Data protection

Privacy Policy

Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.

Server Log Files

You can visit our websites without providing any personal information.

Each time you access our website, usage data is transmitted to us or our web host / IT service provider by your internet browser and stored in log files (so-called server log files). This stored data includes, for example, the name of the accessed page, date and time of access, the IP address, the amount of data transferred, and the requesting provider. Processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offerings.

Your data will be transmitted to Canada, among other places. An adequacy decision by the EU Commission exists for data transfers to Canada.

Contact

Controller
Contact us if you wish. The controller for data processing is: Nesmuk Manufaktur GmbH & Co. KG, Burgstraße 101, 42655 Solingen, Germany, 02122357320, office@nesmuk.com

Proactive customer contact by email
If you proactively contact us by email for business purposes, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact serves to carry out pre-contractual measures (e.g., consultation for purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to processing of personal data concerning you, which is based on Art. 6 Para. 1 lit. f GDPR, for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

Collection and processing when sending images by email
You have the option to send us images by email in connection with ordering a personalized product.
By submitting your images, we may collect your personal data (image of identifiable persons) only to the extent provided by you. The data processing serves the purpose of creating personalized products. The transmitted image serves as a template for the product and is used for this purpose (e.g., T-shirt printing). Processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR and is necessary for the performance of a contract with you.
Your data will not be passed on.
We only use the image you send within the scope of service provision. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

Customer Account Orders

Customer Account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the legality of the processing carried out based on the consent until withdrawal. Your customer account will then be deleted.

Collection, processing, and transfer of personal data during orders

When ordering, we collect and process your personal data only to the extent necessary for the fulfillment and processing of your order and for handling your inquiries. The provision of data is necessary for the conclusion of a contract. Failure to provide it means that no contract can be concluded. Processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR and is necessary for the fulfillment of a contract with you.

Your data may be passed on to the shipping companies and dropshipping providers, payment service providers, service providers for order processing, and IT service providers selected by you. In all cases, we strictly adhere to legal requirements. The scope of data transmission is limited to a minimum.

Your data will be transmitted to Canada, among other places. An adequacy decision by the EU Commission exists for data transfers to Canada.

Advertising

Use of your personal data for sending postal advertising
We use your personal data (name, address) that we have received in the context of the sale of goods or services to send you postal advertising, provided you have not objected to this use. The provision of this data is necessary for the conclusion of the contract. Failure to provide it means that no contract can be concluded.
Processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in direct marketing. You can object to this use of your address data at any time by notifying us. The contact details for exercising the right to object can be found in the imprint.

Use of the email address for sending newsletters
We use your email address exclusively for our own advertising purposes for newsletter delivery, regardless of contract processing, provided you have expressly consented to this. Processing is carried out on the basis of Art. 6 Para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.

Your data will be passed on to a service provider for email marketing as part of order processing. No data will be passed on to other third parties.

Merchandise Management

Use of an external merchandise management system
We use a merchandise management system for contract processing within the scope of order processing. For this purpose, your personal data collected during the order process will be transmitted to
SoftEngine GmbH, Alte Bundesstraße 16, 76846 Hauenstein
.

Payment Service Providers Credit Assessment

Use of Klarna payment options

We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; “Klarna”) on our website. By selecting and using payment via Klarna, the data required for payment processing is transmitted to Klarna in order to fulfill the contract with you using the chosen payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

"Pay Later" (invoice), "Pay Now" (direct debit), "Financing" (installment purchase)

For individual payment methods such as "Pay Later" (invoice), "Pay Now" (direct debit), "Financing" (installment purchase), Klarna reserves the right to obtain a credit assessment based on mathematical-statistical procedures using credit agencies.

For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, email address, IP address, and data related to the order, to a credit agency for identity and credit assessment purposes and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. The credit assessment may contain probability values (score values) calculated on the basis of scientifically recognized mathematical-statistical procedures, which include, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for initiating a contract. Processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default, when Klarna makes advance payments. You have the right to object at any time to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR, for reasons arising from your particular situation, by notifying Klarna. The provision of data is necessary for the conclusion of the contract with your desired payment method. Failure to provide it means that the contract cannot be concluded with your chosen payment method.

