Data and Privacy Protection Policy
The following data and privacy protection policy applies to our online offer under www.regiondo.com (“Online Offer”).
1. Who are we? (Data Controller)
The data controller is Regiondo GmbH, Mühldorfstr. 8, 81671 Munich, hereafter “we” or “us”.
2. Contact data of our Data Protection Officer
You may withdraw your consent at any time with effect for the future. You may declare the withdrawal in the “Privacy Settings” by clicking the fingerprint icon in the lower left corner.
4. What kind of personal data are we processing?
Personal data are all data referring to an identified or identifiable natural person (e.g. name, address, telephone number, date of birth or email address).
When we process personal data it means that we e.g. collect, store, use or erase these data or disclose them to third parties.
In principle you may use our online offer without disclosing any personal data. However, using certain services may require the disclosure of personal data, e.g. registration or participation in sweepstakes. The required information is normally indicated with *. If you prefer not to share the data necessary for this purpose with us, you may unfortunately not use the respective services.
What do we use your data for and on what legal basis?
We process your personal data for the purpose and on the legal basis mentioned below. In case the data are processed on the basis of a balancing of interests, we also explain to you the legitimate interest that we pursue when processing data:
|Nr.||Purpose of data processing||Legal basis for processing data and explanation of legitimate interest, if relevant|
|1.||For making this online offer and executing the contract according to our User Agreement / General Terms and Conditions||Contract execution|
|2.||For personalizing our offer||Contract execution or consent|
|3.||For analyzing our offer in order to determine user behavior, including market research and market penetration||Balancing of interests; we have a legitimate interest in analyzing user behavior toward our online offer so as to be able to continually improve our offer or adapt it to the interests of our users|
|4.||For collecting and analyzing data on user behavior for interest-based advertising (also by third parties)||Balancing of interests; we and other advertiser have a legitimate interest in showing interest-based advertising and offer our users ads tailored to their personal interests|
|5.||For showing our own and third-party ads within the legally permitted parameters or based on consent||Consent or balancing of interests; we have a legitimate interest in direct marketing in conformity with the legal privacy and competition regulations|
|6.||For sharing information about our own offers with existing customers without registration||Balancing of interests; we have a legitimate interest in direct marketing in conformity with the legal privacy and competition regulations|
|7.||For sending a newsletter with the consent of the recipient by email and/or SMS/MMS||Contract execution or consent|
|8.||For sending an email and/or SMS/MMS with the consent of the recipient as a reminder for the completion of the newsletter subscription||Contract execution or consent|
|9.||For embedding social plugins and social share functions||Balancing of interests; we have a legitimate interest in sharing the information of our users who have activated a social plugin upon their request with the respective social network|
|10.||For providing a login via social networks (social sign-in)||Contract execution|
|11.||For determining and if necessary blocking users who have installed a so-called adblocker and thereby block ads||Balancing of interests; we have a legitimate interest in providing our offers financed in whole or in part through advertising only to users who do not block ads|
|12.||For detecting disruptions and guaranteeing system security including for detecting and tracking any illegal access and access attempts to our web servers||Fulfillment of our legal obligations in the area of data security as well as balancing of interests; we have a legitimate interest in remedying disruptions, guaranteeing system security and detecting and tracking any illegal access attempts and/or actual access|
|13.||For protecting and defending our rights||Balancing of interests; we have a legitimate interest in asserting and defending our rights|
Upon request we provide you with information regarding the balancing of interests carried out by us. For this purpose simply use the information contained in the section contact.
Please note your right to object to the processing of your data for the purpose of direct marketing and for personal reasons (see section Rights of the data subject).
You can find the data protection regulations pursuant to Art. 13 GDPR for customers, suppliers and business partners here.
If you would like to take advantage of services requiring a contract, we will ask you to register. We collect your personal data necessary for the creation and execution of the contract in the context of the registration (e.g. first name, last name, date of birth, email address, if necessary information about the desired payment method or the account holder), and if necessary other data on a voluntary basis. Required information is indicated with *.
