Privacy Policy
1. Introduction
This website is operated by Juice Box Charging GmbH & Co. Kg. It is very important for us
to handle the data of our website visitors in a trustworthy manner and to protect them as best
as possible. For this reason, we make every effort to meet the requirements of the GDPR.
Below, we explain how we process your data on our website. We use clear and transparent
language so that you can truly understand what happens with your data.
2. General Information
2.1 Processing of Personal Data and Other Terms
Data protection applies to the processing of personal data. Personal data means all data
with which you can be personally identified. This includes, for example, the IP address of the
device (PC, laptop, smartphone, etc.) you are currently using. Such data is processed when
'anything happens with it'. Here, for example, the IP is transmitted from the browser to our
provider and automatically stored there. This is then a processing (according to Art. 4 No. 2
GDPR) of personal data (according to Art. 4 No. 1 GDPR). These and other legal definitions
can be found in Art. 4 GDPR.
2.2 Applicable Regulations / Laws - GDPR, BDSG, and TTDSG
The scope of data protection is regulated by laws. In this case, these are the GDPR
(General Data Protection Regulation) as a European regulation and the BDSG (Federal Data
Protection Act) as a national law. Additionally, the TTDSG complements the provisions of the
GDPR as far as the use of cookies is concerned.
2.3 The Responsible Party
The responsible party for data processing on this website is the controller in the sense of the
GDPR. This is the natural or legal person who alone or jointly with others determines the
purposes and means of processing personal data. You can reach the controller at:
Juice Box Charging GmbH & Co. Kg
Südliche Ringstraße 3
91126 Schwabach
2.4 How Data is Generally Processed on this Website
As we have already established, there are data (e.g., IP address) that are automatically
collected. These data are mainly required for the technical provision of the homepage.
Insofar as we use personal data beyond this or collect other data, we will inform you about
this or ask for consent. Other personal data are knowingly provided by you. Detailed
information on this can be found below.
2.5 Your Rights
The GDPR equips you with comprehensive rights. These include, for example, the right to
free information about the origin, recipient, and purpose of your stored personal data.
Additionally, you can request the correction, blocking, or deletion of this data or complain to
the competent data protection supervisory authority. You can revoke a granted consent at
any time. Details on these rights and how to exercise them can be found in the last section
of this privacy policy.
2.6 Data Protection – Our View
For us, data protection is more than just an annoying duty! Personal data has great value,
and careful handling of this data should be self-evident in our digitalized world. Additionally,
you as a website visitor should be able to decide for yourself what, when, and by whom
something happens with your data. Therefore, we commit to complying with all legal
provisions, only collecting the data necessary for us, and of course treating this data
confidentially.
2.7 Data Sharing and Deletion
The sharing and deletion of data are also important and sensitive topics. Therefore, we
would like to briefly inform you in advance about our general approach to this. Data is only
shared based on a legal basis and only when it is unavoidable. This can be the case, for
example, when it is a so-called processor and a processing contract has been concluded
according to Art. 28 GDPR. We delete your data when the purpose and the legal basis for
processing cease to exist and no other legal obligations prevent deletion. Art. 17 GDPR also
provides a good overview of this. Please refer to this privacy policy for all further information
and contact the controller with specific questions.
2.8 Hosting
This website is externally hosted. The personal data collected on this website is stored on
the servers of the hoster. This includes both the automatically collected and stored log files
(see below) as well as all other data provided by website visitors. External hosting is done
for the purpose of secure, fast, and reliable provision of our website and serves in this
context to fulfill contracts with our potential and existing customers. The legal basis for
processing is Art. 6 para. 1 lit. a, b, and f GDPR, as well as § 25 para. 1 TTDSG, insofar as
consent includes the storage of cookies or access to information in the end device of the
website visitor or user in the sense of the TTDSG. Our hoster processes only such data as is
necessary to fulfill its service obligations and acts as our processor, i.e., it is subject to our
instructions. We have concluded an appropriate processing contract with our hoster. We use
the following hoster: WiX, Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel.
support@wix.com https://de.wix.com/about/privacy.
