Privacy Policy

Data Protection Declaration

Data Protection Declaration

1) Information on the Collection of Personal Data and Contact Details of the person responsible.

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.

1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Endor AG, E.ON-Allee 3, 84036 Landshut, Germany, Tel .: (0871) 9221 - 122, Fax: (0871) 6221 - 221, email: [email protected]. The person responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data.

1.3 The person responsible has appointed a data protection officer who can be reached as follows:  Capcad Systems AG, Carl-Zeiss-Ring 21, 85737 Ismaning, Tel: +49 89 991522-0, Email : [email protected]

1.4 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or. TLS encryption. You can recognize an encrypted connection by the character string "https: //" and the lock symbol in your browser line.

2) Data Collection When You Visit Our Website

When using our website for information only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:

• Our visited website
• Date and time at the moment of access
• Amount of data sent in bytes
• Source/reference from which you came to the page
• Browser used
• Operating system used
• IP address used (if applicable: in anonymized form)

Data processing is carried out in accordance with Art. 6 (1) point f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently, if there are any concrete indications of illegal use.

3) Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted again after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process specific user information such as browser and location data as well as IP address values. Persistent cookies are automatically deleted after a specified period, which can differ depending on the cookie.

In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies implemented by us, the processing takes place in accordance with Art. 6 Para. 1 lit. b GDPR either to carry out the contract or in accordance with Art. 6 Para. 1 lit. f GDPR to safeguard our legitimate interests the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.

We may work with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). If we work with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected within the following paragraphs.

Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of every browser, which explains how you can change your cookie settings. You can find these for the respective browser under the following links:

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

Firefox: https://support.mozilla.org/de/kb/cookies- allow-and-reject

Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

Safari: https://support.apple.com/kb/ph21411?locale=de_DE

Opera: https : //help.opera.com/en/latest/web-preferences/#cookies

Please note that if you do not accept cookies, the functionality of our website may be restricted.

Information on the cookies used:

Name

Purpose

Storage

Type of cookie

_ga

Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

2 year

first-party cookie

 

_ga_Q6VYC4JPVE

 

Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

2 years

first-party cookie

 

_gat _UA-4011508-1

 

This cookie is used for Google Analytics to limit the request rate.

1 day

first-party cookie

 

_gat _UA-4011508-9

 

This cookie is used for Google Analytics to limit the request rate.

1 day

first party cookie

_gid

This cookie is used for Google Analytics to distinguish between users.

1 day

first party cookie

_fbp

 

 

First-party cookie

PAPVisitorId

 

 

First-party cookie

_gcl_au

 

 

First party cookie

__cfduid

 

 

First party cookie

fbId

 

 

First-party cookie

__csrf_token-4

 

 

First party cookie

session-4

 

 

First-party cookie

ATN

 

 

Third-party cookie

test_cookie

 

 

Third-party cookie

fr

 

 

Third-party cookie

LocalStorage

PAPVisitorId

 

 

 

 

4) Contacting

When you contact us (e.g. using the contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 Paragraph 1 lit.f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Article 6 (1) (b) GDPR. Your data will be deleted after the final processing of your request; this is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no statutory retention requirements.

5) Data Processing When Opening a Customer Account and for Contract Processing

In accordance with Article 6 (1) (b) GDPR, personal data will continue to be collected and processed if you provide them to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. A deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We save and use the data you have provided to process the contract. After the contract has been fully processed or your customer account has been deleted, your data will be blocked with due regard to tax and commercial retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we reserve the right to further use your data as permitted by law about which we will inform you accordingly below.

6) Comment Function

As part of the comment function on this website, in addition to your comment, information about the time the comment was created and the name of the commentator you have chosen are saved and published on the website. Your IP address is also recorded and saved. The IP address is stored for security reasons and in the event that the person concerned violates the rights of third parties by submitting a comment or posts illegal content. We need your e-mail address in order to contact you if a third party should object to your published content as unlawful. The legal basis for the storage of your data is Art. 6 Para. 1 lit.b and f GDPR. We reserve the right to delete comments if third parties complain that they are illegal.

