10 Street Name, City Name Country, Zip Code555-555-5555myemail@mailservice.com

PRIVACY POLICY

1) Introduction and contact details of the person responsible

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we will inform you about how we handle your personal data when you use our website. Personal data is all data that can be used to identify you personally.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Timon Dürr, Supernova !nnovations, Zwergsteigstraße 14, 78048 Villingen-Schwenningen, Germany, Tel.: 015159413794, Email: mail@timon-duerr.de. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

2) Data collection when visiting our website

2.1 If you use our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the website server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/reference from which you came to the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)

The processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.

3) Hosting & Content-Delivery-Network

To host our website and display the page content, we use a provider who provides its services itself or through selected subcontractors exclusively on servers within the European Union.

All data collected on our website is processed on these servers.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

4) Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. Some of these cookies are automatically deleted when you close your browser (so-called "session cookies"), while others remain on your device for longer and enable you to save page settings (so-called "persistent cookies"). In the latter case, you can find out how long they are stored in the overview of your web browser's cookie settings.

If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 Para. 1 lit. b GDPR either for the execution of the contract, in accordance with Art. 6 Para. 1 lit. a GDPR in the case of consent given or in accordance with Art. 6 Para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.

You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact us

5.1 Tidio

This website uses a live chat system from the following provider: Tidio Poland Sp. z oo, Wojska Polskiego 81, 70-481 Szczecin, Poland

The processing of personal data transmitted via chat takes place either in accordance with Art. 6 Para. 1 lit. b GDPR, because it is necessary for the initiation or execution of the contract, or in accordance with Art. 6 Para. 1 lit. f GDPR due to our legitimate interest in the effective support of our website visitors. Your data transmitted in this way will be deleted, subject to any conflicting statutory retention periods, when the matter in question has been conclusively clarified.

In addition, cookies may be used to collect and evaluate additional information for the purpose of creating pseudonymized user profiles. However, this information does not serve to identify you personally and is not merged with other data sets. If this information is personally identifiable, it is processed in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in the statistical analysis of user behavior for optimization purposes.

The setting of cookies can be prevented by using the appropriate browser settings. However, the functionality of our website may be restricted in this case. You can object to the collection and storage of data for the purpose of creating a pseudonymized user profile at any time with effect for the future.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

5.2 TidioChat (Tidio Ltd.)This website uses technologies from Tidio Ltd. 220C Blythe Road, W14 0HH, London, Great Britain (www.tidiochat.com) to collect and store anonymized data for the purposes of web analysis and to operate the live chat system to answer live support requests. User profiles can be created from this anonymized data under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of the website visitor's Internet browser. The cookies enable the Internet browser to be recognized.The data collected using TidioChat technologies will not be used to personally identify the visitor to this website without the separate consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. To avoid the storage of TidioChat cookies, you can set your Internet browser so that no more cookies can be stored on your computer in the future or cookies that have already been stored are deleted. However, deactivating all cookies can mean that some functions on our website can no longer be carried out. You can object to the collection and storage of data for the purpose of creating a pseudonymized user profile at any time with effect for the future by sending us your objection informally by e-mail to the e-mail address stated in the imprint. We have concluded an order processing contract with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

5.3 Real reviews from Net Reviews

For review reminders we use the services of the following provider: NET REVIEWS SAS, 18-20 Avenue Robert Schuman, CS 40494, 13002 Marseille, France

Solely on the basis of your express consent in accordance with Art. 6 (1) (a) GDPR, we will transmit your email address and, if applicable, other customer data to the provider so that they can contact you by email with a review reminder.

You can revoke your consent to us or the provider at any time with future effect.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

5.4 Own evaluation reminder

We will only use your email address to send you a one-time reminder to submit a review of your order based on your express consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time by sending a message to the person responsible for data processing.

5.5 Provenexpert

For review reminders we use the services of the following provider: Expert Systems AG, Quedlinburger Straße 1, 10589 Berlin, Germany

You can revoke your consent to us or the provider at any time with future effect.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

5.6 Trusted Shops

For review reminders we use the services of the following provider: Trusted Shops AG, Subbelrather Str. 15c, 50823 Cologne, Germany

You can revoke your consent to us or the provider at any time with future effect.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

5.7 Trustpilot

For review reminders we use the services of the following provider: Trustpilot A/S, Pilestræde 58, 1112 Copenhagen, Denmark

You can revoke your consent to us or the provider at any time with future effect.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

5.8 Calendly

To provide an online appointment booking function, we use the services of the following provider: Calendly, LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA

For the purpose of making an appointment, your first and last name as well as your email address (and if applicable your telephone number if you would like to make an appointment by telephone) are collected in accordance with Art. 6 (1) (b) GDPR and transmitted to the provider in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in effective customer management and efficient appointment management and stored there for appointment organization.

