Privacy Policy - GDPR

General Data Protection Regulation (GDPR)

We are very happy that you are interested in our company. The management of VASNER MankeTech GmbH attaches great importance to data protection. VASNER MankeTech GmbH's websites can generally be used without providing any personal data. However, if an individual wishes to take advantage of special services offered by our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to VASNER MankeTech GmbH. By means of this privacy policy, our company wishes to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. Furthermore, this data protection declaration informs affected persons about their rights.

As the data controller, VASNER MankeTech GmbH has implemented numerous technical and organizational measures to ensure the complete protection of personal data processed via this website. Nevertheless, internet-based data transmissions may generally have security gaps, so that absolute data protection cannot be guaranteed. For this reason, every affected person is free to transmit personal data to us by alternative means, for example by telephone.

1. Definitions

The data protection declaration of VASNER MankeTech GmbH is based on the terms used by the European legislator for directives and regulations when the General Data Protection Regulation (GDPR) was issued. Our data protection declaration should be easy to read and understand both for the public and for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms, among others, in this data protection declaration:

a)    Personal Data

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b)    Data Subject

Data subject refers to any identified or identifiable natural person whose personal data is processed by the controller.

c)    Processing

Processing is any operation or set of operations, carried out with or without the aid of automated means, which is performed upon personal data, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d)    Restriction of Processing

Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.

e)    Profiling

Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or change of location of that natural person.

f)     Pseudonymisation

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the need for additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data is not attributed to an identified or identifiable natural person.

g)    Data Controller or Processor

A data controller or processor is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. In cases where the purposes and means of such processing are determined by Union or national law, provision may be made for the controller or for the specific criteria for their designation in accordance with Union or national law.

h)    Data Processor

A data processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i)      Recipient

A recipient is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, regardless of whether it is a third party or not. However, authorities which may receive personal data in the context of a specific investigation mandate under Union or national law shall not be considered to be recipients.

j)      Third Party

A third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data.

k)    Consent

Consent is any freely given, informed, unequivocal and specific expression of the data subject's will, in the form of a statement or any other unequivocal affirmative act, by which the data subject signifies their consent to the processing of personal data relating to them.

2. Name and Address of the Data Controller

The responsible data controller according to the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other regulations relating to data protection is:

VASNER MankeTech GmbH
Stahlstr. 27
33415 Verl
Germany

Phone: 05246-9355625
E-mail: info@vasner.com
Website: https://www.vasner.com

 

3. Name and Address of the Data Protection Officer

The data protection officer of the controller is:

Janina Motschull 

VASNER MankeTech GmbH
Stahlstr. 27
33415 Verl
Germany

Phone: 05246 - 9355625
E-mail: info@vasner.com
Website: https://www.vasner.com

Every data subject can contact our data protection officer directly at any time with all questions and suggestions regarding data protection.

4. Cookies

The internet pages of VASNER MankeTech GmbH use cookies. Cookies are text files that are stored on a computer system via an Internet browser.

Numerous internet pages and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters that can be used to assign internet pages and servers to the specific internet browser in which the cookie was stored. This enables the internet pages and servers visited to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified by its unique cookie ID.

Through the use of cookies, VASNER MankeTech GmbH can provide the visitors of this website with more user-friendly services that would not be possible without the setting of cookies.

By means of a cookie, the information and offers on our website can be optimised for the user. As already mentioned, cookies enable us to recognize the visitors of our website. The purpose of this recognition is to make it easier for visitors to use our website. For example, the user of a website that employs cookies does not have to enter their access data each time they visit the website, as this is done by the website and the cookie stored on the user's computer system. Another example is a shopping cart cookie in online shops. The online shop uses a cookie to remember the articles that a customer has placed in their virtual shopping cart.

Data subjects can prevent the setting of cookies by our website at any time via a corresponding setting in the internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in their internet browser, not all functions of our website may be fully usable.

5. Collection of General Data and Information

The website of VASNER MankeTech GmbH collects a range of general data and information each time a person or automated system accesses the website. This general data and information is stored in the server log files. The following data may be recorded: (1) browser types and versions used, (2) operating system used by the accessing information technology system, (3) the website from which an accessing information technology system reaches our website (so-called referrer), (4) sub-websites that are visited by an accessing information technology system on our website, (5) the date and time of an internet site visit, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing information technology system, and (8) other similar data and information which serve to prevent danger in the event of attacks on our information technology systems.

VASNER MankeTech GmbH will not draw any conclusions about the data subject when using this general data and information. Rather, this information is required to (1) deliver the contents of our website correctly, (2) optimize the contents of our website as well as the advertising for it, (3) ensure the permanent operability of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for prosecution in case of a cyber attack. VASNER MankeTech GmbH will therefore use this anonymously collected data and information for statistical purposes on the one hand and for the purpose of improving data protection and data security in our company on the other hand, in order to ultimately ensure an optimum level of protection for the personal data processed by us. The anonymous data in the server log files are stored separately from all personal data provided by data subjects.

6. Registration on our Website

The data subject has the possibility to register on the website of the controller by providing personal data. Which personal data is transmitted to the data controller is determined by the respective input mask used for registration. The personal data entered by the data subject is collected and stored solely for internal use by the data controller and for their own purposes. The controller may arrange for the personal data to be transferred to one or more processors, such as a parcel service provider, which shall also use the personal data exclusively for internal use attributable to the controller.

Furthermore, by registering on the controller's website, the IP address assigned to the data subject by their internet service provider (ISP) and the date and time of registration are stored. The storage of this data is carried out against the background that this is the only way to prevent the misuse of our services and, if necessary, to enable the investigation of any criminal offences committed. In this respect, the storage of this data is necessary to protect the data controller. As a matter of principle, this data will not be passed on to third parties unless there is a legal obligation to do so or the passing on of the data serves criminal prosecution.

The registration of the data subject under voluntary disclosure of personal data enables the data controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to modify the personal data provided during registration at any time or to have them completely deleted from the data base of the data controller.

Upon request and at any time, the data controller shall provide any data subject with information as to which of their personal data is stored. Furthermore, the controller shall correct or delete personal data at the request or notification of the data subject, unless this conflicts with any statutory storage obligations. The entire staff of the data controller shall act as contact persons for the data subject in this regard.

7. Subscription to our Newsletter

Users of the VASNER MankeTech GmbH website are given the opportunity to subscribe to our company newsletter. The input mask used for this purpose determines which personal data is transmitted to the data controller when subscribing to the newsletter.

