Data protection
We have drawn up this privacy policy (version 10.12.2020-311239746) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 , what information we collect, how we use data and what choices you have as a visitor to this website.
Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible.
Automatic data storage
When you visit websites these days, certain information is automatically created and stored, including on this website.
When you visit our website like you are doing now, our web server (the computer on which this website is stored) automatically saves data such as
- the address (URL) of the accessed website
- browser and browser version
- the operating system used
- the address (URL) of the previously visited page (referrer URL)
- the hostname and IP address of the device from which access is made
- date and time
in files (web server log files).
As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass this data on, but cannot rule out that this data will be viewed if illegal behavior occurs.
cookies
Our website uses HTTP cookies to store user-specific data.
Below we explain what cookies are and why they are used so that you can better understand the following privacy policy.
What exactly are cookies?
Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are other cookies for other areas of application. HTTP cookies are small files that are saved on your computer by our website. These cookie files are automatically stored in the cookie folder, the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser sends the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default settings. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "malware". Cookies also cannot access information on your PC.
For example, cookie data can look like this:
- Name: _ga
- Expiry time: 2 years
- Use: Distinguishing between website visitors
- Example value: GA1.2.1326744211.152311239746
A browser should support the following minimum sizes:
- A cookie should be able to contain at least 4096 bytes
- At least 50 cookies should be able to be stored per domain
- A total of at least 3000 cookies should be able to be stored
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point we would like to briefly explain the different types of HTTP cookies.
There are 4 types of cookies:
Strictly Necessary Cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues browsing on other pages and only later proceeds to checkout. These cookies ensure that the shopping cart is not deleted, even if the user closes their browser window.
Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers.
Targeted cookies
These cookies improve user experience. For example, entered locations, font sizes or form data are saved.
advertising cookies
These cookies are also called targeting cookies. They are used to deliver individually tailored advertising to the user. This can be very practical, but also very annoying.
Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to accept. And of course, this decision will also be saved in a cookie.
How can I delete cookies?
You decide how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Clear cookies to remove data that websites have stored on your computer
Internet Explorer: Deleting and managing cookies
Microsoft Edge: Delete and manage cookies
If you do not want cookies at all, you can set your browser so that it always informs you when a cookie is to be placed. This way you can decide for each individual cookie whether you want to accept the cookie or not. The procedure varies depending on the browser. The best thing to do is to search for the instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser, or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.
What about my data protection?
The so-called "Cookie Guidelines" have been in place since 2009. They state that the storage of cookies requires your consent. However, there are still very different reactions to these guidelines within the EU countries. In Germany, the Cookie Guidelines have not been implemented as national law. Instead, this guideline has largely been implemented in Section 15 Paragraph 3 of the Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265 , the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
storage of personal data
Personal data that you send to us electronically on this website, such as name, email address, address or other personal information when submitting a form or comments in the blog, will be used by us together with the time and IP address only for the specified purpose, stored securely and not passed on to third parties.
We therefore only use your personal data to communicate with those visitors who expressly request contact and to process the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.
If you send us personal data by email - outside of this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by email.
The legal basis according to Article 6 paragraph 1 a GDPR (lawfulness of processing) is that you give us your consent to process the data you have entered. You can revoke this consent at any time - an informal email is sufficient, you can find our contact details in the imprint.
Rights under the General Data Protection Regulation
According to the provisions of the GDPR, you are generally entitled to the following rights:
- Right to rectification (Article 16 GDPR)
- Right to erasure (“right to be forgotten”) (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object (Article 21 GDPR)
- Right not to be subjected to a decision based solely on automated processing, including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) .
evaluation of visitor behavior
In the following privacy policy we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot draw any conclusions about you personally from your behavior on this website.
You can find out more about how to object to this evaluation of visit data in the following privacy policy.
TLS encryption with https
We use https to transmit data securely over the Internet (data protection through technology design Article 25 Paragraph 1 GDPR ). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the top left of the browser and the use of the https scheme (instead of http) as part of our Internet address.
