Privacy Policy

General information about the processing of your data

We are obliged by law to inform you about the processing of your personal data (hereinafter referred to as “data”) when you use our website. This data protection notice informs you about the details of the processing of your data and about your legal rights in this regard. For terms such as “personal data” and “processing”, the legal definitions pursuant to Art. 4 GDPR apply. We reserve the right to adapt the privacy policy with future effect, in particular in the event of further development of the website, the use of new technologies or changes to the legal bases or the corresponding case law. We recommend that you read this privacy policy from time to time and take a printout or a copy for your records.

Scope

privacy policy applies to all pages of www.busy-rooms.com. It does not cover any linked websites of other providers.

Controller

The following party is known as the controller under data protection law and therefore responsible for the processing of personal data within the scope of this privacy policy:

Busy Rooms Limited

Skyway Offices,

177/8 Marina Street

Pieta 9042 Malta

E-Mail: GDPR@busy-rooms.com 

Questions about data protection

If you have any questions about data protection with regard to our company or our website, you you can contact our data protection officer:

SPIRIT LEGAL Rechtsanwaltsgesellschaft mbH

Rechtsanwalt und Datenschutzbeauftragter 

Peter Hense

Postal address:

Datenschutzbeauftragter

c/o Busy Rooms Limited

Skyway Offices,

177/8 Marina Street

Pieta 9042 Malta

Contact via the encrypted online form:

Contact data protection officer

Security 

We have taken comprehensive technical and organisational precautions to protect your personal data from unauthorised access, abuse, loss and other external disruption. To this end, we regularly review our security measures and adapt them to the latest standards.

Your rights

You have the following rights with regard to the personal data concerning you that you can assert against us:

  • Right of access: You can request access to the personal data concerning you which we process, as set forth in Art. 15 GDPR. 
  • Right to rectification: If the information concerning you is not (or no longer) correct, you can request its rectification in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
  • Right to eraasure: You may request the erasure of your personal data in accordance with Art. 17 GDPR.
  • Right tot restriction of processing: Pursuant to Art. 18 GDPR, you have the right to demand that the processing of your personal data be restricted. 
  • Right to object to processing: Pursuant to Art. 21(1) GDPR, you have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data which occurs based on Art. 6(1) Sentence 1(e) or (f) GDPR. If you object, we will not process your data further, unless we can prove compelling legitimate reasons for the processing which override your interests, rights and freedoms. Processing will also continue if the processing serves to establish and exercise or defend against legal claims (Art. 21(1) GDPR). Furthermore, under Art. 21(2) GDPR you have the right to object at any time to the processing of your personal data for direct marketing purposes, which includes profiling to the extent that this is related to such direct marketing. In this privacy policy, we draw your attention to this right to object when describing each processing operation.
  • Right to withdraw your consent: If you have given your consent for processing, you have a right to withdraw that consent under Art. 7(3) GDPR. 
  • Right to data portability: You have the right to receive the personal data you have given us in a structured, commonly used, machine-readable format (“data portability”) and the right to transfer this data to another controller, if the prerequisites of Art. 20(1)(a), (b) GDPR are fulfilled (Art. 20 GDPR).

You can assert your rights by informing us using the contact details specified under “Controller” above.

If you believe that the processing of your personal data violates data protection law, then under Art. 77 GDPR you also have the right to lodge a complaint with a data protection supervisory authority of your choice.

Using our website

In principle, you can use our website for purely informational purposes without disclosing your identity. When you access the individual pages of the website in this sense, this only results in access data being transferred to our web hosting service so that the website can be displayed to you. This involves the following data being processed:

  • Browser type/browser version
  • Operating system used
  • Language and version of the browser software
  • Date and time of access
  • Hostname of the accessing device
  • IP address
  • Content of the request (specific page)
  • Access status / HTTP status code
  • Websites accessed via the website
  • Referrer URL (website visited before)
  • Notification of whether the access was a success and
  • Volume of data transferred.

It is necessary for this data to be processed temporarily in order to make it technically possible for you to visit our website and to deliver the website to your device. The access data is not used to identify individual users and is not combined with other data sources. Further storage in log files takes place in order to ensure the functionality of the website and the security of the information technology systems. The legal basis for the processing is YArt. 6(1) Sentence 1(f) GDPR. We have legitimate interests in ensuring the functionality, integrity and security of the website. Storing access data in log files, in particular the IP address, for a longer period of time enables us to recognise and prevent misuse. This includes, for example, defence against requests that overload the service or possible bot use. The access data will be erased as soon as it is no longer required for achieving the purpose of its processing. In the case of recording the data to provide the website, this is the case when you end your visit to the website. The log data is always stored directly and only accessible to administrators and deleted after seven days at the latest. 

