Data Protection Information

As the operator of the website at https://homaro.webflow.io (also "website"), we are responsible for the personal data of the user ("you") of this website within the meaning of the applicable data protection law, in particular the General Data Protection Regulation ("GDPR").

As part of our duty to provide information (Art. 13 f. GDPR), we will inform you below about which data is processed when you visit our website and on what legal basis this is done. You will also receive information about your rights vis-à-vis us and the competent supervisory authority.

1. Information on the person responsible

Homaro Supply UG

Madenburgstr. 23

68219 Mannheim

Germany

Phone: +49 157 582 428 50

E-mail: info@homaro.eu

2. Data Protection Officer

Marcus Alexander Klapdohr & Robin Max Schmich

3. Informational use of our website

When you access our website merely to visit it, so-called log files are processed by being automatically recorded by our system. The following log files are processed automatically:

IP address of the requesting computer
Type of Internet browser used
Language of the Internet browser used
Version of the Internet browser used
Operating system and its version
Interface of the operating system
Pages accessed
Date and time of the visit
Time zone difference to Greenwich Mean Time (GMT)
Access status/http status code
Amount of data transferred
Success or error of the charging process
Referrer
Websites that are accessed by the visitor's system via our website
Internet service provider of the user

The log files contain your IP address and possibly other personal data. It is therefore generally possible to identify you.

However, we only store your data temporarily and, in particular, not together with other personal data. The data will be deleted as soon as you leave the website. The temporary processing and storage of the above-mentioned data is necessary to provide our website and to ensure the security of our information technology systems. These purposes also justify our legitimate interest in processing the data on the legal basis of Art. 6 para. 1 sentence 1 lit. f GDPR.

4. Provision of our website

Our website is operated on the servers of the provider Webflow Inc. 398 11th Street, San Francisco, CA 94103 (hereinafter "Webflow") with server location in the USA . This means that the data we collect when you visit and use this website is stored by our hoster.

‍The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. f GDPR, as it is in our legitimate interest to use the services of a professional provider for the secure and efficient provision of our website. We have concluded an order processing agreement with Webflow

‍Note on data transfers to the USA:

‍Please note the following: Webflow is a company based in the USA and therefore in a third country within the meaning of the GDPR. In connection with our use of Webflow, personal data may be transferred to the USA. In accordance with Art. 45 GDPR, the European Commission has decided that there is an adequate level of data protection in the USA and has issued a corresponding adequacy decision. Webflow Inc. is certified under the EU-U.S. Data Privacy Framework, see https://www.dataprivacyframework.gov/list and https://webflow.com/legal/privacy.

5. Contact form

You can contact us electronically using the contact form provided on our website, for example to provide us with feedback, to send us inquiries about the services we offer or to ask us general questions. If you use this option, you transmit the following data to us:

Name
E-mail address
Subject
Message

The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR. It is our legitimate interest to process your data transmitted to us in order to contact you. The data will be stored until it is no longer required to achieve the purpose of the conversation with you and your contact request has been fully clarified.

If your contact is aimed at concluding a contract with us, the additional legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. b GDPR.

The data will be stored for as long as it is necessary for the performance of the contract or pre-contractual measures or until you withdraw your consent. Beyond this, we only store your data in order to comply with legal obligations (e.g. tax obligations) (Art. 6 para. 1 sentence 1 lit. c GDPR).

In addition to the data you provide to us, we store the time (date and time) of the transmission of your data to us, as well as your IP address. The processing of this data is in our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in order to ensure the security of our systems and to counteract misuse. This data, which we also collect when you contact us, will be deleted as soon as it is no longer required, at the latest when your contact request has been fully clarified.

You can inform us at any time (see section 1 above) that we should delete the data provided during the conversation. In this case, to the extent permitted, all personal data from the conversation will be deleted and it will not be possible to continue the conversation.

