Data protection

Privacy policy

Personal data (hereinafter referred to as "data") will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.

According to Article 4(1) of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as "GDPR"), "processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

With the following privacy policy, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others on the purposes and means of processing. In addition, we inform you below about the third-party components we use for optimization purposes and to increase the quality of use, insofar as third parties process data on their own responsibility.

Our privacy policy is structured as follows

I. Information about us as the controller
II. Rights of users and data subjects
III. Information on data processing

I. Information about us as the controller

The responsible provider of this website in terms of data protection law is

FLBE Health GmbH
Melchiorstraße 2
68167 Mannheim

Phone: +49 (0) 6341 - 6813504
Email: hallo@bedrop.de

The provider's data protection officer is

Betül Yönak-Bein

II Rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right

  • to confirmation as to whether data concerning them is being processed, to information about the processed data, to further information about the data processing and to copies of the data (cf. also Art. 15 GDPR)
  • to rectification or completion of inaccurate or incomplete data (see also Art. 16 GDPR)
  • the immediate erasure of the data concerning them (see also Art. 17 GDPR) or, alternatively, if further processing is required pursuant to Art. 17 (3) GDPR, the restriction of processing in accordance with Art. 18 GDPR;
  • to receive the data concerning them and provided by them and to transmit this data to other providers/controllers (cf. also Art. 20 GDPR)
  • to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection regulations (see also Art. 77 GDPR).

In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any rectification or erasure of data or restriction of processing carried out on the basis of Articles 16, 17 (1), 18 GDPR. However, this obligation does not apply if this notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.

In accordance with Art. 21 GDPR, users and data subjects also have the right to object to the future processing of data concerning them, provided that the data is processed by the provider in accordance with Art. 6 para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permitted.

III. Information on data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any statutory storage obligations and no other information is provided below on individual processing procedures.

Server data

For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or to our web space provider by your Internet browser. With these so-called server log files, the type and version of your Internet browser, the operating system, the website from which you have switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access and the IP address of the Internet connection from which the use of our Internet presence takes place are collected, among other things.

The data collected in this way is stored temporarily, but not together with other data about you.

This storage takes place on the legal basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted after seven days at the latest, unless further storage is required for evidence purposes. Otherwise, the data is excluded from deletion in whole or in part until an incident has been finally clarified.

Cookies

a) Session cookies/session cookies

We use so-called cookies on our website. Cookies are small text files or other storage technologies that are placed and stored on your end device by the Internet browser you use. These cookies process certain information from you, such as your browser or location data or your IP address, to an individual extent.

This processing makes our website more user-friendly, effective and secure, as the processing enables, for example, the reproduction of our website in different languages or the offer of a shopping cart function.

The legal basis for this processing is Art. 6 para. 1 lit. b.) GDPR, insofar as these cookies are processed for contract initiation or contract processing.

If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis in this case is Art. 6 para. 1 lit. f) GDPR.

These session cookies are deleted when you close your Internet browser.

b) Third-party cookies

Our website may also use cookies from partner companies with whom we cooperate for the purposes of advertising, analysis or the functionalities of our website.

Please refer to the following information for details, in particular the purposes and legal basis for processing such third-party cookies.

c) Removal option

You can prevent or restrict the installation of cookies by changing the settings in your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. In the case of so-called Flash cookies, however, processing cannot be prevented via the browser settings. Instead, you must change the settings of your Flash player. The steps and measures required for this also depend on the specific Flash player you are using. If you have any questions, please also use the help function or documentation of your Flash player or contact the manufacturer or user support.

However, if you prevent or restrict the installation of cookies, this may mean that not all functions of our website can be used to their full extent.

Contract processing

The data transmitted by you to make use of our range of goods and/or services is processed by us for the purpose of contract processing and is necessary in this respect. Conclusion and execution of the contract are not possible without the provision of your data.

The legal basis for processing is Art. 6 para. 1 lit. b) GDPR.