You may object to the processing. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller” above.

Device information

In addition to the aforementioned access data, technologies are used when you use the website which store information in your device (e.g. desktop PC, laptop, tablet or smartphone) or access information which is already stored on your device. These technologies may include, for example, cookies, pixels, local storage, session storage, IndexedDB or browser fingerprinting technologies. These technologies can be used to recognise you across devices and websites. 

According to Art. 6(1) Sentence 1(f) GDPR ), we generally require your consent for the use of these technologies. 

Technically necessary device information

Some elemts of our website serve the sole purpose of transmitting a message or are absolutely necessary to provide you with our website or individual features thereof: 

  • Language settings,
  • Item in shopping basket,
  • Log-in information.

The elements are erased after storage is no longer required.

You can prevent processing by adjusting your browser settings accordingly. For elements whose storage duration is not limited to the session, you can adjust your browser settings so that the elements are erased after your session has expired. 

Technically non-essential device information

Our website also uses elements that are not technically necessary. We only use these technologies with your consent in accordance with legal requirements. Information about the individual technologies and features can be found in our “Details” as well as in the following information, which is sorted according to the individual features.

“Usercentrics” consent management platform 

To make it easier for us to ask for your consent to the use of cookies or other tracking technologies so that we can process your device information and personal data when you visit our website, we use the consent tool “Usercentrics”. “Usercentrics” gives you the opportunity to accept or decline the processing of your device information and personal data using cookies or other tracking technologies for the purposes listed in “Usercentrics”. Such processing purposes may include the integration of external elements, integration of streamed content, statistical analysis, reach measurement, personalised product recommendations, or personalised advertising. You can use “Usercentrics” to grant or refuse your consent for all processing purposes, or to grant or refuse your consent for individual purposes or third-party providers. You can change your settings again later on. The purpose of integrating “Usercentrics” is to allow users of our website to decide whether to allow cookies and similar technologies, and to offer them the opportunity to change settings that they have already made when they continue to use our website. When “Usercentrics” is used, we process personal data as well as information from the devices used. Your data will also be sent to Usercentrics (Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Deutschland). The information about the settings you have made is also stored on your device. The legal basis for the processing is Art. 6(1) Sentence 1(c) GDPR in conjunction with Art. 7(1) GDPR, insofar as the processing serves to fulfil the legally standardised obligations to provide evidence for the granting of consent. Otherwise, Art. 6(1) Sentence 1(f) GDPR is the relevant legal basis. Our legitimate interests in this processing lie in the storage of users’ settings and preferences with regard to the use of cookies and the evaluation of consent rates. Your user settings will then be saved again for this period, unless you delete the information about your user settings yourself beforehand in your device settings.

You may object to the processing, insofar as processing is based on Art. 6(1) Sentence 1(f) GDPR. Your right of objection exists if you have reasons arising from your particular situation. You can prevent processing by deleting the history and website data in the settings of your browser software or by opening the browser you are using in "private mode".

Contacting our company

When you contact our company, e.g. by email or using the contact form on the website, we will process the personal data you provide so that we can respond to your request. In order for us to process enquiries submitted via the contact form, it is essential that you provide a company name, a first and last name, a valid e-mail address and optionally a telephone numberAt the time the message is sent to us, your IP address and the date and time of registration will be processed. The legal basis for this processing is Art. 6(1) Sentence 1(f) GDPR and Art. 6(1) Sentence 1(b) GDPR, if the contact is made with the intention of concluding a contract. If the request is aimed at concluding a contract, it is necessary for you to provide your data. If you do not provide your data, it will not be possible to conclude/execute a contract and process the request. The other data processed during the submission process serves to prevent any misuse of the contact form and to ensure the security of our information technology systems. To manage contact requests and our contacts we use the database management system of Zoominfo Technologies LLC (942 Stratford Ct Westbury, NY, 11590-5823 United States; hereinafter referred to as „Zoominfo“). In „Zoominfo“ we store and manage the personal data you provide. „Zoominfo“ may also process your data in the USA. The EU Commission has issued an adequacy decision for the USA. „Zoominfo“ is certified within this framework. In addition, we have concluded standard contractual clauses with „Zoominfo“ in order to oblige Zendesk, Inc. to an appropriate level of data protection. These can be viewed at https://www.zoominfo.com/legal/privacy-policy. As soon as processing is no longer necessary, we erase the data generated here – usually two years after the end of the communication – or, if statutory retention obligations apply, restrict processing of the data.

