Application Areas
Your EMS-Training
Discover our products
Campaigns
About Us
Introduction EMS
EMS Studies
Become a Partner
    Hybrid Training Concept
      Customer Service
        Contact
          FAQ
            Newsletter
              Career
                Outdoor sport with EMS
                Evolution Experience
                2. Privacy Policy

                Privacy Policy

                 

                1. Information about the collection of personal data and contact details of the controller

                1.1 In the following, we provide information about the processing of personal data during use of our website. Personal data is all data that can be personally related to you, e.g. name, address, email addresses, user behaviour. This is intended to inform you about our processing operations and at the same time comply with legal obligations, in particular those arising from the EU General Data Protection Regulation (GDPR).

                1.2 The controller in accordance with Article 4 (7) GDPR for data processing on this website is Beurer Europe GmbH, Söflinger Straße 218, 89077 Ulm, Germany, Tel.: +49 (731) 3989-0, Fax: +49 (731) 3989–139, Email: imprint@beurer.de.

                1.3 The controller has appointed a data protection officer. This party can be reached as follows: Datenschutzbeauftragte/r [Data Protection Officer] Beurer GmbH Söflinger Straße 218 89077 Ulm, Germany Tel.: 0731/3989-0 Email: datenschutz@beurer.de
                This website uses SSL and respectively TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or requests to the controller). You can recognise an encrypted connection by the “https://” string and the lock icon in your browser bar.

                1.4 When you contact us by email or via a contact form, the data you provide (your email address, and if applicable your name and telephone number) will be stored by us in order to respond to your query. If the request is assigned to a contract, we erase the data arising in this context after the periods of the contract term, otherwise after storage is no longer necessary, or restrict processing if there are legal retention obligations.

                1.5 If we wish to use commissioned service providers for individual functions of our offer or use your data for advertising purposes, we will always carefully select and monitor these service providers, and inform you in detail about the respective processes below.

                 

                2. Your rights

                2.1 In relation to a controller, you have the following rights with regard to the personal data concerning you:

                  - Right to information/access,
                  - Right to rectification or erasure,
                  - Right to restriction of processing,
                  - Right to object to processing,
                  - Right to data portability.

                2.2 You also have the right to lodge a complaint with a supervisory data protection authority about our processing of your personal data.

                 

                3. Data collection when visiting our website

                In the case of informational use of the website, i.e. merely viewing without registration and without you providing us with any other information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security, and as such must be processed by us. The legal basis is point f) of the first sentence of Article 6 (1) GDPR:

                  - Date and time of access
                  - Quantity of transferred data in bytes
                  - Source/reference from which you came to the page
                  - Browser used
                  - Operating system used
                  - Domain and IP address used (if applicable: in anonymised form)
                  - Time zone difference from Greenwich Mean Time (GMT)
                  - Content of the request (page visited)
                  - Access status/HTTP status code
                  - Browser software language and version
                Processing takes place in accordance with point f) of Article 6 (1) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are specific indications of illegal use. The data is stored for 7 days.

                 

                4. Other features and offers on our website

                4.1 In addition to the purely informational use of our website, we offer various services that you can use if you are interested, and we use other commonplace functions for analysing or marketing our offers, which are presented in more detail below. For these purposes you generally need to provide additional personal data, or we process such additional data which we use to perform the respective services. The aforementioned data processing principles apply to all data processing purposes described here.

                4.2 In some cases, we use external service providers to process your data. These are carefully selected by us, are bound by our instructions and are regularly checked.

                4.3 Furthermore, we may share your personal data with third parties if we are offering promotional participations, competitions, contract conclusions or similar services together with partners. Depending on the service, your data may also be collected by the partners under their own responsibility. You can obtain more information by entering your details or referring to the description of the respective offers below.

                4.4 If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you of the implications of this in the description of the offer.

                 

                5. Objection to the processing of your data or revocation of consent

                5.1 If you have given your consent to the processing of your data, you can revoke it at any time. Such revocation affects the permissibility of the processing of your personal data after you have communicated it to us. The legality of the processing of your data up to the time of your revocation remains unaffected.

                5.2 If we base the processing of your personal data on a weighing of interests, you can object to processing. This is the case if the processing is not necessary in particular for the fulfilment of a contract with you, which is shown by us in the following description of the functions. When asserting such an objection, we ask you to explain the reasons why we should not process your personal data in the way we do. If you lodge an objection, we will review the situation and will either cease or adjust the data processing, or demonstrate to you our compelling legitimate grounds for continuing the processing.

                5.3 Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. The best way to object to advertising is to use the contact details provided above.

                 

                6. Cookies

                6.1 In addition to the above-mentioned data, when you use our website we use technical aids for various functions, in particular cookies, which can be stored on your end device. When you visit our website and at any time afterwards, you can choose whether you generally permit the placement of cookies, or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. In the following, we first describe cookies from a technical perspective (6.2), before we go into more detail about your individual selection options by describing technically necessary cookies (6.3) and cookies that you can select or deselect as you choose (6.4).

                6.2 Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you use so that certain information can flow to the site that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer, but are primarily used to make a website faster and more user-friendly. This website uses the following types of cookies, the function and legal basis of which we explain below:

                  - Transient cookies: These cookies, in particular session cookies, are automatically deleted when you close your browser or log out. They contain what is referred to as a session ID. This enables different requests from your browser to be assigned to the shared session and means your computer can be recognised when you return to our website.
                  - Persistent cookies: These are automatically deleted after a specified period of time, which is set differently depending on the cookie. You can view the placed cookies and their duration in your browser settings at any time and delete the cookies manually.
                  - Other technologies: These functions are not based on cookies, but on similar technical mechanisms, such as flash cookies, HTML5 objects or an analysis of your browser settings. The result is that we may also use the technical elements described below. You can of course agree or object to these also.

                6.3 Mandatory technically necessary functions for displaying the website: The technical design of the website requires us to use technical elements, in particular cookies. Without these technical elements, our website cannot be displayed (completely correctly) or support functions cannot be provided. These are generally transient cookies that are deleted after the end of your website visit, and at the latest when you close your browser. You cannot opt out of these cookies if you wish to use our website. The individual cookies can be viewed in the Consent Manager. The legal basis for this processing is point f) of the first sentence of Article 6 (1) GDPR.

