Data Protection Policy

Data Protection Policy

Unless stated otherwise below, providing your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it will have no consequences. This applies only to the extent that no other information is provided for the following processing operations.
Personal data” refers to any information relating to an identified or identifiable natural person

Server log files

You can visit our website without providing any personal information.
Each time you access our website, usage data is transmitted to us or our web host/IT service provider by your internet browser and stored in log files (so-called server log files). This stored data includes, for example, the name of the accessed page, the date and time of access, the IP address, the amount of data transmitted, and the requesting provider.
Processing is carried out based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in ensuring the uninterrupted operation of our website and improving our services.

Your data may be transmitted to third countries outside the European Union, for which an adequacy decision by the EU Commission is in place.

Contact

Controller

Contact us upon request. The controller for data processing is: Peter Hirschfeld, Knochenhauerstr. 11, 28195 Bremen, Germany, +49 (0)421 43603078, info@hmcomponents.com

Initiative contact by the customer via email

If you contact us via email on an initiative basis, we collect your personal data (name, email address, message text) only to the extent you provide. The data processing serves the purpose of handling and responding to your contact request.
If the contact is for the purpose of pre-contractual measures (e.g., consultation for purchase interest, preparing an offer) or concerns a contract already concluded between you and us, this data processing is based on Article 6(1)(b) GDPR.
If the contact is for other reasons, the data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in handling and responding to your inquiry. In this case, you have the right to object at any time to the processing of your personal data based on Article 6(1)(f) GDPR for reasons arising from your particular situation.
We use your email address only to process your request. Your data will be deleted after processing, taking into account legal retention periods, unless you have consented to further processing and use.

Collection and Processing When Using the Contact Form

When using the contact form, we collect your personal data (name, email address, message text) only to the extent you provide it. The data processing serves the purpose of getting in touch with you.
If the contact is related to the implementation of pre-contractual measures (e.g., consultation in case of purchase interest, preparing an offer) or pertains to an existing contract between you and us, this data processing is based on Art. 6 (1) (b) of the GDPR.
If the contact is for other reasons, the data processing is based on Art. 6 (1) (f) of the GDPR, due to our overriding legitimate interest in processing and responding to your inquiry In this case, you have the right to object at any time to the processing of your personal data based on Art. 6 (1) (f) of the GDPR, for reasons related to your particular situation.
We use your email address only to process your inquiry. Your data will then be deleted in accordance with legal retention periods, unless you have consented to further processing and use.

Orders

Collection, Processing, and Disclosure of Personal Data in Orders

When placing an order, we collect and process your personal data only to the extent necessary to fulfill and process your order as well as to handle your inquiries. Providing this data is required for the conclusion of the contract. Failure to provide the data will result in the inability to conclude the contract. The processing is based on Art. 6 (1) (b) of the GDPR and is necessary for the performance of a contract with you.
Your data may be disclosed, for example, to the shipping companies and dropshipping providers you have chosen, payment service providers, order processing service providers, and IT service providers. In all cases, we strictly adhere to legal requirements. The scope of data transfer is limited to the minimum necessary.

Your data may be transferred to third countries outside the European Union for which an adequacy decision by the EU Commission is in place.

Reviews and Advertising

Data Collection When Writing a Comment or Review

When commenting on or reviewing an article or post, we collect your personal data (name, email address, comment text) only to the extent you provide it. The processing serves the purpose of enabling comments/reviews and displaying them.

By submitting the comment/review, you consent to the processing of the transmitted data. The processing is based on Art. 6 (1) (a) of the GDPR with your consent. You may withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on the consent until the withdrawal. Your personal data will then be deleted.

When your comment/review is published, only the name you provided will be displayed.

In addition, when submitting a comment/review, your IP address is stored for the purpose of preventing misuse of the comment or review function and ensuring the security of our IT systems. By submitting the comment/review, you consent to the processing of the transmitted data. The processing is based on Art. 6 (1) (a) of the GDPR with your consent. You may withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on the consent until the withdrawal. Your IP address will then be deleted.

