Privacy Policy

I. General information on data processing

1. The scope of the processing of personal data
The controller takes care of the collection and uses the personal data of its users (hereinafter also referred to as the “involved person and/or the involved data subject”, the “data subject” or the ‘visitor’) only insofar as this will be required for the provision of a functional website and for the display of the content as well as of the performances. The collection and processing of the users’ personal data is regularly only done with the user’s consent. An exception shall be applied in cases in which the prior consent cannot be obtained for factual reasons, the processing is carried out on the basis of pre-contractual or contractual measures, the processing of the data is allowed by statutory provisions and/or there is a legitimate interest of the controller in the said processing.

2. The legal basis for the processing of personal data
Insofar as the person responsible for processing personal data is granted the consent of the involved data subject, art. 6 para. 1 sentence 1 lit. a of the EU General Data Protection Regulation (GDPR) applies as the legal basis for processing personal data. For any transfer to a non-secure third country, the processing will be carried out on the basis of what stated under art. 49 para. 1 sentence 1 lit. a GDPR.
For the processing of personal data necessary for performance of a contract to which the data subject is a party, art. 6 para. 1 sentence 1 lit. b GDPR shall apply as the legal basis. This also applies to processing that is necessary to implement pre-contractual measures.
Insofar as the processing of personal data is required in order to fulfill a legal obligation to which the Controller is subject, art. 6 para. 1 sentence 1 lit. c GDPR shall apply as the legal basis.
In the event that vital interests of the Data Subject or another natural person require the processing of personal data, art. 6 para. 1 sentence 1 lit. d GDPR shall apply as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, art. 6 para. 1 sentence 1 lit. f GDPR shall apply as the legal basis for processing.

3. Data deletion and duration of storage
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage ceases to apply or a granted consent is revoked by the involved data subject or there is an opposition to the respective processing. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the responsible party is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned regulations has elapsed, unless further storage of the data is necessary for the conclusion or fulfillment of a contract.

4. Data transfer to non-secure third countries
The transfer and processing of personal data of involved data subjects in a non-secure third country, such as for example the USA, shall take place under the conditions stated under art. 49 para. 1 sentence 1 lit. a GDPR – based on the consent given by the involved data subject. For the USA (and other non-secure third countries), at the moment, no adequacy decision has been made by the EU Commission within the meaning under art. 45 para. 1, 3 GDPR. This means that the EU Commission has not yet positively determined that there is a level of data protection which is comparable to the requirements of the GDPR. In addition, the GDPR requires the so-called “suitable guarantees” for a data transfer to a third country or to international organizations, art. 46 para. 2, 3 GDPR. These can be, for example, company-internal data protection regulations which have been approved by a supervisory authority or standard data protection contracts. In summary, there is no level of data protection which is comparable to the requirements of the GDPR in the aforementioned non-secure third countries.

Risks of transfer to a non-secure third country

Personal data may possibly be passed on by the provider to other third parties who use the data for advertising purposes, for example, beyond the actual purpose of the fulfillment of the order. Furthermore, the effective enforcement of any rights of information against the subcontractor is probably not feasible. There may be a higher level of probability that incorrect data processing may occur, since the technical and organizational measures of the subcontractor for the protection of personal data do not completely meet the requirements of the GDPR when it comes to quantity as well as quality. It is also possible for public authorities to access the personal data provided without the knowledge of the involved data subject. This risk exists in particular when there is a data transfer to the USA. Generally speaking, this also corresponds to the European legal regulations, for example for the purpose related to security. However, the admissibility threshold for such data processing is higher in the European Union than in the involved country of the data recipient.
In the event the data is transferred on the basis of consent to processors whose processing takes place in a non-secure third country, a separate notice is provided by the respective service provider.

II. Right of the involved data subject

In the event we process personal data about you, you as an involved data subject have the following rights towards us in our function as controller:

1. Right to information, art. 15 GDPR
You have the right to (free) information about your collected and stored personal data at any time within the framework of the applicable legal provisions. Among other aspects, this right includes information about their processing purposes, their origin and recipients, the period of storage and the existence of different rights.