2.9 Legal Bases
The processing of personal data always requires a legal basis. The GDPR provides the
following options in Art. 6 para. 1 sentence 1:
- (a) The data subject has given consent to the processing of their personal data for one or
more specific purposes;
- (b) Processing is necessary for the performance of a contract to which the data subject is a
party or to take steps at the request of the data subject prior to entering into a contract;
- (c) Processing is necessary for compliance with a legal obligation to which the controller is
subject;
- (d) Processing is necessary to protect the vital interests of the data subject or another
natural person;
- (e) Processing is necessary for the performance of a task carried out in the public interest
or in the exercise of official authority vested in the controller;
- (f) Processing is necessary for the purposes of the legitimate interests pursued by the
controller or by a third party, except where such interests are overridden by the interests or
fundamental rights and freedoms of the data subject which require protection of personal
data, particularly where the data subject is a child. In the following sections, we will provide
you with the specific legal basis for each processing activity.
3. What Happens on Our Website
By visiting our website, we process personal data from you. To protect this data as best as
possible against unauthorized access by third parties, we use SSL or TLS encryption. You
can recognize this encrypted connection by the fact that "https://" or a lock symbol is
displayed in the address bar of your browser. Below you will learn which data is collected
when visiting our website, for what purpose this is done, and on what legal basis.
3.1 Data Collection When Visiting the Website
When the website is called up, information is automatically stored in so-called server log
files. This information includes:
- Browser type and version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data are temporarily required to ensure the permanent and trouble-free display of our
website. In particular, these data serve the following purposes:
- System security of the website
- System stability of the website
- Troubleshooting on the website
- Establishing a connection to the website
- Displaying the website
The data processing is carried out according to Art. 6 para. 1 lit. f GDPR and is based on our
legitimate interest in processing this data, especially in the interest of the functionality of the
website and its security. These data are stored pseudonymized as much as possible and
deleted after the respective purpose has been achieved. If the server log files enable the
identification of the data subject, the data will be stored for a maximum of 14 days. An
exception exists if a security-relevant incident occurs. In this case, the server log files are
stored until the security-relevant incident is resolved and fully clarified. There is no merging
with other data.
3.2 Cookies
3.2.1 General
This website uses so-called cookies. These are data sets, information stored in the browser
of your end device that are related to our website. By setting cookies, the navigation of the
website can be made easier for the visitor.
3.2.2 Rejecting Cookies
The setting of cookies can be prevented by adjusting the settings of your browser. Here you
will find the corresponding links to commonly used browsers:
- Mozilla Firefox:
https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=
Cookies+l%C3%B6schen&redirectlocale=de
- Google Chrome:
https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de
- Microsoft Edge:
https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-16
8dab11-0753-043d-7c16-ede5947fc64d
- Safari: https://support.apple.com/de-de/guide/mdm/mdmf7d5714d4/web and
https://support.apple.com/de-de/guide/safari/sfri11471/mac
If you use another browser, it is recommended to enter the name of your browser and 'delete
and manage cookies' into a search engine and follow the official link to your browser.
Alternatively, you can manage your cookie settings at www.aboutads.info/choices/ or
www.youronlinechoices.com. However, we must point out that
a comprehensive blocking/deletion of cookies can lead to impairments when using the
website.
3.2.3 Technically Necessary Cookies
We use technically necessary cookies on this website so that our website functions correctly
and according to applicable laws. They help to make the website user-friendly. Some
functions of our website cannot be displayed without the use of cookies. The legal basis for
this is, depending on the individual case, Art. 6 para. 1 lit. b, c, and/or f GDPR.
3.2.4 Technically Unnecessary Cookies
In addition, we use cookies on our website that are not technically necessary. These cookies
serve, among other things, to analyze the surfing behavior of the website visitor or to offer
functions of the website that are not technically necessary. The legal basis for this is your
consent according to Art. 6 para. 1 lit. a GDPR. Technically unnecessary cookies are only
set with your consent, which you can revoke at any time in the cookie consent tool.
3.3 Data Processing by User Input
3.3.1 Own Data Collection
We offer the following (service) services on our website: Offer creation, appointment
scheduling. To do this, we collect the following data: Name, email address. The legal basis
for this data processing is Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the
respective purpose is no longer applicable and it is legally permissible.
3.3.2 Contacting
- **Email:** When you contact us by email, we process your email address and, if applicable,
other data contained in the email. These are stored on the mail server and partially on the
respective end devices. Depending on the concern, the legal basis for this is regularly Art. 6
para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the
respective purpose is no longer applicable and it is legally permissible.
- **Telephone:** When you contact us by telephone, the call data can be pseudonymized on
the respective end device and by the telecommunications provider used. The personal data
collected during the telephone call is only processed to handle your request. Depending on
the concern, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b
GDPR. The data will be deleted as soon as the respective purpose is no longer applicable
and it is legally permissible.