VASNER MankeTech GmbH informs its customers and business partners about company offers regularly by means of a newsletter. Generally, our company's newsletter can only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers to receive the newsletter. For legal reasons, a confirmation e-mail will be sent to the e-mail address first registered by a data subject using a double opt-in procedure. This confirmation e-mail is used to check whether the owner of the e-mail address has actually authorized the receipt of the newsletter.

When registering for the newsletter, we store the IP address assigned by the internet service provider (ISP) of the information technology system used by the data subject at the time of registration as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later date and therefore serves to provide legal protection for the data controller.

The personal data collected during the subscription to the newsletter is used exclusively for the purpose of sending our newsletter. In addition, recipients of the newsletter may receive information by e-mail if this is necessary for registration or the operation of the newsletter service, as might be the case in the event of changes to the newsletter offer or changes in technical conditions. The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data, which the data subject has given us for the newsletter service, can be revoked at any time. For the purpose of revoking this consent, a corresponding link can be found in every newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the data controller or to inform the data controller in another way.

8. Newsletter Tracking

The newsletters of VASNER MankeTech GmbH contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in e-mails sent in HTML format to enable log file recording and log file analysis. This enables a statistical evaluation of the success or failure of online marketing campaigns. By means of the embedded pixel-code, VASNER MankeTech GmbH is able to identify whether and when an e-mail was opened by a data subject and which links in the e-mail were clicked on by the data subject.

Any personal data collected via the tracking pixels embedded in the newsletters will be stored and evaluated by the data controller in order to optimize the newsletter dispatch and to adapt the content of future newsletters to even better suit the interests of the data subject. Data subjects are entitled to revoke the respective declaration of consent, which was specifically given via the double opt-in procedure, at any time. After revocation, their personal data will be deleted by the data controller. VASNER MankeTech GmbH will automatically interpret a cancellation of the newsletter as a revocation.

9. Newsletter Dispatch to Existing Customers

If you have not objected, we will use your e-mail address to send you advertising material about similar articles or services. You can object to the use of your contact address for this purpose at any time by sending a notification to news@vasner.com or by clicking on the unsubscribe link in our advertising e-mails. This will not incur any costs for you.

10. Contact Option via the Website

Due to legal regulations, the website of VASNER MankeTech GmbH contains information that enables rapid electronic contact with our company as well as direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the data controller by e-mail or via our contact form, the personal data transmitted by the data subject will be stored automatically. The personal data transmitted by a data subject to the controller on a voluntary basis is stored for the purpose of processing or contacting the data subject. Such personal data shall not be disclosed to third parties.

11. Comment Feature in the Blog on our Website

VASNER MankeTech GmbH offers users the opportunity to leave individual comments on individual blog posts on a blog located on the website of the data controller. A blog is a portal maintained on a website, usually open to the public, where one or more persons, called bloggers or web bloggers, can post articles or write down thoughts in so-called blog posts. The blog posts can usually be commented on by third parties.

If a data subject leaves a comment on the blog published on this website, information on the time of the comment entry and the user name (pseudonym) chosen by the data subject is stored and published in addition to the comments left by the data subject. Furthermore, the IP address assigned to the data subject by the internet service provider (ISP) is also logged. The storage of the IP address is carried out for security reasons and in the event that the data subject violates the rights of third parties or posts illegal content by submitting a comment. The storage of such personal data is therefore carried out in the interest of the data controller, so that they can be exculpated in the event of a violation of the law. The personal data collected will not be passed on to third parties unless such a transfer is required by law or serves the legal defence of the data controller.

12. The Subscription to Comments on the Blog of our Website

Comments made on the blog of VASNER MankeTech GmbH may be subscribed to by third parties. In particular, it is possible for a commenter to subscribe to the comments following their comment on a specific blog entry.

If a data subject chooses to subscribe to comments, the data controller will send an automatic confirmation e-mail as part of a double opt-in procedure to verify that the owner of the e-mail address actually selected this option. The option to subscribe to comments can be cancelled at any time.

13. Routine Deletion and Blocking of Personal Data

The controller shall process and store personal data relating to the data subject only for the period of time necessary to achieve the purpose of storage or as otherwise required by the European Directives and Regulations or by any other law or regulation to which the controller is subject.

If the purpose of storage ceases to apply or if a storage period specified in the European Directives and Regulations or any other relevant legislation expires, the personal data will be blocked or deleted as a matter of routine and in accordance with statutory provisions.

14. The Rights of the Data Subject

a)    Right to Confirmation

The European Directives and Regulations grant every data subject the right to obtain confirmation from the controller as to whether personal data relating to them is being processed. If a data subject wishes to exercise this right of confirmation, they may at any time contact an employee of the controller.

b)    Right to Information

The European Directives and Regulations grant every data subject the right to obtain information on their stored personal data and a copy of it from the controller at any time and free of charge. The European Directives and Regulations also grant the data subject access to the following information:

  • the processing purposes
  • the categories of personal data processed
  • the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular to recipients in third countries or international organisations
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
  • the existence of a right of rectification or erasure of personal data relating to them or to a restriction on processing by the controller or a right to object to such processing
  • the existence of a right to appeal to a supervisory authority
  • if the personal data is not collected from the data subject: All available information on the origin of the data
  • the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of such processing on the data subject

The data subject shall also have the right to obtain information as to whether personal data has been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards relating to the transfer.

If a data subject wishes to exercise this right of access, they may at any time contact an employee of the controller.

c)    Right of Rectification

The European legislator grants every data subject the right to request that incorrect personal data concerning them be corrected without delay. The data subject shall also have the right to request the completion of incomplete personal data by means of a supplementary declaration, taking into account the purposes of the processing.

If a data subject wishes to exercise this right of rectification, they may contact an employee of the controller at any time.

d)    Right of Deletion (Right to be Forgotten)

The European legislator grants every data subject the right to demand immediate erasure of personal data relating to them by the controller, if one of the following reasons applies and if the processing is not necessary:

  • The personal data has been collected or otherwise processed for purposes for which it is no longer necessary.
  • The data subject withdraws the consent on which the processing was based pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR and there is no other legal basis for the processing.
  • The data subject lodges an objection to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or the data subject lodges an objection to the processing pursuant to Article 21 (2) GDPR.
  • The personal data was processed unlawfully.
  • The deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data was collected in relation to information society services offered in accordance with Article 8 (1) of the GDPR.

