Privacy Policy

Our business is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to display our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

1                          Introduction

 

With this information we inform visitors and users of the website about the type, scope and purpose of the processing of personal data when visiting the website or using the services provided on it. We also inform about the rights that the data subject (the person concerned, website visitor) is entitled to as a result of data processing.

It is possible to visit the Internet pages without personal data being collected. However, for the use of some services offered on the website, it may be necessary to process personal data. The processing is carried out either on the basis of a legal permission standard, or, in the event that a legal permission standard does not exist, on the basis of a consent that has been obtained from the data subject beforehand.

2                          Definitions

This information and explanations are based on the terms of the German General Data Protection Regulation law (DSGVO):

2.1                     Personal Information

Personal data is all information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject"). Considered to be identifiable is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

 

2.2                     Processing

Processing means any operation or set of operations which is carried out with or without the aid of automated processes and which relates to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparing or connection, qualification, erasure or destruction.

2.3                     Restriction of processing

The limitation of processing is the marking of stored personal data with the aim of limiting its future processing.

2.4                     Profiling

Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or movement of that natural person.

 

2.5                     Pseudonymisation

Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not attributed to an identified or identifiable natural person.

 

2.6                     Controller or data controller (person responsible for the processing)

The person responsible or person responsible for the processing, also known as the controller or data controller, is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are laid down by European Union law or by the law of the Member States, the controller or controllers may be designated in accordance with European Union law or with the law of the Member States on the basis of certain criteria.

 

2.7                     Processors

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

2.8                     Recipients

The recipient is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the context of a specific investigation mandate under European Union law or the law of the Member States shall not be considered as recipients.

 

2.9                     Third parties

A third party means any natural or legal person, public authority, agency or body other than the visitor to the website, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.

 

2.10                  Consent

Consent shall mean any voluntary and informed and unequivocal expression of intention, in the particular case, in the form of a statement or other unequivocal affirmative act by which the data subject indicates his or her consent to the processing of his or her personal data.

 

3                          Cookies

So-called cookies are used on the website. Cookies are text files that are stored on the computer system of the person visiting the website.

Many cookies contain a unique identifier that consists of a string of characters that can be used by the system to recognise users. This serves to adapt the Internet offer individually and in a user-friendly way to the respective visitor.

 

There are different types of cookies. Most cookies are deleted from the hard disk at the end of the browser session (so-called session cookies). Other cookies remain on the computer and make it possible to recognise the computer during the next visit (so-called permanent cookies). These cookies serve, for example, to greet you with your individual user name and, for example, make it unnecessary to re-enter user names and passwords or fill out forms.

If the use of cookies is not desired, the visitor can prevent the use of cookies by preventing the setting and storage of cookies in the settings of their browser. In the settings, you can also delete existing cookies at any time. This is possible in all common Internet browsers.

 

In the event that the visitor to the website has prevented the setting of cookies in the settings, not all functions of the website may be fully usable under certain circumstances.

 

Cookies from third parties are generally not used.

 

4                          Collection of data and information

When the website is accessed, general data and information are collected, which are stored in log files on the server.

Data is collected about the type of browser used and the version of the browser, the operating system used to access the website, the website from which the visitor accesses the website, the sub-pages that the visitor accesses, the date and time of access, the IP address, the Internet service provider and other similar data and information used to avert an attack on the IT system.

 

Under no circumstances will conclusions be drawn about the visitor. Rather, the information is needed so that the contents of the website can be displayed correctly. The data is also collected in order to make available, in the event of a cyber-attack, the information required for prosecution by the competent law enforcement authorities.

In any event, the data will be collected anonymously and stored separately from other personal data, which may be collected elsewhere in compliance with statutory data protection requirements.

 

5                          Contact via the website

 

Due to legal regulations, the website contains information that enables rapid electronic contact or direct communication with the operator of the website.

 

In the event of contact being established, e.g. by email or via a contact form, the personal data transmitted will be automatically stored.

 

In any event, the data will only be processed for the purpose resulting from the establishment of contact and will not be passed on to third parties unless the transfer is necessary for the processing of the establishment of contact.

 

6                          Routine deletion and blocking of personal data

 

Personal data will only be stored for the period of time necessary for the respective purpose of processing or due to legal requirements.

 

After the purpose has been achieved or the statutory retention period has expired, the personal data will be deleted routinely and in accordance with the statutory provisions. If the intended purpose of the processing has been achieved, but the data may not yet be deleted due to legal requirements, the data will be blocked.