We delete the data once the contract has been fully processed, but must observe the retention periods under tax and commercial law.

As part of the contract processing, we pass on your data to the transport company commissioned with the delivery of goods or to the financial service provider, insofar as the transfer is necessary for the delivery of goods or for payment purposes.

The legal basis for the transfer of data is then Art. 6 para. 1 lit. b) GDPR.

Customer account / registration function

If you create a customer account with us via our website, we will collect and store the data you enter during registration (e.g. your name, address or email address) exclusively for pre-contractual services, for the fulfillment of the contract or for the purpose of customer care (e.g. to provide you with an overview of your previous orders with us or to be able to offer you the so-called notepad function). At the same time, we store the IP address and the date and time of your registration. Of course, this data will not be passed on to third parties.

As part of the further registration process, your consent to this processing is obtained and reference is made to this privacy policy. The data collected by us will be used exclusively for the provision of the customer account.

Insofar as you consent to this processing, Art. 6 para. 1 lit. a) GDPR is the legal basis for the processing.

If the opening of the customer account also serves pre-contractual measures or the fulfillment of the contract, the legal basis for this processing is also Art. 6 para. 1 lit. b) GDPR.

You can revoke your consent to the opening and maintenance of the customer account at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. All you have to do is inform us of your revocation.

The data collected in this respect will be deleted as soon as processing is no longer necessary. However, we must comply with retention periods under tax and commercial law.

Newsletter

If you register for our free newsletter, the data requested from you for this purpose, i.e. your e-mail address and - optionally - your name and address, will be transmitted to us. At the same time, we store the IP address of the Internet connection from which you access our website as well as the date and time of your registration. As part of the further registration process, we will obtain your consent to send you the newsletter, describe the content in detail and refer you to this privacy policy. We use the data collected in this process exclusively for sending the newsletter - in particular, it is therefore not passed on to third parties.

The legal basis for this is Art. 6 para. 1 lit. a) GDPR.

You can revoke your consent to receive the newsletter at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. All you have to do is inform us of your revocation or click on the unsubscribe link contained in every newsletter.

Newsletter dispatch via Klaviyo
Our email newsletters are sent via the technical service provider "Klaviyo", 225 Franklin St, Boston, MA 02110, USA (https://www.klaviyo.com/), to whom we pass on the data you provided when registering for the newsletter. This transfer takes place in accordance with Art. 6 para. 1 lit. f GDPR and serves our legitimate interest in using an effective, secure and user-friendly newsletter system. Please note that your data is usually transferred to a Klaviyo server in the USA and stored there.
Klaviyo uses this information to send the newsletter on our behalf. Klaviyo does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
To protect your data in the USA, we have a data processing agreement with Klaviyo in which Klaviyo undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection provisions and, in particular, not to pass it on to third parties.
You can view Klaviyo's data protection provisions here: https://www.klaviyo.com/privacy

Notification of product availability by email
If we offer the option in our online store of informing you by e-mail about the time of availability for selected items that are temporarily unavailable, you can register for our e-mail notification service for product availability. If you register for our e-mail notification service for product availability, we will send you a one-off e-mail message about the availability of the item you have selected. Only your e-mail address is required for sending this notification. The provision of further data is voluntary and may be used to address you personally. We use the so-called double opt-in procedure to send this notification. This means that we will only send you a corresponding notification if you have expressly confirmed to us that you consent to receiving such a message. We will then send you a confirmation e-mail asking you to confirm that you wish to receive such a notification by clicking on a corresponding link. By activating the confirmation link, you give us your consent to the use of your personal data in accordance with Art. 6 para. 1 lit. a GDPR. When you register for our e-mail notification service for the availability of goods, we store your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for our e-mail notification service regarding the availability of goods is used exclusively for the purpose of informing you about the availability of a specific item in our online store. You can unsubscribe from the e-mail notification service for the availability of goods at any time by sending a message to the person responsible named at the beginning. Once you have unsubscribed, your e-mail address will be deleted immediately from our mailing list set up for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