7) Use of Your Data for Direct Mail

7.1 Registration for our e-mail newsletter

If you register for our e-mail newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. The provision of any further data is voluntary and is used in order to be able to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed to us that you consent to the sending of the newsletter. We will then send you a confirmation email asking you to click on a link to confirm that you want to receive the newsletter in the future.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Article 6 (1) (a) GDPR. When you register for the newsletter, we save your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data collected by us when registering for the newsletter are used exclusively for the purpose of advertising via the newsletter. You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending a message to the person responsible mentioned above. After you have unsubscribed, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration to inform.

7.2 Sending the e-mail newsletter to existing customers

If you have given us your e-mail address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range by e-mail. We do not need to obtain any separate consent from you for this. In this respect, the data processing takes place solely on the basis of our legitimate interest in personalized direct mail in accordance with Art. 6 Para. 1 lit. f GDPR. If you initially objected to the use of your e-mail address for this purpose, we will not send you an e-mail. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the person responsible named at the beginning. For this you only have to pay transmission costs according to the basic tariffs. After receipt of your objection, the use of your e-mail address for advertising purposes will be stopped immediately.

7.3 Sending newsletters via MailChimp

Our e-mail newsletters are sent via the technical service provider The Rocket Science Group, LLC d / b / a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http: //www.mailchimp .com /), to which we pass on the data you provided when registering for the newsletter . This transfer takes place in accordance with Art. 6 Para. 1 lit. f GDPR and serves our legitimate interest in the use of a promotionally effective, secure and user-friendly newsletter system . Please note that your data is usually transferred to a MailChimp server in the USA and stored there.

MailChimp uses this information to send and statistically evaluate the newsletter on our behalf. For the evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. In this way it can be determined whether a newsletter message has been opened and which links have been clicked. With the help of the web beacons, Mailchimp automatically creates general, non-personal statistics about the reaction behavior to newsletter campaigns. On the basis of our legitimate interest in the statistical evaluation of the newsletter campaigns to optimize advertising communication and better focus on recipient interests , the web beacons in accordance with Art. 6 Para. 1 lit f. GDPR also collect data from the respective newsletter recipient ( Email address, time of retrieval, IP address, browser type and operating system) and used. These data allow individual conclusions to be drawn about the newsletter recipient and are processed by Mailchimp to automatically generate statistics that show whether a specific recipient has opened a newsletter message.

If you want to deactivate the data analysis for statistical evaluation purposes , you must unsubscribe from the newsletter.

MailChimp can also use this data in accordance with Article 6 (1) (f) GDPR due to its own legitimate interest in the needs-based design and optimization of the service as well as for market research purposes, for example to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.

To protect your data in the USA, we have concluded a data processing order ("Data Processing Agreement") with MailChimp on the basis of the standard contractual clauses of the European Commission in order to enable the transmission of your personal data to MailChimp. If you are interested, this data processing contract can be viewed at the following Internet address: https://mailchimp.com/legal/forms/data-processing-agreement

You can view MailChimp's data protection regulations here: https://mailchimp.com/legal/privacy/

8) Data Processing for Order Processing

8.1 To process your order, we work together with the following service provider (s) who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, as far as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing, if this is necessary for the payment processing. If payment service providers are used, we will explicitly inform you about this below. The legal basis for forwarding the data is Article 6 (1) (b) GDPR.

8.2 Transfer of personal data to shipping service providers

- DHL

If the goods are delivered by the transport service provider DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn), we will give your e-mail address in accordance with Article 6 (1) (a) GDPR prior to delivery the goods to DHL for the purpose of agreeing a delivery date or to announce the delivery, provided that you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to DHL for the purpose of delivery in accordance with Article 6 (1) (b) GDPR. It will only be passed on if this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with DHL or the delivery notification is not possible.

The consent can be revoked at any time with effect for the future vis-à-vis the person responsible or the transport service provider DHL.

