Privacy Policy

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within the framework of providing our services, as well as within our online offering and associated websites, functions, and content, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "online offering"). With regard to the terminology used, such as "processing" or "controller," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Controller

Auerswald Marketing S.L.
Ctra. del Cap de la Nau Pla, 126-1-18
03730 Xàbia
Spain

Email: business(at)upmylikes.com

Link to Legal Notice: https://www.upmylikes.com/impressum/

Please note that we do NOT offer customer service or support at these addresses, phone numbers, or this email address!

Note: To prevent spam emails, we have replaced the "@" in our email address with "(at)." Please use "@" instead when you wish to contact us.

Types of Processed Data

  • Inventory data (e.g., personal master data, names, or addresses).

  • Contact data (e.g., email, telephone numbers).

  • Content data (e.g., text entries, photographs, videos).

  • Usage data (e.g., visited web pages, interest in content, access times).

  • Meta/communication data (e.g., device information, IP addresses).

Categories of Data Subjects

Visitors and users of the online offering (hereinafter, we also collectively refer to the data subjects as "users").

Purpose of Processing

  • Provision of the online offering, its functions, and content.

  • Responding to contact inquiries and communicating with users.

  • Security measures.

  • Reach measurement/marketing.

Definitions

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

"Processing" is any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and encompasses virtually any handling of data.

"Pseudonymization" means processing personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning the person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

The "controller" is the natural or legal person, authority, agency, or other body that alone or jointly with others determines the purposes and means of the processing of personal data.

"Processor" means a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

Relevant Legal Bases

In accordance with Article 13 of the GDPR, we inform you of the legal bases for our data processing. For users in the scope of the General Data Protection Regulation (GDPR), i.e., the EU and the European Economic Area (EEA), the following applies if the legal basis is not mentioned in the privacy policy:

The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR.

The legal basis for processing for the performance of our services and the execution of contractual measures is Article 6(1)(b) of the GDPR.

The legal basis for processing to fulfill our legal obligations is Article 6(1)(c) of the GDPR.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) of the GDPR serves as the legal basis.

The legal basis for the necessary processing to perform a task carried out in the public interest or in the exercise of official authority vested in the controller is Article 6(1)(e) of the GDPR.

The legal basis for processing to safeguard our legitimate interests is Article 6(1)(f) of the GDPR.

The processing of data for purposes other than those for which the data was collected is governed by the provisions of Article 6(4) of the GDPR.

The processing of special categories of data (as defined in Article 9(1) of the GDPR) is governed by the provisions of Article 9(2) of the GDPR.

Security Measures

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access, input, disclosure, ensuring availability, and their separation. We have also established procedures to ensure the exercise of data subject rights, data deletion, and response to data threats. Furthermore, we consider the protection of personal data already during the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default.

Cooperation with Data Processors, Joint Controllers, and Third Parties

If, in the course of our processing, we disclose data to other persons and companies (processors, joint controllers, or third parties), transmit them to them, or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g., if a transmission of the data to third parties, such as payment service providers, is required for the fulfillment of the contract), user consent, a legal obligation, or our legitimate interests (e.g., when using agents, web hosts, etc.).

If we disclose, transmit, or otherwise grant access to data to other companies within our group of companies, this is done in particular for administrative purposes as a legitimate interest and, beyond that, based on a legal obligation in compliance with legal requirements.

Transfers to Third Countries

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA), or the Swiss Confederation) or in the context of the use of third-party services or disclosure, or transfer of data to other persons or companies, this will only occur if it is done to fulfill our (pre)contractual obligations, on the basis of your consent, a legal obligation, or our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. GDPR are met. This means, for example, that the processing is carried out on the basis of specific guarantees, such as the officially recognized determination of a level of data protection equivalent to that of the EU (e.g., for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations.

Rights of Data Subjects

You have the right to request confirmation as to whether the data in question is being processed and to obtain information about this data, as well as additional information and a copy of the data in accordance with legal requirements.

According to legal requirements, you have the right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.

