Privacy Statement

In the following we would like to inform you about the data protection on our website as well as about the type, scope and purpose of the personal data that are collected and processed. We would also like to inform you about your rights to which you are entitled. Data protection is very important to us.

Responsible for privacy protection/processing entity is

Daniela Rosenhammer, Stadtamhof 5, 93059 Regensburg, Telephone+49.941.2902994,
Telefax +49.941.2902995, info@redfries.com

Processing of your data in the context of the services we provide

With our customers or business partners, or in the event that you are interested in our services, the type, scope and purpose of the processing of your personal data are based on the contractual or pre-contractual relationships between us. We process personal data that we request from you or that you provide to us in order to answer your request, to make you an offer or to process your order. Affected persons are interested parties, business and contractual partners. The processing purpose is the processing of contractual services, communication, as well as answering contact inquiries and office and organizational procedures.

Unless otherwise stated in the further information in this data protection declaration, the processing of your data and its transfer to third parties is limited to the data required to answer your inquiries and / or to fulfill the contract, to safeguard our rights and to fulfill legal requirements.

Affected data are

- Inventory data (e.g. names, addresses)
- Payment data (e.g. bank details, invoices)
- Contact details (e.g. email address, telephone number, postal address)
- Contract data (e.g. subject of the contract, duration of the contract)

The legal basis for data processing is Art. 6 I 1 lit. b GDPR, the fulfillment of the contract or the fulfillment of pre-contractual inquiries.

We delete your personal data when we no longer need it, i.e. after the contractual relationship between us has ended, or after our legitimate interest in further processing of the data has ceased, or if you ask us to delete it. Mandatory statutory provisions - in particular statutory retention periods - remain unaffected. Likewise, to assert, exercise or defend legal claims from contractual relationships, or to protect the rights of another natural or legal person, it may be necessary to process your personal data until these deadlines have expired. We will then delete the personal data required for this after these deadlines have expired. However, until these deadlines have expired, we limit the processing of this data to these purposes.

Accessing the website - processing of personal data and the type and purpose of use

When you call up our website you transmit (due to a technical necessity) data to our web server via your Internet browser. The following data are processed in the server log files during an ongoing connection for the communication between your internet browser and our web server:

- Site, from where the file was requested-Referrer URL
- the name of the requested file
- the date and time of the request 
- a description of the type of web browser used/browser version and operating system
- IP address of the requesting computer
- access status (file transferred, file not found, etc.)
- Transmitted data volume                                               

For technical reasons (access to the website), this data is temporarily stored. It is not possible for us to draw any conclusions about individual persons based on this data. The IP addresses will be deleted or anonymized after 7 days at the latest.

The data is only evaluated for internal technical purposes and does not allow us to draw any conclusions about you personally. A comparison with other databases does not take place.

The data mentioned are processed for the following purposes:

- ensuring a proper and smooth connection to the website,
- ensuring comfortable use of the website,
- evaluation of system security and stability of the website
- for other administrative purposes.

The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. The legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally. You can visit the website without providing any personal information.

Cookies

We use cookies on our website. Cookies are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain any viruses, Trojans or other malware.

Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity. Cookies do not contain any personal data and can therefore not be directly assigned to any user.

The use of cookies serves to make the use of our offer more pleasant for you. We use technically necessary session cookies to recognize that you have already visited individual pages on our website. In addition, we continue to use temporary cookies in the web shop to optimize user-friendliness. If you visit our webshop again to use our services, it will automatically recognize that you have already visited us and which entries and settings you have made so that you do not have to re-enter them. Otherwise you would have to log in again for each visit. Session cookies are automatically deleted when you close your browser. The data processed by cookies are required for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

Furthermore, cookies can be used by third-party providers with your consent. The legal basis is then Art 6 I S 1 lit a GDPR - your consent. These cookies are automatically deleted after a defined period of time. You can check the duration of the storage in the overview in the cookie settings of your web browser. You can revoke your consent at any time. Further explanations of the cookies used, their purpose and storage duration can be found in our cookie policy. There you can also change and revoke your consent to the setting of cookies at any time.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. Each browser manages the cookie settings differently. How you can deactivate cookies or change settings is described in the help menu of your browser (see also technical information at the end of this data protection declaration).