Advertising by letter post
On the basis of our legitimate interest in personalized direct advertising, we reserve the right to store your first and last name, your postal address and - insofar as we have received this additional information from you as part of the contractual relationship - your title, academic degree, year of birth and your professional, industry or business name in accordance with Art. 6 para. 1 lit. f GDPR and to use them to send you interesting offers and information about our products by post. You can object to the storage and use of your data for this purpose at any time by sending a corresponding message to the controller. - Advertising by letter post via CMC We use the services of Collaborative Marketing Club - CMC GmbH, Kopernikusstraße 3, 10243 Berlin ("CMC") to send advertising material by letter post. On the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 para. 1 lit. f GDPR, we pass on certain personal customer data (name, address data, date of birth if applicable, order frequency and time, shopping cart information) - insofar as we have received this from you as part of the contractual relationship - to CMC and commission the service provider to print and send interest-based advertising information about our offers by post as part of individual campaigns. CMC stores the transmitted data exclusively on servers within the EU and deletes it in a standardized manner four weeks after it is sent by post. We have concluded an order processing contract with CMC, in which we oblige the company to protect our customers' data and not to pass it on to third parties. You can object to the storage and use of your data for the purposes of direct postal advertising at any time by sending a corresponding message to the controller. Further information on CMC's data protection provisions can be found at https://www.collaborativemarketingclub.com/datenschutz

Contact requests / contact option

If you contact us via contact form or e-mail, the data you provide will be used to process your request. The provision of the data is necessary for processing and answering your request - without the provision of this data, we cannot answer your request or can only answer it to a limited extent.

The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR.

Your data will be deleted if your request has been finally answered and the deletion does not conflict with any statutory retention obligations, such as in the case of any subsequent contract processing.

Pinterest

We maintain an online presence on Pinterest to present our company and our services and to communicate with customers/prospects. Pinterest is a service of Pinterest Inc, 651 Brannan Street, San Francisco, CA, 94107, USA.

In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may result in increased risks for users in that, for example, subsequent access to user data may be made more difficult. We also have no access to this user data. The access option lies exclusively with Pinterest.

You can find Pinterest's privacy policy at

https://policy.pinterest.com/de/privacy-policy

YouTube

We maintain an online presence on YouTube to present our company and our services and to communicate with customers/prospects. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may result in increased risks for users in that, for example, subsequent access to user data may be made more difficult. We also have no access to this user data. The access option lies exclusively with YouTube.

You can find YouTube's privacy policy at

https://policies.google.com/privacy

Facebook / META

We operate a company presence on the Facebook / Meta platform to promote our products and services and to communicate with interested parties or customers.

We are jointly responsible for this social media platform with Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

The data protection officer of Facebook/Meta can be reached via a contact form:

https://www.facebook.com/help/contact/540977946302970

We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, which sets out the mutual obligations, is available at the following link

https://www.facebook.com/legal/terms/page_controller_addendum

The legal basis for the processing of personal data that takes place as a result and is described below is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the analysis, communication, sales and advertising of our products and services.

The legal basis may also be the user's consent to the platform operator in accordance with Art. 6 para. 1 lit. a GDPR. The user can revoke this consent for the future at any time by notifying the platform operator in accordance with Art. 7 para. 3 GDPR.

When our online presence is accessed on the Facebook/Meta platform, Meta Platforms Ireland Limited, as the operator of the platform in the EU, processes the user's data (e.g. personal information, IP address, etc.).

This user data is used for statistical information about the use of our company presence on Facebook/Meta. Meta Platforms Ireland Limited uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Facebook Ireland Ltd. is able, for example, to advertise users within and outside of Facebook based on their interests. If the user is logged into their Facebook account at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account.

