Data Protection (English)

Data Protection

We have drawn up this data protection declaration (version 27.04.2020-311172274) to explain to you, in accordance with the provisions of the basic data protection regulation (EU) 2016/679, what information we collect, how we use data and what decision-making options you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible.

Automatic data storage

When you visit websites today, certain information is automatically created and stored, including on this website.

When you visit our website as you are visiting it right now, our web server (the computer on which this website is stored) automatically stores information such as

the address (URL) of the accessed web page
Browser and browser version
the operating system used
the address (URL) of the previously visited page (referrer URL)
the host name and IP address of the device being accessed
Date and time
in files (web server log files).

Usually web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot exclude the possibility that this data may be viewed in the event of illegal behavior.

Cookies

Our website uses HTTP cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following privacy policy.

What exactly are cookies?

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing is not to be dismissed: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, since there are other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, quasi the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the “user-related” information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default settings. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner sites (e.g. Google Analytics). Each cookie is unique because each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans or other “malware”. Cookies also cannot access information on your PC.

For example, cookie data can look like this:

name: _ga
Expiration period: 2 years
Usage: differentiation of website visitors
Example value: GA1.2.1326744211.152311172274
A browser should support the following minimum sizes:

A cookie should be able to contain at least 4096 bytes
At least 50 cookies should be able to be stored per domain
A total of at least 3000 cookies should be able to be stored
What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point we would like to briefly discuss the different types of HTTP cookies.

You can distinguish 4 types of cookies:

Essential cookies:
These cookies are necessary to ensure basic website functions. For example, these cookies are needed when a user adds a product to the shopping cart, then continues surfing on other pages, and later proceeds to checkout. These cookies do not delete the shopping cart, even if the user closes his browser window.

Functional cookies:
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies also measure the loading time and the behavior of the website with different browsers.

Target-oriented cookies:
These cookies ensure a better user experience. For example, entered locations, font sizes or form data are stored.

Advertising cookies:
These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very practical, but also very annoying.

Usually the first time you visit a website, you will be asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.

How can I delete cookies?

How and whether you want to use cookies is up to you. Regardless of the service or website from which the cookies originate, you always have the option of deleting cookies, allowing them only partially or deactivating them. For example, you can block third-party cookies, but allow all other cookies.

If you want to find out which cookies are stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not wish to receive cookies, you can set your browser to notify you whenever a cookie is set. In this way, you can decide for each individual cookie whether or not you wish to accept it. The procedure varies from browser to browser. The best thing to do is to look for the instructions in Google with the search term “Delete cookies Chrome” or “Deactivate cookies Chrome” in case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my privacy?

The so-called “cookie guidelines” have been in place since 2009. This states that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these guidelines. In Germany, the cookie guidelines have not been implemented as national law. Instead, the implementation of these guidelines was largely carried out in § 15 paragraph 3 of the German Telemedia Act (TMG).

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Storage of personal data

Personal information that you submit to us electronically on this website, such as your name, e-mail address, postal address or other personal information when submitting a form or comments on the blog, together with the time and IP address, will only be used by us for the purpose stated in each case, will be kept securely stored and will not be disclosed to third parties.

Thus, we use your personal data only for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We will not pass on your personal data without your consent, but we cannot exclude the possibility that this data may be viewed in the event of unlawful behaviour.

If you send us personal data by e-mail – thus off this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data by e-mail without encryption.

According to article 6 paragraph 1 a DSGVO (legality of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time – an informal e-mail is sufficient, you will find our contact details in the imprint.

Rights according to the basic data protection regulation

In accordance with the provisions of the DSGVO, you are basically entitled to the following rights:

Right of rectification (Article 16 DSGVO)
Right of deletion (“right to be forgotten”) (Article 17 DSGVO)
Right to restrict processing (Article 18 DSGVO)
Right of notification – Obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 DPA)
Right to data transferability (Article 20 DSGVO)
Right of objection (Article 21 DSGVO)
Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 DPA)
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Evaluation of visitor behavior

In the following data protection declaration, we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot draw any conclusions about your personal behavior on this website.

You can find out more about how to object to this evaluation of visit data in the following data protection declaration.

