Privacy policy

Privacy Policy for the Seeberger GmbH Web-Shop (https://www.seeberger.de/)

March 2026

Table of contents

I. Identity and Contact details of the data controller
II. Contact details of the data protection officer
III. General Information on data processing
IV. Your Rights
V. Transfer of your personal data
VI. Provision of website and creation of logfiles
VII. Use of Cookies
VIII. Registration
IX. Web shop
Order Processing
Guest Orders
Service provider
Shipping service providers
X. Payment options
XI. Newsletter
XII. Contact via Email
XIII. Contact form for general enquiries and complaints
XIV. Company profiles on social networks
XVI. Integrated third-party services
XVII. Integration of plugins via external service providers
XVIII. Changes to this privacy policy

I. Identity and Contact details of the data controller

The data controller responsible in accordance with the General Data Protection Regulation (GDPR) of the European Union and other data protection regulations is:

Seeberger GmbH
Hans-Lorenser-Straße 36
89079 Ulm
Germany

+49 731 4093-0
shop@seeberger.de
www.seeberger.de

II. Contact details of the data protection officer

The designated data protection officer is:

DataCo GmbH
Sandstraße 33
80335 München
Germany

+49 89 7400 45840
www.dataguard.de

III. General Information on data processing

In the following, we inform you about the processing of your personal data on our website.

How we collect and use your personal data will depend on how you interact with us or the services you use. We only collect, use or share your personal data where we have a legitimate purpose and legal basis for doing so.

What do we mean by legal basis?

Consent (Art. 6(1)(a) GDPR) – You have given us your consent to process your personal data for the specific purpose we have explained to you. You have the right to withdraw your consent at any time. You can revoke your consent by sending us an email to datenschutz@seeberger.de.

Contract (Art. 6(1) (b) GDPR) – We need to use your data to fulfill a contract you have with us. Alternatively, it is necessary to use your data because we have asked you to, or you have taken yourself, specific steps before entering that contract.

Legal obligation (Art. 6(1) (c) GDPR) – We need to use your data to comply with the law.

Vital interests (Art. 6(1) (d) GDPR) – Processing your data is necessary to protect your vital interests or those of another person. For example, to prevent you from serious physical harm.

Public task (Art. 6(1) (e) GDPR) – Processing your data is necessary for the performance of a task carried out in the public interest or because it is covered by a task set out in law, for example, for a statutory function.

Legitimate interests (Art. 6(1) (f) GDPR) – Processing your data is necessary to support a legitimate interest that we or another party has, only where this is not outweighed by your own interests.

Please note where your data is processed under the performance of a contract or for a legal obligation, if you do not provide the data requested, we may be unable to provide you with our website.

IV. Your Rights

When your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights:

1. Right of access (Art. 15 GDPR)

You may request the data controller to confirm whether your personal data is being processed by them. If this is the case, you can request the following information from the data controller:

● Purposes of processing;
● Categories of personal data being processed;
● Recipients or categories of recipients to whom the personal data have been or will be disclosed;
● Planned storage period or the criteria for determining this period;
● The existence of the rights to rectification, erasure or restriction or objection;
● The existence of the right to lodge a complaint with a supervisory authority;
● If applicable, origin of the data (if collected from a third party);
● If applicable, existence of automated decision-making including profiling with meaningful information about the logic involved, the scope and the effects to be expected;
● If applicable, transfer of personal data to a third country or an international organization.

2. Right to rectification (Art. 16 GDPR)

You have a right to rectification and/or modification of the personal data, if your personal data is incorrect or incomplete. The data controller must correct the data without delay.

3. Right to restriction of processing (Art. 18 GDPR)

If one of the following conditions is met, you may request the restriction of the processing of your personal data:

● If you challenge the accuracy of your personal data for a period that enables the data controller to verify the accuracy of your personal data.
● The processing is unlawful, and you refuse the erasure of the personal data and instead request the restriction of the use of the personal data.
● We no longer need the personal data for the purpose of processing, but you need it to assert, exercise or defend your legal claims; or
● If you have objected to the processing pursuant to Art. 21(1) GDPR and it is not yet certain whether the legitimate interests of the data controller override your interests.

4. Right to erasure ("right to be forgotten") (Art. 17 GDPR)

If you request from the data controller to delete your personal data without undue delay, they are required to do so immediately if one of the following applies:

● Personal data concerning you is no longer necessary for the purposes for which they were collected or processed.
● You withdraw your consent on which the processing is based and there is no other legal basis for processing the data.
● You object to the processing of the data and there are no longer overriding legitimate grounds for processing, or you object pursuant to Art. 21 (2) GDPR.
● Your personal data has been processed unlawfully.
● The personal data must be deleted to comply with a legal obligation in Union law or Member State law to which the data controller is subject.
● Your personal data was collected in relation to information society services pursuant to Art. 8 (1) GDPR.

Please note that the above reasons do not apply if the processing is necessary:
● to exercise the right to freedom of expression and information;
● for compliance with a legal obligation required by the Union or Member States law to which the data controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
● for reasons of public interest in the area of public health;
● for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes;
● for the establishment, exercise or defense of legal claims.

5. Right to information (Art. 19 GDPR)

If you have the right of rectification, erasure or restriction of processing over the data controller, they are obliged to notify all recipients to whom your personal data have been disclosed of the correction or erasure of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.

You reserve the right to be informed about the recipients of your data by the data controller.

6. Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance by the data controller who was initially given the data.

7. Right to object (Art. 21 GDPR)

For reasons that arise from your particular situation, you have, at any time, the right to object to the processing of your personal data pursuant to Art. 6(1) (e) or 6(1) (f) GDPR; this also applies to profiling based on these provisions.

If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data in regard to such advertising; this also applies to profiling as it is associated with direct marketing.

8. Right to withdraw the consent (Art. 7 (3) GDPR)

If you have consented to the processing by the controller by means of a corresponding declaration, you have the right to withdraw your consent at any time for the future. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

9. Automated individual decision-making, including
profiling (Art. 22 GDPR)

You have the right not to be subject to a decision based solely on automated processing, including profiling that will have legal effect or affect you in a similar manner.

10. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, if you believe that the processing of personal data concerning you violates the GDPR. The supervisory authority to which the complaint has been submitted shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

V. Transfer of your personal data

If this is necessary for the purposes mentioned, we will transfer your personal data to the following categories of recipients:
• IT service providers used by us
• Payment service providers
• Distribution partners, logistics companies or delivery service providers used by us
• Companies belonging to the Seeberger Group.

Some of the recipients mentioned above are located outside your country or process your personal data there. The level of data protection in other countries may not be the same as in your country. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection, or we take measures to ensure that all recipients have an adequate level of data protection. For example, we conclude standard contractual clauses (SCCs).

For example, where we use US service providers, we either rely on SCCs or the EU-US Data Protection Framework, depending on the specific provider. You can request a copy of the SCCs we have concluded with our service providers by emailing us at datenschutz@seerberger.de.

VI. Provision of website and creation of logfiles

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and relevant information from the computer system of the calling device.

The following data is collected:

Browser type and version used
The user's operating system
The Internet service provider of the user
IP address
Date and time of access
Web pages from which the user's system accesses our website
Web pages accessed by the user's system through our website

This data is stored in the log files of our system. This data is not stored with the user’s other personal data.

2. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer.

The storage in logfiles is done to ensure the functionality of the website. The data also is used to optimize the website and to ensure the security of our information technology systems. An analysis of the data for marketing purposes does not take place.

3. Legal basis for data processing

The legal basis for the temporary storage of data is Art. 6(1) (f) GDPR. Our legitimate interest lies in the purposes of data processing mentioned under 2.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of collection. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after thirty days at the latest. Data that must be retained for evidentiary purposes is excluded from the deletion until the respective incident has been conclusively clarified.

5. Possibility of objection

The collection of data for the provision of the website as well as the storage of data in log files are essential for the operation of the website. The user can object to this. Whether the objection is successful will be determined after evaluating interests. To do so, send an email to datenschutz@seeberger.de.

VII. Use of Cookies

1. Description and scope of data processing

When you visit our website, we use technical tools for various functions, in particular cookies, which can be stored on your device. When you visit our website for the first time and at any time later, you have the choice of whether you generally permit the setting of cookies or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager.

We use technically necessary cookies, which are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly). The following data is stored and transmitted in the technically necessary cookies:

• Language settings
• Your cookie settings (consent/refusal)
• Items in shopping basket
• Log-in information
• Search terms entered
• Frequency of page views
• Use of website functionalities

We use cookies on our website that are not technically necessary. Technically unnecessary cookies are text files that are not only used for the functionality of the website, but also collect other data. As a result, the following data will be processed:

• Internat user location
• Date and time of the website request
• Customisation of the advertisements to the user
• Tracking of surfing behaviour
Linking the website visit with other social media platforms

2. Purpose of data processing

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

The use of technically not necessary cookies is carried out for the purpose of improving the quality of our website and its content. By setting these cookies, we learn how the website is used and can thus constantly optimize our offer. These cookies serve us particularly for the following purposes:
● Analysis
● Personalised marketing

3. Legal basis for data processing

The legal basis for the processing of personal data using non-technical cookies is Section 25(1) TDDDG in conjunction with Art. 6(1) (a) GDPR.

The legal basis for the processing of personal data using technically necessary cookies is Section 25(2) TDDDG in conjunction with Art. 6(1) (f) GDPR. Our legitimate interest lies in the purposes of data processing mentioned under 2.

4. Cookie settings and deletion

You can withdraw your consent to the use of cookies at any time and manage your cookie settings via a link in the footer of the website or access your cookie settings at the following link: https://www.seeberger.de/policies/privacy-policy.

VIII. Registration

1. Description and scope of data processing

We offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data will not be passed on to third parties. Registration and authentication are carried out using the procedures provided by our shop system. In particular, passwordless procedures (e.g. via one-time password, OTP) or single sign-on procedures can be used for this purpose.

The following data is collected as part of the initial registration process:
• Email address
• Surname
• First name
• Authentication information (e.g. one-time confirmation codes as part of passwordless login procedures or technical identifiers when using single sign-on procedures)
• IP address
• Date and time of registration

As part of the passwordless authentication process, users enter their email address when registering and receive a one-time valid confirmation code (one-time password) at this address. This code is valid for a limited time and is used exclusively for the one-time authentication of the user. In this case, the password is not stored permanently.

Alternatively, registration or login can be carried out via a single sign-on procedure using an existing user account with a third-party provider (e.g. Google or Facebook). In this case, we receive the information required for registration or login (name and email address) from the respective provider.

As part of the registration process, your consent to the processing of this data is obtained.

After successful registration, users can manage their accounts themselves and use the functions of our website, such as placing orders or writing comments. The following personal data is processed when using the user account:
• First name
• Last name
• Salutation (optional)
• Login data
• Order history
• Comments (if applicable)

Registration on our website is voluntary. It is not required for the fulfillment of a contract with you or for the execution of pre-contractual measures.

2. Purpose of data processing

User registration is required for providing certain content and services on our website.

3. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 (1) (a) GDPR if you have given consent. If the registration serves the fulfilment of a contract to which the user is a party or the execution of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 (1) (b) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case for the data collected during the registration process for the fulfilment of a contract or for the execution of pre-contractual measures if the data is no longer required for the implementation of the contract. Even after the conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to comply with contractual or legal obligations.

When you register on our website, we will store your data for as long as your account exists.

5. Exercising your rights

As a user you have the possibility to cancel the registration at any time. You can request a change to the data stored about you at any time. If you wish to delete your account, please contact us by email at datenschutz@seeberger.de.
If the data is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, a premature deletion of the data is only possible insofar as contractual or legal obligations do not stand in the way of a deletion.

IX. Web shop

Order Processing

1. Description and scope of data processing

We collect the following categories of personal data during your visit to our web shop and during the processing, handling and administration of your orders:
• E-mail or mobile phone number
• Country / Region
• First name
• Last name
• Company (optional)
• Street and house number
• Postcode
• City / Town
• Telephone (optional)
• Payment method
• Shopping basket

You are not obliged to provide us with the personal data we request. However, you will not be able to use all the functions of this web shop or order goods from our web shop if you do not provide your personal data. If the provision of your data is legally mandatory in some cases, we will inform you of this separately.

