Data protection
--------------------
Privacy Policy
--------------------
1) Information about the collection of personal data and contact details of the controller
1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data are all data that can be used to identify you personally.
1.2 The controller for data processing on this website in accordance with the General Data Protection Regulation (GDPR) is Gerhard Pütter, mobi-click GmbH, Karl-Liebknecht-Strasse 60, 15230 Frankfurt (Oder), Germany, Tel.: +4917698221088, E-Mail: info@mobi-click.com. The controller for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
2) Data collection when visiting our website
When using our website for informational purposes only, meaning if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data that is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you arrived at the page
- Browser used
- Operating System Used
- Used IP address (if applicable: in anonymized form)
The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. There is no transfer or other use of the data. However, we reserve the right to review the server log files retrospectively should there be concrete indications of unlawful use.
3) Hosting
Hosting by Shopify
We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying the online shop based on processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of the aforementioned services provided by Shopify, data may also be transmitted in the context of further processing on behalf of Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., or Shopify (USA) Inc. In the event of data transmission to Shopify Inc. in Canada, the appropriate level of data protection is ensured by an adequacy decision of the European Commission. Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., and Shopify (USA) Inc. in the USA are certified under the US-EU Privacy Shield framework, which ensures compliance with the data protection level applicable in the EU.
Further information on Shopify's data protection can be found at the following website: https://www.shopify.de/legal/datenschutz
"Further processing on servers other than those mentioned above by Shopify only takes place within the framework communicated below."
4) Cookies
To make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, that is, after you close your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (so-called persistent cookies). When cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to a specific extent. Persistent cookies are automatically deleted after a predetermined duration, which may vary depending on the cookie.
Partially, the cookies serve to simplify the ordering process by storing settings (e.g., remembering the contents of a virtual shopping cart for a later visit to the website). If individual cookies we use also process personal data, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.
"We may work with advertising partners who help us make our online offering more interesting for you. For this purpose, cookies from partner companies will also be stored on your hard drive during your visit to our website (third-party cookies). If we collaborate with the aforementioned advertising partners, you will be individually and separately informed about the use of such cookies and the scope of the information collected in the following paragraphs."
Please note that you can configure your browser to be informed about the setting of cookies and to decide individually on their acceptance or to exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find this for the respective browsers at the following links:
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/en/kb/allow-and-deny-cookies
Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Safari: https://support.apple.com/en-us/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Please note that if cookies are not accepted, the functionality of our website may be limited.
5) Contact
In the context of contacting us (e.g. via contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been finally processed. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no legal retention obligations to the contrary.
6) Data processing when opening a customer account and for contract processing
According to Art. 6 para. 1 lit. b GDPR, personal data will continue to be collected and processed when you provide us with this information for the performance of a contract or when opening a customer account. The data collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above-mentioned address of the controller. We store and use the data you provide for contract processing. After the complete processing of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after these periods expire, unless you have expressly consented to further use of your data or a legally permitted further use of data has been reserved by us.
7) Data processing for order processing
7.1 In processing your order, we work with the following service providers who assist us in whole or in part with the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.
The personal data we collect will be passed on to the transport company commissioned with the delivery as far as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing, provided this is necessary for the payment processing. If payment service providers are used, we will explicitly inform you about this below. The legal basis for the transfer of data is Article 6(1)(b) GDPR.
7.2 Use of Payment Service Providers (Payment Services)
- Apple Pay
If you choose the payment method "Apple Pay" from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing will be done through the "Apple Pay" function of your device running iOS, watchOS, or macOS by charging a payment card stored in "Apple Pay". Apple Pay uses security features that are integrated into the hardware and software of your device to protect your transactions. Therefore, to authorize a payment, you will need to enter a code that you have previously set, as well as verify using the "Face ID" or "Touch ID" function of your device.
For the purpose of payment processing, the information you provided during the ordering process, along with the information about your order, is transmitted in encrypted form to Apple. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay for processing the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the success of the payment.
"If personal data is processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR."
Apple retains anonymized transaction data, including the approximate purchase amount, the approximate date and time, as well as an indication of whether the transaction was successfully completed. Anonymization completely excludes any personal reference. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.