- UPS

If the goods are delivered by the transport service provider UPS (United Parcel Service Deutschland Inc. & Co. OHG, Görlitzer Straße 1, 41460 Neuss), we will give your email address before the goods are delivered in accordance with Art. 6 Paragraph 1 a GDPR for the purpose of agreeing a delivery date or to announce the delivery to UPS, provided you have given your express consent in the ordering process. Otherwise we will only pass on the name of the recipient and the delivery address to UPS for the purpose of delivery in accordance with Article 6 (1) (b) GDPR. The transfer only takes place if this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with UPS or the transmission of status information of the shipment delivery is not possible.

The consent can be revoked at any time with effect for the future vis-à-vis the person responsible or vis-à-vis the transport service provider UPS.

8.3 Use of payment service providers (payment service provider)

- Amazon Pay

If you select the payment method "Amazon Pay", the payment is processed by the payment service provider Amazon Payments Europe sca, 5 Rue Plaetis, L-2338 Luxembourg (hereinafter: "Amazon Payments"), to whom we provide the information and information you provided during the ordering process about your order in accordance with Art. 6 Para. 1 lit. b GDPR. Your data will only be passed on for the purpose of processing payments with the payment service provider Amazon Payments and only to the extent that it is necessary for this. You can find more information about the data protection provisions of Amazon Payments at the following Internet address: https://pay.amazon.com/de/help/201751600

- PayPal

When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we give your payment data to PayPal (Europe) Sarl et Cie. , SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only insofar as this is necessary for payment processing.

PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment in installments" via PayPal . For this purpose, your payment data may be passed on to credit agencies in accordance with Article 6 (1) (f) GDPR on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding whether to provide the respective payment method. The credit report can contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. For more information on data protection, including the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.

- Secupay

If you decide to pay by credit card from the payment service provider secupay, the payment will be processed by the payment service provider secupay AG, Goethestraße 6, 01896 Pulsnitz, to whom we will provide the information you provided during the ordering process along with the information about your order in accordance with Art. 6 Para. 1 lit . b pass on GDPR. Your data will only be passed on for the purpose of processing payments with the payment service provider secupay and only to the extent that it is necessary for this.

If you choose the payment methods "purchase on account" via secupay or "direct debit" via secupay, you will be asked to provide your personal data (first and last name, street, house number, postcode, place, date of birth, email address, telephone number) in the order process , Bank code and account number). In order to preserve our legitimate interest in determining the solvency of our customers, we will send this data to secupay AG, Goethestr. For the purpose of a credit check in accordance with Art. 6 Para. 1 lit. 6, 01896 Pulsnitz ("secupay"). On the basis of the personal data you have provided and other data (such as shopping cart, invoice amount, order history, payment experience), Secupay checks whether the payment option you have selected can be granted with regard to payment and / or bad debt risks. In addition to internal secupay criteria in accordance with Art. 6 Para. 1 lit.

- infoscore Consumer Data GmbH (arvato), Rheinstrasse 99, D-76532 Baden-Baden, Tel .: +49 (0) 7221-5040-1000, Fax: -1001

- Creditreform Boniversum GmbH, Hellersbergstrasse 11, D-41460 Neuss, Tel .: +49 (0) 2131-109-501, Fax: -557

- EOS Payment Solutions GmbH, Steindamm 80, 200 Hamburg

The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.

You can object to this processing of your data at any time by sending a message to the person responsible for data processing or to Secupay. However, Secupay may still be entitled to process your personal data if this is necessary for the contractual payment processing.

9) Use of Social Media: Social Plug-ins

9.1 AddThis bookmarking as a standard plug-in

Our website uses so-called social plug-ins (" plug-ins ") from the bookmarking service AddThis, which is operated by AddThis LLC, Inc. 8000 Westpark Drive, Suite 625, McLean, VA 2210, USA ("AddThis") as Part of the Oracle Corporation is operated. The plug-ins are usually marked with an AddThis logo, for example in the form of a white plus sign on an orange background. You can find an overview of the AddThis plug-ins and their appearance here: https://www.addthis.com/get/sharing

When you call up a page on our website that contains such a plug-in , your browser establishes a direct connection to the AddThis servers. AddThis transmits the content of the plug-in directly to your browser and integrates it into the page. As a result of the integration, AddThis saves a cookie on your device and uses it to collect your IP address and the information that your browser has accessed the corresponding page on our website. This information (including your IP address) is transmitted directly from your browser to an AddThis server in the USA and stored there. If you interact with the plug-ins , the corresponding information is also transmitted directly to a server of the provider and stored there.