If any of the above reasons apply and a data subject wishes to request the deletion of personal data stored by VASNER MankeTech GmbH, they may contact an employee of the data controller at any time. The employee of VASNER MankeTech GmbH will ensure that the deletion request is complied with immediately.

If the personal data has been made public by VASNER MankeTech GmbH and our company is responsible for the data in accordance with article 17, paragraph 1. 1 GDPR, VASNER MankeTech GmbH will take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform other data controllers who process the published personal data that the data subject has requested that these other data controllers delete all links to this personal data or copies or replications of this personal data, unless the processing is necessary. The employee of VASNER MankeTech GmbH will take the necessary steps in individual cases. If the personal data has been made public by VASNER MankeTech GmbH and our company is responsible for the data in accordance with article 17, paragraph 1. 1 GDPR, VASNER MankeTech GmbH shall take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform other data controllers who process the published personal data that the data subject has requested that other data controllers delete all links to this personal data or copies or replications of this personal data, unless the processing is necessary. The employee of VASNER MankeTech GmbH will take the necessary steps in each individual case.

e)    Right to Limit Data Processing

The European legislator grants every data subject the right to demand that the controller limit the processing of their personal data if one of the following circumstances applies:

  • the accuracy of the personal data is contested by the data subject, for a period of time sufficient to enable the controller to verify the accuracy of the personal data
  • The processing is unlawful, the data subject refuses to have their personal data deleted and instead requests the restriction of the use of their personal data.
  • The controller no longer needs the personal data for processing purposes, but the data subject needs it in order to assert, exercise or defend legal claims.
  • The data subject has lodged an objection to the processing pursuant to Article 21 (1) of the GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

If one of the above-mentioned conditions is met and a data subject wishes to request the restriction of personal data stored by VASNER MankeTech GmbH, they may contact an employee of the data controller at any time. The employee of VASNER MankeTech GmbH will initiate the data processing restriction.

f)     Right to Data Portability

The European Directives and Regulations grant every data subject the right to obtain the personal data relating to them which they have provided to a data controller in a structured, common and machine-readable format. They also have the right to have this data communicated to another controller without hindrance from the controller to whom the personal data was originally disclosed, provided that the processing is based on the consent pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR or on a contract pursuant to Article 6(1)(b) of the GDPR and that the processing is carried out by means of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, when exercising their right to data transfer pursuant to Art. 20 Para. 1 GDPR, the data subject has the right to request that personal data be transferred directly from one controller to another controller, provided that this is technically feasible and provided that it does not adversely affect the rights and freedoms of other persons.

In order to assert the right to data transfer, the data subject can contact an employee of VASNER MankeTech GmbH at any time.

g)    Right of Appeal

The European legislator has granted every data subject the right to object to the processing of their personal data performed on the basis of Article 6(1)(e) or (f) of the GDPR at any time for reasons arising from their particular situation. This also applies to profiling based on these provisions.

In the event of an objection, VASNER MankeTech GmbH will no longer process the personal data unless we can prove compelling reasons for processing that are worthy of protection and outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

If VASNER MankeTech GmbH processes personal data for the purpose of direct marketing, the data subject shall have the right to object to the processing of their data for marketing reasons at any time. This also applies to profiling, as long as it is related to such direct marketing. If the data subject objects to VASNER MankeTech GmbH processing personal data for direct marketing purposes, VASNER MankeTech GmbH will no longer process their data for such reasons.

In addition, the data subject shall have the right to object to the processing of their personal data that is carried out at VASNER MankeTech GmbH for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 (1) GDPR, for reasons arising from their particular situation, unless such processing is necessary for the performance of a task carried out in the public interest.

To exercise the right of appeal, the data subject may directly contact any employee of VASNER MankeTech GmbH or any other employee. The data subject may also exercise their right of objection in connection with the use of information society services by means of automated procedures involving technical specifications, notwithstanding Directive 2002/58/EC.

h)    Automated Decisions in Individual Cases Including Profiling

The European legislator grants every data subject the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or significantly affects them in a similar way, provided that the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is authorised by Union or national legislation to which the controller is subject and such legislation provides for adequate measures to safeguard the rights and freedoms and legitimate interests of the data subject, or (3) is made with the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller or (2) is made with the express consent of the data subject, VASNER MankeTech GmbH shall take reasonable measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of a person on the part of the controller, to put forward their point of view and to challenge the decision.

If the data subject wishes to exercise rights relating to automated decisions, they may consult an employee of the controller at any time.

i)      Right to Revoke Consent under Data Protection Law

The European legislator grants every data subject the right to withdraw their consent to the processing of personal data at any time.

If the data subject wishes to exercise their right to withdraw consent, they may at any time contact an employee of the controller.

15. Data Protection in Applications and in the Application Process

The controller collects and processes the personal data of applicants for the purpose of completing the application procedure. The processing may also be carried out by electronic means. This is particularly the case if an applicant submits relevant application documents to the controller electronically, for example by e-mail or via a web form on the website. If the data controller concludes an employment contract with an applicant, the transmitted data is stored for the purpose of processing the employment relationship in accordance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with deletion. Other legitimate interests in this sense include, for example, an obligation to provide evidence in proceedings under the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz, AGG).

16. Data Protection Regulations for the Application and Use of AddThis

The data controller has integrated components of the company AddThis into this website. AddThis is a so-called bookmarking provider. The service enables a simplified bookmarking of internet pages via buttons. By hovering over the AddThis component with the mouse or clicking on it, a list of bookmarking and sharing services is displayed. AddThis is used on more than 15 million internet pages, and the buttons are displayed more than 20 billion times a year according to the operating company.

The operating company of AddThis is AddThis, Inc. 1595 Spring Hill Road, Suite 300, Vienna, VA 22182, USA.

Each time the data subject accesses one of the individual pages of this website, which is operated by the data controller and into which an AddThis component has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the respective AddThis component to download data from the website www.addthis.com. Within the framework of this technical procedure, AddThis is informed about the visit and which specific individual page of this website is accessed by the information technology system of the data subject. Furthermore, AddThis is informed about the IP address assigned to the computer system used by the data subject by their internet service provider (ISP), the browser type, the browser language, the internet page accessed before our website, as well as the date and time of the visit to our website.

AddThis uses this data to create anonymous user profiles. The data and information transferred to AddThis in this way enables AddThis itself and the companies affiliated with AddThis or its partner companies to specifically address visitors to the websites of the data controller with personalised and interest-related advertising.