When you use Apple Pay on your iPhone or Apple Watch to complete a purchase made through Safari on your Mac, the Mac and the authorization device communicate over an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can identify you. You can disable the ability to use Apple Pay on your Mac in the settings of your iPhone. Go to "Wallet & Apple Pay" and turn off "Allow Payments on Mac."
Further information on data protection with Apple Pay can be found at the following internet address: https://support.apple.com/de-de/HT203027
- Google Pay
If you choose the payment method "Google Pay" of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), the payment processing is carried out through the "Google Pay" application on your mobile device, which must be operated with at least Android 4.4 ("KitKat") and have an NFC function, by charging a payment card stored in Google Pay or a verified payment system there (e.g. PayPal). For the approval of a payment via Google Pay exceeding €25, it is necessary to unlock your mobile device beforehand using the respective verification method set up (such as facial recognition, password, fingerprint, or pattern).
For the purpose of payment processing, the information you provide during the ordering process, along with the information about your order, will be shared with Google. Google then transmits your payment information stored in Google Pay in the form of a one-time transaction number to the originating website, which verifies that a payment has been made. This transaction number does not contain any information about the actual payment data of your payment method stored in Google Pay, but is created and transmitted as a uniquely valid numerical token. In all transactions through Google Pay, Google acts solely as an intermediary for processing the payment. The execution of the transaction occurs exclusively between the user and the originating website by charging the payment method stored in Google Pay.
"If personal data is processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR."
Google reserves the right to collect, store, and analyze certain transaction-specific information for each transaction made via Google Pay. This includes the date, time, and amount of the transaction, merchant location and description, a description of the goods or services purchased provided by the merchant, photos you have attached to the transaction, the name and email address of the seller and buyer or sender and recipient, the payment method used, your description for the reason for the transaction, and any associated offer related to the transaction.
According to Google, this processing is carried out exclusively in accordance with Art. 6 para. 1 lit. f GDPR based on the legitimate interest in proper accounting, the verification of transaction data, and the optimization and maintenance of the Google Pay service.
"Google also reserves the right to combine the processed transaction data with additional information collected and stored by Google when using other Google services."
The terms of use for Google Pay can be found here:
https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Further information on data protection with Google Pay can be found at the following internet address:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
- Paypal
When paying via PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal, we will pass your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer is carried out in accordance with Art. 6 para. 1 lit. b GDPR and only to the extent necessary for the payment processing.
PayPal reserves the right to conduct a credit check for payment methods such as credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be shared with credit agencies in accordance with Art. 6 para. 1 lit. f GDPR based on PayPal's legitimate interest in determining your creditworthiness. The result of the credit check regarding the statistical probability of payment default is used by PayPal for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). To the extent that score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things, but is not limited to, address data. For further data protection information, including the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
- Shopify Payments
We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered through the payment service provider Shopify Payments, the payment processing will be carried out by the technical service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will pass on the information you provided during the ordering process along with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency, and transaction number) in accordance with Art. 6 para. 1 lit. b GDPR. The transfer of your data is carried out exclusively for the purpose of payment processing with Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose. Further information on the data protection of Shopify Payments can be found at the following internet address: https://www.shopify.com/legal/privacy.
Data protection information regarding Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy
8) Online-Marketing
Use of Google Ads Conversion Tracking
This website uses the online advertising program "Google Ads" and, as part of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). We use the services of Google Ads to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google Adwords). We can determine how successful the individual advertising measures are in relation to the data from the advertising campaigns. Our aim is to show you advertisements that are of interest to you, to make our website more interesting for you, and to achieve a fair calculation of the advertising costs incurred.
The cookie for conversion tracking is set when a user clicks on an ad displayed by Google Ads. Cookies are small text files that are stored on your device. These cookies usually expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of Google Ads customers. The information obtained through the conversion cookie is used to create conversion statistics for Google Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page marked with a conversion tracking tag. However, they do not receive information that would allow for personal identification of users. If you do not wish to participate in tracking, you can block this use by disabling the Google conversion tracking cookie through your internet browser under the keyword "User Settings." You will then not be included in the conversion tracking statistics. We use Google Ads based on our legitimate interest in targeted advertising according to Art. 6 para. 1 lit. f GDPR. As part of the use of Google Ads, there may also be a transfer of personal data to the servers of Google LLC in the USA.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
"At the following internet address, you can find more information about Google's privacy policy: https://www.google.de/policies/privacy/"
"You can permanently disable cookies for advertising preferences by preventing them through a corresponding setting in your browser software or by downloading and installing the browser plug-in available at the following link:"
https://www.google.com/settings/ads/plugin?hl=de
Please note that certain features of this website may not be available or may be limited if you have disabled the use of cookies.