5. Who gets your personal data and why?
Disclosure of data to third parties
Data may be disclosed to third parties also if we are obligated to do so by legal regulations or by enforceable official or judicial orders; in connection with legal disputes (to courts or our lawyers) or tax audits (to the auditors); in connection with potentially criminal actions to the competent investigative authorities; in case of a sale of the business concern (to the buyer).
In addition we disclose personal data to providers of tools for the purpose of showing “interest-based ads” and in individual cases to providers of analysis tools. Additional information on such providers can be found on our Consent Management Platform (“CMP”) which is available by clicking the fingerprint icon in the lower left corner.
We reserve the right to contract other service providers for the collection and/or processing of data. We disclose to such service providers only the personal data needed by them for their actual activity, e.g. we might disclose your email address to a service provider for the delivery of our newsletter ordered by you. Service providers may also be contracted to provide server capacities. Service providers are usually involved as so-called data processors who may process the personal data of the users of this online offer only in compliance with our instructions. The service providers contracted by us (such as e.g. providers of transportation or logistics services, banks) receive the data necessary for the order and job execution in the context of the order execution.
6. When do we transfer data to countries that do not belong to the European Economic Area?
We transfer personal data also to third parties and/or data processors who reside in non-EEA countries. In this case we make sure before the transfer that the recipient either has an adequate data protection level (e.g. based on an adequacy decision issued by the EU Commission for the respective country pursuant to Art. 45 GDPR, by way of a self-certification of the recipient for the EU-US Privacy Shield in connection with the respective adequacy decision of the Commission pursuant to Art. 45 GDPR or an agreement with the recipient regarding the so-called EU standard contract clauses of the European Commission pursuant to Art. 46 GDPR) or if we have the explicit consent of our users.
7. For how long do we keep your data?
We keep your data as long as this is necessary for the provision of our online offer and the services associated with it or if we have a legitimate interest in keeping them longer. In all other cases we erase your personal data with the exception of the data that we are required to keep in order to comply with legal (e.g. under fiscal or commercial law) retention periods (e.g. invoices).
We retain data that are subject to a retention period until the expiration of such period.
8. Processing of data by financial institutions and payment services providers; accounts receivable management
Processing of data by financial institutions and payment services providers
Accounts receivable management
We reserve the right to have the collection of accounts receivable performed by service providers who collect these as so-called data processors.
Handling of customer inquiries
For handling customer inquiries we use the live chat tool LiveChat, which is offered by LiveChat Inc., One International Place, Suite 1400 Boston, MA 02110-2619 USA (“LiveChat”).
For handling your inquiries we collect the necessary data such as for example your IP address, domain, chat content as well as if necessary your contact data via our website in order to be able to address your concerns. The information garnered in this way may be transferred to a Zendesk server in the USA and stored there.
9. Log files
With each use of the Internet certain information is transferred automatically by your Internet browser and stored by us in so-called log files.
The log files are stored by us for 7 to 10 days in order to detect problems and for safety reasons (e.g. for resolving access attempts) and then erased. Log files needed to be stored longer for probative purposes are not erased until the resolution of the respective incident and may in certain cases be handed over to the investigative authorities.
The log files store in particular the following information:
– IP address (Internet protocol address) of the terminal from which the online offer is accessed;
– Internet address of the website from which the online offer was accessed (so-called origin or referrer URL);
– Name of the service provider through which the online offer is accessed;
– Name of the accessed data files and/or information;
– Date and time as well as duration of the access;
– Transferred data volume;
– Operating system and information on the Internet browser used, including installed add-ons (e.g. for the Flash Player);
– Http status code (e.g. “Inquiry successful” or “Requested data file not found”);
– Log files are used also for web analysis.
What are cookies?
Cookies are small text files that are sent out when a website is visited and are stored in the browser of the user. If the same website is accessed again, the browser of the user sends the contents of the cookies back and thereby facilitates the recognition of the user. Certain cookies are automatically erased after the expiration of the browser session (so-called session cookies), while others are stored for a set time or permanently in the browser of the user and are then erased automatically (so-called temporary or permanent cookies).
What kind of data are stored in the cookies?