 

7                          Legal basis of the processing

 

7.1  Data processing is based on Art. 6 para. 1. DSGVO, the German GDPR law. Thereafter, data processing shall be permitted if such processing:

  • takes place with the consent of the person concerned;

  • is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures;

  • is necessary to fulfil a legal obligation;

  • is necessary to protect the vital interests of the visitor to the website or any other natural person;

  • is necessary to safeguard the legitimate interests of the person responsible or of a third party, unless the interests or fundamental rights and freedoms of the visitor to the website which require the protection of personal data prevail, in particular where the person concerned is a child.

 

7.2  Insofar as data processing cannot be based on any other legal basis thereafter, data processing shall in principle only take place with the consent of the data subject, which shall be obtained and documented by the data subject prior to the commencement of processing.

7.3  If the data processing is based on a legitimate interest, it is necessary to weigh the interests of the data subject before starting the processing, which can nevertheless exclude data processing, even if the data processing appears appropriate for business purposes. In this case, expediency is not generally sufficient. What is required is that significant interests of the company, its employees or shareholders are directly affected by the data processing.

8                          Right of access and rectification

Persons whose data is processed have a legal claim to information, correction and deletion of their data. The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

 

In the event of a request for information, the following information shall be provided:

  • processing purposes;

  • categories of personal data processed;

  • recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;

  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;

  • the existence of a right to the rectification or erasure of personal data concerning him or her or to the limitation of the processing by the controller or of a right to object to such processing;

  • existence of a right of appeal to a supervisory authority;

  • if the personal data is not collected from the data subject;

  • All available information about the origin of the data;

  • Existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) of the DSGVO (the German GDPR law) and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject; transfer of data to a third country or to an international organisation and on the appropriate safeguards in relation to the transfer.

 

In the event of a request for rectification, incorrect data must be rectified or completed.

 

9                          Right to deletion

In the event of a request for deletion, the relevant personal data must be deleted immediately:

  • if the personal data has been collected or otherwise processed for purposes for which they are no longer needed;

  • the data was collected exclusively on the basis of the consent of the data subject, which the data subject has revoked;

  • the data subject objects to the processing pursuant to Art. 21 DSGVO (the German GDPR law) and in the event of revocation pursuant to Art. 21 para. 1 DSGVO (the German GDPR law) there are no overriding legitimate reasons for the processing;

  • the personal data has been processed unlawfully;

  • the deletion is required by law.

 

In the event that the data to be deleted has been made public, appropriate measures will be taken pursuant to Art. 17 para. 1 DSGVO (the German GDPR law), taking into account the available technology and implementation costs, to inform third parties processing the published personal data of the request for deletion.

 

10                       Right to limitation of processing

 

The data subject has a statutory right to demand the restriction of the processing of their data if they dispute the accuracy of the personal data or has lodged an objection pursuant to Art. 21 (1) DSGVO (the German GDPR law). In such a case, the processing shall be limited for such time as is necessary to verify the accuracy of the personal data or to establish whether there are reasons for the processing outweighing the interest of the data subject. If the processing is subsequently unlawful and the data subject refuses to have their data erased, they may instead request that the processing of their data be restricted.

The processing of the data must also be limited if it is no longer needed for the purpose for which it was collected, but are still required for the assertion, exercise or defence of legal claims.

The aforementioned rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

11                       Right to data transferability

 

Persons whose data is processed have a legal right to the data being transferred in a structured, common and machine-readable format or being transferred to a third party without hindrance, if the processing is based on the consent pursuant to Art. 6 para. 1 letter a DSGVO (the German GDPR law) or Art. 9 para. 2 letter a DSGVO (the German GDPR law) or on a contract pursuant to Art. 6 para. 1 letter b DSGVO (the German GDPR law) and the processing is carried out by means of automated procedures, provided that the processing is not necessary for the performance of a task which is in the public interest or which is carried out in the exercise of official authority assigned to the data controller.

 

The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

 

12                       Right to object

Affected parties have a legal right to object to data processing at any time.

In the event of an objection, the data will no longer be processed unless there are demonstrable compelling reasons worthy of protection for the continuation of the data processing, which outweigh the interests, rights and freedoms of the visitor to the website, or the processing serves the assertion, exercise or defence of legal claims.

 

In the event of an objection to processing for advertising purposes, the objection shall in principle take precedence. The data will then no longer be used for advertising purposes.

The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

 

13                       Right to revoke consent under data protection law

 

Affected parties can revoke their consent to data processing at any time.

The rights may be exercised at any time at the request of the data subject to the data protection officer or the management.

If you don’t want us to process your data anymore or if you would like to access, correct, amend or delete any personal information we have about you, please contact us through the contact form on the Contact page.

 

 

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.