If the user contacts us via Facebook/Meta, the personal data entered by the user on this occasion will be used to process the request. The user's data will be deleted by us if the user's inquiry has been conclusively answered and there are no legal obligations to retain the data, e.g. in the case of subsequent contract processing.

Meta Platforms Ireland Limited may also use cookies to process the data.

If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the settings of the browser, but by the corresponding setting of the Flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook/Meta functions can be used to their full extent.

Further information on the processing activities, their prevention and the deletion of the data processed by Facebook/Meta can be found in the Facebook/Meta data policy:

https://www.facebook.com/privacy/explanation

It cannot be ruled out that processing by Meta Platforms Ireland Limited also takes place via Facebook Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.

Instagram

We operate a company presence on the Instagram platform to advertise our products and services and to communicate with interested parties or customers.

We are jointly responsible for this social media platform with Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

Instagram's data protection officer can be reached via a contact form:

https://www.facebook.com/help/contact/540977946302970

We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, which sets out the mutual obligations, is available at the following link

https://www.facebook.com/legal/terms/page_controller_addendum

The legal basis for the processing of personal data that takes place as a result and is described below is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the analysis, communication, sales and advertising of our products and services.

The legal basis may also be the user's consent to the platform operator in accordance with Art. 6 para. 1 lit. a GDPR. The user can revoke this consent for the future at any time by notifying the platform operator in accordance with Art. 7 para. 3 GDPR.

When our online presence is accessed on the Instagram platform, Meta Platforms Ireland Limited, as the operator of the platform in the EU, processes the user's data (e.g. personal information, IP address, etc.).

This user data is used for statistical information about the use of our company presence on Instagram. Meta Platforms Ireland Limited uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Meta Platforms Ireland Limited is able, for example, to advertise users within and outside of Instagram based on their interests. If the user is logged into their Instagram account at the time of access, Meta Platforms Ireland Limited can also link the data to the respective user account.

If the user contacts us via Instagram, the personal data entered by the user on this occasion will be used to process the request. The user's data will be deleted by us if the user's inquiry has been conclusively answered and there are no legal obligations to retain the data, e.g. in the case of subsequent contract processing.

Meta Platforms Ireland Limited may also use cookies to process the data.

If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the settings of the browser, but by the corresponding setting of the Flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook/Meta functions can be used to their full extent.

Further information on the processing activities, their prevention and the deletion of data processed by Instagram can be found in Instagram's data policy:

https://help.instagram.com/519522125107875

It cannot be ruled out that processing by Meta Platforms Ireland Limited also takes place via Facebook Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.

Linking social media via graphic or text link

We also advertise presences on the social networks listed below on our website. The integration takes place via a linked graphic of the respective network. The use of this linked graphic prevents the automatic establishment of a connection to the respective social network server when a website with a social media advertisement is called up in order to display a graphic of the respective network itself. Only by clicking on the corresponding graphic is the user forwarded to the service of the respective social network.

After the user has been forwarded, the respective network collects information about the user. It cannot be ruled out that the data collected in this way will be processed in the USA.

This is initially data such as IP address, date, time and page visited. If the user is logged into their user account on the respective network during this time, the network operator may be able to assign the information collected about the user's specific visit to the user's personal account. If the user interacts via a "Share" button of the respective network, this information can be stored in the user's personal user account and published if necessary. If the user wants to prevent the information collected from being directly assigned to their user account, they must log out before clicking on the graphic. It is also possible to configure the respective user account accordingly.

The following social networks are integrated into our site through links:

facebook/meta

Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA.

Privacy policy: https://www.facebook.com/policy.php

Pinterest

Pinterest Inc, 651 Brannan Street, San Francisco, CA, 94107, USA.

Privacy policy: https://policy.pinterest.com/de/privacy-policy

YouTube

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA

Privacy policy: https://policies.google.com/privacy

Instagram

Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA.

Privacy policy: https://help.instagram.com/519522125107875

Google Analytics

We use Google Analytics on our website. This is a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

The Google Analytics service is used to analyze the usage behavior of our website. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our website.

