Datenschutzerklärung

 

Review Platforms Introduction

Summary of Review Platforms

• 👥 Data Subjects: Visitors to the website or a review platform

• 🤝 Purpose: To gather feedback on our products and/or services

• 📓 Processed Data: Includes IP address, email address, name. More details are provided below or in the privacy policies of the specific review platforms used.

• 📅 Data Retention Period: Depends on the respective platform

• ⚖️ Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate Interests)
   

What Are Review Platforms?

On various review platforms, you can rate our products or services. We participate in some of these platforms to receive feedback from you, helping us optimize our offerings.

When you leave a review on a platform, the privacy policy and terms of service of the respective review service apply. Often, you’ll need to register to submit a review. Additionally, review technologies (widgets) can be embedded on our website. Using such integrated tools means data is transferred, processed, and stored by the respective provider.

How Does It Work?

Most of these embedded programs follow a similar process:

1. After purchasing a product or using a service, you may receive an email invitation or see a prompt on our website to leave a review.

2. You’ll be directed via a link to a review page where you can quickly and easily submit your feedback.

3. Some review systems are connected to social media platforms, making it easier to share your feedback with a broader audience.
    

Why Do We Use Review Platforms?

Review platforms help us:

• Collect feedback and ratings about our offerings

• Receive quick responses to improve our products/services more efficiently

• Optimize our offerings based on real user experiences

Additionally, your reviews provide valuable insights for future customers, giving them an overview of the quality of our products and services.

​

What Data Is Processed?

With your consent, we transmit information about you and the services you’ve used to the relevant review platform. This ensures that the feedback is authentic, as only actual customers can provide genuine reviews.

Data That May Be Processed Includes:

• Personal Information: IP address, email address, name

• Order Information: Such as the order number of a purchased product

• Interaction Data: Information confirming you’ve visited our website

If your email address is shared, it’s typically for the review platform to send you a follow-up email after your purchase. We also share the fact that you’ve visited our website to integrate your review into our platform.

Important: The review platform is responsible for the collection and processing of personal data.

​

How Long and Where Is the Data Stored?

For specific details about data retention, refer to the privacy policies of the respective providers.

In general:

• We process personal data only as long as necessary to provide our services and products.

• Personal data included in reviews is usually anonymized by the platform’s staff, making it visible only to the company’s administrators.

• Data is stored on the servers of the providers and deleted after the service contract ends in most cases.
   

Right to Object

You have the right to withdraw your consent to the use of cookies or third-party services at any time. This can be done through:

• Our cookie management tool

• Opt-out options provided by third parties

• Your browser settings, where you can manage, disable, or delete cookies
   

Legal Basis

If you’ve consented to the use of a review platform, the legal basis for data processing is your consent according to Art. 6(1)(a) GDPR.

We also have a legitimate interest in using review platforms to optimize our online services, based on Art. 6(1)(f) GDPR (Legitimate Interests).

However, we only use review platforms with your consent.

​

Google Customer Reviews Privacy Policy

We also use the Google Customer Reviews platform on our website. The service provider is the American company Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

Google processes your data, among other things, in the USA. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may involve various risks for the legality and security of data processing.

As a basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or for data transfers there, Google uses so-called Standard Contractual Clauses (= Art. 46 para. 2 and 3 GDPR). Standard Contractual Clauses (SCCs) are model templates provided by the EU Commission to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en

The data processing terms for Google advertising products (Google Ads Controller-Controller Data Protection Terms), which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/en/adsprocessorterms/

For more information about the data processed by Google, please refer to their privacy policy at https://policies.google.com/privacy?hl=en.

​

Web Design Introduction

Web Design Privacy Policy Summary

• 👥 Data Subjects: Visitors to the website

• 🤝 Purpose: Improving user experience

• 📓 Processed Data: The data processed depends heavily on the tools used. This typically includes IP address, technical data, language settings, browser version, screen resolution, and browser name. More details can be found with the specific web design tools used.