2. Purpose of data processing

The purpose of data processing is to provide you with the web shop and offer goods and services, as well as to process your orders. Additionally, we process your personal data for marketing and analytical purposes.

3. Legal basis for data processing

The legal basis for the processing of personal data is the conclusion and fulfilment of the purchase contract for the ordered goods, Art. 6(1)(b) GDPR.

Insofar we obtain your consent for the processing of personal data, Art. 6(1)(a) GDPR serves as the legal basis.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for fulfilment of the purchase contract (including customer service and warranty), unless we are legally obliged to store them, e.g. due to commercial or tax law retention requirements.

5. Excersing your rights

As a user you have the possibility to cancel the registration at any time. You can request a change to the data stored about you at any time. If you wish to delete your account, please contact us by email at datenschutz@seeberger.de.
If the data is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, a premature deletion of the data is only possible insofar as contractual or legal obligations do not stand in the way of a deletion.
You can revoke your consent at any time be sending us an email at datenschutz@seeberger.de.

Guest Orders

1. Description and scope of data processing

If you would like to order goods from our online shop, you have the option of registering for our customer account or processing the order via the guest checkout. If you choose the guest checkout, the following data will be processed:
• E-mail or mobile phone number
• Country / Region
• First name
• Last name
• Company (optional)
• Street and house number
• Postcode
• City / Town
• Telephone (optional)
• Payment method
• Shopping basket

2. Purpose of data processing

The guest checkout is used to process purchases and orders in our online shop. You do not need to register for a customer account to use the guest checkout.

3. Legal basis for data processing

Your personal data is collected to conclude a contract with you as a guest. The legal basis for data processing is therefore Art. 6(1)(b) GDPR.

Service provider

We offer a web shop on our website. For this purpose, we use the software of a service provider Shopify Inc., a Canadian company with its registered office at 151 O’Connor Street, Ground floor, Ottawa, ON, K2P 2L8, Canada, its Singapore-based affiliate Shopify Commerce Singapore Pte. Ltd. and its Irish affiliate Shopify International Ltd. (hereinafter referred to as Shopify).

According to the provider, the personal data of users who are resident in the European Economic Area is processed by Shopify International Ltd., the Shopify affiliate in Ireland. It is not excluded that this personal data is transferred to other regions, including Canada and the United States. The transfer of personal data to Canada is based on the adequacy decision of the European Commission of 20 December 2001. If Shopify transfers your personal data to an unsafe country, such as the USA, these transfers will be in accordance with the respective data protection laws.

Further information can be found in the provider's privacy policy:

https://www.shopify.com/de/legal/datenschutz

Information about the browser type and the version used
• The user's operating system
• The Internet service provider of the user
• Date and time of access
• Web pages from which the user's system accessed our website
• Web pages the user's system accessed through our website

This data will not be merged with other data sources. The data is collected on the basis of Art. 6(1)(f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our website – and server log files are therefore recorded. We have concluded a data processing agreement with the relevant service provider.

Shipping service providers

1. Description and scope of data processing

We use shipping service providers to deliver the goods ordered in our web shop. This means that your personal data, such as first and last name, company (optional), country / region, address including postcode, city, mobile phone number, e-mail address, will be transmitted to the respective service provider. You will be contacted by us by e-mail for the purpose of package notification.

2. Purpose of data processing

The purpose of processing personal data is to confirm receipt of the order and dispatch of the goods and to enable the dispatch and shipping service providers to inform recipients about the progress of the shipment by e-mail or to arrange a delivery date, thus increasing the likelihood of successful delivery.

3. Legal basis for data processing

The legal basis for data transfer is Art. 6(1)(b) GDPR, as the processing of the data is necessary for the execution of the contract.

4. Duration of storage

We will delete your personal data as specified above as soon as the purpose of the processing no longer applies and there are no longer any legal retention periods for (further) storage. The data transmitted will be deleted by the respective service provider if the parcel could be delivered.

5. Exercising your rights

You can cancel the notification service provided by the delivery service at any time. For this purpose, an opt-out link is provided in every e-mail.

X. Payment options

1. Description and scope of data processing

We offer our customers various payment options for processing their orders. Depending on the payment option, we transfer customers to the platform of the payment service provider in question.

Payment via Mollie

In order to be able to offer as many different online payment methods as possible and to manage payments, we use the following payment service provider:

• Mollie B.V., Keizersgracht 126, 1015CW Amsterdam, Netherlands (hereinafter referred to as Mollie).

Mollie complies with the requirements of the Payment Card Industry (PCI) Data Security Standards and has been certified by an independent PCI Qualified Security Assessor.

With Mollie, you have the choice between the following payment methods:

• Klarna Invoice and Klarna Pay Now
• Credit card
• SEPA transfer

Mollie processes data about you when you use Mollie's services and/or you provide Mollie with personal data. The data provided to Mollie is usually:
• Payment details, such as bank details or credit card number
• IP address
• Internet browser and device type
• First and last name
• Address data
• E-mail address and/or telephone number
• Information about the product or service you have purchased
• Other personal data that you actively provide.

Further information on the processing of your personal data by Mollie can be found in Mollie’s privacy policy at: https://www.mollie.com/at/privacy

Payment via PayPal

It is possible to process payment transactions with the payment service provider PayPal.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg (hereinafter referred to as PayPal).
If you choose PayPal as your payment method, your data required for the payment process is automatically transmitted to PayPal. Following data is processed:

• First and last name
• Address
• E-mail address
• Telephone/mobile phone number
• IP address
• Validity date
• Number of items
• Article number
• Data on goods and services
• Transaction amount and tax
• Information on previous purchasing behaviour

The data transmitted to PayPal may be transmitted by PayPal to credit agencies. The purpose of this transmission is a check of identity and credit score.

