FarmManager LogoHeader

Privacy Policy

Please read our privacy policy carefully.

We are very pleased about your interest in our company. Data protection has an especially high priority for the management of Software Development Sebastian Bleuel. Using the websites of Software Development Sebastian Bleuel is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, the processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to Software Development Sebastian Bleuel. With this privacy policy, our company aims to inform the public about the type, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed of their rights through this privacy policy.

Software Development Sebastian Bleuel, as the data controller, has implemented numerous technical and organizational measures to ensure the most comprehensive protection of personal data processed through this website. Nevertheless, internet-based data transmissions can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative methods, such as by telephone.

1. Definitions
  • The privacy policy of Software Development Sebastian Bleuel is based on the terminology used by the European legislators when enacting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easily readable and understandable for the public, as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.
  • In this privacy policy, we use the following terms, among others:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter 'data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data subject
Data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
e) Profiling
Profiling means any form of automated processing of personal data consisting of using personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.
f) Pseudonymization
Pseudonymization means processing personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
g) Controller or data controller
Controller or data controller means the natural or legal person, authority, institution, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided by Union or Member State law.
h) Processor
Processor means a natural or legal person, authority, institution, or other body that processes personal data on behalf of the controller.
i) Recipient
Recipient means a natural or legal person, public authority, agency, or another body to which personal data is disclosed, whether a third party or not. However, authorities that may receive personal data in the context of a specific investigation task under Union or Member State law are not considered recipients.
j) Third party
Third party means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons authorized to process personal data under the direct authority of the controller or processor.
k) Consent
Consent means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
2. Name and Address of the Data Controller
  • The controller within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Member States of the European Union, and other provisions of a data protection nature is:
  • Software Development Sebastian Bleuel
  • Ortesweg 10
  • 36145 Hofbieber
  • Germany
  • Tel.: 0157 32599053
  • E-Mail: info@farmmanager.cloud
  • Website: https://sebastian-bleuel.de/
3. Cookies
  • The websites of Software Development Sebastian Bleuel use cookies. Cookies are text files that are stored on a computer system via a web browser.
  • Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string that allows websites and servers to associate the cookie with a specific web browser in which the cookie is stored. This enables the visited websites and servers to distinguish the individual browser of the user from other browsers containing different cookies. A particular browser can be recognized and identified by its unique cookie ID.
  • Using cookies, Software Development Sebastian Bleuel can provide users of this website with more user-friendly services that would not be possible without setting cookies.
  • Through a cookie, the information and offerings on our website can be optimized for the user. Cookies allow us to recognize users of our website. The purpose of this recognition is to make using our website easier for the users. For example, a user does not have to re-enter their login details every time they visit the website, as this information is stored in the cookie on their system. Another example is a shopping cart cookie in an online shop. The online shop remembers the items a customer has placed in the virtual cart via a cookie.
  • The user can prevent the setting of cookies by our website at any time via the browser settings, thus objecting to the use of cookies permanently. Furthermore, already set cookies can be deleted at any time via the browser or other software. This is possible in all common browsers. If the user disables cookies in the browser, not all functions of our website may be fully available.
4. Collection of General Data and Information
  • The website of Software Development Sebastian Bleuel collects a range of general data and information with each visit by a user or automated system. These general data and information are stored in the server log files. The collected data may include (1) the types and versions of browsers used, (2) the operating system of the accessing system, (3) the website from which the user accessed our website (referrer), (4) the subpages accessed on our website, (5) the date and time of access, (6) an IP address, (7) the Internet service provider of the accessing system, and (8) other similar data and information used to prevent threats in case of attacks on our IT systems.
  • Software Development Sebastian Bleuel does not draw any conclusions about the user from this general data and information. This information is required to (1) correctly deliver website content, (2) optimize the content and advertising of the website, (3) ensure the permanent functionality of our IT systems and website technology, and (4) provide law enforcement authorities with necessary information in case of a cyberattack. These anonymously collected data and information are evaluated statistically and to improve data protection and security, ultimately ensuring an optimal level of protection for the personal data processed. Anonymous server log data are stored separately from any personal data provided by the user.
5. Registration on Our Website