9) Retargeting/ Remarketing/ Referral Advertising
Google Ads Remarketing
Our website uses the features of Google Ads Remarketing, with which we advertise this website in Google search results as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). For this purpose, Google sets a cookie in the browser of your device, which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. The processing is carried out on the basis of our legitimate interest in the optimal marketing of our website in accordance with Art. 6 para. 1 lit. f GDPR.
"Further data processing only takes place if you have consented to Google linking your internet and app browsing history with your Google account and using information from your Google account to personalize ads that you view on the web. If you are logged into Google during your visit to our website, Google uses your data along with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to form audiences. As part of using Google Ads Remarketing, there may also be a transfer of personal data to the servers of Google LLC in the USA."
You can permanently disable the setting of cookies for ad preferences by downloading and installing the browser plug-in available at the following link: https://www.google.com/settings/ads/onweb/
Alternatively, you can inform yourself about the setting of cookies and make adjustments at the Digital Advertising Alliance at the internet address www.aboutads.info. Finally, you can configure your browser to be informed about the setting of cookies and decide individually on their acceptance or exclude the acceptance of cookies for specific cases or in general. If cookies are not accepted, the functionality of our website may be limited.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
Further information and the privacy policy regarding advertising and Google can be viewed here:
https://www.google.com/policies/technologies/ads/
10) Tools and Miscellaneous
10.1 Google reCAPTCHA
On this website, we also use the reCAPTCHA function from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function primarily serves to distinguish whether an input is made by a natural person or abusively through automated and machine processing. The service includes the transmission of the IP address and, if applicable, other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in determining individual accountability on the Internet and preventing abuse and spam. As part of the use of Google reCAPTCHA, there may also be a transfer of personal data to the servers of Google LLC in the USA.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/
10.2 Google Maps
"On our website, we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Maps is a web service for displaying interactive (land) maps to visually represent geographical information. By using this service, our location will be displayed to you, and any directions will be facilitated."
When accessing those subpages that embed the Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there; this may also involve transmission to the servers of Google LLC in the USA. This occurs regardless of whether Google provides a user account that you are logged into or whether a user account exists. If you are logged into Google, your data is directly associated with your account. If you do not wish for this association with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage, and evaluation are carried out in accordance with Art. 6 para. 1 lit. f GDPR based on Google's legitimate interest in displaying personalized advertising, market research, and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
"If you do not agree with the future transmission of your data to Google in the context of using Google Maps, there is also the option to completely disable the Google Maps web service by turning off JavaScript in your browser. Google Maps and thus the map display on this website cannot be used then."
You can view Google's Terms of Service at https://www.google.de/intl/de/policies/terms/regional.html, and the additional Terms of Service for Google Maps can be found at https://www.google.com/intl/de_US/help/terms_maps.html.
Detailed information on data protection in connection with the use of Google Maps can be found on Google's website ("Google Privacy Policy"): https://www.google.de/intl/de/policies/privacy/
11) Rights of the data subject
11.1 The applicable data protection law grants you comprehensive rights as a data subject (rights of access and intervention) against the controller regarding the processing of your personal data, which we inform you about below:
- Right of access according to Art. 15 GDPR: You have the right to obtain information about your personal data processed by us, the purposes of processing, the categories of processed personal data, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage duration or the criteria for determining the storage duration, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected by us from you, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the significance and intended consequences of such processing for you, as well as your right to be informed about the guarantees according to Art. 46 GDPR when your data is transferred to third countries;
- Right to rectification according to Art. 16 GDPR: You have the right to immediate rectification of inaccurate data concerning you and/or completion of your incomplete data stored with us;
- Right to deletion according to Art. 17 GDPR: You have the right to request the deletion of your personal data if the conditions of Art. 17 para. 1 GDPR are met. However, this right does not exist particularly when the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- Right to restriction of processing according to Art. 18 GDPR: You have the right to request the restriction of processing your personal data as long as the accuracy of your data, which you dispute, is being verified, if you refuse the deletion of your data due to unlawful data processing and instead request the restriction of processing your data, if you need your data for the assertion, exercise, or defense of legal claims, after we no longer need this data for the purpose of processing or if you have lodged an objection for reasons related to your particular situation, as long as it has not yet been determined whether our legitimate grounds override;
- Right to information according to Art. 19 GDPR: If you have asserted your right to rectification, erasure, or restriction of processing against the controller, they are obliged to inform all recipients to whom your personal data has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
- Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transfer to another controller, insofar as this is technically feasible;
- Right of withdrawal of granted consents according to Art. 7 para. 3 GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the affected data immediately, provided that further processing cannot be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of the processing that has taken place based on the consent until the withdrawal;
- Right to lodge a complaint pursuant to Art. 77 GDPR: If you believe that the processing of your personal data violates the GDPR, you have - without prejudice to any other administrative or judicial remedy - the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, your workplace, or the place of the alleged infringement.
