Data privacy statement
We have written this data protection declaration (version 10/15/2020-311222012) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679, which information we collect, how we use data and which choices you have as a visitor to this website .
Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible.
Automatic data storage
When you visit websites these days, certain information is automatically created and stored, including on this website.
If you visit our website as it is now, our web server (computer on which this website is stored) automatically saves data such as
- the address (URL) of the accessed website
- Browser and browser version
- the operating system used
- the address (URL) of the previously visited page (referrer URL)
- the host name and the IP address of the device from which access is made
- Date and Time
in files (web server log files).
As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed in the event of illegal behavior.
Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What exactly are cookies?
Whenever you surf the Internet, you are using a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.
Cookies store certain user data about you, such as language or personal page settings. When you call up our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard settings. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies cannot access information on your PC either.
For example, cookie data can look like this:
- Name: _ga
- Expiry time: 2 years
- Use: Differentiation of website visitors
- Exemplary value: GA1.2.1326744211.152311222012
A browser should support the following minimum sizes:
- A cookie should be able to contain at least 4096 bytes
- At least 50 cookies should be able to be stored per domain
- A total of at least 3000 cookies should be able to be stored
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
Absolutely necessary cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only checks out later. These cookies do not delete the shopping cart, even if the user closes his browser window.
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and the behavior of the website with different browsers.
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.
When you visit a website for the first time, you will usually be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.
How can I delete cookies?
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
- Chrome: Delete, activate and manage cookies in Chrome
- Safari: manage cookies and website data with Safari
- Firefox: Delete cookies to remove data that websites have stored on your computer
- Internet Explorer: deleting and managing cookies
- Microsoft Edge: Deleting and managing cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether or not to allow the cookie. The procedure is different depending on the browser. It is best to search for the instructions in Google with the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser or exchange the word “Chrome” for the name of your browser, e.g. Edge, Firefox, Safari from.
What about my data protection?
The so-called “cookie guidelines” have existed since 2009. It states that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these guidelines. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Rights according to the General Data Protection Regulation
According to the provisions of the GDPR, you have the following rights:
- Right to rectification (Article 16 GDPR)
- Right to cancellation (“right to be forgotten”) (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
- Right to data portability (Article 20 GDPR)
- Right of objection (Article 21 GDPR)
- Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or that your data protection claims have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
TLS encryption with https
We use https to transmit data securely on the Internet (data protection through technology design, Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission protection by the small lock symbol in the top left of the browser and the use of the https (instead of http) scheme as part of our Internet address.
With Matomo, formerly Piwik, we use a web analysis service from InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769 using cookie technology. To ensure the protection of your data is secure, we have done Matomo in such a way that your IP address is shortened. Conclusions about your person are not possible: Your personal workforce will not be anonymized by us. Using our cookie banner when you visit our website, you decide for yourself whether this is okay with you. You can find more information about Matomo at: https://matomo.org/privacy/
We use Google Fonts from Google Inc. on our website. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. We have the google fonts locally, i.e. on our web server – not on Google’s servers. This means that there is no connection to Google servers and therefore no data transmission or storage.
What are Google Fonts?
In the past, Google Fonts was also called Google Web Fonts. This is an interactive directory with over 800 fonts that Google provides for free. With Google Fonts you could use fonts without uploading them to your own server. But in order to prevent any information transfer to Google servers in this regard, we have downloaded the fonts to our server. In this way, we act in compliance with data protection regulations and do not send any data to Google Fonts.
Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore have unlimited access to a sea of fonts and thus get the most out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311222012.
We use the Google reCaptcha service to determine whether a person or a computer makes a certain entry in our contact or newsletter form. Google uses the following data to check whether you are a person or a computer: IP address of the device used, the website that you visit with us and on which the captcha is integrated, the date and duration of the visit, the identification data of the device used Browser and operating system type, Google account if you are logged into Google, mouse movements on the reCaptcha areas and tasks for which you have to identify images. The legal basis for the data processing described is Art. 6 Para. 1 lit. f General Data Protection Regulation. There is a legitimate interest on our part in this data processing, to ensure the security of our website and to protect us from automated entries (attacks).