You may object to the processing. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller” above.

Processing for contractual purposes

We process your personal data if and to the extent necessary for the initiation, creation, execution and/or termination of a legal transaction with our company. The legal basis for this results from Art. 6(1) Sentence 1(b) GDPR. It is necessary for you to provide your data in order to conclude the contract and you are contractually obliged to provide your data. If you do not provide your data, it will not be possible to conclude and/or execute a contract. Once the purpose has been achieved (e.g. contract processing), the personal data will be blocked for further processing or erased, unless we are entitled to keep processing the data on the basis of a consent granted by you (e.g. consent to the processing of your email address for sending promotional emails), a contractual agreement, a statutory authorisation (e.g. authorisation to send direct marketing) or on the basis of justified interests (e.g. retention for asserting claims).

Your personal data will be passed on to third parties if

  • it is necessary for the creation, execution or termination of legal transactions with our company (e.g. when transmitting data to a payment service provider/a shipping company to process a contract with you), in accordance with Art. 6(1) Sentence 1(b) GDPR), or
  • a subcontractor or party we use to perform our obligations, which we use exclusively within the framework of providing the offers or services requested by you, needs this data (unless you are expressly informed otherwise, such auxiliary parties are only entitled to process the data insofar as this is necessary for the provision of the offer or service), or
  • there is an enforceable official order (Art. 6(1) Sentence 1(c) GDPR), or
  • there is an enforceable court order (Art. 6(1) Sentence 1(c) GDPR), or
  • we are legally obliged to do so (Art. 6(1) Sentence 1(c) GDPR), or
  • the processing is necessary in order to protect the vital interests of the data subject or another natural person (Art. 6(1) Sentence 1(d) GDPR), or
  • this is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6(1) Sentence 1(e) GDPR), or
  • we can cite our overriding legitimate interests, or those of a third party, in the disclosure (Art. 6(1) Sentence 1(f) GDPR).

Your personal data will not be transmitted to other persons, companies or bodies unless you have effectively consented to such transmission. The legal basis for the processing is then Art. 6(1) Sentence 1(a) GDPR. In this privacy policy, we draw your attention to the respective recipients when describing each processing operation. 

Email marketing

Advertising to existing customers 

We reserve the right to use the email address you provide when ordering in accordance with the statutory provisions in order to send you the following content by email at the time of or after your order, unless you have already objected to this processing of your email address: 

  • Interesting offers from our portfolio, 
  • Information about events organised by our company or in which our company will participate,
  • Information about new products and services,
  • Special offers/temporary offers,
  • Technical information,
  • Updates on our blog.

The legal basis of the data processing is Art. 6(1) Sentence 1(f) GDPR. Our legitimate interests in the processing described lie in enhancing and optimising our services, conducting direct marketing and ensuring customer satisfaction. We will erase your data when you stop using the service, but no later than two years after termination of the contract. We use an external e-mail marketing service to send the newsletter. Further information on this service provider can be found in the section „ Email marketing service “.

We would like to point out that you can object to receiving direct marketing and to the processing of the data for direct marketing purposes at any time without incurring any costs other than the transmission costs according to the basic rates. Here you have a general right of objection without giving reasons (Art. 21(2) GDPR). To do this, click on the unsubscribe link in the relevant email or send us your objection to the contact details provided under “Controller”.  

Newsletter 

You have the possibility to subscribe to our email newsletter on the website, which we use to inform you regularly about the following content: 

  • Interesting offers from our portfolio, 
  • Information about events organised by our company or in which our company will participate,
  • Information about new products and services,
  • Special offers/temporary offers,
  • Technical information,
  • Updates on our blog.

In order to receive the newsletter, you need to give us a name or pseudonym and a valid email address. We process the email address for the purpose of sending our email newsletter and for as long as you have subscribed to the newsletter. We use an external e-mail marketing service to send the newsletter. Further information on this service provider can be found in the section „ Email marketing service “.