• 🗕️ Storage Duration: Dependent on the tools used

• ⚖️ Legal Bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests)

• ​

What is Web Design?

We use various tools on our website that serve our web design. Web design is not just about making our website look attractive but also about functionality and performance. Of course, the appropriate appearance of a website is one of the key goals of professional web design. Web design is a subfield of media design and deals with both the visual and structural-functional design of a website. The goal is to improve your experience on our website through web design. In web design jargon, this is referred to as User Experience (UX) and Usability. User Experience encompasses all the impressions and experiences a visitor has on a website. Usability, a subset of User Experience, focuses on user-friendliness. The emphasis here is on clear structuring of content, subpages, or products, making it easy and quick for you to find what you're looking for. To provide you with the best possible experience, we also use third-party web design tools. In this privacy policy, the term "web design" includes all services that enhance the design of our website, such as fonts, various plugins, or other integrated web design features.

​

Why Do We Use Web Design Tools?

How you perceive information on a website depends heavily on the structure, functionality, and visual appeal of the website. Therefore, good and professional web design has become increasingly important to us. We constantly work to improve our website, considering it an extended service for you as a visitor. Additionally, an attractive and functional website offers economic benefits for us, as you are more likely to visit and use our services if you feel comfortable.

​

What Data Is Stored by Web Design Tools?

When you visit our website, web design elements embedded in our pages may process data. The specific data involved depends on the tools used. Further below, you'll find details on the tools we use on our website. We recommend reading the privacy policies of these tools for detailed information about data processing. They typically explain which data is processed, whether cookies are used, and how long the data is stored. For example, fonts like Google Fonts automatically transfer information such as language settings, IP address, browser version, screen resolution, and browser name to Google's servers.

​

Duration of Data Processing

The duration of data processing is highly individual and depends on the web design elements used. When cookies are involved, storage may last from one minute to several years. Please refer to our general cookie section and the privacy policies of the tools used for more information. There you'll usually find details about which cookies are used and what information they store. For instance, Google Font files are stored for one year to improve website load times. In general, data is only retained as long as necessary to provide the service. Legal requirements may result in longer storage periods.

​

Right to Object

You have the right and the option to withdraw your consent to the use of cookies or third-party providers at any time. This can be done via our cookie management tool or other opt-out options. You can also prevent data collection through cookies by managing, disabling, or deleting cookies in your browser. However, some data (mostly related to fonts) cannot be easily deleted as they are automatically collected and transferred to third parties (like Google) upon page load. In such cases, please contact the respective provider's support. For Google, you can reach support at https://support.google.com/?hl=en.

​

Legal Basis

f you have consented to the use of web design tools, this consent serves as the legal basis for the corresponding data processing. This consent is the legal basis under Art. 6 para. 1 lit. a GDPR for processing personal data as may occur when using web design tools. Additionally, we have a legitimate interest in improving the web design of our website to offer a beautiful and professional web experience. The corresponding legal basis is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). However, we only use web design tools if you have given your consent, which we would like to emphasize here.

Information about specific web design tools, if available, is provided in the following sections.

​

Adobe Fonts Privacy Policy

We use Adobe Fonts, a web font hosting service, on our website. The service provider is the American company Adobe Inc. For the European region, Adobe Systems Software Ireland Companies, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland, is responsible.

Adobe processes your data, among other things, in the USA. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may involve various risks for the legality and security of data processing.

As a basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or for data transfers there, Adobe uses so-called Standard Contractual Clauses (= Art. 46 para. 2 and 3 GDPR). Standard Contractual Clauses (SCCs) are model templates provided by the EU Commission to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through these clauses, Adobe undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en

More information about the data processed and Adobe's Standard Contractual Clauses can be found at https://www.adobe.com/privacy/eudatatransfers.html.

