Privacy policy

Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it has no consequences. This only applies if no other information is provided in the following processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.

Server log files
You can visit our website without providing any personal information.
Each time you access our website, usage data is transmitted by your internet browser to us or our web host / IT service provider and stored in log files (so-called server log files). This stored data includes, for example, the name of the accessed page, date and time of access, the IP address, the amount of data transferred, and the requesting provider.
Processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR, based on our overriding legitimate interest in ensuring the smooth operation of our website and improving our offerings.

Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision.

Contact us

Responsible party
Contact us if you wish. The responsible party for data processing is: Alexander Bocks, Raiffeisenstraße 27, 49124 Georgsmarienhütte

Germany

alex@layzee.com

Customer’s initiative to contact us by email
If you contact us proactively by email, we will only collect your personal data (name, email address, message text) to the extent provided by you. The data is processed for the purpose of processing and responding to your contact request.
If the contact is for the purpose of implementing pre-contractual measures (e.g. advice on purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR, based on our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, for reasons arising from your particular situation, to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

Collection and processing when using the contact form
When using the contact form, we only collect your personal data (name, email address, message text) to the extent provided by you. The data is processed for the purpose of establishing contact.
If the contact is for the purpose of implementing pre-contractual measures (e.g. advice on purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is based on Art. 6 para. 1 lit. f GDPR, based on our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, for reasons arising from your particular situation, to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

Customer account Orders

Customer Account
When you open a customer account, we collect your personal data to the extent specified there. Data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out based on the consent until revocation. Your customer account will then be deleted.

Collection, processing and disclosure of personal data for orders
When placing an order, we collect and process your personal data only to the extent necessary for the fulfillment and processing of your order and for handling your inquiries. The provision of data is necessary for the conclusion of the contract. Failure to provide data means that no contract can be concluded. Processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR and is necessary for the performance of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have selected, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly observe the legal requirements. The scope of data transmission is kept to a minimum.

Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision.

reviews Advertising

Data collection when writing a comment or rating
When you comment/rate an article or post, we only collect your personal data (name, email address, comment text) to the extent that you provide it. The processing serves the purpose of enabling a comment/rating and displaying comments/ratings.

We also collect the following data for the purpose of verifying your rating/comment: Order number, , , Name.

By submitting the comment/review, you consent to the processing of the transmitted data. Processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out based on the consent until revocation. Your personal data will then be deleted.

If your comment/review is published, only the name you provide will be published.

Use of the email address for sending newsletters
We use your email address exclusively for our own advertising purposes for sending newsletters, independently of contract processing, provided you have expressly consented to this. Processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.

Your data will be passed on to a service provider for e-mail marketing as part of order processing. Your data will not be passed on to other third parties.

Use of Brevo (formerly Sendinblue)
We use the service of Sendinblue GmbH (Köpenicker Straße 126, 10179 Berlin; “Brevo”) for sending newsletters as part of order processing.
We pass on the information you provide during newsletter registration (email address, possibly first and last name) to Brevo. Data processing serves the purpose of sending newsletters and their statistical evaluation.
To evaluate newsletter campaigns, the sent email newsletters contain a 1×1 pixel graphic (tracking pixel) and/or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, your personal data such as IP address, browser type and device, and the time of opening may also be collected. Usage profiles can be created from this data under a pseudonym. The collected data is not used to identify you personally. The collected data is only used for statistical evaluation to improve newsletter campaigns.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR, based on our overriding legitimate interest in a targeted, advertising-effective, and user-friendly newsletter system. You have the right to object at any time, for reasons arising from your particular situation, to this processing of your personal data.
Further information and Brevo’s privacy policy can be found at: https://www.brevo.com/de/legal/privacypolicy/.

Merchandise management

Use of an external merchandise management system
We use a merchandise management system for contract processing as part of order processing. For this purpose, your personal data collected as part of the order will be transmitted to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal.

The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 para. 1 lit. b GDPR.

Payment service provider

Use of PayPal
We use the PayPal payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”) on our website. The purpose of data processing is to be able to offer you payment via the payment service. By selecting and using payment via PayPal, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.