11.2 RIGHT OF OBJECTION
"IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERWHELMING LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE."
"IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING PROTECTABLE REASONS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS."
"IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING PURPOSES. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE."
"IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES."
12) Duration of storage of personal data
The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing, and – if applicable – additionally by the respective statutory retention period (e.g. commercial and tax retention periods).
When processing personal data based on explicit consent in accordance with Art. 6 para. 1 lit. a GDPR, this data will be stored until the data subject withdraws their consent.
"If there are statutory retention periods for data processed in the context of contractual or contract-like obligations based on Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer necessary for the fulfillment of the contract or the initiation of a contract and/or we have no legitimate interest in further storage."
When processing personal data based on Art. 6 para. 1 lit. f GDPR, this data will be stored until the data subject exercises their right to object under Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is necessary for the establishment, exercise, or defense of legal claims.
When processing personal data for the purpose of direct marketing based on Art. 6 para. 1 lit. f GDPR, this data will be stored until the data subject exercises their right to object under Art. 21 para. 2 GDPR.
Unless otherwise stated in the other information of this declaration regarding specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.
Privacy Policy
--------------------
1) Information about the collection of personal data and contact details of the controller
1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data are all data that can be used to identify you personally.
1.2 The controller for data processing on this website in accordance with the General Data Protection Regulation (GDPR) is Gerhard Pütter, mobi-click GmbH, Karl-Liebknecht-Strasse 60, 15230 Frankfurt (Oder), Germany, Tel.: +4917698221088, E-Mail: info@mobi-click.com. The controller for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
2) Data collection when visiting our website
When using our website for informational purposes only, meaning if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data that is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you arrived at the page
- Browser used
- Operating System Used
- Used IP address (if applicable: in anonymized form)
The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. There is no transfer or other use of the data. However, we reserve the right to review the server log files retrospectively should there be concrete indications of unlawful use.
3) Hosting
Hosting by Shopify
We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying the online shop based on processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of the aforementioned services provided by Shopify, data may also be transmitted in the context of further processing on behalf of Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., or Shopify (USA) Inc. In the event of data transmission to Shopify Inc. in Canada, the appropriate level of data protection is ensured by an adequacy decision of the European Commission. Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., and Shopify (USA) Inc. in the USA are certified under the US-EU Privacy Shield framework, which ensures compliance with the data protection level applicable in the EU.
Further information on Shopify's data protection can be found at the following website: https://www.shopify.de/legal/datenschutz
"Further processing on servers other than those mentioned above by Shopify only takes place within the framework communicated below."
4) Cookies
To make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, that is, after you close your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (so-called persistent cookies). When cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to a specific extent. Persistent cookies are automatically deleted after a predetermined duration, which may vary depending on the cookie.
Partially, the cookies serve to simplify the ordering process by storing settings (e.g., remembering the contents of a virtual shopping cart for a later visit to the website). If individual cookies we use also process personal data, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.
"We may work with advertising partners who help us make our online offering more interesting for you. For this purpose, cookies from partner companies will also be stored on your hard drive during your visit to our website (third-party cookies). If we collaborate with the aforementioned advertising partners, you will be individually and separately informed about the use of such cookies and the scope of the information collected in the following paragraphs."