2. Right to correct data, art. 16 GDPR
You have a right towards the controller to have your data corrected and/or completed in the event the personal data processed concerning your person is incorrect or incomplete. The data controller is required to make the correction and/or integration immediately.

3. Right to deletion, art. 17 GDPR
You are entitled to request the deletion of your personal data at any time under the conditions stated in art. 17 GDPR, unless there are still exceptions or circumstances which entitle the controller to continue the processing of your personal data (such as statutory retention obligations).
4. Right to restriction of processing, art. 18 GDPR
Within the framework of the provisions stated under art. 18 GDPR, you are entitled to request a restriction of the processing of your data. The prerequisite is one of the conditions set out under art. 18 para. 1 GDPR.

5. Right to information, art. 19 GDPR
If you have asserted the right to rectification, erasure or restriction of processing against the data controller, they are obliged to inform all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed as to these recipients by the data controller.

6. Right to data portability, art. 20 GDPR
In the event the said processing is carried out on the basis of the consent granted by us or on the basis of a contract and using automated procedures, you will be entitled to transfer the data provided by you within the scope stated under art. 20 GDPR whereby this applies provided that this does not affect the rights and freedoms of other persons. The said data shall be provided in a common as well as machine-readable format. If you request the direct transfer of data to another data controller, this will only occur if it is technically feasible.

7. Right of objection, art. 21 GDPR
You have the right, for reasons arising from your specific situation, to object to the processing of personal data concerning you at any time and which is carried out in accordance with art. 6 1 sentence 1 lit. e or f GDPR; the same applies to profiling based on these provisions. The data controller will no longer process the personal data relating to you unless they can prove a compelling, legitimate reason for this which outweighs your interests, rights, and freedoms or the processing serves to assert, exercise, or defend legal claims (objection according to art. 21 para. 1 GDPR).
If the personal data relating to you is processed for direct marketing purposes, you have the right to object at any time to such processing; this also applies to profiling insofar as it is associated with such direct marketing. If you object to your data being processed for direct marketing purposes, your personal data will no longer be processed for such purposes. (Objection according to art. 21 para. 2 GDPR).
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object using an automated process involving the use of technical specifications.

8. Automated decision in individual cases, art. 22 GDPR
In accordance with art. 22 GDPR, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision (1) is required for the conclusion or performance of a contract between you and the data controller, (2) is permitted by Union or Member State legislation to which the data controller is subject, and that legislation is adequate to protect your rights and freedoms as well as your legitimate interests, or (3) is made with your express consent.
However, these decisions may not be based on special categories of personal data according to art. 9 1 GDPR unless art. 9 para. 2 a or g is applied and appropriate measures have been taken to protect your rights and freedom as well as your legitimate interests. In the cases referred to in sections (1) and (3), the data controller will take reasonable measures to safeguard your rights, freedoms, and legitimate interests, including, at a minimum, the right to obtain the intervention of an individual on the part of the data controller to state their own position and challenge the decision.

9. Right to withdraw your consent, art. 7 para. 3 GDPR
You have the right to withdraw your consent under data protection law at any time. The legality of the data processing performed prior to your revocation of consent remains unaffected. You can send the revocation to the Controller by E-mail or by post.

10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or where the infringement is suspected, if you believe that the processing of personal data that concerns you is in contravention of GDPR.
The supervisory authority to which the appeal is submitted will inform you about the status and results of the appeal, including the possibility of a judicial remedy in accordance with Art. 78 GDPR.
In the event you are in another federal state or if you are not in Germany, you can also get in touch with the local data protection authority. The supervisory authority responsible for us is the Hessian Commissioner for Data Protection and Freedom of Information.

III. SSL/TLS encryption

This website uses SSL and/or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the queries you send to us as the involved subject in your function as site operator. An encrypted connection can be recognized by the fact that the address line of the browser changes from ‘http://” to “https:// ‘ and by the lock icon shown in the browser line. When SSL/TLS encryption is activated, the data you transfer to us cannot be read by third parties.

IV. External hosting

1. Description and scope of the data processing
The present website is hosted by an external service provider (the so-called hoster). The personal data collected on the present website is stored on the hoster’s servers. This information is primarily IP addresses, contact requests, meta and communication data, contract data, contact details, names, instances of website access, and other data generated via a website.