All PayPal transactions are subject to the PayPal privacy policy. This can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Use of SOFORT
We use the payment service provider SOFORT GmbH (Theresienhöhe 12, 80339 Munich, Germany; “SOFORT”) for payment processing on our website. Sofort GmbH is a company of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Data processing serves the purpose of offering you various payment methods through payment processing via the payment service provider SOFORT. If you have chosen the payment option, the data required for payment processing will be transmitted to SOFORT. This data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Further information on data processing when using the payment service provider SOFORT can be found at https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ and https://www.klarna.com/sofort/.
Use of the payment service provider Mollie
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; “Mollie”) for payment processing on our website. Data processing serves the purpose of offering you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g., bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, your address data, and information about the product or service you purchased from us. This data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated privacy policy https://www.mollie.com/de/privacy
cookiesOur website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide whether to accept them individually and prevent the storage of cookies and transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to use all the functions of this website to their full extent.
You can find out how to manage (including deactivating) cookies in the most important browsers by clicking on the links below:
Technically necessary cookies
Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies for the purpose of making our website more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change.
The use of cookies or similar technologies is based on Section 25 (2) TTDSG. The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR, based on our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offering.
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you.

Use of Cookiebot
We use the consent management tool Cookiebot from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark; “Cookiebot”) on our website.
The tool allows you to give consent for data processing via the website, especially the setting of cookies, and to exercise your right to withdraw consent already given. Data processing serves the purpose of obtaining and documenting necessary consents for data processing and thus complying with legal obligations.
Cookies may be used for this purpose. Among other things, the following information may be collected and transmitted to Cookiebot: anonymized IP address, date and time of consent, URL from which consent was sent, anonymous, random, encrypted key, consent status. This data is not passed on to other third parties.
Data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
Further information on data protection at Cookiebot can be found at: https://www.cookiebot.com/de/privacy-policy/

Affiliate advertising tracking analysis

Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. On behalf of the operator of this website, Google will use the information obtained for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The following information, among others, may be collected: IP address, date and time of the page view, click path, information about the browser you are using and the device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data that Google has about you.

The IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

Google uses technologies such as cookies, browser web storage, and tracking pixels, which enable an analysis of your use of the website. The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR.

The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.

We also use the Google Signals service in this context. Google Signals enables cross-device tracking. Your data can therefore be analyzed across devices if you have activated “personalized advertising” in your account settings and your end devices are linked to your Google account. This makes it possible to recognize on which device you search for products and later return to complete purchases on another device, such as a tablet.
The cross-device reports created in this context only contain aggregated data. We therefore only receive statistics generated on the basis of Google Signals. To prevent Google Signals from collecting and storing data across devices, you can deactivate the “personalized ads” function in the settings of your Google account. You can find more information on this at https://support.google.com/ads/answer/2662922?hl=de.
You can find more information on data processing and data protection for Google Signals at https://support.google.com/analytics/answer/7532985?hl=de.

The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there. An adequacy decision by the EU Commission is available for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to complying with European data protection principles. Both Google and US government authorities have access to your data.

Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.

Use of the Meta Pixel
We use the Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Meta”) on our website.
Meta and we are jointly responsible for the collection of your data and the transmission of this data to Meta when the service is integrated. The basis for this is an agreement between us and Meta on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://de-de.facebook.com/legal/terms/businesstools. According to this agreement, we are responsible in particular for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta is responsible for enabling the rights of data subjects pursuant to Art. 15 – 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta’s obligations under the Joint Processing Agreement.
The purpose of the application is to target visitors to the website with interest-based advertising on the social networks Facebook and Instagram. The Meta remarketing tag has been implemented on the website for this purpose. This tag establishes a direct connection to the Meta servers when you visit the website. This tells the Meta server which of our pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalized, interest-based ads.
The application also serves the purpose of creating conversion statistics. This tells us the total number of users who have clicked on one of our ads and been redirected to a page with a conversion tracking tag and what actions are taken after being redirected to this website. However, we do not receive any information with which users can be personally identified.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles.
The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out based on the consent until revocation.
You can deactivate the “Custom Audiences” remarketing function here. Further information on the collection and use of data by Meta, your rights in this regard, and options for protecting your privacy can be found in Meta’s privacy policy at https://www.facebook.com/about/privacy/.