Please note that you can configure your browser to be informed about the setting of cookies and to decide individually on their acceptance or to exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find this for the respective browsers at the following links:
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/en/kb/allow-and-deny-cookies
Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Safari: https://support.apple.com/en-us/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Please note that if cookies are not accepted, the functionality of our website may be limited.
5) Contact
In the context of contacting us (e.g. via contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been finally processed. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no legal retention obligations to the contrary.
6) Data processing when opening a customer account and for contract processing
According to Art. 6 para. 1 lit. b GDPR, personal data will continue to be collected and processed when you provide us with this information for the performance of a contract or when opening a customer account. The data collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above-mentioned address of the controller. We store and use the data you provide for contract processing. After the complete processing of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after these periods expire, unless you have expressly consented to further use of your data or a legally permitted further use of data has been reserved by us.
7) Data processing for order processing
7.1 In processing your order, we work with the following service providers who assist us in whole or in part with the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.
The personal data we collect will be passed on to the transport company commissioned with the delivery as far as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing, provided this is necessary for the payment processing. If payment service providers are used, we will explicitly inform you about this below. The legal basis for the transfer of data is Article 6(1)(b) GDPR.
7.2 Use of Payment Service Providers (Payment Services)
- Apple Pay
If you choose the payment method "Apple Pay" from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing will be done through the "Apple Pay" function of your device running iOS, watchOS, or macOS by charging a payment card stored in "Apple Pay". Apple Pay uses security features that are integrated into the hardware and software of your device to protect your transactions. Therefore, to authorize a payment, you will need to enter a code that you have previously set, as well as verify using the "Face ID" or "Touch ID" function of your device.
For the purpose of payment processing, the information you provided during the ordering process, along with the information about your order, is transmitted in encrypted form to Apple. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay for processing the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the success of the payment.
"If personal data is processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR."
Apple retains anonymized transaction data, including the approximate purchase amount, the approximate date and time, as well as an indication of whether the transaction was successfully completed. Anonymization completely excludes any personal reference. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.
When you use Apple Pay on your iPhone or Apple Watch to complete a purchase made through Safari on your Mac, the Mac and the authorization device communicate over an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can identify you. You can disable the ability to use Apple Pay on your Mac in the settings of your iPhone. Go to "Wallet & Apple Pay" and turn off "Allow Payments on Mac."
Further information on data protection with Apple Pay can be found at the following internet address: https://support.apple.com/de-de/HT203027
- Google Pay
If you choose the payment method "Google Pay" of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), the payment processing is carried out through the "Google Pay" application on your mobile device, which must be operated with at least Android 4.4 ("KitKat") and have an NFC function, by charging a payment card stored in Google Pay or a verified payment system there (e.g. PayPal). For the approval of a payment via Google Pay exceeding €25, it is necessary to unlock your mobile device beforehand using the respective verification method set up (such as facial recognition, password, fingerprint, or pattern).
For the purpose of payment processing, the information you provide during the ordering process, along with the information about your order, will be shared with Google. Google then transmits your payment information stored in Google Pay in the form of a one-time transaction number to the originating website, which verifies that a payment has been made. This transaction number does not contain any information about the actual payment data of your payment method stored in Google Pay, but is created and transmitted as a uniquely valid numerical token. In all transactions through Google Pay, Google acts solely as an intermediary for processing the payment. The execution of the transaction occurs exclusively between the user and the originating website by charging the payment method stored in Google Pay.
"If personal data is processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR."
Google reserves the right to collect, store, and analyze certain transaction-specific information for each transaction made via Google Pay. This includes the date, time, and amount of the transaction, merchant location and description, a description of the goods or services purchased provided by the merchant, photos you have attached to the transaction, the name and email address of the seller and buyer or sender and recipient, the payment method used, your description for the reason for the transaction, and any associated offer related to the transaction.
According to Google, this processing is carried out exclusively in accordance with Art. 6 para. 1 lit. f GDPR based on the legitimate interest in proper accounting, the verification of transaction data, and the optimization and maintenance of the Google Pay service.
"Google also reserves the right to combine the processed transaction data with additional information collected and stored by Google when using other Google services."
The terms of use for Google Pay can be found here:
https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Further information on data protection with Google Pay can be found at the following internet address:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
- Paypal
When paying via PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal, we will pass your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer is carried out in accordance with Art. 6 para. 1 lit. b GDPR and only to the extent necessary for the payment processing.