  • Users have the option to register on the website of the data controller by providing personal data. The personal data transmitted to the controller is determined by the input form used for registration. Personal data provided by the user is collected and stored exclusively for internal use by the controller and for its own purposes. The controller may pass this data to one or more processors, such as a delivery service, who will use the data exclusively for internal purposes attributable to the controller.
  • By registering on the website, the IP address assigned by the user's ISP, the date, and the time of registration are also stored. This is necessary to prevent misuse of our services and, if necessary, to help clarify crimes. Thus, storing these data is required to protect the controller. Data is generally not shared with third parties unless legally required or for law enforcement purposes.
  • Registration allows the controller to offer content or services only available to registered users. Registered users can modify or delete their personal data at any time.
  • The controller provides users with access to the personal data stored about them on request. Personal data can also be corrected or deleted at the request of the user, provided no legal retention obligations exist. All employees of the controller are available as contacts for users in this regard.
6. Subscription to Our Newsletter
  • The website allows users to subscribe to our company newsletter. The personal data required for newsletter registration is determined by the input form used.
  • Software Development Sebastian Bleuel informs customers and partners via newsletter about company offers. A newsletter can only be received if (1) the user has a valid email address and (2) has registered for the newsletter. A confirmation email is sent via double opt-in to verify that the user authorizes receipt of the newsletter.
  • When registering, we also store the IP address assigned by the ISP of the user's computer, along with the date and time. This helps to trace any misuse of the email address and serves as legal protection for the controller.
  • Personal data collected for the newsletter is used exclusively for sending the newsletter. Subscribers may also be informed by email if required for the operation of the service or related registration, e.g., changes to the newsletter or technical updates. Personal data is not shared with third parties. Users may unsubscribe at any time. Consent to store personal data for newsletter purposes can be withdrawn anytime via a link in the newsletter or by contacting the controller directly.
7. Newsletter Tracking
  • The newsletters contain tracking pixels, which are tiny graphics embedded in HTML emails that allow logging and analysis. This enables statistical evaluation of the success or failure of online marketing campaigns. The tracking pixel allows Software Development Sebastian Bleuel to see if and when an email was opened and which links were clicked.
  • Personal data collected via tracking pixels is stored and analyzed by the controller to optimize newsletter delivery and tailor future content to the user’s interests. These data are not shared with third parties. Users may revoke their separate consent given via double opt-in at any time. After revocation, the data is deleted. Unsubscribing from the newsletter is automatically treated as a revocation by Software Development Sebastian Bleuel.
8. Contact via the Website
  • The website of Software Development Sebastian Bleuel contains information required by law that allows for rapid electronic contact with our company and direct communication with us, including a general electronic mail address (email address). If a data subject contacts the responsible party via email or a contact form, the personal data submitted by the data subject is automatically stored. Personal data voluntarily provided by a data subject to the responsible party is stored for the purpose of processing or contacting the data subject. These personal data are not shared with third parties.
9. Routine Deletion and Blocking of Personal Data
  • The responsible party processes and stores the personal data of the data subject only for the period necessary to achieve the storage purpose or as required by the European legislator or another applicable law to which the responsible party is subject.
  • If the storage purpose no longer applies or a legally prescribed storage period expires, the personal data is routinely blocked or deleted in accordance with legal requirements.
10. Rights of the Data Subject
a) Right of Confirmation
Every data subject has the right granted by the European legislator to obtain confirmation from the responsible party as to whether personal data concerning them is being processed. A data subject may exercise this right at any time by contacting an employee of the responsible party.
b) Right of Access
Every data subject whose personal data is processed has the right granted by the European legislator to obtain free information from the responsible party at any time about the personal data stored about them, as well as a copy of this information. The European legislator also grants the data subject the right to information on the following:
  • the purposes of the processing
  • the categories of personal data being processed
  • the recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly recipients in third countries or international organizations
  • where possible, the planned duration for which the personal data will be stored, or, if not possible, the criteria used to determine that duration
  • the existence of the right to rectification or erasure of personal data, the right to restrict processing, or the right to object to processing
  • the existence of a right to lodge a complaint with a supervisory authority
  • if the personal data was not collected from the data subject: all available information about the source of the data
  • the existence of automated decision-making, including profiling, according to Article 22(1) and (4) GDPR, and in such cases meaningful information about the logic involved and the significance and expected consequences of such processing for the data subject
Furthermore, the data subject has the right to know whether personal data has been transferred to a third country or an international organization, and if so, the data subject has the right to information on the appropriate safeguards related to the transfer.
A data subject wishing to exercise this right of access may contact an employee of the responsible party at any time.
c) Right to Rectification

