Privacy policy

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It is only used for the administration and playout of the tools integrated via it. However, the Google Tag Manager records your IP address, which may also be transferred to Google's parent company in the United States.

The use of the Google Tag Manager is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on its website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Hotjar

This website uses Hotjar. The provider is Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool used to analyze your user behavior on this website. Hotjar allows us to record your mouse movements, scrolling movements and clicks, among other things. Hotjar can also determine how long you have remained with the mouse pointer on a certain place. From this information, Hotjar creates so-called heat maps, which can be used to determine which website areas are viewed preferentially by the website visitor.

Furthermore, we can determine how long you stayed on a page and when you left it. We can also determine at which point you abandoned your input in a contact form (so-called conversion funnels).

In addition, Hotjar can be used to obtain direct feedback from website visitors. This function serves to improve the website operator's web offerings.

Hotjar uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or use of device fingerprinting).

Insofar as consent has been obtained, the use of the aforementioned service is based exclusively on Art. 6 Para. 1 lit. a DSGVO and § 25 TTDSG. The consent can be revoked at any time. If no consent has been obtained, the use of this service is based on Art. 6 para. 1 lit. f DSGVO; the website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offering and its advertising.

Deactivating Hotjar
If you wish to deactivate the data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/policies/do-not-track/

Please note that disabling Hotjar must be done separately for each browser or device.

For more information about Hotjar and the data it collects, please see Hotjar's privacy policy at the following link: https://www.hotjar.com/privacy

Order processing
We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO.

Bing Ads and Conversion Tracking

The website operator uses Bing Ald. Bing Ads is an online advertising program of Microsoft Corporation, One Microsoft Way, 98052 Redmond/WA, United States ("Microsoft")...
Bing Ald allows us to show advertisements in search engines or on third-party websites when the user enters certain search terms on Bing (keyword targeting). Furthermore, targeted advertisements can be placed on the basis of user data available at Bing (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analysing, for example, which search terms have led to the display of our advertisements and how many advertisements have resulted in corresponding clicks.
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE.

When you visit this website, a direct connection is established between your browser and the Facebook server via the plugin. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of this website on your Facebook profile. This allows Facebook to associate your visit to this website with your user* account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation.

If you do not want Facebook to be able to associate your visit to this website with your Facebook user account, please object to this consent in the cookie settings.

The use of Facebook plugins is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media. Insofar as a corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum.

According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php

Instagram plugin

On this website, functions of the service Instagram are integrated. These functions are offered by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland integrated.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook or Instagram. The processing by Facebook or Instagram that takes place after the forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook or Instagram tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of the Facebook or Instagram products. You can assert data subject rights (e.g., requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.

For more information, please see Instagram's privacy policy: https://instagram.com/about/legal/privacy/.

Pinterest plugin

On this website, we use social plugins from the social network Pinterest, which is operated by Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

When you call up a page that contains such a plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transmits log data to the Pinterest server in the USA. This log data may contain your IP address, the address of the visited websites that also contain Pinterest functions, type and settings of the browser, date and time of the request, your usage of Pinterest as well as cookies.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media. If a corresponding consent has been requested, the processing is based exclusively on Art. 6 (1) a DSGVO; the consent can be revoked at any time.

Further information on the purpose, scope and further processing and use of the data by Pinterest, as well as your rights in this regard and options for protecting your privacy, can be found in Pinterest's privacy policy: https://policy.pinterest.com/de/privacy-policy.

7. newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter we use newsletter service providers, which are described below.

Klaviyo

The newsletter is sent via "Klaviyo", 225 Franklin St, Boston, MA 02110, USA.

You can view the privacy policy of the dispatch service provider here: [https://www.klaviyo.com/privacy].

Legal basis

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://www.klaviyo.com/legal/dpa.

Storage period

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Newsletter - performance measurement

The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or if we use a shipping service provider, from their server. In the course of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval are collected.

This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times. The statistical surveys also include the determination of whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor, if used, that of the dispatch service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

A separate revocation of the performance measurement is unfortunately not possible, in this case the entire newsletter subscription must be cancelled.