 

Google Fonts Privacy Policy

Google Fonts Privacy Policy Summary

• 👥 Data Subjects: Visitors to the website

• 🤝 Purpose: Optimizing our service

• 📓 Processed Data: Data such as IP address and CSS and font requests (details below)

• 🗕️ Storage Duration: Font files are stored by Google for one year

• ⚖️ Legal Bases: Art. 6 para. 1 lit. a GDPR (Consent), Art. 6 para. 1 lit. f GDPR (Legitimate Interests)

(Additional specific details about Google Fonts can be added if needed.)

​

Was sind Google Fonts?

Auf unserer Website verwenden wir Google Fonts. Das sind die “Google-Schriften” der Firma Google Inc. Für den europäischen Raum ist das Unternehmen Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Irland) für alle Google-Dienste verantwortlich.

Für die Verwendung von Google-Schriftarten müssen Sie sich nicht anmelden bzw. ein Passwort hinterlegen. Weiters werden auch keine Cookies in Ihrem Browser gespeichert. Die Dateien (CSS, Schriftarten/Fonts) werden über die Google-Domains fonts.googleapis.com und fonts.gstatic.com angefordert. Laut Google sind die Anfragen nach CSS und Schriften vollkommen getrennt von allen anderen Google-Diensten. Wenn Sie ein Google-Konto haben, brauchen Sie keine Sorge haben, dass Ihre Google-Kontodaten, während der Verwendung von Google Fonts, an Google übermittelt werden. Google erfasst die Nutzung von CSS (Cascading Style Sheets) und der verwendeten Schriftarten und speichert diese Daten sicher. Wie die Datenspeicherung genau aussieht, werden wir uns noch im Detail ansehen.

Google Fonts (früher Google Web Fonts) ist ein Verzeichnis mit über 800 Schriftarten, die Google Ihren Nutzern kostenlos zu Verfügung stellen.

Viele dieser Schriftarten sind unter der SIL Open Font License veröffentlicht, während andere unter der Apache-Lizenz veröffentlicht wurden. Beides sind freie Software-Lizenzen.

​

Why Do We Use Google Fonts on Our Website?

With Google Fonts, we can use fonts on our website without having to upload them to our own server. Google Fonts is an essential component for maintaining the quality of our website. All Google fonts are automatically optimized for the web, which saves data volume and is particularly advantageous for mobile device usage. When you visit our site, the small file size ensures fast loading times. Additionally, Google Fonts are secure web fonts. Different rendering systems in various browsers, operating systems, and mobile devices can lead to errors, which may distort the appearance of text or entire web pages. Thanks to the fast Content Delivery Network (CDN), Google Fonts eliminates cross-platform issues. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). Therefore, we use Google Fonts to present our online services as beautifully and uniformly as possible.

​

What Data Is Stored by Google?

When you visit our website, the fonts are reloaded via a Google server. This external request transmits data to Google servers. This allows Google to recognize that you or your IP address has visited our website. The Google Fonts API is designed to limit the collection, storage, and use of end-user data to what is necessary for the efficient delivery of fonts. API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in software systems.

Google Fonts securely stores CSS and font requests on Google servers, ensuring their protection. The collected usage statistics help Google determine the popularity of specific fonts. Google publishes these results on internal analysis pages, such as Google Analytics. Additionally, Google uses its own web crawler data to identify which websites use Google Fonts. This data is published in the Google Fonts BigQuery database. Businesses and developers utilize Google’s BigQuery web service to analyze and manage large datasets.

It is important to note that every Google Font request also automatically transmits information such as language settings, IP address, browser version, screen resolution, and browser name to Google servers. Whether this data is also stored is not clearly stated or confirmed by Google.

​

How Long and Where Is the Data Stored?

Google stores requests for CSS assets on its servers, which are primarily located outside the EU, for one day. This enables us to use fonts via a Google stylesheet. A stylesheet is a template that allows quick and easy changes to the design or font of a website.

The font files are stored by Google for one year. Google aims to improve website loading times through this practice. When millions of websites reference the same fonts, they are cached after the first visit and appear instantly on all subsequently visited websites. Occasionally, Google updates font files to reduce file size, expand language coverage, and improve design.

