Privacy Policy
This English translation is provided for convenience only. The German version is legally binding.
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. For detailed information on data protection, please refer to the privacy policy set out below this text.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator's contact details in the legal notice of this website.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may, for example, be data you enter into a contact form.
Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behaviour.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about your stored personal data, its origin and recipients and the purpose of the data processing, as well as a right to rectification, blocking or erasure of this data. You can contact us at any time at the address given in the legal notice regarding this and any other questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
2. General information and mandatory disclosures
Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
We would like to point out that data transmission on the internet (e.g. when communicating by email) may have security gaps. Complete protection of data against access by third parties is not possible.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. An informal notification by email to us is sufficient. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, erasure
Within the framework of the applicable legal provisions, you have the right at any time to receive information free of charge about your stored personal data, its origin and recipients and the purpose of the data processing and, where applicable, a right to rectification, blocking or erasure of this data. You can contact us at any time at the address given in the legal notice regarding this and any other questions on the subject of personal data.
Objection to promotional emails
We hereby object to the use of contact data published within the framework of our legal notice obligation for sending advertising and information materials not expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising being sent, for example through spam emails.
3. Hosting and authentication
External hosting by Hetzner
This website is hosted by Hetzner Online GmbH. The provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (hereinafter Hetzner).
Personal data collected on this website is stored on Hetzner's servers. This may include, in particular, IP addresses, contact enquiries, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.
The server locations are exclusively in data centers within the European Union.
Hetzner is used on the basis of Art. 6(1)(f) GDPR. We have a legitimate interest in presenting our website as reliably as possible. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR.
We have concluded a data processing agreement (DPA) with Hetzner. This is a contract required by data protection law, which ensures that Hetzner processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
For details, please refer to Hetzner's privacy policy: https://www.hetzner.com/legal/privacy-policy
Authentication by Clerk
We use the Clerk service of Clerk, Inc., 660 King Street Unit 345, San Francisco, CA 94107, USA, to authenticate our users.
When you register or sign in on our website, your authentication data (e.g. email address, encrypted password) is transmitted to Clerk and processed there. This serves the management of your user account and secure sign-in.
Clerk is used on the basis of Art. 6(1)(b) GDPR (performance of a contract) for providing the user account and on the basis of Art. 6(1)(f) GDPR due to our legitimate interest in a secure and user-friendly authentication method.
Clerk processes data in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find further information on the handling of user data in Clerk's privacy policy: https://clerk.com/legal/privacy
4. Data collection on our website
Cookies
The website partially uses so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, more effective and more secure. Cookies are small text files that are placed on your computer and stored by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be limited.
Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested (e.g. shopping cart function) are stored on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behaviour) are stored, these are treated separately in this privacy policy.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The basis for the data processing is Art. 6(1)(f) GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
5. Analytics tools and advertising
PostHog
We use the analytics service PostHog to understand user behaviour on our website and to improve our offering. The provider is PostHog, Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA.
PostHog collects and analyzes usage data such as pages visited, interactions with elements of the website, device and browser information as well as your pseudonymized user ID. This helps us to identify which features are popular and where we can optimize our website.
PostHog is used on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our online offering.
PostHog is a US company. Although the data may be processed on servers within the EU, a data transfer to the USA cannot be ruled out. To ensure an adequate level of data protection, we base the transfer on the standard contractual clauses of the EU Commission and have concluded a data processing agreement (DPA) with PostHog.
You can find further information on data protection at PostHog in their privacy policy: https://posthog.com/privacy
6. Payment providers
Stripe
On our website we offer, among other things, payment via Stripe. The provider of this payment service is Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA (hereinafter "Stripe").
If you select payment via Stripe, the payment data you enter is transmitted to Stripe.
The transmission of your data to Stripe is based on Art. 6(1)(a) GDPR (consent) and Art. 6(1)(b) GDPR (processing for the fulfilment of a contract). You have the option of revoking your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
For details, please refer to Stripe's privacy policy: https://stripe.com/en-de/privacy