The data processing operations described are carried out in accordance with Article 6 (1) (f) GDPR on the basis of AddThis's legitimate interests in displaying personalized advertising in order to inform other users of the social network about your activities on our website and to tailor the service to your needs.

If you would like to object to the data collection by AddThis for the future, you can set a so-called opt-out cookie, which you can download from the following link: https://www.addthis.com/privacy/opt-out

You can also completely prevent the AddThis plug-ins from loading with add-ons for your browser, e.g. B. with the script blocker "NoScript" (https://noscript.net/).

The purpose and scope of the data collection and the further processing and use of the data by AddThis as well as your related rights and setting options to protect your privacy can be found in AddThis's data protection information: https://www.addthis.com/privacy/privacy-policy

9.2 Facebook as a standard plug-in

Our website uses so-called social plug-ins (" plug-ins ") from the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"). The plug-ins are marked with a Facebook logo or the addition "Facebook social plug-in " or "Facebook social plug-in ". You can find an overview of the Facebook plug-ins and their appearance here: https://developers.facebook.com/docs/plugins

When you visit a page on our website that contains such a plug-in , your browser establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted directly from Facebook to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged into Facebook. This information (including your IP address) is sent directly from your browser to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can immediately assign your visit to our website to your Facebook profile. If you interact with the plug-ins , for example press the "Like" button or leave a comment, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and shown to your Facebook friends.

The data processing operations described are carried out in accordance with Article 6 (1) (f) GDPR on the basis of Facebook's legitimate interests in displaying personalized advertising in order to inform other users of the social network about your activities on our website and to tailor the service to your needs.

If you do not want Facebook to assign the data collected via our website directly to your Facebook profile, you must log out of Facebook before visiting our website. You can object to the loading of the Facebook plug-ins and thus the data processing operations described above with add-ons for your browser for the future, e.g. with the script blocker "NoScript" (http://noscript.net/).

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your related rights and setting options to protect your privacy can be found in Facebook's data protection information:

https://www.facebook.com/policy.php

9.3 Instagram

To advertise our products and services as well as to communicate with interested parties or customers, we operate a company presence on the Instagram platform.

We are jointly responsible for this social media platform with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland.

The data protection officer of Instagram can be reached via a contact form: https://www.facebook.com/help/contact/540977946302970

We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, from which the mutual obligations arise, can be accessed under the following link:

https://www.facebook.com/legal/terms/page_controller_addendum

The legal basis for the resulting and subsequently reproduced processing of personal data is Art. 6 Para. 1 lit. f GDPR. Our legitimate interest lies in the analysis, communication, sales and promotion of our products and services.

The legal basis can also be the consent of the user in accordance with Art. 6 Para. 1 lit. a GDPR to the platform operator. According to Art. 7 Para. 3 GDPR, the user can revoke his consent to this at any time by notifying the platform operator for the future.

When you visit our online presence on the Instagram platform, Facebook Ireland Ltd. as the operator of the platform in the EU processes user data (e.g. personal information, IP address, etc.).

This user data is used for statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Facebook Ireland Ltd. For example, it is possible to advertise users within and outside of Instagram based on their interests. If the user is logged into their Instagram account at the time of access, Facebook Ireland Ltd. also link the data with the respective user account.

If the user makes contact via Instagram, the personal data entered by the user on this occasion will be used to process the request. The user's data will be deleted by us, provided that the user's request has been finally answered and there are no legal retention requirements, such as in the subsequent contract processing.

To process the data, Facebook Ireland Ltd. possibly also set cookies.

If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the settings of the browser, but through the corresponding setting of the Flash player. Should the user prevent or restrict the installation of cookies, this may mean that not all Facebook functions can be used to their full extent.

More information on the processing activities, their prevention and the deletion of the data processed by Instagram can be found in Instagram's data policy:

https://help.instagram.com/519522125107875

It cannot be ruled out that the processing by Facebook Ireland Ltd. also via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA.