                6.4 Optional cookies when you give your consent: There are various cookies which we set only with your consent; you can select these the first time you visit our website by means of the cookie consent tool. The functions are only activated with your consent and can be used in particular to analyse and improve visits to our website, to make it easier for you to use our website via different browsers or devices, to recognise you during a visit or to show advertising (possibly also to tailor advertising to interests, to measure the effectiveness of advertisements or to show interest-based advertising). The legal basis for this processing is point a) of the first sentence of Article 6 (1) GDPR. You can revoke your consent at any time without this affecting the permissibility of the processing up to the point of revocation. The functions we use, which you can select individually and revoke again via the Consent Manager, are described below. Please note that if you do not accept cookies, the functionality of our website may be impaired.

                 

                7. Other services and functions used on this website

                7.1 Data processing when opening a customer account

                Pursuant to point b) of Article 6 (1) GDPR, personal data will be collected and processed to the extent necessary in each case if you provide us with it when opening a customer account. The data required to open an account can be found on the input screen of the corresponding form on our website. You can delete your customer account at any time by sending a message to the above address for the controller. After deletion of your customer account, your data will be erased provided that all contracts concluded using it have been fully processed, there are no conflicting legal retention periods, and we have no legitimate interest for continued storage.

                7.2 Shopify hosting

                We use the shop system from service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”), for the purpose of hosting and displaying the online shop on the basis of processing on our behalf.

                Shopify also processes your data in the USA, among other places. Please note that, in the opinion of the European Court of Justice, there is currently not an adequate level of protection for data transfer to the USA. This may result in various risks to the lawfulness and security of data processing.

                Shopify uses what are referred to as Standard Contractual Clauses (= Article 46 (2) and (3) GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Shopify undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the resolution and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

                More information on the Standard Contractual Clauses and on the data processed through the use of Shopify can be found in the Privacy Policy at https://www.shopify.com/legal/privacy or https://help.shopify.com/en/manual/your-account/privacy/GDPR/GDPR-faq#will-shopify-sign-standard-contractual-clauses

                7.3 Heroku

                We use Heroku for our website. This is a container-based cloud platform for developing and deploying web applications. The service provider is the American company salesforce.com Inc., One Market Street, Suite 300, San Francisco, CA 94105, USA.

                Salesforce also processes your data in the USA, among other places. Please note that, in the opinion of the European Court of Justice, there is currently not an adequate level of protection for data transfer to the USA. This may result in various risks to the lawfulness and security of data processing.

                Salesforce uses what are referred to as Standard Contractual Clauses (= Article 46 (2) and (3) GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Salesforce undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the resolution and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

                The Data Processing Addendum, which corresponds to the Standard Contractual Clauses, can be found at https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/data-processing-addendum.pdf.

                You can find out more about the data processed due to the use of Salesforce in the Privacy Policy at https://www.salesforce.com/uk/company/privacy/.

                7.4 Scaleway

                To maintain our online presence with regard to the subdomain data.beurer.com, we use an internet service provider on whose server the website is stored and which makes our website available online. The following data is collected in this process:

                  - Information about the browser type and version used
                  - The user’s operating system
                  - The user’s internet service provider
                  - The user’s IP address
                  - The date and time of access
                  - Websites from which the user’s system accesses our website
                  - Websites accessed by the user’s system through our website

                The data is stored in log files at our technical service provider, SCALEWAY SAS, 8 rue de la Ville l'Evêque, 75008 Paris, France. The legal basis for temporary storage of the data is point f) of Article 6 (1) GDPR. Temporary storage of the IP address by the system is necessary to facilitate delivery of the website to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session. Our legitimate interest in data processing for these purposes is also in accordance with point f) of Article 6 (1) GDPR.

                The above-mentioned data is stored in the log files in order to ensure the functionality of our website. In addition, this data serves us for website optimisation and to guarantee the security of our information technology systems (e.g. attack detection). Our legitimate interest in data processing for these purposes is also in accordance with point f) of Article 6 (1) GDPR.

                The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this occurs when the respective session ends. Log files are stored for seven days.

                The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no option for the user to lodge an objection.

                Legal basis: The internet service provider processes the aforementioned data on our behalf, Article 28 GDPR. Data processing takes place on the basis of our legitimate interest in the efficient and secure provision of our website, point f) of Article 6 (1) GDPR. If you use our website for information purposes only, our internet service provider only collects the personal data that the browser you use transmits to its servers. The data is stored as log files on our internet service provider’s servers. This is necessary in order to display the website on the end device you are using and to guarantee stability and security. Our legitimate interest in data processing lies in the above purposes. Legal basis: Data processing takes place on the basis of our legitimate interest in the efficient and secure provision of our website, point f) of Article 6 (1) GDPR. Duration: The above data for the provision of our website is stored for a period of time and then erased.

                7.5 Integration of the Trusted Shops Trustbadge

                The Trusted Shops Trustbadge is integrated on our website to display our Trusted Shops trustmark and any collected reviews as well as to offer the Trusted Shops products to buyers after they have placed an order.

                This serves to safeguard our overriding legitimate interests in the optimal marketing of our offering as part of a weighing of interests. The Trustbadge and the services advertised with it are offered by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne.

                When the Trustbadge is accessed, the web server automatically saves what is referred to as a server log file, which contains, for example, your IP address, the date and time of access, the transferred data volume and the requesting provider (access data) and documents the access. This access data will not be evaluated and will be automatically overwritten no later than seven days after the end of your page visit.

                Further personal data is only transferred to Trusted Shops if you decide to use Trusted Shops products after completing an order or have already registered for use. In this case, the contractual agreement between you and Trusted Shops applies.

                7.6 Audiocare

                deleted

                7.7 PayPal

                We use the online payment service PayPal on our website. The service provider is the American company PayPal Inc. The company PayPal Europe (S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”)) is responsible for the European area. In the case of payment via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “instalment payment” via PayPal, we pass on your payment data to PayPal as part of payment processing. Transfer takes place in accordance with point b) of Article 6 (1) GDPR and only to the extent necessary for payment processing.

                PayPal reserves the right to carry out a credit check for the following payment methods: credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “instalment payment” via PayPal. For this purpose, your payment data may be disclosed to credit agencies in accordance with point f) of Article 6 (1) GDPR on the basis of PayPal’s legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of payment default for the purpose of deciding on the provision of the respective payment method. The credit rating information may contain probability values (referred to as score values). Insofar as score values are included in the result of the credit rating, they are based on a scientifically recognised mathematical statistical method. The calculation of the score values includes, but is not limited to, address data. Further information on data protection law, including information on the credit agencies used, can be found in PayPal’s privacy policy: https://www.paypal.com/uk/legalhub/privacy-full

                You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data insofar as this is necessary for the contractual payment processing.