In accordance with legal requirements, you have the right to demand that the data concerning you be deleted without delay or, alternatively, to demand that the processing of the data be restricted in accordance with legal requirements.

You have the right to receive the data concerning you, which you have provided to us, in accordance with legal requirements, and to request its transmission to other controllers.

Furthermore, in accordance with legal requirements, you have the right to lodge a complaint with the competent supervisory authority.

Right to Withdraw Consent

You have the right to revoke consents at any time with effect for the future.

Objection Right

You can object to the future processing of the data concerning you in accordance with legal requirements at any time. The objection may, in particular, be made against processing for the purposes of direct marketing.

Cookies and Objection to Direct Advertising

As "cookies" are small files that are stored on users' computers. Different data can be stored within cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after the user's visit to an online offering. Temporary cookies, or "session cookies" or "transient cookies," are cookies that are deleted after a user leaves an online offering and closes his browser. In such a cookie, for example, the content of a shopping cart in an online shop or a login status can be stored. The term "permanent" or "persistent" refers to cookies that remain stored even after the browser is closed. For example, the login status can be saved if users visit it after several days. Similarly, the interests of users can be stored in such a cookie, which is used for reach measurement or marketing purposes. A "third-party cookie" refers to cookies that are offered by providers other than the person responsible for operating the online offering (otherwise, if it is only their cookies, it is called "first-party cookies").

We can use temporary and permanent cookies and provide information about this in our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offering.

A general objection to the use of cookies used for online marketing purposes can be declared for many of the services, especially in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that in this case, you may not be able to use all functions of this online offering.

Data Deletion

The data processed by us will be deleted or their processing restricted in accordance with legal requirements. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal retention obligations to prevent deletion.

If the data is not deleted because it is necessary for other and legally permissible purposes, its processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

Changes and Updates to the Privacy Policy

We kindly ask you to regularly inform yourself about the content of our privacy policy. We update the privacy policy as soon as changes to the data processing we carry out require it. We will inform you when the changes necessitate an action on your part (e.g., consent) or any other individual notification is required.

Business-related Processing

In addition, we process:

  • Contract data (e.g., contract object, duration, customer category)

  • Payment data (e.g., bank details, payment history)

  • from our customers, prospects, and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising, and market research.

Order Processing in the Online Shop and Customer Account

We process our customers' data in the context of order processes in our online shop to enable them to select and order the chosen products and services, as well as to facilitate their payment and delivery, or execution.

The processed data includes inventory data, communication data, contract data, payment data, and the persons affected by the processing include our customers, prospects, and other business partners. The processing is carried out for the purpose of providing contractual services in the operation of an online shop, billing, delivery, and customer services. We use session cookies to store the contents of the shopping cart and permanent cookies to store the login status.

The processing is carried out to fulfill our services and perform contractual measures (e.g., the execution of order processes) and as far as it is legally required (e.g., legally required archiving of business transactions for trade and tax purposes). The data is only disclosed to third parties in the context of delivery, payment, or as part of legal permissions and obligations, as well as if it is based on our legitimate interests, as disclosed in this privacy policy (e.g., to legal and tax advisors, financial institutions, shipping companies, and authorities).

Users can optionally create a user account where they can view their orders. During registration, the necessary mandatory information is provided to the users. User accounts are not public and cannot be indexed by search engines. When users have terminated their user accounts, their data related to the user account will be deleted, unless retention is necessary for commercial or tax reasons. Information in the customer account remains in place until its deletion with subsequent archiving in case of a legal obligation or our legitimate interests (e.g., in case of legal disputes). It is the users' responsibility to secure their data before the end of the contract upon termination.

As part of registration and re-registration and when using our online services, we store the IP address and the time of the respective user action. Storage is based on our legitimate interests, as well as the users' interest in protecting against misuse and other unauthorized use. In general, these data will not be passed on to third parties, unless it is necessary to pursue our legal claims as a legitimate interest or there is a legal obligation to do so.

Deletion takes place after the expiry of statutory warranty and other contractual rights or obligations (e.g., payment claims or performance obligations from contracts with customers), the necessity of keeping the data is reviewed every three years; in the case of data retention based on legal archiving obligations, deletion takes place after their expiration.

