Privacy

This privacy policy explains to you the nature, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offering and the associated websites, mobile applications for Android and iOS (hereinafter referred to as "Apps"), functions and content as well as external online presences such as our Social Media Profile (hereinafter referred to collectively as "Online Offer"). With regard to the terms used, such as "personal data" or their "processing", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

The use of our website as well as our apps is usually possible without providing personal data. As far as on our sides personal data (for example name, address or email addresses) are raised, this takes place, as far as possible, always on voluntary basis. This data will not be passed on to third parties without your express consent. We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can be subject to security vulnerabilities. A complete protection of the data against access by third parties is not possible. The use of published postal addresses, telephone or fax numbers and email addresses for marketing purposes is prohibited, offenders sending unwanted spam messages will be punished. The operators of these pages expressly reserve the right to take legal action against unsolicited mailing or e-mailing of spam and other similar advertising materials.


1. Contact details of the responsible person

The responsible body for data processing on this website is:

  • Nico Engler

  • Am Schlagbaum 18

  • 37520 Osterode am Harz, Germany

The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).


2. Categories of data subjects

The visitors of this website and users of the apps


3. Types of data processed

  • Stock data (for example, names, addresses)

  • Contact data (e.g. e-mail, telephone numbers)

  • Content data (e.g.: text input, photographs, videos)

  • Usage data (e.g.: websites visited, interest in content, access times)

  • Meta-/ communication data (e.g.: device information, IP addresses)


4. Purpose of the processing

  • Provision of the online offer, its functions and contents

  • Answering contact requests and communicating with users

  • Security measures

  • Reach measurement / marketing


5. Relevant legal bases

In accordance with Art. 13 GDPR we inform you about the legal basis of our data processing. If the legal basis is not mentioned in the privacy statement, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing in order to fulfil our services and carry out contractual measures as well as answer inquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for processing in order to fulfil our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing in order to safeguard our legitimate interests is Art. 6 para. 1 lit. f GDPR.

If vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.


6. Changes and updates of the privacy policy

We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as changes in the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.


7. Security measures

In accordance with Art. 32 GDPR, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the implementation costs and the nature, extent, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk to the rights and freedoms of natural persons.

Measures shall include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to, access to, inputting, disclosure, securing and separation of data. In addition, we have established procedures to ensure that data subjects' rights are exercised, that data is deleted and that we react to data threats. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).


8. Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of the use of third-party services or disclosure or transfer of data to third parties, this will only occur if it is done to fulfil our (pre)contractual obligations, on the basis of your consent, a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow the data to be processed in a third country only if the special requirements of Art. 44 ff. of the German Data Protection Act are met. Process GDPR. This means that the processing takes place, for example, on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA through the "Privacy Shield") or the observance of officially recognised special contractual obligations (so-called "standard contractual clauses").


9. Rights of the data subject

The applicable data protection law grants you comprehensive rights (information and intervention rights) vis-à-vis the person responsible with regard to the processing of your personal data, about which we will inform you below:

9.1. Right to information (pursuant to Art. 15 GDPR)

In particular, you have a right of access to your personal data processed by us, the purposes for which it is processed, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or storage period to which your data is to be put. the criteria for determining the storage period, the existence of a right to rectification, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it has not been collected by us from you, the existence of automated decision-making including profiling and, where applicable, meaningful information on the logic involved and the scope and desired effects of such processing concerning you, as well as your right to be informed of the guarantees pursuant to Art. 46 GDPR in the event of transfer of your data to third countries.

9.2. Right to rectification (pursuant to Art. 16 GDPR)

You have the right to have any incorrect data concerning you corrected and/or your incomplete data stored by us completed without delay.

9.3. Right to erasure (pursuant to Art. 17 GDPR)

You have the right to demand the deletion of your personal data if the requirements of Art. 17 para. 1 GDPR are met. However, this right shall not apply in particular if the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims.

9.4. Right to limitation of processing (pursuant to Art. 18 GDPR)

You have the right to demand the restriction of the processing of your personal data as long as the correctness of your data which you dispute is verified, if you refuse to delete your data due to unauthorised data processing and instead demand the restriction of the processing of your data, if you need your data for the assertion, exercise or defence of legal claims after we no longer need this data after purpose has been achieved or if you have lodged an objection due to reasons of your particular situation, as long as it is not yet known whether our legitimate reasons prevail.

9.5. Right to information (pursuant to Art. 19 GDPR)

If you have exercised your right to rectify, cancel or limit the processing of your personal data against the controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of such rectification, cancellation or limitation, unless this proves impossible or involves a disproportionate effort. They shall have the right to be informed of such recipients.

9.6. Right to data transferability (pursuant to Art. 20 GDPR)

You have the right to receive your personal data which you have provided to us in a structured, common and machine-readable format or to request the transmission to another responsible person as far as this is technically feasible.

9.7. Right to revoke consents given (pursuant to Art. 7 para. 3 DS GDPR GVO)

You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned, unless further processing can be based on a legal basis for processing without consent. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.

