Privacyverklaring

An overview of data protection

General information

The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit our website. The term „personal data“ comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.

Data recording on our website

Who is the responsible party for the recording of data on this website (i.e. the „controller“)?

The data on this website is processed by the operator of the website, whose contact information is available under section „Information Required by Law“ on this website.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form.

Our IT systems automatically record other data when you visit our website. This data comprises primarily technical information (e.g. web browser, operating system or time the site was accessed). This information is recorded automatically when you access our website.

What are the purposes we use your data for?

A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyse your user patterns.

What rights do you have as far as your information is concerned?

You have the right to receive information about the source, recipients and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified, blocked or eradicated. Please do not hesitate to contact us at any time under the address disclosed in section „Information Required by Law“ on this website if you have questions about this or any other data protection related issues. You also have the right to log a complaint with the competent supervising agency.

Moreover, under certain circumstances, you have the right to demand the restriction of the processing of your personal data. For details, please consult the Data Protection Declaration under section „Right to Restriction of Data Processing.“

Analysis tools and tools provided by third parties

There is a possibility that your browsing patterns will be statistically analysed when your visit our website. Such analyses are performed primarily with cookies and with what we refer to as analysis programmes. As a rule, the analyses of your browsing patterns are conducted anonymously; i.e. the browsing patterns cannot be traced back to you.

You have the option to object to such analyses or you can prevent their performance by not using certain tools. For detailed information about the tools and about your options to object, please consult our Data Protection Declaration below.

General information and mandatory information

Data protection

The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.

Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.

We herewith advise you that the transmission of data via the Internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data processing controller on this website is:

Hubertus-Apotheke, Jörn Drost e.K.
Phone: 02562 / 38 19
E-Mail: info∂hubertus-apotheke-gronau.de

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.).

Revocation of your consent to the processing of data

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

In the event that data are processed on the basis of Art. 6 Sect. 1 lit. e or f GDPR, you have the right to at any time object to the processing of your personal data based on grounds arising from your unique situation. This also applies to any profiling based on these provisions. To determine the legal basis, on which any processing of data is based, please consult this Data Protection Declaration. If you log an objection, we will no longer process your affected personal data, unless we are in a position to present compelling protection worthy grounds for the processing of your data, that outweigh your interests, rights and freedoms or if the purpose of the processing is the claiming, exercising or defence of legal entitlements (objection pursuant to Art. 21 Sect. 1 GDPR).

If your personal data is being processed in order to engage in direct advertising, you have the right to at any time object to the processing of your affected personal data for the purposes of such advertising. This also applies to profiling to the extent that it is affiliated with such direct advertising. If you object, your personal data will subsequently no longer be used for direct advertising purposes (objection pursuant to Art. 21 Sect. 2 GDPR).

Right to log a complaint with the competent supervisory agency

In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html (Germany) and https://www.data-protection-authority.gv.at/ (Austria).

Right to data portability

You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from „http://“ to „https://“ and also by the appearance of the lock icon in the browser line.

If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

Encrypted payment transactions on this website

If you are under an obligation to share your payment information (e.g. account number if you give us the authority to debit your bank account) with us after you have entered into a fee-based contract with us, this information is required to process payments.

Payment transactions using common modes of paying (Visa/MasterCard, debit to your bank account) are processed exclusively via encrypted SSL or TLS connections. You can recognise an encrypted connection by checking whether the address line of the browser switches from „http://“ to „https://“ and also by the appearance of the lock icon in the browser line.

If the communication with us is encrypted, third parties will not be able to read the payment information you share with us.

Information about, blockage, rectification and eradication of data

Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified, blocked or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time at the address provided in section „Information Required by Law.“

Right to demand processing restrictions

You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time at the address provided in section „Information Required by Law.“ The right to demand restriction of processing applies in the following cases:

• In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
• If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.
• If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
• If you have raised an objection pursuant to Art. 21 Sect. 1 GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.

Rejection of unsolicited e-mails

We herewith object to the use of contact information published in conjunction with the mandatory information to be provided in section „Information Required by Law“ to send us promotional and information material that we have not expressly requested. The operators of this website and its pages reserve the express right to take legal action in the event of the unsolicited sending of promotional information, for instance via SPAM messages.

Recording of data on our website

Cookies

This website uses in particular cookies or other technologies that are absolutely necessary or such as functional cookies so that the accessed website and functions can be made available to you, Section 25 Paragraph 2 Number 2 of the Telecommunications Telemedia Data Protection Act (TDDDG ), Article 6 paragraph 1 subparagraph 1 letter f GDPR.

If you give your consent for optional services and non-essential cookies, the legal basis is Section 25 Paragraph 1 TDDDG, Article 6 Paragraph 1 Subparagraph 1 Letter a GDPR (consent). You can obtain further information about this and the cookies or services used at any time from the consent management tool used and revoke your consent at any time, freely and without disadvantage, with effect for the future. Please note, however, that our website does not always function as intended without the cookies used.

You can view the cookies used in our tool and edit and revoke any consent you may have, etc. there at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.

Server log files

The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:

• The type and version of browser used
• The used operating system
• Referrer URL
• The hostname of the accessing computer
• The time of the server inquiry
• The IP address

This data is not merged with other data sources. This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.

Contact form

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us in order to process the inquiry and in case of follow-up questions. The legal basis for this is Article 6 paragraph 1 subparagraph 1 letter b GDPR. We will not pass on this data without your consent. The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Registration on this website

You have the option to register on our website to be able to use additional website functions. We shall use the data you enter only for the purpose of using the respective offer or service you have registered for. The required information we request at the time of registration must be entered in full. Otherwise we shall reject the registration. The legal basis for this is Article 6 paragraph 1 subparagraph 1 letter b GDPR.

