Description

Privacy Policy

1) Introduction and Contact Details of the Controller 1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data are all data with which you can be personally identified.

2) Data Collection When Visiting Our Website 2.1 When using our website for purely informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the server (so-called “server log files”). When you access our website, we collect the following data that are technically necessary for us to display the website to you:

Our visited website

Date and time of access

Amount of data sent in bytes

Source/reference from which you reached the page

Used browser

Used operating system

Used IP address (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently if there are concrete indications of illegal use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser line.

3) Cookies To make visiting our website attractive and to enable the use of certain functions, we use cookies, small text files stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called “session cookies”), while others remain on your device longer and enable saving page settings (so-called “persistent cookies”). In the latter case, you can find out the storage duration from the overview of cookie settings in your web browser.

If personal data are also processed by individual cookies we use, processing is carried out in accordance with Art. 6(1)(b) GDPR either for the performance of the contract, in accordance with Art. 6(1)(a) GDPR in the case of consent given, or in accordance with Art. 6(1)(f) GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

You can set your browser to inform you about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

4) Contacting Us 4.1 Own Review Reminder

Based solely on your express consent in accordance with Art. 6(1)(a) GDPR, we use your email address to remind you once to submit a review of your order. You can revoke your consent at any time by sending a message to the controller for data processing.

4.2 Own Function for Online Appointment Booking

We process your personal data within the framework of the provided online appointment booking. Which data we collect for the online appointment booking can be seen from the respective input form or the appointment inquiry for the appointment booking. If certain data are necessary to make an online appointment booking, we will indicate this accordingly in the input form or in the appointment inquiry. If we provide a free text field in the input form, you can describe your request in more detail. You can then control which data you additionally want to enter. The data you provide will be stored and used exclusively for the purpose of making an appointment. In the case of processing personal data necessary for the performance of a contract with you (this also applies to processing operations required for carrying out pre-contractual measures), Art. 6(1)(b) GDPR serves as the legal basis. If you have given us consent for processing your data, the processing is based on Art. 6(1)(a) GDPR. A given consent can be revoked at any time by sending a message to the controller mentioned at the beginning of this declaration.

4.3 When contacting us (e.g., via contact form or email), personal data are collected. Which data are collected in the case of a contact form can be seen from the respective contact form. These data are stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration.

The legal basis for processing these data is our legitimate interest in responding to your request in accordance with Art. 6(1)(f) GDPR. If your contact aims to conclude a contract, an additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted after the final processing of your inquiry. This is the case if it can be inferred from the circumstances that the relevant matter has been conclusively clarified and provided there are no statutory retention obligations.

5) Use of Customer Data for Direct Advertising 5.1 Subscription to Our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. Providing further data is voluntary and is used to address you personally. We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you an email newsletter if you have explicitly confirmed that you agree to receive newsletters. We will then send you a confirmation email asking you to confirm that you wish to receive the newsletter in the future by clicking on a corresponding link.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6(1)(a) GDPR. When you subscribe to the newsletter, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration to trace possible misuse of your email address at a later date. The data collected by us when subscribing to the newsletter are used exclusively for promotional purposes in the form of the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a message to the controller mentioned at the beginning. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

5.2 Newsletter Dispatch to Existing Customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services, such as those already purchased, from our range by email. According to § 7(3) UWG, we do not need to obtain separate consent from you for this. The data processing is based solely on our legitimate interest in personalized direct advertising in accordance with Art. 6(1)(f) GDPR. If you have initially objected to the use of your email address for this purpose, no mail will be sent by us.

You are entitled to object to the use of your email address for the above-mentioned advertising purpose at any time with effect for the future by notifying the controller mentioned at the beginning. You only incur transmission costs according to the basic tariffs for this. Upon receipt of your objection, the use of your email address for advertising purposes will immediately cease.

6) Online Marketing Google AdSense

This website uses Google AdSense, a web advertising service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google AdSense uses cookies, which are text files stored on your computer, to help analyze how users use the website. Google AdSense also uses so-called “web beacons” (small invisible graphics) to collect information. Through the use of web beacons, simple actions such as visitor traffic on the website can be recorded, collected, and evaluated. The information generated by the cookie and/or web beacon (including your IP address) about your use of this website is usually transmitted to a Google server and stored there. This may also result in transmission to the servers of Google LLC in the USA.

Google uses the information obtained to evaluate your usage behavior with regard to the AdSense ads. The IP address transmitted by your browser in the context of Google AdSense will not be merged with other data from Google. The information collected by Google may be transferred to third parties if required by law and/or if third parties process this data on behalf of Google. All the processing described above, particularly reading information on the device used via cookies and/or web beacons, is only carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without this consent, Google AdSense will not be used during your visit to the site.

You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie-Consent-Tool” provided on the website.

