data protection

Data protection

Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data has no consequences. This only applies if no other information is provided in the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.

Your data will be transferred to Canada, among other places. The EU Commission has issued an adequacy decision for data transfers to Canada.

Contact

Responsible
Please contact us if you wish. The person responsible for data processing is: COANOA UG (limited liability), Alte Rabenstraße 19, 20148 Hamburg Germany, +4915257212487, kontakt@coanoa.de

Customer’s initiative contact via email
If you initiate business contact with us by email, we will only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves to process and answer your contact request.
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves the purpose of establishing contact.
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

Collection and processing when using the application form
When you use the application form, we only collect your personal data to the extent that you provide it. This includes your contact details (e.g. name, email address, telephone number), information about your professional qualifications and training, information about professional training and performance-specific evidence.
The data processing serves the purpose of establishing contact and deciding on the establishment of an employment relationship with you. The provision of the data is necessary in order to carry out the application process. The processing of your personal data is carried out on the basis of Art. 6 Para. 1 lit. b GDPR in conjunction with Section 26 Para. 1 BDSG to carry out pre-contractual measures (going through the application process as an employment contract initiation).
If you have given us your consent to process personal data for inclusion in our applicant pool, e.g. by checking a checkbox, the processing will be carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent to us at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.

If, as part of the application process, special categories of personal data within the meaning of Art. 9 (1) GDPR are requested from applicants, such as information on the degree of severe disability, this will be done on the basis of Art. 9 (2) (b) GDPR, so that we can exercise the rights arising from employment law and social security and social protection law and fulfil our obligations in this regard.

We store your personal data for as long as it is necessary to decide on your application. Your data will then be deleted after six months at the latest, unless you have consented to further processing and use. If an employment relationship is established following the application process, the data provided will be further processed on the basis of Art. 6 Para. 1 lit. b GDPR in conjunction with Section 26 Para. 1 BDSG for the purposes of carrying out the employment relationship and then transferred to the personnel file.

WhatsApp Business
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored with WhatsApp, your name if provided, and other data to the extent provided by you. We use a mobile device for the service, in whose address book only data from users who have contacted us via WhatsApp is stored. Personal data will therefore not be passed on to WhatsApp without you having already consented to this.
Your data is transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in providing a quick and easy way to contact us and in answering your query. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .

Customer Account Orders

Customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your customer account will then be deleted.

Your data will be transferred to Canada, among other places. The EU Commission has issued an adequacy decision for data transfers to Canada.

Reviews Advertising


Website logo for Google Customer Reviews
The website logo for Google Customer Reviews of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) is integrated into our website.
The purpose of the integration is to display the number and results of the reviews we have received so far via Google and to promote participation in this program.
Google uses cookies to display the logo on our website and to show you personalized advertisements on Google. This may include the processing of your IP address and transmitting it to Google.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on terms of use and data protection when using Google Customer Reviews can be found at https://www.google.com/shopping/customerreviews/static/tos/de/1_01_tos.html and at https://policies.google.com/privacy?hl=de

Use of the email address for sending newsletters
We use your email address, regardless of the contract processing, exclusively for our own advertising purposes to send newsletters, provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.

Use of the email address for sending direct advertising
We use your email address, which we received as part of the sale of a product or service, to electronically send advertising for our own products or services that are similar to those you have already purchased from us, provided that you have not objected to this use. The provision of the email address is necessary for the conclusion of the contract. Failure to provide it means that no contract can be concluded. Processing is carried out on the basis of Art. 6 Paragraph 1 Letter f of GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your email address at any time by notifying us. The contact details for exercising your objection can be found in the imprint. You can also use the link provided for this purpose in the advertising email. There are no costs for this other than the transmission costs according to the basic rates.

