Privacy policy

Privacy Policy

We, EthicLine GmbH, take the protection of your personal data (hereinafter briefly referred to as "data") very seriously. Therefore, we would like to inform you in detail below about which data is collected during your visit to our website and use of our offers there, and how this data is processed or used by us in order to comply with the relevant data protection provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). We also want to inform you about the accompanying protective measures we have taken in technical and organizational respects.

 

1. Responsible entity/service provider

Responsible entity within the meaning of the Federal Data Protection Act (BDSG) and at the same time service provider within the meaning of the Telemedia Act (TMG) is:

EthicLine GmbH
Sack 17
38100 Braunschweig
Germany

Register court: Braunschweig
Registration number: HRB 210016
Tax number: 25/271/18148
VAT ID No.: DE321512961

Phone:          +49 531 180 510 65
E-Mail:            info@happyfoie.com
Homepage:     happyfoie.com

If you have questions or comments about this privacy policy or data protection in general, please contact the following email address: info@happyfoie.com

 

2. Collection and use of your data

a) When visiting the website

Using our website generally does not require you to provide personal data. If we transmit data to other persons and companies (processors or third parties) as part of our processing or otherwise grant access to the data, this only occurs based on a legal permission, your consent, a legal obligation, or based on our legitimate interests (e.g., when using contractors, web hosts, etc.). The commissioning of third parties to process data based on a so-called "processor agreement" is done according to Art. 28 GDPR.

Our hosting service provider (Shopify International Limited“, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland, Email: hilfe@shopify.de) automatically collects and stores information in the server log files that your browser transmits to the server. These are:

• date and time of the access to one of our websites
• your browser type and/or version (e.g., Chrome, Safari, Firefox, Edge, etc.)
• the browser settings
• the operating system used (e.g., Windows, Android, Chrome OS, iOS, MacOS, Linux, etc.)
• the last page you visited (so-called referrer URL)
• the amount of data transferred and the access status (file transferred, file not found, etc.)
• the time of the server request
• as well as your IP address (hostname of the accessing computer).

We collect and use this data during an informational visit exclusively in a non-personal form. A merging of this data with other data sources does not take place, and the data is deleted after statistical evaluation.

You can find the data protection information of our hosting service provider here: https://www.shopify.com/de/legal/datenschutz

The processing is carried out to enable the use of the internet pages you accessed, for statistical purposes, and to improve our internet offering. We only store the IP address for the duration of your visit; no personal evaluation takes place. The legal basis for the collection and storage of server log files is Art. 6 para. 1 sentence 1 lit. f GDPR, as this is necessary to safeguard legitimate interests.

b) Contact form

To facilitate communication with us, we have set up a contact form. The data you submit via the contact form (name, email address, phone number, comment) will be stored to answer your message and assist you with any follow-up questions. This data will not be passed on to third parties. We store this data based on your consent; the legal basis is therefore Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time. Another legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract to which you are a party, and for the implementation of pre-contractual measures carried out at your request. Because contacting you is only possible if you provide us with your contact details for this purpose beforehand. Data storage is also based on our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in processing and answering your inquiry addressed to us.

c) Ordering process

In addition to providing information about our company and our products, our homepage also offers the possibility to purchase our products through our webshop.

You can select products and add them to your shopping cart during the ordering process. The details of the ordering process can be found in the Terms and Conditions. To complete the order, you must enter a billing and delivery address. Here, email address or mobile phone number, country/region, first name, last name, street and house number, postal code, and city are mandatory. Information about the company, additional address details, and a phone number are optional.

The legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract to which you are a party, and for the implementation of pre-contractual measures carried out at your request. Because the shipment of goods to you is only possible if we receive the contact details. The contact details are necessary to consult with you and to confirm your order. Data storage is also based on our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in the execution of the order you placed.

Various options are available for processing the payment of your orders. We work with different providers here, from which you can choose one to make your payment. You can choose from the following payment methods:

• Credit card
• Paypal
• Invoice with Klarna
• Pay immediately with Klarna
• Instant transfer
• Express Checkout with Shop Pay
• Express Checkout with Paypal
• Express Checkout with Google Pay

An "Express Checkout" is only possible if you already have an account with one of the providers there. In this case, you log in via this account and the provider transmits your address data stored there to us, so you do not have to enter this data yourself. Payment is then made via the selected service provider.

The legal basis for providing and using the payment data is Art. 6 para. 1 lit. b GDPR, as this is necessary for the execution and fulfillment of the contract of which you are a party and for the implementation of pre-contractual measures carried out at your request. Data storage is also based on our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in the execution of the order you have placed.