​

How Can I Delete My Data or Prevent Data Storage?

The data that Google stores for one day or one year cannot be easily deleted. This data is automatically transmitted to Google when the page is accessed. To have this data deleted prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=122403728. The only way to prevent data storage in this case is to avoid visiting our website.

Unlike other web fonts, Google allows us unrestricted access to all fonts. This means we can access an extensive range of fonts without limitations, allowing us to optimize our website’s design. For more information about Google Fonts and related questions, visit https://developers.google.com/fonts/faq?tid=122403728. Although Google addresses data privacy issues there, detailed information about data storage is not provided. It can be relatively difficult to obtain precise information from Google about stored data.

​

Legal Basis

If you have consented to the use of Google Fonts, this consent serves as the legal basis for the corresponding data processing. According to Article 6(1)(a) of the GDPR (Consent), this consent forms the legal basis for processing personal data that may occur when using Google Fonts.

Additionally, we have a legitimate interest in using Google Fonts to optimize our online services. The corresponding legal basis for this is Article 6(1)(f) of the GDPR (Legitimate Interests). However, we only use Google Fonts to the extent that you have provided your consent.

Google also processes your data in the USA, among other places. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection for the transfer of data to the USA. This may entail various risks concerning the legality and security of data processing.

For data processing involving recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway—particularly in the USA) or for data transfers to such countries, Google uses what are known as Standard Contractual Clauses (SCCs) in accordance with Article 46(2) and (3) of the GDPR. Standard Contractual Clauses are templates provided by the EU Commission designed to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through these clauses, Google commits to maintaining the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision by the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

The Google Ads Data Processing Terms, which also correspond to the Standard Contractual Clauses for Google Fonts, can be found here: https://business.safety.google/adsprocessorterms/.

To learn more about the data Google collects and how it is used, visit https://www.google.com/intl/de/policies/privacy/.

​

Google Fonts Local Privacy Policy

On our website, we use Google Fonts provided by Google Inc. For the European region, the responsible company is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). We have integrated the Google Fonts locally on our web server, meaning they are not hosted on Google’s servers. As a result, there is no connection to Google servers, and no data is transmitted to or stored by Google.

​

What Are Google Fonts?

Google Fonts, formerly known as Google Web Fonts, is an interactive directory of over 800 fonts provided free of charge by Google. With Google Fonts, fonts could typically be used without uploading them to your own server. However, to completely prevent any data transmission to Google servers, we have downloaded the fonts to our own server. This ensures compliance with data protection regulations, as no data is sent to Google Fonts.

​

Online Mapping Services Introduction

Online Mapping Services Privacy Policy Summary

• 👥 Data Subjects: Visitors to the website

• 🤝 Purpose: Improving user experience

• 📓 Processed Data: The type of data processed depends largely on the services used. It usually includes IP addresses, location data, search queries, and/or technical data. More details can be found in the sections related to the specific tools used.

• 📅 Storage Duration: Dependent on the tools used

• ⚖️ Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate Interests)
   

What Are Online Mapping Services?

We use online mapping services on our website as an additional feature. Google Maps is probably the most well-known service, but there are also other providers specializing in digital maps. These services allow us to display locations, route plans, and other geographic information directly on our website.

By integrating a mapping service, you no longer need to leave our website to view routes to a specific location. The maps are embedded via HTML code, enabling the service to display street maps, terrain, or satellite imagery. When you use the integrated map, data will be transmitted to and stored by the respective mapping tool. This data may include personal information.

​

Why Do We Use Online Mapping Services on Our Website?

Generally speaking, our goal is to provide you with an enjoyable experience on our website. It’s much more pleasant if you can navigate the site easily and find the information you need quickly. That’s why we thought that adding an online mapping system would significantly enhance our service.