To notify you of any important changes to the scope of our portfolio or in the event of technical modifications, we shall use the e-mail address provided during the registration process.

We shall process the data entered during the registration process on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR). You have the right to revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

The data recorded during the registration process shall be stored by us as long as you are registered on our website. Subsequently, such data shall be deleted. This shall be without prejudice to mandatory statutory retention obligations.

Processing of data (customer and contract data)

We collect, process and use personal data only to the extent necessary for the establishment, content organization or change of the legal relationship (data inventory). These actions are taken on the basis of Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual actions. We collect, process and use personal data concerning the use of our website (usage data) only to the extent that this is necessary to make it possible for users to utilize the services and to bill for them.

The collected customer data shall be eradicated upon completion of the order or the termination of the business relationship. This shall be without prejudice to any statutory retention mandates.

Data transfer upon closing of contracts for online stores, retailers and the shipment of merchandise

We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with companies entrusted with the shipment of goods or the financial institution tasked with the processing of payments. Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur.

The basis for the processing of data is Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.

Data transfer upon closing of contracts for services and digital content

We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with the financial institution tasked with the processing of payments.

Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur.

The basis for the processing of data is Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.

Registration with Facebook Connect

Instead of registering directly on our website, you also have the option to register using Facebook Connect. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

If you decide to register via Facebook Connect and click on the „Login with Facebook“/„Connect with Facebook“ button, you will be automatically connected to the Facebook platform. There, you can log in using your username and password. As a result, your Facebook profile will be linked to our website or our services. This link gives us access to the data you have archived with Facebook. These data comprise primarily the following:

• Facebook name
• Facebook profile photo and cover photo
• Facebook cover photo
• E-mail address archived with Facebook
• Facebook-ID
• Facebook friends lists
• Facebook Likes („Likes“ information)
• Date of birth
• Gender
• Country
• Language

This information will be used to set up, provide and customise your account. The registration via Facebook Connect and the affiliated data processing transactions are implemented on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke this consent at any time, which shall affect all future transactions thereafter. 

For more information, please consult the Facebook Terms of Use and the Facebook Data Privacy Policies. Use these links to access this information: https://www.facebook.com/about/privacy/ and https://www.facebook.com/legal/terms/.

The comment function on this website

When you use the comment function on this website, information on the time the comment was generated and your e-mail-address and, if you are not posting anonymously, the user name you have selected will be archived in addition to your comments.

Storage of the IP address

Our comment function stores the IP addresses of all users who enter comments. Given that we do not review the comments prior to publishing them, we need this information in order to take action against the author in the event of rights violations, such as defamation or propaganda.

Subscribing to comments

As a user of this website, you have the option to subscribe to comments after you have registered. You will receive a confirmation e-mail, the purpose of which is to verify whether you are the actual holder of the provided e-mail address. You can deactivate this function at any time by following a respective link in the information e-mails. The data entered in conjunction with subscriptions to comments will be deleted in this case. However, if you have communicated this information to us for other purposes and from a different location (e.g. when subscribing to the newsletter), the data shall remain in our possession.

Storage period for comments

Comments and any affiliated information (e.g. the IP address) shall be stored by us and remain on our website until the content the comment pertained to has been deleted in its entirety or if the comments had to be deleted for legal reasons (e.g. insulting comments).

Legal basis

The comments are stored based on your consent (Art. 6 Para. 1 lit. a GDPR) or to fulfill the contract (Art. 6 Para. 1 lit. b GDPR). You can revoke your consent at any time. All you need to do is send us an informal email. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

Plugins und tools

Google Web Fonts (local embedding)

This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

Google Maps

Via an API, this website uses the mapping service Google Maps. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.

To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer.

The use of Google Maps is in the interest of an attractive presentation of our online offerings and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. Furthermore, the Google services are only actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR.

For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

Adobe Fonts

In order to ensure the uniform depiction of certain fonts, our website uses fonts called Adobe Fonts provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).

When you access pages of our website, your browser will automatically load the required fonts directly from the Adobe site to be able to display them correctly on your device. As a result, your browser will establish a connection with Adobe’s servers in the United States. Hence, Adobe learns that your IP address was used to access our website. According to the information provided by Adobe, no cookies will be stored in conjunction with the provision of the fonts.

Adobe is in possession of a certification in accordance with the EU-US Privacy Shield. The Privacy Shield is a compact ratified between the United States of America and the European Union, aiming to warrant compliance with European Data Protection Standards. For more information, please follow this link: https://www.adobe.com/privacy/eudatatransfers.html.

The use of Adobe Fonts is necessary to ensure a consistent typeface on our website. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f of the GDPR. Furthermore, the services will only be actively loaded if you have previously given your consent, Article 6 Paragraph 1 Letter a of the GDPR.

For more information about Adobe Fonts, please read the policies under: https://www.adobe.com/privacy/policies/adobe-fonts.html.

Adobe’s Data Privacy Declaration may be reviewed under: https://www.adobe.com/privacy/policy.html.

YouTube with expanded data protection integration

Our website uses plug-ins of the YouTube platform, which is being operated by Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on our website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device. With the assistance of these cookies, YouTube will be able to obtain information about our website visitor. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud. These cookies will stay on your device until you delete them.

Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is in the interest of an attractive presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. Furthermore, the Google services are only actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

Vimeo

Our website uses plug-ins of the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

If you visit one of the pages on our website into which a Vimeo plug-in has been integrated, a connection to Vimeo’s servers will be established. As a consequence, the Vimeo server will receive information as to which of our pages you have visited. Moreover, Vimeo will receive your IP address. This will also happen if you are not logged into Vimeo or do not have an account with Vimeo. The information recorded by Vimeo will be transmitted to Vimeo’s server in the United States.

If you are logged into your Vimeo account, you enable Vimeo to directly allocate your browsing patterns to your personal profile. You can prevent this by logging out of your Vimeo account.

The use of Vimeo is in the interest of an attractive presentation of our online offerings. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f of the GDPR. Furthermore, the services will only be actively loaded if you have previously given your consent, Article 6 Paragraph 1 Letter a of the GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information on how Vimeo handles user data, please consult the Vimeo Data Privacy Policy under: https://vimeo.com/privacy.

SoundCloud

We may have integrated plug-ins of the social network SoundCloud (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, Great Britain) into our websites. You will be able to recognise such SoundCloud plug-ins by checking for the SoundCloud logo on the respective pages.

Whenever you visit one of our websites, a direct connection between your browser and the SoundCloud server will be established immediately after the plug-in has been activated. As a result, SoundCloud will be notified that you have used your IP address to visit our site. If you click the „Like“ button or the „Share“ button while you are logged into your Sound Cloud user account, you can link the content of our websites to your SoundCloud profile and/or share the content. Consequently, SoundCloud will be able to allocate the visit to our website to your user account. We emphasize that we as the provider of the websites do not have any knowledge of the data transferred and the use of this data by SoundCloud.

The use of SoundCloud is based on Article 6 Paragraph 1 Letter f GDPR. The website operator has a legitimate interest in achieving the greatest possible visibility on social media. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information about this, please consult SoundCloud’s Data Privacy Declaration at: https://soundcloud.com/pages/privacy.

If you prefer not to have your visit to our websites allocated to your SoundCloud user account by SoundCloud, please log out of your SoundCloud user account before you activate content of the SoundCloud plug-in.

Spotify

We have integrated features of the Spotify music platform into our websites. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. You will be able to recognise Spotify plug-ins when you see the green logo on our pages. An overview of Spotify’s plug-ins can be found at: https://developer.spotify.com.

The plug-in makes it possible to establish a direct connection between your browser and Spotify’s server when you visit our websites. As a result, Spotify receives the information that you visited our site with your IP address. If you click the Spotify button while you are logged into your Spotify account, you have the option to link content from our page with your Spotify profile. Consequently, Spotify will be in a position to allocate your visit to our websites to your user account.

Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR. The website operator has a legitimate interest in the attractive acoustic design of his website. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information, please consult Spotify’s Data Protection Declaration under: https://www.spotify.com/us/legal/privacy-policy/.

If you do not want Spotify to be able to allocate the visit of our websites to your Spotify user account, please log out of your Spotify user account while visiting our sites.

Zendesk

We deploy the CRM system Zendesk to process user inquiries. The provider is Zendesk, Inc, 1019 Market Street in San Francisco, CA 94103 USA.

We use Zendesk to be able to respond to your inquiries promptly and efficiently. The legal basis for the processing of your data is our legitimate interest as defined in Art. 6 Sect. 1 lit. f GDPR.

As a U.S.-based provider, Zendesk is Privacy Shield certified, which means that the company undertakes to comply with the EU data protection regulations. In addition, we have executed a contract data processing agreement with Zendesk (Data Processing Agreement, DPA). This ensures that Zendesk processes the user data received only within the framework of the EU data protection standards and exclusively for the processing of inquiries and that Zendesk will not share these data with third parties.

In order to be able to submit inquiries, you must provide your e-mail address and name. If you should not want to agree to the processing of your inquiries by us via Zendesk, you have the alternative option to communicate with us via e-mail, telephone or fax.

For more information, please consult Zendesk’s Data Privacy Declaration at: https://www.zendesk.com/company/customers-partners/privacy-policy/.

Google reCAPTCHA

We use „Google reCAPTCHA“ (hereinafter referred to as „reCAPTCHA“) on our websites. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to determine whether data entered on our websites (e.g. information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyses the behaviour of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g. IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google.

reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.

Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and SPAM. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information about Google reCAPTCHA and to review the Data Privacy Declaration of Google, please follow these links: https://policies.google.com/privacy?hl=en and https://www.google.com/recaptcha/intro/v3.html.

Use of EverCAPTCHA

To protect our contact form against unwanted use, we use the EverCAPTCHA service of our website creator and hoster wwwe GmbH, Hansaallee 299, 40549 Düsseldorf. This service is provided by the sub-processor: wwwe GmbH, Hansaallee 299, 40549 Düsseldorf. EverCAPTCHA makes it possible to distinguish whether the data entered in the contact form was actually entered by a human or abusively automated by a machine, a so-called spambot.

For this purpose, various questions are asked when using our forms (e.g.: "Click on an X symbol", etc.). EverCAPTCHA saves all failed attempts by a user, an IP address via a session ID, which is stored in LocalStorage. The session ID is transmitted to the server via JavaScript with every request. If 30 incorrect entries are made, the user's IP address is permanently stored in a spam prevention database. Otherwise, the IP addresses will be deleted within 7 days. Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and SPAM.

Widget YourRate

We have implemented a rating widget on our website. You can find out general information about widgets there: https://de.wikipedia.org/wiki/Widget.