TLS encryption with https

We use https to transmit data tap-proof on the Internet (data protection through technology design article 25 paragraph 1 DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the upper left corner of the browser and the use of the scheme https (instead of http) as part of our internet address.

Google Fonts Privacy Policy

On our website we use Google Fonts. These are the “Google fonts” of the company Google Inc. For the European area the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

To use Google fonts, you do not need to log in or set a password. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you do not need to worry about your Google Account information being submitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this information securely. We will see in detail how the data storage looks exactly.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge.

Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licenses.

Why do we use Google Fonts on our website?

With Google Fonts we can use fonts on our own website, but we do not have to upload them to our own server. Google Fonts is an important component to keep the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage especially for the use with mobile devices. If you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can visually distort some texts or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts to make our entire online service as beautiful and consistent as possible.

Which data is stored by Google?

When you visit our website, the fonts are reloaded via a Google server. This external call transfers data to the Google servers. In this way Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for a proper provision of fonts. By the way, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests at Google and is therefore protected. Through the collected usage figures, Google can determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database of Google Fonts. Entrepreneurs and developers use Google’s BigQuery web service to examine and move large amounts of data.

However, it should also be noted that each Google Font request automatically sends information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This allows us to use the fonts with the help of a Google style sheet. A stylesheet is a style template that allows you to easily and quickly change, for example, the design or font of a web page.

The font files are stored at Google for one year. Google’s goal is to improve the loading time of web pages. If millions of web pages link to the same fonts, they are cached after the first visit and reappear immediately on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot be deleted easily. The data is automatically transferred to Google when the page is viewed. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=311172274. In this case you only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unlimited access to all fonts. So we have unlimited access to a sea of fonts and can thus get the best out of our website. You can find more information about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311172274. There, Google deals with data protection issues, but really detailed information about data storage is not included. It is relatively difficult to get really detailed information about stored data from Google.

Which data is basically collected by Google and what this data is used for can also be read at https://www.google.com/intl/de/policies/privacy/.

MailChimp Privacy Policy

Like many other websites we use the services of the newsletter company MailChimp on our website. The operator of MailChimp is The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. Thanks to MailChimp we can easily send you interesting news via newsletter. With MailChimp we do not need to install anything and can still draw from a pool of really useful functions. In the following we will go into more detail about this e-mail marketing service and inform you about the most important data protection aspects.

What is MailChimp?

MailChimp is a cloud based newsletter management service. “Cloudbased” means that we do not have to install MailChimp on our own computer or server. Instead, we use the service via an IT infrastructure – which is available via the Internet – on an external server. This way of using a software is also called SaaS (Software as a Service).

With MailChimp we can choose from a wide range of different types of e-mail. Depending on what we want to achieve with our newsletter, we can run single campaigns, regular campaigns, autoresponders (automatic email), A/B tests, RSS campaigns (sending in predefined time and frequency) and follow-up campaigns.

Why do we use MailChimp on our website?

Basically we use a newsletter service to keep in touch with you. We want to tell you what’s new with us or what attractive offers we have in our program right now. For our marketing activities we always look for the easiest and best solutions. And that’s why we have chosen the newsletter management service of Mailchimp. Although the software is very easy to use, it offers a large number of helpful features. So we can create interesting and beautiful newsletters in a very short time. Thanks to the offered design templates we can create each newsletter individually and thanks to the “Responsive Design” our content will be displayed legibly and beautifully on your smartphone (or any other mobile device).

Through tools such as the A/B test or the extensive analysis options, we can see very quickly how our newsletters are received by you. This allows us to react if necessary and improve our offer or services.

Another advantage is the “cloud system” of Mailchimp. The data is not stored and processed directly on our server. We can retrieve the data from external servers and thus save our storage space. In addition, the maintenance effort is significantly reduced.

Which data is stored by MailChimp?

The Rocket Science Group LLC (MailChimp) maintains online platforms that allow us to contact you (if you have subscribed to our newsletter). If you become a subscriber of our newsletter via our website, you confirm your membership in an e-mail list of MailChimp by e-mail. To enable MailChimp to prove that you are registered in the “list provider”, the date of registration and your IP address will be saved. Furthermore MailChimp stores your e-mail address, name, physical address and demographic information, such as language or location.