We work with several payment providers to make payment as easy as possible for you. You only need to select a payment method. Especially if you are already registered with one of the providers, additional data collection can be avoided. The involvement of multiple providers is based on Art. 6 para. 1 lit. f GDPR due to the legitimate interest in offering a wide range of different payment methods as well as the legitimate interest in protection against payment default. You have the right to object at any time to the processing of your personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation by notifying us.

We point out that the data processing by the aforementioned payment service providers as well as any transfer of data to service providers or subcontractors is not our responsibility. As payment service providers for electronic payments, they are not to be regarded as our processors, but as independent controllers within the meaning of the GDPR.

(see for example the statement of the Bavarian State Office for Data Protection Supervision: https://www.lda.bayern.de/media/FAQ_Abgrenzung_Auftragsverarbeitung.pdf)

Specifically, these are the following payment service providers:

• Shopify International Limited (when paying with credit card or Shop Pay)
  Victoria Buildings, 2nd Floor
  1-2 Haddington Road
  Dublin 4, D04 XN32, Ireland
  Email: hilfe@shopify.de
  Privacy Policy: https://www.shopify.com/de/legal/datenschutz

• PayPal (Europe) S.à r.l. et Cie, S.C.A. (for payment with Paypal
  22-24 Boulevard Royal
  L-2449 Luxembourg
  Email: impressum@paypal.com
  Privacy Policy: https://www.paypal.com/webapps/mpp/ua/privacy-full

• Klarna Bank AB (publ) (when paying with Klarna)
  Sveavägen 46
  111 34 Stockholm, Sweden
  Email: inkorg@klarna.se
  Privacy Policy: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy

• Sofort GmbH (when paying with Sofortüberweisung)
  Theresienhöhe 12
  80339 Munich, Germany
  Email: info@sofort.com
  Privacy Policy: https://www.sofort.com/de/datenschutzhinweise/

• Amazon Payments Europe S.C.A
  38 avenue J.F. Kennedy,
  L-1855 Luxembourg, Luxembourg
  Email: impressum@amazon.de
  Privacy Policy: https://pay.amazon.de/help/201212490
  

• Google Ireland Limited (when paying with Google Pay)
  Gordon House, Barrow Street
  Dublin 4, Ireland
  Email: support-deutschland@google.com
  Privacy Policy: https://policies.google.com/privacy (Google general) https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de (Google Pay)
  

 d) User account

To facilitate and speed up the ordering process for you, you have the option to create a user account on our homepage. Registration requires entering a valid email address as well as your first and last name. Furthermore, you assign a self-chosen – sufficiently secure – password. We store this data based on your explicit consent in order to provide you with a login to your account, to enable more efficient order processing through our shop, and to allow you to view your order history. The legal basis for processing is therefore Art. 6 para. 1 sentence 1 lit. a GDPR. Furthermore, the data is also necessary for the performance of the contract, Art. 6 para. 1 sentence 1 lit. b GDPR. You can of course delete your account at any time.

After logging into your user profile, you can create multiple shipping addresses, modify them, and set a default address. The additional data provided there (company, address 1, address 2, city, country, postal code, phone number) will be stored to send you the products you have purchased through an order process and to contact you in case of inquiries. This data will not be shared with third parties. We store this data based on your consent; the legal basis is therefore Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time. Another legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract to which you are a party and for the implementation of pre-contractual measures carried out upon your request.

e) Become a Partner

To become a sales partner of our products, we have set up the "Become a Partner" form through which you can contact us. The data you submit via this form (first name, last name, company, VAT ID, website, email address, phone number, "About your company", street, house number, postal code, city, state, country) will be stored in order to respond to your inquiry and provide you with our partner conditions. Providing this data is necessary to assess your suitability as a partner. This data will not be shared with third parties. We store this data based on your consent; the legal basis is therefore Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time. Another legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract to which you are a party and for the implementation of pre-contractual measures carried out upon your request. Contacting you is only possible if you provide us with your contact details for this purpose beforehand. Data storage is also in our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in processing and responding to your inquiry addressed to us.

f) Newsletter

You have the option to voluntarily subscribe to our newsletter. To do this, you can confirm your participation through a double opt-in procedure. First, you must enter your email address in the input form and confirm via checkbox that you want to subscribe to the newsletter. Then you will receive an email in which you explicitly confirm your participation again by clicking the activation link.

In this case, the data you enter in the input form (name, email address) will be transmitted to us and stored and used for the purpose of sending the newsletter. Furthermore, we store the time and proof of your confirmation that you agree to receive the newsletter. We therefore use the data transmitted to us exclusively for sending the newsletter, which may contain information or offers.