Without leaving our website, you can view route directions, locations, or even points of interest effortlessly. It’s also incredibly convenient for showing you where our company is located, helping you find us quickly and safely. As you can see, there are numerous advantages, and we consider online mapping services to be an integral part of our customer service.

​

What Data Is Stored by Online Mapping Services?

When you open a page on our website with an embedded online map feature, personal data may be transmitted to and stored by the respective service. This typically includes your IP address, which can be used to determine your approximate location. In addition to the IP address, data such as search terms, as well as latitude and longitude coordinates, may be stored.

For example, if you enter an address for route planning, this information will also be stored. The data is not stored on our servers but on the servers of the tools we’ve integrated. You can think of it like this: even though you’re on our website, when you interact with a mapping service, the interaction actually takes place on that service’s platform.

To ensure proper functionality, the service will typically place at least one cookie in your browser. Google Maps, for instance, uses cookies to track user behavior, optimize its services, and deliver personalized advertising. You can learn more about cookies in our "Cookies" section.

​

How Long and Where Is the Data Stored?

Each online mapping service processes user data differently. Where we have additional information, we provide details about data retention periods in the specific sections related to each tool. In general, personal data is stored only as long as necessary to provide the service.

For example:

• Google Maps retains certain data for a defined period, while other data may require manual deletion by the user.

• Mapbox stores IP addresses for 30 days before deletion.

Since each tool handles data retention differently, we recommend reviewing the privacy policies of the respective services.

Providers also use cookies to store data about how you interact with the mapping service. You can find more general information about cookies in our "Cookies" section, and the privacy policies of individual providers will detail the specific cookies they use. However, these lists are often only examples and may not be exhaustive.

​

Right to Object

You always have the option—and the right—to access your personal data and object to its use and processing. You can also revoke your consent at any time. The simplest way to do this is usually through the cookie consent tool.

Additionally, there are other opt-out tools you can use. Any cookies set by the services can also be managed, deleted, or disabled directly in your browser with just a few clicks. However, please note that this may affect the functionality of certain services.

The method for managing cookies depends on the browser you are using. In the "Cookies" section, you’ll find links to guides for managing cookies in the most popular browsers.

​

Legal Basis

If you have given your consent for the use of an online mapping service, this consent forms the legal basis for the related data processing. According to Art. 6(1)(a) GDPR (Consent), this consent provides the legal framework for processing personal data that may be collected by an online mapping service.

Additionally, we have a legitimate interest in using online mapping services to optimize the services offered on our website. The corresponding legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). However, we only deploy online mapping services if you have given your explicit consent. We want to make this point absolutely clear.

You can find information about specific online mapping services—where applicable—in the following sections.

​

Google Maps Privacy Policy

Summary of the Google Maps Privacy Policy

👥 Data Subjects: Website visitors
🤝 Purpose: Optimization of our service performance
📓 Processed Data: Data such as entered search terms, your IP address, and latitude and longitude coordinates.
More details can be found further below in this privacy policy.
📅 Retention Period: Depends on the stored data
⚖️ Legal Basis: Art. 6 (1) (a) GDPR (Consent), Art. 6 (1) (f) GDPR (Legitimate Interests)

​

What is Google Maps?

We use Google Maps on our website, a service provided by Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. Google Maps allows us to display locations more accurately and tailor our service to your needs. By using Google Maps, data is transmitted to Google and stored on Google servers. Here, we will detail what Google Maps is, why we use this Google service, what data is stored, and how you can prevent this.

Google Maps is an online mapping service provided by Google. With Google Maps, you can search for precise locations of cities, landmarks, accommodations, or businesses via a PC, tablet, or app. If businesses are listed on Google My Business, additional information about the company is displayed alongside the location. Map sections of a location can be embedded into a website using HTML code to show routes. Google Maps displays the Earth's surface as a street map or as an aerial or satellite image. Thanks to Street View images and high-quality satellite photos, highly accurate representations are possible.

​

Why Do We Use Google Maps on Our Website?