8. plugins and tools

We have listed all plugins and tools in our content management. Here you can also give or revoke your consent for individual services. [https://ooia.de/?cmpscreencustom]

In addition, we still use the following third-party services on our website.

Vimeo

This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages equipped with a Vimeo video, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.

Vimeo uses cookies or comparable recognition technologies (e.g. device fingerprinting) to recognize website visitors.

The use of Vimeo is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. Insofar as a corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on "legitimate business interests". Details can be found here: https://vimeo.com/privacy.

For more information on how Vimeo handles user*in data, please see Vimeo's privacy policy at: https://vimeo.com/privacy.

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google's servers. This enables Google to know that this website has been accessed via your IP address. The use of Google WebFonts is based on Art. 6 para. 1 lit. f DSGVO. The website operator* has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent was requested (e.g. consent to store cookies), the processing is based exclusively on Art. 6 (1) a DSGVO; the consent can be revoked at any time.

If your browser does not support web fonts, a standard font from your computer will be used.

For more information on Google Web Fonts, please visit https://developers.google.com/fonts/faq and see Google's privacy policy: https://policies.google.com/privacy?hl=de.

Adobe Fonts

This website uses web fonts from Adobe for the uniform display of certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).

When you access this website, your browser loads the required fonts directly from Adobe so that they can be displayed correctly on your terminal device. In doing so, your browser establishes a connection to Adobe's servers in the USA. This enables Adobe to know that your IP address has been used to access this website. According to Adobe, no cookies are stored when providing the fonts.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator* has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent was requested (e.g. consent to store cookies), the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.adobe.com/de/privacy/eudatatransfers.html.

For more information on Adobe Fonts, please visit: https://www.adobe.com/de/privacy/policies/adobe-fonts.html.

Adobe's privacy policy can be found at: https://www.adobe.com/de/privacy/policy.html

WhatsApp

You can use WhatsApp to contact us and start a conversation. We are the controller within the meaning of Art. 4 No. 7 DSGVO for subsequent data processing in connection with WhatsApp. For offering and using WhatsApp, we use the software solution of Charles GmbH, Gartensstr. 86-87, 10115 Berlin, under a contract processing agreement. Charles stores all personal data in the EU. As an official WhatsApp partner, Charles uses the WhatsApp Business API with the consequence that no other third parties or WhatsApp gain access to your communication content in the area of our responsibility.

Your use of WhatsApp is solely subject to the agreements you have with WhatsApp. According to the terms of use of WhatsApp, we have your phone number and username through your contact. We use this and other information provided by you for customer service, marketing and order communication. The legal basis here is your consent to contact you in accordance with Art. 6 (1) (a) DSGVO. In addition, we will send you newsletters via WhatsApp if you have given us your consent to do so. Furthermore, you have the option to use WhatsApp to compile your shopping cart. In this case, the data processing is based on Art. 6 (1) (b) DSGVO.

You can revoke an already granted consent at any time with effect for the future. According to the DSGVO, you also have the right to information, correction, portability and deletion of your personal data, as well as the right to restrict or object to certain processing. You also have the right to complain to the supervisory authority responsible for you.

For further information, please refer to the following data protection provisions:

Charles GmbH:www.hello-charles.com/privacy-policy

WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland:https://www.whatsapp.com/legal/privacy-policy-eea

9. Online marketing and affiliate programs

Affiliate programs on this website

The Shoutout tool is used for influencer marketing. It tracks sales generated by influencers using discount codes. In order to be able to allocate and pay out generated commissions, Shoutout processes the first and last name as well as order numbers of customers. The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the correct calculation of the affiliate remuneration. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent can be revoked at any time.