We also use Flash cookies on our website. These are not recorded by your browser, but by your Flash plug-in. We also use HTML5 storage objects that are stored on your device. These objects save the required data regardless of the browser you are using and do not have an automatic expiry date. The transmission of Flash cookies cannot be prevented via the browser settings, but by changing the Flash Player settings at https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html. You can prevent the use of HTML5 storage objects by using the private mode in your browser. We also recommend that you regularly delete your cookies and browser history manually.

Cookiebot - Cookie Consent

A web service from Cybot A / S, Havnegade 39, 1058 Copenhagen, Denmark, www.cookiebot.com (hereinafter: Cookiebot) is used on our website as a cookie banner and consent tool. Cookiebot is a self-service cloud service from Cybot. This undertakes to guarantee companies worldwide conformity within the framework of the GDPR and to convey these changes to end customers in an easily understandable way. The software automatically creates a GDPR-compliant cookie notice for our website visitors. In addition, Cookiebot scans, controls and evaluates all cookies and tracking measures on our website. By using this function, your data will be sent to Cookiebot, stored and processed there (IP address - shortened by 3 digits; date and time of your consent; website URL; technical browser data; encrypted, anonymous key; cookies in which you have consented as proof).

The legal basis for the data processing is Art. 6 Para. 1 lit f GDPR, our legitimate interest in the error-free functioning of the website and storage of your consent to the setting of cookies and third-party tools according to Art 6 I S 1 lit a GDPR. All user data will be deleted by Cookiebot after 12 months from registration (cookie consent) or immediately after termination of the Cookiebot service. You can find more information about the transferred data in the privacy policy of Cookiebot at https://www.cookiebot.com/de/privacy-policy/ .

We can also use cookies to recognize that you have given consent to the setting of cookies or other settings for tracking and advertising measures. You can prevent the collection and processing of your data by Cookiebot by deactivating the execution of script code in your browser or by installing a script blocker in your browser.

Data processing through contact via email, fax or phone

If you contact us by email, fax or phone, your request, including all personal data resulting from it (e.g. name, request) will be stored and processed by me for the purpose of processing your request. The data will not be passed on without your consent. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing your data.

This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, if your request is related to the fulfillment of a contract or is necessary for a pre-contract. In all other cases, processing is based on your consent (Art. 6 Para. 1 S 1 lit a GDPR) and / or on legitimate interests (Art. 6 Para 1 S 1 lit f GDPR).

The data you send to me via contact requests will be stored by me until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - especially statutory retention periods - remain unaffected.

Newsletter

With your consent, you can subscribe to our newsletter, which we use to inform you about our current offers. We use the services of The Rocket Science Group, LLC "MailChimp" (675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA). The service provides the technical processing of the newsletter dispatch. MailChimp is aware of its responsibility towards the recipients of such messages. As far as you have given your consent, as follows, redfries uses the preferences collected on the basis of the pseudonymous user profile for the content and design of the newsletter and merges your email address with the user profile for the purpose of sending the personalized newsletter.

We only send our newsletter with advertising information (hereinafter referred to as “newsletter”) with the express consent of the recipient in accordance with Article 6, I S 1, lit a GDPR. The registration for our newsletter takes place in a so-called double opt-in procedure, i.e. after registering for our newsletter you will receive an email in which you will be asked to confirm your registration. This confirmation is necessary so that no third party can register with your email address.

The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes saving the time of registration and confirmation, as well as the IP address. To register for our newsletter, it is sufficient to provide your email address. Optionally, we ask you to provide your first and last name and your address. This information is voluntary and is only used to personalize the newsletter. You can also use a pseudonym.

Your email address will remain with us until you unsubscribe from our newsletter. You can unsubscribe from the newsletter at any time for the future by either clicking on the link at the end of each newsletter in the newsletter itself or on the "Unsubscribe newsletter" link on our website and following the steps described. We are interested in the use of a user-friendly and secure newsletter system that serves both our business interests and the expectations of users regarding information about our products. We would like to point out that you can revoke the future processing of your personal data at any time. Further information on your right of withdrawal can be found under the point "Rights of data subjects". We evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. For the evaluations, we link the web beacons with your email address and an individual ID. Links received in the newsletter also contain this ID. With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click in them and deduce your personal interests from this. We link this data with actions you have taken on our website in order to adapt our offer to your needs. The legal basis for this is Article 6, I S. 1 lit f GDPR.