 

Use of Google Ads conversion tracking
We use the online advertising program “Google Ads” on our website and in this context conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
If you click on an ad served by Google, a cookie for conversion tracking is placed on your computer. These cookies have a limited validity, do not contain personal data, and therefore do not serve for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. Thus, there is no possibility that cookies can be tracked across Ads customer websites.
The information obtained with the help of the conversion cookie serves the purpose of generating conversion statistics. Here we learn the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that allows users to be personally identified. Your data may be transmitted to Google LLC servers in the USA. An adequacy decision by the EU Commission is available for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information and Google’s privacy policy can be found at: https://www.google.de/policies/privacy/

Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website. The data is processed for the purpose of renting out advertising space on the website and using it to target website visitors with interest-based advertising. This function enables visitors to the provider’s website to be shown personalized, interest-based advertising ads from the Google Display Network. Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. An adequacy decision by the EU Commission is available for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and has thus committed itself to complying with European data protection principles. Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. Under no circumstances will Google associate your IP address with other Google data.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of processing carried out based on the consent until revocation.
Further information and Google’s privacy policy can be found at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/

Use of the ADCELL Partner Program
We use the partner program “ADCELL” from Firstlead GmbH (Rosenfelder Str. 15-16, 10315 Berlin; “ADCELL”).
ADCELL and we are joint controllers for the collection of your data and its transmission to ADCELL when the service is integrated. This is based on an agreement between us and ADCELL regarding the joint processing of personal data. The agreement can be accessed at https://www.adcell.de/datenverarbeitung. Accordingly, we and ADCELL are equally responsible for fulfilling the obligations under the GDPR, particularly for fulfilling the information obligations under Art. 13, 14 GDPR and for granting data subject rights under Art. 15 – 21 GDPR.
If you click on an ad with a partner link, ADCELL places a cookie for conversion tracking on your computer. The cookies serve the purpose of correct billing within the partner program by recording the success of an advertising medium. The cookies recognize that you have clicked on the ad and the origin of the order with the advertiser can be traced. ADCELL also uses so-called tracking pixels. These allow information such as visitor traffic on the pages to be evaluated.
The information generated by cookies and tracking pixels about the use of this website (including the IP address) and the delivery of advertising formats is transmitted to an ADCELL server and stored there. Among other things, ADCELL can recognize that the partner link on this website was clicked. ADCELL may, under certain circumstances, pass on this (anonymized) information to contractual partners, but data such as, for example, the IP address is not merged with other stored data.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (2) 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.

Plug-ins and miscellaneous

Use of the Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
This application is used to manage JavaScript tags and HTML tags, which are used to implement tracking and analysis tools in particular. The data processing serves the purpose of designing and optimizing our website in line with requirements.
The Google Tag Manager itself neither stores cookies nor does it process personal data. However, it enables the triggering of other tags that can collect and process personal data.
You can find more information on terms of use and data protection here.

Use of Social Plug-ins
We use social network plug-ins on our website. The integration of social plug-ins and the data processing that takes place serves the purpose of optimizing advertising for our products.
When social plug-ins are integrated, a connection is established between your computer and the servers of the social network providers, and the plug-in is displayed on the page by notifying your browser, provided you have expressly consented to this. Both your IP address and the information about which of our pages you have visited are transmitted to the provider’s servers. This applies regardless of whether you are registered or logged in to the social network. A transmission also takes place for unregistered or non-logged-in users. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be assigned to your respective profiles. When using the plug-in functions (e.g., by pressing the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies takes place with your consent based on Section 25 ( 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of processing carried out based on the consent until revocation.
The social networks named below are integrated into our website via social plug-ins. Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are joint controllers for the collection of your data and the transmission of this data to Facebook when the service is integrated. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. According to this, we are particularly responsible for fulfilling the information obligations according to Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations according to Art. 33, 34 GDPR, insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights according to Art. 15 – 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and complying with the obligations according to Art. 33, 34 GDPR, insofar as a personal data breach affects Meta Platforms Ireland’s obligations under the joint processing agreement.
Your data may be transmitted to the USA. An adequacy decision by the EU Commission is available for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and has thus committed to complying with European data protection principles.
Further information on the collection and use of data by Facebook, your rights in this regard, and options for protecting your privacy can be found in Facebook’s privacy policy at https://www.facebook.com/about/privacy/.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transferred to the USA. An adequacy decision by the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified under the TADPF and thus committed to comply with European data protection principles.