PayPal may also share your information with third parties to the extent necessary to fulfil your contractual obligations or to process the information on behalf of PayPal. When transferring your personal information within companies affiliated with PayPal, the Binding Corporate Rules, approved by the relevant regulatory authorities, apply. You can find them here:
https://www.paypal.com/de/webapps/mpp/ua/bcr

Other data transfers may be used on contractual safeguards. For further information, please contact PayPal. All PayPal transactions are subject to PayPal’s privacy policy. You can find it at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full/.

2. Purpose of data processing

The transmission of payment data to payment service providers serves to process payments, e.g. if you purchase a product and/or use a service.

3. Legal basis for data processing

The legal basis for data processing is Art. 6(1)(b) GDPR, since the processing of the data is necessary for the execution of the concluded sales contract.

4. Duration of storage

All payment data as well as data on possible chargebacks are only stored as long as they are required for payment processing and a possible processing of chargebacks and debt collection as well as for combating misuse. Furthermore, payment data may be stored beyond this if and as long as this is necessary to comply with statutory retention periods or to prosecute a specific case of misuse. Your personal data will be deleted at the end of the statutory retention period.

5. Exercising your rights

If the data is required to fulfil a contract or to carry out pre-contractual measures, premature deletion of the data is only possible if it does not conflict with contractual or legal obligations.

XI. Newsletter

1. Description and scope of data processing

You can subscribe to our newsletter free of charge. When you subscribe for the newsletter, the data from the input mask is transmitted to us. We use the Brevo software from the provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin (hereinafter referred to as Brevo) to provide the newsletter input mask and to send newsletters. We have concluded a data processing agreement with the provider.

The newsletter is sent out based on the user’s registration and purchase of goods and services.

We collect the following data from you in order to provide this service:
• First name and last name
• Email address
• Date and time of subscription

For the processing of data, your consent is obtained during the registration process and reference is made to this privacy policy.

No data will be passed on to third parties in connection with data processing for the dispatch of newsletters. The data will be used exclusively for sending the newsletter.

2. Purpose of data processing

Personal data is collected to deliver the newsletter to the recipient.

3. Legal basis for data processing

The legal basis for the processing of the data after the user has registered for the newsletter is Art. 6 (1) (a) GDPR if the user has given his or her consent via double-opt-in.

As part of the double opt-in process, you will then receive an e-mail from us to confirm your registration via a link contained therein. This process serves to prove that you are the owner of the e-mail address provided during registration and that you have consented to receive the newsletter. In this process, the date and time of your confirmation will be stored by us.

4. Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Your date (email address, name) is therefore stored as long as the subscription to the newsletter is active. If you do not confirm your registration, your data will be deleted within 24 hours. The other personal data collected during the registration process is generally deleted after a period of seven days.

5. Exercising your rights

The subscription for the newsletter can be cancelled by the data subject at any time. For this purpose, every newsletter contains an opt-out link. You can revoke your consent also by email to datenschutz@seeberger.de.

Through this, it is also possible to withdraw the consent to the storage of personal data collected during the registration process.

XII. Contact via Email

1. Description and scope of data processing

You can contact us via the email address provided on our website. In this case, the user's personal data transmitted with the email will be stored. The data will be used exclusively for processing of the conversation.

2. Purpose of data processing

Your personal data is stored for the purpose of processing the request transmitted with your communication and, if necessary, to contact you.

3. Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6(1) (f) GDPR. Our legitimate interest is to respond appropriately to contact requests. If the email contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6(1) (b) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer for the purpose of collection. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been conclusively resolved.

5. Exercising your rights

If the user contacts us by email, he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued. In this case, all personal data stored in the course of establishing contact will be deleted.

XII. Newsletter via WhatsApp

1. Description and scope of data processing

If you use the mobile version of our website, i.e. the version of our website specially adapted for smartphones and tablets, you can register for our WhatsApp newsletter.
We collect the following data:
• First name and last name
• Mobile phone number
• Date and time of subscription
• Email address (voluntary)
After completing your registration, you may also provide your email address; however, this is optional.
The WhatsApp newsletter is sent via our WhatsApp Business account using the Charles tool (Charles GmbH, Berlin). Charles is a service provider that provides us with access to the WhatsApp Business API as well as support and consulting services. We have concluded a contract with Charles for order processing in accordance with Art. 28 GDPR.
No data will be passed on to third parties in connection with data processing for the dispatch of newsletters. The data will be used exclusively for sending the WhatsApp newsletter and for measuring its success.

2. Purpose of data processing

Personal data is collected for the purpose of sending the WhatsApp newsletter and evaluating the success of the newsletter. The voluntary provision of your email address serves exclusively to determine whether you have already subscribed to our email newsletter.

3. Legal basis for data processing

The legal basis for processing your data after you register for the newsletter is Art. 6 (1) (a) GDPR, provided that you give your consent via the double-opt-in procedure.
As part of this procedure, you will send us a start message via WhatsApp after registering. You then confirm your registration by clicking "Yes". If you do not wish to complete the double opt-in, click "No".
This process verifies that you are the owner of the mobile phone number provided.

4. Duration of storage

Your data will be stored for as long as the WhatsApp subscription is active. If the registration is not confirmed, we will delete your data within 24 hours. Other personal data collected during the registration process will generally be deleted after seven days.

5. Exercising your rights

You can withdraw your consent to receive the WhatsApp newsletter at any time by sending us the word "Stop". You can revoke your consent also by email to datenschutz@seeberger.de.
Through this, it is also possible to withdraw consent to the storage of personal data collected during the registration process.