Every data subject has the right granted by the European legislator to obtain the immediate correction of inaccurate personal data concerning them. The data subject also has the right to have incomplete personal data completed, considering the purposes of processing, including by means of a supplementary statement.

A data subject wishing to exercise this right may contact an employee of the responsible party at any time.

d) Right to Erasure (Right to be Forgotten)

Every data subject has the right granted by the European legislator to request the deletion of personal data concerning them from the responsible party without undue delay, provided one of the following reasons applies and the processing is not required:

The personal data was collected or otherwise processed for purposes that are no longer necessary.

The data subject withdraws consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a) GDPR, and no other legal ground exists for processing.

The data subject objects to processing under Article 21(1) GDPR, and there are no overriding legitimate grounds for processing, or objects under Article 21(2) GDPR.

The personal data has been unlawfully processed.

The deletion of personal data is required to fulfill a legal obligation under Union or Member State law to which the responsible party is subject.

The personal data was collected in relation to information society services offered under Article 8(1) GDPR.

If any of the above reasons apply and a data subject wishes to have their personal data stored by Software Development Sebastian Bleuel deleted, they may contact an employee of the responsible party at any time. The employee will ensure that the deletion request is promptly fulfilled.

If the personal data has been made public by Software Development Sebastian Bleuel and the company, as the responsible party, is obliged under Article 17(1) GDPR to delete the personal data, Software Development Sebastian Bleuel will take appropriate measures, considering available technology and implementation costs, to inform other data controllers who process the published personal data that the data subject has requested the deletion of all links, copies, or replications of such personal data, unless processing is required. The employee of Software Development Sebastian Bleuel will handle the necessary steps on a case-by-case basis.

e) Right to Restriction of Processing

Any person affected by the processing of personal data has the right, granted by the European legislator, to request the restriction of processing by the controller if one of the following conditions applies:

The accuracy of the personal data is contested by the data subject, for a period that allows the controller to verify the accuracy of the personal data.

The processing is unlawful, the data subject opposes the deletion of the personal data, and instead requests the restriction of their use.

The controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise, or defense of legal claims.

The data subject has objected to the processing pursuant to Article 21(1) GDPR, and it is not yet clear whether the legitimate grounds of the controller override those of the data subject.

If one of the above conditions applies and a data subject wishes to request the restriction of personal data stored by Softwareentwicklung Sebastian Bleuel, they may contact an employee of the controller at any time. The employee will initiate the restriction of processing.

f) Right to Data Portability

Any person affected by the processing of personal data has the right, granted by the European legislator, to receive the personal data concerning them, which they provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit these data to another controller without hindrance from the controller to which the personal data were provided, provided the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR, and the processing is carried out by automated means, unless processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, when exercising their right to data portability pursuant to Article 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, insofar as technically feasible and provided that this does not affect the rights and freedoms of others.

To exercise the right to data portability, the data subject may contact an employee of Softwareentwicklung Sebastian Bleuel at any time.

g) Right to Object

Any person affected by the processing of personal data has the right, granted by the European legislator, to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them, which is carried out pursuant to Article 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions.

Softwareentwicklung Sebastian Bleuel will no longer process the personal data in case of an objection, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is for the establishment, exercise, or defense of legal claims.

If Softwareentwicklung Sebastian Bleuel processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for such advertising. This also applies to profiling insofar as it is related to such direct marketing. If the data subject objects to the processing for direct marketing purposes, Softwareentwicklung Sebastian Bleuel will no longer process the personal data for these purposes.

