Privacy Policy
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the section “Note on the Responsible Party” in this privacy policy.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This could, for example, be data that you enter into a contact form.
Other data is collected automatically or after your consent by our IT systems when you visit the website. This is mainly technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other inquiries.
What rights do you have regarding your data?
You have the right at any time to obtain information free of charge about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
If you have any questions about data protection, you can contact us at any time.
2. Hosting
We host the content of our website with the following provider:
All-Inkl
The provider is ALL-INKL.COM - Neue Medien Münnich, Owner: René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter referred to as All-Inkl). For details, please refer to All-Inkl’s privacy policy: https://all-inkl.com/datenschutzinformationen/.
The use of All-Inkl is based on Art. 6 (1) (f) GDPR. We have a legitimate interest in the most reliable presentation of our website possible. If the appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TDDDG. Consent can be revoked at any time.
Order Processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that this provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
3. General Information and Mandatory Disclosures
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
We would like to point out that data transmission over the Internet (e.g., when communicating by email) can have security gaps. Complete protection of the data from access by third parties is not possible.
Note on the Responsible Party
The responsible party for data processing on this website is:
Anja Lehmann
c/o COCENTER
Koppoldstr. 1
86551 Aichach
Phone: +49 1520 4522320
Email: hallo@kreativstattmuskelprotz.com
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Storage Duration
Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion will take place after these reasons cease to apply.
General Information on the Legal Bases for Data Processing on This Website
If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed according to Art. 9(1) GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is also based on § 25(1) TDDDG. Consent can be revoked at any time. If your data is required for the fulfillment of a contract or for pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we process your data if this is necessary to fulfill a legal obligation on the basis of Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interest according to Art. 6(1)(f) GDPR. The specific legal bases applicable in each individual case are explained in the following paragraphs of this privacy policy.
Note on Data Transfer to Countries Not Considered Safe Under Data Protection Law and on Transfers to US Companies Not Certified Under the DPF
We use, among other things, tools from companies based in countries that are not considered safe under data protection law, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). If these tools are active, your personal data may be transferred to and processed in these countries. We would like to point out that in countries not considered safe under data protection law, a level of data protection comparable to that in the EU cannot be guaranteed.
We would like to point out that the USA, as a safe third country, generally provides a level of data protection comparable to that of the EU. Data transfer to the USA is therefore permissible if the recipient is certified under the "EU-US Data Privacy Framework" (DPF) or has suitable additional safeguards. Information on transfers to third countries, including the recipients of the data, can be found in this privacy policy.
Recipients of Personal Data
In the course of our business activities, we work with various external parties. This sometimes also requires the transfer of personal data to these external parties. We only transfer personal data to external parties if this is necessary for the fulfillment of a contract, if we are legally obliged to do so (e.g., transfer of data to tax authorities), if we have a legitimate interest according to Art. 6(1)(f) GDPR in the transfer, or if another legal basis permits the data transfer. When using processors, we only transfer personal data of our customers on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.
Withdrawal of Your Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You can withdraw consent that you have already given at any time. The lawfulness of the data processing carried out up to the point of withdrawal remains unaffected by the withdrawal.
Right to Object to Data Collection in Special Cases and to Direct Advertising (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).
Right to Lodge a Complaint with the Competent Supervisory Authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.
Right to Data Portability
You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to yourself or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.
Right to Information, Rectification, and Deletion
Within the framework of the applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipients, and the purpose of the data processing and, if applicable, a right to rectification or deletion of this data. For this purpose and for any further questions regarding personal data, you can contact us at any time.
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing applies in the following cases:
- If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.
- If we no longer need your personal data, but you require it for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
- If you have objected to processing pursuant to Art. 21(1) GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data—apart from being stored—may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Objection to Promotional Emails
The use of contact data published within the framework of the legal notice obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.
4. Data Collection on This Website
Cookies
Our websites use so-called "cookies." Cookies are small data packets that do not cause any harm to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain stored on your device until you delete them yourself or your web browser deletes them automatically.
Cookies can be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping cart function or displaying videos). Other cookies may be used to analyze user behavior or for advertising purposes.
Cookies that are required to carry out the electronic communication process, to provide certain functions you desire (e.g., for the shopping cart function), or to optimize the website (e.g., cookies for measuring web audience) (necessary cookies) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. Where consent for the storage of cookies and similar recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); consent can be withdrawn at any time.
You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
You can find out which cookies and services are used on this website in this privacy policy.
This Cookie Policy was last updated on 27. June 2025 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
1. Introduction
Our website, https://kreativstattmuskelprotz.com (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Statistics cookies
We use statistics cookies to optimize the website experience for our users. With these statistics cookies we get insights in the usage of our website. We ask your permission to place statistics cookies.
