Privacy policy

Data protection

We, EthicLine GmbH, take the protection of your personal data (hereinafter referred to as "data") very seriously. Therefore, we would like to inform you in detail about which data is collected during your visit to our website and the use of our offerings there, and how this data is processed or used by us in order to comply with the relevant data protection regulations of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). We also want to inform you about the accompanying protective measures we have taken in both technical and organizational terms.

 

1. Responsible entity/service provider

The responsible party within the meaning of the Federal Data Protection Act (BDSG) and at the same time the service provider within the meaning of the Telemedia Act (TMG) is:

EthicLine GmbH
Berliner Straße 52e
38104 Braunschweig
Germany

Register Court: Braunschweig
Registration number: HRB 210016
Tax number: 25/271/18148
VAT ID No.: DE321512961

Phone:          +49 531 180 510 65
E-Mail:            info@happyfoie.com
Homepage:     happyfoie.com

If you have any questions or comments regarding this privacy policy or general data protection, please contact the following email address: info@happyfoie.com

 

2. Collection and Use of Your Data

a) When visiting the website

For the use of our website, it is generally not necessary for you to provide personal data. If we transmit data to other persons and companies (processors or third parties) as part of our processing or otherwise grant access to the data, this only occurs on the basis of a legal permission, if you have consented, if a legal obligation provides for it, or based on our legitimate interests (e.g., when using agents, web hosts, etc.). The commissioning of third parties to process data on the basis of a so-called "data processing agreement" is carried out on the basis of Art. 28 GDPR.

"Our hosting service provider (Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland, Email: hilfe@shopify.de) automatically collects and stores information in the server log files that your browser transmits to the server. These are:"

• Date and time of the retrieval of one of our internet pages
• Your browser type and/or version (e.g. Chrome, Safari, Firefox, Edge, etc.)
• the browser settings
• the operating system used (e.g. Windows, Android, Chrome OS, iOS, MacOS, Linux, etc.)
• the page you last visited (so-called referrer URL)
• the transferred data volume and the access status (file transferred, file not found, etc.)
• the time of the server request
• as well as your IP address (hostname of the accessing computer).

"We collect and use this data during an informational visit exclusively in a non-personal form. A combination of this data with other data sources will not be made, and the data will also be deleted after a statistical evaluation."

You can find the data protection information of our hosting service provider here: https://www.shopify.com/de/legal/datenschutz

The processing is carried out to enable the use of the internet pages you have accessed, for statistical purposes, and to improve our internet offerings. We only store the IP address for the duration of your visit; a personal evaluation does not take place. The legal basis for the collection and storage of server log files is Article 6(1)(f) of the GDPR, as this is necessary to protect legitimate interests.

b) Contact form

To facilitate communication with us, we have set up a contact form. The data you submit through the contact form (name, email address, phone number, comment) will be stored in order to respond to your message and assist you with any follow-up questions. This data will not be shared with third parties. We store this data based on your consent, the legal basis is therefore Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time. Another legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract to which you are a party, and for the implementation of pre-contractual measures that are carried out at your request. Contacting you is only possible if you provide us with your contact details for this purpose in advance. Likewise, the storage of data is in our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in processing and responding to your inquiry directed to us.

c) Order Process

"In addition to providing information about our company and our products, our homepage also offers the opportunity to purchase our products through our webshop."

You can select products and add them to your shopping cart during the ordering process. The details of the ordering process can be found in the terms and conditions. To complete the order, you must enter a billing and delivery address. This requires providing an email address or mobile phone number, country/region, first name, last name, street and house number, postal code, and city. Information about the company, additional address details, and a phone number are optional.

The legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract to which you are a party, and for the execution of pre-contractual measures that are carried out at your request. The delivery of the goods to you is only possible if we receive the contact details. The contact details are necessary in order to consult with you and to confirm your order. Likewise, the storage of data is in our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in the execution of the order you have placed.

"Various options are available for processing the payment of your orders. We collaborate with different providers, from which you can choose one to make your payment. You have the choice between the following payment methods:"

• Credit card
• Paypal
• Invoice with Klarna
• Pay immediately with Klarna
• Instant bank transfer
• Express Checkout with Shop Pay
• Express Checkout with Paypal
• Express Checkout with Google Pay

An "Express Checkout" is only possible if you have already created an account with one of the providers there. In this case, you log in through this account, and the provider transmits your address data to us, so you do not have to enter this data yourself. The payment is then made through the selected service provider.

The legal basis for the provision and use of payment data is Art. 6 para. 1 lit. b GDPR, as this is necessary for the execution and fulfillment of the contract to which you are a party, and for the execution of pre-contractual measures that are carried out at your request. Likewise, the data storage is in our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in the execution of the order you have placed.

