We have written this privacy statement (version 25/02/2021-311265935) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679, what information we collect, how we use data and what choices you have as a visitor to this website.
Privacy statements usually sound very technical. This version, however, is intended to describe the most important things to you as simply and clearly as possible. As far as possible, technical terms are explained in a reader-friendly way. We also want to convey that we only collect and use information with this website if there is a corresponding legal basis. This is certainly not possible by providing the most concise, technical explanations possible, as is often standard practice on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is one or two pieces of information you did not know.
If you still have questions, we would like to ask you to follow the existing links and look at further information on third party sites, or simply write us an e-mail. You will find our contact details in the imprint.
When you visit websites nowadays, certain information is automatically generated and stored, including on this website. This collected data should be collected as sparingly as possible and only with justification. By website, by the way, we mean the entirety of all web pages on your domain, i.e. everything from the home page (homepage) to the very last subpage (like this one). By domain, we mean, for example, example.de or example.com.
Even while you are visiting our website right now, our web server - that is the computer on which this website is stored - usually automatically saves data such as the following for reasons of operational security, to compile access statistics etc.
the complete Internet address (URL) of the website accessed (e.g. https://www.beispielwebsite.de/beispielunterseite.html/)
browser and browser version (e.g. Chrome 87)
the operating system used (e.g. Windows 10)
the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
the host name and IP address of the device being accessed (e.g. COMPUTERNAME and 188.8.131.52)
the date and time
in files called web server log files.
To illustrate: As a rule, these files are stored for a fortnight and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of unlawful behaviour. In short, your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not pass on your data!
Our website uses HTTP cookies to store user-specific data.
What exactly are cookies?
Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default setting. In some browsers each cookie has its own file, in others such as Firefox all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie is to be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programmes and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC.
For example, cookie data may look like this
Expiration time: 2 years
Usage: Differentiation of website visitors
Example value: GA1.2.1326744211.152311265935
A browser should support the following minimum sizes:
A cookie should be able to contain at least 4096 bytes
It should be possible to store at least 50 cookies per domain
A total of at least 3000 cookies should be able to be stored
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
We can distinguish between 4 types of cookies:
Absolutely necessary cookies.
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user places a product in the shopping basket, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart even if the user closes his browser window.
These cookies collect information about user behaviour and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behaviour of the website with different browsers.
These cookies provide a better user experience. For example, locations entered, font sizes or form data are saved.
These cookies are also called targeting cookies. They are used to provide the user with individually adapted advertising. This can be very practical, but also very annoying.
Usually, when you first visit a website, you are asked which of these types of cookies you would like to allow. And of course, this decision is also stored in a cookie.
How can I delete cookies?
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, activate and manage cookies in Chrome.
Safari: Manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete and manage cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. The best thing to do is to search for the instructions in Google using the search term "Delete Cookies Chrome" or "Disable Cookies Chrome" in the case of a Chrome browser or replace the word "Chrome" with the name of your browser, e.g. Edge, Firefox, Safari.
What about my data protection?
The so-called "Cookie Guidelines" have been in place since 2009. These state that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these directives. In Germany, the Cookie Directives have not been implemented as national law. Instead, this directive was largely implemented in § 15 para.3 of the German Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
Storage of personal data
Personal data that you provide to us electronically on this website, such as your name, e-mail address, address or other personal details when submitting a form or commenting on the blog, together with the time and IP address, will only be used by us for the stated purpose, kept secure and not passed on to third parties.
We therefore only use your personal data to communicate with those visitors who expressly request contact and to process the services and products offered on this website. We do not disclose your personal data without your consent, but we cannot rule out the possibility that this data may be accessed in the event of unlawful conduct.
If you send us personal data by e-mail - thus away from this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data by e-mail without encryption.
According to Article 6(1)(a) DSGVO (lawfulness of processing), the legal basis is that you give us consent to process the data you have entered. You can revoke this consent at any time - an informal email is sufficient, you will find our contact details in the imprint.
Rights according to the General Data Protection Regulation
According to the provisions of the DSGVO, you are generally entitled to the following rights:
Right to rectification (Article 16 DSGVO)
Right to erasure ("right to be forgotten") (Article 17 DSGVO)
Right to restriction of processing (Article 18 GDPR)
Right to notification - obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR).
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR).
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
Evaluation of visitor behaviour
In the following data protection declaration, we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is generally anonymous and we cannot draw any conclusions about your person from your behaviour on this website.
You can find out more about how to object to this analysis of your visit data in the following data protection declaration.
TLS encryption with https
TLS, encryption and https sound very technical and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transfer data tap-proof on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured - no one can "listen in".
We have thus introduced an additional layer of security and fulfil data protection by design of technology Article 25(1) DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognise the use of this data transmission protection by the small lock symbol at the top left of the browser to the left of the Internet address (e.g. beispielseite.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you would like to know more about encryption, we recommend a Google search for "Hypertext Transfer Protocol Secure wiki" to find good links to further information.
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge.
Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licences.
Google Fonts allows us to use fonts on our own website, without having to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google Fonts are automatically optimised for the web and this saves data volume and is a great advantage especially for use with mobile devices. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes distort the appearance of texts or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We therefore use Google Fonts so that we can present our entire online service as beautifully and consistently as possible.
When you visit our website, the fonts are reloaded via a Google server. This external call-up transmits data to the Google servers. In this way, Google also recognises that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. By the way, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector. Google Fonts stores CSS and font requests securely at Google and is thus protected. Through the collected usage figures, Google can determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. In addition, Google also uses data from its own web crawler to determine which websites use Google Fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to be able to examine and move large amounts of data. It should be noted, however, that each Google Font request also automatically transmits information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google.
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This allows us to use fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to easily and quickly change the design or font of a website, for example.
The font files are stored by Google for one year. Google's aim is to fundamentally improve the loading time of websites. If millions of web pages refer to the same fonts, they are cached after the first visit and immediately reappear on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.
How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. In order to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=311265935. In this case, you can only prevent data storage if you do not visit our site. Unlike other web fonts, Google allows us unlimited access to all fonts. We can therefore have unlimited access to a sea of fonts and thus get the most out of our website. You can find out more about Google Fonts and other issues at https://developers.google.com/fonts/faq?tid=311265935. There, Google does go into privacy-related matters, but really detailed information about data storage is not included. It is relatively difficult to get really precise information from Google about stored data.
You can also find out what data Google basically collects and what it is used for at https://www.google.com/intl/de/policies/privacy/.
On our website we use Google Fonts from the company Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. We have integrated the Google Fonts locally, i.e. on our web server - not on Google's servers. As a result, there is no connection to Google servers and thus no data transfer or storage.
We use Google Analytics to analyse website usage. The data obtained from this is used to optimise our website and advertising measures.
Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes website usage data on our behalf and is contractually committed to measures to ensure the security and confidentiality of the data processed.
During your website visit, the following data, among others, is recorded:
No personal data such as name, address or contact details are ever transferred to Google Analytics.
This data is transferred to Google servers in the USA. We would like to point out that the same level of protection under data protection law cannot be guaranteed in the USA as within the EU. Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognised on future website visits.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.
If you do not agree with the collection, you can prevent it by installing the browser add-on to deactivate Google Analytics once or by rejecting the cookies via our cookie settings dialogue.