5.3 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.4 Social media
On our website, we have included content from Facebook and Instagram to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like Facebook and Instagram. This content is embedded with code derived from Facebook and Instagram and places cookies. This content might store and process certain information for personalized advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymized as much as possible. Facebook and Instagram are located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on "Einstellungen speichern", you consent to us using the categories of cookies and plug-ins you selected in the pop-up, as described in this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Data Protection Authority).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Anja Lehmann
c/o COCENTER
Koppoldstr. 1
86551 Aichach
Germany
Website: https://kreativstattmuskelprotz.com
Email: hallo@ex.comkreativstattmuskelprotz.com
Phone number: 015204522320
This Cookie Policy was synchronized with cookiedatabase.org on 24. June 2025.
Server Log Files
The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website—for this purpose, the server log files must be collected.
Contact Form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested; consent can be revoked at any time.
The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions—in particular retention periods—remain unaffected.
Inquiry by Email, Telephone, or Fax
If you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of processing your request. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested; consent can be revoked at any time.
The data you send to us via contact inquiries will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions—in particular statutory retention periods—remain unaffected.
Comment Function on This Website
For the comment function on this page, in addition to your comment, information about the time the comment was created, your email address, and, if you do not post anonymously, the username you have chosen will be stored.
Storage of IP Address
Our comment function stores the IP addresses of users who post comments. Since we do not check comments on this website before they are published, we need this data in order to take action against the author in the event of legal violations such as insults or propaganda.
Subscribing to Comments
As a user of the site, you can subscribe to comments after registering. You will receive a confirmation email to verify that you are the owner of the specified email address. You can unsubscribe from this function at any time via a link in the information emails. The data entered when subscribing to comments will be deleted in this case; however, if you have provided this data to us for other purposes and elsewhere (e.g., newsletter subscription), it will remain with us.
Retention Period of Comments
The comments and the associated data are stored and remain on this website until the commented content has been completely deleted or the comments have to be deleted for legal reasons (e.g., offensive comments).
Legal Basis
The storage of comments is based on your consent (Art. 6(1)(a) GDPR). You can revoke any consent you have given at any time. An informal email notification to us is sufficient for this purpose. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.
5. Social Media
Social Media Elements with Shariff
This website uses elements from social media platforms (e.g., Facebook, X, Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually recognize the social media elements by the respective social media logos. To ensure data protection on this website, we use these elements only together with the so-called “Shariff” solution. This application prevents the social media elements integrated into this website from transmitting your personal data to the respective provider as soon as you enter the website.
Only when you activate the respective social media element by clicking the corresponding button will a direct connection to the provider’s server be established (consent). Once you activate the social media element, the respective provider receives the information that you have visited this website with your IP address. If you are simultaneously logged into your respective social media account (e.g., Facebook), the provider can assign your visit to this website to your user account.
Activating the plugin constitutes consent within the meaning of Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can revoke this consent at any time with effect for the future.
The use of the service is to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6(1)(c) GDPR.
This website integrates elements of the social network Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.
An overview of Facebook social media elements can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
When the social media element is active, a direct connection is established between your device and the Facebook server. As a result, Facebook receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the contents of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to Facebook’s privacy policy: https://de-de.facebook.com/privacy/explanation.
The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.
Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. Any processing by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. Data subject rights (e.g., requests for information) regarding data processed by Facebook can be asserted directly with Facebook. If you assert data subject rights with us, we are obliged to forward them to Facebook.
The data transfer to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381, and https://www.facebook.com/policy.php.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please refer to the provider at the following link: https://www.dataprivacyframework.gov/participant/4452.
X (formerly Twitter)
This website integrates functions of the service X (formerly Twitter). These functions are provided by the parent company X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. For data processing of individuals living outside the USA, the responsible entity is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
When the social media element is active, a direct connection is established between your device and the X server. X (formerly Twitter) thereby receives information about your visit to this website. By using X (formerly Twitter) and the “Re-Tweet” or “Repost” function, the websites you visit are linked to your X (formerly Twitter) account and made known to other users. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by X (formerly Twitter). For more information, please see the privacy policy of X (formerly Twitter): https://x.com/de/privacy.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can revoke your consent at any time.
The data transfer to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: https://gdpr.x.com/en/controller-to-controller-transfers.html.
You can change your privacy settings for X (formerly Twitter) in your account settings at https://x.com/settings/account.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please refer to the provider at the following link: https://www.dataprivacyframework.gov/participant/2710.
This website integrates functions of the Instagram service. These functions are provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information about your visit to this website.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by Instagram.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can revoke your consent at any time.
If, with the help of the tool described here, personal data is collected on our website and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook or Instagram. Any processing by Facebook or Instagram after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook or Instagram products. Data subject rights (e.g., requests for information) regarding data processed by Facebook or Instagram can be asserted directly with Facebook. If you assert data subject rights with us, we are obliged to forward them to Facebook.
The data transfer to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/, and https://de-de.facebook.com/help/566994660333381.
For more information, please see Instagram’s privacy policy: https://privacycenter.instagram.com/policy/.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please refer to the provider at the following link: https://www.dataprivacyframework.gov/participant/4452.