The data subject also has the right to object, for reasons relating to their particular situation, to the processing of personal data for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

To exercise the right to object, the data subject may contact any employee of Softwareentwicklung Sebastian Bleuel directly. Furthermore, in connection with the use of information society services, the data subject may exercise their right to object using automated procedures, irrespective of Directive 2002/58/EC.

h) Automated Individual Decision-Making Including Profiling

Any person affected by the processing of personal data has the right, granted by the European legislator, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, unless the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is authorized by Union or Member State law to which the controller is subject and which lays down suitable measures to safeguard the data subject’s rights, freedoms, and legitimate interests, or (3) is based on the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is based on the explicit consent of the data subject, Softwareentwicklung Sebastian Bleuel will implement appropriate measures to safeguard the rights, freedoms, and legitimate interests of the data subject, including at least the right to obtain human intervention, to express their point of view, and to contest the decision.

If the data subject wishes to exercise rights regarding automated decisions, they may contact an employee of the controller at any time.

i) Right to Withdraw Consent to Data Processing

Any person affected by the processing of personal data has the right, granted by the European legislator, to withdraw consent to the processing of personal data at any time.

If the data subject wishes to exercise their right to withdraw consent, they may contact an employee of the controller at any time.

11. Data Protection Information Regarding the Use of Instagram
  • The controller has integrated components of the Instagram service on this website. Instagram is a service classified as an audiovisual platform, enabling users to share photos and videos and to redistribute such data on other social networks.
  • The service provider of Instagram is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
  • Each time a page of this website with an Instagram component (Insta-Button) is accessed, the web browser on the data subject’s IT system automatically downloads the corresponding Instagram component. Through this technical process, Instagram becomes aware of which specific subpage of our website is visited by the data subject.
  • If the data subject is simultaneously logged into Instagram, Instagram can identify, for the duration of the visit, which subpage of our website is being accessed. This information is collected by Instagram and linked to the data subject’s Instagram account. If the data subject clicks an integrated Instagram button, the transmitted data is associated with their personal Instagram account and processed by Instagram.
  • Instagram receives information about the visit whenever the data subject is logged into Instagram at the time of accessing our website, regardless of whether the Instagram component is clicked. To prevent this, the data subject can log out of Instagram before accessing our website.
  • More information and Instagram’s applicable privacy policies can be found athttps://help.instagram.com/155833707900388andhttps://www.instagram.com/about/legal/privacy/.
12. Data Protection Information Regarding the Use of LinkedIn
  • The controller has integrated components from LinkedIn Corporation on this website. LinkedIn is an online social network that allows users to connect with existing business contacts and establish new business contacts. Over 400 million registered users in more than 200 countries use LinkedIn, making it the largest platform for business contacts and one of the most visited websites in the world.
  • LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For data protection matters outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.
  • Each time our website with a LinkedIn component (LinkedIn plug-in) is accessed, the component causes the browser to download the LinkedIn component. LinkedIn receives information about which specific subpage is accessed.
  • If the data subject is logged into LinkedIn, LinkedIn collects information about the visited subpages during the session and links it to their LinkedIn account. Clicking the LinkedIn button associates the data with the personal LinkedIn account.
  • LinkedIn receives information about the website visit whenever the user is logged into LinkedIn at the time of access, regardless of clicking the component. To prevent this, log out of LinkedIn before visiting our website.
  • LinkedIn offers the option to manage email, SMS, and targeted ads athttps://www.linkedin.com/psettings/guest-controlsand more information about LinkedIn cookies can be found athttps://www.linkedin.com/legal/cookie-policyPrivacy policies are available athttps://www.linkedin.com/legal/privacy-policyand the cookie policy athttps://www.linkedin.com/legal/cookie-policy.
13. Data Protection Information Regarding the Use of Matomo
  • The controller has integrated Matomo on this website. Matomo is an open-source web analytics tool used to collect, store, and analyze data about visitor behavior on websites.