Use of Your Personal Data for Sending Postal Advertising

We use your personal data (name, address), which we have received in the course of selling goods or services, to send you postal advertising, unless you have objected to this use. Providing this data is necessary for the conclusion of the contract. Failure to provide it will result in the inability to conclude the contract. The processing is based on Art. 6 (1) (f) of the GDPR, due to our overriding legitimate interest in direct marketing. You can object to the use of your address data for this purpose at any time by notifying us. You can find the contact details for exercising your right to object in the imprint.

Verwendung der E-Mail-Adresse für die Zusendung von Newslettern

We use your email address exclusively for our own advertising purposes related to newsletter distribution, provided you have expressly consented to this. The processing is based on Art. 6 (1) (a) of the GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of the processing based on the consent until the withdrawal. You can unsubscribe from the newsletter at any time using the appropriate link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.

Use of the Email Address for Sending Direct Advertising

We use your email address, which we obtained in the course of selling goods or services, to send electronic advertisements for our own goods or services that are similar to those you have already purchased from us, unless you have objected to this use. Providing the email address is necessary for the conclusion of the contract. Failure to provide it will result in the inability to conclude the contract. The processing is based on Art. 6 (1) (f) of the GDPR due to our overriding legitimate interest in direct marketing. You can object to the use of your email address for this purpose at any time by notifying us. You can find the contact details for exercising your right to object in the imprint. You can also use the designated link in the promotional email for this purpose. This will incur no costs other than the transmission costs according to basic rates.

Use of CleverReach

We use the services of CleverReach GmbH Co. KG (Schafjückenweg 2, 26180 Rastede; “CleverReach”) for sending newsletters as part of a data processing agreement.
We pass on the information you provide during newsletter registration (email address, and possibly first and last name) to CleverReach. The data processing serves the purpose of sending newsletters and performing statistical evaluations.
To evaluate newsletter campaigns, the sent newsletters contain a 1×1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine if you have opened the newsletter and if you have clicked on any integrated links. Through conversion tracking, we can analyze whether a purchase was made after clicking a link in the newsletter or if you registered on our website. In this context, we collect your personal data such as IP address, browser type and device, as well as the time. Usage profiles can be created from this data under a pseudonym. The collected data is not used to personally identify you. The data is used solely for statistical evaluation to improve newsletter campaigns.
The processing of your personal data is based on Art. 6 (1) (f) of the GDPR due to our overriding legitimate interest in a targeted, effective, and user-friendly newsletter system.
You have the right to object to this processing of your personal data at any time for reasons related to your particular situation.
For more information and the privacy policy of CleverReach, please visit:
CleverReach Privacy Policy and CleverReach Newsletter Reporting.

Shipping Service Providers

Disclosure of the Email Address to Shipping Companies for Information on Shipping Status

We will share your email address with the shipping company as part of the contract processing, provided you have explicitly consented to this during the ordering process. The disclosure is for the purpose of informing you via email about the shipping status. The processing is based on Art. 6 (1) (a) of the GDPR with your consent. You can withdraw your consent at any time by notifying us or the shipping company, without affecting the lawfulness of the processing carried out based on the consent until the withdrawal.

Payment Service Providers

Use of PayPal

We use the payment service PayPal from PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”) on our website. The data processing serves the purpose of offering you the option to pay via this payment service. When you select and use PayPal for payment, the data required to process the payment is transmitted to PayPal to fulfill the contract with you using the chosen payment method. This processing is based on Art. 6 (1) (b) of the GDPR.

All PayPal transactions are subject to PayPal’s privacy policy, which can be found at PayPal Privacy Policy.