6. Contact us by e-mail or telephone

You have the option of contacting us by e-mail or telephone. Your personal data transmitted in this way will be stored by us. The data is processed exclusively in order to process your contact appropriately, whereby this corresponds to our legitimate interest. The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. f GDPR. The data will be stored until it is no longer required to achieve the purpose of the conversation with you and your contact request has been fully clarified.

If your contact is aimed at concluding a contract with us, the additional legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. b GDPR. This data is stored for as long as it is required for the performance of the contract or pre-contractual measures. In addition, we only store your data in order to comply with legal obligations (e.g. tax obligations) (Art. 6 para. 1 sentence 1 lit. c GDPR).

7. Newsletter

On our website, we offer you the opportunity to subscribe to our newsletter free of charge. In addition to your declaration of consent, we require your e-mail address. Further details, e.g. your name, are voluntary and are used to address you personally.

We will only send you the newsletter if you first confirm your registration by clicking on the link provided in a confirmation e-mail sent to you for this purpose. This is to ensure that only you can subscribe to the newsletter. Your confirmation in this regard must be made promptly after receipt of the confirmation e-mail, otherwise your newsletter registration will be automatically deleted from our database.

The legal basis for sending the newsletter and the associated processing of further voluntary information is Art. 6 para. 1 sentence 1 lit. a GDPR. By sending the newsletter registration, you consent to the processing of your data by us.

As part of your newsletter registration, we also store the time (date and time) of the transmission of your data to us, as well as your IP address. The processing of this data corresponds to our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR in order to ensure the security of our systems and to counteract misuse. In the confirmation e-mail sent for control purposes, we also store the date and time of the click on the confirmation link and your IP address.

Your data will be processed exclusively in connection with the sending of newsletters. The purpose of processing your e-mail address is to enable us to send you the newsletter. Other data during the registration process is used either to address you personally or to ensure the security of our services and prevent misuse of the e-mail address used.

Your data will only be stored for as long as is necessary to achieve the purpose. Your e-mail address will therefore be stored for the duration of your active newsletter subscription if you have given your consent. The data that we also collect automatically during your registration (IP address, date and time) will be deleted at the latest when you cancel your newsletter subscription. Data stored by us for other purposes remains unaffected by this.

7. Newsletter tracking:

‍CANCELLATION / Unsubscribe from newsletter

‍You can unsubscribe or cancel our newsletter at any time. Unfortunately, it is not possible to revoke your consent to newsletter tracking separately. If you wish to object to newsletter tracking, you must therefore also unsubscribe from the newsletter. You will find the link to do this at the end of each newsletter. By doing so, you revoke your consent with effect for the future or object to any further use of your data for the purpose of sending the newsletter and tracking. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.

‍Newsletter service provider

Brevo.com

8. Links to social networks

On our website, we use small icons and other links that refer to our website on the third-party platforms listed below ( social networks ). These are hyperlinks, so no data is automatically transferred from you, but only when you click on the icons or the corresponding link and a new window opens in your browser with the website of the third-party provider.

a. Internet presence on Instagram

We operate a corporate presence on the social media portal Instagram. The operator of Instagram is Meta Platforms Ireland Limited, Serpentine Avenue, Block J, Dublin 4 Ireland, whereby the platforms Facebook and Instagram share the technical infrastructure according to Meta's own information. In the following, the term "Instagram" is used for the social media portal and the term "Meta" for the operator of this portal.

On our website, we link to our company presence on Instagram using the Instagram icon. As long as you do not click on the link, Meta will not receive any data from you. If you click on the link, for example to view or subscribe to our company presence on Instagram, Meta will receive data from you (which data Meta receives also depends on whether you are logged in to Instagram with your user profile while clicking on the page or not). In addition, Meta uses so-called cookies, which are stored on your device when you visit our corporate website even if you do not have your own Instagram profile or are not logged into it during your visit to our corporate website. These cookies allow Meta to create user profiles based on your preferences and interests and to show you customized advertising (inside and outside Instagram). Cookies remain on your device until you delete them. You can find more information about the cookies used by Meta at https://help.instagram.com/1896641480634370?ref=ig