AddThis displays personalized and interest-related advertising on the basis of a cookie set by the company. This cookie analyses the individual surfing behaviour of the computer system used by the data subject. The cookie stores the visits to websites originating from the respective computer system.

The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting in their internet browser and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent AddThis from setting a cookie on the information technology system of the data subject. Moreover, cookies already set by AddThis can be deleted at any time via an internet browser or other software programs.

The data subject also has the opportunity to permanently object to the processing of personal data by AddThis. To do so, the data subject must press the opt-out button under the link http://www.addthis.com/privacy/opt-out, which sets an opt-out cookie. The opt-out cookie set together with the objection is stored on the information technology system used by the data subject. If the cookies are deleted on the data subject's system after an objection, the data subject must access the link again and set a new opt-out cookie.

However, once the opt-out cookie has been set, it is possible that the data subject may no longer be able to use the full scope of the data controller's website.

AddThis's current data protection regulations can be found at http://www.addthis.com/privacy/privacy-policy.

17. Privacy Policy for the Use and Application of Facebook

The data controller has integrated components of the company Facebook into this website. Facebook is a social network.

A social network is a social meeting place operated on the internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for exchanging opinions and experiences or it can enable the internet community to provide personal or company-related information. Facebook enables users of the social network to create private profiles, upload photos and network via friend requests, among other things.

The operating company of Facebook is Facebook, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the responsible data controller is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time a data subject accesses one of the individual pages of this website, which is operated by the data controller and into which a Facebook component (Facebook plug-in) has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the respective Facebook component to download a rendering of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins is available at https://developers.facebook.com/docs/plugins/?locale=en_US. As part of this technical process, Facebook is informed which specific page of our website is visited by the data subject.

If the data subject is simultaneously logged on to Facebook, Facebook recognizes which specific subpage of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of their stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject clicks one of the Facebook buttons integrated into our website, for example the "Like" button, or if the data subject submits a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as they access our website; this occurs regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, they can prevent the transmission by logging out of their Facebook account before accessing our website.

The data policy published by Facebook, which is available at https://www.facebook.com/about/privacy/, provides information on the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transfer to Facebook.

18. Privacy Policy on the Use and Application of Features of the Amazon Partner Program

As a participant in the Amazon Partner Program, the data controller has integrated Amazon components into this website. The Amazon components have been designed by Amazon with the aim of attracting customers via advertisements on various Amazon Group websites, in particular Amazon.co.uk, Local.Amazon.co.uk, Amazon.de, BuyVIP.com, Amazon.fr, Amazon.it and Amazon.es. BuyVIP.com against payment of a commission. The data controller may generate advertising revenue by using the Amazon components.

The operating company of these Amazon components is Amazon EU S.à.r.l, 5 Rue Plaetis, L-2338 Luxembourg, Luxembourg.

Amazon places a cookie on the information technology system of the data subject. What cookies are has already been explained above. Each time a user visits one of the individual pages of this website, which is operated by the data controller and into which an Amazon component has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the respective Amazon component to transmit data to Amazon for the purpose of online advertising and the settlement of commissions. Within the scope of this technical procedure, Amazon obtains knowledge of personal data which is used by Amazon to trace the origin of orders received by Amazon and subsequently enable commission settlement. Among other things, Amazon can trace that the data subject has clicked on a partner link on our website.

The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting in the internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Amazon from setting a cookie on the information technology system of the data subject. In addition, cookies already set by Amazon can be deleted at any time via an internet browser or other software programs.

Further information and Amazon's applicable data protection regulations can be found at: https://www.amazon.co.uk/gp/help/customer/display.html?ie=UTF8&nodeId=201909010&ref_=footer_privacy

19. Data Protection Policy on the Use and Application of Getty Images Pictures

The data controller has integrated Getty Images components into this website. Getty Images is an American image agency. An image agency is a company that offers images and other visual material on the market. Photo agencies usually market photographs, illustrations and film material. Through a picture agency, various customers, especially website operators, editorial offices of print and TV media and advertising agencies, license the images they use.

The operating company of the Getty Images components is Getty Images International, 1st Floor, The Herbert Building, The Park, Carrickmines, Dublin 18, Ireland.

Getty Images permits the embedding of stock images (free of charge, if applicable). Embedding is the inclusion or integration of certain third-party content, such as text, video or image data, that is provided by a third-party website and then appears on your own website. A so-called embed code is used for embedding. An embed code is HTML code that is integrated into a website by a website operator. If an embedding code has been integrated by a website operator, the external contents of the other website are displayed immediately as soon as a website is visited. To display the external content, the external content is loaded directly from the other website. Getty Images provides additional information about embedding content at: https://www.gettyimages.co.uk/resources/embed?language=en-GB

Through the technical implementation of the embed code that enables Getty Images' pictures to be displayed, the IP address of the internet connection through which the data subject accesses our website is transmitted to Getty Images. Getty Images also collects information about our website, the type of browser used, the browser language, the time and length of access. In addition, Getty Images may collect navigational information, which is information about which of our subsites the individual has visited and which links have been clicked on, and other interactions that the individual has engaged in while visiting our website. This information may be stored and analyzed by Getty Images.

Further information and Getty Images' current privacy policy can be found at: https://www.gettyimages.co.uk/company/privacy-policy?language=en-GB

20. Data Protection Regulations for the Use and Application of Google AdSense

The data controller has integrated Google AdSense into this website. Google AdSense is an online service which enables the placement of advertising on third party sites. Google AdSense is based on an algorithm which selects the advertisements displayed on third party sites according to the content of the respective third party site. Google AdSense allows an interest-related targeting of the internet user, which is implemented by generating individual user profiles.

The operating company of the Google AdSense component is Alphabet Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of the Google AdSense component is to integrate advertisements into our website. Google AdSense sets a cookie on the information technology system of the data subject. What cookies are, has already been explained above. By setting the cookie, Alphabet Inc. is able to analyze the use of our website. Each time the data subject accesses one of the individual pages of this website operated by the data controller and into which a Google AdSense component has been integrated, the web browser on the data subject's information technology system is automatically prompted by the respective Google AdSense component to transmit data to Alphabet Inc. for the purposes of online advertising and commission payments. As part of this technical process, Alphabet Inc. obtains knowledge of personal data, such as the IP address of the data subject, which is used by Alphabet Inc. among other things to trace the origin of visitors and clicks and subsequently to enable commission settlements.