The widget we use is implemented as part of our website offer from yourrate.com. The provider of this service is the subcontractor of our provider, namely Euroweb Internet GmbH, Hansaallee 299, 40549 Düsseldorf. We have entered into corresponding agreements with our processor and the processor with his sub-processor. Further details on data processing can also be found in the terms and conditions at https://www.yourrate.com/de/agb (hereinafter: YourRate).

YourRate requests data through the rating widget on our website. When you access the widget, your device establishes a connection to YourRate's servers via the browser you are using. This primarily involves collecting your IP address. This data will not be merged with other data sources. The temporary storage of the IP address by the system is technically necessary to enable the website and widgets to be delivered to your device, Art. 6 Para. 1 lit. f GDPR. In particular, there is no tracking and no statistical evaluation.

Social media

Integration of social media content

On this website we have integrated a tool for the implementation of social media content from the provider Curator Group, 69 Ruthven Street, Bondi Junction, NSW 2022 Australia. Details on the data processing in connection with the service can be found in the provider's data protection declaration, https://curator.io/privacy-policy. The legal basis for integrating the tool is Art. 6 (1) (f) GDPR. Our legitimate interest lies in optimizing the user-friendliness of the website and enabling the integration of social media posts. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

Social media plug-ins with Shariff

We do use plug-ins of social media networks on our website and its pages (e.g. Facebook, X, Google+, Instagram, Pinterest, XING, LinkedIn, Tumblr).

As a rule, you will be able to recognise these plug-ins because of the respective social media logos that appear. To warrant the protection of data on our website, we use these plug-ins only in combination with the so-called „Shariff“ solution. This application prevents the plug-ins that have been integrated into our website from transferring data to the respective provider as soon as you enter our website.

A direct connection to the provider's server shall not be established until you have activated the respective plug-in by clicking on the affiliated button (which indicates your consent). As soon as you activate the plug-in, the respective provider receives the information that you have visited our website with your IP address. If you are simultaneously logged into your respective social media account (e.g. Facebook), the respective provider will be able to allocate your visit to our website to your user account.

The activation of the plug-in constitutes a declaration of consent as defined in Art. 6 Sect. 1 lit. a GDPR. You have the option to revoke this consent at any time, which shall affect all future transactions.

Facebook plug-ins (Like & Share buttons)

We have integrated plug-ins of the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, on our website. You will be able to recognise Facebook plug-ins by the Facebook logo or the „Like“ button on our website. An overview of the Facebook plug-ins is available under the following link: https://developers.facebook.com/docs/plugins/.

Whenever you visit our website and its pages, the plug-in will establish a direct connection between your browser and the Facebook server. As a result, Facebook will receive the information that you have visited our website with your plug-in. However, if you click the Facebook „Like“ button while you are logged into your Facebook account, you can link the content of our website and its pages with your Facebook profile. As a result, Facebook will be able to allocate the visit to our website and its pages to your Facebook user account. We have to point out, that we as the provider of the website do not have any knowledge of the transferred data and its use by Facebook. For more detailed information, please consult the Data Privacy Declaration of Facebook at: https://www.facebook.com/privacy/explanation.

If you do not want Facebook to be able to allocate your visit to our website and its pages to your Facebook user account, please log out of your Facebook account while you are on our website.

The use of the Facebook plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

Use of juicer.io

On this website we have integrated a tool for implementing social media content from the provider saas.group LLC, 304 S. Jones Blvd # 1205, Las Vegas NV 89107, USA. Details on the data processing in connection with the service can be found in the provider's data protection declaration, https://www.juicer.io/privacy. The legal basis for integrating the tool is Article 6 (1) (f) GDPR. Our legitimate interest lies in optimizing the user-friendliness of the website and enabling the integration of social media contributions. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

Twitter / X plug-in

We have integrated functions of the social media platform Twitter / X into our website. These functions are provided by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. While you use Twitter / X and the „Re-Tweet“ function, websites you visit are linked to your Twitter / X account and disclosed to other users. During this process, data are transferred to Twitter / X as well. We must point out, that we, the providers of the website and its pages do not know anything about the content of the data transferred and the use of this information by Twitter / X. For more details, please consult Twitter / X Data Privacy Declaration at: https://x.com/en/privacy.

The use of Twitter / X plug-ins is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media.

You have the option to reset your data protection settings on Twitter / X under the account settings at https://x.com/settings/account. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

Instagram plug-in

We have integrated functions of the public media platform Instagram into our website. These functions are being offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

If you are logged into your Instagram account, you may click the Instagram button to link contents from our website to your Instagram profile. This enables Instagram to allocate your visit to our website to your user account. We have to point out that we as the provider of the website and its pages do not have any knowledge of the content of the data transferred and its use by Instagram.

The use of the Instagram plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information on this subject, please consult Instagram’s Data Privacy Declaration at: https://instagram.com/about/legal/privacy/.

Tumblr plug-in

Our website and its pages use buttons of the Tumblr platform. The provider is Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA.

These buttons enable you to share a report or a page on Tumblr or to follow the provider on Tumblr. If you access one of our websites via the Tumblr button, your browser will establish a direct connection with Tumblr’s servers. We do not have any control over the volume of data Tumblr collects and transfers with the assistance of this plug-in. Based on the current status of the information we have the IP address of the user and the URL of the respective website are both transferred.

The use of the Tumblr plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For further information on this subject, please consult Tumblr’s Data Privacy Declaration at: https://www.tumblr.com/privacy/de.

LinkedIn plug-in

Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Any time you access one of our sites that contains functions of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited our websites with your IP address. If you click on LinkedIn’s „Recommend“ button and are logged into your LinkedIn account at the time, LinkedIn will be in a position to allocate your visit to our website to your user account. We have to point out that we as the provider of the websites do not have any knowledge of the content of the transferred data and its use by LinkedIn.