"We work with several payment providers to make the payment process as easy as possible for you. You only need to select a payment method. In particular, if you are already registered with one of the providers, additional data collection can be avoided. The involvement of multiple providers is based on Art. 6 para. 1 lit. f GDPR, which serves the legitimate interest of providing a wide range of different payment methods as well as the legitimate interest in protection against payment defaults. You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on Art. 6 para. 1 lit. f GDPR by notifying us."

"We would like to point out that the data processing by the aforementioned payment service providers, as well as any potential transfer of data to service providers or subcontractors, is not our responsibility. As payment service providers for electronic payments, they are not to be considered our processors, but rather as independent controllers in the sense of the GDPR."

'(see, for example, the statement of the Bavarian State Office for Data Protection Supervision:' https://www.lda.bayern.de/media/FAQ_Abgrenzung_Auftragsverarbeitung.pdf)

Specifically, it concerns the following payment service providers:

• Shopify International Limited (when paying with credit card or Shop Pay)
  Victoria Buildings, 2nd Floor
  1-2 Haddington Road
  Dublin 4, D04 XN32, Ireland
  E-Mail: hilfe@shopify.de
  Privacy Policy: https://www.shopify.com/de/legal/datenschutz

• PayPal (Europe) S.à r.l. and Cie, S.C.A. (when paying with PayPal)
  22-24 Boulevard Royal
  L-2449 Luxembourg
  E-Mail: impressum@paypal.com
  Privacy Policy: https://www.paypal.com/webapps/mpp/ua/privacy-full

• Klarna Bank AB (publ) (when paying with Klarna)
  Sveavägen 46
  111 34 Stockholm, Sweden
  E-Mail: inkorg@klarna.se
  Privacy Policy: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy

• Sofort GmbH (when paying with Sofortüberweisung)
  Theresienhöhe 12
  80339 Munich, Germany
  E-Mail: info@sofort.com
  Privacy Policy: https://www.sofort.com/de/datenschutzhinweise/

• Amazon Payments Europe S.C.A
  38 J.F. Kennedy Avenue,
  L-1855 Luxembourg, Luxembourg
  E-Mail: impressum@amazon.de
  Privacy Policy: https://pay.amazon.de/help/201212490
  

• Google Ireland Limited (when paying with Google Pay)
  Gordon House, Barrow Street
  Dublin 4, Ireland
  E-Mail: support-deutschland@google.com
  Privacy Policy: https://policies.google.com/privacy (Google general) https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de (Google Pay)
  

 d) User account

To facilitate and expedite the ordering process, you have the option to create a user account on our homepage. Registration requires the entry of a valid email address as well as your first and last name. Additionally, you will choose a self-selected – sufficiently secure – password. We store this data based on your explicit consent to ensure you can log in to your account, to conduct orders through our shop more efficiently, and to view your order history. The legal basis for processing is therefore Article 6(1)(a) GDPR. Furthermore, the data is also necessary for the performance of the contract, Article 6(1)(b) GDPR. You can, of course, delete your account at any time.

After logging into your user profile, you can create multiple shipping addresses, change them, and set a default address. The additional data provided there (company, address 1, address 2, city, country, postal code, phone number) will be stored to send you the products acquired through an ordering process and to contact you in case of inquiries. This data will not be shared with third parties. We store this data based on your consent; the legal basis is therefore Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time. Another legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract to which you are a party and for the implementation of pre-contractual measures that are carried out at your request.

e) Become a partner

In order to become a distribution partner for our products, we have set up the form "Become a Partner," through which you can contact us. The data you submit through this form (first name, last name, company, VAT ID, website, email address, phone number, "About Your Company," street, house number, postal code, city, state, country) will be stored to respond to your inquiry and provide you with our partner conditions. Providing this data is necessary to assess your suitability as a partner. This data will not be shared with third parties. We store this data based on your consent, thus the legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time. Another legal basis is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance and fulfillment of the contract of which you are a party, and for the execution of pre-contractual measures that occur at your request. Contacting you is only possible if you provide us with your contact details for this purpose in advance. Likewise, the storage of data is in our legitimate interest (Art. 6 para. 1 lit. f GDPR). The legitimate interest lies in processing and responding to your inquiry directed to us.

f) Newsletter

You have the option to voluntarily subscribe to our newsletter. To do this, you can confirm your participation through a double opt-in procedure. First, you need to enter your email address in the input field and confirm via checkbox that you want to subscribe to the newsletter. Then, an email will be sent to you, in which you can explicitly confirm your participation again by clicking on the activation link.

In this case, the data you entered in the input mask (name, email address) will be transmitted to us and stored and used for the purpose of sending the newsletter. Furthermore, we will store the time and proof of your confirmation that you agree to receive the newsletter. We will therefore use the data you have transmitted to us exclusively for the dispatch of the newsletter, which may contain information or offers.