Usage and user-related information, such as IP address, location, time or frequency of visits to our website, is transmitted to a Google server in the USA and stored there. However, we use Google Analytics with the so-called anonymization function. This function allows Google to shorten the IP address within the EU or EEA.

The data collected in this way is in turn used by Google to provide us with an evaluation of the visit to our website and the usage activities there. This data can also be used to provide other services related to the use of our website and the use of the Internet.

Google states that it will not associate your IP address with any other data. In addition, Google keeps under

https://www.google.com/intl/de/policies/privacy/partners

for further information on data protection law, including, for example, the options for preventing the use of data.

Google also offers at

https://tools.google.com/dlpage/gaoptout?hl=de

offers a so-called deactivation add-on along with further information on this. This add-on can be installed with the most common Internet browsers and offers you further control over the data that Google collects when you visit our website. The add-on informs the JavaScript (ga.js) of Google Analytics that information about your visit to our website should not be transmitted to Google Analytics. However, this does not prevent information from being transmitted to us or to other web analysis services. Of course, you can also find out whether and which other web analysis services we use in this privacy policy.

Google Maps

We use Google Maps on our website to display our location and to provide directions. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.

If you call up the Google Maps component integrated into our website, Google stores a cookie on your device via your Internet browser. Your user settings and data are processed in order to display our location and create directions. We cannot rule out the possibility that Google uses servers in the USA.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website.

The connection to Google established in this way enables Google to determine from which website your request has been sent and to which IP address the directions are to be transmitted.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. Details on this can be found above under "Cookies".

In addition, the use of Google Maps and the information obtained via Google Maps is governed by the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=de and the Terms and Conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps.html.

In addition, Google offers under

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

for further information.

Google reCAPTCHA

We use Google reCAPTCHA on our website to check and prevent interactions on our website by automated access, e.g. by so-called bots. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

This service enables Google to determine from which website a request is sent and from which IP address you use the so-called reCAPTCHA input box. In addition to your IP address, Google may also collect other information that is necessary for the provision and guarantee of this service.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar.

Google offers under

https://policies.google.com/privacy

for further information on the general handling of your user data.

Google Fonts

We use Google Fonts on our website to display external fonts. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the optimization and economic operation of our website.

The connection to Google established when you access our website enables Google to determine from which website your request has been sent and to which IP address the display of the font is to be transmitted.

Google offers under

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

for further information, in particular on the options for preventing the use of data.

TikTok

Data protection provisions about the application and use of TikTok Analytics

The controller has integrated TikTok Analytics on this website.

The operating company of the services is ByteDance Ltd. based in Haidian District, Beijing, China. The controller for data from Europe is TikTok Technology Limited, with registered office at 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. The controller for data from the UK is TikTok Information Technologies UK Limited, with registered office at c/o WeWork, 125 Kingsway, London, WC2B 6NH, London, England.

TikTok Analytics is an analytics tool used for the number of followers, likes, comments and shares on TikTok, allowing it to measure weekly and monthly growth, total play time of videos, information about who is watching and the consent management platform used to manage page visitor consent and page analytics.

The purpose of the processing is to analyze data.
The legal basis for the processing is Art. 6 para. 1 lit. f GDPR. +

Further information and the applicable data protection guidelines of TikTok can be found at https://www.tiktok.com/legal/page/row/privacy-policy/en.

YouTube

We use YouTube on our website. This is a video portal of YouTube LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, hereinafter referred to as "YouTube".

YouTube is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

We use YouTube in connection with the "extended data protection mode" function in order to be able to show you videos. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website. According to YouTube, the "Enhanced Privacy Mode" function means that the data described in more detail below is only transmitted to the YouTube server when you actually start a video.

Without this "extended data protection mode", a connection to the YouTube server in the USA is established as soon as you access one of our web pages on which a YouTube video is embedded.