Use of PayPal Plus

We use the payment service PayPal Plus from PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”) on our website. The data processing serves the purpose of offering you the option to pay via this payment service. When you choose and use payment methods such as PayPal, credit card via PayPal, or direct debit via PayPal, the data required to process the payment is transmitted to PayPal to fulfill the contract with you using the selected payment method. This processing is based on Art. 6 (1) (b) of the GDPR.
For certain payment methods, such as credit card via PayPal or direct debit via PayPal, PayPal reserves the right to obtain a credit check based on mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the obtained information about the statistical likelihood of payment default to make a balanced decision about the establishment, execution, or termination of the contractual relationship. The credit check may include probability values (score values) calculated using scientifically recognized mathematical-statistical methods, and address data may be part of these calculations. Your legitimate interests will be considered in accordance with legal requirements. The data processing serves the purpose of credit assessment for contract initiation. The processing is based on Art. 6 (1) (f) of the GDPR due to our overriding legitimate interest in protecting against payment default when PayPal makes advance payments.
You have the right, for reasons related to your particular situation, to object at any time to this processing of your personal data based on Art. 6 (1) (f) of the GDPR by notifying PayPal. Providing the data is necessary for concluding the contract with the payment method you have chosen. Failure to provide the data will result in the contract not being concluded with the payment method of your choice.

Use of PayPal Express

We use the PayPal Express payment service from PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”) on our website. The data processing serves the purpose of offering you the option to pay via PayPal Express. To integrate this payment service, it is necessary for PayPal to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies may also be used for this purpose. The cookies allow for the recognition of your browser.
The processing of your personal data is based on Art. 6 (1) (f) of the GDPR due to our overriding legitimate interest in providing a customer-oriented range of payment options. You have the right, for reasons related to your particular situation, to object at any time to the processing of your personal data.
When selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal to fulfill the contract with you using the chosen payment method. This processing is based on Art. 6 (1) (b) of the GDPR. For more information on data processing when using the PayPal Express payment service, please refer to the corresponding privacy policy at PayPal Privacy Policy.

Use of the Payment Service Provider Stripe

We use the payment service Stripe from Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, on our website. The data processing serves the purpose of offering you the option to pay via this payment service. When you select and use Stripe, the data required for payment processing is transmitted to Stripe to fulfill the contract with you using the chosen payment method. This processing is based on Art. 6 (1) (b) of the GDPR.
Stripe reserves the right to obtain a credit report based on mathematical-statistical methods using credit agencies. To do this, Stripe transmits the personal data required for a credit check to a credit agency and uses the obtained information about the statistical likelihood of payment default to make a balanced decision about the establishment, execution, or termination of the contractual relationship. The credit report may include probability values (score values) calculated using scientifically recognized mathematical-statistical methods, and address data may be included in these calculations. Your legitimate interests will be considered in accordance with legal requirements. The data processing serves the purpose of credit assessment for contract initiation. The processing is based on Art. 6 (1) (f) of the GDPR due to our overriding legitimate interest in protecting against payment default when Stripe makes advance payments.
You have the right, for reasons related to your particular situation, to object at any time to the processing of your personal data based on Art. 6 (1) (f) of the GDPR by notifying Stripe. Providing the data is necessary for concluding the contract with the payment method you have chosen. Failure to provide it will result in the contract not being concluded with the payment method of your choice.

All Stripe transactions are subject to Stripe’s privacy policy, which can be found at Stripe Privacy Policy.

Use of the Payment Method Link

We use the payment service Link from Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (“Stripe”) on our website.
The data processing serves the purpose of offering you a fast and easy payment option through the payment service when you have a customer account with Link.
To integrate this payment service, it is necessary for Stripe to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device, language settings, date and time of page access) when you access the website and use the payment service. Cookies may also be used to enable the recognition of your browser.
The use of cookies or similar technologies is done with your consent based on § 25 (1) sentence 1 TDDG in conjunction with Art. 6 (1) (a) of the GDPR. The processing of your personal data is based on your consent according to Art. 6 (1) (a) of the GDPR. You can withdraw your consent at any time, without affecting the lawfulness of the processing carried out based on the consent until the withdrawal.
By selecting and using Link, the data required for payment processing is transmitted to Stripe to fulfill the contract with you using the chosen payment method. This processing is carried out to fulfill the contract between you and us, based on Art. 6 (1) (b) of the GDPR.
For more information on data processing when using the Link payment service, please refer to the privacy policies at Link Privacy Policy and Link Privacy Center.
Stripe reserves the right to obtain a credit report based on mathematical and statistical methods using credit agencies if necessary. To do this, Stripe will transmit the personal data required for a credit check to a credit agency and use the information obtained about the statistical likelihood of payment default to make an informed decision regarding the establishment, execution, or termination of the contractual relationship. The credit report may include probability values (score values) calculated using scientifically recognized mathematical and statistical methods, which may include address data in their calculation. Your legitimate interests will be considered in accordance with legal requirements. The data processing is intended for the purpose of credit assessment for contract initiation. The processing is based on Article 6(1)(f) of the GDPR, due to our overriding legitimate interest in protection against payment default when Stripe advances funds.
You have the right, for reasons related to your particular situation, to object at any time to the processing of your personal data based on Art. 6 (1) (f) of the GDPR by notifying Stripe. Providing the data is necessary for concluding the contract with the payment method you have chosen. Failure to provide the data will result in the contract not being concluded with the payment method of your choice.