In principle no data are stored in cookies that identify you as a person (thus e.g. no names, email addresses or IP addresses). Instead, cookies normally contain a code (the so-called identifier) as well as information about the storage period and if necessary also about certain technical features (e.g. security functions). Cookies can however also be used for preparing user profiles.
You may also erase cookies already stored in your browser at any time. However, please note that this online offer might not function at all without cookies or have only limited functionality.
What type of cookies do we use?
These cookies and other information are absolutely necessary for our services to function properly. They guarantee that our services work reliably and function as desired by you. They can therefore not be deactivated.
We want our services to be as good as can be. We therefore improve our services and your experience as a user constantly. In order to do this we wish to analyze and evaluate statistically how our services are used.
In order to make our services more personal, we show personalized recommendations and ads using these cookies and other information and facilitate interaction with social networks.
The cookies are placed by us and our advertising partners. This allows us and our partners to show to the users of our services personalized ads based on an analysis of their behavior as users on a website and across other devices. The data collected with the help of the cookies can be combined by us and our partners with data from other websites.
Some of our partners have their residence in countries outside of the European Economic Area (EEA).
If you do not consent to these cookies or deactivate them later, you will be shown only ads that might be less relevant to you.
11. Web analysis
We need statistical information about the use of our online offer in order to make it more user-friendly, perform penetration analyses and carry out market research.
This is the reason why we use analytical tools. The user profiles prepared by the tools using functional cookies and by analyzing the log files will not be combined with personal data. The tools do not use the IP addresses of the users either at all or shorten them immediately after collection.
The providers of the tools process data normally only as third-party data processors in accordance with our instructions and not for their own purposes.
You may stop the creation of user profiles for analytical purposes by not consenting to the use of functional cookies on our Consent Management Platform (“CMP”) or by withdrawing such consent. On the CMP you will also find additional information about the providers of the tools in use. You can reach the CMP by clicking the fingerprint icon in the lower left corner.
This website uses Google Tag Manager. Google Tag Manager is a solution allowing marketers to administer website tags via an interface. The tool Tag Manager itself (which implements the tags) is a cookie-less domain and does not collect personal data. The tool triggers other tags that for their part might collect data. The Google Tag Manager does not access these data. If a deactivation is performed at the domain or cookie level, it remains in place for all tracking tags implemented via Google Tag Manager.
Google Analytics is available from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use Google Analytics with the auxiliary function offered by Google for anonymizing IP addresses: In this process the IP address is shortened by Google normally already in the EU and only in exceptional cases in the USA, and in any event stored only in shortened form.
You may object to the collection and/or analysis of your data by this tool by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en .
Hotjar Form Analysis & Conversion Funnels
Hotjar Heat Map & Recordings, Form Analysis & Conversion Funnels
Hotjar Heat Map & Recordings and Hotjar Form Analysis & Conversion Funnels are made available by Hotjar Ltd., Level 2, St. Julians Business Centre 3, Erlia Zammit Street, St. Julian STJ 1000, Malta.
If you want to deactivate the data collection by Hotjar, click on the following link and read the respective instructions: https://www.hotjar.com/legal/compliance/opt-out
We use HubSpot for our online marketing activities. This is an integrated software solution which we use to manage the various aspects of our online marketing.
This includes for example:
Email marketing (Newsletter as well as automated mailings, e.g. for making downloads available), social media publishing & reporting, reporting (e.g. traffic sources, access etc.), contact management (e.g. user segmentation & CRM), landing pages and contact forms.
HubSpot is a software company based in the USA with a subsidiary in Ireland.
Contact: HubSpot, 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500
Since the personal data are transferred to the USA, additional protective mechanisms ensuring the data protection level of the GDPR are necessary. In order to guarantee this, we agreed with the provider on standard data protection clauses pursuant to Art. 46 Para. 2 lit. c GDPR. These obligate the recipient of the data in the USA to process the data according to the protection level in Europe. In cases in which this cannot be ensured even with this addendum to the contract, we make every effort to negotiate further-going regulations and commitments with the recipient in the USA.
More information from HubSpot about EU data protection regulations
For obtaining and managing the cookie consents we use the tool Usercentrics by Usercentrics GmbH, Rosental 4, 80331 Munich (“Usercentrics”). With this tool you may consent to all, individual or no data processing using cookies.