2. Legal basis for the data processing
The legal basis for data processing is art. 6 para. 1 sentence 1 lit. f GDPR for the provision of the website.

3. Purpose of the data processing
The hoster is used for the purpose of a secure, fast and efficient provision of our online offer as well as for the reliable presentation and provision of our website by a professional provider. Our legitimate interest in data processing lies in the said purposes.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
Data will be deleted as soon as it is no longer required to fulfill the purpose for which it was collected. In the case the data was collected in order to provide the website, it will be deleted once your session on our site ends.
Collection of data required to make the website available and storage of the data in log files is essential for the operation of the website. Consequently, there is no option to object on the part of the user.

5. Agreement of an order processing contract
In connection with the data processing according to the above-mentioned description, the data is passed on and processed by our external hoster, the company achteins büro für textil- und webdesign, Frankfurter Straße 21, 36043 Fulda. We have entered into a contract for order processing with our hoster. The said contract is a data protection contract ensuring that the company achteins büro für textil- und webdesign, Frankfurter Straße 21, 36043 Fulda processes the personal data of our website visitors exclusively in accordance with our instructions and in compliance with the data protection regulations (see GDPR, BDSG/German Federal Data Protection Act, etc.).

V. Provision of the website and creation of log files

1. Description and scope of the data processing
Every time our website is accessed, our system will automatically collect data and information from the system of the calling device.
In this context, the following data is collected:
(1) Information about the browser type and version used
(2) The user’s operating system
(3) The user’s anonymised IP address
(4) Date and time of access
The data is also stored in our system’s log files. The log files contain no IP addresses or other data that allow assignment to a user. This data is not stored together with any other personal data pertaining to the user.

2. Legal basis for data processing:
The legal basis for the temporary storage of data and log files is art. 6 para. 1 sentence 1 lit. f GDPR.

3. Purpose of the data processing
The system needs to temporarily store the IP address to enable the website to be delivered to the user’s computer. To this end, the IP address of the user must be stored for the duration of the session.
The IP address is stored anonymously in log files in order to ensure the functionality of the website. The data is also used to optimize the website and ensure the security of our information technology systems. We do not evaluate this data for marketing purposes.
These purposes also encompass our legitimate interest in data processing in accordance with art. 6 1 sentence 1 lit. f GDPR.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
Data will be deleted as soon as it is no longer required to fulfill the purpose for which it was collected. In the case the data was collected in order to provide the website, it will be deleted once your session on our site ends.
If the data is stored in log files, this will be undertaken after fourteen days at the latest.
Collection of data required to make the website available and storage of the data in log files is essential for the operation of the website. Consequently, users cannot object to its collection.

VI. Use of cookies

1. Description and scope of the data processing
By continuing to use our website you agree to the use of cookies. Cookies are text files that are stored within or by the internet browser on your computer system. If a user accesses our website, a cookie may be stored on your operating system. This cookie contains a distinctive character string that enables unique identification of the browser when the website is accessed again.
While accessing our website, the users are informed about the use of cookies by a consent management and are referred to the present privacy policy. To get more information concerning the consent management used, see item VII of the present data protection information.
We use cookies to make our website more user-friendly. Some elements of our website require that your browser be identifiable as you move on to another page within the site. To sum it up: These cookies are technically needed for the operation of our website.
We also use cookies on our website to analyze user behavior.
The following data can be transmitted in this way:
(1) Frequency of website visits
(2) Use of website functions
While accessing our website, you will be informed of the use of cookies for analytical purposes and we will obtain your consent for the processing of the personal data used in this context. We will at that time also make reference to this privacy information.
Transmission to a third country: The data collected via the aforementioned cookies for analysis purposes can be transmitted to a service provider based in a third country. Further information can be found in these data protection declarations at the respective service provider. Processing of personal data also takes place in a non-secure third country. In the USA, there is no level of data protection which may be compared to the requirements according to the GDPR. Further information on transfer to a non-secure third country can be found in this data protection information under “I. General information on data processing – 4. Data transfer to non-secure third countries’.
Generally speaking, you can prevent or block the storage of cookies in your device in the settings of your browser. For this purpose, you must call up the respective settings of your browser. In addition, you can delete your stored cookie data in your browser settings.

