data protection

Data protection

Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data has no consequences. This only applies if no other information is provided in the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.


Server log files
You can visit our websites without providing any personal information.
Every time you access our website, usage data is transmitted to us or our web host/IT service provider through your Internet browser and stored in protocol data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offering.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Contact

Responsible
Please contact us if you wish. The person responsible for data processing is: Kevin Ludwig, Talstr. 18, 71116 Gärtringen Germany, 07034257308, k.ludwig@klmedia.info

Customer’s initiative contact via email
If you initiate business contact with us by email, we will only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves to process and answer your contact request.
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent you provide it. The data processing serves the purpose of establishing contact.
If the contact is for the purpose of carrying out pre-contractual measures (e.g. advice in the event of a purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Paragraph 1 Letter b GDPR. If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Paragraph 1 Letter f GDPR out of our overriding legitimate interest in processing and answering your request. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 Paragraph 1 Letter f GDPR at any time for reasons arising from your particular situation. We only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.

Customer Account Orders

Customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until the revocation. Your customer account will then be deleted.


Collection, processing and transfer of personal data when placing orders
When you place an order, we only collect and process your personal data to the extent that this is necessary to fulfil and process your order and to process your enquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide the data means that no contract can be concluded. The processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR and is necessary for the fulfilment of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have chosen, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly adhere to the legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, there is an adequacy decision of the EU Commission. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified according to the TADPF. This data transfer is based on contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Reviews Advertising

Trustami customer review
The Trustami trust seal is integrated into this website to display the collected reviews and social media feedback. This serves to implement our legitimate interests in the optimal marketing of our offer on our own website in accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR. When the Trustami trust seal is called up, the web server automatically saves data (access data) in the form of a server log file that contains the name of the website accessed, the file, the date and time of access, your IP address in abbreviated form, the amount of data transferred, the message about a successful access, the browser type, the user's operating system, the referrer URL (of the previously visited page) and the requesting provider. This access data is not evaluated and is automatically overwritten no later than seven days after the end of your visit to the page. The Trustami trust seal and the services advertised with it are an offer from Trustami GmbH, Schröderstraße 5, 10115 Berlin. The processing of data collected by Trustami is subject to Trustami’s privacy policy at www.trustami.com/datenschutz (http://www.trustami.com/datenschutz).

Use of the email address for sending newsletters
We use your email address, regardless of the contract processing, exclusively for our own advertising purposes to send newsletters, provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list.

Shipping service provider merchandise management

Passing on the email address to shipping companies to inform them about the shipping status
We will pass on your email address to the transport company as part of the contract processing, provided that you have expressly agreed to this during the ordering process. The purpose of the transfer is to inform you about the shipping status by email. The processing is carried out on the basis of Art. 6 Paragraph 1 Letter a of GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out on the basis of the consent until the revocation.

Use of an external inventory management system
We use a merchandise management system to process the contract as part of order processing. For this purpose, your personal data collected as part of the order will be sent to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal.

The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 (1) (b) GDPR.

Payment service provider credit report

Using Amazon Payments
We use the payment service Amazon Payments from Amazon Payments Europe sca (38 avenue John F. Kennedy, L-1855 Luxembourg; "Amazon Payments") on our website.
The data processing serves the purpose of being able to offer you payment via the Amazon Payments payment service.
To integrate this payment service, Amazon Payments must collect, save and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you visit the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR due to our overriding legitimate interest in offering a customer-oriented range of payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
By selecting and using "Amazon Payments", the data required for payment processing will be transmitted to Amazon Payments in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Further information on data processing when using the Amazon Payments payment service can be found in the associated privacy policy at: https://pay.amazon.com/de/help/201212490 (https://pay.amazon.com/de/help/201212490)

Data collection and processing when registering for installment purchase via easyCredit
When paying by installment purchase via easyCredit, the supplementary data protection information (https://www.easycredit-ratenkauf.de/wp-content/uploads/2020/04/rk_ergaenzende_datenschutzhinweise_zum_ratenkauf_by-easycredit_2.0.pdf) for installment purchase from easyCredit applies.