We use elements of the social network Pinterest on this website, operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
When you access a page that contains such an element, your browser establishes a direct connection to the servers of Pinterest. This social media element transmits log data to the Pinterest server in the USA. These log data may include your IP address, the address of the websites you visit that also contain Pinterest features, browser type and settings, date and time of the request, your use of Pinterest, and cookies.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.
For more information about the purpose, scope, further processing, and use of data by Pinterest, as well as your rights and options for protecting your privacy, please refer to Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy.
6. Analytics Tools and Advertising
WP Statistics
This website uses the analytics tool WP Statistics to statistically evaluate visitor access. The provider is Veronalabs, Tatari 64, 10134, Tallinn, Estonia (https://veronalabs.com).
WP Statistics allows us to analyze the use of our website. WP Statistics collects, among other things, log files (IP address, referrer, browsers used, origin of the user, search engine used) and actions performed by website visitors on the site (e.g., clicks and views).
The data collected with WP Statistics is stored exclusively on our own server.
The use of this analytics tool is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the anonymized analysis of user behavior in order to optimize both our web offering and our advertising. If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TDDDG. Consent can be revoked at any time.
IP Anonymization
We use WP Statistics with anonymized IP. Your IP address is shortened so that it can no longer be directly assigned to you.
7. Newsletter
Newsletter Data
If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the provided email address and that you agree to receive the newsletter. No further data is collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered into the newsletter registration form is based exclusively on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of data, the email address, and its use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The lawfulness of data processing operations already carried out remains unaffected by the revocation.
The data you provide to us for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe or once the purpose has ceased. We reserve the right to delete or block email addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6(1)(f) GDPR.
Data stored by us for other purposes remains unaffected by this.
After you have unsubscribed from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist, if necessary, to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be combined with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). Storage in the blacklist is not time-limited. You may object to the storage if your interests outweigh our legitimate interest.
8. Plugins and Tools
YouTube with Enhanced Privacy Mode
This website embeds videos from the YouTube website. The operator of the website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our pages on which YouTube is embedded, a connection to the YouTube servers is established. In doing so, the YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube in enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used to personalize browsing on YouTube. Ads shown in enhanced privacy mode are also not personalized. In enhanced privacy mode, no cookies are set. However, so-called local storage elements are stored in the user's browser, which, similar to cookies, may contain personal data and can be used for recognition purposes. Details about enhanced privacy mode can be found here: https://support.google.com/youtube/answer/171780.
After activating a YouTube video, further data processing operations may be triggered, over which we have no influence.
The use of YouTube is in the interest of providing an attractive presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TDDDG. Consent can be revoked at any time.
Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please refer to the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
Google Fonts (Local Hosting)
This site uses so-called Google Fonts, provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. No connection to Google servers is established in this process.
For more information about Google Fonts, please see https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=en.
WP Image CAPTCHA
We use the "Contact Form 7 Image CAPTCHA" plugin on our website to protect our contact forms from spam and abuse. In the course of using this plugin, we collect and process personal data.
This CAPTCHA is used to check whether data entry on this website (e.g., in a contact form) is performed by a human or by an automated program. To do this, the CAPTCHA analyzes the website visitor’s behavior based on various characteristics.
This analysis begins automatically as soon as the website visitor enters a website with CAPTCHA enabled. CAPTCHA evaluates various information for analysis (e.g., IP address, the length of time the visitor spends on the website, or mouse movements made by the user). If CAPTCHA is used in "invisible mode," the analyses run entirely in the background. Website visitors are not informed that analysis is taking place.
The storage and analysis of the data are based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TDDDG. Consent can be revoked at any time.
Data processing is based on standard contractual clauses, which are included in the data processing addendum to IMI’s General Terms and Conditions or in the data processing agreements.
Purpose of Data Processing
The processing of this data is carried out to ensure the security of our website and to prevent unwanted spam messages. The use of CAPTCHA thus serves to protect our system and your data.
Legal Basis
The processing of your personal data is based on our legitimate interest in protecting our website from misuse (Art. 6(1)(f) GDPR).
Data Disclosure
Your data will not be shared with third parties unless required by law or necessary to enforce our rights.
Data Retention
The collected data will only be stored for as long as is necessary to achieve the above-mentioned purposes or as long as statutory retention obligations exist.
Your Rights
You have the right to request information about the personal data we process about you, to correct inaccurate data, to request the deletion of your data, and to request the restriction of processing. In addition, you have the right to object to the processing of your data.
Further information can be found at: wordpress.org/plugins/contact-form-7-image-captcha.Wordfence
We have integrated Wordfence on this website. The provider is Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter "Wordfence").
Wordfence is used to protect our website from unwanted access or malicious cyberattacks. For this purpose, our website establishes a permanent connection to Wordfence's servers so that Wordfence can compare its databases with the accesses made on our website and block them if necessary.
The use of Wordfence is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most effective protection possible of its website against cyberattacks. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) as defined by the TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.[2][8]
Data Processing Agreement
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that this service processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
Source: https://www.e-recht24.de