After the appointment has taken place or after the agreed appointment period has expired, your data will be deleted by the provider.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision of the European Commission.

5.9 WhatsApp-Business

We offer visitors to our website the opportunity to contact us via the WhatsApp messaging service of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called “business version” of WhatsApp.

If you contact us via WhatsApp regarding a specific transaction (for example, an order you have placed), we will save and use the mobile phone number you use on WhatsApp and - if provided - your first and last name in accordance with Art. 6 Paragraph 1 Letter b. GDPR to process and answer your request. On the basis of the same legal basis, we may ask you to provide further data (order number, customer number, address or email address) via WhatsApp in order to be able to assign your request to a specific process.

If you use our WhatsApp contact for general inquiries (e.g. about the range of services, availability or our website), we will save and use the mobile phone number you use for WhatsApp and - if provided - your first and last name in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in the efficient and timely provision of the requested information.

Your data will only be used to answer your request via WhatsApp. It will not be passed on to third parties.

Please note that WhatsApp Business receives access to the address book of the mobile device we use for this purpose and automatically transfers telephone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. To operate our WhatsApp Business account, we use a mobile device in whose address book only the WhatsApp contact data of those users who have contacted us via WhatsApp are stored.

This ensures that every person whose WhatsApp contact details are stored in our address book has already consented to the transmission of their WhatsApp telephone number from the address books of their chat contacts in accordance with Art. 6 Paragraph 1 Letter a of GDPR by accepting the WhatsApp terms of use when using the app for the first time on their device. The transmission of data from users who do not use WhatsApp and/or have not contacted us via WhatsApp is therefore excluded.

For the purpose and scope of data collection and the further processing and use of the data by WhatsApp as well as your rights and setting options to protect your privacy, please refer to WhatsApp's privacy policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy

As part of the processing described above, data may be transferred to Meta Platforms Inc. servers in the USA.

5.10 When you contact us (e.g. via contact form or e-mail), personal data will be processed exclusively for the purpose of processing and answering your request and only to the extent necessary for this purpose.

The legal basis for processing this data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at a contract, an additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention periods to the contrary.

6) Comment function

As part of the comment function on this website, in addition to your comment, information on the time the comment was created and the commentator name you chose will be saved and published on this website. Your IP address will also be logged and saved. This IP address is saved for security reasons and in the event that the person concerned violates the rights of third parties or posts illegal content through a comment. We need your email address in order to contact you if a third party complains that your published content is illegal.

The legal basis for storing your data is Art. 6 (1) (b) and (f) GDPR. We reserve the right to delete comments if third parties object to them as being unlawful.

7) Use of customer data for direct marketing

7.1 Registration for our email newsletter

If you sign up for our email newsletter, we will regularly send you information about our offers. The only mandatory information required to send the newsletter is your email address. Providing additional data is voluntary and will be used to address you personally. We use the so-called double opt-in procedure to send the newsletter, which ensures that you only receive the newsletter once you have expressly confirmed your consent to receive the newsletter by clicking on a verification link sent to the email address provided.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 Paragraph 1 Letter a of GDPR. We store your IP address entered by your Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your email address at a later date. The data we collect when you register for the newsletter is used strictly for the intended purpose.

You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending a message to the person responsible mentioned above. After unsubscribing, your email address will be immediately deleted from our newsletter mailing list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this declaration.

7.2 WhatsApp-Newsletter

If you sign up for our WhatsApp newsletter, we will regularly send you information about our offers via WhatsApp. The only mandatory information for sending the newsletter is your mobile phone number.

To send the newsletter, add our mobile phone number to the address contacts of your mobile device and send us the message "Start" via WhatsApp. By sending this WhatsApp message, you give us your consent to use your personal data in accordance with Art. 6 Paragraph 1 Letter a of GDPR for the purpose of sending the newsletter. We will then add you to our newsletter distribution list.

The data we collect when you register for the newsletter is processed exclusively for the purposes of advertising in the newsletter. You can unsubscribe from the newsletter at any time by sending us the message "Stop" via WhatsApp. After unsubscribing, your mobile phone number will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we inform you in this declaration.