The legal basis for the processing is Art. 6(1) Sentence 1(a) GDPR. Your data will be processed until your withdrawal.

You can withdraw your consent to the processing of your email address for the purpose of sending you the newsletter at any time, either by clicking directly on the unsubscribe link in the newsletter or by sending us a message using the contact details provided under “Controller”. This will not affect the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal. 

Double-Opt-In-Procedure

In order to document your newsletter registration and to prevent abuse of your personal data, we use what is known as a double opt-in procedure for email newsletter registrations. Once you have entered the data marked as mandatory, we will send you an email to the email address you have provided, in which we ask you to expressly confirm your subscription to the newsletter by clicking on a confirmation link. We process your IP address, the date and time of registration for the newsletter and the time of your confirmation. This is how we ensure that you really want to receive our email newsletter. We are legally obliged to be able to demonstrate that you have consented to the processing of your personal data in connection with registering for the newsletter (Art. 7(1) GDPR). Due to this legal obligation, this data processing is carried out on the basis of Art. 6(1) Sentence 1(c) GDPR. 

You are not obliged to provide your personal data during the registration process. However, if you do not provide the required personal data, we may not be able to process your subscription or process it in full. If you do not confirm your newsletter subscription within 24 hours, we will erase your data after one month at the latest. Once you confirm your registration, we will process your data for as long as you have subscribed to the newsletter. 

Newsletter-Tracking

We also statistically evaluate newsletter opening rates, the number of clicks on links in newsletters and the reading time, and measure the reach of our newsletters and customise the offers and information sent to you according to your personal interests. For this purpose, user behaviour on our websites and within the newsletters we send out is evaluated on the basis of device-specific information (e.g. email client used and software settings). For this analysis, the emails sent out contain so-called web beacons or tracking pixels, which constitute single-pixel image files that are also embedded on our website. 

For the purpose of measuring reach, we measure the number of visitors who have reached our websites by clicking on links and who perform certain actions there, such as redeeming vouchers and purchasing products via the online shop. Depending on specific reading behaviour, we also form target groups to whom we then send newsletter content tailored to the identified user interest. The legal basis for the processing is Art. 6(1) Sentence 1(a) GDPR. We will erase your data if you unsubscribe from the newsletter. 

The legal basis for the processing is Art. 6(1) Sentence 1(a) GDPR. We will erase your data if you unsubscribe from the newsletter. 

You can withdraw your consent at any time, either by sending us a message (see the contact details under “Controller”) or by clicking directly on the unsubscribe link in the newsletter. This will not affect the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.

email marketing service

We use the email marketing service Mailchimp, which is provided by Intuit, Inc. (2700 Coast Ave, Mountain View, CA 94043, USA; hereinafter referred to as “Mailchimp“). If you have subscribed to the newsletter, the data provided when registering as well as the data processed when you use our newsletters are processed on Mailchimp servers. Mailchimp acts as our processor and is contractually limited in its authority to use your personal data for purposes other than to provide services to us in accordance with the applicable data processing agreement. Mailchimp may also processes your data in the USA. The EU Commission has issued an adequacy decision for the USA. Zendesk, Inc. is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Mailchimp in order to oblige Intuit Inc. to an appropriate level of data protection. You can view a copy of the standard data protection clauses from Mailchimp at https://mailchimp.com/de/legal/data-processing-addendum/#2._Rollen_und_Verantwortlichkeiten. Further information can be found in the data protection provisions of Intuit Inc. at: https://www.intuit.com/privacy/statement/

Blacklist

In the event of deregistration through the exercise of the revocation of the consent declaration or through the exercise of the right to withdraw in the case of existing customer advertising, we process your data, especially your email address, to ensure that you do not receive any further newsletters from us. For this purpose, we add your email address to a so-called “blocklist”, which prevents you from receiving any further newsletters from us. The legal basis for data processing is Article 6(1) sentence 1(c) GDPR, to comply with our obligations to provide evidence; otherwise, Article 6(1) sentence 1(f) GDPR. In this case, our legitimate interests consist of fulfilling our legal obligations to reliably cease delivering newsletters to you.

You have the right to object to the processing. Your right to object exists for reasons arising from your particular situation. You can submit your objection to us using the contact details provided in the “Controller” section. 