The use of the LinkedIn plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For further information on this subject, please consult LinkedIn’s Data Privacy Declaration at: https://www.linkedin.com/legal/privacy-policy.

XING plug-in

Our website uses functions of the XING network. The provider is the XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.

Any time one of our sites/pages that contains functions of XING is accessed, a connection with XING’s servers is established. As far as we know, this does not result in the archiving of any personal data. In particular, the service does not store any IP addresses or analyse user patterns.

The use of the XING plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information on data protection and the XING share button please consult the Data Protection Declaration of Xing at: https://www.xing.com/app/share?op=data_protection.

Pinterest plug-in

We use social plug-ins of the social network Pinterest on our website. The network is operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA („Pinterest“).

If you access a site or page that contains such a plug-in, your browser will establish a direct connection with Pinterest’s servers. During this process, the plug-in transfers log data to Pinterest’s servers in the United States. The log data may possibly include your IP address, the address of the websites you visited, which also contain Pinterest functions. The information also includes the type and settings of your browser, the data and time of the inquiry, how you use Pinterest and cookies.

The use of the Pinterest plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For more information concerning the purpose, scope and continue processing and use of the data by Pinterest as well as your affiliated rights and options to protect your private information, please consult the data privacy information of Pinterest at: https://about.pinterest.com/en/privacy-policy.

Analytics and advertising

Hotjar

This website utilizes Hotjar. The provider is Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool used to analyse your user patterns on our website. Hotjar allows us to for instance record your mouse and scroll movements as well as your click. During this process, Hotjar also has the capability to determine how long your cursor remained in a certain position. Based on this information, Hotjar compiles so-called Heatmaps, that make possible to determine which parts of the website the website visitor reviews with preference.

We are also able to determine how long you have stayed on a page of our website and when you left. We can also determine at which point you suspended making entries into a contact form (so-called conversion funnels).

Furthermore, Hotjar can be deployed to obtain direct feedback from website visitors. This function aims at the improvement of the website offerings of the website operator.

Hotjar uses cookies. Cookies are small text files that are placed on your computer and stored by your browser. Their purpose is to make our website presentation more user friendly, more effective and more secure. These cookies allow us to in particular determine if our website was used with a certain device or if the functions of Hotjar have been deactivated for the respective browser. Hotjar cookies will remain on your device until you delete them.

You can set up your browser in such a manner that you will be notified anytime cookies are placed and you can permit cookies only in certain cases or exclude the acceptance of cookies in certain instances or in general and you can also activate the automatic deletion of cookies upon closing of the browser. If you deactivate cookies, the functions of this website may be limited.

The use of Hotjar and the storage of the Hotjar cookies are based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

Deactivation of Hotjar

If you would like to deactivate the recording of data by Hotjar, please click on the link below and follow the instructions provided under the link: https://www.hotjar.com/policies/do-not-track/.

Please keep in mind that you will have to separately deactivate Hotjar for every browser and every device.

For more detailed information about Hotjar and the data to be recorded, please consult the Data Privacy Declaration of Hotjar under the following link: https://www.hotjar.com/legal/policies/privacy/.

Contract data processing

We have entered into a contract data processing agreement with Hotjar to implement the stringent European Data Protection Regulations.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses so-called cookies. Cookies are text files, which are stored on your computer and that enable an analysis of the use of the website by users. The information generated by cookies on your use of this website is usually transferred to a Google server in the United States, where it is stored.

The storage of Google Analytics cookies and the utilization of this analysis tool are based on Art. 6 Sect. 1 lit. f GDPR. The operator of this website has a legitimate interest in the analysis of user patterns to optimize both, the services offered online and the operator’s advertising activities. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

IP anonymization

On this website, we have activated the IP anonymization function. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyse your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

Browser plug-in

You do have the option to prevent the archiving of cookies by making pertinent changes to the settings of your browser software. However, we have to point out that in this case you may not be able to use all of the functions of this website to their fullest extent. Moreover, you have the option prevent the recording of the data generated by the cookie and affiliated with your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objection to the recording of data

You have the option to prevent the recording of your data by Google Analytics by clicking on the following link. This will result in the placement of an opt out cookie, which prevents the recording of your data during future visits to this website: Google Analytics deactivation.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.

Demographic parameters provided by Google Analytics

This website uses the function „demographic parameters“ provided by Google Analytics. It makes it possible to generate reports providing information on the age, gender and interests of website visitors. The sources of this information are interest-related advertising by Google as well as visitor data obtained from third party providers. This data cannot be allocated to a specific individual. You have the option to deactivate this function at any time by making pertinent settings changes for advertising in your Google account or you can generally prohibit the recording of your data by Google Analytics as explained in section „Objection to the recording of data.“

Archiving period

Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 month. For details please click the following link: https://support.google.com/analytics/answer/7667196?hl=en

Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in combination with the functions of Google AdWords and Google DoubleClick, which work on all devices. The provider of these solutions is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.

This function makes it possible to connect the advertising target groups generated with Google Analytics Remarketing with the functions of Google AdWords and Google DoubleClick, which work on all devices. This makes it possible to display interest-based customized advertising messages, depending on your prior usage and browsing patterns on a device (e.g. cell phone) in a manner tailored to you as well as on any of your devices (e.g. tablet or PC).

If you have given us pertinent consent, Google will connect your web and app browser progressions with your Google account for this purpose. As a result, it is possible to display the same personalized advertising messages on every device you log into with your Google account.