Using Klarna payment options
We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna") on our website. By selecting and using payment via Klarna, the data required for payment processing will be transmitted to Klarna in order to be able to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.

Cookies may be stored here that enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 Paragraph 1 Letter f of GDPR due to our overriding legitimate interest in offering a customer-oriented range of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.

"Pay Later" (invoice), "Pay Now" (payment by direct debit), "Financing" (installment purchase)
For individual payment methods such as "Pay Later" (invoice), "Pay Now" (payment by direct debit), "Financing" (installment purchase), Klarna reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies.
For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, email address, IP address and data related to the order, to a credit agency for the purpose of identity and credit checks and uses the information received on the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values ​​(score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of the credit check for the initiation of a contract. The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Klarna makes advance payments. You have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time by notifying Klarna, for reasons arising from your particular situation. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have chosen.
Further information, in particular to which credit agencies Klarna passes on your personal data, can be found for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies) and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies)
General information about Klarna can be found for Germany at: https://www.klarna.com/de/ (https://www.klarna.com/de/) and for Austria at https://www.klarna.com/at/ (https://www.klarna.com/at/). Your personal data will be treated by Klarna in accordance with the applicable data protection regulations and in accordance with the information in Klarna's data protection regulations for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy) and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy (https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy).

Using SOFORT
We use the payment service provider SOFORT GmbH (Theresienhöhe 12, 80339 Munich, Germany; "SOFORT") to process payments on our website. Sofort GmbH is a company of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The data processing serves the purpose of being able to offer you various payment methods by processing payments via the payment service provider SOFORT. If you have chosen the payment option, the data required for payment processing will be transmitted to SOFORT. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider SOFORT can be found at https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ (https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/) and https://www.klarna.com/sofort/ (https://www.klarna.com/sofort/).


Cookies

Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is visited again.

Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the cookies from being stored and the data they contain from being transmitted. Cookies that have already been stored can be deleted at any time. However, we would like to point out that you may then not be able to use all of the functions of this website to their full extent.

The links below will tell you how to manage (including deactivate) cookies in the most important browsers:
Chrome: https://support.google.com/accounts/answer/61416?hl=en (https://support.google.com/accounts/answer/61416?hl=en)
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09 (https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09)
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen (https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen)
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac (https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac)

Technically necessary cookies
Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies for the purpose of making our service more user-friendly, effective and secure. Cookies also enable our systems to recognize your browser even after you change pages and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after you change pages.

The use of cookies or similar technologies is based on Section 25 Paragraph 2 TTDSG. The processing of your personal data is based on Art. 6 Paragraph 1 Letter f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offering.
You have the right to object to the processing of personal data concerning you at any time for reasons related to your particular situation.
Use of Consent Manager
We use the consent management tool Consentmanager from Consentmanager AB (Håltegelvägen 1b, 72348 Västerås, Sweden; "Consentmanager") on our website.
The tool enables you to give your consent to data processing via the website, in particular the setting of cookies, as well as to exercise your right to withdraw consent you have already given.
The purpose of data processing is to obtain and document the necessary consents for data processing and thus to comply with legal obligations.
Cookies can be used for this purpose. The following information, among others, can be collected and transmitted to Consent Manager: date and time of the page visit, information about the browser you use and the device you use, anonymized IP address, opt-in and opt-out data. This data will not be passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 (1) lit. c GDPR.
Further information on data protection at Consentmanager can be found at: https://www.consentmanager.net/privacy.php (https://www.consentmanager.net/privacy.php)

communication

Using the Smartsupp live chat system
We use the live chat system of Smartsupp.com, sro (Šumavská 31, 602 00 Brno, Czech Republic; "Smartsupp") on our website as part of order processing.
The data processing serves the purpose of direct and efficient communication between you and us as the provider. Anonymized data is also collected and stored for marketing and optimization purposes, from which user profiles can be created under a pseudonym.
When you visit our website, the chat widget is loaded in the form of a JavaScript file from AWS Cloudfront, which technically enables the chat.
In order to operate the live chat system, cookies are also used that enable the browser to be recognized. Among other things, the following information can be collected and processed: IP address, pages visited, information about the browser and device used, and personal data provided by you when using the chat system.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data processing at Smartsupp can be found at https://www.smartsupp.com/help/privacy-policy/ (https://www.smartsupp.com/help/privacy-policy/) and https://www.smartsupp.com/help/privacy/ (https://www.smartsupp.com/help/privacy/)