We will also process the aforementioned data for the establishment, exercise or defence of legal claims. The legal basis for this processing is Art. 6(1) Sentence 1(c) GDPR and Art. 6(1) Sentence 1(f) GDPR. In these cases, we have a legitimate interest in the assertion or defence of claims.

You have the right to object to the processing. Your right to object exists for reasons arising from your particular situation. You can submit your objection to us using the contact details provided in the “Controller” section. 

Hosting

We use external hosting services provided by Amazon Web Services, Inc. (410 Terry Avenue North, Seattle, WA 98109-5210, U.S.A.; hereinafter referred to as „AWS“ and „Amazon“), which serve to provide the following services: Infrastructure and platform services, computing capacity, storage resources and database services, security and technical maintenance services. For these purposes, all data, including the access data mentioned under the section "Use of our website" is processed, which is necessary for the operation and use of our website. The legal basis for processing is Article 6(1) sentence 1 (f) of the General Data Protection Regulation (GDPR). The use of hosting services serves our legitimate interests in efficiently and securely providing our web offering. Amazon also processes your data in the USA.  The EU Commission has issued an adequacy decision for the USA. Amazon Web Service, Inc. is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Amazon Web Services, Inc., in order to oblige Amazon Web Services, Inc. to an appropriate level of data protection. You can obtain a copy of the standard contractual clauses by sending a request to https://www.amazon.de/hz/contact-us. Further information, in particular on the storage period, can be found at: https://aws.amazon.com/de/privacy/.

You have the right to object to the processing. Your right to object exists for reasons arising from your particular situation. You can submit your objection to us using the contact details provided in the “Controller” section. 

Content Delivery Network

Cloudflare

In addition, we use the services of the content delivery network (hereinafter referred to as “CDN”) of Cloudflare (Cloudflare Germany GmbH, Rosental 7, 80331 München and Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA; hereinafter referred to as „Cloudflare“) on our website for the purpose of allowing our website to be displayed more quickly. When you visit the website, the CDN caches a library on your device in order to avoid reloading the content. During this process, your IP address is transmitted to the provider in the US. Cloudflare processes your data in the US. The EU Commission has issued an adequacy decision for the USA. Cloudflare, Inc. is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Cloudflare, Inc., in order to oblige Cloudflare, Inc. to an appropriate level of data protection. You can view a copy of the standard data protection clauses at https://www.cloudflare.com/cloudflare-customer-dpa/. The legal basis for the processing is Art. 6(1) Sentence 1(f) GDPR. By using Cloudflare, we are pursuing our legitimate interest in faster website retrieval as well as a more effective and improved presentation of our website. For further information about the protection of your data and how long Cloudflare stores your data, please refer to: https://www.cloudflare.com/de-de/privacypolicy/

You may object to the processing, insofar as it is based on Art. 6(1) Sentence 1(f) GDPR. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller”. 

CRM-Plattform Pipedrive

We use the CRM platform Pipedrive (Pipedrive OÜ, Mustamäe tee 3a, 10615 Tallinn, Estland; hereinafter referred to as „Pipedrive“) to manage our website and our customer relationships and to integrate forms on our website. In particular, the data you provide when contacting our company and the access data mentioned in section 1 are processed within the CRM system. Further information on the data collected from you can be found in the respective sections. This data is automatically collated by Pipedrive and managed as part of user profiles. In this process, information about the type of contact and respective interests is also stored. The processing is carried out for the purpose of operating our website and coordinating our customer relationships. The legal basis for processing is Article 6(1) sentence 1(f) of the General Data Protection Regulation (GDPR). Our legitimate interests lie in the effective operation of our website and the optimization of our customer management. We delete the data collected in this context when processing is no longer necessary – usually two years after the termination of communication or interaction – or we may restrict processing to comply with existing legally mandated retention obligations. For further information about the protection of your data and how long Pipedrive stores your data, please refer to: https://support.pipedrive.com/de/article/pipedrive-and-gdpr.

You have the right to object to the processing. Your right to object exists for reasons arising from your particular situation. You can submit your objection to us using the contact details provided in the “Controller” section. 