PayPal reserves the right to conduct a credit check for payment methods such as credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be shared with credit agencies in accordance with Art. 6 para. 1 lit. f GDPR based on PayPal's legitimate interest in determining your creditworthiness. The result of the credit check regarding the statistical probability of payment default is used by PayPal for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). To the extent that score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things, but is not limited to, address data. For further data protection information, including the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
- Shopify Payments
We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered through the payment service provider Shopify Payments, the payment processing will be carried out by the technical service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will pass on the information you provided during the ordering process along with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency, and transaction number) in accordance with Art. 6 para. 1 lit. b GDPR. The transfer of your data is carried out exclusively for the purpose of payment processing with Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose. Further information on the data protection of Shopify Payments can be found at the following internet address: https://www.shopify.com/legal/privacy.
Data protection information regarding Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy
8) Online-Marketing
Use of Google Ads Conversion Tracking
This website uses the online advertising program "Google Ads" and, as part of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). We use the services of Google Ads to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google Adwords). We can determine how successful the individual advertising measures are in relation to the data from the advertising campaigns. Our aim is to show you advertisements that are of interest to you, to make our website more interesting for you, and to achieve a fair calculation of the advertising costs incurred.
The cookie for conversion tracking is set when a user clicks on an ad displayed by Google Ads. Cookies are small text files that are stored on your device. These cookies usually expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of Google Ads customers. The information obtained through the conversion cookie is used to create conversion statistics for Google Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page marked with a conversion tracking tag. However, they do not receive information that would allow for personal identification of users. If you do not wish to participate in tracking, you can block this use by disabling the Google conversion tracking cookie through your internet browser under the keyword "User Settings." You will then not be included in the conversion tracking statistics. We use Google Ads based on our legitimate interest in targeted advertising according to Art. 6 para. 1 lit. f GDPR. As part of the use of Google Ads, there may also be a transfer of personal data to the servers of Google LLC in the USA.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
"At the following internet address, you can find more information about Google's privacy policy: https://www.google.de/policies/privacy/"
"You can permanently disable cookies for advertising preferences by preventing them through a corresponding setting in your browser software or by downloading and installing the browser plug-in available at the following link:"
https://www.google.com/settings/ads/plugin?hl=de
Please note that certain features of this website may not be available or may be limited if you have disabled the use of cookies.
9) Retargeting/ Remarketing/ Referral Advertising
Google Ads Remarketing
Our website uses the features of Google Ads Remarketing, with which we advertise this website in Google search results as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). For this purpose, Google sets a cookie in the browser of your device, which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. The processing is carried out on the basis of our legitimate interest in the optimal marketing of our website in accordance with Art. 6 para. 1 lit. f GDPR.
"Further data processing only takes place if you have consented to Google linking your internet and app browsing history with your Google account and using information from your Google account to personalize ads that you view on the web. If you are logged into Google during your visit to our website, Google uses your data along with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to form audiences. As part of using Google Ads Remarketing, there may also be a transfer of personal data to the servers of Google LLC in the USA."
You can permanently disable the setting of cookies for ad preferences by downloading and installing the browser plug-in available at the following link: https://www.google.com/settings/ads/onweb/
Alternatively, you can inform yourself about the setting of cookies and make adjustments at the Digital Advertising Alliance at the internet address www.aboutads.info. Finally, you can configure your browser to be informed about the setting of cookies and decide individually on their acceptance or exclude the acceptance of cookies for specific cases or in general. If cookies are not accepted, the functionality of our website may be limited.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
Further information and the privacy policy regarding advertising and Google can be viewed here:
https://www.google.com/policies/technologies/ads/
10) Tools and Miscellaneous
10.1 Google reCAPTCHA
On this website, we also use the reCAPTCHA function from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function primarily serves to distinguish whether an input is made by a natural person or abusively through automated and machine processing. The service includes the transmission of the IP address and, if applicable, other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in determining individual accountability on the Internet and preventing abuse and spam. As part of the use of Google reCAPTCHA, there may also be a transfer of personal data to the servers of Google LLC in the USA.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/
10.2 Google Maps
"On our website, we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Maps is a web service for displaying interactive (land) maps to visually represent geographical information. By using this service, our location will be displayed to you, and any directions will be facilitated."