The data will be deleted as soon as they are no longer necessary for the purpose of their collection. Your data will therefore be stored as long as the newsletter subscription is active. You have the option to terminate your participation in the newsletter at any time. You can do this informally via email at any time, and in every newsletter, you will also find a corresponding link to end your participation.

"We use the service 'Klaviyo' for sending the newsletter. The operator of this service is Klaviyo, Inc., 125 Summer Street, Floor 6, Boston, MA, 02110, United States, Tel.: +1 (800) 3381744). Klaviyo is a service that can be used to organize and analyze the sending of newsletters, among other things. If you enter data for the purpose of receiving the newsletter (e.g., email address), this data will be stored on Klaviyo's servers in the USA."

With the help of Klaviyo, we can analyze our newsletter campaigns. When you open an email sent via Klaviyo, a file contained in the email (so-called web beacon) connects to Klaviyo's servers. This allows us to determine whether a newsletter message has been opened and which links may have been clicked. Additionally, technical information is collected (e.g., time of retrieval, IP address, browser type, and operating system). This information cannot be attributed to the respective newsletter recipient. It is used solely for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of the recipients. If you do not want analysis by Klaviyo, you must unsubscribe from the newsletter. We provide a corresponding link in each newsletter message for this purpose.

"To protect your data, we have entered into a Data Processing Agreement ("DPA") with Klaviyo, in which we require Klaviyo to protect our customers' data and not to disclose it to third parties. You can find the content of this DPA (in English) here:" https://www.klaviyo.com/legal/data-processing-agreement

For more information on Klaviyo's privacy policy, please visit (also in English) at: https://www.klaviyo.com/legal/privacy/privacy-notice as well as: https://www.klaviyo.com/legal/privacy

The legal basis for this processing is your consent given in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. Since the sending of the newsletter also involves the transfer of your data to the USA, the legal basis for your consent is also Art. 49 para. 1 lit. a GDPR. You can revoke this consent at any time. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.

g) Customer Reviews

You have the option to voluntarily submit a customer review on our homepage. You can rate our products with a score of 1 to 5 stars and provide your own written review. For this, you enter a title as well as the review text. Optionally, you can also upload an image or video. Furthermore, you enter a name that will be publicly displayed together with your review. You can also simply provide a first name or your initials; entering your full name is not required. Additionally, you must provide an email address, which will not be published together with your review. This will only be stored internally by us to contact you regarding your review and to verify the authenticity of your review.

If you choose to write a customer review, you grant us a time and location unlimited and exclusive license to further use the customer review for any purposes online as well as offline. Only the review text, the headline, the number of rating stars, and the display name you have chosen are included in this publication. We strive to always name you as the author with the display name (unless you have indicated that you want to remain anonymous), but we reserve the right to shorten, anonymize, or omit this information. We reserve the right not to display a review or to display it only for a limited time on the website, as well as to shorten it.

"We use the service 'Judge.me', which is operated by Judge.me Ltd, C/O Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB. You can find the privacy policy of Judge.me (in English) here:" https://www.judge.me/privacy

The seat of Judge.me is located in England. Although this is a third country in terms of the GDPR, the European Commission has issued an adequacy decision pursuant to Art. 46 para. 5 sentence 2 GDPR (cf. https://commission.europa.eu/system/files/2021-06/decision_on_the_adequate_protection_of_personal_data_by_the_united_kingdom_-_general_data_protection_regulation_en.pdf)

The data processing mentioned above is carried out on the basis of your consent, thus the legal basis is Article 6(1) sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.

 

3. Shopify

Our website operates in the back-end with the shop hosting system "Shopify". In Europe, Shopify is operated by "Shopify International Limited", Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland, Email: hilfe@shopify.de. The parent company is "Shopify Inc.", 151 O’Connor Street, Ground floor, Ottawa, ON, K2P 2L8, Canada.

"In order to enable functionality and user-friendliness, personal data is processed by the operators of Shopify as the controllers."

Like most website operators, Shopify collects non-personal information in the manner that web browsers and servers typically provide, such as browser type, language settings, the referring website, and the date and time of each visitor request. The purpose of collecting non-personal information by Shopify is to better understand how visitors to Shopify use their website. From time to time, Shopify may publish non-personal information in aggregate form, for example, by publishing a report on trends in the usage of its website.

"Shopify also collects potentially personally identifiable information such as Internet Protocol addresses (IP addresses). However, Shopify does not use this information to identify its visitors and does not share this information except under the same circumstances under which personal information is used and shared, as described below."

In any case, Shopify collects such information only to the extent necessary or appropriate to fulfill the purpose of the visitor's interaction with Shopify. Shopify does not disclose any other personally identifiable information except as described below. Visitors may also refuse to provide personally identifiable information at any time, provided that this may prevent certain activities on a website.