Integration of third-party content

Google reCAPTCHA 

We use Google reCAPTCHA on our website. This service is provided by Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, US; hereinafter referred to as “Google” and “reCAPTCHA”). reCAPTCHA is used to check whether data entered on the website (e.g. in a contact form) is provided by a person or by an automated program. To do this, reCAPTCHA analyses various aspects of the way in which the visitor to the website behaves. This analysis starts automatically as soon as the user accesses the website. For the purpose of this analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. Google also processes your personal data in the US. The EU Commission has issued an adequacy decision for the USA. Google, LLC is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Google, LLC in order to oblige Google, LLC to an appropriate level of data protection. A copy is of course available at https://cloud.google.com/terms/sccs. We have a legitimate interest in protecting our website from abusive automated spying and unsolicited email advertising (spam). For more information about reCAPTCHA and how long the data is stored, please refer to Google’s privacy statement: https://policies.google.com/privacy.  

You may object to the processing, insofar as it is based on Art. 6(1) Sentence 1(f) GDPR. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller”. 

YouTube-Videos

Our website uses plug-ins from the video platform YouTube.de or YouTube.com, a service provided by YouTube LLC (head office at 901 Cherry Avenue, San Bruno, CA 94066, USA; hereinafter referred to as „YouTube“), for which Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland und Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter referred to as „Google“) is the controller within the meaning of data protection law. We use this processing of data by the plug-ins to pursue the purpose of integrating visual content (videos) on the website that we have published on YouTube.de or YouTube.com. The videos are all embedded in “extended privacy mode”, which means that no data about you as a user will be transferred to YouTube if you do not play the videos. When videos are played on our website, YouTube receives the information that you have retrieved the corresponding page of our website. In addition, some of the data mentioned under “Using our website” is transmitted to Google. This occurs regardless of whether YouTube provides a user account that you are logged in with or whether no user account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not wish for this data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as user profiles and processes it, regardless of whether you have a Google account, for the purposes of advertising, market research and/or the demand-oriented design of its website. The legal basis for this processing is your consent under Art. 6(1) Sentence 1(a) GDPR. Google also processes the data in part in the US The EU Commission has issued an adequacy decision for the USA. Google, LLC is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Google, LLC in order to oblige Google, LLC to an appropriate level of data protection. A copy is of course available at https://cloud.google.com/terms/sccs. For more information about the purpose and scope of data processing by YouTube and how long YouTube or Google stores such data, please refer to Google’s privacy information at: https://policies.google.com/privacy.

You can withdraw your consent to the processing and transfers to third countries at any time by moving the slider in the “Details” back for the specific third-party provider in the consent tool. Please note that this will not affect the lawfulness of the processing before your withdrawal.

Vimeo

We use plugins from Vimeo, provided by Vimeo, Inc. (555 West 18th Street, New York 10011, USA; hereinafter referred to as: “Vimeo“),for embedding videos on our website. Through the processing of data by the plugins, our purpose is to integrate visual content (“videos”) that we have published on https://www.vimeo.com onto this website. When you access one of our web pages with the Vimeo plugin, a connection is established to the servers of Vimeo. Vimeo uses so-called “cookies” that are stored on your end device. During this process, information about which website you have visited is transmitted to the Vimeo server. Additionally, some of the data mentioned under the section “Use of our website” may be transmitted. This occurs regardless of whether you are logged into your Vimeo user account or whether no user account exists. If you are logged in as a member on Vimeo, Vimeo associates this information with your personal user account. When using the plugin, such as playing a video by activating the play button, this information is also linked to your user account. Vimeo stores your data as user profiles and processes them, irrespective of the existence of a user account on Vimeo, for advertising, market research, and/or the personalized design of websites. With regard to the storage of and access to information on your end device, your consent is the legal basis according to Article 6(1) sentence 1(a) of the General Data Protection Regulation (GDPR). Vimeo also processes your data in the USA. The EU Commission has issued an adequacy decision for the USA. Vimeo, Inc. is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Vimeo, Inc., in order to oblige Vimeo, Inc. to an appropriate level of data protection.. A copy is of course available on request  at niedermeier@db5.io. For further information about the protection of your data and how long Vimeo stores your data, please refer to https://vimeo.com/privacy.

You can withdraw your consent to the processing and transfers to third countries at any time by moving the slider in the “Details” back for the specific third-party provider in the consent tool. Please note that this will not affect the lawfulness of the processing before your withdrawal.

Services for statistical, analysis and marketing purposes 

We use services from third parties for statistical, analysis and marketing purposes. This enables us to offer you a user-friendly, optimised experience when visiting the website. The third-party providers use cookies, pixels, browser fingerprinting or other tracking technologies to control their services. In the following, we inform you about the services from external providers currently in use on our website, about the related processing in each case, and about how you can withdraw your consent.