The data subject can prevent cookies from being set by our website at any time, as described above, by changing the settings of the web browser used, thereby permanently disabling the setting of cookies. Such a setting of the internet browser would also prevent Alphabet Inc. from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Alphabet Inc. can be deleted at any time via the internet browser or other software programs.

Google AdSense also uses so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in internet pages to enable log file recording and log file analysis, which enables statistical evaluation. Alphabet Inc. can use the embedded pixel-code to identify whether and when an internet page was opened by a data subject and which links were clicked on by the data subject. Tracking pixels are used, among other things, to evaluate the flow of visitors to a website.

Through Google AdSense, personal data and information including the IP address, which is necessary for the collection and billing of the advertisements displayed, is transferred to Alphabet Inc. in the United States of America. This personal data is stored and processed in the United States of America. Alphabet Inc. may pass on the personal data collected via this technical process to third parties.

Google AdSense is explained in more detail under this link: https://www.google.de/intl/en_uk/adsense/start/

21. Data Protection Policy for the Use and Application of Google Analytics (with Anonymisation Function)

The data controller has integrated a Google Analytics component (with anonymisation function) into this website. Google Analytics is a web analysis service. Web analysis is the acquisition, collection and evaluation of data on the behaviour of visitors to websites. Among other things, a web analysis service collects data on which website a data subject came to the respective website from (so-called referrers), which sub-pages of the website were accessed or how often and for how long a subpage was viewed. A web analysis is mainly used to optimise a website and to analyse the cost-benefit of internet advertising.

The operating company of the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The data controller uses the addition "_gat._anonymizeIp" for web analysis via Google Analytics. By means of this addition, the IP address of the data subject's internet connection is shortened and made anonymous by Google if our internet pages are accessed from a member state of the European Union or from another state that is a party to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Among other things, Google uses the data and information obtained to evaluate the use of our website, to compile online reports for us which show the activities on our website, and to provide further services in connection with the use of our website.

Google Analytics places a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is able to analyse the use of our website. Each time one of the individual pages of this website, which is operated by the data controller and into which a Google Analytics component has been integrated, is accessed, the internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. Within the scope of this technical procedure, Google receives knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently to enable commission settlements.

By means of the cookie, personal information such as the access time, the place from which an access originated and the frequency of visits to our website by the data subject is stored. Each time our website is visited, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on the personal data collected through this technical process to third parties.

The data subject can prevent the setting of cookies by our website at any time as already described above by means of a corresponding setting in the internet browser used and thus permanently object to the setting of cookies. Such a setting of the respective internet browser would also prevent Google from placing a cookie on the data subject's information technology system. In addition, a cookie already set by Google Analytics can be deleted at any time via the web browser or other software programs.

Furthermore, the data subject has the opportunity to object to and prevent the collection of data generated by Google Analytics and relating to the use of this website and the processing of this data by Google. To do this, the data subject must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout?hl=en-GB. This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered an objection by Google. If the data subject's information technology system is deleted, formatted or reinstalled at a later date, the data subject must reinstall the Browser Add-On in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within his or her sphere of control, the browser add-on may be reinstalled or reactivated.

Further information and Google's applicable privacy policy can be found at https://policies.google.com/privacy?hl=en-GB&gl=de and https://marketingplatform.google.com/about/analytics/terms/gb/. Google Analytics is explained in more detail here https://marketingplatform.google.com/intl/en_uk/about/.

22. Privacy Policy for the Use and Application of Google Remarketing

The data controller has integrated Google Remarketing services into this website. Google Remarketing is a feauture of Google AdWords that enables a company to display advertising to internet users who have previously visited the company's website. The integration of Google Remarketing thus allows a company to create user-related advertising and thus to display interest-relevant advertisements to the Internet user.

The operating company of the Google Remarketing services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google Remarketing is the display of interest-relevant advertising. Google Remarketing enables us to display advertisements that are tailored to the individual needs and interests of internet users via the Google advertising network or to have them displayed on other websites.

Google Remarketing places a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is able to recognise the visitor of our website if they subsequently access websites that are also members of the Google advertising network. Each time a website into which the Google Remarketing service has been integrated is accessed, the internet browser of the data subject automatically identifies itself to Google. In the course of this technical process, Google obtains knowledge of personal data, such as the IP address or the surfing behaviour of the user, which Google uses, among other things, to display interest-relevant advertising.

By means of the cookie, personal information, such as the websites visited by the data subject, is stored. Whenever a user visits our website, personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on the personal data collected through this technical process to third parties.

The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting in the employed internet browser and thus permanently object to the setting of cookies. Such a setting of the utilized internet browser would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the web browser or other software programs.

Furthermore, the data subject has the opportunity to object to interest-based advertising by Google. To do so, the data subject must visit https://adssettings.google.com/anonymous?sig=ACi0TCjUGIaZZq3g3DIlVYu3YgFmXeEZkANg-8qn0EBdB2iv-M5WfWGguroS-eAm27YODCOmyu0-RX0S1sKOBrMl9d9sC8CW5AlT0ccnlZXa6xGaAt_GVWk&hl=en from every internet browser they use and adjust the desired settings there.

Further information and Google's applicable privacy policy can be found at: https://policies.google.com/privacy?hl=en-GB&gl=de

23. Privacy Policy for the Use and Application of Google AdWords

The data controller has integrated Google AdWords into this website. Google AdWords is an internet advertising service that allows advertisers to display ads in Google's search engine results as well as in the Google advertising network. Google AdWords allows an advertiser to set pre-defined keywords that will display an ad in Google's search engine results only when the user uses the search engine to retrieve a keyword-related search result. In the Google advertising network, the ads are distributed to topic-relevant web pages by means of an automatic algorithm and in accordance with the previously defined keywords.

The operating company of the Google AdWords services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google AdWords is to advertise our website by displaying interest-related advertisements on the websites of third parties and in the search engine results of the Google search engine and by displaying third-party advertising on our website.

If a data subject reaches our website via a Google advertisement, a so-called conversion cookie is stored on the information technology system of the data subject by Google. What cookies are has already been explained above. A conversion cookie loses its validity after thirty days and does not serve to identify the data subject. If the cookie has not expired, the conversion cookie is used to determine whether certain sub-pages, such as the shopping cart from an online shop system, have been accessed on our website. The conversion cookie enables us and Google to track whether a person who has reached our website via an AdWords ad generated sales, i.e. whether they have completed or abandoned a purchase.

The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither our company nor other Google AdWords advertisers receive any information from Google that could be used to identify the data subject.