In the context of your website visit we transfer your consents or withdrawals, your IP address, information about your browser, your terminal as well as the time and date of your visit to Usercentrics. In addition Usercentrics uses the necessary cookie to store your consents and withdrawals.
This data processing is necessary to provide you with the legally required cookie management solution and to fulfill our documentation obligations. The legal basis for using Usercentrics is Art. 6 Para. 1 lit. f GDPR, based on our interest in satisfying the requirements for a cookie consent management.
This website uses the WordPress Tools Stats provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA (“Automattic”).
The data about the use of this website (including your IP address) generated by the cookies may be transferred to and stored on one of Automattic’s servers in the USA. We have confidence in the reliability and the IT and data security of Automattic.
Additional information about data protection at Automattic can be found under https://automattic.com/privacy/
You may object to the collection and use of your data in the future by setting an opt-out cookie in your browser with a click on this link: https://www.quantcast.com/opt-out/
12. Collection and analysis of user behavior for interest-based advertisement (also through third parties)
In this online offer we would like to present to our users ads or special offers tailored to their interests (“interest-based advertising”) and limit the frequency with which certain ads are shown.
The user profiles prepared by the tools using marketing cookies will not be combined with the personal data. The tools process the IP addresses of the users either not at all or shorten them immediately after collection.
For the above-mentioned purposes, the providers of the tools may disclose information also to third parties.
You can prevent the creation of user profiles for interest-based advertising by not consenting to the use of marketing cookies on our Consent Management Platform (“CMP”) or by withdrawing such consent. Please note that thereby you do not switch off advertising completely. If you do not consent to marketing cookies, it only means that no interest-based ads can be shown to you based on your user behavior. On the CMP you will also find additional information about the providers of the tools used. You may contact the CMP by clicking the fingerprint icon in the lower left corner.
Additional information about interest-based advertising is available on the consumer portal https://www.meine-cookies.org. Clicking on the link below to this portal you can also see the activation status for the tools of the various providers and object to the collection and/or analysis of your data using these tools: https://www.allaboutcookies.org/manage-cookies/
A central objection option for the various tools, in particular by US providers, can also be accessed under the following link https://optout.networkadvertising.org/#/
Amazon Simple Email Service (Amazon SES)
For mailing our Newsletter we use the Amazon Simple Email Service (Amazon SES) offered by Amazon Web Services Inc. (AWS). For the dispatch of the Newsletter the email addresses of the users are disclosed temporarily (during dispatch) to a server (within the EU) owned by AWS. Additional information can be found at https://aws.amazon.com/ses/ and under https://aws.amazon.com/compliance/eu-data-protection/ .
This website uses DoubleClick Ad, a web service offered by Google Ireland Ltd., Google Building Gordon House, 4 Barrow St., Dublin, D04 E5W5 Ireland (“DoubleClick Ad”).
Additional information about privacy protection at DoubleClick can be found under: https://policies.google.com/privacy?hl=en
You can easily object to the data processing by DoubleClick Ad by clicking the fingerprint icon in the lower left corner.
Facebook Pixel and Website Custom Audience
In this online offer we would like to present to our users ads tailored to their interests or special offers (“interest-based advertising”) and limit the frequency with which certain ads are shown. For this purpose we use the tool Website Custom Audiences by Facebook as well as Facebook Pixel.
Facebook Pixel is a Java Script code that sends the following data to Facebook Ireland Ltd, Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”):
– HTTP header information (e.g. IP address, information about the web browser, page memory, document, URL of the website and user agent of the web browser as well as day and time of use);
– Pixel-specific data; this includes the pixel ID and Facebook cookie data, including your Facebook ID (these are used in order to link events to a specific Facebook advertising account and to attribute them to a Facebook user);
– Additional information about the visit and about standard and user-defined data events. We use the following user-defined data events:
o Searched and viewed contents at product level;
o Product was put into the shopping cart;
o Initiation of a checkout in the order process; as well as
o Completion of the order process.