2. Legal basis for the data processing
The legal basis for the processing of personal data using technically necessary cookies is art. 6 para. 1 sentence 1 lit. f GDPR; the storage of cookies in your terminal device is based on § 25 para. 2 number 2 TTDSG.
The legal basis for processing personal data by using cookies for analytical purposes, if the user’s consent to this has been obtained, is art. 6 para. 1 sentence 1 lit. a GDPR; for a transfer to a non-secure third country, additionally what stated under art. 49 para. 1 lit. a GDPR shall be applied. The storage of the cookie in your device is based on art. 25 para. 1 sentence 1 of the Telecommunication Telemedia Data Protection Act (TTDSG).

3. Purpose of the data processing
The purpose of using technically necessary cookies is to simplify the use of the website for you. Some features of our website will not be available if the use of cookies is disallowed. This is why it is necessary that your browser remain recognisable as you make your way through our website. In addition, cookies are required to manage your consents and rejections.
We require cookies for the following applications:
(1) Consent Management
For the said purposes, our legitimate interest lies in the processing of personal data according to art. 6 para. 1 sentence 1 lit. f GDPR. The user data collected by technically necessary cookies is not used to create user profiles.
These cookies are used to improve the quality of our website and its content. By analyzing cookies, we learn how the website is used and can constantly optimize our service.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
Cookies are stored on the user’s computer and transmitted to our website. For this reason, you retain full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies which have already been saved may be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may not be possible to use all functions of the website in full.
Our cookies are stored in detail for the following duration:
borlabs-cookie– Storage period: 12 months
_ga and _ga_GQ24BMS6MT (Google Analytics Analysis)– Storage duration: 24 months
_gcl_au (Google AdSense) – Storage duration: 3 months
As a user, you have the right to revoke your data protection declaration of consent for technically unnecessary cookies at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. You can revoke the consent you have given at any time via you using the blue button at the bottom left of the page.

VII. Cookie Consent with Borlabs Cookie

1. Description and scope of the data processing
Our website uses the cookie-consent technology of Borlabs Cookie to obtain consent to the storage of certain cookies on the device of data subjects or to the use of certain technologies and to document these in compliance with data protection. The supplier of this technology is the German company Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg.
When involved data subjects enter our website, a Borlabs cookie will be stored in their browser, in which the granted consent or the revocation of the said consent will be stored. The following information will be stored in the cookie called borlabs cookie: cookie duration, cookie version, domain and path of the website, consent and UID (randomly generated ID without personal data).
This data is not passed on to the provider of Borlabs Cookie.

2. Legal basis for the data processing
The Borlabs cookie consent technology is used in order to obtain the legally required consent for the use of cookies. The legal basis for this is art. 6 1 sentence 1 lit. c GDPR. The storage of the cookie in your device is based on art. 25 para. 2 number 2 TTDSG.

3. Purpose of the data processing
The processing of personal data serves to comply with the legal requirements of the GDPR and the TTDSG for obtaining and documenting consent.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
The collected data will be stored until the data subject requests us to delete it or the Borlabs cookie itself is deleted or the purpose for data storage no longer applies. The statutory retention periods remain unaffected.
You can find details about the data processing of Borlabs cookies at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

VIII. Email contact

1. Description and scope of the data processing
Email addresses are provided on our website and our signatures, which can be used to contact us electronically. In this case, your personal data that is transmitted along with the email of the involved person will be stored.
Such data will not be disclosed to third parties in this context. The data is used exclusively for contacting and conducting the conversation.

2. Legal basis for the data processing
The legal basis for processing the data transmitted in the course of sending an email is art. 6 para. 1 sentence 1 lit. f GDPR. If you email us with the intention of entering into a contract, this creates an additional legal basis for its processing per art. 6 para. 1 sentence 1 lit. b GDPR.