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. Your data will therefore be stored as long as the newsletter subscription is active. You have the option to end your participation in the newsletter at any time. You can do this informally by email at any time, and each newsletter also contains a corresponding link to end your participation.

For sending the newsletter, we use the service "Klaviyo". The operator of this service is Klaviyo, Inc., 125 Summer Street, Floor 6, Boston, MA, 02110, United States, Tel.: +1 (800) 3381744). Klaviyo is a service that can be used, among other things, to organize and analyze the sending of newsletters. If you enter data for the purpose of receiving the newsletter (e.g. email address), this data will be stored on the servers of Klaviyo in the USA .

With the help of Klaviyo, we can analyze our newsletter campaigns. When you open an email sent with Klaviyo, a file contained in the email (so-called web beacon) connects to Klaviyo's servers. This allows it to be determined whether a newsletter message was opened and which links, if any, were clicked. Technical information is also collected (e.g., time of access, IP address, browser type, and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of the recipients. If you do not want analysis by Klaviyo, you must unsubscribe from the newsletter. For this, we provide a corresponding link in every newsletter message.

To protect your data, we have concluded a data processing agreement (“Data Processing Agreement, short: “DPA”) with Klaviyo, in which we oblige Klaviyo to protect our customers' data and not to pass it on to third parties. The content of this DPA (in English) can be found here: https://www.klaviyo.com/legal/data-processing-agreement

Further information on Klaviyo's data protection regulations can be found (also in English) at: https://www.klaviyo.com/legal/privacy/privacy-notice as well as: https://www.klaviyo.com/legal/privacy

The legal basis for this processing is your given consent according to Art. 6 para. 1 sentence 1 lit. a GDPR. Since sending the newsletter also involves a transfer of your data to the USA, the legal basis of your given consent is also Art. 49 para. 1 lit. a GDPR. You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

g) Customer Reviews

You have the option to voluntarily leave a customer review on our homepage. For this, you can rate our products with a rating from 1 to 5 stars and provide your own written review. You enter a headline as well as the review text. Optionally, you can also upload a picture or video. Furthermore, you enter a name that will be publicly displayed together with your review afterwards. Here you can also only provide a first name or your initials; entering your full name is not required. It is still required to enter an email address, which will not be published together with your review. This is only stored internally with us to contact you in connection with your review and to verify the authenticity of your review.

If you choose to write a customer review, you grant us a time- and location-unrestricted and exclusive license to further use the customer review for any purposes online and offline. This publication includes only the review text, the headline, the number of review stars, and the display name you have set yourself. We always strive to name you as the author with the display name (unless you have indicated that you want to remain anonymous), but we reserve the right to shorten, anonymize, or omit this information. We reserve the right not to display a review or to display it only for a limited period on the website, as well as to shorten it.

We use the service "Judge.me", which is operated by Judge.me Ltd, C/O Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB. The privacy policy of Judge.me can be found (in English) here: https://www.judge.me/privacy

The headquarters of Judge.me is located in England. Although this is a third country within the meaning of the GDPR, the European Commission has issued an adequacy decision pursuant to Art. 46 para. 5 sentence 2 GDPR (cf. https://commission.europa.eu/system/files/2021-06/decision_on_the_adequate_protection_of_personal_data_by_the_united_kingdom_-_general_data_protection_regulation_en.pdf)

The above-mentioned data processing is based on your consent; the legal basis is therefore Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.

 

3. Shopify

Our website works in the back-end with the shop hosting system "Shopify". In Europe, Shopify is operated by "Shopify International Limited", Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland, Email: hilfe@shopify.de. The parent company is "Shopify Inc.", 151 O’Connor Street, Ground floor, Ottawa, ON, K2P 2L8, Canada.

To enable functionality and user-friendliness, personal data is processed by the operators of Shopify as controllers.

Like most website operators, Shopify collects non-personal information in the manner that web browsers and servers typically provide, such as browser type, language preference, referring site, and the date and time of each visitor request. The purpose of Shopify's collection of non-personal information is to better understand how Shopify visitors use its website. From time to time, Shopify may publish non-personal information in aggregate form, for example by publishing a report on website usage trends.

Shopify also collects potentially personally identifiable information such as Internet Protocol addresses (IP addresses). However, Shopify does not use this information to identify its visitors and does not share this information except under the same circumstances in which personal information is used and shared, as described below.

In any case, Shopify collects such information only to the extent necessary or appropriate to fulfill the purpose of the visitor's interaction with Shopify. Shopify does not disclose any other personally identifiable data than described below. Visitors can also refuse to provide personally identifiable information at any time, subject to the condition that this may prevent certain activities on a website.