Use of social plug-ins via “Shariff
We use social network plug-ins on our website. To ensure that you retain control over your data, we use the privacy-safe “Shariff” buttons.
Without your express consent, no links to the servers of the social networks will be established and consequently no data will be transmitted.
“Shariff” is a development of the specialists at the computer magazine c’t. It enables more privacy on the Internet and replaces the usual “Share” buttons of social networks. You can find more information about the Shariff project here https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.
When you click on the buttons, a pop-up window appears in which you can log in to the respective provider with your data. A direct connection to the social networks is only established after you have actively logged in.
By logging in, you give your consent to the transfer of your data to the respective social media provider. Among other things, your IP address and information about which of our pages you have visited will be transmitted. If you are connected to one or more of your social network accounts at the same time, the information collected will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks named below are integrated using the “Shariff” function.
You can find more information on the scope and purpose of the collection and use of data as well as your rights in this regard and options for protecting your privacy in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. An adequacy decision by the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified under the TADPF and thus committed to comply with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388.
Your data may be transferred to the USA. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles.

Use of Facebook’s Single Sign-On function
We use the Single Sign-On function (formerly Facebook Connect) of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Facebook”) on our website.
Meta Platforms Ireland and we are joint controllers for the collection of your data and the transmission of this data to Facebook when the service is integrated. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. According to this, we are particularly responsible for fulfilling the information obligations according to Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations according to Art. 33, 34 GDPR, insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights according to Art. 15 – 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and complying with the obligations according to Art. 33, 34 GDPR, insofar as a personal data breach affects Meta Platforms Ireland’s obligations under the joint processing agreement.
This function allows website visitors to log in to the website using their existing Facebook account. Data processing serves the purpose of verification during registration, personalization, and interest-based advertising.
To offer the function on the website, a connection to the Facebook server is established. Cookies are used for this purpose. Among other things, the following information may be collected and transmitted to Facebook: IP address, browser information, referrer URL (website from which you accessed our website), location data. This applies regardless of whether you are registered or logged in to the social network. A transmission also takes place for unregistered or non-logged-in users. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be assigned to your respective profiles. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. Your data may be transferred to the USA. An adequacy decision by the EU Commission is available for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and has thus committed to complying with European data protection principles.
When using the Single Sign-On function, the Facebook profile of the website visitor is linked to a customer account for this website. In this process, we receive personal data of the user from Facebook, as specified in the login process. This may include the following information: name, address, public profile information (e.g., name, profile picture, age, gender), email address, friend lists, “likes”.
The use of cookies or similar technologies takes place with your consent based on Section 25 ( 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of processing carried out based on the consent until revocation.
Further information on the collection and use of data by Facebook, your related rights and options for protecting your privacy can be found in Facebook’s privacy policy at https://www.facebook.com/about/privacy/.

Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”) on our website. YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
The function displays YouTube videos in an iframe on the website. The “Enhanced Privacy Mode” option is activated. As a result, YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. An adequacy decision by the EU Commission is available for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified under the TADPF and is thus committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent based on Section 25 ( 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of processing carried out based on the consent until revocation.
Further information on the collection and use of data by YouTube and Google, your related rights and options for protecting your privacy can be found in YouTube’s privacy policy at https://www.youtube.com/t/privacy.

Integration of the Käufersiegel logo
The Käufersiegel logo (Händlerbund Management AG, Kohlgartenstraße 11 – 13, 04315 Leipzig) is integrated on our website. When you visit our website, the browser used on your device automatically sends information to the Händlerbund Management AG server. This information is temporarily stored in a so-called server log file for 7 days. The following information is recorded without any action on your part and stored until it is automatically deleted:
  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which access is made (referrer URL),
  • Browser used, protocol and, if applicable, the operating system of your computer and the name of your access provider.
Temporary storage of the IP address by the system is necessary to enable delivery of the website. For this purpose, the IP address must remain stored for the duration of the session. It is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of the information technology systems. This data is not stored together with other personal data. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR.

Data subject rights and storage duration

Duration of storage
Once the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then in accordance with statutory retention periods, in particular under tax and commercial law, and then deleted after the period has expired, unless you have consented to further processing and use.

Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability.
You also have the right to object to processing based on Art. 6(1)(f) GDPR and to processing for the purposes of direct marketing in accordance with Art. 21(1) GDPR.

Right to lodge a complaint with the supervisory authority
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that your personal data is being processed unlawfully.

You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:

State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5
30159 Hannover
Tel.: +49 511 1204500
Fax: +49 511 1204599
E-Mail: poststelle@lfd.niedersachsen.de

Right to object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR, you have the right to object at any time, for reasons arising from your particular situation, to this processing with effect for the future.
After an objection, the processing of the affected data will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.

last update: 29.11.2023