The conversion cookie is used to store personal information, such as the websites visited by the data subject. Whenever a person visits our website, personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on the personal data collected through this technical process to third parties.

The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting in the employed web browser and thus permanently object to the setting of cookies. Such a setting of the used internet browser would also prevent Google from setting a conversion cookie on the information technology system of the data subject. In addition, a cookie already set by Google AdWords can be deleted at any time via the internet browser or other software programs.

Furthermore, the data subject has the opportunity to object to interest-based advertising by Google. To do so, the data subject must access the link https://adssettings.google.com/anonymous?sig=ACi0TCjUGIaZZq3g3DIlVYu3YgFmXeEZkANg-8qn0EBdB2iv-M5WfWGguroS-eAm27YODCOmyu0-RX0S1sKOBrMl9d9sC8CW5AlT0ccnlZXa6xGaAt_GVWk&hl=en from every internet browser they use and adjust the desired settings there.

Further information and Google's applicable privacy policy can be found at: https://policies.google.com/privacy?hl=en-GB&gl=de

24. Data Protection Policy for the Use and Application of Instagram

The data controller has integrated components of the Instagram service into this website. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and also to distribute such data in other social networks.

The operating company of Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Each time the data subject accesses any of the individual pages of this website operated by the data controller and into which an Instagram component (Insta Button) has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the relevant Instagram component to download a representation of the relevant Instagram component. As part of this technical process, Instagram is informed which specific page of our website is visited by the data subject.

If the data subject is simultaneously logged on to Instagram, Instagram will recognize which specific page of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of the respective visit to our website. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the data subject. If the data subject clicks on one of the Instagram buttons integrated into our website, the data and information thus transmitted is assigned to the personal Instagram user account of the data subject and stored and processed by Instagram.

Instagram will receive information via the Instagram component that the data subject has visited our website whenever the data subject is logged in to Instagram at the same time as accessing our website, regardless of whether the data subject clicks on the Instagram component or not. If the data subject does not wish for this information to be sent to Instagram, they can prevent it from being transmitted by logging out of their Instagram account before accessing our website.

Further information and Instagram's applicable privacy policy can be found at https://help.instagram.com/519522125107875 and https://www.instagram.com/about/legal/terms/api/.

25. Data Protection Regulations for the Use and Application of Jetpack for WordPress

The data controller has integrated Jetpack into this website. Jetpack is a WordPress plug-in that offers additional functions to the operator of an internet page based on WordPress. Among other things, Jetpack allows the website operator to obtain an overview of the visitors to the site. By displaying related articles and publications or the possibility to share content on the site, it is also possible to increase the number of visitors. In addition, security functions are integrated into Jetpack so that a website using Jetpack is better protected against brute force attacks. Jetpack also optimizes and speeds up the loading of images integrated into the website.

The operating company of the Jetpack plug-in for WordPress is Automattic Inc, 132 Hawthorne Street, San Francisco, CA 94107, USA. The operating company uses the tracking technology of Quantcast Inc, 201 Third Street, San Francisco, CA 94103, USA.

Jetpack places a cookie on the information technology system of the data subject. What cookies are has already been explained above. Each time a user accesses any of the individual pages of this website operated by the data controller and into which a Jetpack component has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the relevant Jetpack component to transmit data to Automattic for analysis purposes. As part of this technical process, Automattic will be informed of data which will subsequently be used to create an overview of the visits to the website. The data thus obtained is used to analyse the behaviour of the data subject who has accessed the website of the controller and is evaluated with the aim of optimising the website. The data collected via the Jetpack component will not be used to identify the data subject without the prior explicit consent of the data subject. The data is also passed on to Quantcast. Quantcast uses the data for the same purposes as Automattic.

The data subject can prevent the setting of cookies by our website, as described above, at any time by means of a corresponding setting in the utilised internet browser and thus permanently object to the setting of cookies. Such setting of the employed internet browser would also prevent Automattic/Quantcast from setting a cookie on the information technology system of the data subject. In addition, cookies already set by Automattic can be deleted at any time via the web browser or other software programs.

Furthermore, the data subject has the opportunity to object to and prevent the collection of data generated by the Jetpack cookie and relating to a use of this website and the processing of such data by Automattic/Quantcast. To do so, the data subject must press the opt-out button under the link https://www.quantcast.com/opt-out/, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the information technology system used by the data subject. If the cookies are deleted on the data subject's system after an objection, the data subject must access the link again and set a new opt-out cookie.

However, once the opt-out cookie has been set, it is possible that the data subject may no longer be able to use the full scope of the data controller's website.

Automattic's applicable privacy policy is available at https://automattic.com/privacy/. Quantcast's applicable privacy policy is accessible at https://www.quantcast.com/privacy/.

26. Privacy Policy for the Use and Application of LinkedIn

The data controller has integrated components of the LinkedIn Corporation into this website. LinkedIn is an Internet-based social network that allows users to connect with existing business contacts and to establish new business contacts. Over 400 million registered users use LinkedIn in more than 200 countries. This currently makes LinkedIn the largest platform for business contacts and one of the most visited websites in the world.

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the USA.

Each separate time the data subject accesses our website, which is equipped with a LinkedIn component (LinkedIn plug-in), this component triggers the browser used by the data subject to download a corresponding rendering of the LinkedIn component. Further information about LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. This technical process allows LinkedIn to know which specific page of our website is visited by the data subject.

If the data subject is simultaneously logged on to LinkedIn, LinkedIn will know which specific page of our website the data subject is visiting each time the data subject accesses our website, and throughout the time the data subject is on our website. This information is collected by the LinkedIn component and assigned by LinkedIn to the LinkedIn account of the data subject. If the data subject clicks on a LinkedIn button integrated into our website, LinkedIn will associate this information with the personal LinkedIn user account of the data subject and store this personal data.

LinkedIn will receive information via the LinkedIn component that the data subject has visited our website whenever the data subject is logged in to LinkedIn at the same time as they visit our website, regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be sent to LinkedIn, they may prevent it from being sent by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the ability to unsubscribe from email, SMS, and targeted ads, and to manage ad preferences, at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame who may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal/cookie-policy. LinkedIn's current privacy policy is available at https://www.linkedin.com/legal/privacy-policy. LinkedIn's cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

27. Privacy Policy for the Use and Application of Pinterest

The data controller has integrated components of Pinterest Inc. into this website. Pinterest is a so-called social network. A social network is a social meeting place operated on the internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the internet community to provide personal or company-related information. Pinterest enables users of the social network, among other things, to publish collections of images and individual pictures as well as descriptions on virtual pin boards (so-called pinning), which can then be shared by other users (so-called repinning) or commented on.

