5 Cookie cdn.jsdelivr.net

The cdn.jsdelivr.net cookie is used to provide website content via a content delivery network (CDN) in order to shorten loading times or to simplify the loading of technical content across multiple subpages.

Our legal basis for the use of this cookie is our legitimate interest (Art. 6 para. 1 lit. f GDPR) - this lies in the accessibility of the website for all website visitors and the fastest possible provision of website content.

7.6 Cookies paypal.com and paypalobjects.com

When using PayPal payment services, cookies are set by the service provider PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. These are used to map the selected payment options/to ensure data transmission to the service provider.

The data forwarding to PayPal is based on the legal basis of legitimate interest Art. 6 para. 1 lit. f GDPR (realisation of the payment option requested by the customer). You can find more information on the use of data by PayPal and on data protection at PayPal at https://www.paypal.com/uk/legalhub/privacy-full?locale.x=de_DE#1-rev.

7.7 Google Tag Manager

We use the "Google Tag Manager" service (a service of the company Google LLC - as a company based in the EU, we cooperate with the Google subsidiary Google Ireland Limited (hereinafter "Google")) as the central means of data collection, recording and forwarding of the personal data associated with the website visit.

The Google Tag Manager service bundles the applications we use into a central administration interface, which makes it easier for us to administer the website applications. The use of Google Tag Manager requires the setting of a Google cookie and the forwarding of data to Google (the information generated by the cookie about the use of the website is transmitted to Google's servers and stored there).

Please note that we cannot rule out the possibility of your personal data being transferred to the USA. The "Adequacy decision for the EU-US Data Privacy Framework" exists in this regard.

Our legal basis for the use of Google Tag Manager is your voluntary data protection consent given via the selection in the cookie banner in accordance with Art. 6 para. 1 lit. a GDPR.

Information on how Google handles user data can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en

7.8 Cookies www.google.com and www.google-analytics.com 

This website uses Google Analytics, a web analytics service provided by Google LLC. As a company based in the European Union, we cooperate with the Google subsidiary Google Ireland Limited (hereinafter "Google").

The information generated by the cookies about the use of the website is transmitted to Google's servers and stored there.

Google uses this information on our behalf to analyse your use of our website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. Usage profiles of visitors to our website can be created from the transmitted data.

Please note that we cannot rule out the possibility of your personal data being transferred to the USA. The "Adequacy decision for the EU-US Data Privacy Framework" exists in this regard.

The evaluation of your user behaviour on the website is based on your consent Art. 6 para. 1 lit. a GDPR. You can find more information on the terms of use and data protection of Google Analytics at

http://www.google.com/analytics/terms/en.html or https://policies.google.com/privacy?hl=en.

7.9 Cookie fonts.gstatic.com

To display fonts on the website, we use so-called "web fonts", which are provided by Google LLC. As a company based in the European Union, we cooperate with the Google subsidiary Google Ireland Limited (hereinafter "Google"). The display of Google Fonts requires the setting of a Google cookie, the execution of certain data processing by Google and the forwarding of user data (e.g. data on user behaviour) to Google.

Please note that we cannot rule out the possibility of your personal data being transferred to the USA. The "Adequacy decision for the EU-US Data Privacy Framework" exists in this regard.

Our legal basis for the use of Google fonts and the forwarding of data to Google is your voluntarily granted consent Art. 6 para. 1 lit. a GDPR. 

Information on how Google handles user data can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en.

8 Rights of data subjects/your rights to protect your personal data

You have a number of rights in relation to your personal data processed by us. You can assert all these rights free of charge and informally (by e-mail, telephone or post), if necessary after providing proof of your identity, at the address given below. Your rights in detail:

Right to information: You can informally request information about the data processed by us at any time. In this case, we will inform you in writing of the data we have stored about you, the purposes for which we use it, the categories of recipients to whom we pass it on and how long we intend to store it. We will respond to your request for information without delay, but within one month at the latest. 

Right to erasure: You have the right to informally request the erasure of your data processed by us at any time. We will comply with this request if your data is no longer required for the purpose for which it was collected, if you revoke any existing consent, in the event of unlawful data processing or if deletion is necessary to fulfil a legal obligation. 

Right to rectification: If we process incorrect or incomplete data about you by mistake, we will of course rectify it. All you need to do is send us an informal notification. 

Right to restriction of processing: If it is not possible to erase your data or if you do not wish your data to be erased, but you do not consent to its use beyond the storage of the data, we are obliged to restrict the further processing of your personal data upon your notification. 

Right to data portability: We will provide you with the data we have stored about you, which we have received on the basis of a contract or your consent, free of charge in a common file format upon your informal notification. You can use this data for your own purposes and pass it on to future contractual partners. If you wish and if it is technically feasible, we will also transfer your data directly to an addressee named by you. In this case, we will inform you after the transfer has taken place. We will fulfil your request immediately, but at the latest within one month. 

Right to revoke consents granted: You can revoke your consent to data processing at any time with effect for the future. In this case, we will cease data processing. The legality of the data processing carried out up to this point is not affected by the withdrawal of consent.

Right to object: If we process your data on the basis of our legitimate interest, you have the right to object to the further processing of your data in accordance with the General Data Protection Regulation. If you exercise this right, we will no longer process your data for the purpose to which you have objected - unless there are legitimate grounds on our part for further processing that outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.

9. Right of complaint

The EU General Data Protection Regulation and the German Federal Data Protection Act guarantee you the above-mentioned rights. If you believe that one of these rights has been violated by us, you have the option of lodging a complaint with a data protection supervisory authority.

The data protection authority responsible for us is

Claims against us to which you are entitled under other legal bases remain unaffected. We would be pleased if you would give us the opportunity to dispel any concerns or help clarify any questions before involving the authorities.

10. Miscellaneous

We take all necessary and appropriate technical and organisational security measures to protect your personal data from loss and misuse. Your data is stored in a secure, state-of-the-art operating environment.

Access to our website is secured via HTTPS. This means that communication between your end device and our servers is encrypted.

In order to improve our service offering, you will find links on our website to other websites for which other providers are responsible. To what extent our partners collect personal data, please refer to their data protection declarations. You can recognise the redirection by the fact that a new browser window opens and a new address is displayed in the browser line.

Our website also contains pictograms/symbols for our presence on the Facebook platform. This is merely a redirect/link and not a "social media plugin". We do not transmit any personal data to the platform operator.

We expressly reserve the right to make future changes or adjustments to this privacy policy.

Status of the data protection information: 10/2023