External Payment Service Providers

We use external payment service providers through whose platforms users and we can make payment transactions (e.g., with a link to the privacy policy, PayPal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full), Klarna (https://www.klarna.com/de/datenschutz/), Skrill (https://www.skrill.com/de/fusszeile/datenschutzrichtlinie/), Giropay (https://www.giropay.de/rechtliches/datenschutz-agb/), Visa (https://www.visa.de/datenschutz), Mastercard (https://www.mastercard.de/de-de/datenschutz.html), American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html).

In the context of the fulfillment of contracts, we use payment service providers on the basis of Art. 6 para. 1 lit. b. DSGVO. Furthermore, we use external payment service providers on the basis of our legitimate interests according to Art. 6 para. 1 lit. f. DSGVO in order to offer our users effective and secure payment options.

The data processed by the payment service providers includes inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, TANs, and checksums, as well as contract, sum, and recipient-related information. The information is required to process the transactions. However, the data entered will only be processed and stored by the payment service providers. This means we do not receive any account- or credit card-related information, but only information with confirmation or negative information about the payment. In some cases, the data may be transmitted to credit agencies by the payment service providers. The purpose of this transmission is to check identity and creditworthiness. For this, we refer to the terms and privacy policies of the payment service providers.

For payment transactions, the terms and privacy policies of the respective payment service providers apply, which can be accessed within their respective websites, or transaction applications. We also refer to these for further information and the assertion of rights of withdrawal, information, and other data subject rights.

Administration, Financial Accounting, Office Organization, Contact Management

We process data in the context of administrative tasks and organization of our business, financial accounting, and compliance with legal obligations, such as archiving. Here we process the same data that we process within the framework of providing our contractual services. The processing bases are Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO. Customers, interested parties, business partners, and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks, and provide our services. The deletion of data in terms of contractual services and contractual communication corresponds to the information provided in these processing activities.

We disclose or transmit data to the financial administration, advisors, such as tax advisors or auditors, as well as other fee authorities and payment service providers.

Furthermore, on the basis of our business interests, we store information about suppliers, organizers, and other business partners, e.g. for later contact. This predominantly company-related data is stored permanently.

Business Analysis and Market Research

In order to operate our business economically, recognize market trends, wishes of the contracting parties and users, we analyze the data available to us regarding business transactions, contracts, inquiries, etc. We process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 para. 1 lit. f. DSGVO, whereby the data subjects include contracting parties, interested parties, customers, visitors, and users of our online offer.

The analyses are carried out for the purpose of business evaluations, marketing, and market research. We can consider the profiles of registered users with information, e.g., on the services they have used. The analyses serve us to increase the user-friendliness, optimize our offer, and make it more economical. The analyses are for us alone and are not disclosed externally unless they are anonymous analyses with summarized values.

If these analyses or profiles are personal, they will be deleted with the termination of the user, otherwise, after two years from the conclusion of the contract. As a rule, overall business analyses and general trend determinations are carried out anonymously wherever possible.

Participation in Affiliate Partner Programs

Within our online offer, we use on the basis of our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) industry-standard tracking measures insofar as this is required for the operation of the affiliate system. Below we explain the technical background to the users.

The services offered by our contractual partners can also be advertised and linked on other websites (so-called affiliate links or after-buy systems, if, e.g., links or services of third parties are offered after a contract is concluded). The operators of the respective websites receive a commission if users follow the affiliate links and then take advantage of the offers.

In summary, it is necessary for our online offer that we can track whether users who are interested in affiliate links and/or the offers available from us then take advantage of the offers on the veranlassung of the affiliate links or our online platform. For this, the affiliate links and our offers are supplemented with certain values that can be part of the link or otherwise, e.g., in a cookie, and these include, in particular, the original website (referrer), time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user, as well as tracking-specific values such as advertising material ID, partner ID, and categorizations.

As far as the online identifiers are personal, they serve to document the users, who have come across the affiliate links and used the offers. However, the online identifier is only used as long as it is necessary for the settlement of the bonus and is deleted afterwards.