According to Shopify, all information collected on Shopify is processed in accordance with GDPR legislation. The parent company "Shopify Inc." is based in Canada. Although this is a third country in terms of the GDPR, the European Commission has issued an adequacy decision pursuant to Art. 46 para. 5 sentence 2 GDPR (cf. https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32002D0002)

"We have concluded a usage agreement with Shopify, which also includes a 'Supplement to the Data Processing of Shopify.' Its content can be found at" https://www.shopify.com/de/legal/dpa?shpxid=8e413cc6-95D2-4ED6-CE20-CDDA0234F0F5

For more information on terms of use and privacy at Shopify, please visit https://www.shopify.com/de/legal/datenschutz

"Shopify allows us to operate the homepage securely, quickly, efficiently, and attractively. The legal basis for our use of Shopify is Art. 6 para. 1 sentence 1 lit. f GDPR, as this is necessary to safeguard our legitimate interests. Furthermore, the use is necessary for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR)."

 

4. Pandectes GDPR Compliance Cookie

To obtain your consent for the storage of certain cookies in your browser and to document this in accordance with applicable data protection regulations, our website uses a plug-in with cookie consent technology. This is the Shopify plug-in "Pandectes GDPR Compliance" from the provider "Pandectes, Harju maakond, Kuusalu vald, Pudisoo küla, Männimäe/1, 74626, Estonia, info@pandectes.io". Details on the data processing of "Pandectes GDPR Compliance" can be found here: https://pandectes.io/privacy-policy/.

When using our homepage, a consent cookie ("_pandectes_gdpr") is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not shared with the provider of "Pandectes GDPR Compliance". The collected data will be stored until you request us to delete it, delete the consent cookie yourself, or the purpose for data storage ceases to exist. The use of the consent cookie is to obtain the legally required consents for the use of cookies. The legal basis is therefore Art. 6 para. 1 sentence 1 lit. c GDPR.

5. Other Shopify Apps

In the shop hosting system "Shopify", additional external apps can be integrated. We currently have the following apps installed in Shopify that may come into contact with your personal data:

a) Accounting export Pro > DATEV

We use the app "Buchhaltungsexport Pro > DATEV" to export accounting data from our Shopify online store to our accounting software DATEV. The operator of this app is pathway solutions gmbh (c/o ba tax gmbh, Alstertwiete 3, 20099 Hamburg, info@pathway-solutions.de). The server location of pathway solutions GmbH is Germany. The data is transmitted encrypted from Shopify to DATEV. You can find the privacy policy of pathway solutions GmbH at: https://www.pathway-solutions.de/pages/datenschutzerklaerung

The data is transmitted through this interface to our accounting software DATEV. The operator is DATEV eG (Paumgartnerstr. 6 – 14, 90429 Nuremberg, info@datev.de). The server location is Germany. We have entered into a processing agreement with DATEV. Comprehensive information on data protection and corporate security, such as technical and organizational measures, can be found at: https://www.datev.de/web/de/m/ueber-datev/datenschutz/

The use of the app and the associated accounting program enables us to carry out our accounting securely, efficiently, time-saving, and in accordance with legal requirements. The legal basis for the use is Art. 6 para. 1 sentence 1 lit. f GDPR, as this is necessary to safeguard our legitimate interests. Furthermore, the use is necessary for the purpose of contract fulfillment (specifically invoicing) towards our potential and existing customers (Art. 6 para. 1 lit. b GDPR).

b) Easybill

"We use the app 'easybill' to automate order imports as well as to simplify internal processes with automatic invoicing and shipping. The operator of this app is easybill GmbH (Düsselstr. 21, 41564 Kaarst, support@easybill.de). The server location is Germany. You can find the privacy policy of easybill GmbH at:" https://www.easybill.de/datenschutz

The use of the app allows us to conduct our online shop (especially order imports and invoice creation) securely, efficiently, time-saving, and in accordance with legal requirements. The legal basis for the use is Art. 6 para. 1 sentence 1 lit. f GDPR, as this is necessary to safeguard our legitimate interests. Furthermore, the use is necessary for the purpose of contract fulfillment (specifically invoicing) towards our potential and existing customers (Art. 6 para. 1 lit. b GDPR).

c) Stockist Store Locator / Google Maps

We use the app "Stockist Store Locator" to add a searchable map to our website. This shows users of the homepage where they can buy our products from nearby local retailers. The operator of this app is Stockist (Düsselstr. 21, 41564 Kaarst, support@easybill.de). The server location is in the USA. We would like to point out that an adequate level of data protection cannot be guaranteed in the USA. For more information on Stockist's privacy policy, please visit (in English): https://stockist.co/privacy

The legal basis for this processing is your consent given in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. Since the use of the Tore Finder also involves the transfer of your location data to the USA, the legal basis for your consent is also Art. 49 para. 1 lit. a GDPR. You can revoke this consent at any time. The lawfulness of the data processing operations that have already taken place remains unaffected by the revocation.