All Stripe transactions are subject to Stripe’s privacy policy, which can be found at Stripe Privacy Policy.

Cookies

Our website uses cookies. Cookies are small text files that are stored on a user’s computer system by the internet browser. When a user visits a website, a cookie can be stored on the user’s operating system. This cookie contains a distinctive string of characters that allows for the unique identification of the browser when the website is accessed again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set, make individual decisions about accepting them, and prevent the storage of cookies and transmission of the data contained in them. Already stored cookies can be deleted at any time. However, please note that this may mean you may not be able to fully utilize all the functions of this website.
You can find information on how to manage (including disable) cookies in the major browsers at the following links:

Technically Necessary Cookies

Unless otherwise specified in the privacy policy below, we use only these technically necessary cookies to make our services more user-friendly, effective, and secure. Additionally, cookies allow our systems to recognize your browser even after you navigate to different pages, enabling us to offer you services. Some functions of our website cannot be provided without the use of cookies, as it is necessary for the browser to be recognized after changing pages.
The use of cookies or similar technologies is based on § 25 (2) of the TDDG. The processing of your personal data is based on Art. 6 (1) (f) of the GDPR, due to our overriding legitimate interest in ensuring the optimal functionality of the website and providing a user-friendly and effective design of our services.
You have the right, for reasons related to your particular situation, to object at any time to the processing of your personal data.

Use of Borlabs Cookie

We use the consent management tool Borlabs Cookie on our website, provided by Borlabs – Benjamin A. Bornschein (Georg-Wilhelm-Str. 17, 21107 Hamburg; “Borlabs”).
The tool allows you to give consent for data processing activities on the website, particularly for setting cookies, and to exercise your right to withdraw consent for any consents already given.
The data processing serves the purpose of obtaining and documenting necessary consents for data processing activities, thereby ensuring compliance with legal obligations.
Cookies may be used for this purpose. The following information may be collected: date and time of the page visit, details about the browser and device you are using, UID (a randomly assigned anonymous ID), and opt-in/opt-out data. This data is not shared with third parties.
The data processing is carried out to fulfill a legal obligation based on Art. 6 (1) (c) of the GDPR.
For more information on data protection at Borlabs, please visit: Borlabs Cookie Privacy Policy.

Analysis      Advertising Tracking

Use of Google Analytics 4

We use the web analytics service Google Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing is intended for the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. For this purpose, Google will use the collected information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities, and to provide additional services related to website and internet usage to the website operator.
The following information may be collected, among others: IP address, date and time of the page view, click path, information about the browser and device you are using, visited pages, referrer URL (the website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, personal accounts, usage data from other devices, and any other data that Google has about you.

The IP address is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being processed.

Google uses technologies such as cookies, browser storage, and tracking pixels to enable the analysis of your use of the website. The use of cookies or similar technologies is based on your consent in accordance with § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a DSGVO.

The processing of your personal data is carried out with your consent based on Art. 6 Abs. 1 lit. a DSGVO. You can withdraw your consent at any time without affecting the lawfulness of the processing that was carried out based on the consent until the withdrawal.