You can object to this tracking at any time by clicking on the separate link provided in every email or by informing us via another contact channel. The information is stored for as long as you have subscribed to the newsletter. After you have unsubscribed, we will save the data anonymously and statistically. Such tracking is also not possible if you have deactivated the display of images by default in your e-mail program. In this case, the newsletter will not be displayed in full and you may not be able to use all functions. If you display the images manually, the tracking mentioned above takes place.

Email advertising and your right to object

If we have received your e-mail address in connection with the sale of a product or service and you have not objected, we reserve the right, on the basis of Section 7 III UWG, to regularly send you our offers for products similar to those already purchased by you via email. The legal basis arises from our legitimate interest in advertising to our customers and the processing of the data is permissible according to Art 6 I S1 lit f GDPR within the scope of a weighing of interests.

You can object to the use of your e-mail address at any time by sending us a message or via the corresponding link in the advertising e-mail. After the legal basis for data processing for advertising e-mails no longer exists, your e-mail address will be deleted, unless there are statutory retention requirements (e.g. tax or commercial retention requirements).

We would also like to point out that you can object to the future processing of your personal data in accordance with the legal requirements according to Art. 21 GDPR at any time. The objection can in particular be made against processing for direct marketing purposes.

Use of data when logging into the shop - customer account - retailer login

We collect personal data if you voluntarily provide it to us as part of your order, when you contact us (e.g. using the contact form or email) or when you open a customer account.

When ordering goods via our shop, you have the choice of whether you want to register as a customer or order without registration. If you want to register as a new customer, we will save your customer data for future orders. By registering, you will be able to order faster by logging into your password-protected customer account, you will always know the status of your orders and you will always have an up-to-date overview of your previous orders.

If you want to order without registering, you will have to enter your data again for each order.

Which data is collected can be seen from the respective input forms. We use the data you have provided exclusively to process contracts and to process your inquiries. After your request has been answered, the contract has been fully processed or your customer account has been deleted, your data will be blocked for further use and deleted after the retention periods under tax and commercial law have expired. 

You can delete your customer account at any time by sending us a message. The legal basis for data processing is Art. 6 I S 1 lit a,b GDPR.

Data transfer to payment service providers when ordering goods

In order to fulfill the contract, we pass on your data to the company commissioned with the payment, insofar as this is necessary to pay for the goods that have been ordered. Depending on which payment service provider you select in the ordering process, we will pass on the payment data collected for this purpose to the credit institute commissioned with the payment and, if applicable, to the payment service provider commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves, as far as you have an account there. In this case, you have to log in to the payment service provider with your access data during the ordering process. The data protection declaration of the respective payment service provider applies in this respect.

The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. a, b GDPR.

Data transfer to shipping service providers when goods are delivered 

In order to fulfill the contract, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of the goods ordered.

If you have given us your express consent during or after your order, we will forward your email address and telephone number to the selected shipping service provider on the basis of this, so that they can contact you prior to delivery for the purpose of notification or coordination of the delivery .

The consent can be revoked at any time by sending a message to the contact option described below or directly to the shipping service provider (DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn). After revocation, we will delete the data you have provided for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this that is permitted by law and about which we will inform you in this declaration.

The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. a, b GDPR.

Payment - Sofortüberweisung

On our website we offer payment via “Sofortüberweisung". The payment service provider is "Sofort GmbH", Theresienhöhe 12, 80339 Munich (Sofort GmbH). With the help of the “Sofortüberweisung” process, we receive a real-time payment confirmation from Sofort GmbH and can immediately begin to meet our obligations.

If you choose the “Sofortüberweisung” payment method, you send the PIN and a valid TAN to Sofort GmbH, which can be used to log into your online banking account. Sofort GmbH automatically checks your account balance after logging in and carries out the transfer to us with the help of the TAN you transmitted. Then they sends us a transaction confirmation. After logging in, your sales, the credit line of the overdraft facility and the existence of other accounts and their stocks are automatically checked.

In addition to the PIN and TAN, the payment data you have entered and your personal data are also transmitted to Sofort GmbH. Your personal data is your first and last name, address, telephone number(s), email address, IP address and any other data required for payment processing. The transmission of this data is necessary to establish your identity beyond doubt and to prevent attempted fraud.