All our efforts on this site aim to provide you with a useful and meaningful experience. By integrating Google Maps, we can deliver the most important information about various locations. At a glance, you can see where our company headquarters is located. The route planner shows you the best or fastest way to us. You can retrieve directions for routes by car, public transport, on foot, or by bike. Providing Google Maps is part of our customer service.

​

What Data is Stored by Google Maps?

To provide its service fully, Google Maps must collect and store data from you. This includes search queries, your IP address, and latitude and longitude coordinates. If you use the route planner function, the entered starting address is also stored. However, this data is stored on Google Maps' websites. We can only inform you about this but have no influence over it. Since we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behavior. Google uses this data primarily to optimize its services and provide personalized advertising for you.

The following cookie is set in your browser due to the integration of Google Maps:

• Name: NID

• Value: 188=h26c1Ktha7fCQTx8rXgLyATyITJ122403728-5

• Purpose: NID is used by Google to customize advertisements to your Google search. Using the cookie, Google "remembers" your most frequent search queries or your previous interactions with ads. This way, you receive tailored advertisements. The cookie contains a unique ID that Google uses to collect your personal settings for advertising purposes.

• Expiration Date: After 6 months

Note: We cannot guarantee the completeness of the stored data. Changes, especially regarding the use of cookies, cannot be ruled out. A test page exclusively featuring Google Maps was created to identify the NID cookie.

​

How Long and Where is the Data Stored?

Google servers are located in data centers worldwide, with most servers in the USA. Therefore, your data is predominantly stored in the USA. You can read exactly where Google data centers are located here: Google Data Centers.

Google distributes the data across different storage devices to ensure faster access and better protection against manipulation. Each data center has special emergency programs. For example, if there are issues with Google hardware or a natural disaster disables the servers, the data remains relatively secure.

Google stores some data for a fixed period, while other data can only be deleted manually. Additionally, Google anonymizes information (such as advertising data) in server logs by deleting parts of the IP address and cookie information after 9 or 18 months.

​

How Can I Delete My Data or Prevent Data Storage?

With the automatic deletion feature introduced in 2019, location and activity data are stored for either 3 or 18 months, depending on your choice, and then deleted. You can also manually delete this data from your history via your Google account at any time. If you want to completely prevent location tracking, you must pause the "Web & App Activity" setting in your Google account. Click on "Data & Personalization" and then on "Activity Controls," where you can enable or disable activities.

In your browser, you can also disable, delete, or manage individual cookies. The process varies depending on the browser you use. In the "Cookies" section, you will find corresponding links to the instructions for the most popular browsers.

If you generally do not want any cookies, you can set your browser to notify you whenever a cookie is about to be set. This allows you to decide for each cookie whether to allow it or not.

​

Legal Basis

If you have consented to the use of Google Maps, the legal basis for data processing is this consent. According to Art. 6 (1) (a) GDPR (Consent), this consent constitutes the legal basis for processing personal data as may occur when Google Maps collects data.

Additionally, we have a legitimate interest in using Google Maps to optimize our online services. The corresponding legal basis for this is Art. 6 (1) (f) GDPR (Legitimate Interests). However, we only use Google Maps if you have provided consent.

Google also processes your data in the USA. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may involve various risks concerning the legality and security of data processing.

For data processing involving recipients in third countries (outside the European Union, Iceland, Liechtenstein, Norway—especially the USA) or data transfers to such countries, Google uses Standard Contractual Clauses (SCC) pursuant to Art. 46 (2) and (3) GDPR. Standard Contractual Clauses are model templates provided by the European Commission to ensure that your data complies with European data protection standards even when transferred and stored in third countries like the USA. Through these clauses, Google commits to maintaining the European level of data protection when processing your relevant data, even if it is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding Standard Contractual Clauses here: EU Commission SCC.

The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found here: Google Ads Data Processing Terms.

If you want to learn more about how Google processes data, we recommend reviewing the company's own privacy policy here: Google Privacy Policy.

