Privacy Policy
Table of content
Privacy
We have created this privacy statement (version 01.01.1970-121713761) in order to provide you with the best possible service in accordance with the requirements of the GDPR (EU) 2016/679 explain what information we collect, how we use information, and what choices you have as a visitor to this website.
Privacy statements usually sound very technical. This version, on the other hand, is intended to describe the most important things to you as simply and clearly as possible. As far as possible, technical terms are explained in a reader-friendly way. We also want to convey that we only collect and use information with this website if there is a corresponding legal basis. This is certainly not possible by providing the most concise, technical explanations possible, as is often standard practice on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or the other piece of information that you did not know yet.
Translated with www.DeepL.com/Translator (free version)
If you still have questions, we would like to ask you to follow the existing links and look at further information on third party sites, or simply write us an e-mail. You can find our contact details in the imprint.
Automatic data storage
Even while you are visiting our website right now, our web server - that is the computer on which this website is stored - usually automatically saves data such as
- the complete Internet address (URL) of the accessed website (e.g. https://www.beispielwebsite.de/beispielunterseite.html/)
- Browser and browser version (e.g. Chrome 87)
- the operating system used (e.g. Windows 10)
- the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
- the hostname and IP address of the device being accessed from (e.g. COMPUTERNAME and 194.23.43.121)
- Date and time
- in files called web server log files.
Cookies
What exactly are cookies?
Whenever you browse the Internet, you use a browser. Popular browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, effectively the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the "user-related" information back to our site. Thanks to cookies, our site knows who you are and offers you the setting you are used to. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
The following graphic shows a possible interaction between a web browser such as Chrome and the web server. Here, the web browser requests a website and receives a cookie back from the server, which the browser uses again as soon as another page is requested.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. Also, the expiration time of a cookie varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC.
For example, cookie data can look like this:
Name: _ga
Value: GA1.2.1326744211.152121713761-9
Purpose of use: Differentiation of website visitors
Expiration date: After 2 years
A browser should be able to support these minimum sizes:
- At least 4096 bytes per cookie
- At least 50 cookies per domain
- At least 3000 cookies in total
What are the types of cookies?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.
We can distinguish 4 types of cookies:
Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user adds a product to the shopping cart, then continues surfing on other pages and later goes to the checkout. Through these cookies, the shopping cart is not deleted even if the user closes his browser window.
Purposeful cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behavior of the website with different browsers.
Targeting cookies
These cookies provide a better user experience. For example, entered locations, font sizes or form data are stored.
Advertisement cookies
These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very convenient, but also very annoying.
Usually, when you visit a website for the first time, you are asked which of these cookie types you want to allow. And, of course, this decision is also stored in a cookie.
How can I delete cookies?
How and whether you want to use cookies, you decide. Regardless of which service or website the cookies come from, you always have the option to delete, disable or only partially allow cookies. For example, you can block third-party cookies, but allow all other cookies.
If you want to determine which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete and manage cookies
If you do not want to have cookies in principle, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. It is best to search for the instructions in Google using the search term "delete cookies Chrome" or "disable cookies Chrome" in the case of a Chrome browser.
What about my privacy?
The so-called "Cookie Guidelines" have been in place since 2009. These state that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these directives. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG). In Germany, the Cookie Directives were not implemented as national law. Instead, this directive was largely implemented in Section 15 (3) of the German Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Personal data storage
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments on the blog, will be used by us together with the time and IP address only for the purpose stated in each case, kept secure and not disclosed to third parties.
We thus use your personal data only for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not disclose your personal data without consent, but we cannot exclude the possibility that this data may be viewed in the event of unlawful conduct.
If you send us personal data by e-mail - thus away from this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data by e-mail without encryption.
Rights according to the GDPR
According to the provisions of the GDPR, you are generally entitled to the following rights:
- Right of rectification (Article 16 GDPR)
- Right to erasure ("right to be forgotten") (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to notification - notification obligation in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object (Article 21 GDPR)
- Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website you can find at https://www.dsb.gv.at/ and for Germany you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) .
Analysis of visitor behavior
In the following privacy policy, we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we can not conclude from your behavior on this website to your person.
You can find out more about how to object to this analysis of visit data in the following data protection declaration.
TLS encryption with https
TLS, encryption and https sound very technical and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transfer data over the internet in a tap-proof way.
This means that the complete transmission of all data from your browser to our web server is secured - no one can "listen in".
In this way, we have introduced an additional layer of security and fulfill data protection through technology design Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission protection by the small lock symbol 
in the top left corner of the browser to the left of the Internet address (e.g., beispielseite.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you'd like to know more about encryption, we recommend doing a Google search for "Hypertext Transfer Protocol Secure wiki" to get good links to more in-depth information.