For data transfers to the USA, the provider is subject to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

You can view Google’s privacy policy here: https://www.google.de/policies/privacy/

7) Web Analytics Services 7.1 Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which allows an analysis of your use of our website.

By default, cookies are set by Google Analytics 4 when you visit the website, which are stored on your device and collect certain information. This includes your IP address, which, however, is shortened by Google to exclude direct personal reference.

The information is transmitted to Google servers and further processed there. Data transfers to Google LLC based in the USA are also possible.

Google uses the collected information on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet use. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. The data collected through the use of Google Analytics 4 are stored for two months and then deleted.

All the processing described above, particularly setting cookies on your device, is only carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service in the “Cookie-Consent-Tool” provided on the website.

We have concluded a data processing agreement with Google, ensuring the protection of the data of our site visitors and prohibiting unauthorized disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and https://policies.google.com/technologies/partner-sites

Demographic Characteristics Google Analytics 4 uses the special “demographic characteristics” function and can create statistics that make statements about the age, gender, and interests of site visitors. This is done by analyzing advertising and information from third parties. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to a specific person and will be deleted after being stored for two months.

Google Signals As an extension to Google Analytics 4, Google Signals may be used on this website to create cross-device reports. If you have activated personalized ads and linked your devices to your Google account, Google can analyze your usage behavior across devices, provided your consent to the use of Google Analytics under Art. 6(1)(a) GDPR, and create database models, including cross-device conversions. We do not receive personal data from Google, only statistics. If you wish to stop cross-device analysis, you can deactivate the “Personalized Advertising” function in your Google account settings. Follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de Further information on Google Signals can be found at https://support.google.com/analytics/answer/7532985?hl=de

UserIDs As an extension to Google Analytics 4, the “UserIDs” function can be used on this website. If you have consented to the use of Google Analytics 4 in accordance with Art. 6(1)(a) GDPR, set up an account on this website, and log in to this account on various devices, your activities, including conversions, can be analyzed across devices.

For data transfers to the USA, the provider is subject to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

7.2 Google Tag Manager

This website uses the “Google Tag Manager,” a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”).

The Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analytics services, and calibrating, controlling, and linking them via a unified user interface. The Google Tag Manager itself does not store any information on user devices or read it out. Nor does the service perform its own data analyses. However, the Google Tag Manager transmits your IP address to Google when you access the site, where it may be stored. Data transfers to Google LLC servers in the USA are also possible.

This processing is only carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without this consent, the Google Tag Manager will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service in the “Cookie-Consent-Tool” provided on the website.

We have concluded a data processing agreement with the provider, ensuring the protection of the data of our site visitors and prohibiting unauthorized disclosure to third parties.

For data transfers to the USA, the provider is subject to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

8) Retargeting/ Remarketing and Conversion Tracking

8.1 Meta Pixel

Within our online offering, we use the “Meta Pixel” service provided by the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”)

When a user clicks on an ad we placed on Facebook and/or Instagram, the URL of our linked page is extended with a parameter using “Meta Pixel.” This URL parameter is then entered into the user’s browser after the redirection by a cookie set by our linked page.

This allows Meta to identify visitors to our online offering as a target group for displaying ads (so-called “Ads”). Accordingly, we use the service to display the Facebook and/or Instagram ads we place only to users who have shown interest in our online offering or who have certain characteristics (e.g., interests in certain topics or products determined by the visited websites) that we transmit to Meta (so-called “Custom Audiences”).

In addition, the “Meta Pixel” can track whether users have been redirected to our website after clicking on an ad and what actions they perform there (so-called “Conversion Tracking”).

The data collected is anonymous for us, so it does not allow us to draw conclusions about the identity of the users. However, the data is stored and processed by Meta, allowing a connection to the respective user profile and Meta to use the data for its own advertising purposes.

All the processing described above, particularly setting cookies for reading information on the device used, is only carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie-Consent-Tool” provided on the website.

We have concluded a data processing agreement with the provider, ensuring the protection of the data of our site visitors and prohibiting unauthorized disclosure to third parties.

The information generated by Meta is usually transferred to a Meta server and stored there; in this context, it may also be transferred to servers of Meta Platforms Inc. in the USA.

For data transfers to the USA, the provider is subject to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

8.2 Microsoft Advertising

This website uses retargeting technology from the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

This allows us to target visitors to our website with personalized, interest-based advertising who have already shown an interest in our shop and our products. The display of advertising materials is based on a cookie-based analysis of previous and current usage behavior, but no personal data is stored. In the cases of retargeting technology, a cookie is stored on your computer or mobile device to collect pseudonymized data about your interests and thus adapt the advertising individually to the stored information. These cookies are small text files stored on your computer or mobile device. You will thus see advertising that is most likely to match your product and information interests.

All the processing described above, particularly setting cookies for reading information on the device used, is only carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without this consent, the retargeting technology will not be used during your visit to the site.