In general, the process is done with the same cookies that are used for the display of content or service, irrespective of whether you follow an affiliate link or not.

The information we provide is solely for the purpose of helping our readers to understand the content of the privacy policy. If you have specific questions or need further clarification on any part of the text, please feel free to ask.

When contacting us (e.g., via contact form, email, phone, or social media), the user's information will be processed for the purpose of handling the contact request and its execution in accordance with Art. 6 Para. 1 lit. b. (within the framework of contractual/pre-contractual relationships), Art. 6 Para. 1 lit. f. (other inquiries) of the General Data Protection Regulation (GDPR). The user's information may be stored in a Customer Relationship Management System ("CRM system") or a comparable request organization.

We delete inquiries as soon as they are no longer necessary. We review the necessity every two years; in addition, the statutory archiving obligations apply.

Newsletter

With the following information, we inform you about the content of our newsletter, as well as the registration, dispatch, and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and the described procedures.

Newsletter Content: We only send newsletters, emails, and other electronic notifications with promotional information (hereinafter referred to as "Newsletter") with the consent of the recipients or legal permission. If the contents of the newsletter are specifically described during registration, they are decisive for the users' consent. In addition, our newsletters contain information about our services and us.

Double Opt-In and Logging: The registration for our newsletter is carried out in a so-called double opt-in procedure. This means that after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else's email address. Newsletter registrations are logged to be able to prove the registration process in accordance with legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Changes to your data stored by the mailing service provider are also logged.

Registration Data: To subscribe to the newsletter, it is sufficient to provide your email address. Optionally, we ask you to provide a name for personal addressing in the newsletter.

The dispatch of the newsletter and the associated performance measurement are based on the recipient's consent in accordance with Art. 6 Para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 Para. 2 No. 3 UWG or, if consent is not required, on the basis of our legitimate interests in direct marketing in accordance with Art. 6 Para. 1 lt. f. GDPR in conjunction with § 7 Para. 3 UWG.

The logging of the registration process is based on our legitimate interests in accordance with Art. 6 Para. 1 lit. f GDPR. Our interest is in using a user-friendly and secure newsletter system that serves our business interests and meets user expectations while allowing us to provide evidence of consent.

Cancellation/Revocation: You can cancel the receipt of our newsletter at any time, i.e., revoke your consent. A link to unsubscribe from the newsletter can be found at the end of each newsletter. We can store the email addresses removed from the list for up to three years based on our legitimate interests before deleting them to prove a previously given consent. The processing of these data is limited to the purpose of possible defense against claims. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed.

Newsletter – Mailchimp

The newsletters are sent using the mailing service provider "MailChimp," a newsletter sending platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the data protection provisions of the mailing service provider here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield agreement and thereby provides a guarantee to comply with European data protection standards (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The mailing service provider is used on the basis of our legitimate interests in accordance with Art. 6 Para. 1 lit. f. GDPR and an order processing contract in accordance with Art. 28 Para. 3 S. 1 GDPR.

The mailing service provider may use the recipient's data in pseudonymous form, i.e., without assignment to a user, for the optimization or improvement of its own services, e.g., for the technical optimization of mailing and the presentation of newsletters or for statistical purposes. However, the mailing service provider does not use the data of our newsletter recipients to contact them themselves or to pass the data on to third parties.

Newsletter – Success Measurement

The newsletters contain a so-called "web beacon," i.e., a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a mailing service provider, from its server. As part of this retrieval, technical information such as information about the browser and your system, as well as your IP address and the time of retrieval, is initially collected.

These details are used for the technical improvement of services based on technical data or user behavior, such as viewing locations (which can be determined by the IP address) or access times. The statistical evaluations also include whether the newsletters are opened, when they are opened, and which links are clicked. These details can be assigned to individual newsletter recipients for technical reasons. However, it is neither our nor, if used, the mailing service provider's intention to observe individual users. The evaluations are rather intended to help us recognize the reading habits of our users and to tailor our content to them or to send different content according to our users' interests.