To send our WhatsApp newsletter, we therefore use a mobile device in whose address book only the WhatsApp contact details of our newsletter recipients are stored. This ensures that every person whose WhatsApp contact details are stored in our address book has consented to the transmission of their WhatsApp telephone number from the address books of their chat contacts in accordance with Art. 6 Para. 1 lit. a GDPR by accepting the WhatsApp terms of use when using the app on their device for the first time. The transmission of data from users who do not use WhatsApp and/or have not contacted us via WhatsApp is therefore excluded.

As part of the processing described above, data may be transferred to Meta Platforms Inc. servers in the USA.

7.3 Advertising by post Based on our legitimate interest in personalized direct advertising, we reserve the right to store your first and last name, your postal address and - if we have received this additional information from you as part of the contractual relationship - your title, academic degree, year of birth and your professional, industry or business name in accordance with Art. 6 Paragraph 1 Letter f of GDPR and to use it to send you interesting offers and information about our products by post. You can object to the storage and use of your data for this purpose at any time.

8) Data processing for contract execution

8.1 To execute the contract, we work with the following service provider(s), who support us in whole or in part in the implementation of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

8.2 Use of payment service providers (payment services)

- Butler app

This website uses Butlerapp, an online booking system with integrated native payment methods on the one hand and third-party payment methods on the other.

If you pay by credit card and/or SEPA direct debit and if you select the "cash payment" payment method, we will pass on your payment data to Webbee GmbH, Mühlenstraße 8a, 14167 Berlin (hereinafter "Butlerapp") as part of the payment processing. The data will be passed on in accordance with Art. 6 Para. 1 lit. b GDPR and only to the extent that this is necessary for the payment processing.

Butlerapp reserves the right to carry out a credit check for the payment methods credit card via credit card and SEPA direct debit. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 Paragraph 1 Letter f of GDPR on the basis of Butlerapp's legitimate interest in determining your ability to pay. Butlerapp uses the result of the credit check in relation to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things, but not exclusively, address data. You can object to this processing of your data at any time by sending a message to Butlerapp. However, Butlerapp may still be entitled to process your personal data if this is necessary for the contractual payment processing.

If you use a third-party payment method, your payment details will initially be passed on to Butlerapp in accordance with Art. 6 (1) (b) GDPR to prepare the payment. Depending on your selection of an available local payment method, PayPal will then transmit your payment details to the relevant provider in accordance with Art. 6 (1) (b) GDPR to process the payment:

Apple Pay (Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Irland)
giropay (paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main, Germany)
Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland)
Klarna (Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden)
PayPal (PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxemburg)
Immediately (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)

For further information on data protection, please refer to Butlerapp's privacy policy: https://www.butlerapp.de/datenschutz/- Paypal Checkout

This website uses PayPal Checkout, an online payment system from PayPal that consists of PayPal's own payment methods and local payment methods from third parties.

When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "Pay later" via PayPal, we pass on your payment data to PayPal (Europe) Sarl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The data is passed on in accordance with Art. 6 Para. 1 lit. b GDPR and only to the extent that this is necessary for the payment processing.

PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "Pay later" via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 Paragraph 1 Letter f of GDPR on the basis of PayPal's legitimate interest in determining your ability to pay. PayPal uses the result of the credit check in relation to the statistical probability of default for the purpose of deciding whether to provide the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things, but not exclusively, address data. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.

If the PayPal payment method "purchase on account" is available and selected, your payment data will first be sent to PayPal to prepare the payment, whereupon PayPal will forward it to Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin ("Ratepay") to process the payment. The legal basis is Art. 6 Para. 1 lit. b GDPR. In this case, RatePay carries out an identity and credit check in its own name to determine your ability to pay in accordance with the principle already mentioned above and passes your payment data on to credit agencies due to the legitimate interest in determining your ability to pay in accordance with Art. 6 Para. 1 lit. f GDPR. A list of the credit agencies that Ratepay can use can be found here: https://www.ratepay.com/legal-payment-creditagencies/

If you use the payment method of a local third-party provider, your payment data will initially be passed on to PayPal in accordance with Art. 6 (1) (b) GDPR to prepare the payment. Depending on your selection of an available local payment method, PayPal will then transmit your payment data to the relevant provider in accordance with Art. 6 (1) (b) GDPR to process the payment:

- Apple Pay (Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)- Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)- iDeal (Currence Holding BV, Beethovenstraat 300 Amsterdam, Netherlands)- bancontact (Bancontact Payconiq Company, Rue d'Arlon 82, 1040 Brussels, Belgium)- blik (Polski Standard Płatności sp. z oo, ul. Czerniakowska 87A, 00-718 Warsaw, Poland)- eps (PSA Payment Services Austria GmbH, Handelskai 92, Gate 21200 Vienna, Austria)- MyBank (PRETA SAS, 40 Rue de Courcelles, F-75008 Paris, France)- Przelewy24 (PayPro SA, Kanclerska 15A, 60-326 Poznań, Poland)

For further information on data protection, please refer to PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

9) Online-Marketing

9.1 Google AdSense

This website uses Google AdSense, a web advertising service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google AdSense uses cookies, which are text files placed on your computer, to help the website analyze how users use the site. Google AdSense also uses web beacons (small invisible graphics) to collect information that can be used to record, collect, and analyze simple actions such as visitor traffic on the website. The information generated by the cookie and/or web beacon (including your IP address) about your use of the website is generally transferred to and stored by Google on servers in the United States. The information may also be transferred to Google LLC servers in the United States.

Google uses the information obtained in this way to evaluate your usage behavior with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense will not be merged with other Google data. The information collected by Google may be transferred to third parties if this is required by law and/or if third parties process this data on behalf of Google. All processing described above, in particular reading information on the device used via cookies and/or web beacons, will only be carried out if you have given us your express consent in accordance with Art. 6 Paragraph 1 Letter a of GDPR. Without this consent, Google AdSense will not be used during your visit to the site.

You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.

Google's privacy policy can be viewed here: https://www.google.de/policies/privacy/

9.2 HubSpot

This website uses the software-based marketing service of the following provider to provide and synchronize various customer management services: HubSpot Ireland Ltd., 2nd Floor 30 North Wall Quay, Dublin 1, Ireland

The service enables the automated processing of feed activities, the control of advertising in the marketing channels used and the analysis of the success of marketing measures as well as central email marketing and contact management.

Cookies are used to fulfil the various functions. These are small text files that are stored locally in the cache of your web browser on your device and enable us to analyse your use of the website. The cookies record certain information, such as the IP address, location and time of the page access.

All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

Other legal bases for data processing that are used within the framework of specific service functions (such as the need for express consent in accordance with Art. 6 Para. 1 lit. a GDPR when sending newsletters) remain unaffected.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

9.3 Own affiliate program

In connection with the product presentations on our website, we maintain our own affiliate program, within the framework of which we provide interested third-party site operators with partner links for placement on their websites that lead to our offers. Cookies are used for the affiliate program, which are generally set on the partner site after clicking on a corresponding partner link and for which we are therefore not responsible under data protection law. Cookies are small text files that are stored on your device in order to be able to trace the origin of transactions (e.g. "sales leads") that were generated via such links. This allows us to recognize, among other things, that you clicked on the partner link and were redirected to our website. This information is required for payment processing between us and the affiliate partners. If the information also contains personal data, the processing described is based on our legitimate financial interest in processing commission payments in accordance with Art. 6 Para. 1 lit. f GDPR.

If you want to block the analysis of user behavior via cookies, you can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.

10) Page functionalities

10.1 Google Maps

This website uses an online map service from the following provider: Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Maps is a web service for displaying interactive maps to visually represent geographical information. Using this service will show you our location and make it easier to find us.

As soon as you access the subpages in which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers and saved there. This may also involve transmission to the servers of Google LLC in the USA. This occurs regardless of whether Google provides a user account through which you are logged in or whether a user account already exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want to be assigned to your Google profile, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them.

The data is collected, stored and evaluated in accordance with Art. 6 (1) (f) GDPR on the basis of Google's legitimate interest in displaying personalized advertising, market research and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, but you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google when using Google Maps, you also have the option of completely deactivating the Google Maps web service by turning off the JavaScript application in your browser. Google Maps and thus also the map display on this website cannot then be used.

To the extent legally required, we have obtained your consent in accordance with Art. 6 (1) (a) GDPR for the processing of your data as described above. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option for making an objection described above.

10.2 Google reCAPTCHA

On this website we use the CAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data can also be transmitted to: Google LLC, USA. The provider uses "Google Fonts" - fonts downloaded from the Internet by Google - for the visual design of the Captcha window. No further information other than that mentioned above, which is already transmitted to Google via the ReCaptcha functionality, is processed in this case.

The service checks whether an input has been made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks and similar automated malicious access. To ensure that an action is carried out by a human and not by an automated bot, the provider collects the IP address of the end device used, identification data of the browser and operating system type used, as well as the date and duration of the visit and transmits these to the provider's servers for evaluation.