Further information, in particular to which credit agencies Klarna transmits your personal data, can be found at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies.

General information about Klarna can be found at: https://www.klarna.com/de/. Your personal data will be handled by Klarna in accordance with applicable data protection regulations and as described in Klarna's privacy policy at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy.

Use of SOFORT

We use the payment service provider SOFORT GmbH (Theresienhöhe 12, 80339 Munich, Germany; "SOFORT") for payment processing on our website. Sofort GmbH is a company of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Data processing serves the purpose of being able to offer you various payment methods through payment processing via the payment service provider SOFORT. If you have chosen the payment option, the data required for payment processing will be transmitted to SOFORT. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider SOFORT can be found at https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ and https://www.klarna.com/sofort/.

Use of the payment service provider Stripe

We use the Stripe payment service provided by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) on our website. Data processing serves the purpose of offering you payment via the payment service. By selecting and using Stripe, the data required for payment processing is transmitted to Stripe to fulfill the contract with you using the chosen payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

Stripe reserves the right to obtain a credit assessment based on mathematical-statistical procedures using credit agencies. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. The credit assessment may contain probability values (score values) calculated on the basis of scientifically recognized mathematical-statistical procedures, which include, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for initiating a contract. Processing is carried out on the basis of Art. 6 Para. 1 lit. f DSGVO due to our overriding legitimate interest in protection against payment default, when PayPal makes advance payments.

You have the right to object at any time to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR, for reasons arising from your particular situation, by notifying Stripe. The provision of data is necessary for the conclusion of the contract with your desired payment method. Failure to provide it means that the contract cannot be concluded with your chosen payment method.

All Stripe transactions are subject to the Stripe Privacy Policy. You can find it at https://stripe.com/de/privacy

Cookies

Our website uses cookies. Cookies are small text files that are stored in or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables unique identification of the browser when the website is accessed again.

Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent.

You can find information on how to manage (including deactivating) cookies in the most common browsers under the following links:

Chrome: https://support.google.com/accounts/answer/61416?hl=de
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Technically Necessary Cookies

Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective, and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized again after a page change.

The use of cookies or similar technologies is based on § 25 Para. 2 TTDSG. The processing of your personal data is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.

You have the right to object at any time to this processing of personal data concerning you, for reasons arising from your particular situation.

Use of Cookiebot
We use the consent management tool Cookiebot from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark; “Cookiebot”) on our website.
The tool allows you to give consent for data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw consent already given. Data processing serves the purpose of obtaining and documenting necessary consents for data processing and thus complying with legal obligations.
Cookies may be used for this purpose. Among other things, the following information may be collected and transmitted to Cookiebot: anonymized IP address, date and time of consent, URL from which consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to other third parties.
Data processing is carried out to fulfill a legal obligation based on Art. 6 Para. 1 lit. c GDPR.
Further information on data protection at Cookiebot can be found at: https://www.cookiebot.com/de/privacy-policy/

Analysis Ad Tracking

Use of Google Analytics 4
We use the web analytics service Google Analytics from Google Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
Data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities, and to provide other services related to website use and internet use to the website operator.
This may include the collection of the following information: IP address, date and time of page view, click path, information about the browser and device you are using, visited pages, referrer URL (website from which you accessed our website), location data, purchase activities. The IP address transmitted by your browser within Google Analytics will not be merged with other data from Google.
Google uses technologies such as cookies, browser web storage, and tracking pixels that enable an analysis of your use of the website.
The information generated thereby about your use of this website is usually transmitted to a Google server in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks. Both Google and US government authorities have access to your data. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google has about you.
When using Google Analytics 4, the IP address transmitted from your website is automatically collected and processed in an anonymized form. The IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.