A separate revocation of the success measurement is unfortunately not possible; in this case, the entire newsletter subscription must be canceled.

Hosting and Email Dispatch

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space, and database services, email dispatch, security services, and technical maintenance services that we use to operate this online service.

In this context, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties, and visitors of this online service based on our legitimate interests in an efficient and secure provision of this online service in accordance with Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of a data processing agreement).

Collection of Access Data and Log Files

We, or our hosting provider, collect data based on our legitimate interests in the sense of Art. 6 Para. 1 lit. f. GDPR on every access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed website, file, date, and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

Log file information is stored for security reasons (e.g., to investigate misuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidentiary purposes is excluded from deletion until the final clarification of the respective incident.

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC ("Google"), on the basis of our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). Google uses cookies. The information generated by the cookie about the use of the online offering by users is usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online offering by users, to compile reports on the activities within this online offering, and to provide us with further services associated with the use of this online offering and the use of the internet. Pseudonymous user profiles can be created from the processed data.

We only use Google Analytics with IP anonymization enabled. This means that the IP address of users is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offering to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

For more information on Google's data usage, settings, and opt-out options, please refer to Google's Privacy Policy (https://policies.google.com/technologies/ads) and Google's settings for displaying advertisements (https://adssettings.google.com/authenticated).

The personal data of users will be deleted or anonymized after 14 months.

Google Universal Analytics

We use Google Analytics in the form of "Universal Analytics." "Universal Analytics" refers to a procedure of Google Analytics in which user analysis is carried out based on a pseudonymous user ID and thus a pseudonymous profile of the user is created with information from the use of different devices (so-called "cross-device tracking").

Google AdWords and Conversion Measurement

We use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google") on the basis of our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR).

Google is certified under the Privacy Shield agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use the online marketing process Google "AdWords" to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.) so that they are displayed to users who are interested in our ads. This allows us to display ads for and within our online offering to users who have shown an interest in our online offering or who have certain characteristics (e.g., interests in certain topics or products, which are determined based on the websites visited) that we transmit to Google (so-called "custom audiences"). With the help of Google "AdWords," we also want to ensure that our ads correspond to the potential interests of users and are not annoying. With the help of Google "AdWords," we can also measure the effectiveness of Google advertising for statistical and market research purposes by tracking whether users are redirected to our website after clicking on a Google ad (so-called "conversion").

The data of users is processed pseudonymously within the Google advertising network. This means that Google stores and processes, for example, not the name or email address of users but processes the relevant data cookie-related within pseudonymous user profiles. From Google's point of view, the ads are not managed and displayed for a specifically identified person but for the cookie holder, regardless of who that cookie holder is. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymization. The information collected about users is transmitted to Google and stored on Google's servers in the USA.

For more information on Google's data usage, settings, and opt-out options, please refer to Google's Privacy Policy (https://policies.google.com/technologies/ads) and Google's settings for displaying advertisements (https://adssettings.google.com/authenticated).

The personal data of users will be deleted or anonymized after 14 months.

Jetpack (WordPress Stats)

We use the plugin Jetpack (specifically, the "Wordpress Stats" subfunction) based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). Jetpack is a tool for statistical analysis of visitor access, provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. Jetpack uses so-called "cookies," text files that are stored on your computer and that enable an analysis of your use of the website.

The information generated by the cookie about your use of this online offering is stored on a server in the USA.

We maintain online presences within social networks and platforms to communicate with and inform our active customers, prospects, and users about our services.

We would like to point out that user data may be processed outside the European Union. This could pose risks for users, as it may make it more challenging to enforce user rights. Regarding US providers certified under the Privacy Shield, we want to emphasize that they commit to complying with EU data protection standards.

Furthermore, user data is typically processed for market research and advertising purposes. Usage profiles can be created based on user behavior and resulting interests. These usage profiles can be used to display advertisements within and outside the platforms that likely align with users' interests. Cookies are typically stored on users' devices for this purpose, containing information about user behavior and interests. Additionally, data can be stored in usage profiles independently of the devices users use, especially when users are members of the respective platforms and logged into them.