According to Shopify, all information collected on Shopify is processed in accordance with GDPR legislation. The headquarters of the parent company "Shopify Inc." is located in Canada. Although this is a third country within the meaning of the GDPR, the European Commission has issued an adequacy decision pursuant to Art. 46 para. 5 sentence 2 GDPR (cf. https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32002D0002)

We have concluded a usage agreement with Shopify, which also includes an "Addendum to Data Processing by Shopify". Its content can be found at https://www.shopify.com/de/legal/dpa?shpxid=8e413cc6-95D2-4ED6-CE20-CDDA0234F0F5

Further information on terms of use and data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz

Shopify enables us to operate the homepage securely, quickly, efficiently, and visually appealing. The legal basis for our use of Shopify is Art. 6 para. 1 sentence 1 lit. f GDPR, as this is necessary to protect our legitimate interests. Furthermore, the use is necessary for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR).

 

4. Pandectes GDPR Compliance Cookie

To obtain your consent for storing certain cookies in your browser and to document this in accordance with applicable data protection regulations, our website uses a plug-in with cookie consent technology. This is the Shopify plug-in "Pandectes GDPR Compliance" from the provider "Pandectes, Harju maakond, Kuusalu vald, Pudisoo küla, Männimäe/1, 74626, Estonia, info@pandectes.io". Details on data processing by "Pandectes GDPR Compliance" can be found here: https://pandectes.io/privacy-policy/

 When using our homepage, a consent cookie ("_pandectes_gdpr") is stored in your browser, in which the consents you have given or the revocation of these consents are saved. This data is not passed on to the provider of "Pandectes GDPR Compliance". The collected data is stored until you request us to delete it, delete the consent cookie yourself, or the purpose for data storage no longer applies. The use of the consent cookie is to obtain the legally required consents for the use of cookies. The legal basis is therefore Art. 6 para. 1 sentence 1 lit. c GDPR.

5. Additional Shopify Apps

In the shop hosting system "Shopify," additional external apps can be integrated. We currently have the following apps installed in Shopify that may come into contact with your personal data:

a) Buchhaltungsexport Pro > DATEV

We use the app "Buchhaltungsexport Pro > DATEV" to export accounting data from our Shopify online shop to our accounting software DATEV. The operator of this app is pathway solutions gmbh (c/o ba tax gmbh, Alstertwiete 3, 20099 Hamburg, info@pathway-solutions.de). The server location of pathway solutions GmbH is Germany. The data is encryptedly transferred from Shopify to DATEV. You can find the privacy policy of pathway solutions GmbH at: https://www.pathway-solutions.de/pages/datenschutzerklaerung

The data is transferred via this interface to our accounting software DATEV. The operator is DATEV eG (Paumgartnerstr. 6 – 14, 90429 Nuremberg, info@datev.de). Server location is Germany. We have concluded a data processing agreement with DATEV. Comprehensive information on data protection and corporate security, such as technical and organizational measures, can be found at: https://www.datev.de/web/de/m/ueber-datev/datenschutz/

The use of the app as well as the associated accounting software enables us to carry out our accounting securely, efficiently, time-savingly, and in accordance with legal requirements. The legal basis for use is Art. 6 para. 1 sentence 1 lit. f GDPR, as this is necessary to protect our legitimate interests. Furthermore, the use is necessary for the purpose of contract fulfillment (specifically invoicing) towards our potential and existing customers (Art. 6 para. 1 lit. b GDPR).

b) Easybill

We use the app "easybill" to automate order imports as well as to simplify internal processes with automatic invoicing and shipping. The operator of this app is easybill GmbH (Düsselstr. 21, 41564 Kaarst, support@easybill.de). Server location is Germany. You can find the privacy policy of easybill GmbH at: https://www.easybill.de/datenschutz

The use of the app enables us to operate our online shop (especially order imports and invoice creation) securely, efficiently, time-savingly, and in accordance with legal requirements. The legal basis for use is Art. 6 para. 1 sentence 1 lit. f GDPR, as this is necessary to protect our legitimate interests. Furthermore, the use is necessary for the purpose of contract fulfillment (specifically invoicing) towards our potential and existing customers (Art. 6 para. 1 lit. b GDPR).

c) Stockist Store Locator / Google Maps

We use the app "Stockist Store Locator" to add a searchable map to our website. This shows homepage users where they can buy our products from nearby local retailers. The operator of this app is Stockist (Düsselstr. 21, 41564 Kaarst, support@easybill.de). The server location is the USA. We point out that an adequate level of data protection cannot be guaranteed in the USA. Further information on Stockist's privacy policy is available (in English) at: https://stockist.co/privacy

The legal basis for this processing is your given consent according to Art. 6 para. 1 sentence 1 lit. a GDPR. Since the use of the Store Finder also involves a transfer of your location data to the USA, the legal basis of your given consent also includes Art. 49 para. 1 lit. a GDPR. You can revoke this consent at any time. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.