Google Fonts Privacy Policy
We use Google Fonts on our website. These are the “Google fonts” from Google Inc. In Europe, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
You do not need to log in or enter a password to use Google Fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry about your Google account data being sent to Google while you use Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will look at exactly how the data is stored in more detail.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses.
Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our own website, but we don't have to upload them to our own server. Google Fonts is an important building block in maintaining the high quality of our website. All Google fonts are automatically optimized for the web, which saves data volume and is a great advantage, especially for use with mobile devices. When you visit our site, the small file size ensures a quick loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort text or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can display our entire online service as beautifully and consistently as possible.
What data does Google store?
When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google servers. This is how Google recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. API stands for "Application Programming Interface" and is used, among other things, as a data transmitter in the software sector.
Google Fonts stores CSS and font requests securely with Google and is therefore protected. The collected usage figures enable Google to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to examine and move large amounts of data.
However, it should be noted that every Google Font request automatically transfers information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. It is not clear whether this data is stored and Google does not clearly communicate this.
How long and where is the data stored?
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google style sheet. A style sheet is a format template that can be used to quickly and easily change the design or font of a website, for example.
The font files are stored by Google for one year. Google's goal is to generally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately appear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.
How can I delete my data or prevent data storage?
The data that Google stores for one day or one year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To be able to delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=311239746 . In this case, you can only prevent data storage if you do not visit our site.
Unlike other web fonts, Google allows us unrestricted access to all fonts. This means we can access a sea of fonts without limits and get the most out of our website. You can find out more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311239746 . Google does address data protection issues there, but it does not contain any really detailed information about data storage. It is relatively difficult to get really precise information about stored data from Google.
You can also read about which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/ .
Google Analytics Privacy Policy
We use the analysis tracking tool Google Analytics (GA) from the American company Google Inc. on our website. In Europe, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is saved in a cookie and sent to Google Analytics. The reports we receive from Google Analytics help us better tailor our website and service to your needs. Below we will go into more detail about the tracking tool and inform you about which data is saved and how you can prevent this.
What is Google Analytics?
Google Analytics is a tracking tool used to analyse the traffic on our website. In order for Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you perform on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.
Google processes the data and we receive reports about your user behavior. These may include the following reports:
- Target group reports: Through target group reports we get to know our users better and know more precisely who is interested in our service.
- Ad Reporting: Ad Reporting helps us analyze and improve our online advertising.
- Acquisition reports: Acquisition reports give us helpful information about how we can get more people excited about our service.
- Behavioral reports: This tells us how you interact with our website. We can see which path you take on our site and which links you click on.
- Conversion reports: A conversion is a process in which you perform a desired action based on a marketing message. For example, when you go from being a pure website visitor to becoming a buyer or newsletter subscriber. These reports help us learn more about how our marketing measures are received by you. This is how we want to increase our conversion rate.
- Real-time reports: Here we always know immediately what is happening on our website. For example, we can see how many users are currently reading this text.
Why do we use Google Analytics on our website?
Our goal with this website is clear: we want to offer you the best possible service. The statistics and data from Google Analytics help us achieve this goal.
The statistically evaluated data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that interested people can find it more easily on Google. On the other hand, the data helps us to better understand you as a visitor. We therefore know exactly what we need to improve on our website in order to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures in a more personalized and cost-effective manner. After all, it only makes sense to show our products and services to people who are interested in them.
What data is stored by Google Analytics?
Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This is what makes it possible to evaluate pseudonymous user profiles.
Identifiers such as cookies and app instance IDs are used to measure your interactions on our website. Interactions are all types of actions you perform on our website. If you also use other Google systems (such as a Google account), data generated through Google Analytics can be linked to third-party cookies. Google does not share Google Analytics data unless we as the website operator approve this. Exceptions may apply if required by law.
The following cookies are used by Google Analytics:
Name: _ga
Value: 2.1326744211.152311239746-5
Purpose: By default, analytics.js uses the cookie _ga to store the user ID. Basically, it is used to distinguish between website visitors.
Expiry date: after 2 years
Name: _gid
Value: 2.1687193234.152311239746-1
Purpose: The cookie is also used to distinguish between website visitors.
Expiration date: after 24 hours
Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose: Used to reduce the request rate. If Google Analytics is provided via Google Tag Manager, this cookie is named _dc_gtm_ <property-id>.
Expiration date: after 1 minute
Name: AMP_TOKEN
Value: not specified
Purpose: The cookie has a token that can be used to retrieve a user ID from the AMP Client ID service. Other possible values indicate a logout, a request, or an error.
Expiration date: after 30 seconds up to one year
Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: This cookie enables us to track your behavior on the website and measure performance. The cookie is updated each time information is sent to Google Analytics.
Expiry date: after 2 years
Name: __utmt
Value: 1
Purpose: The cookie is used like _gat_gtag_UA_<property-id> to throttle the request rate.
Expiration date: after 10 minutes
Name: __utmb
Value: 3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.
Expiration date: after 30 minutes
Name: __utmc
Value: 167421564
Purpose: This cookie is used to establish new sessions for returning visitors. This is a session cookie and is only stored until you close the browser again.
Expiry date: After closing the browser
Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: The cookie is used to identify the source of the traffic on our website. This means that the cookie stores where you came to our website from. This could be another page or an advertisement.
Expiry date: after 6 months
Name: __utmv
Value: not specified
Purpose: The cookie is used to store custom user data. It is always updated when information is sent to Google Analytics.
Expiry date: after 2 years
Note: This list cannot claim to be complete, as Google is constantly changing its choice of cookies.
Here we show you an overview of the most important data collected with Google Analytics:
Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly the areas you click on. This gives us information about where you are on our site.
Session duration: Google defines the session duration as the time you spend on our site without leaving the site. If you have been inactive for 20 minutes, the session ends automatically.
Bounce rate: A bounce occurs when you only view one page on our website and then leave our website again.
Account creation: When you create an account or place an order on our website, Google Analytics collects this data.
IP address: The IP address is only displayed in abbreviated form so that no clear assignment is possible.
Location: The IP address can be used to determine the country and your approximate location. This process is also known as IP location determination.
Technical information: Technical information includes, among other things, your browser type, your Internet service provider or your screen resolution.
Source: Google Analytics or us, of course, are also interested in which website or which advertisement you came to our site from.
Other data includes contact details, any ratings, the playback of media (e.g. when you play a video on our site), sharing content via social media or adding it to your favorites. This list is not exhaustive and only serves as a general guide to data storage by Google Analytics.
How long and where is the data stored?
Google has its servers distributed all over the world. Most of the servers are located in America and therefore your data is mostly stored on American servers. You can find out exactly where the Google data centers are here: https://www.google.com/about/datacenters/inside/locations/?hl=de
Your data is distributed across different physical storage devices. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Every Google data center has emergency programs for your data. If, for example, Google's hardware fails or natural disasters paralyze servers, the risk of a service interruption at Google remains low.
Google Analytics has a standard retention period of 26 months for your user data. After that, your user data is deleted. However, we have the option of choosing the retention period for user data ourselves. We have five options available for this:
- deletion after 14 months
- deletion after 26 months
- deletion after 38 months
- deletion after 50 months
- No automatic deletion
When the specified period has expired, the data is deleted once a month. This retention period applies to your data that is linked to cookies, user recognition and advertising IDs (e.g. cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is a fusion of individual data into a larger unit.
How can I delete my data or prevent data storage?
Under European Union data protection law, you have the right to obtain information about your data, to update it, to delete it or to restrict it. You can use the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js) to prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de . Please note that this add-on only deactivates data collection by Google Analytics.
If you generally want to deactivate, delete or manage cookies (independent of Google Analytics), there are separate instructions for each browser:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Clear cookies to remove data that websites have stored on your computer
Internet Explorer: Deleting and managing cookies
Microsoft Edge: Delete and manage cookies
Google Analytics is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311239746 . We hope we have been able to provide you with the most important information about data processing by Google Analytics. If you would like to find out more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de .