​

Online Booking Systems Introductio

Online Booking Systems Privacy Policy Summary👥 Data Subjects: Website visitors
🤝 Purpose: Improving user experience and organization
📓 Processed Data: The data processed strongly depends on the services used. Typically, this includes IP addresses, contact and payment details, and/or technical data. More details can be found in the specific tools used.
📅 Storage Duration: Depends on the tools used
⚖️ Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate Interests)

​

What Is an Online Booking System?

To enable you to make bookings via our website, we use one or more booking systems. For example, appointments can be easily scheduled online. A booking system is a software application integrated into our website that displays available resources (such as free appointments), allowing you to book and often pay directly online. You are probably familiar with such booking systems from the hospitality or hotel industry. However, these systems are now used in various sectors. Depending on the tool and settings, booking systems can be used both internally by us and externally by customers like you. In this process, personal data is usually collected and stored.

Typically, the booking process works as follows: You will find the booking system on our website, where you can schedule an appointment for a service directly with a few clicks and by providing your data—often including payment. You may be required to fill out a form with personal details. Please be aware that all the data you enter may be stored and managed in a database.

​

Why Do We Use an Online Booking System?

We consider our website a service for you. You should find helpful information and feel completely comfortable using our site. This also includes an online service that makes booking appointments or services as simple as possible. The days of waiting for a booking confirmation via phone or email are over. With an online booking system, everything is done with just a few clicks, freeing you up to focus on other things. For us, the system also simplifies the management of all bookings and appointments. Therefore, we find such a booking system absolutely useful for both you and us.

​

What Data Is Processed?

We cannot specify exactly which data is processed in this general information text about booking systems. This always depends on the tool used and the features and capabilities it includes. Many booking systems offer a range of additional features alongside the standard booking function. For example, many systems have an integrated external online payment system (e.g., Stripe, Klarna, or PayPal) and a calendar synchronization function. Accordingly, different types and amounts of data may be processed depending on the functions. Typically, data such as IP address, name and contact details, technical information about your device, and the time of booking are processed.

If you make a payment through the system, banking details such as account numbers, credit card numbers, passwords, TANs, etc., will also be stored and forwarded to the relevant payment provider. We recommend that you carefully read the privacy policy of the specific tool to understand which of your data is processed.

​

Duration of Data Processing

Each booking system stores data for different periods. Therefore, we cannot provide specific information about data retention here. Generally, personal data is stored only as long as necessary to provide the services. Booking systems typically use cookies that store information for varying durations. Some cookies are deleted immediately after leaving the site, while others can be stored for several years. You can learn more about this in our "Cookies" section. Please also review the respective privacy policies of the providers, which should specify how long your data is stored in each case.

​

Right to Object

If you have consented to data processing via a booking system, you naturally have the option and the right to withdraw this consent at any time. Please always be aware that you have rights regarding your personal data, and you can exercise these rights at any time. If you do not want personal data to be processed, then no personal data may be processed. It’s as simple as that. The easiest way to withdraw consent is via a cookie consent tool or other provided opt-out options. You can also manage data storage through cookies directly in your browser. The legality of the data processing remains unaffected until your withdrawal.

​

Legal Basis

If you have consented to the use of booking systems, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (Consent), this serves as the legal basis for the processing of personal data, as may occur with booking systems.

Furthermore, we have a legitimate interest in using booking systems because they help us improve customer service and optimize our internal booking management. The corresponding legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). However, we only use these tools if you have given your consent. We want to emphasize this again clearly.

Information about specific booking systems can be found—if available—in the following sections.

​

Explanation of Terms Used

We always strive to make our privacy policy as clear and understandable as possible. However, this is not always easy, especially when it comes to technical and legal topics. It often makes sense to use legal terms (such as personal data) or specific technical expressions (like cookies or IP address). Nevertheless, we do not want to use these terms without explanation.