Through the Store Finder, your location data is also forwarded to Google, as this app matches the data with Google Maps. The operator of Google Maps within the EU is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ireland Ltd is based in Ireland. However, it cannot be ruled out that data transfer to the USA may occur, especially to servers of the affiliated company Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, USA. Please note the above information regarding data transfer outside the EU. Although Google states that it has implemented the standard data protection clauses approved by the European Commission (Implementing Decision (EU) 2021/914 of the EU Commission dated 04.06.2021 – Ref. C(2021) 3972, OJ EU No. L 199/31 of 07.06.2021) in accordance with Art. 46 para. 2 letter c GDPR, it must be pointed out that, according to the ECJ, an adequate level of data protection in the USA is not guaranteed.

You can find Google's privacy notices at https://www.google.de/intl/de/policies/ and: https://policies.google.com/privacy

The legal basis for the use of Google Maps is exclusively your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with Art. 49 para. 1 lit. a GDPR, which you have given via the cookie consent banner. You give this consent completely voluntarily and can easily revoke it for the future. You can make this change in the Cookie Settings.

 

6. Data transfer outside the EU

Some of the web tools we use are provided by companies based in the USA and therefore not within the EU. By using these tools, your data may be transferred to these companies based on your consent. You can find details about the respective data transfer in the explanations for each web tool/cookie.

We point out that the CJEU currently classifies the level of data protection in the USA as insufficient. Since there is no adequacy decision by the European Commission, the risk of disproportionate access by US authorities or failure to delete your data cannot be excluded. Effective enforcement of your rights is not possible in the USA.

For this reason, a transfer of your data to the USA only takes place with your explicit consent in accordance with Art. 49 para. 1 lit. a GDPR, which you have given as part of your consent on the cookie consent banner. You can adjust your cookie settings at any time and revoke your consent for the future.

7. Use of Google Analytics

This website uses Google Analytics, a web analytics service from Google. Google Analytics also uses cookies, i.e., text files that are stored on your computer and enable an analysis of your use of the website. Google Analytics is operated by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

 We have concluded a data processing agreement with Google. As a processor pursuant to Art. 28 GDPR, Google is the recipient of the personal data. On this basis, Google collects certain user and usage information, compiles it into pseudonymized usage profiles, and stores it in cookies (see above). This includes information about the browser type/version used, the operating system used, screen resolution, referrer URL, anonymized IP address of the accessing computer, time of the server request, downloaded files, viewed videos, clicked advertising banners, placed orders, click paths, frequency of page views, entry and exit pages, duration of stay on individual pages, etc.

The purpose of this processing is the statistical evaluation of our homepage with the aim of optimizing and tailoring the content and design of our homepage in the future. In doing so, we collect information for the statistical evaluation of the use of our homepage to create reports about activities and user behavior on our homepage and to provide further analysis services related to our homepage. Your IP address transmitted by the browser to Google Analytics is not merged with other data from Google.

Google Ireland Ltd is based in Ireland. However, it cannot be ruled out that data transfer to the USA may occur, especially to servers of the affiliated company Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, USA. Please note the above information regarding data transfer outside the EU. Although Google states that it has implemented the standard data protection clauses approved by the European Commission (Implementing Decision (EU) 2021/914 of the EU Commission dated 04.06.2021 – Ref. C(2021) 3972, OJ EU No. L 199/31 of 07.06.2021) in accordance with Art. 46 para. 2 letter c GDPR, it must be pointed out that, according to the ECJ, an adequate level of data protection in the USA is not guaranteed.

The legal basis for the use of Google Analytics is exclusively your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with Art. 49 para. 1 lit. a GDPR, which you have given via the cookie consent banner. This consent is given completely voluntarily and can be easily revoked for the future. You can make this change in the Cookie Settings.