According to its own information, Meta uses this data for a wide variety of purposes and transmits it worldwide, both internally to other Meta companies and to various external partners. Meta bases this data processing on various legal bases, which you can find in detail in Instagram's privacy policy and Facebook's data policy. Instagram's privacy policy can be found at the following link: https://www.instagram.com/legal/privacy/ Facebook's data policy, which also applies to Instagram, can be found at https://www.facebook.com/policy

While Meta uses this data under its own responsibility for various purposes, we can only view aggregated data on our company website , i.e. statistics (e.g. user growth, user demographics, use of individual functionalities), which no longer have any personal reference. These are called "Instagram Insights". You can find more information about Instagram Insights on the corresponding information page of Meta, which refers to all Meta products (and thus also to Instagram). You can access this information page at the following link: https://www.facebook.com/legal/terms/information_about_page_insights_data

In accordance with the provisions of the GDPR, we are jointly responsible with Meta for data processing on our Instagram corporate presence (Art. 26 GDPR). Accordingly, we have concluded an agreement with Meta provided by Meta in which this joint responsibility is regulated. You can find the agreement in German at the following link https://www.facebook.com/legal/terms/page_controller_addendum

‍This means that Meta is primarily responsible for the aggregated Insight Data. In addition, Meta will comply with all obligations under the GDPR with regard to the processing of Insight Data (including Art. 12, 13 GDPR, Art. 15-21 GDPR and Art. 32-34 GDPR). If you send us a request regarding our Instagram company presence, we will inform Meta promptly. Meta will respond to the request in accordance with our agreement.

Our legitimate interests in the processing of personal data lie in the use and linking of various communication channels, marketing via high-reach social media platforms and the analysis and evaluation of the success of our communication and marketing efforts. The legal basis for processing is Art. 6 para. 1 sentence 1 lit. f GDPR. If you consent to data processing (in particular to the setting of cookies), the processing is also carried out on the basis of Section 25 (1) TTDSG or Art. 6 (1) sentence 1 lit. a GDPR.

If you use our Instagram page to contact us (e.g. by creating your own posts, responding to one of our posts or sending us private messages), we process the data you provide exclusively to process your contact. The legal basis for the processing of your personal data is therefore Art. 6 para. 1 sentence 1 lit. f GDPR. It is our legitimate interest to process your data transmitted to us in order to contact you. The data will be stored until it is no longer required to achieve the purpose of the conversation with you and your contact request has been fully clarified. You can inform us at any time that we should delete the data provided in the course of the conversation. In this case, to the extent permitted, all personal data from the conversation will be deleted and it will not be possible to continue the conversation.

b. Internet presence on LinkedIn

We operate a website on the social media portal LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as "LinkedIn")), which we link to on our website via the LinkedIn icon.

As long as you do not click on the link, LinkedIn will not receive any data from you. If you click on the link, for example to view our website on LinkedIn, LinkedIn will receive data from you (which data LinkedIn receives also depends on whether you are logged in to LinkedIn with your user profile while you click on the page or not). LinkedIn also uses so-called cookies, which are stored on your device when you visit our company website, even if you do not have your own LinkedIn profile or are not logged into it during your visit to our company website. These cookies allow LinkedIn to provide its own services, determine the performance of the services and display relevant ads (including job ads) inside and outside LinkedIn. Cookies remain on your device until you delete them. You can find more information about the cookies used by LinkedIn at https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy

According to its own information, LinkedIn uses this data for a wide variety of purposes and transmits it to a wide variety of recipients, including recipients who are not based in the EU. LinkedIn bases this data processing on various legal bases, which you can find in LinkedIn's privacy policy. The privacy policy can be found at the following link https://de.linkedin.com/legal/privacy-policy

‍While LinkedIn uses this data under its own responsibility for various purposes, we can only see aggregated data on our LinkedIn website, i.e. statistics that no longer have any personal reference . These are called "page analytics". You can find more information on "Page Analytics" on the corresponding LinkedIn information page at https://www.linkedin.com/help/linkedin/answer/4499/linkedin-page-analytics-overview?lang=de