Facebook uses the hashed user-specific Facebook ID (contained in the Facebook cookie) to check automatically whether the data sent by the Facebook Pixel can be attributed to a Facebook user. If no Facebook cookie is stored in your browser, no classification into one of the user groups called “Custom Audience” is performed.
If no attribution of the Facebook ID contained in the Facebook cookie can be made to a Facebook user, Facebook attributes this user to a “Custom Audience” based on the rules established by us if the criteria applicable to it are fulfilled. We use the information gained in this way to show ads in Facebook (“Facebook Ads”). Ads are shown however only starting with a “Custom Audience” size of 20 unique users – no conclusions can thus be drawn from the ad display regarding the properties of the individual users. The attribution to a “Custom Audience” is for no more than 180 days. This timeline begins again if you visit our website again and if we have your agreement to the same “Custom Audience” rules.
Facebook may attribute your visit to our website and your activities in this context to your Facebook user account. We are not able to do that. We only receive statistical information about the use of our website from Facebook through Audience Insights.
Facebook forwards your data to Facebook Inc., Facebook 1 Hacker Way Menlo Park, CA 94025, USA and uses your data to improve the quality of its advertising by improving e.g. the optimization algorithms used by Facebook for showing Facebook Ads and the News Feed Ranking.
You can easily object to the data collection by Facebook in our Privacy Settings by clicking the fingerprint icon in the lower left corner.
Google Ads Conversion
We use the online advertising program “Google Ads” and Conversion Tracking in the context of Google Ads. Google Conversion Tracking is an analysis service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If you click on an ad shown by Google, a cookie for Conversion Tracking is placed on your computer. These cookies become invalid after 30 days, do not contain any personal data and are therefore not useful for the purpose of personal identification.
If you visit certain Internet pages of our website and the cookie has not yet expired, Google and we realize that you clicked on the ad and were forwarded to this page. Every Google AdWords customer gets a different cookie. There is thus no possibility that cookies can be tracked across the websites of AdWords customers.
The information gathered with the Conversion Cookie is used to prepare conversion statistics for AdWords customers who have opted for Conversion Tracking. In this process the customers learn the total number of users who have clicked on their ads and were forwarded to a page provided with a Conversion Tracking Tag. However, they are not given any information that would make it possible to identify the users personally.
If you do not want this to happen, an opt-out is possible by way of a change in the advertising settings at Google or the deactivation page of the Network Advertising Initiative.
Google has agreed to submit to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Google Ads Remarketing
In addition we use the Remarketing function within the Google Ads services provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). The Google Ads Remarketing function allows us to show to users of our website interest-based ads on other websites within the Google advertising network (in Google Search or on YouTube, so-called “Google Ads”, or on other websites). In order to be able to show interest-based ads to users also on other websites, the interaction of the users on our website is analyzed. For this purpose Google stores so-called counting pixels in the browsers of users who visit certain Google services or websites in the Google Display Network. The visits of these users are recorded via this number called “Cookie”. This may entail the identification of a web browser on a specific terminal, but not the identification of a person; personal data are not stored.
If you do not want this to happen, an opt-out is possible is possible by tweaking the Advertising Settings at Google or the deactivation page of the Network Advertising Initiative.
Google has agreed to submit to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Newsletter2Go by Sendinblue
In addition to the Amazon Simple Email Service, we also use the Newsletter2Go service to send our newsletters. This is provided by Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin (“Newsletter2Go”). The use of this service allows us not only to send out our newsletter. We also use it for analysis and optimization purposes. In addition to your e-mail address, the IP address, browser information, date and time of the call are processed.
Aside from the Amazon Simple Email Service we also use the service Newsletter2Go for mailing our Newsletter. The service is provided by Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin (“Newsletter2Go”). The use of this service allows us not only to mail out our Newsletter, we use it also for analysis and optimization purposes. For this purpose we occasionally process, apart from your email address, also your IP address, the browser information as well as the date and time of your visit. https://nl2go-prod-api-account.s3.eu-central-1.amazonaws.com/app_files/en/N2G_DSE.pdf
Twitter Ads Conversion Tracking
On our website we use Conversion Tracking offered by Twitter Inc., 1355 Market Street #900, San Francisco, California 94103 (“Twitter”).