You can prevent the storage of cookies by adjusting the settings of your browser software accordingly. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent data collection by Google Analytics by clicking on the following link. An opt-out cookie will be set that prevents future collection of your data when visiting this website: Disable Google Analytics

Further information on terms of use and data protection can be found at http://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/ and: https://policies.google.com/privacy

 

8. Use of Cookies

To make our website user-friendly and optimally tailored to your needs, we use cookies in some areas. "Cookies" are small text files that are stored locally on your computer's hard drive and kept ready for later retrieval to make it easier for you to use our online services. Additionally, cookies enable the analysis of your use of our websites. After you finish your visit and close the internet browser you used, most cookies are automatically deleted (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies). You can control the installation of cookies by changing the settings of your browser software. However, you will then no longer be able to use all functions of our website.

You can give or refuse consent for cookies – including for web tracking – through your web browser settings. You can configure your web browser to notify you when cookies are set or to generally reject cookies. However, you will then no longer be able to use all functions of our website. Through the following links, you can find information about this option for the most commonly used browsers:

• Edge: https://privacy.microsoft.com/de-DE/windows-10-microsoft-edge-and-privacy
• Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
• Firefox: https://support.mozilla.org/de/kb/Cookies-von-Drittanbietern-blockieren
• Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&answer=95647
• Safari: https://www.verbraucher-sicher-online.de/anleitung/cookiesverwalten-in-apple-safari
• Opera: https://help.opera.com/de/?s=cookies&product=latest

Through the cookie notice on our homepage, which appears as a pop-up on your first visit, you can initially select which cookies may be stored. There you can give your consent to the use of all cookies, limit the use to functional cookies, or make custom settings.

a) Functional cookies

Functional cookies are those cookies that are necessary to ensure the technical functionality of our website. These functional cookies store some of your personal preferences when using our site, especially the cookie settings you have entered. They are also required to monitor server load to ensure the availability of the website and to maintain the security of the website. These functional cookies cannot be deactivated. The use of these cookies is permitted even without your consent. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, as their use is necessary to protect our legitimate interests mentioned.

b) Other cookies (analytical cookies)

In addition to functional cookies, our website uses advertising cookies, marketing cookies, analytics cookies, and communication cookies. All these other cookies can be deactivated by you. The use of these cookies is solely based on your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time.

You have the option to object to the use of cookies for reach measurement. You can object to storage on your device via the following links:

• Cookie deactivation by Network Advertising Initiative (NAI) in English: http://optout.networkadvertising.org/?c=1#!/
• Cookie deactivation by Digital Advertising Alliance (DAA) in English: http://optout.aboutads.info/?c=2#!/

More information about the individual cookies used as well as your current cookie settings can be found at: https://happyfoie.com/pages/cookie-einstellungen

9. Google Fonts

We use Google Fonts on our homepage. This is a directory of over 800 fonts that Google provides to users free of charge. In the European area, the provision is made by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. However, we use these fonts exclusively locally. We have integrated Google Fonts locally so that the fonts are no longer loaded from Google's servers with every visit to the homepage and your IP address is therefore not transmitted. Thus, no personal data of yours is processed through the use of Google Fonts. Therefore, the use does not require a data protection legal basis. The explanation in this statement is purely informational.

Further information about Google Fonts can be found here: Further information at: https://policies.google.com/privacy

 

10. Social Networks

In addition to this website, we also operate presences in various social media. If you visit such a presence, personal data may be transmitted to the provider of the social network. Besides storing the data you specifically enter in this social medium, further information may also be collected, processed, or used by the provider of the social network.

In addition, the provider of the respective social network may collect, process, and use the most important data of the computer system from which you visit the network – such as your IP address, the processor type, and version of your browser including plug-ins.

If you visit such a network and are logged in with your personal user account of the respective network, the operator of the network can assign the visit to your account. If you do not want such an assignment, you can avoid it by logging out of your account before visiting our presence.

a) Facebook

We operate a presence on the social network "Facebook." The operator of the social network Facebook for Europe is "Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland."

Regarding our Facebook presence, we point out that the basis for processing Facebook Insights data lies in Article 6 Paragraph 1 f) GDPR. Through the data processing by Facebook there, we can retrieve statistical data of various categories. These include, for example, the total number of page views, "likes," page activities, post interactions, video views, post reach, comments, shared content, replies, the proportion of men and women, origin related to country and city, language, views and clicks in the shop, clicks on route planners, as well as clicks on phone numbers. We use this data to make the posts on the page more attractive or to find the right time for publication so that you can make the best use of our offer.

You can find Facebook’s privacy policy at https://www.facebook.com/about/privacy/

As a data subject of data processing on Facebook, you have all the rights you also have through processing on our site. We refer to the section “Your Data Subject Rights” in this statement. Information about page insights data can be found at https://www.facebook.com/legal/terms/information_about_page_insights_data

Furthermore, we point out that there is joint responsibility (“Joint Controllership”) according to Art. 26 GDPR between Facebook and us. The corresponding agreement can be found at: https://www.facebook.com/legal/terms/page_controller_addendum

We use Facebook plugins that establish a direct connection between your browser and Facebook’s servers. You can recognize the respective plugins by the Facebook logos and “Like” symbols. An overview can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE

If you do not want Facebook to associate your visit to our homepage with your Facebook user account, you must log out of your Facebook user account beforehand.