- **Contact Form:** We offer a contact form. This serves to contact our company. In this
form, we usually process your first and last name, your telephone number, your email
address, a postal address, and the content of the message. The data is stored on our web
server and internally forwarded to the respective email addresses. The legal basis for data
processing is Art. 6 para. 1 lit. f GDPR as we have a legitimate interest in responding to your
request and providing an uncomplicated contact option. If the contact aims at concluding a
contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. We delete
these data no later than 3 months after receipt unless they are required for a resulting
contractual relationship. We integrate the contact form from Wix, Wix.com Ltd., Nemal St.
40, 6350671 Tel Aviv, Israel, https://de.wix.com/about/privacy on our website.
3.4 Website Builder System
3.4.1 Wix
To create our website, we use the service Wix. This is a service of Wix.com Ltd., Namal 40,
6350671 Tel Aviv, Israel. Wix is a website builder system that allows you to create HTML5
websites and mobile websites. It is an online platform based on the cloud principle. This
makes it very easy to integrate the functions into your own website. With this service, we can
design our website according to our wishes and meet our goal of user-friendliness. Wix uses
cookies. These cookies are only set with the visitor's consent and can be revoked at any
time. The legal basis for processing is Art. 6 para. 1 lit. a GDPR. Otherwise, the use of the
service is technically necessary for us to display our website. The legal basis for processing
is Art. 6 para. 1 lit. f GDPR. The data will be deleted as soon as they are no longer required
for the processing purposes. Further information: https://de.wix.com/about/privacy.
3.5 Analysis and Tracking Tools
3.5.1 Google Analytics
We use Google Analytics on this website. Google Analytics is a web analysis service. This
service is offered by Google Ireland Limited (“Google”), Gordon House, Barrow Street,
Dublin 4, Ireland. Google Analytics uses cookies to recognize the user and thus analyze the
usage behavior. These cookies are only set with consent. Consent can be revoked at any
time and managed in our cookie consent tool. The legal basis for processing is Art. 6 para. 1
lit. a GDPR and § 25 para. 1 TTDSG. The information collected here is usually transferred to
a Google server in the USA and stored there. On July 10, 2023, the European Commission
adopted an adequacy decision for the USA. Google LLC is certified under the EU-US
Privacy Framework. Since Google servers are located worldwide and data transfer to third
countries (e.g., Singapore) cannot be ruled out, the standard contractual clauses (SCC) of
the EU Commission apply. By using Google Analytics, IP anonymization applies. The IP
address of the respective user is shortened on servers within the EU (or the European
Economic Area) in such a way that tracing back to a natural person is no longer possible.
Furthermore, Google is obliged under the Google Ads Data Processing Terms to ensure
appropriate data protection and create an evaluation of website usage and website activity,
and provide services related to the use of the website. The Google Ads Data Processing
Terms apply to companies subject to the EU General Data Protection Regulation (GDPR) of
the European Economic Area (EEA), the California Consumer Privacy Act (CCPA), or similar
regulations. By using an additional browser plugin, it can be prevented that the collected
information (e.g., IP address) is sent to Google and used by Google. The plugin and further
information can be found at https://tools.google.com/dlpage/gaoptout?hl=de. Otherwise, the
storage duration depends on the type of processed data. Each customer can choose how
long Google Analytics data is stored before it is automatically deleted. The maximum
lifespan of a Google Analytics cookie is two years. Further information on data usage by
Google can also be found at https://support.google.com/analytics/answer/6004245?hl=de.
For all other inquiries, you can also contact support-deutschland@google.com.
3.5.2 Google Maps
We use Google Maps on this website. Google Maps is a web mapping service. This service
is offered by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4,
Ireland. When using Google Maps, the IP address is stored. This data is usually transferred
to a Google server in the USA and stored there. We have no control over this. Google may
use Google Fonts for a uniform representation. These fonts are loaded in the browser cache
of the website visitor. Google Maps uses cookies. These cookies are only set with
corresponding consent. Consent can be revoked at any time. The legal basis is Art. 6 para. 1
lit. a GDPR and § 25 para. 1 TTDSG, insofar as this consent includes access to information
on the user's end device or the storage of cookies within the meaning of the TTDSG. For
data transfer to the USA, the standard contractual clauses (SCC) of the EU Commission
apply. Further details: https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/https://policies.google.com/p
rivacy?hl=de.
3.5.3 Google Ads
We use Google Ads on this website. Google Ads is an online advertising program of Google
Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. The service
allows us to link advertisements in the Google search engine to specific keywords and to
place targeted ads based on existing user data. Cookies are used for conversion tracking.