  • Matomo collects data such as referrers, visited subpages, frequency, and duration of visits. It is primarily used to optimize websites and analyze the cost-effectiveness of online advertising.
  • The software is hosted on the controller’s server, and sensitive log files are stored solely on this server.
  • The purpose of Matomo is to analyze visitor flows. The controller uses the collected data to generate online reports showing activity on the website.
  • Matomo sets a cookie on the data subject’s IT system. This enables analysis of website usage. Each page visit automatically triggers data transmission for online analysis, including the IP address.
  • Cookies store information such as access time, location, and frequency of visits. These data, including the IP address, are transmitted to the server and stored, but not shared with third parties.
  • The data subject can block cookies in the browser settings or delete already set cookies. Enabling Do Not Track prevents Matomo from collecting data.
  • Blocking Matomo cookies may limit full website functionality.
  • Further information and the applicable privacy policy of Matomo can be found athttps://matomo.org/privacy/.
14. Privacy Policy for the Use of Twitter
  • The controller has integrated Twitter components on this website. Twitter is a multilingual, publicly accessible microblogging service where users can post and share Tweets, i.e., short messages limited to 280 characters. These short messages are visible to everyone, including users not registered with Twitter, but they are also shown to the followers of the respective user. Followers are other Twitter users who follow a user’s Tweets. Twitter also allows reaching a wide audience via hashtags, links, or retweets.
  • The operator of Twitter is Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07, Ireland.
  • Whenever a page on this website, operated by the controller, containing a Twitter component (Twitter button) is accessed, the internet browser on the user’s system is automatically instructed by the Twitter component to download a representation of the respective Twitter component. More information about Twitter buttons can be found athttps://about.twitter.com/de/resources/buttons. As part of this technical process, Twitter becomes aware of which specific subpage of our website is visited. The purpose of integrating the Twitter component is to allow our users to share content from this website, increase the website’s visibility online, and boost our visitor numbers.
  • If the person is simultaneously logged into Twitter, Twitter recognizes with every visit to our website which specific subpage is visited during the entire session. This information is collected by the Twitter component and associated with the person’s Twitter account. If the person clicks one of the integrated Twitter buttons, the transmitted data is linked to their personal Twitter account and stored and processed by Twitter.
  • Twitter receives information via the Twitter component whenever the person visits our website while logged into Twitter, regardless of whether the Twitter component is clicked. If the person does not want this data to be transmitted to Twitter, they can prevent it by logging out of their Twitter account before visiting our website.
  • The applicable privacy policy of Twitter can be found athttps://twitter.com/de/privacy.
15. Privacy Policy for the Use of Xing
  • The controller has integrated Xing components on this website. Xing is an online social network that allows users to connect with existing business contacts and establish new business connections. Users can create personal profiles, and companies can create company profiles or post job offers.
  • Xing is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
  • Whenever a page on this website containing a Xing component (Xing plugin) is accessed, the internet browser on the user’s system is automatically instructed by the Xing component to download a representation of the respective Xing component. More information about the Xing plugins can be found athttps://dev.xing.com/plugins. Through this process, Xing becomes aware of which specific subpage of our website is visited.
  • If the person is simultaneously logged into Xing, Xing recognizes with every visit which specific subpage is visited and links this information to the person’s Xing account. If the person clicks one of the integrated Xing buttons, e.g., the 'Share' button, Xing associates this information with their account and stores the data.
  • Xing receives information via the Xing component whenever the person visits our website while logged into Xing, regardless of whether the Xing component is clicked. To prevent this, the person can log out of their Xing account before visiting the site.
  • The privacy policy published by Xing, available athttps://www.xing.com/privacy, provides information on the collection, processing, and use of personal data by Xing. Xing has also published privacy information for the XING Share button athttps://www.xing.com/app/share?op=data_protection
16. Privacy Policy for the Use of YouTube
  • The controller has integrated YouTube components on this website. YouTube is an internet video portal that allows video publishers to upload videos for free and users to view, rate, and comment on them free of charge. YouTube allows the publication of all types of videos, including full movies, TV shows, music videos, trailers, and user-generated content.
  • YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