"Through the Store Finder, your location data is also forwarded to Google, as this app matches the data with Google Maps. The operator of Google Maps within the EU is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland."

Google Ireland Ltd is based in Ireland. However, it cannot be ruled out that there may be a data transfer to the USA, particularly to servers of the affiliated company Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, USA. Please note the above information regarding data transfer outside the EU. Although Google claims to have implemented the standard data protection clauses approved by the European Commission (Implementing Decision (EU) 2021/914 of the EU Commission dated 04.06.2021 – Ref. C(2021) 3972, OJ EU No. L 199/31 dated 07.06.2021) in accordance with Art. 46 (2) (c) GDPR, it should be noted that, in the opinion of the CJEU, an adequate level of data protection in the USA is not guaranteed.

You can find Google's privacy notices at https://www.google.de/intl/de/policies/ and: https://policies.google.com/privacy.

The legal basis for the use of Google Maps is solely your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with Art. 49 para. 1 lit. a GDPR, which you have given via the cookie consent banner. You provide this consent completely voluntarily and can easily revoke it for the future. You can make this change in the Cookie Settings.

 

6. Data transfer outside the EU

"Some of the web tools we use are provided by companies based in the USA and therefore not within the EU. By using these tools, your data may be transferred to these companies based on your consent. You can find the details regarding the respective data transfer in the descriptions of the respective web tool/cookie."

We would like to point out that the CJEU currently classifies the level of data protection in the USA as inadequate. Since there is no adequacy decision from the EU Commission, the risk of disproportionate access by US authorities or the failure to delete your data cannot be excluded. Effective enforcement of your rights is not possible in the USA.

For this reason, the transfer of your data to the USA only takes place with your explicit consent in accordance with Art. 49 para. 1 lit. a GDPR, which you have given as part of your consent on the cookie consent banner. You can adjust your cookie settings at any time and revoke your consent for the future.

7. Use of Google Analytics

This website uses Google Analytics, a web analytics service from Google. Google Analytics also uses cookies, which are text files stored on your computer that enable an analysis of your use of the website. Google Analytics is operated by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

We have entered into a data processing agreement with Google. As a data processor according to Art. 28 GDPR, Google is the recipient of the personal data. Based on this, Google collects certain user and usage information, compiles this into pseudonymized usage profiles, and stores it in cookies (see above). This includes information about the browser type/version used, the operating system used, screen resolution, referrer URL, anonymized IP address of the accessing computer, time of the server request, downloaded files, viewed videos, clicked advertising banners, placed orders, click paths, frequency of page views, entry and exit pages, duration of stay on individual pages, etc.

The purpose of this processing is the statistical evaluation of our homepage with the aim of optimizing the content and design of our homepage in the future and tailoring it to needs. In this context, we collect information for the statistical evaluation of the use of our homepage to create reports on activities and user behavior on our homepage and to provide additional analysis services related to our homepage. Your IP address transmitted to Google Analytics by the browser will not be merged with other data from Google.

Google Ireland Ltd is based in Ireland. However, it cannot be ruled out that there may be a data transfer to the USA, particularly to servers of the affiliated company Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, USA. Please note the above information regarding data transfer outside the EU. Although Google claims to have implemented the standard data protection clauses approved by the European Commission (Implementing Decision (EU) 2021/914 of the EU Commission dated 04.06.2021 – Ref. C(2021) 3972, OJ EU No. L 199/31 dated 07.06.2021) in accordance with Art. 46 (2) (c) GDPR, it should be noted that, in the opinion of the CJEU, an adequate level of data protection in the USA is not guaranteed.

The legal basis for the use of Google Analytics is solely your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with Art. 49 para. 1 lit. a GDPR, which you have given via the cookie consent banner. You provide this consent completely voluntarily and can easily revoke it for the future. You can make this change in the Cookie Settings.

"You can prevent the storage of cookies by adjusting the settings of your browser software. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link:"http://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set that prevents the future collection of your data when visiting this website: Disable Google Analytics

For more information on terms of use and data protection, please visithttp://www.google.com/analytics/terms/de.html or underhttps://www.google.de/intl/de/policies/ and: https://policies.google.com/privacy

 

8. Use of Cookies

To make our online presence user-friendly and optimally tailored to your needs, we use cookies in some areas. "Cookies" are small text files that are stored locally on your computer's hard drive and kept for later retrieval to facilitate your use of our online offerings. Additionally, cookies enable the analysis of your usage of our websites. After you finish your visit and close the internet browser you are using, most cookies are automatically deleted (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser during your next visit (persistent cookies). You can determine the installation of cookies by changing the settings of your browser software. However, you may then not be able to use all functions of our website.