This connection is necessary in order to be able to display the respective video on our website via your Internet browser. In the course of this, YouTube will at least record and process your IP address, the date and time and the website you have visited. In addition, a connection to Google's "DoubleClick" advertising network is established.

If you are logged in to YouTube at the same time, YouTube will assign the connection information to your YouTube account. If you wish to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account.

For the purpose of functionality and analysis of user behavior, YouTube permanently stores cookies on your end device via your Internet browser. If you do not agree to this processing, you have the option of preventing the storage of cookies by changing the settings in your Internet browser. You can find more information on this above under "Cookies".

Google provides further information about the collection and use of data as well as your rights and protection options in this regard in the privacy policy available at

https://policies.google.com/privacy

which can be accessed at .

Google AdWords with conversion tracking

We use the Google AdWords advertising component and conversion tracking on our website. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

We use conversion tracking to advertise our website in a targeted manner. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our website.

If you click on an ad placed by Google, the conversion tracking we use stores a cookie on your end device. These so-called conversion cookies lose their validity after 30 days and are not used for your personal identification.

If the cookie is still valid and you visit a specific page of our website, both we and Google can evaluate that you have clicked on one of our ads placed on Google and that you have subsequently been redirected to our website.

Google uses the information obtained in this way to compile statistics about your visit to our website. We also receive information about the number of users who have clicked on our ad(s) and about the pages of our website that were subsequently accessed. However, neither we nor third parties who also use Google AdWords will be able to identify you in this way.

You can also prevent or restrict the installation of cookies by making the appropriate settings in your Internet browser. At the same time, you can delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support.

Google also offers the following link

https://services.google.com/sitestats/de.html

https://www.google.com/policies/technologies/ads/

http://www.google.de/policies/privacy/

for further information on this topic and in particular on the options for preventing the use of data.

Google remarketing or "similar target groups" component from Google

We use the remarketing or "similar target groups" function on our website. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

We use this function to display interest-based, personalized advertising on third-party websites that also participate in the Google advertising network.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our website.

To enable this advertising service, Google stores a cookie with a sequence of numbers on your end device via your Internet browser during your visit to our website. This cookie records both your visit and the use of our website in anonymized form. However, no personal data is passed on in the process. If you subsequently visit the website of a third party that also uses the Google advertising network, advertisements may appear that are related to our website or our offers there.

To permanently deactivate this function, Google offers the most common Internet browsers via

https://www.google.com/settings/ads/plugin

offers a browser plugin.

The use of cookies from certain providers can also be deactivated, for example via

http://www.youronlinechoices.com/uk/your-ad-choices

or

http://www.networkadvertising.org/choices/

can be deactivated by opting out.

Cross-device marketing may also allow Google to track your usage behavior across multiple devices, so that you may be shown interest-based, personalized advertising even if you switch devices. However, this assumes that you have agreed to the linking of your browsing history with your existing Google account.

Google offers further information on Google Remarketing at

https://www.google.com/privacy/ads/

.

Shopify (store software + web analytics)

a) Shopify store software

We use "Shopify" to host our store system and to display our offers and process contracts.

The legal basis is Art. 6 para. 1 lit. b) GDPR (contract initiation/contract processing).

"Shopify" is the service of a group of companies consisting of Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc, Shopify (USA) Inc, Shopify Commerce Singapore Pte. Ltd, and Shopify International Limited.

If we are based in the European Economic Area (EEA), the processing is carried out by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland, hereinafter referred to as "Shopify".

However, due to the group of companies, it cannot be ruled out that processing may also take place in Canada and the USA, i.e. outside the EEA. However, when data is transferred to the Canadian Shopify Inc., an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.

Shopify processes the following data on our behalf:

Name, billing and, if applicable, delivery address, e-mail address, payment data, company name if applicable, telephone number if applicable, IP address, information about orders, information about the merchant stores supported by Shopify that you visit, as well as information about your end device and your Internet browser.