To support this function, Google Analytics records Google authenticated IDs of users that are temporarily connected with our Google Analytics data to define and compile the target groups for the ads to be displayed on all devices.

You have the option to permanently object to remarketing/targeting across all devices by deactivating personalized advertising. To do this, please follow this link: https://adssettings.google.com/.

The consolidation of the recorded data in your Google account shall occur exclusively based on your consent, which you may give to Google and also revoke there (Art. 6 Sect. 1 lit. a GDPR). Data recording processes that are not consolidated in your Google account (for instance because you do not have a Google account or have objected to the consolidation of data), the recording of data is based on Art. 6 Sect. 1 lit. f GDPR. The legitimate interest arises from the fact that the operator of the website has a legitimate interest in the anonymized analysis of website visitor for advertising purposes. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

For further information and the pertinent data protection regulations, please consult the Data Privacy Policies of Google at: https://policies.google.com/technologies/ads?hl=en.

Google AdSense

This website uses Google AdSense, a service for the integration of ads offered by Google Inc. ("Google"). The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google AdSense uses so-called "cookies"; i.e. text files that are stored on your computer and that make it possible to analyse your use of this website. Google AdSense also uses so-called Web Beacons (invisible graphics). These Web Beacons can be used to analyse information, such as visitor traffic data, on this website. The information generated by the cookies and the Web Beacons concerning the use of this website (including your IP address) and the delivery of advertising formats are transferred to a Google server in the United States, where they are archived. Google may share this information with Google contracting partners. Google shall, however, not merge your IP address with any other of your data stored by Google. The storage of the AdSense cookies is based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. You can prevent the installation of these cookies by making a pertinent adjustment to your browser software settings; however, we have to point out that in this case you may not be able to use all of the functions of this website to their fullest extent. By using this website, you declare your consent to the processing of the data we collect about you by Google in the manner described above and agree to the aforementioned purpose of use. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

Google AdWords and Google Conversion Tracking

This website uses Google AdWords. AdWords is an online promotional program of Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.

In conjunction with Google AdWords, we use a tool called Conversion Tracking. If you click on an ad posted by Google, a cookie for Conversion Tracking purposes will be placed. Cookies are small text files the web browser places on the user’s computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we will be able to recognise that the user has clicked on an ad and has been linked to this page.

A different cookie is allocated to every Google AdWords customer. These cookies cannot be tracked via websites of AdWords customers. The information obtained with the assistance of the Conversion cookie is used to generate Conversion statistics for AdWords customers who have opted to use Conversion Tracking. The users receive the total number of users that have clicked on their ads and have been linked to a page equipped with a Conversion Tracking tag. However, they do not receive any information that would allow them to personally identify these users. If you do not want to participate in tracking, you have the option to object to this use by easily deactivating the Google Conversion Tracking cookie via your web browser under user settings. If you do this, you will not be included in the Conversion Tracking statistics.

The storage of „Conversion“ cookies and the use of this tracking tool are based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

To review more detailed information about Google AdWords and Google Conversion Tracking, please consult the Data Privacy Policies of Google at: https://policies.google.com/privacy?hl=en.

You can set up your browser in such a manner that you will be notified anytime cookies are placed and you can permit cookies only in certain cases or exclude the acceptance of cookies in certain instances or in general and you can also activate the automatic deletion of cookies upon closing of the browser. If you deactivate cookies, the functions of this website may be limited.

WordPress Stats

This website uses the WordPress tool Stats in order to statistically analyse user access information. The provider of the solution is Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA.

WordPress Stats uses cookies that are stored on your computer and that make it possible to analyse the use of this website. The information generated by the cookies concerning the use of our website is stored on servers in the United States. Your IP address is rendered anonymous after processing and prior to the storage of the data. The storage of „WordPress Stats“ cookies and the use of this analysis tool are based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymous analysis of user patterns, in order to optimize the operator’s web offerings and advertising. Furthermore, the services will only be actively loaded if you have previously given your consent, Art. 6 Para. 1 lit. a GDPR. If you have given your consent to the processing of personal data, you have the right of revocation, Article 7 GDPR, with effect for the future. The lawfulness of processing based on consent until its revocation remains unaffected.

You can set up your browser in such a manner that you will be notified anytime cookies are placed and you can permit cookies only in certain cases or exclude the acceptance of cookies in certain instances or in general and you can also activate the automatic deletion of cookies upon closing of the browser. If you deactivate cookies, the functions of this website may be limited.

You do have the option to object to the collection and use of your data for future implications by placing an opt out cookie into your browser by clicking on the following link: https://www.quantcast.com/opt-out/. If you delete the cookies on your computer, you must set the opt-out cookie again.

Meta-Pixel (formerly Facebook Pixel)

To measure conversion rates, this website uses the visitor activity pixel of Facebook/Meta. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.

For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy (https://www.facebook.com/about/privacy/). This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25 TDDDG. You may revoke your consent at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/.

You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.

If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

Newsletter data

If you would like to subscribe to the newsletter offered on this website, we will need from you an e-mail address as well as information that allow us to verify that you are the owner of the e-mail address provided and consent to the receipt of the newsletter. No further data shall be collected or shall be collected only on a voluntary basis. We shall use such data only for the sending of the requested information and shall not share such data with any third parties. The processing of the information entered into the newsletter subscription form shall occur exclusively on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke the consent you have given to the archiving of data, the e-mail address and the use of this information for the sending of the newsletter at any time, for instance by clicking on the „Unsubscribe“ link in the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place to date. The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted. This shall not affect data we have been archiving for other purposes.