The information generated about your use of this website is generally transmitted to and stored on a server in the USA. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has been certified under the TADPF and is therefore committed to adhering to European data protection principles. Both Google and US government authorities have access to your data.

For more information on terms of use and privacy, please visit https://policies.google.com/technologies/partner-sites and https://policies.google.com/privacy?hl=degl=de.

Use of the Meta Pixel

We use the Meta Pixel provided by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Meta”) on our website.
Meta and we are jointly responsible for the collection of your data and its transmission to Meta when using the service. This arrangement is based on an agreement between us and Meta regarding the joint processing of personal data, which outlines the respective responsibilities. The agreement is available at https://de-de.facebook.com/legal/terms/businesstools. According to this agreement:
We are primarily responsible for fulfilling the information obligations according to Art. 13 and 14 DSGVO, ensuring compliance with the security requirements of Art. 32 DSGVO concerning the correct technical implementation and configuration of the service, and for adhering to the obligations under Art. 33 and 34 DSGVO, in the event of a data protection breach related to our obligations under the joint processing agreement.
Meta is responsible for enabling the rights of data subjects according to Art. 15-20 DSGVO, complying with the security requirements of Art. 32 DSGVO regarding the security of the service, and fulfilling the obligations under Art. 33 and 34 DSGVO, in the event of a data protection breach related to Meta’s obligations under the joint processing agreement.
The application aims to target website visitors with interest-based advertising on the social networks Facebook and Instagram. For this purpose, the Meta remarketing tag has been implemented on the website. This tag establishes a direct connection to Meta’s servers when the website is visited. As a result, information about which of our pages you have visited is sent to Meta’s servers. Meta then associates this information with your personal Facebook and/or Instagram account. When you visit Facebook or Instagram, you will be shown personalized, interest-based ads.
The application also serves the purpose of generating conversion statistics. This allows us to know the total number of users who clicked on one of our ads and were redirected to a page equipped with a conversion tracking tag, as well as the actions taken after being redirected to the website. However, we do not receive information that allows us to personally identify users.
Your data may be transmitted to the USA. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has been certified under the TADPF and is therefore committed to adhering to European data protection principles.
The processing of your personal data is carried out with your consent based on Art. 6 Abs. 1 lit. a DSGVO. You can withdraw your consent at any time without affecting the lawfulness of the processing that occurred based on the consent until the withdrawal.
You can deactivate the remarketing feature “Custom Audiences” here. For more information on the collection and use of data by Meta, your related rights, and options for protecting your privacy, please refer to Meta’s privacy policy at https://www.facebook.com/about/privacy/.

Use of Google Ads Conversion Tracking

We use the online advertising program “Google Ads” on our website and, in this context, Conversion Tracking (visitor action evaluation). Google Conversion Tracking is an analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad served by Google, a cookie for Conversion Tracking is placed on your device. These cookies have a limited validity, do not contain personal data, and thus do not serve personal identification purposes. If you visit certain pages on our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to that page. Each Google Ads customer receives a different cookie, so there is no way for cookies to be tracked across the websites of Ads customers.
The information collected through the Conversion Cookie is used to create conversion statistics. This allows us to know the total number of users who clicked on one of our ads and were redirected to a page equipped with a conversion tracking tag. However, we do not receive information that allows us to personally identify users.

Your data may be transmitted to the servers of Google LLC in the USA. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has been certified under the TADPF and is therefore committed to adhering to European data protection principles.

The use of cookies or similar technologies is based on your consent according to § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a DSGVO. The processing of your personal data is also based on your consent under Art. 6 Abs. 1 lit. a DSGVO. You can withdraw your consent at any time without affecting the lawfulness of the processing based on the consent until the withdrawal.
For more information and Google’s privacy policy, please visit: https://www.google.de/policies/privacy/