                PayPal also processes your data in the USA, among other places. Please note that, in the opinion of the European Court of Justice, there is currently not an adequate level of protection for data transfer to the USA. This may result in various risks to the lawfulness and security of data processing. PayPal uses what are referred to as Standard Contractual Clauses (= Article 46 (2) and (3) GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, PayPal undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the resolution and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

                More information on the Standard Contractual Clauses and on the data processed through the use of PayPal can be found in the Privacy Policy at https://www.paypal.com/uk/legalhub/privacy-full.

                7.8 Shopify Payments

                We use the payment service provider “Shopify Payments”, 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you opt for a payment method offered by the payment service provider Shopify Payments, payment is processed via the technical service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, with which we share the information you provided during the order process along with the information about your order (name, address, account number, sort code, if applicable credit card number, invoice amount, currency and transaction number) in accordance with point b) of Article 6 (1) GDPR. Your data will only be passed on for the purpose of processing payments with Stripe Payments Europe Ltd. and only to the extent necessary for this purpose. Further information on Shopify Payments’ data protection can be found on the following page: https://www.shopify.com/legal/privacy.
                Data protection information for Stripe Payments Europe Ltd. can be found here: https://stripe.com/gb/privacy

                7.9 Google Tag Manager

                We use the service called Google Tag Manager from Google. “Google” is a group of companies and consists of Google Ireland Ltd. (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliated companies of Google LLC.

                We have concluded a commissioned data processing agreement with Google. Google Tag Manager is an auxiliary service and itself processes personal data only for technically necessary purposes. Google Tag Manager takes care of loading other components, which in turn may collect data. Google Tag Manager does not access this data.

                Further information on Google Tag Manager can be found in Google’s privacy policy.

                Please note that due to U.S. laws such as the Cloud Act, U.S. authorities such as intelligence services may be able to gain access to personal data that is unavoidably exchanged with Google on the basis of the Internet Protocol (TCP) when this service is integrated.

                7.10 Google reCAPTCHA

                We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

                reCAPTCHA is used to check whether data entry on our websites (e.g. in a contact form) is performed by a person or by an automated program. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor accesses the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, length of website visitor stay on the website or the user’s mouse movements). The data collected during the analysis is forwarded to Google.

                The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

                Data processing takes place on the basis of your consent given with the aid of the consent tool in accordance with point a) of Article (6) (1) GDPR.

                Further information on Google reCAPTCHA and Google’s privacy policy can be found at the following links: https://policies.google.com/privacy https://www.google.com/recaptcha/intro/android.html.

                7.11 Use of Salesforce Service Cloud and Marketing Cloud

                Data that you provide to us via our website (e.g. in forms for purchase, newsletter registration, as part of a competition) is stored in the Salesforce Service Cloud and used to send order confirmations and shipping notes.

                We also use the Salesforce Marketing Cloud to send our newsletters, for automated mailings (e.g. welcome mailings) as well as for advertising campaigns on social networks and online advertising on other websites. For this purpose, the newsletter subscriber’s data is transferred to the Marketing Cloud. The Salesforce Marketing Cloud data is stored and processed on Salesforce servers in the USA. Please note that, in the opinion of the European Court of Justice, there is currently not an adequate level of protection for data transfer to the USA. This may result in various risks to the lawfulness and security of data processing. Salesforce uses what are referred to as Standard Contractual Clauses (= Article 46 (2) and (3) GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Salesforce undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the resolution and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

                With the help of what are referred to as web beacons and pixels as well as the tracking service iGoDigital, which is part of Salesforce, we receive information about users’ click behaviour via the Marketing Cloud. Interaction data is stored in the Marketing Cloud directly at the user so that we can send you targeted advertising via AdStudio, e.g. also via social networks. We can specify in more detail the groups of users to whom the advertisements are to be displayed (“custom audiences”). For this purpose, personal data is shared with Facebook (including Instagram), Google, Twitter, Pinterest and LinkedIn after successful pseudonymisation following the SHA 256 procedure.

                If you do not want this to happen, you have the option of deactivating personalised advertising in your account settings on social networks. In addition, you may use a different email address for the newsletters or registration with us from the one you use for your social media accounts.

                The data in the Salesforce Salescloud and in the Salesforce Marketing Cloud is used exclusively by us. Under no circumstances will your data be sold to third parties, individuals or institutions.

                Where relevant, the processing of your data in the Salesforce Service Cloud is based on our legitimate interest in using a CRM system in accordance with point f) of Article 6 (1) GDPR, and otherwise on your consent in accordance with point a) of the first sentence of Article 6 (1) GDPR. The processing of your data in the Salesforce Marketing Cloud is based on your consent in accordance with point a) of the first sentence of Article 6 (1) GDPR.

                Further information on Salesforce Service Cloud and Salesforce Marketing Cloud can be found in Salesforce’s privacy policy, which can be accessed at the following URL: https://www.salesforce.com/uk/company/privacy/

                7.12 Data processing for the purpose of shipping processing

                For contract fulfilment in accordance with point b) of the first sentence of Article 6 (1) GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.

                If you have given us your explicit consent for this during or after your order placement, on this basis in accordance with point a) of the first sentence of Article 6 (1) GDPR, we will share your telephone number and, if applicable, your email address with the selected shipping service provider so that they can contact you for the purpose of advising delivery or coordinating delivery before delivery. Consent can be revoked at any time by sending a message to the contact option described in this Privacy Policy or directly to the shipping service provider using the contact address listed below. After revocation, we will erase your data provided for this purpose, unless you have explicitly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this policy.

                We use the following as a shipping service provider:

                  Parcel One
                  Otto-Hahn-Straße 21
                  35510 Butzbach
                  Germany

                7.13 Cookiebot

                We use the consent management service Cookiebot, Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (Cybot). This enables us to obtain and manage website users’ consent to data processing. Processing is necessary for the fulfilment of a legal obligation (Article 7 (1) GDPR), to which we are subject (point c) of the first sentence of Article 6 (1) GDPR). For this purpose, the following data is processed with the help of cookies:

                Your IP address (the last three digits are set to ‘0’). Date and time of consent. Browser information URL from which consent was sent. An anonymous, random and encrypted key, your end-user consent status, as proof of consent

                The key and consent status are stored in the browser for 12 months using the “CookieConsent” cookie. This maintains your cookie preference for subsequent page requests. Your consent can be verified and traced using this key.

                If you activate the “Collective consent” service function to activate consent for multiple websites through a single end-user consent, the service also stores a separate, random, unique ID with your consent. If all of the following criteria are met, this key is stored in the “CookieConsentBulkTicket” third-party cookie in your browser in encrypted form: You activate the collective consent function in the service configuration. You allow third-party cookies using browser settings. You have disabled “Do not track” in your browser settings. You accept all or at least certain types of cookies when you give consent.