Use of Mailchimp
We use the service of Rocket Science Group LLC (675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308, USA; “Mailchimp”) to send the newsletter as part of order processing.
We pass on the information you provide when registering for the newsletter (email address, first and last name if applicable) to Mailchimp. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as IP address, browser type and device, and the time. Usage profiles can be created from this data under a pseudonym. The data collected is not used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transferred to Mailchimp servers in the USA and stored there. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Mailchimp has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in a targeted, promotionally effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
Further information and MailChimp’s privacy policy can be found at: https://mailchimp.com/de/legal/data-processing-addendum/ and https://www.intuit.com/privacy/statement/ .

Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) to send the newsletter as part of order processing.
We pass on the information you provide when registering for the newsletter (email address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as IP address, browser type and device, and the time. Usage profiles can be created from this data under a pseudonym. The data collected is not used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transferred to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in a targeted, promotionally effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement .

Shipping service provider merchandise management

Passing on the email address to shipping companies to inform them about the shipping status
We will pass on your email address to the transport company as part of the contract processing, provided that you have expressly agreed to this during the ordering process. The purpose of the transfer is to inform you about the shipping status by email. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out on the basis of the consent until the revocation.

Use of an external inventory management system
We use a merchandise management system to process the contract as part of order processing. For this purpose, your personal data collected as part of the order will be sent to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal .

The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 (1) (b) GDPR.

Payment service provider credit report

Using PayPal
We use the PayPal payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

All PayPal transactions are subject to the PayPal privacy policy, which can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the PayPal Express payment service. In order to integrate this payment service, PayPal must collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you visit the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in offering a customer-oriented range of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Paragraph 1 Letter b of GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated data protection declaration at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS .

Using PayPal Check-Out
We use the PayPal Check-Out payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

Cookies may be stored here that enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 Paragraph 1 Letter f of GDPR due to our overriding legitimate interest in offering a customer-oriented range of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.

Credit card via PayPal, direct debit via PayPal & “Pay later” via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. To do this, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values ​​(score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests will be taken into account in accordance with the statutory provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if PayPal makes advance payments.
You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time by notifying PayPal for reasons arising from your particular situation. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have selected.

Third party providers
When paying using a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Local third-party providers can be, for example:

• Immediately (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
• giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)

Purchase on account via PayPal
When paying using the purchase on account payment method, the data required for payment processing is first sent to PayPal. To carry out this payment method, the data is then sent by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Ratepay may carry out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies in accordance with the process already described above. The data processing serves the purpose of credit checks for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default if Ratepay makes advance payments. Further information on data protection and which credit agencies use Ratpay can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/ .

Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .

Using Amazon Payments
We use the payment service Amazon Payments from Amazon Payments Europe sca (38 avenue John F. Kennedy, L-1855 Luxembourg; “Amazon Payments”) on our website.
The data processing serves the purpose of being able to offer you payment via the Amazon Payments payment service.
To integrate this payment service, Amazon Payments must collect, save and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you visit the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in offering a customer-oriented range of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
By selecting and using “Amazon Payments”, the data required for payment processing will be transmitted to Amazon Payments in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Further information on data processing when using the Amazon Payments payment service can be found in the associated privacy policy at: https://pay.amazon.com/de/help/201212490

Use of GDPR Legal Cookies
We use the GDPR Legal Cookie consent management tool from beeclever GmbH (Universitätsstraße 3, 56070 Koblenz a. Rh.; “beeclever”) on our website. The tool enables you to give your consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw consent you have already given.
The purpose of data processing is to obtain and document the necessary consent to data processing and thus to comply with legal obligations. Cookies can be used for this purpose. The following information, among others, can be collected and sent to beeclever: anonymized IP address, date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 (1) lit. c GDPR.
Further information on terms of use and data protection at beeclever can be found at: https://gdpr-legal-cookie.com/pages/terms-conditions and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.


Analysis advertising tracking

Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities and to provide the website operator with other services relating to website activity and internet usage.
The following information may be collected: IP address, date and time of the page visit, click path, information about the browser you use and the device you use, pages visited, referrer URL (website you used to access our website), location data, purchasing activities. Google may link your data to other data, such as your search history, your personal accounts, your usage data from other devices and any other data Google has about you.