Our website also uses Facebook’s visitor action pixel for conversion measurement.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook advertisement. This enables the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website; we cannot draw conclusions about the identity of the users. However, the data is stored and processed by Facebook, so a connection to the respective user profile is possible, and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Use Policy. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. This use of data cannot be influenced by us as the site operator.

You can also disable the remarketing feature “Custom Audiences” in the ad settings area at: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

For this, you must be logged into Facebook. If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/

b) Instagram

We also operate an Instagram presence. Instagram is also operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The above statements under 11. a. regarding Facebook apply accordingly here. You can find the Instagram privacy policy here: https://help.instagram.com/155833707900388

c) Youtube

We operate a presence on the video platform YouTube. Some videos embedded on our homepage are not streamed directly from our server but are played back via the YouTube video platform. The provider of these videos is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, Phone: +353 1 543 1000, Fax: +353 1 686 5660, Email: support-deutschland@google.com). When you click on a video, a connection to Google's servers is established, so Google becomes aware of which page you have accessed. It is also possible that Google can assign your user behavior to your personal profile if you are logged into your YouTube account or your Google account. You can avoid this by logging out beforehand. However, we have no influence on this. The use of YouTube videos is intended to present the content to you even better, clearer, and more appealing and thus represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Please note Google's privacy notices, which also apply to the YouTube platform. You can find them here: https://policies.google.com/privacy?hl=de&gl=de

You can find the YouTube privacy settings here: https://www.youtube.com/intl/ALL_de/howyoutubeworks/user-settings/privacy/

d) TikTok

We operate a presence on the video platform TikTok. TikTok is offered to users with permanent residence in the Federal Republic of Germany and Austria by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland). We point out that TikTok stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence on TikTok's data collection and processing, and it is not apparent to us which data processing TikTok performs and whether deletion periods and other user rights are observed.

You can find TikTok's privacy policy here: https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE

You can reach TikTok's data protection officer via the online contact form provided by TikTok at: https://www.tiktok.com/legal/report/DPO 

e) Twitter

We operate a presence on the microblogging service Twitter. Twitter is operated in Europe by Twitter International Unlimited Company (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland). We point out that Twitter stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence on Twitter's data collection and processing, and it is not apparent to us which data processing Twitter performs and whether deletion periods and other user rights are observed.

Functions of the Twitter service are integrated on our homepage. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transmitted to Twitter in the process. We point out that as the provider of the pages, we do not have knowledge of the content of the transmitted data or its use by Twitter.

The privacy policy of Twitter can be found here: https://twitter.com/de/privacy

f) Pinterest

We maintain a presence on the social network Pinterest. Pinterest is operated in Europe by Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland). We point out that Pinterest stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence on Pinterest's data collection and processing, and it is not apparent to us which data processing Pinterest performs and whether deletion periods and other user rights are observed.

The privacy policy of Pinterest can be found here: https://policy.pinterest.com/de/privacy-policy

g) LinkedIn

We maintain a presence on the social network LinkedIn. LinkedIn is operated in Europe by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland). We point out that LinkedIn stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence on LinkedIn's data collection and processing, and it is not apparent to us which data processing LinkedIn performs and whether deletion periods and other user rights are observed.

The privacy policy (available only in English) of LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy

 

11. Data Security

We and our service providers take technical and organizational security measures to protect your personal data managed by us against accidental or intentional manipulation, loss, destruction, or unauthorized access. Our data processing and security measures are continuously improved according to technological developments. When transmitting your data to us, encryption via Secure Socket Layer (SSL) is used. Our employees and service providers are, of course, bound in writing to data confidentiality according to Art. 29 GDPR and § 53 BDSG-new.

 

12. Your data subject rights

++++

Insofar as the processing of data is based on Art. 6 para. 1 lit. f GDPR ("legitimate interest"), you have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation.

Insofar as the processing of data is based on Art. 6 para. 1 lit. a GDPR ("consent"), you have the right to revoke a given consent to the processing of personal data at any time without giving reasons. The revocation only applies to the future. The legality of processing already carried out is not affected.