‍In addition, if you decide to become a follower when you visit our LinkedIn website, we will also receive your name and your position in the company according to the information in your LinkedIn user profile, as well as the time at which you became our follower. https://www.linkedin.com/help/linkedin/answer/4499/linkedin-page-analytics-overview?lang=en‍

In accordance with the provisions of the GDPR, we are jointly responsible with LinkedIn for data processing on our LinkedIn website (Art. 26 GDPR). Accordingly, we have concluded an agreement with LinkedIn provided by LinkedIn , in which this joint responsibility is regulated. You can find the agreement at the following link https://legal.linkedin.com/pages-joint-controller-addendum

‍This means that LinkedIn is primarily responsible for the aggregated Insight data. In addition, LinkedIn will fulfill all obligations under the GDPR with regard to the processing of Insight data (including Art. 12 -22 GDPR and Art. 32-34 GDPR). If you send us a request regarding our LinkedIn website, we will inform LinkedIn promptly. LinkedIn will respond to the request in accordance with our agreement.

Our legitimate interests in the processing of personal data lie in the use and linking of various communication channels, marketing via high-reach social media platforms and the analysis and evaluation of the success of our communication and marketing efforts. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR. If you consent to data processing (in particular to the setting of cookies), the processing is also carried out on the basis of Section 25 (1) TTDSG or Art. 6 (1) sentence 1 lit. a GDPR

If you use our LinkedIn presence to contact us (e.g. by creating your own posts, responding to one of our posts or sending us private messages), we will only process the data you provide in order to process your contact. The legal basis for the processing of your personal data is therefore Art. 6 para. 1 sentence 1 lit. f GDPR. It is our legitimate interest to process your data transmitted to us in order to contact you. The data will be stored until it is no longer required to achieve the purpose of the conversation with you and your contact request has been fully clarified. You can inform us at any time (see section 1 above) that we should delete the data provided in the course of the conversation. In this case, to the extent permitted, all personal data from the conversation will be deleted and it will not be possible to continue the conversation.

9. We Do Not Track With Google Analytics

The analytics service Google Analytics 4 was implemented on our website, but due to ethical and data protection reasons of customers we have terminated GA4 tracking.

‍Note on data transfers to the USA:

‍The use of Google Analytics is based on a contract that we have concluded with Google Ireland Ltd. However, Google Ireland Ltd. is a subsidiary of the US Google Group, which means that your personal data may also be transferred to US Google Group companies (in particular Google LLC) and Google servers located in the USA. The USA is a third country within the meaning of the GDPR for which the EU Commission has issued an adequacy decision (the so-called "EU-US Data Privacy Framework" or "EU-US DPF"). Google LLC is certified as a US company under the EU-US DPF, see https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

10. Vimeo

We integrate videos from the service of Vimeo LLC, 555 West 18th Street, New York, New York 10011 (hereinafter: "Vimeo") for the purpose of making our website appealing.

When you access a video on our website, a connection is established with the Vimeo servers. Data is transmitted in the process. The data received in this way can be assigned to registered Vimeo users. In order to offer you an appealing presentation, Vimeo sets functionally necessary cookies. This is done in order to save video player settings, such as the volume setting. Vimeo does not set any analysis or advertising cookies from third-party providers when we integrate the video player on our website.

You can find more information about the cookies set by Vimeo in Vimeo's cookie policy: https://vimeo.com/cookie_policy.

You can prevent the storage of cookies directly in your browser settings and delete cookies that have been set.

The scope and purpose of data processing by Vimeo, as well as your rights and privacy protection options, can be found in Vimeo's privacy policy, which you can find at the following link: https://vimeo.com/privacy.

The legal basis for the integration of the Vimeo service on our website and the associated processing of your data is Art. 6 para. 1 sentence 1 lit. a GDPR. In addition, the appealing design of our website and the use of a specialized, external service for hosting and displaying videos is in our legitimate interests, Art. 6 para. 1 sentence 1 lit. f GDPR.

