INTRODUCTION AND OVERVIEW
We have written this privacy statement (version 06.05.2021-321280673) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the controller – and the processors (e.g. providers) commissioned by us – process, will process in the future and what lawful options you have. The terms used are to be understood as gender-neutral.
In short, we inform you comprehensively about data we process about you.
Privacy statements usually sound very technical and use legal terminology. This privacy statement, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. To the extent that it is conducive to transparency, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used. In this way, we inform you in clear and simple language that we only process personal data in the course of our business activities if there is a corresponding legal basis. This is certainly not possible by providing the most concise, unclear and legalistic explanations possible, as is often standard practice on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is one or two pieces of information that you did not yet know.
If you still have questions, we would like to ask you to contact the responsible office mentioned below or in the imprint, to follow the existing links and to look at further information on third party sites. Our contact details can of course also be found in the imprint.
SCOPE OF APPLICATION
all online presences (websites, online stores) that we operate
social media presences and email communication
mobile apps for smartphones and other devices
In short: all areas where personal data is processed in a structured way within the company.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016, which you can of course read online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679.
We only process your data if at least one of the following conditions applies:
Consent (Article 6(1)(a) DSGVO): you have given us your consent to process data for a specific purpose. An example would be the storage of your entered data of a contact form.
Contract (Article 6(1)(a) DSGVO): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.
Legal obligation (Article 6(1)(a) DSGVO): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
Legitimate interests (Article 6(1)(a) DSGVO): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data to operate our website securely and economically efficiently, this processing is therefore a legitimate interest.
Other conditions, such as the exercise of recording in the public interest and exercise of official authority, as well as the protection of vital interests, do not usually arise for us. If such a legal basis should be relevant, it will be indicated at the appropriate place.
In addition to the EU Regulation, national laws also apply:
In Austria, this is the Federal Act on the Protection of Individuals with regard to the Processing of Personal Data (Data Protection Act), or DSG for short.
In Germany, the Federal Data Protection Act, or BDSG for short, applies.
If other regional or national laws apply, we will inform you about them in the following sections.
AUTOMATIC DATA STORAGE
When you visit websites nowadays, certain information is automatically created and stored, including on this website. This collected data should be collected as sparingly as possible and only with justification. By website, by the way, we mean the entirety of all web pages on your domain, i.e. everything from the home page (homepage) to the very last subpage (like this one). By domain we mean, for example, example.de or example.com.
Even while you are visiting our website right now, our web server – that is the computer on which this website is stored – usually automatically stores data for reasons of operational security, to compile access statistics, etc., such as
the complete Internet address (URL) of the accessed website (e.g. https://www.beispielwebsite.de/beispielunterseite.html/)
browser and browser version (e.g. Chrome 87)
the operating system used (e.g. Windows 10)
the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
the host name and IP address of the device from which access is made (e.g. COMPUTERNAME and 18.104.22.168)
date and time
in files called web server log files.
For illustration purposes:
Browser and web server
As a rule, these files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of unlawful behavior.
In short, your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not share your data!
Our website uses HTTP cookies to store user-specific data.
WHAT EXACTLY ARE COOKIES?
Whenever you browse the Internet, you use a browser. Popular browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the “user-related” information back to our site. Thanks to cookies, our site knows who you are and offers you the setting you are used to. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
The following graphic shows a possible interaction between a web browser, such as Chrome, and the web server. Here, the web browser requests a website and receives a cookie back from the server, which the browser uses again once another page is requested.
HTTP cookie interaction between browser and web server
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. Also, the expiration time of a cookie varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies also cannot access information on your PC.
For example, cookie data may look like this
Purpose: to distinguish website visitors
Expiration date: after 2 years
A browser should be able to support these minimum sizes:
At least 4096 bytes per cookie
At least 50 cookies per domain
At least 3000 cookies in total
WHAT TYPES OF COOKIES ARE THERE?
We can distinguish 4 types of cookies:
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user adds a product to the shopping cart, then continues browsing on other pages, and only later goes to the checkout. These cookies do not delete the shopping cart even if the user closes his browser window.
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behavior of the website with different browsers.
These cookies provide a better user experience. For example, entered locations, font sizes or form data are stored.
These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very convenient, but also very annoying.
Usually, when you visit a website for the first time, you are asked which of these cookie types you want to allow. And of course, this decision is also stored in a cookie.
HOW CAN I DELETE COOKIES?
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find it in your browser settings:
Chrome: Delete, enable and manage cookies in Chrome.