Use of etracker
We use technologies from etracker GmbH (Erste Brunnenstraße 1, 20459 Hamburg, "etracker") on our website.
Data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is collected and stored. Cookies may be used for this purpose, which enable recognition of the internet browser. Among other things, the following information may be collected: IP address, information about the browser you are using and the operating system you are using, date and time of visit, time zone, referrer URL (website from which you accessed our website). Usage profiles can be created from this data under a pseudonym. The data collected with etracker technologies will not be used to personally identify the visitor to this website and will not be merged with personal data about the bearer of the pseudonym without the separately given consent of the data subject.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information on the function and data protection at etracker can be found here.

Use of Facebook Pixel
We use the remarketing function "Custom Audiences" from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland "Facebook") on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which specifies the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. According to this, we are particularly responsible for fulfilling the information obligations according to Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling data subject rights in accordance with Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection affects Meta Platforms Ireland's obligations under the joint processing agreement.
The application serves the purpose of targeting website visitors with interest-based advertising on the social network Facebook. For this purpose, Facebook's remarketing tag has been implemented on the website. Through this tag, a direct connection to the Facebook servers is established when the website is visited. This transmits to the Facebook server which of our pages you have visited. Facebook assigns this information to your personal Facebook user account. If you visit the social network Facebook, personalized, interest-based Facebook ads will then be displayed to you. Your data may be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information on the collection and use of data by Facebook, on your rights in this regard, and on ways to protect your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/.

Use of Google Ads Conversion Tracking
We use the online advertising program "Google Ads" and, within this framework, conversion tracking (visitor action evaluation) on our website. Google Conversion Tracking is an analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad served by Google, a conversion tracking cookie is placed on your computer. These cookies have a limited validity, do not contain any personal data, and therefore do not serve for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. Therefore, it is not possible for cookies to be tracked across the websites of Ads customers.
The information collected using the conversion cookie serves the purpose of generating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that allows us to personally identify users.
Your data may be transmitted to Google LLC servers in the USA. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adscontrollerterms/.

The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information and Google's privacy policy can be found at: https://www.google.de/policies/privacy/

Use of the remarketing or "similar audiences" function of Google Inc.
We use the remarketing or "similar audiences" function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The application serves the purpose of analyzing visitor behavior and visitor interests. To carry out the analysis of website usage, which forms the basis for creating interest-based advertisements, Google uses cookies. The cookies record visits to the website and anonymized data about the use of the website. No personal data of website visitors is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously viewed product and information areas.
Your data may be transmitted to Google LLC servers in the USA. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information on Google Remarketing and the associated privacy policy can be found at: https://www.google.com/privacy/ads/

Use of Microsoft Advertising
We use Microsoft Advertising from Microsoft Corporation (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; "Microsoft") on our website.
Data processing serves marketing and advertising purposes and the purpose of measuring the success of advertising measures (conversion tracking). We learn the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag. However, personal identification of these users is not possible. Microsoft Advertising uses technologies such as cookies and tracking pixels that enable an analysis of your use of the website. When you click on an ad served by Microsoft Advertising, a conversion tracking cookie is placed on your computer. This cookie has a limited validity and does not serve for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Microsoft and we can recognize that you clicked on the ad and were redirected to this page. Among other things, the following information may be collected: IP address, identifiers (markers) assigned by Microsoft, information about the browser and device you are using, referrer URL (website from which you accessed our website), URL of our website.
Your data may be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information on data protection and the cookies used by Microsoft Bing can be found here.

Plug-ins and Other

Use of Google Tag Manager
We use Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript and HTML tags used to implement tracking and analysis tools, among others. Data processing serves the purpose of tailoring and optimizing our website.
The Google Tag Manager itself does not store cookies and does not process personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.

Use of Social Plug-ins
We use social network plug-ins on our website. The integration of social plug-ins and the data processing that takes place as a result serves the purpose of optimizing advertising for our products.
When social plug-ins are integrated, a connection is established between your computer and the servers of the social network providers, and the plug-in is then displayed on the page by notifying your browser, provided you have expressly consented to this. Both your IP address and the information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered or logged in to the social network. Transmission also takes place for unregistered or logged-out users. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be assigned to your corresponding profiles. When using the plug-in functions (e.g., by clicking the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
The social networks listed below are integrated into our website via social plug-ins. Further information on the scope and purpose of data collection and use, as well as on your rights in this regard and options for protecting your privacy, can be found in the linked privacy policies of the providers.