The operating company of Pinterest is Pinterest Inc, 808 Brannan Street, San Francisco, CA 94103, USA.

Each time a user accesses one of the individual pages of this website, which is operated by the data controller and into which a Pinterest component (Pinterest plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Pinterest component to download a representation of the corresponding Pinterest component from Pinterest. More information about Pinterest is available at https://about.pinterest.com/en. This technical process allows Pinterest to know which specific page of our website is visited by the data subject.

If the data subject is logged on to Pinterest while they visit our website, Pinterest will know which specific page of our website they are visiting each time they access our website and for the entire duration of their visit to our website. This information is collected by the Pinterest component and assigned by Pinterest to the respective Pinterest account of the data subject. If the data subject clicks on a Pinterest button integrated into our website, Pinterest will assign this information to the personal Pinterest user account of the data subject and store this personal data.

The Pinterest component informs Pinterest that the data subject has visited our website if the data subject is logged on to Pinterest at the same time as they access our website, regardless of whether they click on the Pinterest component or not. If the data subject does not wish for this information to be sent to Pinterest, they can prevent it from being disclosed by logging out of their Pinterest account before accessing our website.

The Privacy Policy published by Pinterest, which is available at https://policy.pinterest.com/en-gb/privacy-policy, provides information on the collection, processing and use of personal data by Pinterest.

28. Data Protection Policy on the Use and Application of Shariff

The data controller has integrated the Shariff component into this website. The Shariff component provides social media buttons that comply with data protection regulations. Shariff was developed for the German computer magazine c't and is published by GitHub, Inc.

The developer of the component is GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA.

Button solutions provided by social networks usually transfer personal data to the respective social network as soon as a user visits a website into which a social media button has been integrated. By using the Shariff component, personal data is only transmitted to social networks when the visitor of a website actively clicks one of the social media buttons. Further information on the Shariff component is available at https://wordpress.org/plugins/shariff/. The purpose of using the Shariff component is to protect the personal data of visitors to our website and at the same time enable us to integrate a button solution for social networks into this website.

Further information and GitHub's current privacy policy can be found at: https://help.github.com/articles/github-privacy-policy/

29. Privacy Policy for the Use and Application of Tumblr

The data controller has integrated Tumblr components into this website. Tumblr is a platform that enables users to create and operate a blog. A blog is a portal maintained on a website, usually publicly accessible, where one or more people called bloggers or webloggers can post articles or write down thoughts in so-called blog posts. In a blog on Tumblr, for example, the user can publish texts, images, links and videos and distribute them in a digital space. In addition, Tumblr users can incorporate content from other websites into their own blog.

Tumblr is operated by Tumblr, Inc. 35 East 21st St, Ground Floor, New York, NY 10010, USA.

Each time a data subject accesses one of the individual pages of this website, which is operated by the data controller and into which a Tumblr component (Tumblr button) has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the respective Tumblr component to download a representation of the corresponding Tumblr component from Tumblr. Further information on the Tumblr buttons is available at https://www.tumblr.com/docs/en/share_button and https://www.tumblr.com/buttons. As part of this technical process, Tumblr is informed which specific subpage of our website is visited by the data subject. The purpose of integrating the Tumblr component into our website is to enable our users to redistribute the contents of this website, to make this website known in the digital world and to increase our visitor numbers.

If the data subject is logged in to Tumblr while visiting our website, Tumblr will recognize which specific page of our website the data subject is visiting each time the data subject accesses our website and for the duration of their stay on our website. This information is collected by the Tumblr component and assigned by Tumblr to the respective Tumblr account of the data subject. If the data subject clicks on one of the Tumblr buttons integrated into our website, the data and information transferred with it is assigned to the personal Tumblr user account of the data subject and stored and processed by Tumblr.

Tumblr will receive information via the Tumblr component that the data subject has visited our website whenever the data subject is logged in to Tumblr at the same time as they access our website; this occurs regardless of whether the data subject clicks on the Tumblr component or not. If the individual does not want this information to be transmitted to Tumblr, the individual may opt-out of such transmission by logging out of their Tumblr account prior to accessing our website.

Tumblr's current privacy policy is available at: https://www.tumblr.com/privacy/en_eu

30. Data Protection Regulations on the Use and Application of Twitter

The data controller has integrated Twitter components into this website. Twitter is a multilingual, publicly accessible microblogging service where users can post and disseminate so-called tweets, i.e. short messages limited to 280 characters. These short messages can be accessed by anyone, including people who are not registered on Twitter. The tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow the tweets of a user. Furthermore, Twitter enables the communication with a broad audience via hashtags, links or retweets.

The operating company of Twitter is Twitter, Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Each time a data subject accesses one of the individual pages of this website operated by the data controller and into which a Twitter component (Twitter button) has been integrated, the internet browser on the information technology system of the data subject is automatically prompted by the respective Twitter component to download a display of the corresponding Twitter component from Twitter. Further information on the Twitter buttons is available at:

https://developer.twitter.com/en/docs/twitter-for-websites/follow-button/overview
https://help.twitter.com/en/using-twitter/add-follow-button-to-website
https://developer.twitter.com/en/docs/twitter-for-websites/tweet-button/overview
https://help.twitter.com/en/using-twitter/add-twitter-share-button

As part of this technical process, Twitter is informed which specific subpage of our website is visited by the data subject. The purpose of integrating the Twitter component is to enable our users to further disseminate the content of this website, to make this website known in the digital world and to increase our visitor numbers.

If the data subject is simultaneously logged on to Twitter, Twitter recognizes which specific subpage of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of their stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the data subject. If the data subject clicks on one of the Twitter buttons integrated into our website, the data and information transmitted in this way is assigned to the personal Twitter user account of the data subject and stored and processed by Twitter.

Twitter receives information via the Twitter component that the data subject has visited our website if the data subject is logged on to Twitter at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Twitter component or not. If the data subject would not like this information to be sent to Twitter, they can prevent it from being sent by logging out of their Twitter account before accessing our website.

The applicable data protection regulations of Twitter are available at: https://twitter.com/privacy?lang=en

31. Privacy Policy for the Use and Application of Xing

The data controller has integrated components of Xing into this website. Xing is an Iinternet-based social network that allows users to connect with existing business contacts and to establish new business contacts. Individual users can create their own personal profile on Xing. For example, companies can create company profiles or post job offers on Xing.