                The functionality of the website is not guaranteed without processing.

                Cybot is the recipient of your personal data and acts as a commissioned data processor for us.

                The processing takes place in the European Union. For more information on objection and removal options with respect to Cybot, visit: https://www.cookiebot.com/en/privacy-policy/

                Your personal data will be erased on an ongoing basis after 12 months or immediately after termination of the contract between us and Cybot.

                Please note our general information on deleting and deactivating cookies in this policy.

                7.14 MaxMind geolocation

                On our website, we use the GeoIP2 Country Database provided by the provider MaxMind Inc., 14 Spring Street, 3rd Floor, Waltham, MA 02451, USA. In the database, the IP addresses used are assigned approximate location/geolocation data based on the country of origin from which the IP address originates. These databases are used to estimate your location at country level based on the identified IP address. Based on this, your view of our website is automatically set to the relevant delivery country, currency and language. The database is installed locally on our premises. There is no connection to MaxMind servers in this process. No personal data is passed on to third parties.

                The evaluation of your IP address to estimate your country location is performed on the basis of point f) of Article 6 (1) GDPR. The website operator has a legitimate interest in the correct display of country-specific content on the website. For more information, please visit: https://support.maxmind.com/. You can access the data privacy policy at: https://www.maxmind.com/en/privacy-policy.

                7.15 Semknox

                Our website uses a service provided by SEMKNOX GmbH, Webergasse 1, 01067 Dresden, Germany as part of the internal product search. This will show you the products that match your search query via our website. For this purpose, your search query will be sent directly to SEMKNOX. This also includes the transmission of your IP address and, if applicable, an assigned random session ID. The IP address is used for IT and system security purposes and anonymised within 12 days by curtailing the last eight digits.

                To enable the search function, SEMKNOX uses “cookies”, i.e. text files that are stored on your computer and are active for 24 hours. The information generated by the cookie about your use of the search function as a user is transferred to a server hosted by SEMKNOX in Germany. On our behalf, SEMKNOX will use this information to respond to your search query and optimise the search function used. You can deactivate the use of cookies in your browser or object to the use of the tool using the consent tool we use by not issuing corresponding consent. In this case, however, it may not be possible to use the search function or it may only be possible to use it to a limited extent.

                The information generated by the cookie and transmitted to SEMKNOX is processed on the basis of point f) of Article 6 (1) GDPR for the purpose of needs-based design of our website and optimisation of our offering.

                7.16 Facebook

                Our online offering uses what is referred to as the “Facebook pixel” from social network Facebook, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”).

                If a user clicks on an advertisement placed by us that is displayed on Facebook, an addendum is added to the URL of our linked page by the Facebook pixel. If our page allows data to be shared with Facebook via pixel, this URL parameter is entered in the user’s browser by means of a cookie, which is placed by our linked page itself. This cookie is then read by the Facebook pixel and enables the data to be forwarded to Facebook.

                With the help of the Facebook pixel, Facebook is able to identify visitors to our online offering as a target group for the display of advertisements (“Facebook Ads”). Accordingly, we use the Facebook pixel to display the Facebook Ads placed by us only to those Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Facebook (“Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook Ads correspond to the potential interest of users and are not aggravating to users. This allows us to further evaluate the effectiveness of Facebook advertisements for statistical and market research purposes by understanding whether users were forwarded to our website after clicking on a Facebook advertisement (“Conversion”).

                The data collected is anonymous for us, so we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook in such a way that connection with the relevant user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data use policy (https://www.facebook.com/about/privacy/). The data can enable Facebook and its partners to place advertisements on and outside Facebook.

                The data processing associated with the use of the Facebook pixel takes place only if you have given your explicit consent in accordance with point a) of Article 6 (1) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

                7.17 Pinterest-Retargeting-Pixel

                A pixel (Pinterest tag) from Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (“Pinterest”) is integrated on this website. The pixel can be used to collect, store and evaluate information about the browsing behaviour of website visitors in pseudonymised form. The information can be attributed to the user’s person with the aid of further information that Pinterest has stored about the user, e.g. due to the ownership of an account on the social network “Pinterest”.

                Pinterest uses an algorithm to analyse browsing behaviour and can then display targeted product recommendations as personalised advertising banners on the user’s Pinterest account. Pinterest can also combine the information collected via the pixel with other information that Pinterest has collected via other websites and/or in connection with the use of the social network “Pinterest” and in this way create pseudonymised usage profiles. However, under no circumstances can the information collected be used to personally identify visitors to this website.

                All processing described above, in particular the placement of cookies for reading information on the end device used, will only be carried out if you have given us your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

                7.18 Pinterest-Tag Conversion-Tracking

                This website uses the conversion tracking technology “Pinterest Tag” from Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (“Pinterest”). If you have reached our website from a pin on Pinterest, we place a cookie on your computer that interacts with an also implemented “tag” in the form of a JavaScript code from Pinterest. Cookies are small text files that are stored on your end device. These cookies expire after 180 days and are not used for personal identification.

                If the user is forwarded from a pin on Pinterest to pages on this website and the cookie has not yet expired, the tag records certain user actions predefined by us and can track these (e.g. completed transactions, leads, search queries on the website, instances of product page access). When executing such an action, your browser sends an HTTP request from the cookie to the Pinterest server via the Pinterest tag; this request is used to transmit certain information about the action (including the type of action, time, and end device browser type).

                This transmission enables Pinterest to generate statistics about usage behaviour on our website after forwarding a Pinterest pin, which we use to optimise our offering.

                However, we do not receive any information that can be used to personally identify users.

                All processing described above, in particular the placement of cookies for reading information on the end device used, will only be carried out if you have given us your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

                7.19 Google Analytics 4

                This website uses Google Analytics 4, a service from the company Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables the use of websites to be analysed.

                When using Google Analytics 4, “cookies” are placed as standard. Cookies are text files that are stored on your end device and enable analysis of your use of a website. The information recorded by the cookie about your use of the website (including the IP address sent by your end device, with the last digits removed, see below) is generally transmitted to a Google server, where it is stored and processed.

                This may also result in the transfer of information to the servers of the company Google LLC based in the USA and there may be further processing of the information there.

                When using Google Analytics 4, the IP address transmitted by your end device when you use the website is always only collected and processed anonymously as standard and automatically in such a way that direct personal reference based on the collected information is ruled out. This automatic anonymisation takes place by removing the last digits of the IP address transmitted from your device by Google within member states of the European Union (EU) or other states party to the Agreement on the European Economic Area (EEA).