9.8. Right to appeal (pursuant to Art. 77 GDPR)

If you believe that the processing of your personal data is in breach of the GDPR, you have the right to complain to a supervisory authority, in particular in the Member State in which you are located, at your place of work or at the place where the alleged infringement is alleged, without prejudice to any other administrative or judicial remedy.

9.9. Right of opposition (pursuant to Art. 21 GDPR)

If we process your personal data within the scope of a weighing of interests on the basis of our predominantly legitimate interest, you have the right at any time, for reasons arising from your particular situation, to object to this processing with effect for the future.

If you make use of your right of objection, we will stop processing the data concerned. However, we reserve the right to further processing if we can prove compelling reasons for the processing worthy of protection which outweigh your interests, fundamental rights and fundamental freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

If your personal data is processed by us for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising. You can exercise the opposition as described above.


10. Use of Google Analytics

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 Para. 1 lit. f. of the German Civil Code), we act in accordance with the following principles GDPR) Google Analytics, a web analysis service of Google LLC ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transferred to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thereby offers a guarantee of compliance with European privacy laws (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on the activities within this online service and to provide us with other services associated with the use of this online service and the Internet. Pseudonymous user profiles of the users can be created from the processed data.

We only use Google Analytics with IP anonymization enabled. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser is not merged with other Google data. Users may refuse the use of cookies by selecting the appropriate settings on their browser, they may also refuse the use of cookies by selecting the appropriate settings on their browser, they may refuse the collection of information by Google regarding the use of cookies and the processing of such information by Google by selecting the appropriate settings on their browser, and they may refuse the use of cookies by selecting the appropriate settings on their browser, and they may refuse the use of cookies by selecting the appropriate settings on their browser, and by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

The personal data of the users will be deleted or anonymized after 14 months.

Further information on the use of data by Google, setting and objection options can be found in Google's data protection declaration (https://policies.google.com/technologies/ads) ) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).

As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent Google Analytics from collecting data from this website in the future: An opt-out cookie is stored on your device. If you delete your cookies, you must click this link again.


11. Use of Google Fonts

This page uses so-called web fonts to display the font. These are provided by Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) (http://www.google.com/webfonts/). When you call up our site, your browser loads the required web font into your browser cache. This is necessary so that your browser can also display an optically improved display of our texts. If your browser does not support this feature, a standard font will be used by your computer to display it.

Further information on Google Webfonts can be found at https://developers.google.com/fonts/faq?hl=en-EN&csw=1

You can find general information about data protection at Google at http://www.google.com/intl/en-EN/policies/privacy/


12. Use of Google Maps

This website uses Google Maps to visually display geographic information. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When Google Maps is used, Google also collects, processes and uses data on the use of the map functions by visitors. For more information about data processing by Google, please refer to the Google Privacy Notice. There you can also change your personal data protection settings in the data protection centre. Detailed instructions on how to manage your own data related to Google products can be found here: http://www.google.de/intl/de/policies/privacy/


13. Use of Facebook

We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.

This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.

Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).


14. Cooperation with processors and third parties

Insofar as we disclose data to other persons and companies (contract processors or third parties) within the scope of our processing, transfer them to them or otherwise grant them access to the data, this shall only take place on the basis of legal permission (e.g. if a transfer of the data to third parties, such as payment service providers, pursuant to Art. 6 Para. 1 lit. b GDPR is necessary for the performance of the contract), if you have consented to this, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.


15. Online presence in social networks

We maintain online presences within social networks and platforms in order to be able to communicate with customers, interested parties and users active there and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated in our data protection declaration, we process the data of users who communicate with us within social networks and platforms, e.g. post articles on our online presence or send us messages.


16. SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as a site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL encryption is activated, the data that you transmit to us cannot be read by third parties.


17. Cookies

The Internet pages use cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are text files that are stored on your computer and saved by your browser.

Most of the cookies we use are "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser so that you are informed when cookies are set and only allow cookies in individual cases, accept cookies for specific cases or generally exclude them and activate automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.


18. Hosting

The hosting services used by us serve the provision of the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services which we use for the purpose of operating this online service.

Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors to this online service on the basis of our legitimate interests in the efficient and secure provision of this online service in accordance with Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of contract processing agreement).


19. Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type/ browser version

  • Operating system used

  • Referrer URL

  • Host name of the accessing computer

  • Time of the server request

These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.


20. Contact form

When contacting us (e.g. via contact form, e-mail, telephone or via social media), the user's details will be processed for the purpose of processing the contact enquiry and processing it in accordance with Art. 6 Para. 1 lit. b) GDPR. The user data can be stored in a customer relationship management system ("CRM system") or comparable inquiry organization.

We will delete the requests if they are no longer necessary. We review the necessity every two years; furthermore, the statutory archiving obligations apply.


21. Contradiction advertising mails

We hereby object to the use of contact data published within the scope of the imprint obligation to send unsolicited advertising and information material. The operators of these pages expressly reserve the right to take legal action against unsolicited mailing or e-mailing of spam and other similar advertising materials.