3. Purpose of the data processing
We only process personal data for the purpose of facilitating contact with you. This also justifies the legitimate interest in processing the data.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion.
Data will be deleted as soon as it is no longer required to fulfill the purpose for which it was collected. For any personal data that were sent by email, this is the case when the respective conversation with the involved person has been completed. The conversation is considered to have ended when it is evident from the circumstances that the matter at hand has been conclusively resolved. If a contract is concluded as a result of the e-mail contact, the corresponding (statutory) retention obligations and regulations apply.
An involved person who has contacted us by email can object at any time to the storage of their personal data. If you exercise this right, it will not be possible to continue our conversation. In such cases, all personal data that was stored when contact was made with us will be deleted.

IX. Contact form

1. Description and scope of data processing
A contact form is available on our website. You can use it in order to contact us electronically. If users accept this option, the data entered in the input screen will be transmitted to us and stored. This data is:
(1) Name (mandatory field)
(2) E-mail address (mandatory field)
(3) Company
(4) Phone number
(5) Subject (mandatory field)
(6) Message (mandatory field) and other personal data that you transmit to us through the message field included in the contact form.
The following data are also stored at the time the message is sent:
(1) The user’s IP address
(2) Date and time of subscription
For the processing of the data, reference is made to this data protection information as part of the sending process. Such data will not be disclosed to third parties in this context. This data will be used exclusively to respond to your enquiry.

2. Legal basis for the data processing
The legal basis for the processing of data transmitted by means of the contact form is art. 6 para. 1 sentence 1 lit. a GDPR. If the purpose of contact is to conclude a contract, then an additional legal basis for processing is 1 sentence 1 lit. b GDPR.

3. Purpose of the data processing
We only process personal data provided in input forms to process the contact request. The other personal data processed during the sending process are used to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
Data will be deleted as soon as it is no longer required to fulfill the purpose for which it was collected. For personal data from the input mask of the contact form, this is the case when the respective conversation with the user has ended. The conversation is considered to have ended when it is evident from the circumstances that the matter at hand has been conclusively resolved. Personal data that was additionally collected during the transmission procedure will be deleted within seven days at the latest.
If a user contacts us via the form, he can revoke his consent at any time. Please use the information included in the imprint. If you exercise this right, it will not be possible to continue our conversation. In such cases, all personal data that was stored when contact was made with us will be deleted.

X. Google Tag Manager

1. Description and scope of the data processing
The present website uses the Google Tag Manager. The provider is Google Ireland Limited (hereinafter referred to as ‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is a subsidiary of Google LLC based in the USA.
The Google Tag Manager is a tool that we can use to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not save any cookies and does not carry out any independent analyses. It serves only for the administration and display of the tools integrated through it. However, the Google Tag Manager collects your IP address, which may also be transmitted to servers in the USA.
Processing of personal data also takes place in a non-secure third country. In the USA, there is no level of data protection which may be compared to the requirements according to the GDPR. Further information on transfer to a non-secure third country can be found in this data protection information under ‘I. General information on data processing – 4. Data transfer to non-secure third countries’.

2. Legal basis for the data processing
The use of the Google Tag Manager is based on your consent in accordance with art. 6 para. 1 sentence 1 lit. a GDPR and art. 49 para. 1 sentence 1 lit. a GDPR – as well as art. 25 para. 1 sentence 1 of the Telecommunication Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the Telecommunication Telemedia Data Protection Act (TTDSG).

3. Purpose of the data processing
The Google Tag Manager is used to manage website tags via an interface. This enables us to control the exact integration of services on our website. This allows us to flexibly integrate additional services in order to evaluate our users’ access to our website.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
You have the right to withdraw your consent under data protection law at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. You can revoke the consent you have given at any time via you using the blue button at the bottom left of the page.
The specific storage duration of the processed data cannot be influenced by us because it is determined by the company Google Ireland Limited. To get more information, check the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/