  • Whenever a page on this website containing a YouTube component (YouTube video) is accessed, the internet browser on the user’s system is automatically instructed by the YouTube component to download a representation of the respective YouTube component. More information about YouTube can be found athttps://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google learn which specific subpage of our website is visited by the user.
  • If the person is simultaneously logged into YouTube, YouTube recognizes which specific subpage containing a video is accessed and links this information to the person’s YouTube account.
  • YouTube and Google receive information via the YouTube component whenever the person visits our website while logged into YouTube, regardless of whether the video is clicked. To prevent this, the person can log out of their YouTube account before visiting the website.
  • The privacy policy published by YouTube, available athttps://www.google.de/intl/de/policies/privacy/, provides information on the collection, processing, and use of personal data by YouTube and Google.
17. Payment Method: Privacy Policy for Klarna as a Payment Option
  • The data controller has integrated Klarna components on this website. Klarna is an online payment service provider that enables purchases on invoice or flexible installment payments. Klarna also offers additional services, such as buyer protection and identity and credit checks.
  • Klarna is operated by Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden.
  • If the data subject selects either 'Purchase on Invoice' or 'Installment Purchase' during the checkout process in our online shop, data is automatically transmitted to Klarna. By selecting one of these payment options, the data subject consents to the transmission of personal data necessary for processing the invoice or installment payment or for identity and credit verification.
  • The personal data transmitted to Klarna typically includes first name, last name, address, date of birth, gender, email address, IP address, telephone number, mobile number, and other information necessary to process an invoice or installment purchase. Personal data related to the specific order may also be transmitted, including payment details (bank account, card number, expiration date, CVC), item quantities, item numbers, product/service data, prices and taxes, past purchase behavior, or other financial information.
  • The transmission of data serves to verify identity, manage payments, and prevent fraud. The data controller will transmit personal data to Klarna particularly when a legitimate interest exists. Personal data exchanged between Klarna and the data controller may also be sent to credit agencies for identity and credit checks.
  • Klarna may also share personal data with affiliated companies (Klarna Group) and service providers or subcontractors to fulfill contractual obligations or to process data on behalf of the controller.
  • For determining, implementing, or terminating a contractual relationship, Klarna collects and uses data on the data subject’s payment history and likelihood of future behavior (so-called scoring), calculated using scientifically recognized mathematical-statistical methods.
  • The data subject may revoke consent for the processing of personal data at any time with Klarna. Revocation does not affect data that must be processed, used, or transmitted for proper (contractual) payment processing.
  • Klarna's applicable privacy policy can be accessed athttps://cdn.klarna.com/1.0/shared/content/policy/data/de_de/data_protection.pdf.
18. Payment Method: Privacy Policy for PayPal as a Payment Option
  • The data controller has integrated PayPal components on this website. PayPal is an online payment service provider. Payments are processed via PayPal accounts, which are virtual personal or business accounts. PayPal also allows virtual payments via credit card if a user does not have a PayPal account. A PayPal account is associated with an email address, so there is no traditional account number. PayPal enables sending and receiving online payments and offers escrow and buyer protection services.
  • The European operator of PayPal is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg.
  • If the data subject selects 'PayPal' as the payment method during checkout, data is automatically transmitted to PayPal. By choosing this option, the data subject consents to the transfer of personal data required for payment processing.
  • The personal data transmitted to PayPal typically includes first name, last name, address, email, IP address, phone number, mobile number, or other data necessary for payment processing. Personal data related to the order may also be transmitted.
  • The data transmission serves payment processing and fraud prevention. The data controller will transmit personal data to PayPal particularly when a legitimate interest exists. Data exchanged between PayPal and the data controller may also be sent to credit agencies for identity and credit checks.
  • PayPal may share personal data with affiliated companies, service providers, or subcontractors to fulfill contractual obligations or process data on behalf of the controller.
  • The data subject may revoke consent for processing personal data at any time with PayPal. Revocation does not affect data that must be processed, used, or transmitted for proper (contractual) payment processing.