The processing of users' personal data is based on our legitimate interests in effectively informing and communicating with users, as per Art. 6(1)(f) GDPR. If users are asked by the respective providers to consent to data processing (e.g., by checking a checkbox or confirming a button), the legal basis for processing is Art. 6(1)(a), Art. 7 GDPR.

For detailed information about the respective processing and options for objection (opt-out), please refer to the linked information provided by the providers.

In cases of information requests and asserting user rights, we would like to emphasize that these are most effectively handled by the providers. Only the providers have access to user data and can take appropriate measures and provide information. If you still need assistance, you can contact us.

– Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

– Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Privacy Policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/.

– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

– Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy Policy/ Opt-Out: https://about.pinterest.com/de/privacy-policy.

– LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) – Privacy Policy: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

– Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) – Privacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

– Wakelet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom) – Privacy Policy/ Opt-Out: https://wakelet.com/privacy.html.

– Soundcloud (SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany) – Privacy Policy/ Opt-Out: https://soundcloud.com/pages/privacy.

Integration of Third-Party Services and Content

Within our online offerings, we use content or service offerings from third-party providers based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offerings within the meaning of Art. 6(1)(f) GDPR) to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").

This always presupposes that the third-party providers of this content perceive the IP address of the users, as they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We make every effort to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Information, such as visitor traffic on the pages of this website, can be evaluated using these "pixel tags." The pseudonymous information may also be stored in cookies on the users' device and may contain technical information about the browser and operating system, referring web pages, visit time, and other information about the use of our online offerings, as well as be linked with such information from other sources.

Vimeo

We can integrate videos from the "Vimeo" platform provided by Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy Policy: https://vimeo.com/privacy. We want to point out that Vimeo may use Google Analytics, and for this, we refer to the Privacy Policy (https://policies.google.com/privacy) and opt-out options for Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de) or Google's settings for data usage for marketing purposes (https://adssettings.google.com/).

YouTube

We integrate videos from the "YouTube" platform provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Google Fonts

We integrate fonts ("Google Fonts") provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Google ReCaptcha

We integrate the function for detecting bots, such as in online forms ("ReCaptcha") provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Use of Facebook Social Plugins

We use social plugins ("plugins") of the social network facebook.com, operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offerings within the meaning of Art. 6(1)(f) GDPR).

These can include content such as images, videos, or text and buttons with which users can share content from this online offering within Facebook. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user accesses a function of this online offering that contains such a plugin, their device establishes a direct connection to Facebook's servers. The content of the plugin is transmitted directly from Facebook to the user's device and integrated into the online offering. This allows user profiles to be created from the processed data. We have no influence on the extent of data that Facebook collects using this plugin and inform users according to our knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offering. If the user is logged into Facebook, Facebook can assign the visit to their Facebook account. If users interact with the plugins, such as clicking the Like button or leaving a comment, this information is transmitted directly from their device to Facebook and stored there. Even if a user is not a member of Facebook, there is a possibility that Facebook will obtain their IP address and store it. According to Facebook, only anonymized IP addresses are stored in Germany.

The purpose and scope of data collection and further processing and use of data by Facebook, as well as users' rights and settings to protect their privacy, can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them via this online offering and link it to their Facebook member data, they must log out of Facebook before using our online offering and delete their cookies. Further settings and objections to the use of data for advertising purposes can be made within Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. The settings are platform-independent, meaning they apply to all devices, such as desktop computers or mobile devices.

Twitter

Within our online offering, functions and content of the Twitter service, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, can be integrated. This can include content such as images, videos, or text and buttons that allow users to share content from this online offering within Twitter.

If users are members of the Twitter platform, Twitter can assign the call of the above-mentioned content and functions to the users' respective profiles there. Twitter is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.

Instagram

Within our online offering, functions and content of the Instagram service, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated. This can include content such as images, videos, or text and buttons that allow users to share content from this online offering within Instagram. If users are members of the Instagram platform, Instagram can assign the call of the above-mentioned content and functions to the users' respective profiles there. Instagram's privacy policy: http://instagram.com/about/legal/privacy.