Custom Services

Job Applications

If you send us an application, we will process the personal data you provide there in order to process your application and to contact you. The personal data concerning you will not be passed on to third parties without your express consent, unless we are legally obliged to do so, you have requested this or the data transfer is necessary to initiate and implement a contractual relationship with you or the application process. The legal basis is Article 6 Paragraph 1 Subsection 1 Letter a, b GDPR, Article 88 Paragraph 1 GDPR, Section 26 Paragraph 1 of the Federal Data Protection Act (BDSG).

We delete applications no later than three months after completion of the application process. If the data may be required for legal prosecution after the application process has been completed, data processing can take place on the basis of the requirements of Article 6 GDPR, in particular to safeguard legitimate interests in accordance with Article 6 paragraph 1 subparagraph 1 letter f GDPR. Our legitimate interest then consists in the assertion or defense of claims.

If your application is successful, we will continue to process your personal data for the purposes of the employment relationship.

If you have expressly given your consent, you can revoke your declaration of consent at any time with effect for the future, so that we delete your data.

Scope and purpose of the collection of data

If you submit a job application to us, we will process any affiliated personal data (e.g. contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are § 26 New GDPR according to German Law (Negotiation of an Employment Relationship), Art. 6 Sect. 1 lit. b GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6 Sect. 1 lit. a GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application.

If your job application should result in your recruitment, the data you have submitted will be archived on the grounds of § 26 New GDPR and Art. 6 Sect. 1 lit. b GDPR for the purpose of implementing the employment relationship in our data processing system.

Data Archiving Period

Saved server log files and IP addresses are deleted after seven days at the latest.

Session cookies are automatically deleted after the session has ended. Other cookies are stored on your end device and you have control over the use and deletion of cookies, see above.

We process your data from your inquiries via e-mail or via the contact form until your inquiry has been fully processed and settled. After that, the information will be deleted. Please note, however, that due to a legal transaction with you, commercial and tax law storage obligations of at least six (§ 257 HGB) or ten (§ 147 AO) years may exist for certain data, which also apply to the content of contact requests and e-mails can, see above.

If you apply via e-mail, for example, we will delete your transmitted personal data and applications three months after the application process has been completed. If your application is successful, we will continue to process your personal data for the purposes of the employment relationship. If you have expressly given your consent, you can revoke your declaration of consent at any time with effect for the future, so that we delete your data, see above.

In addition, an annual check is carried out to determine whether data can be deleted. This is the case if the purpose of the processing and the requirements of the legal basis for the processing no longer apply and there is no legal obligation to store it.

Online marketing and affiliate programs

Amazon partner programme

The operators of this website participate in the Amazon EU partners’ programme. Amazon integrates ads and links to the German Amazon website -  Amazon.de - into our website, which allows us to generate earnings in the form of advertising cost reimbursements. Amazon uses cookies for this programme to be able to determine the source of orders placed. This allows Amazon to determine that you have clicked the partner link on our website.

The archiving of „Amazon cookies“ is based on Art. 6 lit. f GDPR. Based on the aforementioned regulation, the website operator has a legitimate interest to do this since the determination of the website operator’s affiliate earnings is contingent upon the placement of cookies.

For more information on Amazon’s data usage, please consult Amazon’s Data Privacy Declaration under the following link: https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496.

Payment service providers and resellers

PayPal

Among other options, we offer payment via PayPal on our website. The provider of this payment processing service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as „PayPal“).

If you choose payment via PayPal, we will share the payment information you enter with PayPal. The legal basis for the sharing of your data with PayPal is Art. 6 Sect. 1 lit. a GDPR (consent) as well as Art. 6 Sect. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the option to at any time revoke your consent to the processing of your data. Such a revocation shall not have any impact on the effectiveness of data processing transactions that occurred in the past.

Klarna

Among other options, we offer payment through the services of Klarna on our website. The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter referred to as „Klarna“).

Klarna offers a wide spectrum of payment options (e.g. payment by instalment). If you should decide to pay through Klarna (Klarna checkout solution), Klarna will collect personal data from you. For specifics, please review Klarna’s Data Protection Declaration by following this link: https://www.klarna.com/us/privacy-policy.

Klarna uses cookies to optimise the use of Klarna checkout solutions. The optimisation of the checkout solution constitutes a legitimate interest as defined in Art. 6 Sect. 1 lit. f GDPR. Cookies are small text files that can be stored on your device and that do not cause any damage to your device. The information stays on your device until you delete it. For details concerning the use of Klarna cookies, please follow this link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

The legal basis for the sharing of your data with PayPal is Art. 6 Sect. 1 lit. a GDPR (consent) as well as Art. 6 Sect. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the option to at any time revoke your consent to the processing of your data. Such a revocation shall not have any impact on the effectiveness of data processing transactions that occurred in the past.

Stripe

On our website we offer, among other things, payment via Stripe and the associated payment methods. is the provider of these payment services, Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Rd, Dublin 2.

If you choose to pay via Stripe, the payment details you enter will be transmitted to Stripe. Your data will be transmitted to Stripe on the basis of Article 6 (1) (a) GDPR (consent) and Article 6 (1) (b) GDPR (processing to fulfill a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of past data processing operations. All data required for payment processing is used exclusively for making payments and is transmitted via the “SSL” procedure. Stripe is PCI DSS certified. Stripe may transfer, process and store personal data outside the EU. Stripe is subject to the Safe Harbor Agreement. Information about Stripe’s data protection is available here: https://stripe.com/de/privacy.

Our social media appearances

Data processing through social networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, Google+ etc. can generally analyse your user behaviour comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.