9.4 Twitter

We use the plug-in of the social network Twitter on our website. Twitter is an Internet service provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, hereinafter referred to as “Twitter”.

Through certification according to the EU-US data protection shield ("EU-US Privacy Shield") https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

Twitter guarantees that the data protection requirements of the EU are also observed when processing data in the USA.

The legal basis is Article 6 (1) lit.f) GDPR. Our legitimate interest lies in improving the quality of our website.

If the plug-in is stored on one of the pages you visit on our website, your Internet browser will download a representation of the plug-in from Twitter's servers in the USA. For technical reasons, it is necessary for Twitter to process your IP address. In addition, the date and time of your visit to our website are also recorded.

If you are logged in to Twitter while visiting one of our websites with the plug-in, the information collected by the plug-in about your specific visit will be recognized by Twitter. Twitter may assign the information collected in this way to your personal user account there. If you use the so-called “Share” button from Twitter, for example, this information will be stored in your Twitter user account and possibly published on the Twitter platform. If you want to prevent this, you must either log out of Twitter before visiting our website or make the appropriate settings in your Twitter user account.

Further information on the collection and use of data as well as your rights and protection options in this regard is available from Twitter at https://twitter.com/privacy available data protection information.

10) Use of Social Media: Videos

Use of Youtube Videos

This website uses the YouTube embedding function to display and play videos from the provider “ YouTube ”, which belongs to Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).

The extended data protection mode is used here, which, according to the provider, does not start storing user information until the video (s) are played. If the playback of embedded YouTube videos is started, the provider “ YouTube ” uses cookies to collect information about user behavior. According to information from “ YouTube ”, these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive practices. If you are logged in to Google, your data will be assigned directly to your account when you click on a video. If you do not want the assignment to your profile on YouTube, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in accordance with Article 6 (1) (f) GDPR on the basis of Google's legitimate interests in displaying personalized advertising, market research and / or the needs-based design of its website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

Regardless of whether or not the embedded videos are played, a connection to the Google “DoubleClick” network is established every time this website is accessed, which can trigger further data processing operations beyond our control.

You can find more information on data protection at "YouTube" in the provider's data protection declaration at: https://www.google.de/intl/de/policies/privacy

11) Online-Marketing

11.1 Google AdSense

This website uses Google AdSense, a web advertising service provided by Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). Google AdSense uses so-called "DoubleClick DART Cookies" ("Cookies"). These are text files that are saved on your computer and that enable your use of the website to be analyzed. In addition, Google AdSense also uses so-called "web beacons" (small invisible graphics) to collect information, which can be used to record, collect and evaluate simple actions such as visitor traffic on the website. The information generated by the cookie and / or web beacon (including your IP address) about your use of this website is usually transferred to a Google server in the USA and stored there.

Google uses the information obtained in this way to evaluate your usage behavior with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense will not be merged with other Google data. The information collected by Google may be transferred to third parties if this is required by law and / or if third parties process this data on behalf of Google.

The described processing of data takes place in accordance with Art. 6 Para. 1 lit. f GDPR for the purpose of targeted advertising to the user by advertising third parties, whose advertisements are displayed on this website based on the evaluated user behavior. At the same time, the processing serves our financial interest in exploiting the economic potential of our website by displaying personalized third-party advertising content for a fee.

You can find more information about Google's data protection provisions at the following Internet address: https://www.google.de/policies/privacy/

You can permanently deactivate cookies for ad preferences by preventing them by setting your browser software accordingly or by downloading and installing the browser plug-in available under the following link:

https://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may not be able to be used or only to a limited extent if you have deactivated the use of cookies.

11.2 Use of Google AdWords Conversion Tracking

This website uses the online advertising program "Google AdWords" and, as part of Google AdWords, the conversion tracking of Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). We use the Google AdWords offer to draw attention to our attractive offers with the help of advertising materials (so-called Google AdWords) on external websites. In relation to the data from the advertising campaigns, we can determine how successful the individual advertising measures are. We are interested in showing you advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.