If Vimeo sets cookies, we process your data on the basis of your consent (Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TTDSG). You can withdraw your consent at any time by deleting the cookies from your browser. In this respect, our legitimate interests also lie in the appealing design of our website and the use of a specialized, external service for hosting and displaying videos.

‍

11. Stripe

Payment Processing

Homaro Supply UG uses Stripe as our payment service provider. When you make a purchase on our website, your payment data is processed by Stripe, Inc., a company based in the United States.

Data Controller
For the purposes of payment processing, Stripe acts as a data controller under the GDPR. This means Stripe determines the purposes and means of processing personal data related to payment transactions.

Data Processed
The personal data processed by Stripe may include:
- Name
- Email address
- Billing address
- Payment card details
- Transaction amount and currency
- IP address

Legal Basis
The legal basis for this processing is Article 6(1)(b) of the GDPR - processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract.

Data Transfer
Please note that Stripe may transfer your data to countries outside the European Economic Area (EEA). Stripe ensures an adequate level of data protection through EU Standard Contractual Clauses and participation in the EU-US Privacy Shield Framework.

Your Rights
You have the right to access, rectify, erase, restrict processing, object to processing, and data portability in relation to your personal data processed by Stripe. To exercise these rights, please contact Stripe directly.

For more information on how Stripe handles your personal data, please refer to Stripe's Privacy Policy: https://stripe.com/privacy

If you have any questions about our use of Stripe for payment processing, please contact us at info@homaro.eu.

12. Akamai Technologies

Content Delivery and Cloud Services

Homaro Supply UG utilizes Akamai Technologies, Inc. for content delivery and cloud services. When you access our website or use our services, some of your data may be processed by Akamai, a company headquartered in the United States.

Data Processor‍

For the purposes of content delivery and cloud services, Akamai acts as a data processor under the GDPR. This means Akamai processes personal data on behalf of Homaro Supply UG (the data controller) based on our instructions.

Data Processed

The personal data processed by Akamai may include:

IP address
Browser type and version
Operating system
Date and time of access
Pages visited
Referring website addresses

Legal Basis

The legal basis for this processing is Article 6(1)(f) of the GDPR - processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

Data Transfer

Please be aware that Akamai may transfer your data to countries outside the European Economic Area (EEA). Akamai ensures an adequate level of data protection through EU Standard Contractual Clauses and its own privacy and security protocols.

Your Rights

As Homaro Supply UG is the data controller, you can exercise your rights to access, rectify, erase, restrict processing, object to processing, and data portability by contacting us directly.

Data Retention

Akamai retains log data for a limited period as part of its services. For specific retention periods, please refer to Akamai's privacy documentation or contact us for more information.

For more details on how Akamai handles personal data, please refer to Akamai's Privacy Trust Center: https://www.akamai.com/privacy-trust-center

‍

13. Content Delivery Networks

a. jsDelivr

On our website we use jsDelivr, an open source content delivery network tool from Prospect One, Krolewska 65a, Krakow, Malopolskie 30-081, Poland (hereinafter referred to as "jsDelivr"). With the help of the jsDelivr content delivery network, we can optimize the delivery speed and security of our website.

For this purpose, jsDelivr receives information about how you interact with our website. The information processed may include your IP address, system configuration information, device and application information and information about your network.

The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR, as it is our legitimate interest to optimize the security and performance of our website through the use of jsDelivr.

Further information on how jsDelivr processes your data can be found at https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net.We have concluded an order processing agreement with jsDelivr at .

b. Cloudflare

On our website, we use Cloudflare, a content delivery network tool from Cloudflare, Inc, 101 Townsend St., San Francisco, CA 94107, USA (hereinafter "Cloudflare"). With the help of Cloudflare's content delivery network and the web security services offered by Cloudflare, we can optimize the delivery speed and security of our website.