Safari: Manage cookies and website data with Safari.
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer: delete and manage cookies
Microsoft Edge: delete and manage cookies
If you generally don’t want cookies, you can set your browser to notify you whenever a cookie is about to be set. This way, you can decide for each individual cookie whether you allow it or not. The procedure varies depending on the browser. The best way is to search for the instructions in Google using the search term “delete cookies Chrome” or “disable cookies Chrome” in the case of a Chrome browser.
WHAT ABOUT MY PRIVACY?
Since 2009, there are the so-called “Cookie Guidelines”. This states that storing cookies requires consent from you. Within the EU countries, however, there are still very different reactions to these directives. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG). In Germany, the Cookie Directives were not implemented as national law. Instead, the implementation of this directive took place largely in § 15 para.3 of the Telemedia Act (TMG).
If you would like to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
RIGHTS UNDER THE BASIC DATA PROTECTION REGULATION
According to the provisions of the GDPR, you are generally entitled to the following rights:
Right to rectification (Article 16 GDPR)
Right to erasure (“right to be forgotten”) (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR).
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated in some way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website can be found at https://www.dsb.gv.at/, and for Germany you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
EVALUATION OF VISITOR BEHAVIOR
In the following data protection declaration, we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is generally anonymous and we cannot draw any conclusions about your person from your behavior on this website.
TLS ENCRYPTION WITH HTTPS
TLS, encryption and https sound very technical and they are. We use HTTPS (Hypertext Transfer Protocol Secure stands for “secure hypertext transfer protocol”) to transfer data over the Internet in a tap-proof manner.
This means that the complete transmission of all data from your browser to our web server is secured – no one can “listen in”.
Thus, we have implemented an additional layer of security and fulfill data protection by design of technology Article 25(1) DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this protection of data transmission by the small lock symbol at the top left of the browser to the left of the Internet address (e.g., beispielseite.de) and the use of the scheme https (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend a Google search for “Hypertext Transfer Protocol Secure wiki” to get good links to further information.
👥 Affected parties: Website visitors.
📓 Data processed: varies depending on the analytics tool provider, more details on request or in the section on the provider used.
🤝 Reason for data processing: evaluation of visitor information to optimize the web offer.
We use software on our website to evaluate the behavior of website visitors, known as web analytics or web analysis for short. In the process, data is collected, which the respective analytic tool provider (also called tracking tool) stores, manages and processes. The data is used to create analyses of user behavior on our website and made available to us as the website operator. In addition, most tools offer various testing options. For example, we can test which offers or content are best received by our visitors. To do this, we show you two different offers for a limited period of time. After the test (so-called A/B test), we know which product or content our website visitors find more interesting. For such test procedures, as well as for other analytics procedures, user profiles can also be created and the data stored in cookies.
WHY DO WE DO WEB ANALYTICS?
With our website we have a clear goal in mind: we want to deliver the best web offer on the market for our industry. To achieve this goal, we want to offer the best and most interesting offer on the one hand, and on the other hand, we want to make sure that you feel completely comfortable on our website. With the help of web analysis tools, we can take a closer look at the behavior of our website visitors and then improve our web offer for you and us accordingly. For example, we can see how old our visitors are on average, where they come from, when our website is most visited or which content or products are particularly popular. All this information helps us to optimize the website and thus best adapt it to your needs, interests and wishes.
WHAT DATA IS STORED BY THE ANALYTIC TOOL?
Exactly what data is stored depends, of course, on the analytic tools used. But as a rule, for example, which content you view on our website, which buttons or links you click on, when you access a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to visit the website or which computer system you use is stored. If you agreed that location data may also be collected, these may also be processed by the web analytics tool provider.
In addition, your IP address will also be stored. According to the General Data Protection Regulation (DSGVO), IP addresses are personal data. However, your IP address is usually stored pseudonymized (i.e. in an unrecognizable and shortened form). For the purpose of testing, web analysis and web optimization, no direct data, such as your name, age, address or e-mail address are stored as a matter of principle. All this data, if collected, is stored pseudonymously. This means that you cannot be identified as a person.
The following example schematically shows how Google Analytics works as an example of client-based web tracking with Java Script code.
Schematic data flow with Google Analytics
How long the respective data is stored always depends on the provider. Some cookies only store data for a few minutes or until you leave the website again, while other cookies can store data for several years.
THE LEGAL BASIS FOR THE USE OF ANALYTIC TOOLS?