Your IP address will be shortened by us on our own servers beforehand. Google therefore only receives pseudonymized data.

Google uses technologies such as cookies, web storage in the browser and tracking pixels, which enable an analysis of your use of the website. The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR.

Your personal data will be processed with your consent on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.

The information generated in this way about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. Both Google and US government authorities have access to your data.

Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .

Using Shopify Statistics
We use the statistics and analysis functions of Shopify International Limited (2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and made available in reports, analyses and statistics. The following device information is collected and processed, among others: information about the web browser, IP address, time zone and some of the cookies installed on your device. When you navigate the website, information about the websites or products accessed, the referrer URL (website through which you accessed our website) and information about how you interact with the website is also collected. Technologies such as cookies as well as web beacons, tags and pixels (electronic files for collecting information about how you navigate the website) are used for this.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz , information about the order processing agreement at https://www.shopify.com/de/legal/dpa and information about the cookies used at https://www.shopify.com/de/legal/cookies .

Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The data processing serves the purpose of renting advertising space on the website and targeting website visitors with interest-based advertising. This function enables visitors to the provider's website to be shown personalized, interest-based advertising from the Google Display Network. Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. Google may transfer this information to third parties if this is required by law or if third parties process this data on Google's behalf. Under no circumstances will Google associate your IP address with other Google data.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information and Google’s privacy policy can be found at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/

Use of Microsoft Advertising
We use Microsoft Advertising from Microsoft Corporation (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; “Microsoft”) on our website.
The data processing serves marketing and advertising purposes and the purpose of measuring the success of the advertising measures (conversion tracking). We learn the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, this does not enable personal identification of these users. Microsoft Advertising uses technologies such as cookies and tracking pixels that enable analysis of your use of the website. When you click on an ad placed by Microsoft Advertising, a cookie for conversion tracking is stored on your computer. This cookie has a limited validity and is not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Microsoft and we can recognize that you clicked on the ad and were redirected to this page. The following information may be collected, among others: IP address, identifiers assigned by Microsoft, information about the browser you are using and the device you are using, referrer URL (website through which you accessed our website), URL of our website.
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Microsoft has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
You can find more information about data protection and the cookies used by Microsoft here .

Using the Pinterest Tag
We use the Pinterest Tag of Pinterest Europe Limited (Palmerston House, 2nd, Fenian Street, Floor, Dublin 2, Ireland "Pinterest") on our website.
The application serves the purpose of targeting website visitors with interest-based advertising on the Pinterest social network. For this purpose, the Pinterest conversion tag has been implemented on the website. This tag establishes a direct connection to the Pinterest servers when you visit the website. This transmits to the Pinterest server which of our pages you have visited. Pinterest assigns this information to your personal Pinterest user account if you are logged into the social network. When you visit Pinterest, you will then be shown personalized, interest-based Pinterest ads.
If you access our website via a pin on the Pinterest social network, a cookie for conversion tracking will be stored on your computer. These cookies are valid for a limited time, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, Pinterest and we can recognize that you clicked on the pin and were redirected to this page. The information collected using the conversion cookie is used to create conversion statistics and thus optimize our website. The following information may be processed, among others: total number of users who clicked on one of our pins and were redirected to our website, subpages visited on our website (e.g. category or product pages), search queries on our website, your shopping cart contents, completed transactions.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified according to the TADPF. The data transfer takes place on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about how Pinterest collects and uses data, as well as your rights and options for protecting your privacy, please see Pinterest’s privacy policy at https://policy.pinterest.com/de/privacy-policy .

Use of HubSpot's
We use the Marketing Hub software from HubSpot, Inc. (25 First Street Cambridge, MA 02141, USA; “HubSpot” with a branch in Ireland HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland) on our website as part of order processing.
The data processing serves the purpose of analyzing our website and its visitors, as well as analyzing and evaluating our marketing campaigns and to better address customers by placing targeted advertisements. Cookies are used for this purpose, which enable the browser to be recognized. Your IP address, among other things, can be collected and sent to HubSpot. Usage profiles can be created from the data collected in this way using pseudonyms.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). HubSpot has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about how HubSpot collects and uses data, your rights in this regard, and options for protecting your privacy, please see Hubspot's privacy policy at: https://legal.hubspot.com/de/privacy-policy and https://legal.hubspot.com/de/dpa .