The transfer of your data to Sofort GmbH takes place on the basis of Art. 6 I S 1 lit. a GDPR (consent) and Art. 6 I S 1 lit. b GDPR (processing to fulfill a contract). You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past. Details on payment with Sofortüberweisung and the data protection declaration of Sofort GmbH can be found at https://sofort.de/datenschutz.html

Payment via Klarna (Sofort)

We also offer you the option of paying your order via the Klarna payment service (also known as "Sofort" - Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden, Tel 0046 8-120 120 00, inkorg@klarna.se). Klarna is an online payment service provider where you can pay online using your bank details. In Germany you can contact Sofort GmbH, Theresienhöhe 12, 80339 Munich, Tel: +49 89 2020 889-0.

When paying via Klarna, you will be redirected to the Klarna website after completing your order and asked to enter your account number, your online banking PIN and a corresponding TAN from your bank to process the payment. We do not process any of your data ourselves. As part of the confirmation of the successful setting of the transfer order from Klarna / Sofort, we receive a transaction ID selected by the online provider. The purpose of processing the data is to handle the payment process and to carry out the contract with you (Art. 6 I S 1 lit b GDPR). 

When you visit the Klarna / Sofort website or its service, Klarna / Sofort places cookies on your device. You can prevent the installation of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all Klarna / Sofort functions to their full extent. The provision of personal data is necessary for the conclusion of a contract. Failure to provide the data would result in the contract not being concluded. You can find more information on how Klarna works at https://www.klarna.com/sofort

The data will only be stored by us for as long as is necessary for the implementation and processing of your order and compliance with the statutory retention periods. 

Information on data protection at Klarna / Sofort can be found at https://www.klarna.com/de/datenschutz / or https://www.sofort.de/datenschutz.html

Paypal/PayPalPlus

On our website we also offer payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). PayPal assumes the function of an online payment service provider as well as a trustee and offers buyer protection services.

If you opt for the payment method "purchase on account" of the PayPal service "PayPalPlus", you will be asked during the ordering process to consent to the transfer of the data required for processing the payment and an identity and credit check to PayPal. If you give your consent (Art 6 I S 1 lit a GDPR), this data will be transmitted to PayPal. The personal data transmitted to PayPal are usually first name, last name, address, email address, IP address or other data that are necessary for payment processing. In order to process the purchase contract, personal data related to the respective order (such as number of items, item number, invoice amount and taxes and other invoice information - Art 6 I S 1 lit b GDPR) are also required.

The transmission of your data is necessary to process payments via PayPal and to confirm your identity and administer your payment instructions. PayPal may pass on your personal data to affiliated companies and service providers or subcontractors, insofar as this is necessary to fulfill contractual obligations or the data is processed on behalf of us.

The personal data transmitted by us to PayPal may be transmitted to credit agencies by PayPal. The purpose of this transmission is to check your identity and creditworthiness. PayPal uses the result of the credit check for a balanced decision on the establishment, implementation or termination of the contractual relationship and for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values ​​(so-called score values). Insofar as score values ​​are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Detailed information on this and the credit agencies used can be found in PayPal's data protection information (https://www.paypal.com/de/webapps/mpp/ua/privacy-full )

You can revoke your consent to PayPal at any time. However, PayPal may still be entitled to process, use and transmit your personal data if this is necessary or legally required for contractual payment processing or is ordered by a court or an authority.

The transfer of your data to PayPal takes place on the basis of Art. 6 I S 1 lit a GDPR (consent) and Art. 6 I S 1 lit b GDPR (processing to fulfill a contract). You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.

Further data protection information can be found in the PayPal data protection principles at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Amazon aws

We use “Amazon aws” from Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 98109, USA on our website. Information on data protection at "amazon aws" can be found at: https://aws.amazon.com/de/privacy/

The following information is transmitted to the server and stored there: Our website that you have visited and the IP address of your device. According to the company's own statements, the collected raw data are usually deleted after 3 days at the latest. The legal basis for the processing of your data in relation to the services is Art. 6 I S 1 lit f GDPR. Our legitimate interest arises from our need to optimize the loading times of our website.

MyFonts Counter

On this website we use MyFonts (MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA - Monotype umbrella organization) to display fonts (based on Art. 6 Para. 1 S. 1 lit. f GDPR). With the integration of external fonts, we want, among other things, to ensure that our website is appropriately designed and to save loading times.

Due to the license terms, when the fonts are integrated by MyFonts, page view tracking is carried out by counting the number of visits to the website for statistical purposes and transmitting it to MyFonts. MyFonts only collects anonymized data. The data may be passed on by activating JavaScript code in your browser. In order to prevent the execution of JavaScript code from MyFonts altogether, you can install a JavaScript blocker (e.g. www.noscript.net). According to our information, cookies are not set.