We participate in the following affiliate program:
Custom Software Australia Pty Ltd - shoutout.global
Level 33, MLC Centre, 19 Martin Place
Sydney, NSW 2000, AU
Privacy Policy: https://www.shoutout.global/privacy-policy.html

Linkster:
Use of cookies
We use the tracking technology of Linkster GmbH, Colonnaden 5, 20354 Hamburg, Germany, on this site to measure and visualize insights into partnerships and advertising channels. This is a function to measure the efficiency of the corresponding advertising measures. Furthermore, the information enables us to assign advertising successes for billing purposes with corresponding advertising partners. When you click on an advertising integration, cookies are set in your browser, which are read in the event of a transaction. At each touch point, your browser sends an HTTP request to Linkster's server, with which certain information is transmitted. This information includes the URL of the website on which advertising material is placed (referrer URL), the browser identifier (user agent) of your terminal device (including information about the device type and operating system), the IP address of the terminal device (this IP address is anonymized and hashed by us before storage), HTTP header (data package automatically transmitted by your browser with various technical information), the time of the request and, if already stored on the terminal device before, the cookie with its content.
A cookie is a small data packet that is exchanged between your browser and the server. Information relevant to the web application can be stored and transmitted in this data packet, e.g. the contents of a virtual shopping cart.
The tracking technology stores cookies on your terminal device to document actions. A 24-digit, anonymous ID is stored in the cookie. Linked to this ID, the data is stored in encrypted form in our database on the server.
This contains information about the last touch points (i.e. when a particular advertising medium was displayed or clicked on by an end device). If necessary, the stored touch points can be combined to form a sequence chain (user journey).
In the case of a promotion request, the order number and the shopping cart value of your order are usually also transmitted and stored by us. In addition, the following values may be transmitted and stored: Your customer number, new customer characteristic, your age and gender as well as the information provided by you in a customer survey.
The cookies stored by Linkster GmbH are deleted after 30 days at the latest. The information transmitted to us and the cookies serve the sole purpose of a correct allocation of the success of an advertising medium and the corresponding billing and is justified with our legitimate interests according to Art. 6 para. 1 p. 1 lit. f DSGVO. 

10. ECommerce and payment provider

Processing of data (customer and contract data)

We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill the user.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Data transfer upon conclusion of the contract for online stores, dealers and shipment of goods
If you order goods from us, we will pass on your personal data to the transport company entrusted with the delivery and to the payment service provider entrusted with the payment processing. Only such data will be disclosed that the respective service provider needs to fulfill its task. The legal basis for this is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. If you have given your consent in accordance with Art. 6 (1) (a) DSGVO, we will pass your email address to the transport company entrusted with the delivery so that they can inform you by email about the shipping status of your order; you can revoke your consent at any time.
Users can create a user account. As part of the registration process, the required mandatory information is provided to the user and processed on the basis of Art. 6 (1) (b) DSGVO for the purpose of providing the user account. The processed data includes in particular the login information (name, password and an email address). The data entered during registration is used for the purposes of using the user account and its purpose.
Users may be informed by email about information relevant to their user account, such as technical changes. If users have terminated their user account, their data relating to the user account will be deleted, subject to any legal obligation to retain it. It is the responsibility of the users to save their data before the end of the contract in the event of termination. We are entitled to irretrievably delete all user data stored during the term of the contract.
Within the scope of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user's protection against misuse and other unauthorized use. In principle, this data is not passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c. DSGVO. The IP addresses are anonymized or deleted after 7 days at the latest.