You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service in the “Cookie-Consent-Tool” provided on the website.

For data transfers to the USA, the provider is subject to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

8.3 Microsoft Advertising Universal Event Tracking

This website uses conversion tracking technology from the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

For the use of Universal Event Tracking, a tag is placed on each page of our website that interacts with the conversion cookie set by Microsoft. This interaction makes user behavior on our website traceable and sends the information thus collected to Microsoft. The purpose of this is to statistically record and evaluate predefined targets, such as purchases or leads, to better align and tailor the content of our offerings. The tags never serve to personally identify users.

All the processing described above, particularly setting cookies for reading information on the device used, is only carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without this consent, the retargeting technology will not be used during your visit to the site.

You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service in the “Cookie-Consent-Tool” provided on the website.

For data transfers to the USA, the provider is subject to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

9) Site Functionality

Google reCAPTCHA

On this website, we use the CAPTCHA service provided by the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data may also be transferred to: Google LLC, USA. For the visual design of the CAPTCHA window, “Google Fonts,” i.e., fonts loaded from the internet by Google, are used. No further information is processed beyond the above-mentioned ones, which are already transferred to Google through the reCAPTCHA functionality.

The service checks whether an input is made by a natural person or abusively by automated and automated processing and blocks spam, DDoS attacks, and similar automated harmful accesses. To ensure that an action is performed by a human and not an automated bot, the provider collects the IP address of the used device, identification data of the used browser and operating system type, as well as the date and duration of the visit and transmits this for evaluation to the provider’s servers.

The legal basis is our legitimate interest in determining individual responsibility on the internet and preventing misuse and spam in accordance with Art. 6(1)(f) GDPR.

We have concluded a data processing agreement with the provider, ensuring the protection of the data of our site visitors and prohibiting unauthorized disclosure to third parties.

For data transfers to the USA, the provider is subject to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

10) Tools and Miscellaneous

Cookie-Consent-Tool

This website uses a “Cookie-Consent-Tool” to obtain effective user consent for consent-required cookies and cookie-based applications. The “Cookie-Consent-Tool” is displayed to users as an interactive user interface when accessing the page, where consents for certain cookies and/or cookie-based applications can be granted by checking boxes. All consent-required cookies/services are only loaded if the respective user grants the corresponding consent by checking the boxes. This ensures that such cookies are only set on the respective user’s device if consent is given.

The tool sets technically necessary cookies to save your cookie preferences. Personal user data are generally not processed.

If personal data (such as the IP address) are processed for storage, assignment, or logging of cookie settings, this is done in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in a legally compliant, user-specific, and user-friendly consent management for cookies and thus in a legally compliant design of our website.

Another legal basis for processing is Art. 6(1)(c) GDPR. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user’s consent.

Where necessary, we have concluded a data processing agreement with the provider, ensuring the protection of the data of our site visitors and prohibiting unauthorized disclosure to third parties.

Further information about the operator and the setting options of the Cookie-Consent-Tool can be found directly in the respective user interface on our website.

11) Data Subject Rights

11.1 The applicable data protection law grants you the following rights as a data subject regarding the processing of your personal data, which are listed below and reference the respective legal basis for the exercise conditions:

Right of access according to Art. 15 GDPR

Right to rectification according to Art. 16 GDPR

Right to erasure according to Art. 17 GDPR

Right to restriction of processing according to Art. 18 GDPR

Right to notification according to Art. 19 GDPR

Right to data portability according to Art. 20 GDPR

Right to withdraw consent according to Art. 7(3) GDPR

Right to lodge a complaint according to Art. 77 GDPR

11.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN PROVE COMPELLING LEGITIMATE REASONS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS.

IF YOUR PERSONAL DATA ARE PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH ADVERTISING AT ANY TIME. YOU CAN EXERCISE THE RIGHT TO OBJECT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES.

12) Duration of Storage of Personal Data

The duration of the storage of personal data is determined by the respective legal basis, the processing purpose, and – if applicable – the respective statutory retention period (e.g., commercial and tax retention periods).

When processing personal data based on explicit consent according to Art. 6(1)(a) GDPR, the data concerned are stored until you withdraw your consent.

If there are statutory retention periods for data processed within the scope of contractual or quasi-contractual obligations based on Art. 6(1)(b) GDPR, these data will be routinely deleted after the retention periods expire, provided they are no longer required for contract fulfillment or contract initiation and/or there is no legitimate interest in further storage on our part.

When processing personal data based on Art. 6(1)(f) GDPR, these data are stored until you exercise your right to object according to Art. 21(1) GDPR unless we can prove compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

When processing personal data for direct marketing purposes based on Art. 6(1)(f) GDPR, these data are stored until you exercise your right to object according to Art. 21(2) GDPR.

Unless otherwise stated in the specific information of this declaration about specific processing situations, stored personal data are otherwise deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.