This information is used to send you emails and to enable certain other MailChimp features (such as newsletter analysis).

MailChimp also shares information with third parties to provide better service. MailChimp also shares some information with third-party advertising partners to better understand the interests and concerns of our customers and to provide more relevant content and targeted advertising.

Through so-called “web beacons” (small graphics in HTML e-mails), MailChimp can determine whether the e-mail has arrived, whether it has been opened and whether links have been clicked on. All this information is stored on the MailChimp servers. Thereby we get statistical evaluations and see exactly how well our newsletter was received by you. This way we can adapt our offer much better to your wishes and improve our service.

MailChimp may also use this information to improve its own service. This way, for example, the dispatch can be technically optimized or the location (country) of the recipients can be determined.

The following cookies can be set by Mailchimp. This is not a complete cookie list, but rather an exemplary selection:

Name: AVESTA_ENVIRONMENT
Value: Prod
Purpose: This cookie is necessary to provide the mailchimp services. It is always set when a user subscribes to a newsletter mailing list.

Expiration date: after session end

Name: ak_bmsc
Value: F1766FA98C9BB9DE4A39F70A9E5EEAB55F6517348A7000001311172274-3
Purpose: The cookie is used to distinguish a human from a bot. This allows secure reports to be generated about the use of a website.
Expiration date: after 2 hours

Name: bm_sv
Value: A5A322305B4401C2451FC22FFF547486~FEsKGvX8eovCwTeFTzb8//I3ak2Au…
Purpose: The cookie is from MasterPass Digital Wallet (a MasterCard service) and is used to provide a visitor with a secure and easy way to make a virtual payment transaction. For this purpose, the user is anonymously identified on the website.
Expiration date: after 2 hours

Name: _abck
Value: 8D545C8CCA4C3A50579014C449B045311172274-9
Purpose: We were unable to learn more about the purpose of this cookie.
Expiration date: after one year

Sometimes it can happen that you open our newsletter for a better presentation via a given link. This is the case, for example, if your e-mail program does not work or the newsletter is not displayed correctly. The newsletter is then displayed on a MailChimp website. MailChimp also uses cookies (small text files that store data on your browser) on its own websites. Personal data may be processed by MailChimp and its partners (e.g. Google Analytics). This data collection is the responsibility of MailChimp and we have no influence on it. In the “Cookie Statement” of MailChimp (under: https://mailchimp.com/legal/cookies/) you can read exactly how and why the company uses cookies.

How long and where is the data stored?

Since MailChimp is an American company, all collected data is also stored on American servers.

In principle, the data remains permanently stored on the servers of Mailchimp and is only deleted when you request it. You can have your contact deleted by us. This will permanently remove all your personal data for us and make you anonymous in the Mailchimp reports. However, you can also request the deletion of your data directly at MailChimp. Then all your data will be removed there and we will get a notification from MailChimp. After we receive the email, we have 30 days to delete your contact from all connected integrations.

How can I delete my data or prevent data storage?

You can withdraw your consent to receive our newsletter at any time within the received e-mail by clicking on the link in the lower area. If you have unsubscribed by clicking on the unsubscribe link, your data will be deleted by MailChimp.

If you reach a MailChimp website via a link in our newsletter and cookies are set in your browser, you can delete or deactivate these cookies at any time.

Depending on your browser the deactivation or deletion works slightly different. The following instructions show how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not wish to receive cookies, you can set your browser to notify you whenever a cookie is set. In this way, you can decide for each individual cookie whether you want to allow it or not.

MailChimp is an active participant in the EU-U.S. Privacy Shield Framework which regulates the correct and secure transfer of personal data. You can find more information about this on https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&tid=311172274. You can learn more about the use of cookies with MailChimp on https://mailchimp.com/legal/cookies/, information about data protection with MailChimp (Privacy) can be found on https://mailchimp.com/legal/privacy/.

MailChimp order data processing contract

We have signed a contract with MailChimp for the Data Processing Addendum. This contract serves to protect your personal data and ensures that MailChimp complies with the applicable data protection regulations and does not pass on your personal data to third parties.

You can find more information about this contract on https://mailchimp.com/legal/data-processing-addendum/.