XI. Google Analytics

1. Description and scope of the data processing
This website uses Google Analytics, a web analysis service. The provider is Google Ireland Limited (hereinafter referred to as “Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is a subsidiary of Google LLC based in the USA.
Google Analytics enables the website operator to analyze the behavior of website visitors. Here the website operator receives various usage data, such as web page views, length of stay, operating systems used and origin of the user. In this manner, among others, the following personal data can be collected and assessed: user activities, device and browser information (in particular, IP address), data about the advertisements displayed (click-through rates) and data from advertising partners. The said data may be summarized by Google in a profile which is assigned to the respective user or their device.
Google Analytics uses cookies and other browser technologies enabling the user to be recognised for the purpose of analyzing the user behavior. Among other things, the said information is used in order to compile reports concerning the activity of the website. The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there. Google will additionally transmit your data to Google affiliates and to other partners.
Processing of personal data also takes place in a non-secure third country. In the USA, there is no level of data protection which may be compared to the requirements according to the GDPR. Further information on transfer to a non-secure third country can be found in this data protection information under ‘I. General information on data processing – 4. Data transfer to non-secure third countries’.
IP addresses anonymization (Google Analytics 4)
We use Google Analytics 4 on the present page. Your IP address will be automatically anonymized. Only in exceptional cases, IP addresses are transferred to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them with other services concerning the website activity and the use of the website. The IP address provided by your browser in the framework of Google Analytics will not be combined with other data from Google.

2. Legal basis for the data processing
The use of this analysis tool is based on the consent granted by you in accordance with art. 6 para. 1 sentence 1 lit. a GDPR and for any transfer to a third country it will be based on what stated under art. 49 para. 1 lit. a GDPR. The storage of information in your terminal equipment takes place based on what is stated under art. 25 para. 1 sentence 1 of the Telecommunication Telemedia Data Protection Act (TTDSG).

3. Purpose of the data processing
The use of Google Analytics on our website serves to analyze the user behavior of our website visitors in order to optimize and display both our website and our advertising.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
The collected data will be stored until you delete the cookies set by Google Analytics yourself or until the purpose for data storage no longer applies. As a user, you have the right to withdraw your consent under data protection law at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. You can revoke the consent you have given at any time via you using the blue button at the bottom left of the page.

The specific storage duration of the processed data cannot be influenced by us because it is determined by the company Google Ireland Limited. Data stored at Google on the user and event level which are linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymised after 2 months or deleted. For details, please refer to the following link: https://support.google.com/analytics/answer/7667196?hl=de
For visitors who do not want their data to be used in Google Analytics, Google has developed a browser add-on to deactivate Google Analytics. You can download and install the available browser plugin at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
For more information about how Google Analytics handles user data, see Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de.
For further information on data protection you can also visit the page including the data protection declaration for Google Analytics: https://policies.google.com/privacy.

5. Agreement of an order processing contract
We have entered into a contract for order processing with the company GOOGLE. This is a data protection contract that guarantees that GOOGLE will only process the personal data of our website visitors in accordance with our instructions and in compliance with the data protection regulations (GDPR, BDSG/German Federal Data Protection Act, etc.).

XII. Google Ads

1. Description and scope of the data processing
We use Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads allows us to display advertisements in the Google search engine or on third-party websites if the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed on the basis of the user data available at Google (such as for example location data and interests) (target group targeting). As a website operator, we can evaluate this data quantitatively, for example by carrying out an analysis of which search terms have led to the display of our advertisements and how many advertisements have resulted in the corresponding clicks. Your data is also processed on servers located in the USA. Transfer of data to the USA is based on the standard contractual clauses of the EU Commission. The respective details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
You can find more information here: https://ads.google.com/intl/de_de/home/faq/gdpr/.
Processing of personal data also takes place in a non-secure third country. In the USA, there is no level of data protection which may be compared to the requirements according to the GDPR. Further information on transfer to a non-secure third country can be found in this data protection information under ‘I. General information on data processing – 4. Data transfer to non-secure third countries’.
2. Legal basis for the data processing
The use of Google Ads is based on your consent in accordance with art. 6 para. 1 sentence 1 lit. a GDPR and art. 49 para. 1 sentence 1 lit. a GDPR – as well as art. 25 para. 1 sentence 1 of the Telecommunication Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the Telecommunication Telemedia Data Protection Act (TTDSG).

3. Purpose of the data processing
The use of Google Ads also serves to make our offer on other websites and to reach users who are interested in our offer on the basis of targeted advertising campaigns.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
As a user, you have the right to revoke your data protection declaration of consent for technically unnecessary cookies at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. You can revoke the consent you have given at any time via you using the blue button at the bottom left of the page.