The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG.
Consent can be revoked at any time. For data transfer to the USA, the standard contractual
clauses (SCC) of the EU Commission apply. Further details:
https://privacy.google.com/businesses/controllerterms/mccs/.
3.6 Social Media Plugins
3.6.1 Facebook
Elements of the social network Facebook are integrated on this website. This service is
offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. When
the social media element is activated, a direct connection is established between the website
visitor and the Facebook servers, and the IP address is transmitted to Facebook. If the
website visitor has a user account, the visit to this website can be assigned to the
corresponding user account. The legal basis for processing is Art. 6 para. 1 lit. a GDPR and
§ 25 para. 1 TTDSG. Consent can be revoked at any time. If personal data is collected and
transmitted to Meta via Facebook on this website, we and Meta Platforms Ireland Limited, 4
Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for data
processing according to Art. 26 GDPR. This joint responsibility is limited solely to the
collection and transmission of the data
to Facebook. There is an agreement on joint processing:
https://www.facebook.com/legal/controller_addendum. We are responsible for providing data
protection information when using the Facebook tool and ensuring the data
protection-compliant integration of the tool on the respective website. Facebook is
responsible for the data security of their products. This means that data subject rights
regarding data processed by Facebook must be asserted directly with Facebook. For data
transfer to the USA, the standard contractual clauses (SCC) of the EU Commission apply.
Further information:
https://www.facebook.com/legal/EU_data_transfer_addendumhttps://de-de.facebook.com/he
lp/566994660333381https://www.facebook.com/policy.phphttps://de-de.facebook.com/privac
y/explanation.
3.6.2 Twitter
Elements of the social network Twitter are integrated on this website. This service is offered
by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2,
D02AX07, Ireland. When the social media element is activated, a direct connection is
established between the website visitor and the Twitter servers, and the IP address is
transmitted to Twitter. If the website visitor has a user account, the visit to this website can
be assigned to the corresponding user account. The website operator does not gain
knowledge of the content of the transmitted data. The legal basis for processing is Art. 6
para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time. For data
transfer to the USA, the standard contractual clauses (SCC) of the EU Commission apply.
Further information:
https://twitter.com/de/privacyhttps://gdpr.twitter.com/en/controller-to-controller-transfers.html.
3.6.3 Instagram
Elements of the social network Instagram are integrated on this website. This service is
offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour,
Dublin 2, Ireland. When the social media element is activated, a direct connection is
established between the website visitor and the Instagram servers, and the IP address is
transmitted to Instagram. If the website visitor has a user account, the visit to this website
can be assigned to the corresponding user account. The website operator does not gain
knowledge of the content of the transmitted data. The legal basis for processing is Art. 6
para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time. If
personal data is collected and transmitted to Meta via Facebook or Instagram on this
website, the website operator and Meta Platforms Ireland Limited, 4 Grand Canal Square,
Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for data processing according
to Art. 26 GDPR. This joint responsibility is limited solely to the collection and transmission of
the data to Facebook or Instagram. There is an agreement on joint processing:
https://www.facebook.com/legal/controller_addendum. The website operator is responsible
for providing data protection information when using the Instagram tool and ensuring the
data protection-compliant integration of the tool on the respective website. Facebook or
Instagram is responsible for the data security of their products. This means that data subject
rights regarding data processed by Facebook or Instagram must be asserted directly with
Facebook or Instagram. For data transfer to the USA, the standard contractual clauses
(SCC) of the EU Commission apply. Further information:
https://www.facebook.com/legal/EU_data_transfer_addendumhttps://de-de.facebook.com/he
lp/566994660333381https://www.facebook.com/policy.phphttps://instagram.com/about/legal/
privacy/.
3.6.4 TikTok
Elements of the social network TikTok are integrated on this website. This service is offered
by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. When the
social media element is activated, a direct connection is established between the website
visitor and the TikTok servers, and the IP address is transmitted to TikTok. If the website
visitor has a user account, the visit to this website can be assigned to the corresponding
user account. The website operator does not gain knowledge of the content of the
transmitted data. The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1
TTDSG. Consent can be revoked at any time. For data transfer to the USA, the standard
contractual clauses (SCC) of the EU Commission apply. Further information:
https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE?tid=331689749201https://ads.tik
tok.com/i18n/official/policy/controller-to-controller.
3.6.5 Snapchat
https://www.snapchat.com/
3.7 Social Media Profiles
In addition to our website, we are also present on social networks with our company. Here
we want to present our company and provide the opportunity to contact us. We also use the
opportunity to place advertisements and job offers on social media. Below we inform you
about which data we and the respective social network process when visiting and interacting
with our profile.