6. Information on the use of WhatsApp

The use of WhatsApp in connection with the newsletter subscription is based on your personal settings and your agreements with WhatsApp.
The service provider responsible for the European area is WhatsApp Ireland Limited, 4 Grand Canal Harbour, Dublin 2, Ireland. The parent company, Meta Platforms Inc., Menlo Park, California, USA, is certified under the EU-U.S. Data Privacy Framework.
Further information on data processing by WhatsApp can be found in their privacy policy: https://www.whatsapp.com/legal/privacy-policy-eea

XIII. Contact form for general enquiries and complaints

1. Description and scope of data processing

We use the software TYPO3 from the provider PLUSPOL Interactive GbR, Floßplatz 4, 04107 Leipzig, Germany, to provide and host the contact forms. We have concluded a data processing agreement with the provider. If a user makes use of this option, the data entered in the contact form will be transmitted to us and stored.
When sending the message, the following data will also be stored:
• Issue
• Salutation, title (optional)
• First name and last name
• Email
• Telephone / mobile number (optional)
• Message / request
• IP address
• Date and time of contact

If the user reports a problem or complaints about one of our products using the complaints form, the following additional data will be collected:
• Product description
• Optional information about the product (best before date, batch code, production code, pack size, place of purchase, existence of the goods, photo of the goods in question)
• Reason for complaint
• Address (street and house number, city, country, postcode)

2. Purpose of data processing

The processing of personal data from the contact form serves us exclusively to process the contact. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

3. Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending a contact form is Art. 6(1) (f) GDPR. Our legitimate interest is to respond appropriately to contact requests.
The legal basis for the processing of data transmitted via our complaints form is Art. 6(1) (b) GDPR (fulfilling of a contract with you).

4. Duration of storage

The data will be deleted as soon as it is no longer for the purpose of collection. For the personal data sent via the contact form, this is the case when the respective conversation with the user has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been conclusively clarified. The statutory retention periods remain unaffected.

5. Exercising your rights

If the user contacts us via the contact form, he or she can object to the storage of his or her personal data at any time by sending an email to datenschutz@seeberger.de. In such a case, the conversation cannot be continued. In this case, all personal data stored in the course of establishing contact will be deleted.

XIV. Company profiles on social networks

1. Use of company presences on social networks

We use a company presence on the following social networks:

Facebook: Part of Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland (hereinafter referred to as Facebook)

TikTok: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (hereinafter referred to as TikTok)

Instagram: Part of Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland (hereinafter referred to as Instagram)

YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as YouTube)

Pinterest: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (hereinafter referred to as Pinterest)

The providers listed here that have a parent company in the USA (Meta Platforms and Google) have joined the Trans-Atlantic Data Privacy Framework (TDPF; data protection agreement between the EU and the USA), so that an appropriate level of data protection is guaranteed for data processing and the conclusion of standard contractual clauses (SCCs) is not necessary.

According to its own information, Pinterest is a global service. By using Pinterest's products and services, personal data is transferred to and stored in third countries, including the United States. Pinterest transfers the data using appropriate safeguards, including adequacy decisions and Standard Contractual Clauses (SCCs) of the European Commission.

The privacy policies for our Facebook and TikTok company pages can be found at the following links:

Facebook: https://www.facebook.com/seeberger.de/about_privacy_and_legal_info

TikTok:
https://www.tiktok.com/@seeberger_de

On our company profiles we provide information and offer Instagram / YouTube / Pinterest users the possibility of communication. If you carry out an action on one of our social media company profiles (e.g. comments, contributions, likes, etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or largely have no influence on the processing of your personal data by Instagram, YouTube, or Pinterest, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

For further information on the processing of your personal data by Instagram, Youtube, or Pinterest, please click here:

Instagram: https://privacycenter.instagram.com/policy

YouTube: https://business.safety.google/privacy/

Pinterest: https://policy.pinterest.com/de/privacy-policy-2023

2. Purpose of data processing

Our corporate social profile in social networks is used for communication and information exchange with (potential) customers. The publications on the company profile can contain the following content:
• Information about products
• Sweepstakes
• Information/content relevant to the company
• Advertisement

Each user is free to publish personal data through their activities. The data generated on the company profile is not stored in our own systems.

3. Legal basis for data processing

As far as we process your personal data in order to evaluate your online behavior, to offer you sweepstakes or to conduct lead campaigns, this is done on the basis of your express declaration of consent, Art. 6(1)(a), Art. 7 GDPR. The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6(1)(f) GDPR. Thereby, our legitimate interest is to answer your request optimally or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6(1)(b) GDPR.

4. Duration of storage

We store your activities and personal data published on our Instagram / YouTube / Pinterest company profile until you revoke your consent and as long as this is necessary for the stated purposes. In addition, we comply with the statutory retention periods and store the data for as long as any legal claims have not yet become time-barred, for the purpose of asserting or defending such claims.

5. Exercising your rights

You can revoke your consent at any time without giving any reason. Revoking your consent does not affect the lawfulness of the processing carried out on the basis of your consent up to the time of revocation.
You can object at any time to the processing of your personal data that we collect within the framework of your use of our corporate profiles in social networks. To do so, please send us an email to shop@seeberger.de.

For further information on the processing of your personal data by Instagram, YouTube and Pinterest and the corresponding objection options, please click here:

Instagram: https://privacycenter.instagram.com/policy

YouTube: https://business.safety.google/privacy/

Pinterest: https://policy.pinterest.com/de/privacy-policy-2023

XVI. Integrated third-party services

We use various service providers to deliver the service we offer through the website. When using some service providers, personal data may be transferred to servers in third countries outside the EU/EEA, such as the USA.

To ensure appropriate safeguards for the protection of the transfer and processing of personal data outside the EU, we either rely on the standard contractual clauses or the EU-US Data Privacy Framework, depending on specific service provider. You can request a copy of the standard data protection clauses by sending an email to datenschutz@seeberger.de.

The third-party services listed below, which have Meta Platforms, Inc. or Goole LLC as their parent company in the USA, participate in the EU-US Data Privacy (data protection agreement between the EU and the USA), so that an appropriate level of data protection is guaranteed for data processing and the conclusion of standard contractual clauses is not necessary.

Use of Google Marketing Platform

1. Description and scope of data processing

We use Google Marketing Platform of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google). Google places a cookie on your computer. This allows personal data to be stored and analysed, including
• the user's activity (in particular which pages have been visited and which elements have been clicked on)
• device and browser information (in particular the IP address and operating system)
• data on the displayed advertisements (in particular which advertisements were displayed and whether the user clicked on them) and
• data from advertising partners (in particular pseudonymised user IDs).

Due to the marketing tools used, your browser automatically establishes a direct connection with Google's server.
We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will learn and store your IP address.