The legal basis is our legitimate interest in determining individual responsibility on the Internet and preventing misuse and spam in accordance with Art. 6 (1) (f) GDPR.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.3 Google Customer Reviews (formerly Google Certified Retailer Program)

We work with Google as part of the Google Customer Reviews program. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). This program gives us the opportunity to collect customer reviews from users of our website. After making a purchase on our website, you will be asked whether you would like to participate in an email survey from Google.

If you give your consent in accordance with Art. 6 Paragraph 1 Letter a of GDPR, we will transmit your email address to Google. You will receive an email from Google Customer Reviews asking you to rate the purchasing experience on our website. The rating you submit will then be summarized with our other ratings and displayed in our Google Customer Reviews logo and in our Merchant Center dashboard. Your rating will also be used for Google Seller Ratings. When using Google Customer Reviews, personal data may also be transmitted to Google LLC's servers in the USA.

You can revoke your consent at any time by sending a message to the data controller or to Google.

10.4 Microsoft Teams

To conduct online meetings, video conferences and/or webinars, we use this provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA

The provider processes different data, whereby the scope of the data processed depends on which data you provide before or during participation in an online meeting, video conference or webinar. Your data as a communication participant is processed and stored on the provider's servers. This can in particular be your login data (name, email address, telephone number (optional) and password) and session data (topic, participant IP address, device information, description (optional)).

In addition, image and sound contributions from participants as well as voice inputs in chats can be processed.Art. 6 (1) (b) GDPR serves as the legal basis for the processing of personal data that is necessary to fulfill a contract with you (this also applies to processing operations that are necessary to carry out pre-contractual measures). If you have given us your consent to process your data, the processing will be carried out on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.In addition, the legal basis for data processing when conducting online meetings, video conferences or webinars is our legitimate interest in accordance with Art. 6 (1) (f) GDPR in the effective conduct of the online meeting, webinar or video conference.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.5 Google Forms

To conduct surveys or online forms, we use the services of the following provider: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

In addition to transmitting data to the above-mentioned provider location, data may also be transmitted to: Google LLC, USA

The provider enables us to design and evaluate surveys and online forms. In addition to the personal data you enter in the forms, information about your operating system, browser, date and time of your visit, referrer URL and your IP address are collected, transmitted to the provider and stored on the provider's servers.

The information you enter into the forms is stored in a password-protected manner to ensure that third-party access is excluded and only we can evaluate the data for the purpose stated in the form.

When processing personal data that is necessary to fulfill a contract with you (this also applies to processing operations that are necessary to carry out pre-contractual measures), Art. 6 (1) (b) GDPR serves as the legal basis. If you have given us your consent to process your data, the processing will be carried out on the basis of Art. 6 (1) (a) GDPR. Consent given can be revoked at any time with effect for the future.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.6 JotForm

To conduct surveys or online forms, we use the services of the following provider: JotForm Inc., 111 Pine St. Suite 1815, San Francisco, CA 94111, USA

The information you enter into the forms is stored in a password-protected manner to ensure that third-party access is excluded and only we can evaluate the data for the purpose stated in the form.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.7 Microsoft Forms

To conduct surveys or online forms, we use the services of the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

The information you enter into the forms is stored in a password-protected manner to ensure that third-party access is excluded and only we can evaluate the data for the purpose stated in the form.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.8 Typeform

To conduct surveys or online forms, we use the services of the following provider: TYPEFORM SL Carrer Bac de Roda, 163, local, 08018 Barcelona, Spain

The information you enter into the forms is stored in a password-protected manner to ensure that third-party access is excluded and only we can evaluate the data for the purpose stated in the form.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

10.9 Applications for job advertisements by email

We advertise currently vacant positions in a separate section on our website, for which interested parties can apply by sending an email to the contact address provided.

Applicants must provide all personal data necessary for an informed assessment, including general information such as name, address and contact details, as well as performance-related evidence and, where applicable, health-related information. Details on how to apply can be found in the job advertisement.

After receiving the application by email, the data is stored and evaluated solely for the purpose of processing the application. If we have any queries, we use either the applicant's email address or telephone number. The processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR (or Section 26 Para. 1 BDSG), in the sense of which going through the application process counts as initiating an employment contract.

If, as part of the application process, special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g. health data such as information on severe disability) are requested from applicants, the processing will be carried out in accordance with Art. 9 (2) (b) GDPR so that we can exercise the rights arising from employment law and social security and social protection law and fulfil our obligations in this regard.