You can find more information about MyFonts in the data protection information at https://www.myfonts.com/legal/website-use-privacy-policy

Online presence in social networks

We operate online presences in social networks for advertising purposes.

We would like to point out that you use the social services and their functions at your own risk. This applies in particular to the use of interactive functions (e.g. sharing, rating).

If you visit our online presence in social media, personal data will be collected and processed by the respective provider for advertising and market research purposes. Normally usage profiles are also created here. This is particularly the case if you are a member of the respective platform and are logged in to it. The usage profiles can be used by the providers to show you interest-based advertising. In order to prevent social media operators from collecting information about you during your visit to our website, you should log out of the respective social medium before you start visiting our website and delete any existing social media cookies from your browser.

Social Network Links

On our website are no social plugins from Facebook or other social networks integrated. Therefore, no program code of a social network is active on our pages. The icons for Facebook, Instagram etc. on the website are only linked images.

Data protection notice for online presence on Facebook/Instagram

Facebook Ireland (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland – “Facebook”) and the site administrator (I) are responsible for processing the personal data for the products included in the Terms of Use on the site administrator’s Facebook account that are processed in connection with a visit to or interaction with a page (including its content).

Products included are all Facebook Products, Facebook Pages, and Page Insights. Facebook products include Facebook itself (including the Facebook mobile app and the browser in the app), Messenger, Instagram (including apps like Direct and Boomerang), Portal branded devices, Bonfire, Facebook Mentions, Facebook Shops, Spark AR Studio, Audience Network, NPE Team Apps and any other feature, app, technology, software product, product or service offered by Facebook, Inc. or Facebook Ireland Limited. In addition, the Facebook business tools are also among the Facebook products.

The scope of joint processing and the addition for responsible parties includes the collection of the personal data specified in the Terms of Use for Covered Products and their transmission to Facebook. The subsequent processing of data by Facebook is not part of the joint processing. Likewise, it is not part of the joint processing if personal data is processed exclusively by the site administrator - in this case he is solely responsible for the data processing.

According to Article 13 I lit. a and b GDPR you can access the information required in Facebook's data policy at https://www.facebook.com/about/privacy . Further information on joint processing can be found in the respective terms of use for the specific products.

For the use of certain Facebook products (so-called "Facebook business tools") and the associated data processing, the additional agreement between us and Facebook as jointly responsible according to Art. 26 GDPR applies, which you can find at https://www.facebook.com/legal/controller_addendum .

The site administrator and Facebook have closed this addendum for data controllers to determine the respective responsibilities for the fulfillment of the obligations under GDPR with regard to joint processing (as set out in the Terms of Use for Covered Products).

Furthermore, we have agreed that between the parties Facebook is responsible for enabling the rights of data subjects in accordance with Articles 15-20 of the GDPR with regard to the personal data stored by Facebook after joint processing.

Data processing conditions on Facebook

I expressly point out that the use of certain Facebook products may involve the transmission of personal information to Facebook. Facebook Ireland Limited may also transmit EU data to Facebook Inc. in the USA for storage and further processing. By using Facebook products, the user agrees to Facebook's data processing conditions. You can find this at https://www.facebook.com/legal/terms/dataprocessing/update .

You can find the Facebook EU data transfer supplement at https://www.facebook.com/legal/EU_data_transfer_addendum

The Facebook data policy can be found at https://www.facebook.com/about/privacy/  - the Instagram data policy can be found at https://help.instagram.com/519522125107875 

Information about cookies and other storage technologies on Facebook can be found at https://www.facebook.com/policies/cookies/

You can view Facebook's data security conditions at https://www.facebook.com/legal/terms/data_security_terms.

You can find Facebook's terms of use for commercial use at https://www.facebook.com/legal/commercial_terms/update

You can contact the data protection officer of Facebook at https://www.facebook.com/help/contact/540977946302970.

More Information about Facebook Page Insights data

Facebook continues to provide the page operator with so-called page insights for the Facebook page. Page insights data are aggregated data that gives the site administrator information on how users interact with the Facebook page. The legal basis for data processing is Art. 6 Para. I S. 1 lit. f GDPR – the legitimate interest is an optimized presentation of the website and effective communication with users. 