Use of Google Inc.'s Remarketing or "Similar Audiences" Feature

We use the Remarketing or “Similar Audiences” feature provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The application is used to analyze visitor behavior and interests. To conduct this analysis of website usage, which forms the basis for creating interest-based ads, Google uses cookies. These cookies collect data about website visits and anonymized data about website usage. No personal data of website visitors is stored. When you visit another website in the Google Display Network, you may see ads that are likely to reflect the product and information areas you previously visited.
Your data may be transmitted to servers of Google LLC in the USA. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has been certified under the TADPF and is committed to adhering to European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a DSGVO. The processing of your personal data is also based on your consent under Art. 6 Abs. 1 lit. a DSGVO. You can withdraw your consent at any time, which will not affect the lawfulness of the processing based on the consent until the withdrawal.
For more information on Google Remarketing and its associated privacy policy, please visit: https://www.google.com/privacy/ads/

Use of Microsoft Advertising

We use Microsoft Advertising provided by Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA; “Microsoft”) on our website.
The data processing serves marketing and advertising purposes and aims to measure the success of advertising measures (conversion tracking). We learn the total number of users who clicked on one of our ads and were redirected to a page equipped with a conversion tracking tag. However, personal identification of these users is not possible.
Microsoft Advertising uses technologies such as cookies and tracking pixels to analyze your use of the website. When you click on an ad served by Microsoft Advertising, a cookie for conversion tracking is placed on your device. This cookie has a limited validity and does not serve personal identification. If you visit certain pages on our website and the cookie has not yet expired, both Microsoft and we can recognize that you clicked on the ad and were redirected to that page. The following information may be collected: IP address, identifiers assigned by Microsoft, information about the browser you are using, the device you are using, referrer URL (the website from which you accessed our website), and the URL of our website.
Your data may be transmitted to servers in the USA. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Microsoft has been certified under the TADPF and is committed to adhering to European data protection principles.
The use of cookies or similar technologies is based on your consent according to § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a DSGVO. The processing of your personal data is also based on your consent under Art. 6 Abs. 1 lit. a DSGVO. You can withdraw your consent at any time, which will not affect the lawfulness of the processing based on consent until the withdrawal.
For more information on data protection and the cookies used by Microsoft, please visit: Microsoft Privacy Statement.

Plug-ins and Other Technologies

Use of Google Tag Manager

We use Google Tag Manager provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
This application manages JavaScript and HTML tags used primarily for implementing tracking and analytics tools. The data processing aims to design and optimize our website according to user needs.
Google Tag Manager itself does not store cookies or process personal data. However, it facilitates the triggering of additional tags that may collect and process personal data.
For more information on terms of use and privacy, please visit: Google Tag Manager Privacy Information.

Use of Social Plugins via "Shariff"

We use social network plugins on our website. The integration of these social plugins and the associated data processing aims to optimize the advertising for our products.
When social plugins are integrated, a connection is established between your computer and the servers of the social network providers. The plugin is then displayed on the page by notifying your browser, provided you have given explicit consent. During this process, both your IP address and information about which of our pages you have visited are transmitted to the provider’s servers. This occurs regardless of whether you are registered or logged in to the social network. Even if you are not registered or logged in, data transmission takes place. If you are simultaneously connected to one or more of your social network accounts, the collected information may be linked to your respective profiles. When using the plugin functions (e.g., by clicking the button), this information is also associated with your user account. You can prevent this linkage by logging out of your social media accounts before visiting our website and activating the buttons.
The use of cookies or similar technologies occurs with your consent based on § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a DSGVO. The processing of your personal data is also based on your consent under Art. 6 Abs. 1 lit. a DSGVO. You can withdraw your consent at any time, which will not affect the legality of the processing carried out based on the consent up until the withdrawal.
The social networks listed below are integrated on our website via social plugins. For more information on the scope and purpose of data collection and usage, as well as your rights and options for protecting your privacy, please refer to the linked privacy notices of the providers.

Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) and we are joint controllers for the collection of your data and the transmission of this data to Facebook when integrating the service. This is based on an agreement between us and Meta Platforms Ireland regarding the joint processing of personal data, which outlines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. According to this agreement:
Our Responsibilities: We are specifically responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, adhering to the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for meeting the obligations under Articles 33 and 34 of the GDPR, insofar as a data protection breach affects our obligations under the agreement on joint processing.
Meta Platforms Ireland’s Responsibilities: Meta Platforms Ireland is responsible for enabling the rights of data subjects under Articles 15 to 20 of the GDPR, ensuring the security requirements of Article 32 of the GDPR regarding the security of the service, and fulfilling the obligations under Articles 33 and 34 of the GDPR, insofar as a data protection breach affects Meta Platforms Ireland’s obligations under the agreement on joint processing.
Your data may be transferred to the USA. For the USA, there is an adequacy decision by the EU Commission, known as the Trans-Atlantic Data Privacy Framework (TADPF). Meta has been certified under the TADPF and is committed to complying with European data protection principles.
For more information about the collection and use of data by Facebook, your rights, and options to protect your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and thus committed to adhering to European data protection principles.

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn has certified itself under the TADPF and thereby committed to adhering to European data protection principles.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

X, formerly known as Twitter, (X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
https://twitter.com/privacy
https://twitter.com/personalization
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and thus committed to adhering to European data protection principles.

Use of Social Plugins via "Shariff"

We use social network plugins on our website. To give you control over your data, we use the privacy-friendly “Shariff” buttons.
Without your explicit consent, no connections to the servers of social networks are established and, consequently, no data is transmitted.
“Shariff” is a development by the specialists from the computer magazine c’t. It allows for greater privacy on the web and replaces the usual “Share” buttons of social networks. More information about the Shariff project can be found here: Shariff Project Information.
When you click the buttons, a popup window appears where you can log in with your data to the respective provider. Only after this active login by you is a direct connection to the social networks established.
By logging in, you consent to the transmission of your data to the respective social media provider. This includes, among other things, your IP address and information about which of our pages you have visited. If you are simultaneously logged into one or more of your social network accounts, the collected information will also be associated with your respective profiles. You can prevent this association only by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks listed below are integrated using the “Shariff” function.
Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and thereby committed to adhering to European data protection principles.

Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388.
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and thus committed to complying with European data protection principles.

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn has certified itself under the TADPF and thus committed to adhering to European data protection principles.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

X, formerly known as Twitter, (X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
https://twitter.com/privacy
https://twitter.com/personalization
Your data may be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and thereby committed to complying with European data protection principles.

Use of Wordfence

We use the security plugin Wordfence from Defiant Inc. (00 5th Ave Ste 4100, Seattle, WA 98104, USA, “Wordfence”) on our website as part of a data processing agreement. The data processing is specifically aimed at protecting against viruses and malware, and detecting and defending against brute-force and DDoS attacks.
To achieve this, Wordfence uses cookies to classify website visitors as either suspicious or non-suspicious. This involves storing the IP address of the website visitor on Wordfence’s servers. IP addresses classified as non-suspicious are placed on a whitelist, while suspicious IP addresses are added to a blacklist.
To facilitate this, our website maintains a persistent connection to Wordfence’s servers so that Wordfence can update its databases with access data from our site and block any potentially harmful traffic if necessary.
Your data is transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Wordfence is not certified under the TADPF. Data transfer occurs based on standard contractual clauses as suitable safeguards for protecting personal data, available at: Standard Contractual Clauses.
The use of cookies or similar technologies is done with your consent in accordance with § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 Abs. 1 lit. a GDPR. You can withdraw your consent at any time, without affecting the legality of the processing carried out based on the consent before its withdrawal.
For more information on how Wordfence collects and uses data, your related rights, and options to protect your privacy, please refer to Wordfence’s privacy notices at Wordfence Privacy Policy and Wordfence GDPR Information.

Use of GoogleMaps

We use the Google Maps embedding feature on our website from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, “Google”).
The feature enables the visual representation of geographic information and interactive maps. When pages embedding Google Maps are accessed, Google also collects, processes, and uses data from the visitors to these websites.
Your data may also be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thus committed to adhering to European data protection principles.
The use of cookies or similar technologies is done with your consent in accordance with § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 Abs. 1 lit. a GDPR. You can withdraw your consent at any time, without affecting the legality of the processing carried out based on the consent before its withdrawal.
For more information on how Google collects and uses data, please refer to Google’s privacy notices at Google Privacy Policy. There, you can also use the Privacy Center to adjust your settings so you can manage and protect your data processed by Google.