                On our behalf, Google will use this and other information to evaluate your use of the website, to compile reports about your website activities and usage behaviour, and to provide other services to us related to your website usage and internet usage. In this process, the IP address transmitted from your end device and shortened in the context of Google Analytics 4 will not be combined with other Google data. The data collected in the context of Google Analytics 4 is stored for 2 months and then erased.

                Google Analytics 4 also enables the creation of statistics with statements about the age, gender and interests of website users via a special function called “demographic characteristics” on the basis of an evaluation of interest-based advertising and using third-party information. This enables the determination and differentiation of website user groups for the purpose of target-group-optimised targeting of marketing measures.

                However, data collected via the “demographic characteristics” cannot be attributed to a specific person and nor, therefore, to you personally. This data collected via the function “demographic characteristics” is stored for two months and then erased.

                All processing described above, in particular the placement of Google Analytics cookies for the storage and reading of information on the end device you use to access the website, only takes place if you have given us your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. Without your consent, Google Analytics 4 will not be used during your use of the website. Once issued, you can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service via the “Cookie Consent Tool” provided on the website.

                In connection with this website, the Google Signals service is also used as an extension of Google Analytics 4. With Google Signals, we can have cross-device reports created by Google (referred to as “Cross-Device Tracking”). If you have activated “personalised ads” in your Google account settings and linked your internet-enabled end devices to your Google account, Google may, if you grant your consent to the use of Google Analytics 4 in accordance with point a) of Article 6 (1) GDPR, analyse usage behaviour across devices and create database models based on this. This takes into account the logins and device types of all website users who were logged into a Google account and performed a conversion. The data shows, among other aspects, any end device on which you clicked an advert for the first time and the end device on which the conversion in this regard took place. In doing so, we do not receive any personal data from Google, but only statistics created on the basis of Google Signals. You have the option of deactivating the “personalised ads” function in your Google account settings and in this way disabling cross-device analysis in connection with Google Signals. Follow the instructions on this page: https://support.google.com/My-Ad-Center-Help/answer/12155764

                Further information on Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985.

                We have concluded a commissioned processing agreement with Google for our use of Google Analytics 4, under which Google is obliged to protect our website users’ data and not to pass it on to third parties.

                To ensure compliance with the European level of data protection, including in the event of any transfer of data from the EU or the EEA to the USA and any further processing there, Google refers to the Standard Contractual Clauses from the European Commission, which we have contractually agreed with Google.

                Further legal information on Google Analytics 4, including a copy of the aforementioned Standard Contractual Clauses, can be found at https://policies.google.com/privacy and at https://policies.google.com/technologies/partner-sites.

                7.20 Google Custom Match

                In connection with the use of our newsletter, we use Google Customer Match on the basis of your consent (point a) of Article 6 (1) GDPR). In this process, we upload encrypted email addresses to a Google portal to provide our customers, who are also Google users, with personalised advertising. For this purpose, the addresses are encrypted locally on our systems, i.e. converted into a combination of different letters and numbers (“hashed”), and transmitted to Google. Google compares these hash values with all Google users and in this way can determine which of our customers also uses Google products. Subsequently, we can place advertisements in the Google search, in Gmail, on YouTube and in the “display network”. When placing the advertisements, Google takes into account further information linked to your Google account, which can also be obtained on third-party websites. Through the ads, we can also reach new people who are likely to be interested in our products as they are similar to our previous customers. You can prevent the collection of data generated by the cookies and related to your use of this website as well as the processing of this data by Google by accessing the setting of advertising by Google and setting the personalisation switches to “Off”.

                7.21 Criteo (Criteo SA)

                On this website, the technology from Criteo SA, 32 Rue Blanche, 75009 Paris, France (“Criteo”) uses cookie text files to collect, store and evaluate information about the browsing behaviour of website visitors in pseudonymised form. Criteo uses an algorithm to analyse browsing behaviour and can then display targeted product recommendations as personalised advertising banners on other websites (referred to as publishers). Under no circumstances can the collected data be used to personally identify the visitor to this website. They will not be used for any other purpose or passed on to third parties.

                All processing described above, in particular the placement of cookies for reading information on the end device used, will only be carried out if you have given us your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

                7.22 Google Ads Remarketing

                Our website uses the functions of Google Ads Remarketing, with which we advertise this website in Google search results, as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). For this purpose, Google places a cookie in the browser of your end device, which automatically enables interest-based advertising using a pseudonymous cookie ID and on the basis of the pages you visit. Any data processing beyond this will only take place if you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalise advertisements you view on the web. In this case, if you are logged into Google when you visit our website, Google uses your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, Google temporarily links your personal data with Google Analytics data in order to form target groups. As part of the use of Google Ads Remarketing, personal data may also be transmitted to the servers of Google LLC. in the United States.

                Details on the processing initiated by Google Ads Remarketing and how Google handles data from websites can be found here: https://policies.google.com/technologies/partner-sites.

                You can permanently object to the placement of cookies by Google Ads Remarketing by downloading and installing the Google browser plug-in available at the following link: https://support.google.com/ads/answer/7395996.

                Further information and the data protection provisions regarding advertising and Google can be viewed here: https://www.google.com/policies/technologies/ads/.

                All processing described above, in particular the placement of cookies for reading information on the end device used, will only be carried out if you have given us your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

                7.23 AB Tasty

                deleted

                7.24 AWIN Performance Advertising Netzwerk

                We participate in the Performance Advertising Network of AWIN AG, Eichhornstraße 3, 10785 Berlin, Germany (hereinafter referred to as “AWIN”). In the context of its tracking services, AWIN stores cookies on the end devices of users who visit or use its customers’ websites or other online offerings (e.g. registering for a newsletter or placing an online order) to document transactions (e.g. of “sales leads”). These cookies are used solely for the purpose of correctly assigning the success of an advertising medium and the corresponding billing within the framework of its network.

                A cookie only contains information about when a particular advertising medium was clicked from an end device. In AWIN tracking cookies, an individual number sequence is stored that cannot be assigned to the individual user, via which an advertiser’s partner program, the publisher, the time of the user’s action (click or view) is documented. AWIN also collects information about the end device from which a transaction is carried out, e.g. the operating system and the accessing browser.

                All processing described above, in particular reading of information on the end device used, will only be carried out if you have given your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

                For more information on AWIN’s use of data, please refer to the company’s privacy policy: https://ui2.awin.com/privacy.php.

                7.25 Makaira A/B-Testing

                This website conducts analyses of user behaviour by means of “A/B testing”. This enables us to show you our website with varied content, depending on the profile assignment that has been made. This makes it possible for us to analyse our offering, improve it on a regular basis and make it more interesting for you as a user. The legal basis for A/B testing is our legitimate interest in product improvement in accordance with point f) of Article 6 (1) GDPR.