If you have consented to allow third-party analytic tools to be used, the legal basis for the relevant data processing is that consent.
Information on specific website analytics tools, if any, can be found in the following sections.
WHAT IS WP STATISTICS?
This plugin is an analytics software designed specifically for websites that use the WordPress content management system. WordPress helps us to easily edit our website even without programming skills. WP Statistics can collect data about how long you stay on our website, which subpages you visit, how many visitors are on the website or from which website you came to us. No cookies are set by WP Statistics and you cannot be identified as an individual by the data collected.
WHY DO WE USE WP STATISTICS?
With the help of WP Statistics we get simple statistics that help us to make our website more interesting and better for you. Our website and the content, products and/or services offered on it should meet your requirements and wishes as best as possible. In order to achieve this goal, we naturally need to find out where we should make improvements and changes. The statistics we receive, help us to get one step closer to this goal.
WHAT DATA IS STORED BY WP STATISTICS?
WP Statistics does not set any cookies and through the data collected, statistics about the use of our website are only created in an anonymous form. WP Statistics also anonymizes your IP address. You as a person cannot be identified.
Through WP Statistics, visitor data (called Visitos’Data) is collected when your web browser connects to our web server. This data is stored in our database on our server. This includes for example:
the address (URL) of the accessed web page
browser and browser version
the operating system used
the address (URL) of the previously visited page (referrer URL)
the host name and IP address of the device from which access is made
date and time
information about country/city
number of visitors coming from a search engine
duration of the website visit
Clicks on the website
The data will not be shared or sold.
HOW LONG AND WHERE IS THE DATA STORED?
All data is stored locally on our web server. The data is stored on our web server until it is no longer needed for the purposes listed above.
HOW CAN I DELETE MY DATA OR PREVENT DATA STORAGE?
You have the right to information, correction or deletion and restriction of processing of your personal data at any time. You can also revoke your consent to the processing of data at any time.
We use the analytics tool IONOS WebAnalytics from the German company 1&1 IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany on our website. The tool helps us analyze our website and data is also collected and stored for this purpose. However, this tool does not collect data that could identify you as a person. Nevertheless, in this privacy statement we want to inform you in more detail about data processing and storage and also explain why we use IONOS WebAnalytics.
WHAT IS IONOS WEBANALYTICS?
IONOS WebAnalytics is, as its name suggests, a tool used to analyze our website. The software program collects data such as how long you stay on our website, which buttons you click or from which other websites you found us. This gives us a good overview of user behavior on our website. All this information is anonymous. This means that we do not identify you as a person through this data, but only get general usage information and statistics.
WHY DO WE USE IONOS WEBANALYTICS ON OUR WEBSITE?
Our goal is to provide you with the best possible experience on our website. We are confident in our offerings and want our website to be a helpful and useful place for you. To do this, we need to customize our website as much as possible to meet your needs and concerns. With a web analytics tool like IONOS WebAnalytics and the resulting data we can improve our website to that end. The data can also help us to design advertising and marketing measures more individually. With all these web analyses, however, we are still concerned about the protection of personal data. Unlike other analysis tools, IONOS WebAnalytics does not store or process any data that could identify you as a person.
WHAT DATA IS STORED BY IONOS WEBANALYTICS?
IONOS does not store any personal data about you. When you submit a page request, your IP address is transmitted, but then immediately anonymized and processed in such a way that you cannot be identified as a person.
The following data is stored by IONOS WebAnalytics:
Your browser type and browser version
which website you have visited before (referrer)
which specific website you have visited
which operating system you are using
which end device you are using (PC, tablet or smartphone)
when you came to our site
your IP address in anonymized form
The data is not passed on to any third-party providers and is only used for statistical analysis.
HOW LONG AND WHERE IS THE DATA STORED?
The data is stored until the contract between IONOS WebAnalytics and us expires. The data is stored in our log directory in case of a regular web hosting plan and graphical statistics are generated from it. These logs are deleted every 8 weeks. In the case of a MyWebsite tariff, the data is determined via a pixel. Here, the data is only stored and processed within IONOS WebAnalytics.
HOW CAN I DELETE MY DATA OR PREVENT DATA STORAGE?
In principle, you have the right to information, correction or deletion and restriction of the processing of your personal data at any time. You can also revoke your consent to the processing of data at any time. However, since no personal data is stored or processed via IONOS WebAnalytics and therefore an assignment of you as a person is not possible, there is also no possibility to delete such data.
All texts are protected by copyright.