Google Analytics Privacy Policy
Google Analytics is a tracking tool used for traffic analysis of our website. For Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions you take on our website. Once you leave our website, this data is sent to the Google Analytics servers and stored there.
Google processes the data and we receive reports about your user behavior. These reports may include, but are not limited to, the following:
- Target group reports: Through target group reports, we get to know our users better and know more precisely who is interested in our service.
- Ad reports: Ad reports make it easier for us to analyze and improve our online advertising.
- Acquisition reports: Acquisition reports give us helpful information on how to get more people interested in our service.
- Behavior reports: This is where we learn how you interact with our website. We can track which path you take on our site and which links you click.
- Conversion reports: Conversion is the name given to a process in which you perform a desired action as a result of a marketing message. For example, when you go from being just a website visitor to a buyer or newsletter subscriber. These reports help us learn more about how our marketing efforts are working for you. This is how we aim to increase our conversion rate.
- Real-time reports: Here we always know immediately what is happening on our website. For example, we can see how many users are reading this text.
Why do we use Google Analytics on our website?
Our goal with this website is clear: we want to provide you with the best possible service. The statistics and data from Google Analytics help us achieve this goal.
The statistically evaluated data shows us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it is found more easily by interested people on Google. On the other hand, the data helps us to better understand you as a visitor. Thus, we know very well what we need to improve on our website in order to provide you with the best possible service. The data also helps us to carry out our advertising and marketing measures in a more individual and cost-effective way. After all, it only makes sense to show our products and services to people who are interested in them.
What data is stored by Google Analytics?
Google Analytics uses a tracking code to create a random, unique ID associated with your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This is how it is possible to evaluate pseudonymous user profiles in the first place.
To be able to analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. For each newly created property, the Google Analytics 4 property is default. Alternatively, you can also create the Universal Analytics property. Depending on the property used, data is stored for different lengths of time.
Identifiers such as cookies and app instance IDs measure your interactions on our website. Interactions are all types of actions you take on our website. If you also use other Google systems (such as a Google account), data generated through Google Analytics may be linked to third-party cookies. Google does not share Google Analytics data unless we, as the website operator, authorize it. Exceptions may occur if required by law.
The following cookies are used by Google Analytics:
Name: _ga
Value: 2.1326744211.152121713761-5
Purpose of use: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it is used to distinguish the website visitors.
Expiration date: After 2 years
Name: _gid
Value: 2.1687193234.152121713761-1
Purpose of use: The cookie is also used to distinguish the website visitors
Expiration date: after 24 hours
Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose of use: Used to lower the request rate. When Google Analytics is deployed via Google Tag Manager, this cookie is named _dc_gtm_ .
Expiration date: after 1 minute
Name: AMP_TOKEN
Value: no data
Purpose of use: The cookie has a token that can be used to retrieve a user ID from the AMP client ID service. Other possible values indicate a logout, a request, or an error.
Expiration date: after 30 seconds up to one year
Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose of use: This cookie can be used to track your behavior on the website and measure performance. The cookie is updated every time information is sent to Google Analytics.
Expiration date: After 2 years
Name: __utmt
Value: 1
Purpose of use: The cookie is used like _gat_gtag_UA_ to throttle the request rate.
Expiration date: after 10 minutes
Name: __utmb
Value: 3.10.1564498958
Purpose of use: This cookie is used to determine new sessions. It is updated every time new data or info is sent to Google Analytics.
Expiration date: after 30 minutes
Name: __utmc
Value: 167421564
Purpose of use: This cookie is used to set new sessions for returning visitors. This is a session cookie and is only stored until you close the browser again.
Expiration date: After closing the browser
Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose of use: The cookie is used to identify the source of traffic to our website. That is, the cookie stores from where you came to our website. This may have been another page or an advertisement.
Expiration date: after 6 months
Name: __utmv
Value: no data
Purpose of use: The cookie is used to store custom user data. It is updated whenever information is sent to Google Analytics.
Expiration date: After 2 years
Annotation: This list cannot claim to be complete, as Google also changes the choice of its cookies time and again.
Here we show you an overview of the most important data collected with Google Analytics:
Heatmaps: Google creates so-called heatmaps. Via heatmaps you can see exactly those areas that you click on. This gives us information about where you are "on the road" on our site.
Session Duration: Google defines session duration as the time you spend on our site without leaving. If you have been inactive for 20 minutes, the session ends automatically.
Bounce rate: A bounce is when you view only one page on our website and then leave our website again.
Account creation: When you create an account or place an order on our website, Google Analytics collects this data.
IP address: The IP address is only shown in abbreviated form so that no clear assignment is possible.