  • The current privacy policy of PayPal can be accessed athttps://www.paypal.com/de/webapps/mpp/ua/privacy-full.
19. Payment Method: Privacy Policy for Sofortüberweisung as a Payment Method
  • The data controller has integrated Sofortüberweisung components on this website. Sofortüberweisung is a payment service that allows cashless payment for products and services online. It uses a technical process through which the online merchant immediately receives a payment confirmation. This enables the merchant to deliver goods, services, or downloads to the customer immediately after the order.
  • Sofortüberweisung is operated by Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden.
  • If the data subject selects 'Sofortüberweisung' as the payment method during the order process in our online shop, data is automatically transmitted to Sofortüberweisung. By selecting this payment option, the data subject consents to the transmission of personal data necessary for payment processing.
  • During the purchase process via Sofortüberweisung, the buyer transmits the PIN and TAN to Sofort GmbH. Sofortüberweisung then performs a transfer to the online merchant after technically checking the account balance and retrieving additional data to verify coverage. The completion of the financial transaction is then automatically communicated to the online merchant.
  • The personal data exchanged with Sofortüberweisung includes first name, last name, address, email address, IP address, phone number, mobile number, or other data necessary for payment processing. The transmission of data serves payment processing and fraud prevention. The data controller may also transmit other personal data to Sofortüberweisung if there is a legitimate interest in doing so. Personal data exchanged between Sofortüberweisung and the data controller may, under certain circumstances, be transmitted to credit agencies. This transmission is intended for identity and credit checks.
  • Sofortüberweisung may also transfer personal data to affiliated companies, service providers, or subcontractors, insofar as this is necessary to fulfill contractual obligations or the data is to be processed on behalf of the controller.
  • The data subject has the right to revoke consent for the processing of personal data at any time with Sofortüberweisung. Such a revocation does not affect personal data that must necessarily be processed, used, or transmitted for contractual payment processing.
  • The current privacy policy of Sofortüberweisung can be accessed athttps://www.klarna.com/sofort/datenschutz/.
20. Legal Basis for Processing
  • Art. 6 I lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case for processing operations required for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to processing operations necessary for pre-contractual measures, such as inquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data, such as fulfilling tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, processing personal data may be necessary to protect the vital interests of the data subject or another natural person. For example, if a visitor were injured in our premises, their name, age, health insurance data, or other vital information would need to be provided to a doctor, hospital, or other third parties. In that case, the processing would be based on Art. 6 I lit. d GDPR.
  • Finally, processing operations could be based on Art. 6 I lit. f GDPR. This legal basis applies to processing operations not covered by any of the aforementioned legal bases when processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not override it. Such processing operations are allowed in particular because they are explicitly mentioned by the European legislator, who considered that a legitimate interest could exist if the data subject is a customer of the controller (Recital 47 sentence 2 GDPR).
21. Legitimate Interests Pursued by the Controller or a Third Party
  • If the processing of personal data is based on Art. 6 I lit. f GDPR, our legitimate interest is the conduct of our business activities in favor of the well-being of all our employees and shareholders.
22. Duration of Storage of Personal Data
  • The criterion for the duration of storage of personal data is the respective statutory retention period. After the period expires, the corresponding data will be routinely deleted, provided they are no longer required for contract fulfillment or initiation.
23. Legal or Contractual Requirements for Providing Personal Data; Necessity for Contract Conclusion; Obligation of the Data Subject to Provide Personal Data; Possible Consequences of Non-Provision
  • We inform you that providing personal data may be legally required (e.g., tax regulations) or may arise from contractual obligations (e.g., information about a contractual partner).
  • Sometimes it may be necessary for the conclusion of a contract that a data subject provides us with personal data, which will then be processed by us. For example, the data subject is required to provide personal data when our company enters into a contract with them. Failure to provide the personal data would result in the contract not being concluded.
  • Before providing personal data, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of personal data is legally or contractually required, necessary for the conclusion of a contract, whether there is an obligation to provide the personal data, and what the consequences of non-provision would be.
24. Existence of Automated Decision-Making
Imprint