The conversion tracking cookie is set when a user clicks on an AdWords ad placed by Google. Cookies are small text files that are stored on your computer system. These cookies generally lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on this website and the cookie has not yet expired, we and Google can see that the user clicked on the ad and was redirected to this page. Every Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked via the websites of AdWords customers. The information obtained using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not want to participate in tracking, you can block this usage by deactivating the Google conversion tracking cookie in your internet browser under user settings. You will then not be included in the conversion tracking statistics. We use Google AdWords because of our legitimate interest in targeted advertising in accordance with Article 6 (1) (f) GDPR.

You can find more information about Google's data protection provisions at the following Internet address: https // www.google.de / policies / privacy /

You can permanently deactivate cookies for ad preferences by preventing them by setting your browser software accordingly or by downloading and installing the browser plug-in available under the following link:

https://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may not be able to be used or only to a limited extent if you have deactivated the use of cookies.

12) Web Analysis Services

12.1 Google (Universal) Analytics

- Google Analytics

This website uses Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transmitted to a Google server in the USA and stored there.

This website uses Google Analytics exclusively with the extension "_ AnonymizeIP ()", which ensures anonymization of the IP address by abbreviation and excludes direct personal reference. As a result of the extension, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. In these exceptional cases, this processing is carried out in accordance with Article 6 (1) (f) GDPR on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.

Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by using the browser plug-in available under the following link in download and install:

https://tools.google.com/dlpage/gaoptout?hl=de

As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future (this opt-out cookie only works in this browser and only for this domain, if you delete your cookies in this browser, you have to click this link again) : Deactivate Google Analytics

You can find more information on how Google Analytics handles user data in Google's data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de

12.2 Mouseflow (Mouseflow ApS)

This website uses Mouseflow, a web analysis tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to record randomly selected individual visits (only with a pseudonymised IP address). This creates a log of mouse movements and clicks with the intention of randomly playing back individual website visits and deriving potential improvements for the website from them. If personal data is also processed, this is done in accordance with Article 6 (1) (f) GDPR on the basis of our legitimate interest in the statistical analysis of user behavior for optimization purposes.

The processed information will not be passed on to third parties.

You can permanently object to Mouseflow's web analysis at any time by setting an opt-out cookie by downloading and installing the opt-out cookie available under the following link: https://mouseflow.de/opt-out/

Further information and the data protection provisions of Mouseflow can be viewed here: https://mouseflow.com/privacy/

The opt-out cookie is set by Quantcast.

13) Retargeting/Remarketing/ Referral Advertising

Bing Ads (Microsoft Corporation)

This website uses the conversion tracking technology "Bing Ads" from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Bing Ads places a cookie on your computer if you have reached our website via a Microsoft Bing ad. Cookies are small text files that are stored on your computer system. These cookies lose their validity after 180 days and are not used for personal identification. If the user visits certain pages on this website and the cookie has not yet expired, we and Microsoft can see that the user clicked on the ad and was redirected to this page (conversion page). If personal data is processed in this context, this is done in accordance with Article 6 (1) (f) GDPR due to our legitimate interest in effective marketing.

The information obtained using the conversion cookie is used to create conversion statistics, ie to record how many users reach a conversion page after clicking on an ad. This tells us the total number of users who clicked on our ad and were forwarded to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.

If you do not want to participate in tracking, you can object by simply deactivating the Bing Ads conversion tracking cookie in your Internet browser under user settings. You will then not be included in the conversion tracking statistics. Alternatively, you can use the deactivation page for consumers from the EU https://www.youronlinechoices.com/uk/your-ad-choices/ to check whether Microsoft's advertising cookies are set in your browser and deactivate them.

You can find more information about the data protection provisions of Microsoft Bing Ads at the following Internet address: https://privacy.microsoft.com/de-de/privacystatement

Google AdWords remarketing

Our website uses the functions of Google AdWords Remarketing, with this we advertise this website in the Google search results as well as on third-party websites. The provider is Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). For this purpose, Google places a cookie in the browser of your end device, which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. The processing takes place on the basis of our legitimate interest in the optimal marketing of our website in accordance with Art. 6 Para. 1 lit. f GDPR.

Any further data processing will only take place if you have agreed to Google that your internet and app browser history will be linked to your Google account by Google and that information from your Google account will be used to personalize advertisements that you will find on the web consider. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data in order to form target groups.

You can permanently deactivate the setting of cookies for ad preferences by downloading and installing the browser plug-in available under the following link: https://www.google.com/settings/ads/onweb/

Alternatively, you can contact the Digital Advertising Alliance at the Internet address www.aboutads.info to find out about the setting of cookies and make settings for this. Finally, you can set your browser so that you are informed about the setting of cookies and individually decide whether to accept them or to exclude the acceptance of cookies for certain cases or in general. If you do not accept cookies, the functionality of our website may be restricted.

Further information and the data protection provisions regarding advertising and Google can be viewed here:

https://www.google.com/policies/technologies/ads/

14) novomind iCHAT

We use novomind iCHAT as a website chat service (according to Art. 6 para. 1 lit. a and lit.f EU Data Protection Regulation). In order to initiate this live chat, novomind iCHAT requires your full name and email address. novomind iCHAT uses cookies that enable an analysis of your use of our website. The information generated by cookies about your use of our website is transmitted to novomind’s iCHAT server and stored there. novomind iCHAT uses this information to evaluate your use of our website and to provide a chat window on our pages through which you can contact us directly. If you do not agree with reporting via cookies, please contact us only via our contact form(s) or by e-mail. Alternatively, you can deactivate the storage of cookies in your browser, though this may affect the usability of iCHAT.

novomind iCHAT is a website chat service of novomind AG, Bramfelder Chaussee 45, 22177 Hamburg. The applicable data protection regulations can be found at https://www.novomind.com/de/datenschutz/. If you do not agree with the storage of chat content, we ask you to contact us only via our contact form(s) or by e-mail.

15) Contact via Telephone Hotline

When contacting us via our hotline, personal data may be collected and processed. The telephone number you use when calling may be recorded.

In addition, our hotline staff may request your name and e-mail address. If you have created a customer account with us under the e-mail address you provided, our hotline staff can associate your e-mail address to this customer account and access the data stored in the customer account. The stored data includes your full name, your address, your payment details, your orders, products saved by you as favorites, as well as notes on previous inquiries and previous correspondence.

The essential contents of the conversation concerning your request may be recorded by our hotline staff in the form of a written note for the further processing of your request, which we can access if we contact you again.

The data collected when contacting us via our hotline is collected and processed exclusively for the purpose of processing your request, including the associated further communication and technical administration/support.

The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If the purpose of your call is to enter into a contract with us or you have questions regarding an existing contract with us, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.

Your data will be deleted upon completion of the processing of your request.

This is the case if it is clear from the circumstances that the matter in question has been conclusively resolved and provided that there are no conflicting statutory retention obligations.

 

Protecting the privacy of people under the age of 16 on the Internet

Personal data from minors (under 16 years of age) are not knowingly collected or used in any form by the sample company . As a rule we do not find out the age of the visitor to our website. However, we have not taken any specific measures to protect such data to a particular degree. Without the express consent of their parents or guardians, persons under the age of 16 may not transmit any personal data.  

16) Rights of the Data Subject

15.1 The applicable data protection law grants you comprehensive rights of data subjects (information and intervention rights) vis-à-vis the person responsible with regard to the processing of your personal data, about which we will inform you below:

Right to information in accordance with Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned Storage period or the criteria for determining the storage period, the existence of a right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if we did not collect them from you, the Existence of automated decision-making including profiling and, if necessary, meaningful information about the logic involved and the scope and the intended effects of such processing, as well as your right to be informed about the guarantees pursuant to Art. 46 GDPR when your data is forwarded in D rittlands exist;

Right to correction according to Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and / or completion of your incomplete data stored by us;

Right to deletion according to Art. 17 GDPR: You have the right to request the deletion of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not exist in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request that the processing of your personal data be restricted as long as the correctness of your data is checked, if you refuse to delete your data due to inadmissible data processing and instead request the Request restriction of the processing of your data if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved or if you have objected for reasons of your particular situation, as long as it is not certain whether our legitimate Reasons outweigh;

Right to information in accordance with Art. 19 GDPR: If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to notify all recipients to whom the personal data relating to you has been disclosed, this correction or deletion of the data or To communicate restriction of processing, unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed about these recipients.

Right to data portability in accordance with Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible, insofar as this is technically feasible;

Right to revoke consent given in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. If you withdraw your consent, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal;

Right to lodge a complaint in accordance with Art. 77 GDPR: If you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement.

In Bavaria, the competent supervisory authority is:

Bavarian State Office for Data Protection Supervision (BayLDA)

Promenade 27

91522 Ansbach

15.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR MAINLY LEGITIMATE INTEREST, YOU HAVE THE AT ANY TIME TO PROCESS YOUR PERSONAL DATA, FOR REASONS THAT WE GIVE UPON YOUR SPECIFIC SITUATION.

IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA CONCERNED. FURTHER PROCESSING IS RESERVED IF WE CAN PROVE COMPULSORY REASONS FOR PROCESSING THAT OUTSIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING OR EXPRESSION APPLIES.

IF YOUR PERSONAL DATA IS PROCESSED BY US IN ORDER TO OPERATE DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU MAY OBJECTIVE AS DESCRIBED ABOVE.

IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA AFFECTED FOR DIRECT ADVERTISING PURPOSES.

17) Duration of Storage of Personal Data

The duration of the storage of personal data is based on the respective statutory retention period (e.g. commercial and tax retention periods). After the period has expired, the relevant data will be routinely deleted, provided that they are no longer required for contract fulfillment or contract initiation and / or we have no legitimate interest in further storage.

The security of your data

The data you provide to Endor AG is protected by suitable technical and organizational means with the aim of protecting your data against accidental or deliberate manipulation, loss, destruction, access by unauthorized persons or unauthorized disclosure to third parties. Our security measures are continuously monitored and improved in line with technological developments and organizational possibilities.

18) Microsoft 365

The Microsoft 365 services are provided by Microsoft Corporation (https://www.microsoft.com/de-de/rechtliche-hinweise/impressum) on the basis of a data processing agreement. This means that Microsoft also has access to your data to the extent necessary. The data center is located within the EU. However, due to the use of Microsoft products, it cannot be ruled out that your personal data will also be processed in third countries outside the European Union (EU). For this purpose, we have concluded a standard EU data protection contract in accordance with Art. 46 GDPR, see https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA .

In addition to the EU standard contract, further guarantees are part of the contractual level of protection.

To the extent that Microsoft processes Personal Data outside of the Data Processing Relationship in connection with Microsoft's legitimate business operations, Microsoft is its own controller for such use and as such is responsible for compliance with all applicable laws and obligations of a controller.

Further information on the type and scope of data processing by Microsoft can be found at https://privacy.microsoft.com/de-de/privacystatement and https://learn.microsoft.com/de-de/compliance/regulatory/gdpr-dsr-Office365?toc=%2Fmicrosoft-365%2Fenterprise%2Ftoc.json.

Use of Microsoft Forms

We use MS Forms to carry out surveys, evaluations and competitions. MS Forms is a Microsoft Office application from Microsoft Corporation. When using it, your answers (quantitative and qualitative) are generally processed on an anonymous basis, unless you voluntarily provide your personal data, such as contact details. Your contact data would then be used as previously declared in the survey, for example to take part in a competition. It will not be used for purposes not previously declared.

Further information on the type and scope of data processing by Microsoft can be found at https://support.microsoft.com/de-de/office/sicherheit-und-datenschutz-in-microsoft-forms-7e57f9ba-4aeb-4b1b-9e21-b75318532cd9

Storage duration:

We process and store the data until the purpose of the processing has been fulfilled, e.g. the raw data for the survey, evaluation in anonymous form is no longer required or we have successfully carried out any competition after sending/transmitting the prizes.

Legal basis for data processing:

Your data is processed on the basis of Art. 6 para. 1 lit. f and Art.6 para.1 lit. b (fulfillment of contract) GDPR, as we have a legitimate interest in maintaining and improving the customer relationship. If the survey is conducted within Endor AG, the legal basis is §26 para. 1 BDSG.