Legal basis
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).

Responsibility and assertion of rights
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

Storage time
The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.

We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g. in their privacy policy, see below).

Individual social networks

Facebook

We have a profile on Facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield.

You can customise your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Details can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/.

Facebook Fanpage Insights - Notice for our Facebook Fanpage users

Facebook Ireland Ltd ("Facebook") provides us as a Facebook fan page operator with so-called "Facebook Insights" ("Insights"). The insights are various statistics that give us information about the use of our Facebook fan page. Detailed information on this and which data processing takes place can be found at https://www.facebook.com/privacy/policy/ as well https://www.facebook.com/legal/terms/information_about_page_insights_data

Facebook-Fanpage-Insights can be based on personal data that was recorded in connection with a visit or an interaction of people on or with our Facebook fan page and its content, so that personal data can also be processed by Facebook, visit our Facebook site. The essential information of the agreement concluded between us and Facebook within the meaning of Article 26 General Data Protection Regulation can be found there: https://www.facebook.com/legal/terms/page_controller_addendum

Facebook-Fanpage Insights are jointly responsible for the processing

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2, Ireland
https://www.facebook.com/business/gdpr
https://www.facebook.com/help/contact/540977946302970

and

Hubertus-Apotheke, Jörn Drost e.K. August-Hahn-Str. 85 48599 Gronau 02562 / 38 19 02562 / 70 03 79 info∂hubertus-apotheke-gronau.de

Facebook Ireland primarily fulfills:

• the information obligations from Articles 12, 13 GDPR, as well
• the obligations from Articles 15 to 21 GDPR, the rights of the data subject can therefore be asserted against Facebook Ireland, as well
• the obligations under Articles 33 and 34 GDPR.

Of course, you can also assert your rights against us.

Facebook Ireland takes appropriate technical and organizational measures in accordance with Article 32 GDPR to ensure the security of processing through Facebook Fanpage Insights.

For the legal basis and purposes of processing by Facebook Ireland, please refer to the information there: https://www.facebook.com/about/privacy/legal_bases and https://www.facebook.com/policy.php

We process the Facebook Fanpage Insights data based on our legitimate interest in evaluating the activities on our fanpage and our marketing measures there (advertisements, campaigns, postings); Article 6 paragraph 1 sentence 1 f) GDPR.

Further information: Data protection: Facebook Fanpages and InSights - here are the answers

You are not legally obliged to provide your personal data. However, the provision may be necessary for a contract or for functions of the Facebook fan page. If not provided, a contract or a function on the Facebook fan page may not be offered.

The rights of data subjects arise in particular from Articles 15 to 23 and 77 of the General Data Protection Regulation and from Sections 32 to 37 of the Federal Data Protection Act.

With regard to your personal data, you have the right to

• Information, Article 15 General Data Protection Regulation
• Correction, Article 16 General Data Protection Regulation
• Deletion, Article 17 General Data Protection Regulation
• Restriction of processing, Article 18 General Data Protection Regulation and
• Transferability, Article 20 General Data Protection Regulation.

You also have the right to object to the processing of personal data

• Objection, Article 21 General Data Protection Regulation

to be collected, see further information separately immediately.

If you have given your consent to the processing of personal data, you have the right of

• Revocation, Article 7 General Data Protection Regulation

with effect for the future.

Please direct all inquiries, requests and notifications to Facebook Ireland or to us, see above-

If you believe that the processing of your personal data violates data protection law, you always have that

• Right to complain

at the responsible supervisory authority, cf. Article 77 General data protection regulation. Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data violates the General data protection regulation violates. The supervisory authority responsible for Facebook Ireland is the Irish Data Protection Commission (https://www.dataprotection.ie/). The State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia is responsible for us, Kavalleriestrasse 2-4, 40213 Düsseldorf.

INFORMATION ABOUT YOUR RIGHT TO OBJECT UNDER ARTICLE 21 GDPR

1. You have the right to object to the processing of your personal data at any time, for reasons that arise from your particular situation, based on Article 6 paragraph 1 sentence 1 f) General Data Protection Regulation (data processing based on a balance of interests).

If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

2. In individual cases, we process personal data in order to operate direct mail. If this is the case for you, you have the right to object at any time to the processing of your data for the purpose of such advertising

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be made without a form.

Google+

We have a profile on Google+. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland. Google has EU-US Privacy Shield certification:

You can customise your advertising settings independently in your user account. Click on the following link and log in: https://adssettings.google.com/authenticated.

For details, see the Google Privacy Policy: https://policies.google.com/privacy.

Twitter / X

We use the short message service Twitter / X. The provider is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. Twitter / X is certified under the EU-US Privacy Shield.

You can customise your Twitter / X privacy settings in your user account. Click on the following link and log in: https://x.com/settings/account/personalization.

For details, see the Twitter / X Privacy Policy: https://x.com/de/privacy.

Instagram

We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal information, see the Instagram Privacy Policy: https://help.instagram.com/519522125107875.

Pinterest

We have a profile at Pinterest. The operator is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA („Pinterest“). Details on how they handle your personal data can be found in the privacy policy of Pinterest: https://policy.pinterest.com/de/privacy-policy.

XING

We have a profile on XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Details on their handling of your personal data can be found in the XING Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.

LinkedIn

We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.

If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

For details on how they handle your personal information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

Tumblr

We have a profile on Tumblr. The provider is Tumblr, Inc., 35 East 21st St., 10th Floor, New York, NY 10010, USA. Details on how they handle your personal data can be found in the Tumblr privacy policy: https://www.tumblr.com/privacy/de.