You can express your consent or rejection of cookies – including for web tracking – through your web browser settings. You can configure your web browser to notify you when cookies are being set or to generally reject cookies. However, you may then not be able to use all the features of our website. You can find information about this option for the most commonly used browsers through the following links:

• Edge: https://privacy.microsoft.com/en-US/windows-10-microsoft-edge-and-privacy
• Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
• Firefox: https://support.mozilla.org/en/kb/Block-third-party-cookies
• Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
• Safari: https://www.verbraucher-sicher-online.de/anleitung/cookiesverwalten-in-apple-safari
• Opera: https://help.opera.com/de/?s=cookies&product=latest

"About the cookie notice on our homepage, which appears as a pop-up on your first visit, you can initially select which cookies may be stored. There you can give your consent to the use of all cookies, limit the use to functional cookies, or make custom settings."

a) Functional Cookies

Functional cookies are those cookies that are necessary to ensure the technical functionality of our website. These functional cookies store some of your personal preferences when using our site, particularly the cookie settings you have entered. They are also necessary to monitor server load in order to ensure the availability of the website and to maintain the security of the webpage. These functional cookies cannot be disabled. The use of these cookies is also permitted without your consent. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, as their use is necessary to safeguard our stated legitimate interests.

b) Other Cookies (analytical Cookies)

"In addition to functional cookies, our website uses advertising cookies, marketing cookies, analytics cookies, and communication cookies. All of these other cookies can be disabled by you. The use of these cookies is based solely on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time."

"You have the option to object to the use of cookies for reach measurement. You can object to storage on your device via the following links:"

• Cookie deactivation by the Network Advertising Initiative (NAI): http://optout.networkadvertising.org/?c=1#!/
• Cookie deactivation by Digital Advertising Alliance (DAA) in English: http://optout.aboutads.info/?c=2#!/

Further information about the individual cookies used and your current cookie settings can be found at: https://happyfoie.com/pages/cookie-einstellungen

9. Google Fonts

We use Google Fonts on our homepage. This is a directory of over 800 fonts that Google provides to users free of charge. In Europe, the provision is made by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. However, we use these fonts exclusively locally. We have integrated Google Fonts locally, so the fonts are no longer loaded from Google servers with each visit to the homepage, and your IP address is therefore not transmitted. As a result, no personal data from you is processed through the use of Google Fonts. Therefore, the use does not require a data protection legal basis. The information in this statement is purely informational.

For more information about Google Fonts, please visit here: More information at: https://policies.google.com/privacy

 

10. Social networks

"In addition to this website, we also maintain presences on various social media. If you visit such a presence, personal data may be transmitted to the provider of the social network. In addition to the storage of the data you specifically enter in this social medium, further information may also be collected, processed, or used by the provider of the social network."

"In addition, the provider of the respective social network may collect, process, and use the most important data from the computer system from which you visit the network – such as your IP address, the type of processor, and the version of your browser along with plug-ins."

If you visit such a network and are logged in with your personal user account of the respective network, the operator of the network can associate the visit with your account. If you do not wish for such an association, you can avoid it by logging out of your account before visiting our presence.

a) Facebook

"We maintain a presence on the social network 'Facebook'. The operator of the social network Facebook for Europe is 'Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.'"

We would like to point out that the basis for processing Facebook's Insights data lies in Article 6 Paragraph 1 f) GDPR. Through the data processing by Facebook, we can retrieve statistical data of various categories. This includes, for example, the total number of page views, "likes", page activities, post interactions, video views, post reach, comments, shared content, responses, the proportion of men and women, origin related to country and city, language, views and clicks in the shop, clicks on route planners, as well as clicks on phone numbers. We use this data to make the posts on the page more attractive or to find the right time for publication so that you can make the best use of our offerings.

You can find Facebook's privacy policy at https://www.facebook.com/about/privacy/

As a data subject of the processing on Facebook, you have all the rights of data subjects that you also have through the processing on our site. We refer to the section "Your Rights as a Data Subject" in this statement. Information on page insights data can be found at https://www.facebook.com/legal/terms/information_about_page_insights_data

"Furthermore, we would like to point out that there is a joint responsibility ("Joint Controllership") according to Art. 26 GDPR between Facebook and us. You can find the corresponding agreement at:" https://www.facebook.com/legal/terms/page_controller_addendum

"We use Facebook plugins that establish a direct connection between your browser and Facebook's servers. You can recognize the respective plugins by the Facebook logos and "Like" symbols. You can find an overview here:" https://developers.facebook.com/docs/plugins/?locale=de_DE

If you do not want Facebook to associate your visit to our homepage with your Facebook user account, you must log out of your Facebook user account beforehand.