You can obtain further information on the processing of data by Google here:
https://business.safety.google/privacy/

2. Purpose of data processing

We use the Google Marketing Platform to serve users with relevant ads, to improve campaign performance reports or to avoid users seeing the same ads multiple times.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

4. Duration of storage

The Google Marketing Platform stores your data until the stated purpose has been fulfilled, with a maximum storage period of 18 months.

5. Exercising your rights

You have the right to revoke your consent under data protection law at any time. The revocation of consent does not affect the legality of processing carried out on the basis of the consent until revocation.

You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/

Use of Google Ads, incl. Google Ads Remarketing

1. Description and scope of data processing

We use Google Ads, including Google Ads Remarketing, of Google Ireland Limited, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). We use this service to place advertisements. Google Ads is used to retarget visitors of the online presence for advertising purposes through Google Ads campaigns. Google Ads can be used to create target groups ("similar target groups") that have, for example, accessed certain pages. This allows to identify the user on other online resources and to display targeted advertising, i.e. personalised advertising. Google places a cookie on the user's computer. These cookies can be used for both personalised and non-personalised advertising. This allows personal data to be stored and evaluated, in particular the user's activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and operating system), data on the displayed advertisements (in particular which advertisements have been displayed and whether the user has clicked on them) and also data from advertising partners (in particular pseudonymised user IDs).

For further information on how Google processes data when you have given your consent via our Consent Manager, please click here: https://business.safety.google/privacy/

2. Purpose of data processing

We only receive information about the total number of users who have responded to our advertisement. No information is passed on that could be used to identify you. The use of this information is not for the purpose of tracking.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/

Use of Google Ads Conversion Tracking

1. Description and scope of data processing

We use Google Ads Conversion Tracking of Google Ireland Limited, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). We use Google Conversion Tracking to show what happens after a user ineratcs with our ad campaigns – whether they purcahse a product, sign up for the newsletter, call us via telephone, or download an app.
You can obtain further information on the processing of data by Google here:
https://business.safety.google/privacy/

2. Purpose of data processing

The use of Google Ads Conversion Tracking serves to find out which keywords, ads, ad groups and campaigns are best suited to trigger valuable customer activity, to understand the return on investment (ROI) and to make more informed decisions about ad spending by using Smart Bidding Strategies (such as Maximise Conversions, Target CPA and Target ROAS) that automatically optimise campaigns. This also allows us to find out how many customers interact with ads on one device or browser and convert on another.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout? hl=en

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.com

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/

Use of Google Analytics 4 (GA4) incl. Google Analytics Remarketing

1. Description and scope of data processing

We use Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google Analytics / Google).

By using Google Analytics, we analyze, among other things, the origin of visitors, the time they spend on individual pages and the use of search engines. This allows us to better monitor the success of advertising campaigns. It also enables us to evaluate the use of our online presence in order to compile reports on your activities and to use other Google services associated with the use of our online presence and the internet.

Google sets cookies on your terminal device. During the visit, user behavior is recorded in the form of "events". This allows personal data to be stored and analyzed, including:
• First visit to the website
• Interaction with the website, usage path
• Clicks on external links
• Video usage
• File downloads
• Ad clicks and ad impressions
• Scroll behavior (if to end of page)
• Searches on the website
• Language selection
• Page visits
• Location (region)
• Your IP address (in shortened form)
• Technical information about your browser and the terminal devices you use (e.g. language setting, screen resolution)
• Your internet provider
• Referrer URL

We use the User ID feature. User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and analyse user behaviour across devices.

We use Google Signals. This captures additional information in Google Analytics about users who have personalised ads enabled (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.

IP address anonymization is activated by default in GA 4. This means that your IP address will be shortened by Google within the member states of the European Union or other parties to the Agreement on the European Economic Area. As an exception, only in rare cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google states that the IP address transmitted by your browser will not be merged with other Google data in the context of Google Analytics.

We also use Google Analytics Remarketing as part of Google Analytics, whereby the data collected and evaluated about you is used to play targeted advertising to you. Google Remarketing is used to retarget visitors to the online presence for advertising purposes via Google Ads campaigns. Google Ads Remarketing can be used to create target groups ("similar target groups") that have, for example, accessed certain pages. This makes it possible to identify the user on other online presences and display targeted advertising.

You can obtain further information on the processing of data by Google here: https://business.safety.google/privacy/

2. Purpose of data processing

We use Google Analytics, including Google Analytics Remarketing, to evaluate the use of our online presence to generate reports on the activities on our website. The reports enable the targeted playout of advertising, to the people who have already expressed an initial interest through their page visit.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

You can find further information on objection and removal options for Google at: https://policies.google.com/technologies/partner-sites

Use of Google Tag Manager

1. Description and scope of data processing

We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). With Google Tag Manager, tags from Google and third-party services can be managed and bundled and embedded on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behaviour, capture the impact of online advertising and social channels, use remarketing and targeting and test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user's browser. It contains statements about which tags are to be triggered. Google Tag Manager triggers other tags that may themselves collect data. You will find the information on this in the sections on the use of the corresponding services in this privacy policy. Google Tag Manager does not access this data.

For more information about Google Tag Manager, please visit: https://www.google.com/intl/de/tagmanager/ and see Google's privacy policy: https://business.safety.google/privacy/.

2. Purpose of data processing

The purpose of the processing of personal data lies in the collected and clear administration as well as an efficient integration of the services of third parties.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

4. Duration of storage

Ihre persönlichen Informationen werden so lange gespeichert, wie dies erforderlich ist, um die in dieser Datenschutzerklärung beschriebenen Zwecke zu erfüllen oder wie dies gesetzlich vorgeschrieben ist. Werbedaten in Serverprotokollen werden anonymisiert, indem Google nach eigenen Angaben Teile der IP-Adresse und Cookie-Informationen nach 9 bzw. 18 Monaten löscht.

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/

Use of Google Maps

1. Description and scope of data processing

We use the online map service Google Maps of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google). We use the Google Maps plugin to display the delivery address in order to avoid address errors and minimise the number of returns. Through the use of Google Maps on our online presence, information about the use of our online presence, your IP address and addresses entered with the route plan function are transmitted to a Google server and stored there.
Further information on the processing of data by Google can be found here:
https://business.safety.google/privacy/

2. Purpose of data processing

The use of the Google Maps plug-in serves to improve user friendliness and an appealing presentation of our online presence.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law.