                The service provider for the analysis is Makaira GmbH, Rudolf-Diesel-Str. 11, 69115 Heidelberg, Germany. Information on the third-party provider’s data protection can be found at https://www.makaira.io/de/datenschutz. The legal basis for processing is, where applicable, point f) of Article 6 (1) GDPR (legitimate interest), otherwise your consent pursuant to point a) of the first sentence of Article 6 (1) GDPR

                Cookies are stored on your computer for this evaluation. The data controller stores the information collected in this way exclusively on its server in the EU. You can prevent the evaluation by deleting existing cookies and blocking the storage of cookies. Please note that if you block the storage of cookies you may not be able to make full use of all the features of our website.

                Before the analyses are carried out, the IP addresses are further processed in abbreviated form and a direct personal association can therefore be ruled out. The IP address transmitted by your browser is not combined with other data collected by us.

                It is possible to block the storage of cookies by setting your web browser accordingly. It is possible to prevent the use of A/B testing by activating the opt-out plug-in. In addition, you can prevent the processing of your data by not giving us consent to process data by means of the Consent Tool we use.

                Another provider of analysis is Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland, in respect of the Google Optimise service. Information on the third-party provider’s data protection can be found at https://policies.google.com/privacy. The legal basis for utilising third parties is point f) of Article 6 (1) GDPR (legitimate interest).

                7.26 Makaira Analyse

                We use analysis tools from Makaira GmbH, Rudolf-Diesel-Straße 11, 69115 Heidelberg, Germany (hereinafter referred to as Makaira) on our website. A contract has been concluded with Makaira for commissioned processing. Makaira enables the website operator to analyse website by website visitors with Matomo open-source software. This looks at various usage data, such as page views, length of stay, device categories, operating system (e.g. PC with Windows operating system) and user origin (e.g. access to the page via paid advertisements or unpaid search results) or content of the current shopping cart. Makaira brings together this data in a profile that is assigned to the respective user or respectively their end device. Based on the data collected, Makaira makes a forecast of website visitors’ preferences. Depending on the determined preferences, the products are then presented to the customer in the shop in a certain order, or suitable product suggestions are made.

                Makaira is used on the basis of our legitimate interest in an optimal advertising presentation of its products (point f) of the first sentence of Article 6 (1) GDPR). Insofar as consent has been requested, data processing takes place exclusively on the basis of point a) of the first sentence of Article 6 (1) GDPR. Consent can be withdrawn at any time with effect for the future.

                The profiles created with the help of Makaira are only stored in anonymised form.

                7.27 Google (Universal) Analytics

                This website uses Google (Universal) Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google (Universal) Analytics uses “cookies”, which are text files that are stored on your end device and enable analysis of your use of the website. The information generated by the cookie about your use of this website (including the shortened IP address) is generally transmitted to a Google server and stored there; this information can also be transmitted to the Google LLC. servers in the United States.

                This website uses Google (Universal) Analytics exclusively with the extension “_anonymizeIp()”, which ensures anonymisation of the IP address by shortening it and rules out direct reference to individuals. As a result of the extension, your IP address will be shortened beforehand by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google LLC. server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services associated with website use and internet use. The IP address transmitted by your browser as part of Google (Universal) Analytics will not be combined with other Google data. Google Analytics also facilitates the creation of statistics with statements about the age, gender and interests of page visitors via a special function called “demographic characteristics” on the basis of an evaluation of interest-based advertising and using third-party information. This enables the definition and differentiation of user groups visiting the website for the purpose of target-group-optimised targeting of marketing measures. However, datasets collected using the “demographic characteristics” cannot be assigned to a specific person.

                Details on the processing initiated by Google Analytics and how Google handles data from websites can be found here: https://policies.google.com/technologies/partner-sites. All processing described above, in particular the placement of Google Analytics cookies for reading information on the end device used, will only be carried out if you have given us your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. Without this issuing of consent, Google Analytics will not be used during your visit to the site.

                You can revoke your consent at any time with effect for the future. To exercise your objection, please deactivate this service in the “cookie consent tool” provided on the website. We have concluded a commissioned processing agreement with Google for the use of Google Analytics, which obliges Google to protect our website visitors’ data and not to pass it on to third parties.

                For the transfer of data from the EU to the USA, Google refers to Standard Data Protection Clauses from the European Commission, which are intended to ensure compliance with the European level of data protection in the USA.

                Further information on Google (Universal) Analytics can be found here: https://policies.google.com/privacy.

                7.28 Use of YouTube videos

                This website uses the YouTube embedding function to display and play videos from the provider “YouTube”, which is part of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

                The extended data protection mode is used here, which according to the provider’s specifications only initiates the storage of user information when the video(s) is/are played back. If playback of embedded YouTube videos is started, the provider places “YouTube” cookies to collect information about user behaviour. According to “YouTube”, these are used, among other purposes, for collecting video statistics, improving user-friendliness and preventing misuse. If you are logged into Google, your data will be directly linked to your account when you click on a video. If you do not wish for this to be assigned to your YouTube profile, you must log out before activating the button. You have the right to object to the creation of these user profiles; you must contact YouTube to exercise this right. In the context of using YouTube, personal data may also be transmitted to the servers of Google LLC. in the United States.

                Irrespective of the playback of embedded videos, each time this website is accessed a connection to the Google network is established which can trigger further data processing processes without our influence.

                All processing described above, in particular the reading of information on the end device used via the tracking pixel, will only take place if you have given us your explicit consent to this in accordance with point a) of Article 6 (1) GDPR. Without this issuing of consent, YouTube videos will not be used during your visit to the site.

                You can revoke your consent at any time with effect for the future. To exercise your objection, please deactivate this service in the “cookie consent tool” provided on the website via alternative options notified to you on the website.

                Further information on data protection by “YouTube” can be found in the YouTube terms of use at https://www.youtube.com/static?template=terms and in Google’s privacy statement at https://policies.google.com/privacy.

                7.29 My-Fonts-Counter

                We use WebFonts from MyFonts Inc, 500 Unicorn Park Drive, Woburn, MA 01801, USA for the uniform presentation of fonts. If you consent to the use of cookies from WebFonts by means of the consent tool we use, the following data will be collected when you access the page:

                  - IP-Adresse,
                  - date and time of access,
                  - transferred data volume and requesting provider.
                The legal basis is point a) of Article 6 (1) GDPR. You can object to the use of cookies at any time by opting out. The purpose of the data processing is the counting of page views and the billing of MyFonts based on this. The data is stored until the purpose is achieved.