++++

As a data subject, you have the following rights within the scope of data processing by us: You can request information from us at any time, free of charge and without giving reasons, pursuant to Art. 15 GDPR about which data of yours is processed by us, have confirmed whether personal data of yours is processed by us, request correction of incorrect data pursuant to Art. 16 GDPR, request deletion of your data pursuant to Art. 17 GDPR, receive your personal data pursuant to Art. 20 GDPR or have it transmitted to another controller, insofar as this is feasible, request restriction of processing pursuant to Art. 18 GDPR, and object to processing under the conditions of Art. 21 para. GDPR, provided the respective requirements are met.

 

13. Purpose of data processing

The purpose of data processing is that it is necessary for the implementation of pre-contractual measures (such as establishing contact with our contractual partners and customers), for the fulfillment of a contractual or legal obligation, or for the protection of our legitimate interests.

Legal bases for data processing are Art. 6 para. 1 sentence 1 lit. b GDPR (necessity for the performance of a contract or to take pre-contractual measures), Art. 6 para. 1 sentence 1 lit. c GDPR (compliance with a legal obligation), and Art. 6 para. 1 sentence 1 lit. f GDPR (protection of legitimate interests, for example for technical reasons for the operation and protection of our internet offering). The storage duration of the data that is stored at all depends on whether storage is still necessary for the aforementioned purposes. Accordingly, your data will be deleted.

 

14. Duration of data storage

We store your above-mentioned personal data only as long as necessary to perform the respective service you have ordered/wished for or to which you have given your consent, provided no other legal obligations exist. During an existing business or contractual relationship or until your inquiry is answered, your data will therefore be stored to enable the fulfillment of a contract or the implementation of pre-contractual measures. The legal basis is thus Art. 6 para. 1 b) GDPR.

There are numerous legally regulated retention obligations, for example in commercial and tax law (§ 257 Commercial Code (HGB) or § 147 Fiscal Code (AO)), but also under the Payment Services Supervision Act (ZAG) and the Money Laundering Act (GwG). A retention obligation of at least six years follows from tax and social security law. According to § 147 para. 1 no. 2, 3 and 5 AO, a six-year retention period applies to commercial and business documents, such as invoices, delivery notes, cost estimates, hospitality receipts, and other tax-relevant documents, starting at the end of the calendar year in which they were created. Ten-year retention periods arise from tax and commercial law, especially according to § 147 para. 1 no. 1, 4 and 4a AO. This includes books, annual financial statements, the opening balance sheet, and the documents necessary for their understanding, starting at the end of the calendar year in which the last entry was made or the accounting document, such as payroll, bank statement, or operating cost statement, was created. The legal basis for storage during this period is Art. 6 para. 1 c) GDPR (fulfillment of a legal obligation). Furthermore, statutory limitation periods must also be observed for the storage duration, e.g., according to the Civil Code (BGB). The general limitation period is 3 years but can be up to 30 years in certain cases. Data is also stored if retention is necessary for asserting, exercising, or defending legal claims, as this constitutes a legitimate interest. The legal basis for this is Art. 6 para. 1 f) GDPR (protection of legitimate interests). Your data will only be stored as long as necessary for the respective purpose. After that, your data will be deleted.

 

15. Links to third-party websites

We link to websites of other providers (third parties) not affiliated with us. We point out that we have no influence on what data may be collected and processed by these providers when you click on these links. Since data collection and processing by third parties is beyond our control, we cannot assume any responsibility for this. For more information on the collection and processing of your data by these third parties, please refer to the privacy policy of the respective provider.

 

16. Changes to this privacy policy

We will revise our policies for protecting your personal data from time to time to adapt them to the state of the art or changed legal conditions. We therefore recommend that you regularly check this page for changes. By using the websites, you agree to the terms of this privacy policy.

If you have registered on our homepage, we will inform you by e-mail and in your user profile at least 14 days before a planned change to this privacy policy comes into effect. After the change comes into effect, you will be asked to give your consent again at the next login.

 

17. Your right to complain

Your trust is important to us. Therefore, we want to be available to answer any questions you may have about the processing of your personal data at any time. If you have questions that this privacy policy could not answer or if you want more detailed information on a point, please feel free to contact us at the address given in the imprint at any time.

If you have concerns or complaints regarding the legality of the processing of your personal data, you can also contact the data protection supervisory authority responsible for us

The State Commissioner for Data Protection Lower Saxony
Barbara Thiel
Prinzenstraße 5
30159 Hannover
Phone: +49 (0511) 120 45 00
Fax: +49 (0511) 120 45 99
E-mail: poststelle@lfd.niedersachsen.de

appeal. You can also contact any other supervisory authority in accordance with Art. 77 GDPR. In addition, you have the right to take legal action.