Use of YouTube

We use the feature to embed YouTube videos on our website from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”). YouTube is affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
The feature displays videos hosted on YouTube in an iFrame on the website. The “Enhanced Privacy Mode” option is activated. This means that YouTube does not store information about website visitors. Information is only transmitted to YouTube and stored when you watch a video.
Your data may also be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and thus committed to adhering to European data protection principles.
The use of cookies or similar technologies is done with your consent in accordance with § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 Abs. 1 lit. a GDPR. You can withdraw your consent at any time, without affecting the legality of the processing carried out based on the consent before its withdrawal.
For more information on how YouTube and Google collect and use data, your related rights, and options to protect your privacy, please refer to YouTube’s privacy notices at YouTube Privacy.

Use of Google Fonts

We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing is intended to ensure consistent presentation of fonts on our website. To load the fonts, a connection to Google servers is established when the page is accessed. Cookies may be used in this process. This involves processing and transmitting your IP address and information about the browser you are using to Google. This data is not linked to your Google account.
Your data may also be transmitted to the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thus committed to adhering to European data protection principles.
The use of cookies or similar technologies is done with your consent in accordance with § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 Abs. 1 lit. a GDPR. You can withdraw your consent at any time, without affecting the legality of the processing carried out based on the consent before its withdrawal.
For more information on data processing and privacy, please refer to Google’s Privacy Policy and Google Fonts FAQ.

Use of FontAwesome

We use Font Awesome from Fonticons Inc. (307 S Main St., Suite 202, Bentonville, AR, 72712-9214 USA; “Font Awesome”) on our website. The data processing is intended to ensure a consistent display of fonts and icons on our website. To load the fonts, a connection to Font Awesome servers is established when the page is accessed.
Cookies may be used in this process. This involves processing and transmitting your IP address and information about the browser you are using to Font Awesome. Your data may be transmitted to third countries, such as the USA. For the USA, there is an adequacy decision from the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Font Awesome is not certified under the TADPF.
The use of cookies or similar technologies is based on your consent in accordance with § 25 Abs. 1 S. 1 TDDDG in conjunction with Art. 6 Abs. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 Abs. 1 lit. a GDPR. You can withdraw your consent at any time, without affecting the legality of the processing carried out based on the consent before its withdrawal.
For more information on data processing and privacy, please refer to Font Awesome’s Privacy Policy and Font Awesome’s Support.

Data Subject Rights and Retention Period

Retention Period

After the complete execution of the contract, data will be initially stored for the duration of the warranty period. Following this, data will be retained in accordance with legal requirements, including tax and commercial law retention periods. After these periods have elapsed, the data will be deleted, unless you have consented to further processing and use.

Rights of the Data Subject

Under the conditions set by law, you have the following rights according to Articles 15 to 20 of the GDPR: the right to access, the right to rectification, the right to erasure, the right to restriction of processing, and the right to data portability. Additionally, according to Article 21(1) of the GDPR, you have the right to object to processing based on Article 6(1)(f) of the GDPR, as well as to processing for the purpose of direct marketing.

Right to lodge a complaint with the supervisory authority

Under Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is not lawful.

You can file a complaint with the relevant supervisory authority for us, which can be reached at the following contact details:

State Commissioner for Data Protection and Freedom of Information Bremen
Arndtstraße 1
27570 Bremerhaven
Tel.: +49 421 3612010 or +49 471 5962010
Email: office@datenschutz.bremen.de

Right of objection

If the processing of your personal data listed here is based on our legitimate interests under Article 6(1)(f) of the GDPR, you have the right to object to such processing at any time, for reasons related to your particular situation, with effect for the future.
Once an objection is made, we will cease processing the affected data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.

If the processing of your personal data is for the purposes of direct marketing, you can object to this processing at any time by notifying us. Upon receipt of your objection, we will cease processing the affected data for direct marketing purposes.