Using TikTok Pixel
We use the TikTok pixel from TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”) on our website. Both companies are jointly responsible for data processing (hereinafter “TikTok”).
The data processing serves the purpose of identifying and analyzing our customers' website access, as well as to better address customers by placing targeted advertisements and evaluating the effectiveness of advertisements on TikTok. To do this, TikTok uses technologies such as cookies and pixels that enable your browser to be recognized. The following information, among others, can be collected and sent to TikTok: date and time of the visit, information about the browser and device type you use, screen resolution, IP address. TikTok can assign this information to your personal TikTok user account. Usage profiles can be created from the data collected in this way using pseudonyms. However, this does not allow users to be personally identified.
Your data may be transferred to third countries, such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified according to the TADPF. Data transfer to the USA and to third countries without an adequacy decision is based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data protection can be found at https://www.tiktok.com/legal/new-privacy-policy?lang=de-DE and https://ads.tiktok.com/i18n/official/policy/controller-to-controller .


Plug-ins and Others

Use of social plug-ins
We use social network plug-ins on our website. The integration of social plug-ins and the data processing that takes place in this way serves the purpose of optimizing the advertising for our products.
When social plug-ins are integrated, a link is established between your computer and the servers of the provider of the social network, and the plug-in is displayed on the page by a message to your browser, provided you have expressly consented to this. Both your IP address and the information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered with or logged in to the social network. Data is also transmitted to unregistered or unlogged users. If you are connected to one or more of your social network accounts at the same time, the information collected can also be assigned to your corresponding profiles. When you use the plug-in functions (e.g. by pressing the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
The social networks listed below are integrated into our website using social plug-ins. You can find more information about the scope and purpose of the collection and use of data as well as your rights and options for protecting your privacy in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data when the service is integrated and the transmission of this data to Facebook. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . According to this, we are particularly responsible for fulfilling the information obligations according to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations under Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the agreement on joint processing. Meta Platforms Ireland is responsible for enabling the rights of data subjects in accordance with Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects the obligations of Meta Platforms Ireland under the joint processing agreement.
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
For more information about the collection and use of data by Facebook, your rights in this regard, and options for protecting your privacy, please see Facebook's privacy policy at https://www.facebook.com/about/privacy/ .

LinkedIn of LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA)
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is not certified according to the TADPF.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified according to the TADPF.

Use of social plug-ins via “Shariff”
We use social network plug-ins on our website. To ensure that you retain control over your data, we use the privacy-safe "Shariff" buttons.
Without your express consent, no links will be established to the social network servers and consequently no data will be transmitted.
“Shariff” is a development by specialists at the computer magazine c't. It enables more privacy on the Internet and replaces the usual “Share” buttons on social networks. You can find more information about the Shariff project here https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html .
When you click on the buttons, a pop-up window appears in which you can log in to the respective provider using your data. Only after you have actively logged in will a direct connection to the social networks be established.
By logging in, you consent to the transfer of your data to the respective social media provider. This includes, among other things, your IP address and information about which of our pages you have visited. If you are connected to one or more of your social network accounts at the same time, the information collected will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks named below are integrated using the "Shariff" function.
Further information on the scope and purpose of the collection and use of data as well as your rights and options for protecting your privacy can be found in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388 .
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.

LinkedIn of LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA)
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is not certified according to the TADPF.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified according to the TADPF.

Xing of XING SE (Dammtorstrasse 30, 20354 Hamburg):
https://www.xing.com/privacy
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Xing is not certified according to the TADPF. The data transfer takes place on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .

Use of social plug-ins using the “2-click solution”
We use social network plug-ins on our website using the "2-click solution". No connections are established to the social network servers without your express consent and consequently no data is transmitted.
With the standard integration of plug-ins, when you access the pages of our website that contain such a plug-in, a link is established between your computer and the servers of the provider of the social network, and the plug-in is displayed on the page by a message to your browser. Both your IP address and the information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered or logged in to the social network. Transmission also takes place for unregistered or unlogged users. If you are also logged in to the Facebook social network, this information is assigned to your personal user account. When you use the plug-in functions (e.g. by pressing the button), this information is also assigned to your user account, which you can only prevent by logging out before using the plug-in. So that you retain control over your data, we have decided to deactivate the corresponding button initially. You can recognize this by the grayed out button. Without your express consent - in the form of activating the button - no link will be established to the social network server and consequently no data will be transmitted.
Only when you activate the button, the button becomes active (highlighted in color) and a direct connection to the servers of the social network is established.
By activating, you give your consent to the transfer of your data to the respective provider of the social network. This will include, among other things, your IP address and information about which of our pages you have visited. If you are connected to one or more of your social network accounts at the same time, the information collected will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your user accounts on the social networks before visiting our website and before activating the buttons.
The social networks named below are integrated using the "2-click function". Further information on the scope and purpose of the collection and use of data as well as your rights and options for protecting your privacy can be found in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
http://instagram.com/legal/privacy/
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland):
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is not certified according to the TADPF.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA):
https://policy.pinterest.com/de/privacy-policy
https://help.pinterest.com/de/articles/personalization-and-data
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified according to the TADPF.

Xing of XING SE (Dammtorstrasse 30, 20354 Hamburg):
https://www.xing.com/privacy
https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/widerspruchsrecht
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Xing is not certified according to the TADPF. The data transfer takes place on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .

Use of Google invisible reCAPTCHA
We use the invisible reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves the purpose of distinguishing between input by a human and automated, machine processing. In the background, Google collects and analyzes usage data that is used by Invisible reCaptcha to distinguish regular users from bots. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
This data is processed by Google within the European Union and may also be transferred to Google LLC servers in the USA. For the USA, the EU Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information about Google reC APTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy

Use of the authorized.by badge
We use the “authorized.by badge” of Stayble Market GmbH (Theresienstraße 66, 80333 Munich; “Stayble Market”) on our website.
The purpose of data processing is to show and confirm our status as an authorized partner of the manufacturers we distribute.
In order to display the badge, data (e.g. IP address, device type, operating system, browser type) must be transmitted to Stayble Market when the website is accessed.
This data processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in the optimal marketing of our offer and the proof of being an authorized partner of the manufacturers we sell. You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time for reasons arising from your particular situation.
Further information on data protection at Stayble Market can be found at: https://www.authorized.by/datenschutz/

Integration of the Händlerbund member logo
The Händlerbund member logo (Händlerbund eV, Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website. When you visit our website, the browser used on your device automatically sends information to the Händlerbund eV server. This information is temporarily stored in a so-called server log file for 7 days. The following information is recorded without your intervention and stored until it is automatically deleted:

• IP address of the requesting computer,
• Date and time of access,
• Name and URL of the retrieved file,
• Website from which access is made (referrer URL),
• browser used and, if applicable, the operating system of your computer and the name of your access provider.

The temporary storage of the IP address by the system is necessary to enable the website to be delivered. For this purpose, the IP address must be stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of the information technology systems. This data is not stored together with other personal data. The legal basis for data processing is Art. 6 Para. 1 Clause 1 Letter f of GDPR.

Rights of data subjects and storage period

Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular those under tax and commercial law, and then deleted after the deadline has expired, unless you have consented to further processing and use.

Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
Furthermore, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR and to processing for direct marketing purposes.

Right to complain to the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.

You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:

Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str 22, 7th floor
20459 Hamburg
Phone: +49 40 428544040
Fax: +49 40 428544000
Email: mailbox@datenschutz.hamburg.de

Right to object
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
Once you have objected, the processing of the data concerned will be stopped unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

If the personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After the objection has been made, we will stop processing the data concerned for direct marketing purposes.

last update: 29.11.2023