When accessing those subpages that embed the Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there; this may also involve transmission to the servers of Google LLC in the USA. This occurs regardless of whether Google provides a user account that you are logged into or whether a user account exists. If you are logged into Google, your data is directly associated with your account. If you do not wish for this association with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage, and evaluation are carried out in accordance with Art. 6 para. 1 lit. f GDPR based on Google's legitimate interest in displaying personalized advertising, market research, and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.
"In the event of the transmission of personal data to Google LLC based in the USA, Google LLC has certified itself under the US-European data protection agreement 'Privacy Shield', which ensures compliance with the level of data protection applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list"
"If you do not agree with the future transmission of your data to Google in the context of using Google Maps, there is also the option to completely disable the Google Maps web service by turning off JavaScript in your browser. Google Maps and thus the map display on this website cannot be used then."
You can view Google's Terms of Service at https://www.google.de/intl/de/policies/terms/regional.html, and the additional Terms of Service for Google Maps can be found at https://www.google.com/intl/de_US/help/terms_maps.html.
Detailed information on data protection in connection with the use of Google Maps can be found on Google's website ("Google Privacy Policy"): https://www.google.de/intl/de/policies/privacy/
11) Rights of the data subject
11.1 The applicable data protection law grants you comprehensive rights as a data subject (rights of access and intervention) against the controller regarding the processing of your personal data, which we inform you about below:
- Right of access according to Art. 15 GDPR: You have the right to obtain information about your personal data processed by us, the purposes of processing, the categories of processed personal data, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage duration or the criteria for determining the storage duration, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected by us from you, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the significance and intended consequences of such processing for you, as well as your right to be informed about the guarantees according to Art. 46 GDPR when your data is transferred to third countries;
- Right to rectification according to Art. 16 GDPR: You have the right to immediate rectification of inaccurate data concerning you and/or completion of your incomplete data stored with us;
- Right to deletion according to Art. 17 GDPR: You have the right to request the deletion of your personal data if the conditions of Art. 17 para. 1 GDPR are met. However, this right does not exist particularly when the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- Right to restriction of processing according to Art. 18 GDPR: You have the right to request the restriction of processing your personal data as long as the accuracy of your data, which you dispute, is being verified, if you refuse the deletion of your data due to unlawful data processing and instead request the restriction of processing your data, if you need your data for the assertion, exercise, or defense of legal claims, after we no longer need this data for the purpose of processing or if you have lodged an objection for reasons related to your particular situation, as long as it has not yet been determined whether our legitimate grounds override;
- Right to information according to Art. 19 GDPR: If you have asserted your right to rectification, erasure, or restriction of processing against the controller, they are obliged to inform all recipients to whom your personal data has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
- Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transfer to another controller, insofar as this is technically feasible;
- Right of withdrawal of granted consents according to Art. 7 para. 3 GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the affected data immediately, provided that further processing cannot be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of the processing that has taken place based on the consent until the withdrawal;
- Right to lodge a complaint pursuant to Art. 77 GDPR: If you believe that the processing of your personal data violates the GDPR, you have - without prejudice to any other administrative or judicial remedy - the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, your workplace, or the place of the alleged infringement.
11.2 RIGHT OF OBJECTION
"IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERWHELMING LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE."
"IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING PROTECTABLE REASONS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS."
"IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING PURPOSES. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE."
"IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES."
12) Duration of storage of personal data
The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing, and – if applicable – additionally by the respective statutory retention period (e.g. commercial and tax retention periods).
When processing personal data based on explicit consent in accordance with Art. 6 para. 1 lit. a GDPR, this data will be stored until the data subject withdraws their consent.
"If there are statutory retention periods for data processed in the context of contractual or contract-like obligations based on Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer necessary for the fulfillment of the contract or the initiation of a contract and/or we have no legitimate interest in further storage."
When processing personal data based on Art. 6 para. 1 lit. f GDPR, this data will be stored until the data subject exercises their right to object under Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is necessary for the establishment, exercise, or defense of legal claims.
When processing personal data for the purpose of direct marketing based on Art. 6 para. 1 lit. f GDPR, this data will be stored until the data subject exercises their right to object under Art. 21 para. 2 GDPR.
Unless otherwise stated in the other information of this declaration regarding specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.