Payment services
We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, account details, credit card number) is processed by payment service providers for the purpose of payment processing. For these transactions, the respective contract and data protection provisions of the respective providers apply. The use of payment service providers is based on Art. 6 para. 1 lit. b DSGVO (contract processing) and in the interest of a smooth, convenient and secure payment process (Art. 6 para. 1 lit. f DSGVO). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a DSGVO is the legal basis for data processing; consents can be revoked at any time for the future.
We use the following payment services / payment service providers within the scope of this website:
PayPal
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
For details, see PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Klarna
Provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). Klarna offers various payment options (e.g. installment purchase). If you choose to pay with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. Klarna uses cookies to optimize the use of the Klarna checkout solution. For details on the use of Klarna cookies, please refer to the following link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.
For details, please refer to Klarna's privacy policy at the following link: https://www.klarna.com/de/datenschutz/.
American Express
The provider of this payment service is American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany (hereinafter "American Express").
American Express may transfer data to its parent company in the USA. The data transfer to the USA is based on the Binding Corporate Rules. Details can be found here: https://www.americanexpress.com/en-pl/company/legal/privacy-centre/european-implementing-principles/.
For more information, please see the American Express privacy policy: https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html.
Mastercard
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter "Mastercard").
Mastercard may transfer data to its parent company in the USA. The data transfer to the USA is based on Mastercard's Binding Corporate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
Maestro
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter "Mastercard").
Maestro may transfer data to its parent company in the USA. The data transfer to the USA is based on Mastercard's Binding Corporate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
VISA
The provider of this payment service is Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter "VISA").
The United Kingdom is considered a secure third country under data protection law. This means that the United Kingdom has a level of data protection equivalent to the level of data protection in the European Union.
VISA may transfer data to its parent company in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.
For more information, see VISA's privacy policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
Bancontact
Provider of this payment service is Bancontact Payconiq Company NV/SA , Rue d'Arlon 82, 1040-Brussels, Belgium.
Details can be found here: https://www.bancontactpayconiq.com/en/press
For more information, please see Bancontact's privacy policy: https://www.bancontact.com/files/privacy.pdf.
eps Bank Transfer
Provider of this payment service is PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna.
Details can be found here: https://eservice.psa.at/de/impressum.html
For further information, please refer to the privacy policy of eps Überweisung: https://eservice.psa.at/de/datenschutzerklaerung.html.
iDEAL
The provider of this payment service is i-Deal Corp Limited, 7 St. John's Road, Harrow, Middlesex, HA1 2EY, United Kingdom.
The United Kingdom is considered a secure third country under data protection law. This means that the United Kingdom has a level of data protection that is equivalent to the level of data protection in the European Union.
Details can be found here: https://www.i-dealcorp.com/.
For more information, see iDeal's privacy policy: https://www.i-dealcorp.com/.
Apple Pay
Provider of this payment service is Apple Payments Inc, belonging to Apple Inc, One Apple Park Way, Cupertino, CA 95014, USA.
Details can be found here: https://www.apple.com/legal/applepayments/direct-payments/.
For more information, see the Apple pay privacy policy: https://www.apple.com/legal/privacy/.

11. Handling of applicants' data

We offer you the opportunity to apply to us (e.g. by email or post). In the following, we inform you about the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.
Scope and purpose of data collection
When you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) to the extent necessary to decide whether to establish an employment relationship. The legal basis for this is Section 26 BDSG under German law (initiation of an employment relationship), Article 6 (1) (b) DSGVO (general contract initiation) and - if you have given your consent - Article 6 (1) (a) DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons involved in processing your application.
If the application is successful, the data you submitted will be stored in our data processing systems on the basis of Section 26 of the German Federal Data Protection Act (BDSG) and Article 6 (1) lit. b DSGVO for the purpose of implementing the employment relationship.

Retention period of the data
If we are unable to make you a job offer, if you reject a job offer or if you withdraw your application, we reserve the right to retain the data you have provided for us on the basis of our legitimate interests (Art. 6 (1) (f) DSGVO) for up to 6 months from the end of the application process (rejection or withdrawal of the application). Subsequently, the data will be deleted and the physical application documents destroyed. This storage serves in particular as evidence in the event of a legal dispute. If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies.
Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a DSGVO) or if legal storage obligations prevent deletion.

12. Own services

We maintain online presences within social networks and platforms in order to be able to communicate with customers, interested parties and users active there and to inform them about our services.
We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce the rights of users. With regard to US providers certified under the Privacy Shield, we point out that they thereby undertake to comply with the data protection standards of the EU.
Furthermore, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and resulting interests of the user. The usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the user. For these purposes, cookies are usually stored on the user's computer, in which the usage behavior and interests of the user are stored. Furthermore, data may also be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of users' personal data is based on our legitimate interests in providing users with effective information and communication with users pursuant to Art. 6 para. 1 lit. f. DSGVO. If the users are asked by the respective providers for consent to data processing (i.e. declare their consent, e.g. by ticking a checkbox or confirming a button), the legal basis of the processing is Art. 6 para. 1 lit. a., Art. 7 DSGVO.
For a detailed description of the respective processing and the opt-out options, please refer to the information of the providers linked below.
In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) - Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) - Privacy Policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) - Privacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/.
Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) - Privacy Policy/ Opt-Out: https://about.pinterest.com/de/privacy-policy.