Facebook from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which specifies the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. According to this, we are particularly responsible for fulfilling the information obligations according to Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling data subject rights in accordance with Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a breach of personal data protection affects Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
Further information on the collection and use of data by Facebook, on your rights in this regard, and on ways to protect your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/.

Instagram from Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de.

Use of GoogleMaps
We use the function for embedding GoogleMaps maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google") on our website.
The function enables the visual display of geographical information and interactive maps. When pages with embedded GoogleMaps maps are accessed, Google also collects, processes, and uses data from website visitors.
Your data may also be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information on the collection and use of data by Google can be found in Google's privacy policy at https://www.google.com/privacypolicy.html. There you also have the option to change your settings in the privacy center so that you can manage and protect your data processed by Google.

Use of Vimeo
We use plug-ins from Vimeo Inc. (555 West 18th Street New York, New York 10011, USA; “Vimeo”) on our website for embedding videos from the "Vimeo" portal.
When you access pages of our website that contain such a plug-in, a connection is established to the Vimeo servers and the plug-in is displayed on the page by notifying your browser. This transmits your IP address and information about which of our pages you have visited to the Vimeo servers.
If you are logged in to Vimeo, Vimeo assigns this information to your personal user account. When you use the plug-in functions (e.g., by starting a video by pressing the corresponding button), this information is also assigned to your Vimeo account.
Your data may be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. Data transmission is carried out, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de.
The use of cookies or similar technologies is based on your consent pursuant to § 25 Para. 1 S. 1 TTDSG in conjunction with Art. 6 Para. 1 lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on the consent until withdrawal.
Further information on the purpose and scope of the collection, further use and processing of data by Vimeo, as well as your rights in this regard and options for protecting your privacy, can be found in Vimeo's privacy policy: https://vimeo.com/privacy

Data Subject Rights and Storage Period

Storage Duration
After complete contract processing, the data will initially be stored for the duration of the warranty period, then taking into account statutory, in particular tax and commercial law, retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.

Eye-Able

Eye-Able® is a software from Web Inclusion GmbH to ensure barrier-reduced access to information on the Internet for all people. The necessary files such as JavaScript, stylesheets, and images are loaded from an external server for this purpose. When functions are activated, Eye-Able® uses the browser's local storage to save the settings. All settings are only saved locally and are not transmitted further. To ward off attacks and provide our service in near real-time, Eye-Able® uses the Content Delivery Network (CDN) from BunnyWay d.o.o. (Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia). The use serves the purpose of fulfilling the contract with our customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 Para. 1 lit. f GDPR). All transmitted data and servers remain in the EU at all times to enable data protection-compliant processing according to GDPR. Web Inclusion GmbH does not collect or analyze personal user behavior or other personal data at any time. To ensure data protection-compliant processing, Web Inclusion GmbH has concluded data processing agreements with our host BunnyWay. Further information can be found in the privacy policies:
https://eye-able.com/de/datenschutz-eye-able/
https://bunny.net/privacy/

Rights of the Data Subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, you have a right to object to processing based on Art. 6 Para. 1 f GDPR, and to processing for the purpose of direct marketing, in accordance with Art. 21 Para. 1 GDPR.

Right to Lodge a Complaint with the Supervisory Authority
According to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.

You can lodge a complaint, among others, with the supervisory authority responsible for us, which you can reach at the following contact details:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Postfach 20 04 44
40102 Düsseldorf
Tel.: +49 211 384240
Fax: +49 211 38424999
Email: poststelle@ldi.nrw.de

Right to Object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR, you have the right to object to these processing operations at any time with effect for the future, for reasons arising from your particular situation.
After a successful objection, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.

If personal data processing is carried out for direct marketing purposes, you can object to this processing at any time by notifying us. After a successful objection, we will stop processing the data concerned for direct marketing purposes.

Last updated: 29.11.2022