Plug-ins and Others


Using Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of needs-based design and optimization of our website.
The Google Tag Manager itself does not store cookies, nor does it process personal data. However, it does enable the triggering of additional tags that can collect and process personal data.
Further information on terms of use and data protection can be found here (https://www.google.com/intl/de/tagmanager/use-policy.html).
Use of social plug-ins via "Shariff"
We use social network plug-ins on our website. To ensure that you retain control over your data, we use the privacy-safe "Shariff" buttons.
Without your express consent, no links will be established to the social network servers and consequently no data will be transmitted.
"Shariff" is a development by the specialists at the computer magazine c't. It enables more privacy on the Internet and replaces the usual "Share" buttons on social networks. You can find more information about the Shariff project here https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html (https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html).
When you click on the buttons, a pop-up window appears in which you can log in to the respective provider using your data. Only after you have actively logged in will a direct connection to the social networks be established.
By logging in, you consent to the transfer of your data to the respective social media provider. This includes, among other things, your IP address and information about which of our pages you have visited. If you are connected to one or more of your social network accounts at the same time, the information collected will also be assigned to your corresponding profiles. You can only prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks named below are integrated using the "Shariff" function.
Further information on the scope and purpose of the collection and use of data as well as your rights and options for protecting your privacy can be found in the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php (https://www.facebook.com/policy.php)
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388 (https://help.instagram.com/155833707900388).
Your data may be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy (https://policy.pinterest.com/de/privacy-policy)
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified according to the TADPF.


X, formerly known as Twitter, (Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland)
https://twitter.com/privacy (https://twitter.com/privacy)
https://twitter.com/personalization (https://twitter.com/personalization)
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). X is not certified according to the TADPF.

Use of Google reCAPTCHA
We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The query serves the purpose of distinguishing between input by a human and automated, machine processing. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and may also be transmitted to Google LLC servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information about Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html (https://www.google.com/recaptcha/intro/android.html) and https://www.google.com/privacy (https://www.google.com/privacy).
Use of Google Maps
We use the function for embedding Google Maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google") on our website.
The function enables the visual representation of geographical information and interactive maps. When the pages in which Google Maps are integrated are accessed, Google also collects, processes and uses data from visitors to the website.
Your data may also be transferred to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about the collection and use of data by Google, please see Google's privacy policy at https://www.google.com/privacypolicy.html (https://www.google.com/privacypolicy.html). There you also have the option of changing your settings in the data protection center so that you can manage and protect the data processed by Google.

Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The function displays videos stored on YouTube in an iFrame on the website. The "Extended data protection mode" option is activated. This means that YouTube does not store any information about visitors to the website. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
For more information about the collection and use of data by YouTube and Google, your rights in this regard, and options for protecting your privacy, please see YouTube's privacy policy at https://www.youtube.com/t/privacy (https://www.youtube.com/t/privacy).

Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of uniform display of fonts on our website. In order to load the fonts, a connection is established to Google servers when the page is accessed. Cookies may be used for this purpose. Your IP address and information about the browser you use are processed and sent to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Art. 6 Paragraph 1 Letter a of GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ (https://www.google.de/intl/de/policies/) and at https://developers.google.com/fonts/faq (https://developers.google.com/fonts/faq).

Rights of data subjects and storage period

Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular those under tax and commercial law, and then deleted after the deadline has expired, unless you have consented to further processing and use.

Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
Furthermore, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR and to processing for direct marketing purposes.

Right to complain to the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.

You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Koenigstrasse 10 a
70173 Stuttgart
Phone: +49 711 6155410
Fax: +49 711 61554115
Email: poststelle@lfdi.bwl.de

Right to object
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
Once you have objected, the processing of the data concerned will be stopped unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

last update: 29.11.2023