3.8 Facebook
We operate a Facebook fan page at https://www.facebook.com/. This social network is
operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour,
Dublin 2, Ireland.
3.8.1 Interaction with Our Company Profile
When visiting our Facebook profile and interacting with us through it, we process personal
data. On the one hand, the publicly available data on the profile. On the other hand, the
personal data contained in posts, comments, or direct messages to us. Through interactions
such as liking or sharing, we can see the user profile with the public information. The legal
basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide
relevant and interesting content and to enable the use and functionality of our Facebook
profile. If a request is related to the fulfillment of a contract or is necessary for
pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.
3.8.2 Page Insights
As explained in the Meta Privacy Policy under "How do we use your information?", Meta
collects and uses information to provide analytics services called Page Insights for page
operators. This also applies to our Facebook page. Page Insights are aggregated statistics
created based on certain interactions of visitors with pages and their associated content
(e.g., viewing a page or a video, subscribing to a page, liking or unliking a page, etc.) and
recorded by Meta servers. Meta provides us with aggregated statistics and insights in
connection with Page Insights that give us insight into how people interact with our business
page. We do not have access to personal data, only to aggregated Page Insights. Using
Page Insights, we can see anonymous statistics such as the reach of our account, page
views, likes, etc. These also include evaluations by age, gender, and location of users (as
specified in their respective Facebook profiles). For the evaluation of reach, we can set filters
regarding the selection of a period, viewing a specific post, and demographic groupings.
These data are anonymized. We cannot draw conclusions about specific individuals. The
processing of this data serves the purpose of analyzing our reach and adapting our content
and ads to the interests of users so that visitors can get the most benefit from it. Based on
these data evaluations, we can see how our content, our profile, and our advertising are
consumed. This allows us to create target group-specific content and place advertisements
to better market our company and our services. The processing is based on our legitimate
interest according to Art. 6 para. 1 sentence 1 lit. f GDPR. The processing of personal data
in the context of Page Insights is carried out under joint responsibility with Facebook
according to Art. 26 para. 1 GDPR. We have entered into an agreement with Facebook,
which can be viewed here:
https://www.facebook.com/legal/terms/page_controller_addendum. Facebook's contact
details are: Online contact: https://www.facebook.com/help/contact/1650115808681298
Postal: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4,
D04 X2K5, Ireland. For Facebook, you can contact the Data Protection Officer at the
following link: https://www.facebook.com/help/contact/540977946302970. Further
information about Page Insights: https://de-de.facebook.com/help/pages/insights.
3.8.3 Processing of Personal Data and Cookies by Meta
When accessing a Facebook page, the IP address assigned to your device is transmitted to
Facebook. According to Facebook, this IP address is anonymized (for "German" IP
addresses). Facebook also stores information about the devices of its users (e.g., within the
framework of the "login notifications" function); if necessary, Facebook can assign IP
addresses to individual users. If you are currently logged in to Facebook as a user, a cookie
with your Facebook ID is stored on your device. This allows Facebook to trace that you
visited this page and how you used it. Through embedded Facebook buttons on websites,
Facebook can track your visits to these websites and assign them to your Facebook profile.
Based on this data, content or advertisements can be tailored to you. Information on how to
manage or delete personal data can be found in Facebook's Privacy Center:
https://www.facebook.com/privacy/center/. Further information on how Facebook handles
data can be found here: http://de-de.facebook.com/about/privacy.
3.9 Instagram
We operate an Instagram profile. This social media platform is offered by Meta Platforms
Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
3.9.1 Interaction with Our Company Profile
When visiting our Instagram profile and interacting with us through it, we process personal
data. On the one hand, the publicly available data on the profile. On the other hand, the
personal data contained in
posts, comments, or direct messages to us. Through interactions such as liking or sharing,
we can see the user profile with the public information. The legal basis for this processing is
Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting
content and to enable the use and functionality of our Instagram profile. If a request is
related to the fulfillment of a contract or is necessary for pre-contractual measures, our
processing is based on Art. 6 para. 1 lit. b GDPR.
3.9.2 Insights
As explained in the Meta Privacy Policy under "How do we use your information?"
(https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirec
t), Meta collects and uses information to provide analytics services called Insights for page
operators. This also applies to our Instagram profile. Insights are aggregated statistics
created based on certain interactions of visitors with pages and their associated content and
recorded by Meta servers. These include, among other things:
- How many people see our products, services, or content, such as posts, videos, Facebook
pages, ads, shops, and ads (when the advertising is shown on Meta products) and interact
with them;
- How do people interact with our content, websites, apps, and services;
- Which group of people interacts with our content or uses our services.