Our website continues to use the Facebook visitor action pixel for conversion tracking.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The collected data is anonymous to us as the operators of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, allowing a connection to the respective user profile, and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Use Policy. This enables Facebook to display advertisements on Facebook pages as well as outside of Facebook. This use of the data cannot be influenced by us as the page operators.

"You can also disable the remarketing feature 'Custom Audiences' in the ad settings section at:" https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

"To do this, you must be logged into Facebook. If you do not have a Facebook account, you can disable Facebook's usage-based advertising on the website of the European Interactive Digital Advertising Alliance:" http://www.youronlinechoices.com/de/praferenzmanagement/

b) Instagram

"We also maintain an Instagram presence. Instagram is also operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The above statements under 11. a. regarding Facebook apply here accordingly. You can find the Instagram privacy policy here: https://help.instagram.com/155833707900388"

c) Youtube

We maintain a presence on the video platform YouTube. Some videos embedded on our homepage are not streamed directly from our server but are played back via the video platform YouTube. The provider of these videos is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, Phone: +353 1 543 1000, Fax: +353 1 686 5660, Email: support-deutschland@google.com). By clicking on a video, a connection is established to Google’s servers, so Google becomes aware of which page you have accessed. It is also possible for Google to associate your user behavior with your personal profile if you are logged into your YouTube account or your Google account. You can avoid this by logging out beforehand. However, we have no influence over this. The use of YouTube videos is intended to present the content to you in a better, clearer, and more appealing way, and thus represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Please note the privacy notices from Google, which also apply to the YouTube platform. You can find them here: https://policies.google.com/privacy?hl=de&gl=de

You can find the YouTube privacy settings here: https://www.youtube.com/intl/ALL_de/howyoutubeworks/user-settings/privacy/

d) TikTok

We maintain a presence on the video platform TikTok. TikTok is offered to users with a permanent residence in the Federal Republic of Germany and Austria by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland). We would like to point out that TikTok stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence on the data collection and processing by TikTok, and it is not clear to us what data processing TikTok carries out and whether deletion periods and other user rights are observed.

You can find TikTok's privacy policy here: https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE

You can reach TikTok's Data Protection Officer via the online contact form provided by TikTok at: https://www.tiktok.com/legal/report/DPO 

e) Twitter

We maintain a presence on the microblogging service Twitter. Twitter is operated in Europe by Twitter International Unlimited Company (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland). We would like to point out that Twitter stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence over the data collection and processing by Twitter, and it is not clear to us what data processing Twitter carries out and whether deletion periods and other user rights are observed.

"Our homepage integrates features of the Twitter service. By using Twitter and the 'Re-Tweet' function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transmitted to Twitter. We would like to point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter."

You can find Twitter's privacy policy here: https://twitter.com/de/privacy

f) Pinterest

We maintain a presence on the social network Pinterest. Pinterest is operated in Europe by Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland). We would like to point out that Pinterest stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence over the data collection and processing by Pinterest, and it is not clear to us what data processing Pinterest carries out and whether deletion periods and other user rights are observed.

You can find Pinterest's privacy policy here: https://policy.pinterest.com/de/privacy-policy

g) LinkedIn

We maintain a presence on the social network LinkedIn. LinkedIn is operated in Europe by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland). We would like to point out that LinkedIn stores its users' data (personal information, IP address, etc.) and may also use it for business purposes. We have no influence over the data collection and processing by LinkedIn, and it is not clear to us what data processing LinkedIn carries out and whether deletion periods and other user rights are observed.

You can find the privacy policy (available in English only) of LinkedIn here: https://www.linkedin.com/legal/privacy-policy

 

11. Data security

"We and our service providers take technical and organizational security measures to protect your personal data managed by us against accidental or intentional manipulation, loss, destruction, or unauthorized access. Our data processing and security measures are continuously improved in accordance with technological developments. When your data is transmitted to us, encryption is performed using Secure Socket Layer (SSL). Our employees and our service providers are, of course, bound to confidentiality in writing in accordance with Art. 29 GDPR and § 53 BDSG-new."

 

12. Your Rights as a Data Subject

++++

As far as the processing of data is based on Art. 6 para. 1 lit. f GDPR ("legitimate interest"), you have the right to object to the processing of personal data concerning you at any time on grounds relating to your particular situation.

As far as the processing of data is based on Art. 6 para. 1 lit. a GDPR ("consent"), you have the right to withdraw your consent to the processing of personal data at any time without giving reasons. The withdrawal only takes effect for the future. The legality of any processing that has already taken place is not affected.