XIII. Google Adsense

1. Description and scope of the data processing
This website uses Google AdSense, a service for integrating advertisements. The provider is Google Ireland Limited (hereinafter referred to as “Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use Google AdSense in “non-personalized” mode. In contrast to the personalized mode, the advertisements are therefore not based on your previous user behavior and no user profile will be created by you. Instead, the so-called “contextual information” is used in the selection of advertising. The adverts selected will then depend, for example, on your location, on the content of the website you are on, or on your current search terms. In order to know more about the differences existing between personalized and non-personalized targeting with Google AdSense, visit the following page: https://support.google.com/adsense/answer/9007336.
In this context, please note that the cookies or comparable recognition technologies (such as for example the device fingerprinting) can also be used when you use Google Adsense in a non-personalised mode. According to Google, the said cookies and technologies are used to oppose fraud and abuse.
Google may collect information about your behavior as a user on our website through the cookie used. To mention an example, the said data can be information on how to deal with an ad. Your IP address is usually processed for this purpose.
The personal data is also processed in a non-secure third country. In the USA, there is no level of data protection which may be compared to the requirements according to the GDPR. Further information on transfer to a non-secure third country can be found in this data protection information under ‘I. General information on data processing – 4. Data transfer to non-secure third countries’.

2. Legal basis for the data processing
The use of Google Ads is based on your consent in accordance with art. 6 para. 1 sentence 1 lit. a GDPR and art. 49 para. 1 sentence 1 lit. a GDPR – as well as art. 25 para. 1 sentence 1 of the Telecommunication Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the Telecommunication Telemedia Data Protection Act (TTDSG).

3. Purpose of the data processing
The use of Google AdSense is used to show you tailored advertising tailored to your needs. Google AdSense will only show you ads matching your own interests.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
The cookie set by Google for the AdSense service is stored for about three months. As a user, you have the right to revoke your data protection declaration of consent for technically unnecessary cookies at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. You can revoke the consent you have given at any time via you using the blue button at the bottom left of the page.

You can adjust your advertising settings independently in your user account. To do this, please click on the following link and then log in:
https://adssettings.google.com/authenticated.
Further information on Google’s advertising technologies can be found here https://policies.google.com/technologies/ads and here https://www.google.de/intl/de/policies/privacy/.

XIV. Google Marketing Platform (Doubleclick)

1. Description and scope of the data processing
The present website uses functions from Google DoubleClick. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as ‘DoubleClick’).
DoubleClick is used to show you interest-based advertisements across the entire Google advertising network. By means of DoubleClick, the advertisements can be tailored to the interests of the respective viewer. For example, our advertising can be displayed in Google search results or in advertising banners linked to DoubleClick.
In order to be able to display interest-based advertising to users, DoubleClick must recognise the respective viewer and be able to assign the websites the latter has visited, clicks and other information on user behavior. For this purpose, DoubleClick uses cookies or comparable recognition technologies (e.g. device fingerprinting). The collected information is combined into a pseudonymous user profile in order to display interest-based advertising to the user concerned. It is not excluded that your data will be processed on servers in the USA as well.
Processing of personal data also takes place in a non-secure third country. In the USA, there is no level of data protection which may be compared to the requirements according to the GDPR. Further information on transfer to a non-secure third country can be found in this data protection information under ‘I. General information on data processing – 4. Data transfer to non-secure third countries’.

2. Legal basis for data processing
The use of DoubleClick is based on your consent in accordance with art. 6 para. 1 sentence 1 lit. a GDPR and art. 49 para. 1 sentence 1 lit. a GDPR – as well as art. 25 para. 1 sentence 1 of the Telecommunication Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the Telecommunication Telemedia Data Protection Act (TTDSG).

3. Purpose of the data processing
DoubleClick is used in order to display and implement targeted advertising measures.

4. Duration of storage, options for objecting to the collection of your data and requesting its deletion
As a user, you have the right to withdraw your consent under data protection law at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. You can revoke the consent you have given at any time via you using the blue button at the bottom left of the page.
For more information on how to object to the advertisements displayed by Google, please refer to the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated