Data privacy

1) Introduction and Contact Information of the Responsible Party

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data here refers to all data that can be used to identify you personally.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is HISTORIA GmbH, Berta-Ottenstein-Str. 19, 79106 Freiburg, Germany, Tel.: +49-(0)761-79 02 79 00, E-Mail: info@historia.net. The controller for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

1.3 The controller has appointed a data protection officer, who can be reached as follows: "Martin Behrens, Eugen-Martin-Straße 4, 79106 Freiburg, 07641/4 52 45 45, martin.behrens@stilz-partner.de"

2) Data Collection When Visiting Our Website

2.1 When you use our website for informational purposes only, i.e., when you do not register or otherwise transmit information to us, we only collect data that your browser transmits to the server (so-called "server logfiles"). When you access our website, we collect the following data, which is technically necessary for us to display the website:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/referral from which you accessed the page
Used browser
Used operating system
Used IP address (possibly in anonymized form)

Processing is carried out in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. There is no transfer or further use of the data. However, we reserve the right to review the server logfiles retrospectively if there are specific indications of unlawful use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the responsible party). You can recognize an encrypted connection by the "https://" string and the lock symbol in your browser's address bar.

3) Hosting & Content Delivery Network

Amazon Web Services

For hosting our website and displaying the page content, we use the system of the following provider: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA

All data collected on our website is processed on the provider's servers.
We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transmissions to the USA, the provider is a participant in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

4) Cookies

To make the visit to our website more attractive and enable the use of certain functions, we use cookies, which are small text files stored on your device. Some of these cookies are automatically deleted after you close your browser (so-called "session cookies"), while others remain on your device for a longer period, allowing for the saving of page settings (so-called "persistent cookies"). In the latter case, you can find the storage duration in the cookie settings of your web browser.

If personal data is processed by individual cookies used by us, the processing takes place in accordance with Art. 6 (1) lit. b GDPR either to fulfill the contract, according to Art. 6 (1) lit. a GDPR in case of consent, or according to Art. 6 (1) lit. f GDPR to safeguard our legitimate interests in ensuring the best functionality of the website and a user-friendly and effective website visit.

You can configure your browser to be notified about the setting of cookies and decide individually whether to accept them, or to exclude the acceptance of cookies for specific cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact

5.1 Userlike

This website uses a live chat system from the following provider: Userlike UG (limited liability), Deisterweg 7, 51109 Cologne, Germany

The processing of personal data transmitted via the chat is carried out either in accordance with Art. 6 (1) lit. b GDPR, because it is necessary for the initiation or performance of the contract, or in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in effectively managing our website visitors.
The data you transmit will be deleted as soon as the relevant matter is conclusively resolved, subject to any statutory retention periods.

Additionally, further information may be collected and evaluated to create pseudonymized usage profiles through cookies, but these do not serve to personally identify you and are not merged with other data sets. If this information is personally identifiable, processing occurs in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in statistical analysis of user behavior for optimization purposes.

The use of cookies can be prevented by appropriate browser settings. However, in this case, the functionality of our website may be restricted. You can object to the collection and storage of data for the creation of pseudonymized usage profiles at any time, with effect for the future.

We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

5.2 When contacting us (e.g., via contact form or email), personal data is processed exclusively for the purpose of handling and responding to your inquiry and only to the extent necessary.

The legal basis for processing this data is our legitimate interest in responding to your inquiry in accordance with Art. 6 (1) lit. f GDPR. If your contact is aimed at a contract, the additional legal basis for processing is Art. 6 (1) lit. b GDPR. Your data will be deleted once the matter is concluded and no legal retention obligations are in place.

6) Data Processing When Opening a Customer Account

In accordance with Art. 6 (1) lit. b GDPR, personal data will continue to be collected and processed to the extent necessary when you provide this data to us when opening a customer account. The data required for opening the account can be found in the input form on our website.

You may delete your customer account at any time by sending a message to the above-mentioned address of the responsible party. After deletion of your customer account, your data will be deleted, provided that all contracts concluded through it have been fully processed, no legal retention periods are in place, and we have no legitimate interest in further storage.

7) Use of Customer Data for Direct Advertising

7.1 Subscription to Our E-Mail Newsletter

If you subscribe to our email newsletter, we will send you regular information about our offers. The only required information for sending the newsletter is your email address. Providing additional data is voluntary and is used to address you personally. We use the so-called double opt-in procedure for sending the newsletter, which ensures that you will only receive the newsletter once you have explicitly confirmed your consent to receive the newsletter by clicking on a verification link sent to the specified email address.

By activating the confirmation link, you grant us your consent to use your personal data in accordance with Art. 6 (1) lit. a GDPR. We store the IP address registered by your Internet service provider (ISP) as well as the date and time of registration to track any misuse of your email address at a later time. The data collected during the newsletter subscription is used strictly for its intended purpose.

You can unsubscribe from the newsletter at any time using the designated link in the newsletter or by sending a corresponding message to the responsible party mentioned above. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we have reserved additional data use that is legally permitted and that we inform you about in this statement.

7.2 Sending of the E-Mail Newsletter to Existing Customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to send you regular offers for similar goods or services from our range by email. We do not need to obtain a separate consent from you for this, according to § 7 (3) UWG. The data processing is based solely on our legitimate interest in personalized direct advertising according to Art. 6 (1) lit. f GDPR. If you have initially objected to the use of your email address for this purpose, no email will be sent.

You are entitled to object to the use of your email address for the above-mentioned advertising purpose at any time with future effect by sending a message to the responsible party mentioned at the beginning. Only transmission costs according to basic rates will apply.

7.3 SALESmanago

The sending of our email newsletters is carried out by this provider: BENHAUER Sp. z o.o., Stanisława Klimeckiego 4, 30-705 Kraków, Poland

Based on our legitimate interest in effective and user-friendly newsletter marketing, we pass on your data provided during the newsletter subscription to this provider according to Art. 6 (1) lit. f GDPR so that they can handle the newsletter dispatch on our behalf.

Subject to your explicit consent according to Art. 6 (1) lit. a GDPR, the provider also conducts statistical success evaluations of newsletter campaigns using web beacons or tracking pixels in the emails sent, which can measure open rates and specific interactions with the content of the newsletter. End device information (e.g., time of access, IP address, browser type, and operating system) is collected and evaluated, but not merged with other data sets.

You can withdraw your consent to newsletter tracking at any time with future effect.

We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits unauthorized disclosure to third parties.

7.4 Cart Reminders via E-Mail

If you abandon your shopping at checkout, you have the option to receive a one-time email reminder about the content of your virtual shopping cart.

The only required information for sending this reminder is your email address. Providing additional data is voluntary and will be used to address you personally if necessary. We use the double opt-in procedure for email dispatch, which ensures that you will only receive the reminder after explicitly confirming your consent by clicking on a verification link sent to the specified email address.

By activating the confirmation link, you grant us your consent to use your personal data in accordance with Art. 6 (1) lit. a GDPR for sending a cart reminder. We store the IP address registered by your Internet service provider (ISP) as well as the date and time of registration to track any misuse of your email address at a later time. The data collected during the subscription to our email notification service is used strictly for its intended purpose.

You can unsubscribe from the cart reminders at any time by sending a corresponding message to the responsible party mentioned at the beginning. After unsubscribing, your email address will be immediately deleted from our distribution list for this purpose, unless you have expressly consented to further use of your data or we have reserved additional data use that is legally permitted and that we inform you about in this statement.

7.5 Postal Advertising
Based on our legitimate interest in personalized direct advertising, we reserve the right to store and use your first and last name, your postal address, and – if we have received these additional details during the contractual relationship – your title, academic degree, birth year, and professional, industry, or business designation in accordance with Art. 6 (1) lit. f GDPR for the purpose of sending interesting offers and information about our products by post.
You can object to the storage and use of your data for this purpose at any time.

8) Data Processing for Order Processing

8.1 Submission of Image Files for Order Processing via E-Mail

On our website, we offer customers the option to personalize products by submitting image files via email. The submitted image is used as a template for the personalization of the selected product.

Through the email address provided on the website, the customer can submit one or more image files from their device's memory to us. We collect, store, and use the submitted files exclusively for the creation of the personalized product as described on our website. If the submitted image files are forwarded to specific service providers for the creation and processing of the order, you will be explicitly informed in the following sections. No further transfer occurs. If the submitted files or digital images contain personal data (in particular, identifiable images of people), all of the above-mentioned processing activities will be carried out exclusively for the purpose of fulfilling your online order in accordance with Art. 6 (1) lit. b GDPR.

After the order is completed, the submitted image files will be automatically and completely deleted.

8.2 If necessary for contract processing for delivery and payment purposes, the personal data we collect will be transferred to the commissioned transportation company and the commissioned financial institution in accordance with Art. 6 (1) lit. b GDPR.

If we owe you updates for goods with digital elements or digital products based on a corresponding contract, we will process the contact details (name, address, email) provided by you during the order to inform you within the legal information period in accordance with Art. 6 (1) lit. c GDPR about the upcoming updates by appropriate means (e.g., by post or email). Your contact details will only be processed for this purpose and will only be processed by us to the extent necessary for the respective information.

To process your order, we also work with the following service providers who assist us in executing the contracts concluded. To these service providers, certain personal data is transmitted according to the following information.

8.3 In the case of ordering age-restricted goods, we ensure according to the applicable youth protection law that you have reached the legally required minimum age for the item in question. To do this, we use an age verification process to ensure your personal identification (age check) and, if necessary, authentication. For this purpose, we use the service Ident-Check from DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn; GO! Express-Ident from GO! Express & Logistics (Germany) GmbH, Brühler Straße 9 53119 Bonn.

To verify the required minimum age, certain personal data will be transmitted to the service provider above. This data processing occurs in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in ensuring youth protection-compliant offers and also to comply with the legal provisions regarding youth protection.

8.4 To fulfill our contractual obligations to our customers, we work with external shipping partners. We pass on your name and delivery address and, if necessary for delivery, your phone number exclusively for the purpose of delivering the goods according to Art. 6 (1) lit. b GDPR to a shipping partner selected by us.

8.5 Sharing Personal Data with Shipping Service Providers

- DHL

As a transportation service provider, we use the following provider: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

We forward your email address and/or phone number to the provider in accordance with Art. 6 (1) lit. a GDPR prior to the delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, provided you have expressly consented to this during the order process. Otherwise, we only pass on the recipient's name and delivery address to the provider for delivery purposes in accordance with Art. 6 (1) lit. b GDPR. The transfer only occurs to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the provider or delivery notification is not possible.

The consent can be revoked at any time with effect for the future against the above-mentioned responsible party or the provider.
- General Overnight (GO!)

As a transportation service provider, we use the following provider: GO! Express & Logistics (Germany) GmbH, Brühler Straße 9, 53119 Bonn, Germany

The consent can be revoked at any time with effect for the future against the above-mentioned responsible party or the provider.
- Post CH

As a transportation service provider, we use the following provider: Post CH (Swiss Post AG, Switzerland, Wankdorfallee 4, 3030 Bern)

We forward your email address and/or phone number to the provider before delivering the goods for the purpose of coordinating a delivery date or for delivery notification, provided you have expressly consented to this during the order process. Otherwise, we only pass on the recipient's name and delivery address to the provider for delivery purposes. The transfer only occurs to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the provider or delivery notification is not possible.

The consent can be revoked at any time with effect for the future against the above-mentioned responsible party or the provider.

In the case of data transmission to the provider's location, an adequate level of data protection is ensured through an adequacy decision by the European Commission.

- UPS

As a transportation service provider, we use the following provider: United Parcel Service Deutschland Inc. & Co. OHG, Görlitzer Straße 1, 41460 Neuss, Germany

We pass on your email address and/or phone number to the provider in accordance with Art. 6 (1) lit. a GDPR prior to the delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, provided you have explicitly consented to this in the order process. Otherwise, we will only pass on the recipient's name and delivery address to the provider for the purpose of delivery, in accordance with Art. 6 (1) lit. b GDPR. The transfer takes place only to the extent necessary for the delivery of goods. In this case, prior coordination of the delivery date with the provider or delivery notification is not possible.

Your consent can be revoked at any time with effect for the future to the responsible party mentioned above or to the provider.

8.6 Use of Payment Service Providers

- BLIK

On this website, one or more online payment methods from the following provider are available: Polski Standard Płatności Sp. z o.o., Czerniakowska 87a, 00-718 Warsaw, Poland

For processing your payment, the payment data provided during the order process (including name, address, bank and payment card information, currency, and transaction number), as well as information about the content of your order, is passed on to the provider in accordance with Art. 6 (1) lit. b GDPR. The transfer of your data in this case takes place exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.
- Klarna

On this website, one or more online payment methods from the following provider are available: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden

If you select a payment method from the provider where you make an upfront payment (e.g., credit card payment), the payment data you provided during the order process (including name, address, bank and payment card information, currency, and transaction number), as well as information about the content of your order, is passed on to the provider in accordance with Art. 6 (1) lit. b GDPR. The transfer of your data in this case takes place exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

If you select a payment method where the provider makes an upfront payment (e.g., invoice or installment payment or direct debit), you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postal code, city, date of birth, email address, phone number, and possibly data on an alternative payment method).

In order to safeguard our legitimate interest in assessing the payment capacity of our customers, this data will be forwarded to the provider in accordance with Art. 6 (1) lit. f GDPR for a credit check. The provider checks, based on the personal data you provided and other data (such as shopping cart, invoice amount, order history, payment experiences), whether the selected payment option can be granted in terms of payment and/or default risks.

For the decision during the application review, in addition to internal criteria of the provider, in accordance with Art. 6 (1) lit. f GDPR, identity and credit information from the following credit agencies may be included:

https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things, but not exclusively, address data.

You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for contractual payment processing.
- Mollie

On this website, one or more online payment methods from the following provider are available: Mollie B.V., Keizersgracht 313, 1016 EE Amsterdam, Netherlands

On this website, one or more online payment methods from the following provider are available: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

If you select a payment method from the provider where you make an upfront payment, the payment data you provided during the order process (including name, address, bank and payment card information, currency, and transaction number), as well as information about the content of your order, is passed on to the provider in accordance with Art. 6 (1) lit. b GDPR. The transfer of your data in this case takes place exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

If you select a payment method where we make an upfront payment, you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postal code, city, date of birth, email address, phone number, and possibly data on an alternative payment method).

In such cases, to safeguard our legitimate interest in assessing your payment capacity, this data will be forwarded to the provider in accordance with Art. 6 (1) lit. f GDPR for a credit check. The provider checks, based on the personal data you provided and other data (such as shopping cart, invoice amount, order history, payment experiences), whether the selected payment option can be granted in terms of payment and/or default risks.

On this website, one or more online payment methods from the following provider are available: SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany

On this website, one or more online payment methods from the following provider are available: TWINT AG, Stauffacherstrasse 31, CH-8004 Zurich, Switzerland

If data is transmitted to the provider’s location, an adequate level of data protection is ensured through an adequacy decision by the European Commission.
- Wallee

On this website, one or more online payment methods from the following provider are available: Wallee customweb GmbH, General-Guisan-Strasse 47 31, CH-8400 Zurich, Switzerland

If data is transmitted to the provider’s location, an adequate level of data protection is ensured through an adequacy decision by the European Commission.

9) Online Marketing

9.1 belboon Affiliate

We participate in the affiliate program of the following provider: belboon GmbH, Weinmeisterstr. 12-14, 10178 Berlin, Germany

In this context, we have placed links on our website that lead to offers on the provider's websites or third-party websites ("partner sites").

To measure the success of an affiliate link, to evaluate orders generated through such a link, and to settle commission payments, the provider uses cookies and/or similar technologies, which are generally set on the partner sites, and for which we are not legally responsible. In this context, the provider also processes the IP address and possibly other device information.

All the processing described above, especially reading or storing information on your device, occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time with effect for the future by using the cookie consent management options on the partner sites.

10) Web Analytics Services

10.1 Google (Universal) Analytics

This website uses Google (Universal) Analytics, a web analytics service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which allows for an analysis of your usage of our website.

By default, Google (Universal) Analytics sets cookies when you visit the website, which are small text blocks placed on your device to collect certain information. This information includes your IP address, but Google shortens it to exclude direct personal identification.

The information is transmitted to Google servers and processed there. Transfers to Google LLC based in the USA are possible.

Google uses the collected information on our behalf to evaluate your use of the website, to compile reports on website activities for us, and to provide other services related to website usage and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. The data collected through the use of Google (Universal) Analytics is stored for two months and then deleted.

All the processing described above, especially setting cookies on the device used, occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR.
Without your consent, the use of Google (Universal) Analytics will not occur during your visit to the site. You can withdraw your consent at any time for the future. To exercise your right to withdraw, please deactivate this service using the "cookie-consent-tool" provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

Further legal information on Google (Universal) Analytics can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=en&gl=de and https://policies.google.com/technologies/partner-sites

Demographic Characteristics
Google (Universal) Analytics uses the special "demographic characteristics" feature and can create statistics that make statements about the age, gender, and interests of site visitors. This is done by analyzing advertising and third-party information. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to a specific person and will be deleted after being stored for two months.

Google Signals
As an extension to Google (Universal) Analytics, Google Signals may be used on this website to create cross-device reports. If you have enabled personalized ads and linked your devices to your Google account, Google, with your consent to use Google Analytics according to Art. 6 (1) lit. a GDPR, can analyze your usage behavior across devices and create database models, including cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop cross-device analysis, you can disable the "Personalized Ads" feature in your Google account settings. Please follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=en For more information on Google Signals, visit: https://support.google.com/analytics/answer/7532985?hl=en

UserIDs
As an extension to Google (Universal) Analytics, the "UserIDs" feature may be used on this website. If you have consented to the use of Google (Universal) Analytics according to Art. 6 (1) lit. a GDPR, set up an account on this website, and sign in on various devices with this account, your activities, including conversions, can be analyzed cross-device.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

10.2 Google Analytics 4

This website uses Google Analytics 4, a web analytics service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which allows for an analysis of your usage of our website.

By default, Google Analytics 4 sets cookies when you visit the website, which are small text blocks placed on your device to collect certain information. This information includes your IP address, but Google shortens it to exclude direct personal identification.

The information is transmitted to Google servers and processed there. Transfers to Google LLC based in the USA are possible.

Google uses the collected information on our behalf to evaluate your use of the website, to compile reports on website activities for us, and to provide other services related to website usage and internet usage. The IP address transmitted by your browser as part of Google Analytics 4 is not merged with other data from Google. The data collected through the use of Google Analytics 4 is stored for two months and then deleted.

All the processing described above, especially setting cookies on the device used, occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR.
Without your consent, the use of Google Analytics 4 will not occur during your visit to the site. You can withdraw your consent at any time for the future. To exercise your right to withdraw, please deactivate this service using the "cookie-consent-tool" provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=en&gl=de and https://policies.google.com/technologies/partner-sites

Demographic Characteristics
Google Analytics 4 uses the special "demographic characteristics" feature and can create statistics that make statements about the age, gender, and interests of site visitors. This is done by analyzing advertising and third-party information. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to a specific person and will be deleted after being stored for two months.

Google Signals
As an extension to Google Analytics 4, Google Signals may be used on this website to create cross-device reports. If you have enabled personalized ads and linked your devices to your Google account, Google, with your consent to use Google Analytics according to Art. 6 (1) lit. a GDPR, can analyze your usage behavior across devices and create database models, including cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop cross-device analysis, you can disable the "Personalized Ads" feature in your Google account settings. Please follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=en For more information on Google Signals, visit: https://support.google.com/analytics/answer/7532985?hl=en

UserIDs
As an extension to Google Analytics 4, the "UserIDs" feature may be used on this website. If you have consented to the use of Google Analytics 4 according to Art. 6 (1) lit. a GDPR, set up an account on this website, and sign in on various devices with this account, your activities, including conversions, can be analyzed cross-device.

10.3 Google Tag Manager

This website uses the "Google Tag Manager," a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

The Google Tag Manager provides a technical framework for managing various web applications, including tracking and analytics services, through a unified user interface. The Google Tag Manager itself does not store information on user devices or read it. The service does not perform any independent data analysis. However, by using Google Tag Manager, your IP address is transmitted to Google when the page is loaded, and it may be stored. A transmission to Google LLC servers in the USA is also possible.

This processing occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR. Without this consent, Google Tag Manager will not be used during your visit to the site. You can withdraw your consent at any time for the future. To exercise your right to withdraw, please disable this service using the "cookie-consent-tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

Further legal information about Google Tag Manager can be found at https://business.safety.google/intl/de/privacy/ and https://policies.google.com/privacy?hl=en&gl=de

10.4 New Relic

This website uses the web analytics service of the following provider: New Relic, Inc., 188 Spear St, San Francisco, CA 94105, USA

Using cookies and/or similar technologies (tracking pixels, web beacons, algorithms to read device and browser information), the service collects and stores pseudonymized visitor data, including information about the device used, such as IP address and browser information, in order to evaluate statistical analyses of usage behavior on our website and create pseudonymized usage profiles. Among other things, this allows the evaluation of movement patterns (so-called heatmaps), which show the duration of page visits as well as interactions with page content (e.g., text inputs, scrolling, clicks, and mouse-overs). Pseudonymization generally excludes direct personal identification. Data is not merged with other data collected about you.

All the processing described above, particularly reading or storing information on the device used, occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time for the future by deactivating this service in the "cookie-consent-tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

11) Retargeting/Remarketing and Conversion Tracking

11.1 Meta Pixel

Within our online offering, we use the "Meta Pixel" service from the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Meta")

If a user clicks on an advertisement placed by us on Facebook and/or Instagram, the URL of our linked page is extended by a parameter using "Meta Pixel." This URL parameter is then added to the user's browser after being redirected through a cookie set by our linked page.

This allows Meta to identify the visitors to our online offering as a target audience for displaying ads (so-called "Ads"). Accordingly, we use the service to display Facebook and/or Instagram Ads only to users who have shown interest in our online offering or who have certain characteristics (e.g., interests in specific topics or products determined by visited websites), which we transmit to Meta (so-called "Custom Audiences").

On the other hand, "Meta Pixel" can track whether users have been redirected to our website after clicking on an ad and what actions they take there (so-called "conversion tracking").

The collected data is anonymized for us, so we cannot draw conclusions about the identity of the users. However, the data is stored and processed by Meta, allowing the connection to the respective user profile, and Meta may use the data for its own advertising purposes.

All the processing described above, particularly setting cookies to read information on the device used, occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time for the future by deactivating this service in the "cookie-consent-tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

The information generated by Meta is usually transmitted to a server of Meta and stored there; in this context, it may also be transferred to Meta Platforms Inc. servers in the USA.

11.2 Google Ads Remarketing

This website uses retargeting technology from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

For this purpose, Google places a cookie in your browser, which automatically enables interest-based advertising based on the pages you have visited using a pseudonymous cookie ID. Further data processing only occurs if you have agreed to link your internet and app browser history with your Google account and to use information from your Google account for personalizing ads you view on the web. If you are logged into Google during your visit to our website, Google uses your data along with Google Analytics data to create and define target audience lists for cross-device remarketing.

All the processing described above, particularly setting cookies to read information on the device used, occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR. Without this consent, retargeting technology will not be used during your visit to the site.

You can withdraw your consent at any time for the future. To exercise your right to withdraw, please deactivate this service in the "cookie-consent-tool" provided on the website.

Details about the processing initiated by Google and Google's handling of website data can be found here: https://policies.google.com/technologies/partner-sites

More information about Google's privacy policies can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

11.3 Microsoft Advertising

This website uses retargeting technology from the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

This enables us to address visitors to our website with personalized, interest-based advertising who have already shown interest in our shop and products. The display of the ads is based on a cookie-based analysis of past and current usage behavior, but no personal data is stored. In cases of retargeting technology, a cookie is stored on your computer or mobile device to capture pseudonymized data about your interests and adjust the advertising accordingly. These cookies are small text files stored on your computer or mobile device. You are shown ads that are most likely to match your product and information interests.

All the processing described above, particularly setting cookies to read information on the device used, occurs only if you have explicitly consented to it according to Art. 6 (1) lit. a GDPR. Without this consent, retargeting technology will not be used during your visit to the site.

You can withdraw your consent at any time for the future. To exercise your right to withdraw, please deactivate this service in the "cookie-consent-tool" provided on the website.

12) Site Functionalities

12.1 Facebook Plugins

Our website uses plugins from the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins allow direct interactions with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated using the so-called "2-click" or "Shariff" solution embedded into the page.

This embedding ensures that when you access a page of our website containing such plugins, no connection to the provider's servers is established yet.

Only when you activate the plugins and thereby grant your consent for the data transfer according to Art. 6 (1) lit. a GDPR, your browser establishes a direct connection to the provider’s servers. Information about your device (including your IP address), your browser, and your page history will then be transmitted to the provider and possibly processed further, regardless of whether you are logged into an existing user profile.

If you are logged into a user profile on the provider's social network, information about interactions performed through the plugins will be published and shown to your contacts.

You can withdraw your consent at any time by deactivating the plugin again by clicking on it. The withdrawal does not affect the data that has already been transmitted to the provider.

Data may also be transmitted to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

12.2 Instagram Plugins

Our website uses plugins from the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins allow direct interactions with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated using the so-called "2-click" or "Shariff" solution embedded into the page.

This embedding ensures that when you access a page of our website containing such plugins, no connection to the provider's servers is established yet.

If you are logged into a user profile on the provider's social network, information about interactions performed through the plugins will be published and shown to your contacts.

You can withdraw your consent at any time by deactivating the plugin again by clicking on it. The withdrawal does not affect the data that has already been transmitted to the provider.

Data may also be transmitted to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

12.3 Pinterest Plugins

Our website uses plugins from the social network of the following provider: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland

These plugins allow direct interactions with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated using the so-called "2-click" or "Shariff" solution embedded into the page.

This embedding ensures that when you access a page of our website containing such plugins, no connection to the provider's servers is established yet.

If you are logged into a user profile on the provider's social network, information about interactions performed through the plugins will be published and shown to your contacts.

You can withdraw your consent at any time by deactivating the plugin again by clicking on it. The withdrawal does not affect the data that has already been transmitted to the provider.

Data may also be transmitted to: Pinterest Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with European data protection standards.

12.4 YouTube

This website uses plugins to display and play videos from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data may also be transmitted to: Google LLC, USA

When you visit a page of our website containing such a plugin, your browser establishes a direct connection to the provider’s servers to load the plugin. Certain information, including your IP address, will be transmitted to the provider.

When the embedded videos are played through the plugin, the provider also sets cookies to collect information about user behavior, create playback statistics, and prevent abusive behavior.

If you are logged into a user account with the provider during your visit, your data will be directly associated with your account when you click on a video. If you do not want the association with your account, you must log out before clicking the play button.

12.5 Facebook Connect

On our website, we provide a Single-Sign-On feature from the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

In addition to transmitting data to the provider’s location, data may also be transmitted to: Meta Platforms Inc., USA

If you have an account with the provider, you can log in with your account details to create a user account or register on our website.

When visiting this page, a direct connection between your browser and the provider’s servers may be established via this login function, even if you do not have an account with the provider or are not logged into one. This provides the provider with the information that you have visited our page. The information collected in this context (including your IP address) is transmitted directly from your browser to the provider’s server and stored there. However, the information is not used to identify you personally, and is not shared with third parties.

This data processing is carried out in accordance with Art. 6 (1) lit. f GDPR, based on our legitimate interest in a user-friendly and interactive design of our online presence.

If you press the login button to register on our website with your account’s data from the provider, the provider transmits only the general and publicly accessible information stored in your account (user ID, name, address, email address, age, and gender) to us based on your explicit consent according to Art. 6 (1) lit. a GDPR.

We store and use the data transmitted by the provider to set up a user account with the necessary data (salutation, first name, last name, address, country, email address, date of birth), if you have made them available to the provider. Conversely, with your consent, data (e.g., information about your browsing or purchase behavior) may be transferred from us to your account with the provider.

You can withdraw your consent at any time with effect for the future.

12.6 Trusted Shops Trustbadge

On our website, graphic elements of the following provider are embedded to display external customer reviews and/or an external quality seal: Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne, Germany

If you visit a page on our website that contains such graphic elements, your browser establishes a direct connection to the provider’s servers to load the elements correctly. Certain browser information, including your IP address, is transmitted to the provider.

If personal data is processed during this, it occurs according to Art. 6 (1) lit. f GDPR based on our legitimate interest in the optimal marketing of our offer and the appealing design of our online presence.

In case of an online order with us, further processing may occur.

If you give your explicit consent according to Art. 6 (1) lit. a GDPR, the Trustbadge will transmit your order information (order amount, order number, possibly purchased product) and your email address to the provider encrypted after placing an order to verify an existing registration for the provider's services (especially "buyer protection") and possibly enable re-registration.

If an existing registration is identified or if a new registration is made with the provider for their services (especially buyer protection), your order information (order amount, order number, purchased product) and your email address will be transmitted to the provider based on the contractual agreement with the provider according to Art. 6 (1) lit. b GDPR and further processed by them to provide the services (especially buyer protection).

We are jointly responsible for the processing described above according to Art. 26 GDPR. The agreement on joint responsibility can be viewed here: https://help.etrusted.com/hc/de/articles/4402587369105-Vertrag-%C3%BCber-die-gemeinsame-Verantwortlichkeit-nach-DSGVO

12.7 Google Maps

This website uses an online map service from the following provider: Google Maps (API) by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Maps is a web service for displaying interactive (land) maps, to visually represent geographic information. Using this service, our location is shown to you and access to our location is made easier.

When you visit the subpages where Google Maps is embedded, information about your use of our website (e.g., your IP address) is transmitted to Google’s servers and stored there, and may also be transferred to Google LLC servers in the USA. This happens regardless of whether Google provides a user account you are logged into or whether you have a user account. If you are logged into Google, your data is directly associated with your account. If you do not wish to be associated with your Google profile, you must log out before activating the button.

The collection, storage, and evaluation of data occurs according to Art. 6 (1) lit. f GDPR based on Google's legitimate interest in displaying personalized advertisements, market research, and/or the demand-oriented design of Google websites. You have the right to object to the creation of user profiles. To exercise this right, you must contact Google. If you do not agree with the future transmission of your data to Google through the use of Google Maps, you have the option to completely deactivate the web service of Google Maps by disabling JavaScript in your browser. Google Maps and thus the map display on this website will then not be used.

If required by law, we have obtained your consent according to Art. 6 (1) lit. a GDPR for the processing of your data. You can withdraw your consent at any time with effect for the future. To exercise your right to withdraw, please follow the procedure for exercising the objection described above.

Further information on Google’s privacy policies can be found here: https://business.safety.google/intl/de/privacy/

13) Tools and Miscellaneous

13.1 Cookie-Consent Tool

This website uses a so-called “Cookie-Consent Tool” to obtain valid user consent for cookies and cookie-based applications that require consent. The “Cookie-Consent Tool” is displayed to users when they visit the site, in the form of an interactive user interface, where users can consent to certain cookies and/or cookie-based applications by ticking checkboxes. By using this tool, all cookies/services requiring consent are only loaded if the respective user grants consent by ticking the checkboxes. This ensures that such cookies are only set on the user's device if consent is given.

The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed in this context.

If, in specific cases, the processing of personal data (such as the IP address) is required for storing, assigning, or logging cookie settings, this is done in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in a legally compliant, user-specific, and user-friendly consent management for cookies, and thus in the legally compliant design of our online presence.

Another legal basis for processing is Art. 6 (1) lit. c GDPR. As the controller, we are legally obligated to make the use of technically unnecessary cookies dependent on user consent.

If necessary, we have concluded a data processing agreement with the provider to ensure the protection of the data of our website visitors and prohibit unauthorized disclosure to third parties.

Further information about the operator and the configuration options of the Cookie-Consent Tool can be found directly in the corresponding user interface on our website.

14) Rights of the Data Subject

14.1 The applicable data protection law grants you the following rights concerning the processing of your personal data by the data controller (information and intervention rights), where the respective conditions for exercising these rights are referenced according to the legal basis cited:

Right of access according to Art. 15 GDPR;
Right to rectification according to Art. 16 GDPR;
Right to erasure according to Art. 17 GDPR;
Right to restriction of processing according to Art. 18 GDPR;
Right to notification according to Art. 19 GDPR;
Right to data portability according to Art. 20 GDPR;
Right to withdraw consent according to Art. 7 (3) GDPR;
Right to lodge a complaint according to Art. 77 GDPR.

14.2 RIGHT TO OBJECT

If we process your personal data based on a legitimate interest according to Art. 6 (1) lit. f GDPR, you have the right to object at any time, for reasons related to your particular situation, to the processing of your personal data with effect for the future.

If you exercise your right to object, we will cease the processing of the affected data. However, further processing may be reserved if we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes. You can exercise this right as described above.

If you exercise your right to object, we will cease the processing of the affected data for direct marketing purposes.

15) Duration of Storage of Personal Data

The duration of the storage of personal data is determined by the respective legal basis, the processing purpose, and—if applicable—the statutory retention periods (e.g., commercial and tax law retention periods).

In the case of processing personal data based on an explicit consent according to Art. 6 (1) lit. a GDPR, the data will be stored until you withdraw your consent.

If statutory retention periods exist for data processed as part of legal or contractual obligations based on Art. 6 (1) lit. b GDPR, this data will be routinely deleted once the retention periods expire, provided it is no longer required for contract fulfillment or contract initiation and/or we have no legitimate interest in further storage.

In the case of processing personal data based on Art. 6 (1) lit. f GDPR, the data will be stored until you exercise your right to object according to Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

In the case of processing personal data for direct marketing purposes based on Art. 6 (1) lit. f GDPR, this data will be stored until you exercise your right to object according to Art. 21 (2) GDPR.

Unless otherwise specified in this declaration regarding specific processing situations, personal data stored will be deleted once they are no longer necessary for the purposes for which they were collected or otherwise processed.

* including VAT and excluding shipment costs

¹Valid for delivery to Germany with standard shipping. Express shipment will be delivered in 1 working day(s) to Germany. You will find delivery times for other countries and information about delivery times here