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/

Use of Google ReCaptcha

1. Description and scope of data processing

We use Google ReCaptcha of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of this tool is to verify that a data entry is compliant and has not been made by a bot. For this purpose, Google ReCaptcha analyzes and authenticates the behavior of a website visitor with respect to various characteristics. This allows personal data to be stored and evaluated, in particular the user's activity (in particular mouse movements and which elements have been clicked on) and device and browser information (in particular time, IP address and operating system).

For more information about the collection and storage of data by Google, please visit:
https://business.safety.google/privacy/

2. Purpose of data processing

The use of Google ReCaptcha serves to protect our online presence from misuse.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/

Use of Google Fonts

1. Description and scope of data processing

Wir use Google web fonts of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The web fonts are transferred to the browser's cache when the page is called up in order to be able to use them for the visually improved display of various information. If the browser does not support Google Web Fonts or does not allow access, the text will be displayed in a default font. When the page is accessed, no cookies are stored for the online presence visitor. Data transmitted in connection with the page view is sent to resource-specific domains such as https://fonts.googleapis.com or https://fonts.gstatic.com. It may be used to store and analyse personal data, in particular user activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular IP address and operating system).

For more information about the collection and storage of data by Google, please visit:
https://business.safety.google/privacy/

2. Purpose of data processing

The use of Google web fonts serves an appealing representation of our texts. If your browser does not support this feature, a standard font will be used by your computer to display it.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/

Use of the Trusted Shops Seal of Approval with Reviews

1. Description and scope of data processing

We use the Trusted Shops Trustbadge to display our Trusted Shops seal of approval and any collected reviews, as well as to offer Trusted Shops products to buyers after an order. The Trustbadge and the services advertised with it are an offer from Trusted Shops AG, Subbelrather Str. 15c, 50823 Cologne, Germany (hereinafter referred to as Trusted Shops). When the trust badge is accessed, the web server automatically stores a so-called server log file, which contains, for example, your IP address, the date and time of the access, the amount of data transferred and the requesting provider (access data) and documents the access.

Other personal data is only transferred to Trusted Shops if you have given your consent to this, if you decide to use Trusted Shops products after completing an order, or if you have already registered to use them. In this case, the contractual agreement between you and Trusted Shops applies.
You can find more information about how Trusted Shops processes data here:
https://www.trustedshops.de/impressum-datenschutz/

2. Purpose of data processing

The use of Trusted Shops serves to optimise the marketing of our products.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

4. Duration of storage

The access data is automatically deleted no later than 90 days after you have visited the site.

You can prevent the collection as well as the processing of your personal data by Trusted Shops by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

You can find further information on objection and removal options for Trusted Shops at:
https://www.trustedshops.de/impressum-datenschutz/

Use of Crazy Egg

1. Description and scope of data processing

We use Crazy Egg, an online marketing analysis tool from Crazy Egg, Inc., 16220 E. Ridgeview Lane, La Mirade CA 90638, USA (hereinafter referred to as Crazy Egg). This service allows us to analyse your mouse movements and clicks when you visit our website, the pages you view or visit, including the duration of your visits. Crazy Egg uses this information to create so-called heat maps, which can be used to determine which areas of our website visitors prefer to look at.
Furthermore, Crazy Egg can be used to determine at which point you have cancelled your entries in a contact form or to obtain direct feedback from you.
Crazy Egg uses technologies that enable the user to be recognised for the purpose of analysing user behaviour (e.g. cookies or the use of device fingerprinting).

For more information about how Crazy Egg processes data, please visit:
https://www.crazyegg.com/privacy.

2. Purpose of data processing

The use of Crazy Egg serves to analyse user behaviour when visiting our website and to optimise advertising measures.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can prevent the collection as well as the processing of your personal data by Crazy Egg by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

You can disable the use of your personal data by Crazy Egg using the following link: https://www.crazyegg.com/opt-out. Please note that Crazy Egg must be disabled individually for each browser or device.

You can find further information on objection and removal options for Crazy Egg at: https://www.crazyegg.com/privacy

Use of YouTube

1. Description and scope of data processing

We use the YouTube plugin operated by Google from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (hereinafter referred to as YouTube / Google).

We use the plugin from YouTube to embed videos from YouTube on our online presence. When you visit our website, your browser connects to YouTube's servers. It may be used to store and analyse personal data, in particular user activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular IP address and operating system)

We have no influence on the content of the plug-in. If you are logged into your YouTube account during your visit, YouTube can assign your online presence visit to this account. By interacting with this plugin, this corresponding information is transmitted directly to YouTube and stored there.

Further information on the collection and storage of data by Google can be found here: https://business.safety.google/privacy/

2. Purpose of data processing

The use of the YouTube PlugIn serves the improvement of the user friendliness and an appealing representation of our on-line operational readiness level.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR. Cookies are only set when you click "Play."

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

You can find further information on objection and removal options for Google at: https://business.safety.google/privacy/.

Use of Meta-Pixel, incl. Facebook Retargeting

1. Description and scope of data processing

We use the Meta pixel (formerly Facebook pixel), an analysis tool for measuring the effectiveness of advertising by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter referred to as Meta pixel), on our website. The pixel analyses all actions that users perform on our website, e.g. accessing a page or adding an item to the shopping basket. This service allows us to track the actions of users after they have seen or clicked on a Facebook ad. In addition, we use the Facebook Conversion Tracking and Retargeting features. Based on the actions performed by users on our website, we can divide users into groups (custom audiences). This allows us to optimise our advertising efforts. Facebook retargeting reminds users of products they have searched for or viewed but not purchased.

Meta Platforms cookies are stored on your device.
This allows personal data to be stored and evaluated, in particular
• the user's activity (in particular which pages have been visited and which elements have been clicked on)
• pages visited and actions performed
• device and browser information (in particular the IP address and operating system)
• data on the adverts displayed (in particular which adverts were displayed and whether the user clicked on them) and
• data from advertising partners (in particular pseudonymised user IDs). This enables us to record the effectiveness of Facebook adverts for statistical and market research purposes.