Meta provides us with aggregated reports and insights that give us insight into how well our
content, features, products, and services are performing. We do not have access to personal
data, only to aggregated reports. For the evaluation of reach, we can set filters regarding the
selection of a period, viewing a specific post, and demographic groupings. These data are
anonymized. We cannot draw conclusions about specific individuals. The processing of this
data serves the purpose of analyzing our reach and adapting our content and ads to the
interests of users so that visitors can get the most benefit from it. Based on these data
evaluations, we can see how our content and our Instagram profile are consumed. This
allows us to create target group-specific content and place advertisements to better market
our company and our services. The processing is based on our legitimate interest according
to Art. 6 para. 1 sentence 1 lit. f GDPR. The processing of personal data in the context of
Insights is carried out under joint responsibility with Meta according to Art. 26 para. 1 GDPR.
We have entered into an agreement with Meta, which can be viewed here:
https://www.facebook.com/legal/terms/page_controller_addendum. Meta's contact details
are: Online contact: https://www.facebook.com/help/contact/1650115808681298 Postal:
Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04
X2K5, Ireland. For Facebook, you can contact the Data Protection Officer at the following
link: https://www.facebook.com/help/contact/540977946302970. Further information about
Insights: https://de-de.facebook.com/help/pages/insights. The complete privacy policy of
Instagram can be found here:
https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
.
3.9.3 Processing of Personal Data and Cookies by Meta
When accessing an Instagram page, the IP address assigned to your device is transmitted
to Meta. According to Meta, this IP address is anonymized (for "German" IP addresses).
Meta also stores information about the devices of its users (e.g., within the framework of the
"login notifications" function); if necessary, Meta can assign IP addresses to individual users.
If you are currently logged in to Instagram as a user, a cookie with your Instagram ID is
stored on your device. This allows Meta to trace that you visited this page and how you used
it. Through embedded Meta buttons on websites, Meta can track your visits to these
websites and assign them to your Instagram profile. Based on this data, content or
advertisements can be tailored to you. Further information:
https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
.
3.10 X (formerly Twitter)
We use the short message service "X" (formerly Twitter). This is a service of X Corp., 1355
Market Street, Suite 900, San Francisco, CA 94103, USA. The data controller for individuals
residing outside the United States is Twitter International Company, One Cumberland Place,
Fenian Street, Dublin 2, D02 AX07, Ireland.
3.10.1 Interactions with Our Account
Generally, we do not collect or process any data from you when using our short message
service. The data you enter on X, especially the username and content published under your
account, are processed by us based on your consent according to Art. 6 para. 1 lit. a GDPR,
provided your tweets are possibly retweeted, we respond to them, or tweets are written that
refer to your account. The data freely published and disseminated on X is thus included by
us and made accessible to our followers.
3.10.2 Data Processed by X
We have no control over the nature and extent of the data processed by X Corp., the type of
processing and use, or the disclosure of this data to third parties. When you use X, your
personal data is collected, transferred, stored, disclosed, and used by X Corp., and
regardless of your place of residence, it is transferred to and stored and used in the United
States, Ireland, and any other country where X Corp. does business. X processes all
voluntarily entered data, such as name and username, email address, telephone number, or
the contacts in the address book, as far as these have been uploaded or synchronized. X
also evaluates shared content to determine what topics the user is interested in. Confidential
messages sent directly to other users are processed and stored by X. X can determine the
user's location based on GPS data, information about wireless networks, or the IP address.
X also receives information about which content was viewed, even if the user has not
created an account. X processes so-called "log data". This includes the IP address, browser
type, operating system, information about the previously visited website, and the accessed
pages, location, mobile provider, the used end device (including device ID and application
ID), search terms used, and cookie information. As an external provider not based in
Europe, X Corp. considers itself not bound by German data protection regulations. This
includes, for example, the rights to information, blocking, or deletion of data or the possibility
of objecting to the use of usage data for advertising purposes. In the general settings of the
X account and under the "Privacy and Security" section, the processing of the data can be
restricted. Additionally, on mobile devices (smartphones, tablets), the access of X to contact
and calendar data, photos, location data, etc., can be restricted in the respective setting
options. This, however, depends on the used operating system. Further information can be
found here: https://help.twitter.com/de/safety-and-security/x-privacy-settings. Details on the
data processing by X can be found in the X privacy policy: https://twitter.com/de/privacy.