The data processing takes place on the basis of an agreement between the jointly responsible persons in accordance with Art. 26 GDPR, which you can view at https://www.facebook.com/legal/terms/page_controller_addendum .

Further information on page insights data on Facebook can be found at https://www.facebook.com/legal/terms/information_about_page_insights_data  and at https://de-de.facebook.com/help/instagram/155833707900388

Data processing when contact is made via Facebook products

I process personal data when you contact me e.g. via the contact form or via Messenger. These data are stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of the data is my legitimate interest in answering your request in accordance with Art. 6 Para. I S. 1 lit. f GDPR. Your data will be deleted after your request has been processed, provided that there are no statutory retention requirements.

Your rights

Facebook and I have agreed that Facebook is primarily responsible for providing you with information about the joint processing and for enabling you to exercise your rights under the GDPR. According to the GDPR, you have the right of information, correction, transferability and deletion of your data, as well as to object to the processing of your data and to restrict processing. You can find out more about these rights in your Facebook settings. For further information on your rights, see also under "Rights of the Data Subject" in this data protection declaration.

Facebook and I have agreed that the Irish Data Protection Commission will be the primary body responsible for overseeing the processing. You have the right to start a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or with your local supervisory authority.

Right to object to advertising

You can object to the processing of your data for advertising purposes on Facebook at any time by changing your settings for advertisements in your Facebook user account at https://www.facebook.com/settings?tab=ads.

Legal basis 

We operate our Facebook / Instagram page for advertising my services and goods. The processing of personal data takes place on the basis of Art 6 I S 1 lit f GDPR.

Data Security

On our website we use the SSL-process (Secure Socket Layer) in connection with the respective highest level of encryption supported by your browser. You can recognize if an individual page of our website is transmitted in an encrypted fashion by the locked depiction of the key or lock symbol in the lower status bar of your browser.

Processing/Disclosure of Data

A disclosure of your personal data towards third parties for purposes other than the ones mentioned above or below does not take place. We only pass on your data to third parties if:

- You have given your explicit consent to it according to Art. 6 Par. 1 S. 1 lit a GDPR,
- this is permitted by law and according to Art. 6 Par. 1 S. 1 lit. b GDPR necessary for the performance of a contract or for the performance of measures prior to entering into a contract with you,
- in the case that according to Art. 6 Par. 1 S. 1 lit. c GDPR there is a legal obligation for us to do so,
- if according to Art. 6 Par. 1 S. 1 lit. f GDPR processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Rights of the Data Subject

You have the right:

- according to Art. 15 GDPR obtain information from us about the personal data we have processed from you.
- according to Art. 16 GDPR request the immediate correction of incorrect data or the completion of your personal data stored by us;
- according to Art. 17 GDPR request the erasure of your personal data stored by us insofar as the processing thereof is not necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of the public interest or the establishment, exercise or defense of legal claims;
- according to Art. 18 GDPR obtain the restriction of processing of your personal data in as far as the accuracy of the data is contested by you, their processing is unlawful, but the erasure thereof opposed by you, and we no longer need the data, but you need them for the establishment, exercise or defense of legal claims, or according to Art 21 GDPR you have objected to the processing of the data; 
- according to Art. 20 GDPR to receive your personal data provided to us in a structured, commonly used and machine-readable format or to request their transmittal to another person responsible;
- according to Art. 7 Abs. 3 GDPR withdraw their consent given to us at any time. This has the consequence that in the future we have no longer the right to process the data, once consented to;
- according to Art. 77 GDPR to lodge a complaint with a supervisory authority. In general you can turn to the supervisory authority at the place of your habitual residence or workplace or our place of business. A list of data protection officers as well as their contact data can be found under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to Objection

You have the right to object to the processing of personal data pertaining to you taking place according to Article 6 I S 1 lit e or f, due to reasons arising from your special situation. After objection by you we do no longer process your personal data, except for the case in which we can prove compelling and legitimate reasons for the processing that outweigh your interests, rights or freedoms, or their processing serves the establishment, exercise or defense of legal claims. If you want to make use of your right of objection an email to us suffices.

Changes to this Privacy Statement - Date

By developing our website and offers via the same further or due to changed legal or official requirements it can become necessary to make changes to this privacy statement in compliance with the applicable data protection regulations. The respective current privacy statement can at any time be called up by you on our website under Privacy Statement and printed out.

Dated: December 2021