Data may be transferred to Meta Platforms servers in the USA.
The data collected in this way is anonymous for us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Meta Platforms. Meta Platforms may link this information to your Facebook account and may also use it for its own promotional purposes in accordance with the Data Usage Policy of Meta Platforms.

For more information about how Meta Platforms processes data, please visit:
https://www.facebook.com/privacy/policy/

2. Purpose of data processing

The use of the Meta pixel serves the analysis and optimisation of advertising measures. The use of Facebook retargeting allows us to place advertisements on various platforms and analyse the interaction of users with these advertisements. This enables us to display personalised and therefore more relevant advertisements to users.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can prevent the collection as well as the processing of your personal data by Meta Platforms by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

You can find further information on objection and removal options for Meta Platforms at:
https://www.facebook.com/privacy/policy/

Use of Facebook Comments

1. Description and scope of data processing

We use Facebook Comments, the comment plugin from Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. We use this plugin to enhance the functionality of our online presence. Users can use Facebook Comments to comment on content on our online presence with their Facebook account. This allows personal data to be stored and analysed, in particular the user's activity (in particular which pages have been visited and which elements have been clicked on) as well as device and browser information (in particular the IP address and the operating system). We have no information about the exact scope of the collection of personal data.

For more information about how Meta Platforms processes data, please visit:
https://www.facebook.com/privacy/policy/.

2. Purpose of data processing

The use of the Facebook Comment Plugin serves to improve the user-friendliness of our online presence. We use this plugin to be able to offer an embedded comment function directly on Facebook without users having to leave our online presence.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can find further information on objection and removal options for Meta Platforms at: https://www.facebook.com/privacy/policy/.

Use of Instagram Plugin

1. Description and scope of data processing

We use the Instagram plugin from Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter referred to as Instagram).

We use the integrated Instagram buttons to enable a link to our Instagram profile.

A widget is also integrated that allows us to display certain photos and videos from our Instagram profile on our website. When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to a Facebook server. The content of the plugins is transmitted directly to your browser and integrated into the website. Data is automatically transmitted to Instagram and stored on their servers. This data includes connection data (such as your IP address, date and time, the URL accessed) as well as the browser and operating system used. This means that Instagram can track your visit to our pages, even if you do not actively use the plugin functions. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This enables Instagram to associate your visit to our pages with your user account. If you do not want this direct association, you must log out of Instagram before visiting our online presence.

For more information, please refer to the data policy of Instagram: https://help.instagram.com/155833707900388 and Meta Platforms: https://privacycenter.instagram.com/policy

2. Purpose of data processing

The use of the Instagram plugin serves to improve the external image of our company.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can prevent the collection as well as the processing of your personal data by Instagram by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

You can find further information on objection and removal options for Instagram at:
https://help.instagram.com/155833707900388

Use of TikTok Pixel

1. Description and scope of data processing

We use the TikTok pixel, a tracking tool provided by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380 Ireland (hereinafter referred to as the TikTok pixel). The TikTok pixel helps us to measure and optimise our advertising campaigns on TikTok and thereby find new customers. The TikTok pixel works by creating a cookie in your browser when you visit our website. The following data will be collected and stored:
• Advertising/event information: information about the ad that a person clicked on TikTok or an event that was triggered
• Time at which the pixel event was triggered
• IP address
• User agent
• Metadata and button clicks

For more information on the cookies that are set, please refer to TikTok's data policy: https://www.tiktok.com/legal/page/eea/privacy-policy/

2. Purpose of data processing

The use of the TikTok plugin serves to improve the external image of our company.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can find further information on objection and removal options for TikTok at: https://www.tiktok.com/legal/page/eea/privacy-policy/de

Use of Pinterest Plugin

1. Description and scope of data processing

We use the Pinterest plugin provided by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (hereinafter referred to as Pinterest).

We use the integrated Pinterest buttons to enable a link to our Pinterest profile.

A widget is also integrated, which enables us to display certain content from our Pinterest profile on our website. When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to a Pinterest server. The plugin content is transmitted directly to your browser and integrated into the website. In doing so, data is automatically transmitted to Pinterest and stored on their servers. This data includes connection data (such as your IP address, date and time, the URL accessed) as well as the browser and operating system used. This means that Pinterest can track your visit to our pages, even if you do not actively use the plugin functions. If you are logged into your Pinterest account, you can link the content of our pages to your Pinterest profile by clicking on the Pinterest button. This enables Pinterest to assign your visit to our pages to your user account. If you do not want this direct assignment, you must log out of Pinterest before visiting our online presence.

For more information about how Pinterest processes data, please visit: https://policy.pinterest.com/de/privacy-policy

2. Purpose of data processing

The use of the Pinterest plugin serves to improve the external image of our company.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is, in principle, the user’s consent in accordance with Art. 6(1) (a) GDPR.

You can prevent the collection as well as the processing of your personal data by Pinterest by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

You can find further information on objection and removal options for Pinterest at: https://policy.pinterest.com/de/privacy-policy

XVII. Integration of plugins via external service providers

1. Description and scope of data processing

We integrate certain plugins on our website via external service providers in the form of content delivery networks. When you access our website, a connection is established to the servers of the providers used by us to retrieve content and store it in the cache of the user's browser. This allows personal data to be stored and evaluated in server log files, in particular device and browser information (e.g. IP address and operating system). We use the following services:
• JsDelivr of Volentio JSD Limited, Suite 2a1, Northside House, Mount Pleasant, Barnet, the United Kingdom, EN4 9EB.

2. Purpose of data processing

The use of the functions of these services serves the delivery and acceleration of online applications and content.

3. Legal basis for data processing

This data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a justified interest in the technically correct presentation and optimization of the website.

4. Duration of storage

Your personal information will be retained for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law.

5. Exercising your rights

You can find information about objection and removal options regarding JsDelivr at:
https://www.jsdelivr.com/terms/privacy-policy

XVIII. Changes to this privacy policy

We reserve the right to make changes to this privacy policy at any time. The privacy policy is updated regularly, and all changes are automatically published on our website.

This privacy policy has been created with the assistance of DataGuard