++++

As a data subject, you have the following rights regarding the processing of your data by us: You can request information from us at any time, free of charge and without providing reasons, in accordance with Art. 15 GDPR, about which data concerning you is processed by us, have confirmed whether personal data concerning you is being processed by us, request the correction of inaccurate data in accordance with Art. 16 GDPR, request the deletion of your data in accordance with Art. 17 GDPR, receive your personal data in accordance with Art. 20 GDPR or have it transmitted to another controller, where feasible, request the restriction of processing in accordance with Art. 18 GDPR, and object to the processing under the conditions of Art. 21 GDPR, provided that the respective conditions are met.

 

13. Purpose the data processing

The purpose of data processing is that it is necessary for the execution of pre-contractual measures (such as establishing contact with our contractual partners and customers), for the fulfillment of a contractual or legal obligation, or for the protection of legitimate interests on our part.

The legal bases for data processing are Art. 6 para. 1 sentence 1 lit. b GDPR (necessity for the performance of a contract or for the implementation of pre-contractual measures), Art. 6 para. 1 sentence 1 lit. c GDPR (compliance with a legal obligation), and Art. 6 para. 1 sentence 1 lit. f GDPR (protection of legitimate interests, for example, for technical reasons for the operation and protection of our online services). The storage duration of the data that is stored at all depends on whether storage for the aforementioned purposes is still necessary. Accordingly, your data will be deleted.

 

14Duration of data storage

"We will only store your above-mentioned personal data for as long as necessary to perform the respective service you have ordered/requested or to which you have given your consent, unless there are conflicting legal obligations. Therefore, during an existing business or contractual relationship or until your inquiry is answered, your data will be stored to enable the fulfillment of a contract or the execution of pre-contractual measures. The legal basis is therefore Article 6(1)(b) GDPR."

There are a variety of legally regulated retention obligations, such as in commercial and tax law (§ 257 Commercial Code (HGB) and § 147 Fiscal Code (AO)), but also under the Payment Services Supervision Act (ZAG) and the Money Laundering Act (GwG). A retention obligation of at least six years arises from tax and social security law. According to § 147 para. 1 no. 2, 3, and 5 AO, a six-year retention period applies to commercial and business documents, such as invoices, delivery notes, cost estimates, and hospitality receipts, as well as other tax-relevant documents, starting from the end of the calendar year in which they were created. Ten-year retention periods arise from tax and commercial law, particularly according to § 147 para. 1 no. 1, 4, and 4a AO. This includes books, annual financial statements, the opening balance sheet, and the documents necessary for their understanding, starting from the end of the calendar year in which the last entry was made or the booking document, such as payroll, bank statement, or operating cost statement, was created. The legal basis for storage during this period is Art. 6 para. 1 c) GDPR (fulfillment of a legal obligation). Furthermore, the statutory limitation periods must also be observed regarding the storage duration, e.g., according to the Civil Code (BGB). The general limitation period is 3 years but can be up to 30 years in certain cases. Additionally, data is stored when retention is necessary for the assertion, exercise, or defense of legal claims, as this constitutes a legitimate interest. The legal basis for this is Art. 6 para. 1 f) GDPR (protection of legitimate interests). Your data will only be stored as long as it is necessary for the respective purpose. After that, your data will be deleted.

 

15. Links to third-party websites

"We link to websites of other providers (third parties) that are not affiliated with us. We would like to point out that we have no influence over what data may be collected and processed by these providers when you click on these links. Since the collection and processing of data by third parties is beyond our control, we cannot accept any responsibility for this. For more information on the collection and processing of your data by these third parties, please refer to the privacy policy of the respective provider."

 

16. Changes to this Privacy Policy

"We will revise our policies for the protection of your personal data from time to time to adapt them to the state of the art or to changed legal frameworks. Therefore, we recommend that you regularly check this page for changes. By using the websites, you agree to the terms of this privacy policy."

If you have registered on our homepage, we will inform you by email and in your user profile at least 14 days before the planned change to this privacy policy takes effect. After a change takes effect, you will be asked to give your consent again the next time you log in.

 

17. Your right to complain

Your trust is important to us. Therefore, we would like to be available to answer any questions you may have regarding the processing of your personal data at any time. If you have questions that this privacy policy could not answer or if you would like more detailed information on a specific point, please feel free to contact us at the address provided in the imprint.

If you have any concerns or complaints regarding the legality of the processing of your personal data, you can also contact the data protection supervisory authority responsible for us.

The State Commissioner for Data Protection Lower Saxony
Barbara Thiel
Prinzenstraße 5
30159 Hannover
Phone: +49 (0511) 120 45 00
Fax: +49 (0511) 120 45 99
E-Mail: poststelle@lfd.niedersachsen.de

contact. You can also contact any other supervisory authority in accordance with Art. 77 GDPR. Furthermore, you have the option of legal recourse.