Xing is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time the data subject visits one of the individual pages of this website, which is operated by the data controller and into which a Xing component (Xing plug-in) has been integrated, the web browser on the information technology system of the data subject is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information on the Xing plug-ins can be found at https://dev.xing.com/plugins. As part of this technical process, Xing is informed which specific subpage of our website is visited by the data subject.

If the data subject is simultaneously logged on to Xing, Xing recognizes which specific subpage of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of their visit to our website. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the data subject clicks on one of the Xing buttons integrated into our website, for example the "Share" button, Xing assigns this information to the personal Xing user account of the data subject and stores this personal data.

Xing will always receive information via the Xing component that the data subject has visited our website if the data subject is logged on to Xing at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want this information to be transmitted to Xing, they can prevent the transmission by logging out of their Xing account before accessing our website.

The data protection regulations published by Xing, which are available at https://privacy.xing.com/en/privacy-policy, provide information about the collection, processing and use of personal data by Xing. Xing has also published data protection information for the XING Share button at https://dev.xing.com/plugins/share_button/privacy_policy.

32. Data Protection Regulations on the Use and Application of YouTube

The data controller has integrated YouTube components into this website. YouTube is an online video portal that allows video publishers to post video clips for free and other users to view, rate and comment on them, also free of charge. YouTube allows for the publication of all types of videos, which is why complete film and television programmes, but also music videos, trailers or videos created by users themselves can be accessed via the internet portal.

YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time the data subject accesses one of the individual pages of this website operated by the data controller and into which a YouTube component (YouTube video) has been integrated, the web browser on the data subject's information technology system is automatically prompted by the respective YouTube component to download a rendering of the corresponding YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/intl/en-GB/about/. As part of this technical process, YouTube and Google are informed which specific subpage of our website is visited by the data subject.

If the data subject is simultaneously logged on to YouTube, YouTube recognizes which specific subpage of our website the data subject is visiting whenever a subpage containing a YouTube video is accessed. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.

YouTube and Google receive information via the YouTube component that the data subject has visited our website whenever the data subject is logged on to YouTube at the same time as they visit our website, regardless of whether the data subject clicks on a YouTube video or not. If the data subject does not wish for this information to be transferred to YouTube and Google, they can prevent this transfer by logging out of their YouTube account before accessing our website.

The privacy policy published by YouTube, which is available at https://policies.google.com/privacy?hl=en-GB, provides information about the collection, processing and use of personal data by YouTube and Google.

33. Payment Method: Privacy Policy for PayPal as a Payment Method

The data controller has integrated components of PayPal into this website. PayPal is an online payment service provider. Payments are processed through so-called PayPal accounts, which are virtual private or business accounts. In addition, PayPal offers the possibility to process virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no classic account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If the data subject selects "PayPal" as a payment option during the ordering process in our online shop, data of the data subject is automatically transmitted to PayPal. By selecting this payment option, the data subject agrees to the transfer of personal data required for the payment process.

The personal data transmitted to PayPal is usually first name, last name, address, email address, IP address, telephone number, mobile phone number or other data necessary for the payment processing. Personal data which is related to the respective order is also necessary for processing the purchase contract.

The transmission of the data is intended for payment processing and fraud prevention. The data controller will transmit personal data to PayPal in particular if there is a legitimate reason for the transmission. The exchanges of personal data between PayPal and the data controller may be disclosed by PayPal to credit reference agencies. The purpose of this data transfer is to verify identity and creditworthiness.

PayPal may share the personal data with affiliated companies and service providers or subcontractors to the extent necessary to perform its contractual obligations or to carry out the processing under contract.

The data subject may revoke his or her consent to PayPal's handling of personal data at any time. A revocation does not affect personal data that must be processed, used or transmitted for the (contractual) handling of payments.

PayPal's applicable data protection regulations can be found at: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full

34. Payment Method Klarna: Privacy Policy for Immediate Bank Transfer, Invoice and Instalment Purchase as Payment Methods

(a) Germany

In order to be able to offer you Klarna's payment options, we will transfer personal data, such as contact details and order information, to Klarna. This will enable Klarna to assess whether you can take advantage of the payment options offered by Klarna and to adapt the payment options to your needs. General information about Klarna is available here. Klarna will treat your personal data in accordance with the applicable data protection regulations and as described in Klarna's privacy policy.

b) Austria

In order to be able to offer you Klarna's payment options, we will transfer personal data, such as contact details and order information, to Klarna. This will enable Klarna to assess whether you can take advantage of the payment options offered by Klarna and to adapt the payment options to your needs. General information about Klarna is available here. Klarna will treat your personal data in accordance with the applicable data protection regulations and as described in Klarna's privacy policy.

35. Legal Basis for Data Processing

Art. 6 I lit. a GDPR serves as a legal basis for our company for data processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract of which the data subject is a party, as is the case, for example, with processing operations necessary for the supply of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations which are necessary to carry out pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation which makes it necessary to process personal data, for example to fulfil tax obligations, processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were to be injured and their name, age, health insurance details or other vital information had to be disclosed to a doctor, hospital or other third party. In this case the processing would be based on Art. 6 I lit. d GDPR. Lastly, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations which are not covered by any of the aforementioned legal grounds are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or of a third party, unless the interests, fundamental rights and freedoms of the data subject prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it argued that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 sentence 2 GDPR).

36. Justified Interests in Data Processing Pursued by the Controller or a Third Party

If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is to carry out our business activities to the benefit of the well-being of all our employees and our shareholders.

37. Duration for which Personal Data is Stored

The criterion for the duration of storage of personal data is the respective legal retention period. After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfilment or initiation of the contract.

38. Legal or Contractual Regulations for the Provision of Personal Data; Necessity for the Conclusion of a Contract; Obligation of the Data Subject to Provide the Personal Data; Possible Consequences of Non-Submittal

We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information about the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before the data subject makes personal data available, the data subject may contact one of our employees. Our employee will inform the data subject on whether the provision of personal data is required by law or contract in their individual case or if it is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.

39. The Existence of Automated Decision Making

As a conscientious company, we refrain from automatic decision making or profiling.

 

In cooperation with the data protection lawyer Christian Solmecke, this data protection declaration was created by the data protection declaration generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH, which acts as the External Data Protection Commissioner for Bavaria.

Viewed