Additionally, information can be requested via the X data protection form or the archive
request: https://support.twitter.com/forms/privacy.
3.11 TikTok
We operate a TikTok channel. TikTok is provided by TikTok Technology Limited, 10 Earlsfort
Terrace, Dublin, D02 T380, Ireland ("TikTok Ireland"). Through our TikTok channel, we have
the opportunity to present ourselves to TikTok users and communicate with them.
3.11.1 Interactions with Our TikTok Channel
Users can interact with our TikTok channel through their TikTok account by, for example,
liking or commenting on our posts. We process the related data such as username and
profile picture. We use this data to optimize our content and its presentation to the respective
user interests. It is also possible to send us direct messages on our TikTok channel. Here
too, the username and profile picture are displayed. The legal basis for data processing is
Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in optimizing our TikTok channel and
the content published there. We also have a legitimate interest in communicating with users
to answer questions, address criticism, build a relationship, and exchange information. This
allows us to improve our services and respond to the needs of potential customers. Through
communication on TikTok, we especially reach younger customers. Comments are stored on
the channel indefinitely and can be viewed by other users. The same applies to the use of
the like function and direct messages.
3.11.2 TikTok Analytics
When accessing and using our TikTok channel, additional data is processed for TikTok
Analytics. These are aggregated statistics created based on certain interactions of visitors
with our TikTok channel by TikTok and recorded, providing insight into how our channel is
interacted with. These data include, but are not limited to:
- Follower growth
- Video views
- Profile views
- Likes, comments, and shares
- Average watch time
- Percentage of viewers who watch the entire video
- Traffic sources (e.g., profile, For You feed)
- Geographical distribution of the audience
- Activity times of followers
The data is provided to us in aggregated form as statistics. We do not have access to
personal data, only aggregated statistics. Further information on TikTok Analytics can be
found here:
https://www.tiktok.com/creators/creator-portal/en-us/tiktok-content-strategy/understanding-yo
ur-analytics/. The processing of this data serves exclusively to analyze and improve the
content on our TikTok channel. Based on these data evaluations, we can see how our
content and our TikTok channel are consumed. This allows us to create target group-specific
content and possibly place advertisements to better market our company and our services.
The
processing is based on our legitimate interest according to Art. 6 para. 1 sentence 1 lit. f
GDPR. The processing of personal data in the context of TikTok Analytics is carried out
under joint responsibility with TikTok according to Art. 26 para. 1 GDPR. We have entered
into an agreement with TikTok, which can be viewed here. TikTok's contact details are:
Online contact: https://privacytiktok.zendesk.com/hc/en-us/requests/new. Postal: TikTok
Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. Through this form, you
can contact TikTok's Data Protection Officer: https://www.tiktok.com/legal/report/DPO.
3.11.3 Processing of Personal Data by TikTok
When using TikTok's services, TikTok processes personal data of users. This includes data
such as your IP address, location data, time zone settings, advertising IDs, app and browser
versions, as well as data about the device (system, network type, device ID, screen
resolution, operating system, audio settings, and connected audio devices). The accessed
TikTok profiles and channels, likes, messages, and other usage data are also processed. If
you are logged in with your own TikTok account, this data will be linked to your account.
Further information on data processing by TikTok can be found here:
https://www.tiktok.com/legal/page/eea/privacy-policy/de.
3.12 Payment Services
3.12.1 Stripe
We use Stripe on this website. Stripe provides technology for the operation of online
payment systems. This service is offered by Stripe Payments Europe Limited, 1 Grand
Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. For the purpose of
payment processing, the payment data of the website visitor is processed by Stripe as soon
as a contractual relationship is established through this website. The respective contractual
and data protection provisions of Stripe apply to the respective transaction. Stripe also uses
cookies to collect data. These cookies are only set with your consent. Consent can be
revoked at any time. The legal basis for this is Art. 6 para. 1 lit. a GDPR. Otherwise, the legal
basis for processing by Stripe is Art. 6 para. 1 lit. b GDPR. The data is processed for the
purpose of fulfilling contractual obligations. We also have a legitimate interest in processing
this data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment
process. The data will be deleted as soon as it is no longer required for data processing.
Further details: https://stripe.com/de/privacy/.