In addition, Shopify offers at

https://www.shopify.de/legal/datenschutz

for further data protection information.

b) Shopify web analytics

If we also use Shopify's web analytics service on our website, Shopify stores cookies on your device via your Internet browser. These cookies are used to transmit further information, such as the location, time or frequency of your visit to our website, to a Shopify server for analysis.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis and optimization of our website.

If you do not agree to this processing, you have the option of preventing the storage of cookies by changing the settings in your Internet browser. You can find more information on this above under "Cookies".

Sample data protection declaration of the law firm Weiß & Partner

Privacy policy for Facebook/Meta

This website uses social media functions of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. You can share content on the Facebook social network using the Facebook Like buttons integrated on this website. The legal basis for the processing of the data is Art. 6 para. 1 subpara. 1 letter f) GDPR the legitimate interest in optimizing the website offer. When a page with an integrated Facebook Like button is accessed, a connection is always established between the browser used and the Facebook servers. In order to prevent this immediate connection, this website uses a solution in which this transmission only takes place when the Facebook Like button is clicked. Data is only transmitted to Facebook when the Facebook Like button is clicked a second time. If you have a Facebook account, this data can be linked to it. If you do not wish this data to be linked to your Facebook account, please log out of Facebook before visiting our site and delete the cookies in your browser. Facebook has submitted to the "Privacy Shield" data protection agreement between the USA and the EU. You can find out more about Facebook's data protection at https://de-de.facebook.com/privacy/explanation.

Klarna data protection notice

If you choose Klarna's payment services, we ask for your consent that we may transmit the data necessary for processing the payment and for an identity and credit check to Klarna. In Germany, the credit agencies named in Klarna's privacy policy may be used for identity and credit checks. You can revoke your consent to this use of your personal data at any time by contacting Klarna.

Amazon Pay data protection notice

We offer the option of processing the payment transaction via the payment service provider amazon pay (Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to Amazon Payments to the extent necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b. GDPR).

First name Last name Address E-mail address Telephone number

The processing of the data specified in this section is neither legally nor contractually required. Without the transmission of your personal data, we cannot process a payment via amazon pay. [You have the option of choosing a different payment method.]

Amazon Payments Europe reserves the right to carry out a credit check to ensure your willingness and ability to pay. This corresponds to the legitimate interest of Amazon Payments Europe (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). Your data will be passed on to credit agencies and online retailers for this purpose. In addition, your data may be used for interest-based advertising and marketing purposes by amazon pay if you have consented to this in your account settings https://www.amazon.de/adprefs. We have no influence on this process and only receive the result of whether the payment was carried out or rejected.

Further information on objection and removal options vis-à-vis Amazon Payments Europe can be found at: https://pay.amazon.de/help/201212490.

Your data will be stored by us until payment processing is completed. This also includes the period required for processing refunds, claims management and fraud prevention.

Relevance data protection supplement

This website uses retargeting technology from releva GmbH, Feilnerstr. 10, 10969 Berlin (www.releva.nz). This makes it possible to target visitors to our website with personalized, interest-based advertising. The advertising material is displayed on the basis of a cookie-based analysis of previous usage behavior, but no personal data is stored. In the case of retargeting technology, a cookie is stored on your computer or mobile device in order to collect pseudonymized data about your interests as part of a pseudonymized user profile and thus adapt the advertising individually to the stored information. These cookies are small text files that are stored on your computer or mobile device. As a result, you are shown advertising that is highly likely to match your product and information interests. If the information collected has a personal reference, the processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in the display of personalized advertising and market research.

The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. To generally object to the use of cookies on your computer, you can set your Internet browser so that no more cookies can be stored on your computer in the future or cookies that have already been stored are deleted. You can also permanently object to the setting of cookies or the creation of a pseudonymized user profile by using the available opt-out function under the following link:

https://releva.nz/datenschutz

Further information and the data protection provisions regarding advertising and releva GmbH can be found at https://releva.nz/datenschutz.