Google Analytics 4

In order to tailor our website perfectly to user interests, we use Google Analytics, a web analytics service from Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland and Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter referred to as “Google” and “Google Analytics 4“). Google Analytics 4 uses so-called "cookies" that are stored on your end device for recognition, as well as similar tracking methods for device recognition such as pixel tags, device fingerprinting, and programming interfaces (e.g., APIs and SDKs) to process information from your end device. For this purpose, a randomly generated identification number (cookie ID/device ID) is assigned to your end device.

Using these technologies, Google processes the generated information about the use of our website by your end device, as well as access data, for the purpose of statistical analysis. This includes, for example, the access to specific web pages, the number of unique visitors, entry and exit pages, duration of visit, click, swipe, and scroll behavior, button clicks, newsletter sign-ups, bounce rate, and similar user interactions. For this purpose, it may also be determined whether different end devices belong to you or your household. Access data includes, in particular, the IP address, browser and device information, cookie ID/device ID, the previously visited website, and the date and time of the server request.

In the systems of Google Analytics 4, individual IP addresses are not logged or stored. At the moment of capturing the IP address by Google in specific local data centers in the EU, your IP address is used to determine location information. Subsequently, the IP address is deleted before the access data is stored in a data center or on a server for Google Analytics. Google Analytics 4 does not provide precise data on the geographic location; rather, it only offers general location information such as the region and city of the device's location derived from the IP address. Google will process this information to evaluate your use of the website, compile reports on website activities, and – if specifically indicated – provide us with additional services related to website usage. If you are registered with a Google service, Google may associate the website visit with your user account and create and analyze user profiles across applications.

In addition, there is a cross-platform analysis of user behavior on websites and apps utilizing Google Analytics 4 technologies. This allows the user behavior to be captured, measured, and compared across different environments equally. For instance, automated scroll events of the user are recorded to provide a better understanding of the use of websites and apps. Various cookie IDs/device IDs for different end devices are used for this purpose. Subsequently, anonymized statistics, created based on selected criteria, are provided to us regarding the usage of different platforms.

Using Google Analytics 4, automatically, target audiences are created for specific cookie IDs/device IDs or mobile advertising IDs, which are later used for personalized advertising. Target audience criteria may include, for example: users who viewed products but did not add them to a shopping cart, or added items to a cart but did not complete the purchase, OR users who have purchased specific items. A target audience comprises at least 100 users. With the Google Ads tool, interest-based ads can then be displayed in search results. Similarly, users of websites on other sites within the Google advertising network (in Google Search, on YouTube, so-called “Google Ads” or on other websites) can be recognized, and tailored ads can be presented based on the defined target audience criteria..

With regard to the storage of and access to information on your end device, your consent is the legal basis according to Article 6(1) sentence 1 (a) of the General Data Protection Regulation (GDPR). Google also processes the data in part in the US. The EU Commission has issued an adequacy decision for the USA. Google, LLC is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Google, LLC in order to oblige Google, LLC to an appropriate level of data protection. A copy is of course available at https://cloud.google.com/terms/sccs. Your data processed in connection with Google Analytics 4 will be erased after 26 months at the latest. For further information about privacy at Google, please refer to: http://www.google.de/intl/de/policies/privacy.

You can withdraw your consent to the processing and transfers to third countries at any time by moving the slider in the “Details” back for the specific third-party provider in the consent tool. Please note that this will not affect the lawfulness of the processing before your withdrawal.

Google Ads Remarketing

We use the Google Ads tool with the “Dynamic Remarketing” function from Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, and Google, LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google” and “Google Ads”). With the “Dynamic Remarketing” function, we can recognize users of our website on other sites within the Google advertising network (in Google Search, on YouTube, so-called “Google Ads”, or on other websites) and present them with tailored advertisements based on their interests. The advertisements may also relate to products and services that you have already viewed on our website. For this purpose, user interactions on our website are analyzed, such as the offers the user has shown interest in, to display targeted advertising to users on other sites even after they have visited our website. When you visit our website, a cookie is stored on your end device by Google Ads. Using the cookies, Google processes information generated by your end device about the use and interactions with our website, as well as the data mentioned in the “Use of our website” section, especially your IP address, browser information, the previously visited website, and the date and time of the server request, for the purpose of displaying personalized advertisements. For this purpose, it can also be determined whether different end devices belong to you or your household. If users are registered with a Google service, Google can associate the visit with the user account and create and analyze user profiles across applications. With regard to the storage of and access to information on your end device, your consent is the legal basis according to Article 6(1) sentence 1 (a) of the General Data Protection Regulation (GDPR). Google also processes the data in part in the US. The EU Commission has issued an adequacy decision for the USA. Google, LLC is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Google, LLC in order to oblige Google, LLC to an appropriate level of data protection. A copy is of course available at: https://cloud.google.com/terms/sccs. The maximum storage period with Google is 24 month. For further information about the protection of your data and how long Google stores your data, please refer to: https://policies.google.com/privacy.