                7.30 Use of tracking technology from XAD spoteffects

                We collect data to measure the use of our digital offerings. Our website uses services from XAD spoteffects (XAD spoteffects GmbH, Saarstr. 7, 80797 Munich, Germany, https://xadspoteffects.com/), a third-party company, for the analysis of our users’ browsing behaviour on the basis of their consent (point a) of Article 6 (1) GDPR). For this purpose, XAD spoteffects uses cookies that track the user’s interaction with our website. XAD spoteffects collects information provided by the browser, such as IP addresses and proxy IP as well as language and time zone for user geolocation, user agent (e.g. computer, tablet, mobile device) or whether certain activities on the website are carried out by the user. The data is collected and evaluated exclusively on a pseudonymous basis, in such a way that it is fundamentally not possible to draw any conclusions about your identity. The cookies from XAD spoteffects are deleted after 12 months at the latest. You can object to the use of cookies or withdraw your consent at any time by means of the cookie banner. For more information about XAD spoteffects cookies and their use, please see the XAD spoteffects privacy policy https://xadspoteffects.com/en/privacy-policy

                7.31 Kameloon

                With your consent, our website uses services from Kameleoon GmbH, Beim Alten Ausbesserungswerk 4, 77654 Offenburg, Germany (as a German representative of SAS Kameleoon, 12 rue de la Chaussée d’Antin, 75009 Paris, France).

                We use the services for the purposes of optimising our website and personalising the content.

                Kameleoon facilitates analysis of user behaviour based on user segmentation. This enables us to evaluate how individual user segments use the website so that we can continuously improve it.

                For the analysis, Kameleoon uses cookies that are linked to your pseudonymised ID. In the context of this analysis, your IP address is completely anonymised and not stored. The user behaviour and the information generated by the cookie are transmitted to a Kameleoon server in Germany and stored there in aggregated and pseudonymised form. The IP address transmitted by your browser as part of Kameleoon is not combined with other data by Kameleoon. The anonymised data collected is evaluated over a maximum period of 365 days.

                The legal basis and possibility of revocation for this data processing is your consent, point a) of Article 6 (1) GDPR. You can revoke your consent at any time with effect for the future by accessing the cookie settings and changing your selection there.

                More information about how Kameleoon processes your data can be found at: https://www.kameleoon.com/en/privacy-policy.

                 

                8. Use of customer data for direct marketing

                8.1 Subscribing to our email newsletter

                If you subscribe to our email newsletter, we will use your email address to regularly send you our newsletter for marketing purposes and to track usage behaviour. The only mandatory information for sending the newsletter is your email address. The provision of further data is voluntary and is used to address you personally. We use the “double opt-in” procedure to send newsletters, which ensures that you will only receive newsletters if you have explicitly confirmed your consent to receiving them by clicking on a verification link sent to the specified email address

                By activating the confirmation link, you give us your consent to use your personal data in accordance with point a) of Article 6 (1) GDPR. In this process, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration to enable us to trace any possible misuse of your email address at a later date.

                If you use our newsletter, we perform personalised tracking of your usage behaviour on the basis of your consent in accordance with point a) of Article 6 (1) GDPR. As a result we can, for example, determine whether you have received and opened the newsletter and what content you have clicked in it. Based on your user behaviour, we send you advertising content tailored to you.

                The data we collect when you subscribe to the newsletter is used strictly for the relevant purpose. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the controller named at the start of this policy. Once you have unsubscribed, your email address will be immediately deleted from our newsletter distribution list, unless you have explicitly consented to further use of your data, or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this policy. For technical reasons, you may still receive a copy of the newsletter from us.

                8.2 Sending newsletters via Salesforce

                Our email newsletters are sent via Salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany (hereinafter referred to as “Salesforce”), to which we transfer the data provided when you subscribed to the newsletter. This transfer takes place in accordance with point f) of Article 6 (1) GDPR and serves our legitimate interest in using an effective, secure and user-friendly newsletter system. The data you enter for the purpose of receiving the newsletter (e.g. your email address) is stored on the Salesforce servers in the EU.

                Salesforce uses this information to send and statistically evaluate newsletters on our behalf. For the purpose of evaluation, the newsletters sent by email contain “web beacons” or “tracking pixels”, which represent single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links have been clicked, if applicable. “Conversion tracking” can also be used to analyse whether a predefined action (e.g. purchase of a product on our website) has taken place after clicking on such links. Technical information is also recorded (e.g. time of retrieval, IP address, browser type and operating system). The data is collected exclusively in pseudonymised form and is not linked to your other personal data; direct reference to individuals is ruled out. This data is used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the recipients’ interests.

                If you wish to object to data analysis for statistical analysis purposes, you must unsubscribe from the newsletter.

                We have entered into a commissioned processing agreement with Salesforce, which obliges Salesforce to protect our customers’ data and not to share it with third parties.

                You can read more about data analysis by Salesforce here: https://www.salesforce.com/uk/company/privacy/.

                8.3 Goods availability notification by email

                You can sign up to receive goods availability notification emails for temporarily unavailable items. We will send you a one-time email notification about the availability of the item you selected in each case. The only mandatory information for sending this notification is your email address. The provision of further data is voluntary and may be used by us to address you personally. We use the “double opt-in” procedure for sending emails, which ensures that you only receive a notification if you have explicitly confirmed your consent to this by clicking a verification link sent to the specified email address.

                By activating the confirmation link, you give us your consent to use your personal data in accordance with point a) of Article 6 (1) GDPR. In this process, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration to enable us to trace any possible misuse of your email address at a later date. The data collected by us when you register for our email notification service for goods availability is used strictly for the relevant purpose. You can unsubscribe from the availability notifications at any time by sending a corresponding message to the controller named at the start of this policy. Once you have logged out, your

                email address will be immediately deleted from our distribution list set up for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this policy.

                8.4 Data processing for order processing

                To the extent necessary for the performance of the contract for delivery and payment purposes, the personal data collected by us will be transferred to the commissioned transport company and the commissioned credit institution in accordance with point b) of Article 6 (1) GDPR.

                Insofar as we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data (name, address, email address) provided by you when placing the order to personally provide you with information within the scope of our legal information obligations in accordance with point c) of Article 6 (1) GDPR by suitable means of communication (e.g. by post or email) about upcoming updates within the legally prescribed period. Your contact data will be used strictly for the purpose of notifying you with updates owed by us and will only be processed by us for this purpose to the extent necessary for the respective information.

                To process your order, we also work with the service provider(s) below, who assist us in full or in part in the execution of concluded contracts. Certain personal data is transferred to these service providers in accordance with the following information.