In this process Twitter stores a cookie on the computer of the users for the purpose of analyzing the user behavior of our website visitors. Conversion Tracking by Twitter makes it possible to track the actions taken by the users after seeing the ads or after interacting with the ads on Twitter. The Conversion Tracking offered by Twitter enables us to attribute conversions such as link clicks, re-tweets or “likes”.
Twitter might transfer the data regarding the use of this website generated by the cookies (including your IP address) to a Twitter server in the USA and store them there.
If you decide to object to Tracking, you may do so using the tool of the Digital Advertising Alliance under https://optout.aboutads.info/
We would like to point out that the use of an adblocker may impair the functionality of opt-out cookies. In certain cases it may therefore happen that the respective tools keep collecting data despite the storage of opt-out cookies. In that case you may restore their functionality by configuring or uninstalling the adblocker accordingly.
14. hCaptcha Service
Intuition Machines, Inc.
We also offer you the possibility of registering or logging in with us via your Google+ account. If you make use of this option, we receive the data needed for the registration or login from Google (e.g. email address, name).
We have no control over the scope of the data collected by Google by means of Google OAuth. If you prefer for Google not to collect data about you in connection with your use of our online offer and use them for its own purposes, you should not use this login method.
Additional information about the purpose and scope of the collected data or the further processing and use of your data by Google as well as about your rights and setting options for the protection of your data can be found in the privacy protection information of Google under https://policies.google.com/privacy
YouTube videos are embedded on this website in the so-called “Expanded Data Protection Mode”, meaning that data are collected by YouTube only when playing the videos. YouTube is able to attribute the visit of our page to your user account. We would like to point out that Regiondo does not have any control over or knowledge of the contents of the transferred data and is not aware of how YouTube uses them.
YouTube is a service for visualization of video contents offered by Google LLC., Gordon House, Barrow Street, Dublin 4, Ireland (“YouTube”).
17. Social Plugins
This online offer uses social plugins (“plugins”) of the following providers:
• Plugins of LinkedIn; LinkedIn is operated by LinkedIn Corporation, 1000 W. Maude Ave, Sunnyvale, CA 94085, USA (“LinkedIn”). An overview of the LinkedIn plugins and their appearance can be found here: https://www.linkedin.com/legal/privacy-policy?trk=d_checkpoint_lg_consumerLogin_ft_privacy_policy.
On our website we use buttons of the Tumblr service offered by Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA.
These buttons allow the website visitors to share an entry or page at Tumblr or follow the provider at Tumblr. If you click on one of our websites with a Tumblr button, the browser establishes a direct connection with the Tumblr servers. We have no control over the scope of the data that Tumblr collects and transfers using this plugin. As far as is currently known, the IP address of the user as well as the URL of the respective website are transferred.
The various providers of plugins are referred to below under the term “plugin providers”.
In order to enhance the protection of your data when visiting our online offer, the plugins are embedded in the page by way of the so-called “Shariff solution”. This ensures that no connection with the servers of the respective plugin provider is established yet when accessing a page of this online offer.
Your Internet browser establishes a direct connection to the servers of the respective plugin provider only after the plugin has been activated by you. In this way the plugin provider is informed that your Internet browser has accessed the respective page of our online offer even if you have no user account with the provider or are not even logged in. Log files (including the IP address) are in this process transferred by your Internet browser directly to a server of the respective plugin provider and may be stored there. This server may be located outside of the EU and/or the EEA (e.g. in the USA).
The plugins are independent extensions of the plugin providers. We have therefore no control over the scope of the data collected and stored by the plugin providers via the plugins.
You should not use the respective plugins if you prefer for the plugin providers not to receive, store or use the data collected via this online offer.
In principle you can also totally prevent the loading of plugins through add-ons on your browser, the so-called script blockers.
Additional information about the purpose and scope of the collection as well as about the further processing and use of your data by plugin providers and about your rights and setting options for the protection of your data can be found in the data protection notices of the respective providers.