Below you will find an alphabetical list of important terms used in our privacy policy that may not have been sufficiently explained so far. If these terms are derived from the GDPR and are defined within it, we will also include the GDPR text and, if necessary, add our own explanations.

​

Processor

Definition according to Article 4 of the GDPR:
For the purposes of this Regulation:

"Processor" means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

Explanation:
As a company and website owner, we are responsible for all data we process from you. In addition to controllers, there can also be so-called processors. This includes any company or person that processes personal data on our behalf. Processors can include service providers such as tax advisors, as well as hosting or cloud providers, payment service providers, newsletter providers, or large corporations like Google or Microsoft.

 

Consent

Definition according to Article 4 of the GDPR:
For the purposes of this Regulation:

"Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Explanation:
On websites, such consent is usually obtained through a cookie consent tool. You are probably familiar with this: whenever you visit a website for the first time, you are typically asked via a banner whether you agree to data processing. Often, you can also make individual settings to decide which types of data processing you allow and which you do not. If you do not give your consent, your personal data must not be processed. Of course, consent can also be given in writing, not just via a tool.

​

Personal Data

B

Definition according to Article 4 of the GDPR:
For the purposes of this Regulation:

"Personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Explanation:
Personal data includes all information that can identify you as a person. This generally includes data such as:

• Name

• Address

• Email address

• Postal address

• Telephone number

• Date of birth

• Identification numbers such as social security number, tax identification number, passport number, or student ID number

• Banking information such as account numbers, credit details, account balances, and more

According to the European Court of Justice (ECJ), your IP address is also considered personal data. IT experts can use your IP address to determine at least the approximate location of your device and, subsequently, identify you as the connection owner. Therefore, storing an IP address also requires a legal basis under the GDPR.

There are also so-called "special categories" of personal data that are considered particularly sensitive, including:

• Racial and ethnic origin

• Political opinions

• Religious or philosophical beliefs

• Trade union membership

• Genetic data (e.g., data derived from blood or saliva samples)

• Biometric data (information related to physical, physiological, or behavioral characteristics that can identify a person)

• Health data

• Data concerning sexual orientation or sex life
   

Profiling

Definition according to Article 4 of the GDPR:

For the purposes of this Regulation:

"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

Explanation:
Profiling involves collecting various types of information about a person to gain more insights into them. In the online sector, profiling is often used for advertising purposes or creditworthiness checks. Web or advertising analytics programs, for example, collect data about your behavior and interests on a website. This data is used to create a specific user profile, which helps target advertisements more effectively to particular audiences.

​

Controller

Definition according to Article 4 of the GDPR:

For the purposes of this Regulation:

"Controller" means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Explanation:
In our case, we are responsible for processing your personal data and are therefore the “controller.” If we pass the collected data on to other service providers for processing, these parties are considered “processors.” For this, a Data Processing Agreement (DPA) must be signed.

 

Processing

Definition according to Article 4 of the GDPR:

For the purposes of this Regulation:

"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Note:
When we refer to processing in our privacy policy, we mean any kind of data handling. This includes not only the collection of data but also its storage and further processing, as outlined in the original GDPR definition above.

​

Final Note

Congratulations! If you are reading these lines, you’ve either made it through our entire privacy policy or at least scrolled all the way down. As you can see from the length of our privacy policy, we take the protection of your personal data very seriously.

It’s important to us to inform you about the processing of personal data to the best of our knowledge and in good faith. We don’t just want to tell you which data is processed, but also explain the reasons behind the use of various software programs.

Privacy policies usually sound very technical and legal. However, since most of our readers are neither web developers nor legal experts, we’ve aimed to present this information in clear and simple language. Of course, this is not always possible due to the complexity of the topic. That’s why we’ve included explanations of key terms at the end of this privacy policy.

If you have any questions about data protection on our website, please don’t hesitate to contact us or the responsible authority.

We wish you a wonderful day and hope to welcome you back to our website soon!

All texts are protected by copyright.

Source: Created with the Privacy Policy Generator by AdSimple.