                 

                9. Online applications via a form

                On our website, we offer job applicants the opportunity to apply online using a corresponding form. Inclusion in the application process requires that applicants provide us with all the personal data required for a well-founded and informed assessment and selection via the form.

                The required data includes general information about the person (name, address, phone number or electronic contact option) as well as performance-specific proofs of the qualifications required for a position. Health-related information may also be required, which must be taken into account in the interests of social protection in the applicant’s person under labour and social law.

                In the course of sending the form, the applicant data is transmitted to us in encrypted form in accordance with the state of the art, stored by us and evaluated exclusively for the purpose of processing the application. The legal basis for this processing is generally point b) of Article 6 (1) b GDPR (in the case of processing in Germany in conjunction with Section 26 (1) Federal Data Protection Act (Bundesdatenschutzverordnung, “BDSG”)), in the sense of which the completion of the application procedure is considered to be the initiation of an employment contract.

                Insofar as special categories of personal data within the meaning of Article 9 (1) GDPR (e.g. health data such as information about disability status) is requested from applicants, processing takes place in accordance with point b) of Article 9 (2) GDPR so that we can exercise the rights arising from labour law and social security and social protection law and fulfil our obligations in this regard.

                Cumulatively or alternatively, the processing of the special data categories may also be based on point h) of Article 9 (1) GDPR if it is carried out for health care or occupational medicine purposes, for the assessment of the applicant’s ability to work, for medical diagnostics, care or treatment in the health or social sector or for the administration of systems and services in the health or social sector.

                If the applicant is not selected in the course of the evaluation described above or if an applicant withdraws their application prematurely, their data transmitted using the form will be erased after a corresponding notification, at the latest after 6 months. This deadline is based on our legitimate interest in being able to answer any follow-up questions about the application and, where applicable, to comply with our obligations to provide proof under the regulations on equal treatment of applicants.

                In the event of a successful application, the data provided will be processed on the basis of point b) of Article 6 (1) GDPR (in the case of processing in Germany in conjunction with Section 26 (1) BDSG) for the purposes of executing the employment relationship.

                 

                10. Email applications for job adverts

                Our website has a separate section where we advertise current vacancies, for which interested parties can apply by sending an email to the contact address provided.

                Inclusion in the application process requires that applicants provide us, together with the email application, with all personal data required for a well-founded and informed assessment and selection.

                Here, the required data includes general information about the person (name, address, phone number or electronic contact option) as well as performance-specific proofs of the qualifications required for a position.

                Health-related information may also be required, which must be taken into account in the interests of social protection in the applicant’s person under labour and social law.

                The specific components an application must contain in each case for it to be considered, and the form in which these components must be sent by email can be found in the relevant job advert.

                Upon receipt of the application sent using the specified email contact address, the applicant data will be stored by us and evaluated exclusively for the purpose of processing the application. For queries arising in the course of processing, we at our discretion use either the email address provided by the applicant with their application or a specified telephone number.

                The legal basis for this processing, including contacting us for queries, is generally point b) of Article 6 (1) GDPR (in the case of processing in Germany in conjunction with Section 26 (1) BDSG), in the sense of which the completion of the application procedure is considered to be the initiation of an employment contract.

                Insofar as special categories of personal data within the meaning of Article 9 (1) GDPR (e.g. health data such as information about disability status) is requested from applicants, processing takes place in accordance with point b) of Article 9 (2) GDPR so that we can exercise the rights arising from labour law and social security and social protection law and fulfil our obligations in this regard.

                Cumulatively or alternatively, the processing of the special data categories may also be based on point h) of Article 9 (1) GDPR if it is carried out for health care or occupational medicine purposes, for the assessment of the applicant’s ability to work, for medical diagnostics, care or treatment in the health or social sector or for the administration of systems and services in the health or social sector.

                If the applicant is not selected in the course of the evaluation described above or if an applicant withdraws their application prematurely, their data transmitted by email as well as all electronic correspondence including the original application email will be erased after a corresponding notification, at the latest after 6 months. This deadline is based on our legitimate interest in being able to answer any follow-up questions about the application and, where applicable, to comply with our obligations to provide proof under the regulations on equal treatment of applicants.

                In the event of a successful application, the data provided will be processed on the basis of point b) of Article 6 (1) GDPR (in the case of processing in Germany in conjunction with Section 26 (1) BDSG) for the purposes of executing the employment relationship.

                 

                11. Duration of storage of personal data

                The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and – if relevant – also on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

                When processing personal data on the basis of explicit consent pursuant to point a) of Article 6 (1) GDPR, this data is stored until the data subject withdraws their consent.

                Where statutory retention periods exist for data that is stored within the framework of contractual or similar obligations on the basis of point b) of Article 6 (1) GDPR, this data is routinely erased after expiry of the retention periods, provided that it is no longer required for contract performance or contract initiation and/or there is no legitimate interest on our part in continued storage.

                In the case of processing of personal data on the basis of point f) of Article 6 (1) GDPR, this data will be stored until the data subject exercises their right to object in accordance with Article 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights and freedoms of the data subject, or the processing serves the assertion, exercise or defence of legal claims.

                In the case of processing of personal data for the purpose of direct marketing on the basis of point f) of Article 6 (1) GDPR, this data will be stored until the data subject has exercised their right to object in accordance with Article 21 (2) GDPR.

                Unless otherwise stated in the other information in this policy on specific processing situations, stored personal data will be erased if it is no longer necessary for the purposes for which it was collected or otherwise processed.

                 

                12. Disclosure of data

                Within Beurer GmbH, entities that require access to data in order to fulfil contractual and legal obligations receive access to the data. Beurer GmbH’s external service providers may also receive this data.
                These service providers may be:

                  - the service providers named in this Privacy Policy, insofar as they are involved in the use of the corresponding services or there is another legitimate basis (e.g. our legitimate interest in data processing, insofar as we can base the processing on this)
                  - affiliated companies, insofar as these are required for the fulfilment of the contract
                  - service providers for processing customer service enquiries
                  - IT service providers, hosting service providers, and service providers for operating the IT system
                  - service providers for sending newsletters following granting of consent

                 

                13. Letter dispatch

                Letter dispatch. The data (name, company, address) of existing customers is stored and can be used for letter mailings, such as invitation letters. The legal basis is point f) of Article 6 (1) GDPR; the data will be stored in compliance with further legal regulations (e.g. retention obligations) until the end of the contractual relationship or until revocation. You can object to this procedure at any time with effect for the future by emailing datenschutz@beurer.de.

                To top