Newsletter with login
We offer you the opportunity to subscribe to a newsletter. You may withdraw your respective consent at any time. Information about this can be found in the section The right to withdraw your consent.
Existing customer info without login
If we receive your email address in connection with the sale of goods and services and if you did not object to it, we reserve the right to send you offers of similar goods and/or services from our portfolio by email on a regular basis (Sec. 7 Para. 3 German Law Against Unfair Competition (UWG), Art. 6 Para. 1 sent. 1 lit. f) GDPR). You may object at any time at no cost to you; information about this can be found in section Your right to object to direct marketing..
19. Your rights (your rights as a data subject)
How can you assert your rights?
For the assertion of your rights please use the information in the contact section. Please make sure that we are able to unambiguously identify your person.
Alternatively you may also use the setting options in your user account in order to correct the data entered during registration or to object to advertising.
Please note that your data will initially only be blocked if erasure is prevented by required retention periods.
Your right to information and correction
You may demand that we confirm to you as to whether we process personal data about you and you have the right to information with regard to your data processed by us. If your data are incorrect or incomplete, you may demand that your data be corrected or completed. If we have disclosed your data to third parties we inform them about the correction to the extent that this is legally required.
Your right to erasure
If the legal conditions are present, you may require us to immediately erase your personal data. This is in particular the case if
• Your personal data are no longer needed for the purposes for which they were collected;
• The legal basis for processing your data was only your consent and you withdrew it;
• You objected to the processing of your data for advertising purposes (“advertising objection”);
• You objected to the processing of your data on the legal basis of the balancing of interests for personal reasons and we are not able to prove there are overriding legitimate reasons for processing;
• Your personal data were illegally processed; or
• Your personal data must be erased in order to meet legal requirements.
If we have disclosed your data to third parties, we will inform them about the erasure if this is legally required.
Please note that your right to erasure is subject to restrictions. For example we do not have to or we are not allowed to erase data that we must keep on the basis of legal retention periods. Also exempted from your right to erasure are data that we need for asserting, exercising or defending legal claims.
Your right to restrict processing
If the legal conditions are present, you may require us to restrict the processing of your data. This is in particular the case if
• The correctness of your personal data is contested by you, and then until we have the chance to examine the correctness;
• The processing is not legal and you demand a restriction of use instead of erasure (see in this respect also the previous section);
• We no longer need the data for the purpose of processing but you need them for asserting, exercising or defending your legal claims;
• You raised an objection for personal reasons, and then until it is determined that you have an overriding interest.
If you have a right to restrict processing, we mark the affected data to ensure that they are processed only within the narrow limits applying to such restricted data (in particular to defend legal claims or with your consent).
Your right to data portability
You have the right to receive the personal data that you surrendered to us for the execution of a contract or on the basis of a consent in a transferable format. In that case you may also demand that we transfer these data directly to a third party if technically feasible.
Your right to withdraw consent
If you consented to the processing of your data, you may withdraw such consent at any time with effect for the future. The legality of processing your data until the withdrawal is not affected hereby.
Your right to object to direct marketing
You also may object at any time to the processing of your personal data for advertising purposes (“advertising objection”). Please note that for organizational reasons there might be an overlap between your withdrawal and the use of your data in the context of an ongoing campaign.
Your right to object for personal reasons
You have the right for reasons arising from your special situation to object to the data processing by us if you do so based on a legitimate interest. In that case we will stop processing your data unless we have – pursuant to the legal regulations – cogent reasons for further processing which are worthy of protection and override your rights.
Your right to lodge a complaint with a supervisory authority
You have the right to file a complaint with a data protection authority. In particular, you may contact the data protection authority which is competent for your residence or your federal state or which is competent for the location at which the breach of the data protection law occurred. Alternatively you may also contact the data protection authority that is competent for us, namely:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
We and our Data Protection Officer are at your disposal for further information and suggestions regarding data protection at the email address [email protected].
If you wish to contact us, we can be reached as follows:
21. Annex: Technical information
Technical information about the erasure of cookies
• Instructions under
• Instructions under https://support.google.com/chrome/answer/95647?hl=en
• Instructions under https://help.apple.com/safari/mac/8.0/#/sfri11471