Cumulatively or alternatively, the processing of special categories of data may also be based on Art. 9 (1) (h) GDPR if it is carried out for the purposes of healthcare or occupational medicine, for the assessment of the applicant's ability to work, for medical diagnostics, for the provision of care or treatment in the health or social sector or for the administration of systems and services in the health or social sector.

If the applicant is not selected or if an applicant withdraws their application prematurely, the data they have submitted and all electronic correspondence, including the application email, will be deleted after a corresponding notification, at the latest after 6 months. This period is based on our legitimate interest in answering any follow-up questions about the application and, if necessary, in being able to meet our obligation to provide evidence under the regulations on equal treatment of applicants.

In the event of a successful application, the data provided will be processed on the basis of Art. 6 Para. 1 lit. b GDPR (if processed in Germany in conjunction with Section 26 Para. 1 BDSG) for the purpose of carrying out the employment relationship.

10.10 Online applications via a form

We advertise currently vacant positions in a separate section on our website, for which interested parties can apply using a corresponding form.

When the form is submitted, the applicant data is transmitted to us in encrypted form in accordance with the state of the art, stored by us and evaluated solely for the purpose of processing the application. The processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR (or Section 26 Para. 1 BDSG), in the sense of which completing the application process counts as initiating an employment contract.

If the applicant is not selected or if an applicant withdraws their application prematurely, the data submitted on the form and all electronic correspondence, including the application email, will be deleted after a corresponding notification, at the latest after 6 months. This period is based on our legitimate interest in answering any follow-up questions about the application and, if necessary, in being able to meet our obligation to provide evidence under the regulations on equal treatment of applicants.

11) Tools and Others

11.1 - Lexoffice

To handle accounting, we use the cloud-based accounting software service of the following provider: Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg, Germany

The provider processes incoming and outgoing invoices and, if applicable, our company's bank transactions in order to automatically record invoices, match them to transactions and use these to create financial accounting in a partially automated process.

If personal data is also processed, the processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in the efficient organization and documentation of our business transactions.

11.2 Cookie-Consent-Tool

This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "cookie consent tool" is displayed to users when they access the page in the form of an interactive user interface on which consent for certain cookies and/or cookie-based applications can be given by ticking boxes. By using the tool, all cookies/services that require consent are only loaded if the respective user gives their consent by ticking the corresponding box. This ensures that such cookies are only placed on the user's respective device if consent has been given.

The tool uses technically necessary cookies to save your cookie preferences. Personal user data is generally not processed.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

A further legal basis for the processing is Art. 6 (1) (c) GDPR. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

Where necessary, we have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

Further information about the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.

12) Rights of the data subject

12.1 The applicable data protection law grants you the following data subject rights (rights to information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective conditions for exercising them:

Right to information pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to erasure pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to information pursuant to Art. 19 GDPR;
Right to data portability according to Art. 20 GDPR;
Right to revoke consent granted in accordance with Art. 7 Para. 3 GDPR;
Right to complain according to Art. 77 GDPR.

12.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTEREST AS PART OF A BALANCE OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA IN QUESTION. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE YOUR OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

13) Duration of storage of personal data

The duration for which personal data is stored is determined based on the respective legal basis, the purpose of processing and – if applicable – also on the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of an express consent in accordance with Art. 6 (1) (a) GDPR, the data concerned will be stored until you revoke your consent.

If there are statutory retention periods for data that are processed within the framework of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) GDPR, these data will be routinely deleted after expiry of the retention periods, provided that they are no longer required to fulfill or initiate a contract and/or we no longer have a legitimate interest in continuing to store them.

When processing personal data on the basis of Art. 6 (1) (f) GDPR, these data will be stored until you exercise your right of objection in accordance with Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct advertising on the basis of Art. 6 (1) (f) GDPR, these data will be stored until you exercise your right of objection in accordance with Art. 21 (2) GDPR.

Unless the other information in this declaration on specific processing situations states otherwise, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

Ready to finally implement something visible?

Book your inspiration dialogue now for free!

Supernova !nnovations

Timon Dürr

Mail: start@createsmart.business

Phone: 0151 594 137 94

Follow us

PRIVACY POLICY

1) Introduction and contact details of the person responsible

2) Data collection when visiting our website

3) Hosting & Content-Delivery-Network

4) Cookies

5) Contact us

6) Comment function

7) Use of customer data for direct marketing

8) Data processing for contract execution

9) Online-Marketing

10) Page functionalities

11) Tools and Others

12) Rights of the data subject

13) Duration of storage of personal data

Ready to finally implement something visible?