Location: The IP address can be used to determine the country and your approximate location. This process is also called IP location determination.
Technical information: Technical information may include your browser type, Internet service provider, or screen resolution.
Source of origin: Google Analytics or we are of course also interested in which website or which advertising you came to our site.
Other data include contact details, any ratings, playing media (e.g., when you play a video via our site), sharing content via social media, or adding to your favorites. The enumeration does not claim to be complete and only serves as a general orientation of the data storage by Google Analytics.
How long and where is the data stored?
Google has your servers spread all over the world. Most servers are located in America and consequently your data is mostly stored on American servers. Here you can read exactly where Google's data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=de
Your data is distributed on different physical data carriers. This has the advantage that the data can be retrieved more quickly and is better protected against manipulation. In every Google data center, there are corresponding emergency programs for your data. If, for example, the hardware at Google fails or natural disasters paralyze servers, the risk of a service interruption at Google still remains low.
The data retention period depends on the properties used. When using the newer Google Analytics 4 properties, the retention period of your user data is set to 14 months. For other so-called event data, we have the option to choose a retention period of 2 months or 14 months.
For Universal Analytics properties, Google Analytics has a default retention period of 26 months for your user data. Then your user data is deleted. However, we have the option to choose the retention period of user data ourselves. We have five variants available for this purpose:
- Deletion after 14 months
- Deletion after 26 months
- Deletion after 38 months
- Deletion after 50 months
- No automatic deletion
In addition, there is also the option that data will only be deleted if you no longer visit our website within the period we have selected. In this case, the retention period is reset each time you visit our website again within the specified period.
Once the specified period has expired, the data is deleted once a month. This retention period applies to your data associated with cookies, user recognition and advertising IDs (e.g. DoubleClick domain cookies). Reporting results are based on aggregated data and are stored separately from user data. Aggregated data is a merging of individual data into a larger unit.
How can I delete my data or prevent data storage?
Under European Union data protection law, you have the right to obtain information about your data, update it, delete it, or restrict it. Using the browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js), you can prevent Google Analytics from using your data. You can download the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de download and install. Please note that this add-on only disables data collection by Google Analytics.
If you generally want to disable, delete or manage cookies (independently of Google Analytics), there are separate instructions for each browser:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete and manage cookies
Please note that when using this tool, data from you may also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may therefore not simply be transferred, stored and processed there unless there are suitable safeguards (such as EU standard contractual clauses) between us and the non-European service provider.
We hope we have been able to provide you with the most important information about Google Analytics data processing. If you want to learn more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de.
Payment providers
We use online payment systems on our website that allow us and you a secure and smooth payment process. Among other things, personal data may be sent to the respective payment provider, stored and processed there.
We therefore offer other payment service providers in addition to banking/credit institutions as part of contractual or legal relationships, because of legal obligations and on the basis of legitimate interest. The privacy statements of the individual payment providers (such as Amazon Payments, Apple Pay or Discover) provide you with a detailed overview of data processing and data storage. In addition, you can always contact the responsible parties if you have any questions about data protection-related topics.
What is a payment provider?
Payment providers are online payment systems that allow you to place an order via online banking. In this case, the payment processing is carried out by the payment provider you have chosen. We subsequently receive information about the payment made. This method can be used by any user who has an active online banking account with PIN and TAN. There are hardly any banks left that do not offer or accept such payment methods.
Why do we use payment providers on our website?
Of course we want to offer the best possible service with our website and our integrated online store, so that you feel comfortable on our site and use our offers. We know that your time is precious and especially payment processes must work quickly and smoothly. For these reasons we offer you various payment providers. You can choose your preferred payment provider and pay in the usual way.
What data is stored?
Exactly which data is processed depends, of course, on the respective payment provider. But basically, data such as name, address, bank data (account number, credit card number, passwords, TANs, etc.) are stored. These are necessary data to be able to carry out a transaction at all. In addition, any contractual data and user data, such as when you visit our website, what content you are interested in or which sub-pages you click on, may also be stored. Your IP address and information about the computer you are using are also stored by most payment providers.
The data is usually stored and processed on the servers of the payment providers. We as the website operator do not receive this data. We are only informed whether the payment has worked or not. For identity and credit checks, it may happen that payment providers forward data to the appropriate body. For all payment transactions, the business and data protection principles of the respective provider always apply. Therefore, please always take a look at the general terms and conditions and the privacy policy of the payment provider. You also have the right to have data deleted or corrected at any time. Please contact the respective service provider regarding your rights (right of revocation, right to information and right to be affected).
Information on the specific payment providers - if available - can be found in the following sections.
Source: Created with the Datenschutz Generator from AdSimple