You can withdraw your consent to the processing and transfers to third countries at any time by moving the slider in the “Details” back for the specific third-party provider in the consent tool. Please note that this will not affect the lawfulness of the processing before your withdrawal.

Google Ads Conversion

We use Google Ads, which is a service provided by Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland and Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter referred to as “Google” and “Google Ads”), in order to use ads (formerly known as “Google AdWords”) to draw attention to our attractive services on external websites. . In relation to the data of the advertising campaigns, we can determine how successful the individual advertising activities are. These ads are delivered by Google via so-called ad servers. For this purpose, we use ad server cookies, which can be used to measure certain parameters for reach measurement, such as the display of ads or clicks by users. . If you reach our website via a Google ad, Google Ads stores a cookie on your device. Google uses the cookies to process the information generated by your device about interactions with our ads (retrieval of a particular web page or clicking on an ad), and the data mentioned under “Using our website” – in particular the IP address, browser information, the website visited before and the date and time of the server request – for the purpose of analysing and visualising the reach measurement of our ads. For this purpose, it is also possible to determine whether different devices belong to you or to your household. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will obtain and process your IP address. We only receive statistical analyses from Google for the purpose of measuring the success of our ads. The legal basis of this processing is your consent under Art. 6(1) Sentence 1(a) GDPR. Google also processes the data in part in the US. The EU Commission has issued an adequacy decision for the USA. Google, LLC is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Google, LLC in order to oblige Google, LLC to an appropriate level of data protection. A copy is of course available at: https://cloud.google.com/terms/sccs. The maximum storage period with Google is 14 month. For further information about the protection of your data and how long Google stores your data, please refer to: https://policies.google.com/privacy.

You can withdraw your consent to the processing and transfers to third countries at any time by moving the slider in the “Details” back for the specific third-party provider in the consent tool. Please note that this will not affect the lawfulness of the processing before your withdrawal.

Google AdSense

We also use the online marketing tool AdSense from Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland and Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter referred to as „Google” and „AdSense ”) on the website. AdSense uses cookies to manage advertising materials in order to display relevant ads to users, improve campaign performance reports, or prevent users from seeing the same ads multiple times. Using cookies (refer to the "Cookies" section above), Google captures information about which ads are displayed in which browser, thus preventing them from being shown repeatedly. Through the use of cookies, Google processes information generated by your end device regarding the use and interactions with our website, as well as the data mentioned in the "Use of our website" section, including your IP address, browser information, the previously visited website, and the date and time of the server request, for the purpose of displaying personalized advertisements. This allows Google and its partner sites to display ads based on the user's previous website visits. Additionally, AdSense can capture so-called conversions through cookies, which are related to ad requests. For example, if a user views an AdSense ad and later accesses the advertiser's website with the same browser and makes a purchase. By integrating AdSense, Google receives information that you have accessed the relevant part of our website or clicked on an ad from us. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or not logged in, it is possible that the provider may obtain and store your IP address. The legal basis of this processing is your consent under Art. 6(1) Sentence 1(a) GDPR. Google also processes the data in part in the US. The EU Commission has issued an adequacy decision for the USA. Google, LLC is certified within this framework. In addition, we have concluded so-called standard contractual clauses with Google, LLC in order to oblige Google, LLC to an appropriate level of data protection. A copy is of course available at: https://cloud.google.com/terms/sccs. The maximum storage period with Google is 24 month. For further information about the protection of your data and how long Google stores your data, please refer to: https://policies.google.com/privacy.

You can withdraw your consent to the processing and transfers to third countries at any time by moving the slider in the “Details” back for the specific third-party provider in the consent tool. Please note that this will not affect the lawfulness of the processing before your withdrawal.

Cookie Consent