3.12.2 PayPal
We use PayPal on our website. PayPal is a payment service provider. This service is offered
by PayPal (Europe) S.a.r.l. et Cie S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. For
the purpose of payment processing, the payment data of the website visitor is processed by
the payment service provider as soon as a purchase is made through this website. The
respective contractual and data protection provisions of the payment service provider apply
to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is
processed for the purpose of (pre-)contractual obligations. We also have a legitimate interest
in processing this data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable
payment process. For data transfer to the USA, the standard contractual clauses (SCC) of
the EU Commission apply. https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
3.12.3 Apple Pay
We use Apple Pay on this website. Apple Pay is a payment service provider. This service is
offered by Apple Inc., Infinite Loop, Cupertino, CA 95014, USA. For the purpose of payment
processing, the payment data of the website visitor is processed by the payment service
provider as soon as a purchase is made through this website. The respective contractual
and data protection provisions of the payment service provider apply to the respective
transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the
purpose of (pre-)contractual obligations. We also have a legitimate interest in processing this
data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.
Further details: https://www.apple.com/legal/privacy/de-ww/.
3.12.4 Google Pay
We use Google Pay on this website. Google Pay is a payment service provider. This service
is offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For
the purpose of payment processing, the payment data of the website visitor is processed by
the payment service provider as soon as a purchase is made through this website. The
respective contractual and data protection provisions of the payment service provider apply
to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is
processed for the purpose of (pre-)contractual obligations. We also have a legitimate interest
in processing this data in the sense of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable
payment process. Further details: https://policies.google.com/privacy.
3.13 CRM Systems
3.13.1 SmartWe
https://www.smartwe.de/
4. What Else is Important
In conclusion, we would like to inform you comprehensively and in detail about your rights
and let you know how you will be informed about changes in data protection requirements.
4.1 Your Rights in Detail
4.1.1 Right of Access According to Art. 15 GDPR
You can request information on whether personal data concerning you is being processed. If
so, you can request further information on the nature and manner of the processing. A
detailed list can be found in Art. 15 para. 1 lit. a to h GDPR.
4.1.2 Right to Rectification According to Art. 16 GDPR
This right includes the rectification of incorrect data and the completion of incomplete
personal data.
4.1.3 Right to Erasure According to Art. 17 GDPR
This so-called 'right to be forgotten' gives you the right, under certain conditions, to request
the deletion of personal data by the controller. This is generally the case when the purpose
of the data processing has ceased, when consent has been revoked, or when the initial
processing was carried out without a legal basis. A detailed list of reasons can be found in
Art. 17 para. 1 lit. a to f GDPR. This "right to be forgotten" also corresponds with the
controller's obligation under Art. 17 para. 2 GDPR to take reasonable steps to ensure the
general deletion of the data.
4.1.4 Right to Restriction of Processing According to Art. 18 GDPR
This right is subject to the conditions of Art. 18 para. 1 lit. a to d.
4.1.5 Right to Data Portability According to Art. 20 GDPR
This regulates the fundamental right to receive your data in a common form and to transfer it
to another controller. However, this only applies to data processed based on consent or
contract according to Art. 20 para. 1 lit. a and b and as far as this is technically feasible.
4.1.6 Right to Object According to Art. 21 GDPR
You can generally object to the processing of your personal data. This is particularly the case
if your interest in objecting outweighs the legitimate interest of the controller in processing,
and if the processing relates to direct advertising and/or profiling.
4.1.7 Right to "Individual Decision" According to Art. 22 GDPR
You have the right not to be subject to a decision based solely on automated processing
(including profiling) that has legal effects on you or similarly significantly affects you. This
right also finds restrictions and additions in Art. 22 para. 2 and 4 GDPR.
4.1.8 Other Rights
The GDPR includes comprehensive rights to inform third parties about whether or how you
have exercised rights under Art. 16, 17, 18 GDPR. However, this only applies as far as this
is also possible or can be carried out with reasonable effort. At this point, we would like to
remind you of your right to revoke a given consent according to Art. 7 para. 3 GDPR.
However, the legality of the processing carried out until then is not affected. We would also
like to point out your rights under §§ 32 ff. BDSG, which are largely identical to the rights
described above.
4.1.9 Right to Lodge a Complaint According to Art. 77 GDPR
You also have the right to lodge a complaint with a data protection supervisory authority if
you believe that the processing of personal data concerning you violates this regulation.
5. What If the GDPR is Abolished Tomorrow or Other Changes Occur?
The current status of this privacy policy is March 30, 2024. From time to time, it is necessary
to adjust the content of the privacy policy to respond to factual and legal changes. We
therefore reserve the right to change this privacy policy at any time. We will publish the
amended version in the same place and recommend that you regularly read the privacy
policy.