For this purpose, Cloudflare receives information about how you interact with our website. The information processed may include, but is not limited to, IP addresses, traffic routing data, system configuration information and other information about traffic to and from our website.

‍Note on data transfers to the USA:

‍Cloudflare is a US company, which means that your personal data may also be transferred to the USA. The USA is a third country within the meaning of the GDPR, for which an adequacy decision of the EU Commission (the so-called "EU-US Data Privacy Framework" or "EU-US DPF") exists. Cloudflare is certified as a US company under the EU-US DPF, see https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnZKAA0&status=Active.

We have concluded an order processing agreement with Cloudflare at .

c. Amazon CloudFront

On our website, we use Amazon CloudFront, a content delivery network provided by Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg. With the help of Amazon CloudFront's content delivery network, we can optimize the delivery speed and security of our website.

For this purpose, Amazon CloudFront receives information about how you interact with our website. The information processed may include your IP address, system configuration information, device and application information, and information about your network.

We have concluded an order processing agreement with Amazon at .

In the event that personal data is exceptionally transferred to the USA to Amazon's parent company, Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA, we would like to point out that the EU Commission has submitted an adequacy decision for the USA (the so-called "EU-US Data Privacy Framework" or "EU-US DPF"). Amazon is certified under the EU-US DPF, see https://www.dataprivacyframework.gov/list.

14. Your rights

If we process your data, you are a "data subject" within the meaning of the GDPR. You have the following rights: right of access, right to rectification, right to restriction of processing, right to erasure, right to information and right to data portability. You also have the right to object, the right to withdraw consent and the right to lodge a complaint with the supervisory authority.

‍Below you will find some details on the individual rights:

a. Right to information

You have the right to request confirmation from us as to whether we are processing your personal data. If we process your personal data, you have the right to obtain information in particular about the processing purposes, categories of personal data, recipients or categories of recipients and, if applicable, the storage period.

b. Right of rectification

You have the right to correct and/or complete the data that we have stored about you if this data is incorrect or incomplete. We will make the correction or completion without delay.

c. Right to restriction of processing

Under certain circumstances, you have the right to request that we restrict the processing of your personal data. An example of this is if you dispute the accuracy of your personal data and we need to verify the accuracy for a certain period of time. Your data will only be processed to a limited extent for the duration of the check. Another example of restriction is if we no longer need your data, but you need it for a legal dispute.

d. Right of deletion

In certain situations, you have the right to request that we delete your personal data immediately. This is the case, for example, if we no longer need your personal data for the purposes for which we collected it or if we have processed your data unlawfully. Another example would be if we process your data on the basis of your consent, you withdraw your consent and we do not process the data on any other legal basis. However, your right to erasure does not always apply. For example, we may process your personal data in order to comply with a legal obligation or because we need it for a legal dispute.

e. Right to information

If you have exercised your right to rectification, erasure or restriction of processing against us, we are obliged to notify all recipients to whom we have disclosed your personal data of the rectification, erasure or restriction of processing of your data, unless this proves impossible or involves a disproportionate effort.

f. Right to data portability

Under certain conditions, you have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format and the right to have this data transmitted to another controller. This is the case if we process the data either on the basis of your consent or on the basis of a contract with you and that we process the data using automated procedures.

You have the right to obtain that we transfer your personal data directly to another controller, insofar as this is technically feasible and the freedoms and rights of other persons are not affected by this.

g. Right of objection

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on these provisions.

After an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling insofar as it is associated with direct advertising. If you object to the processing of your personal data for direct marketing purposes, we will no longer process it for these purposes.

h. Right of withdrawal

In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent at any time. Withdrawal of consent does not retroactively invalidate the lawfulness of the processing.

i. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy. In particular, you may exercise your right to lodge a complaint in the Member State of your place of residence, your place of work or the place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.

The competent supervisory authority for Baden-Württemberg is the State Commissioner for Data Protection and Freedom of Information Baden-Württemberg, Lautenschlagerstr. 20, 70173 Stuttgart, phone +49 711 6155410, fax +49 711 61554115, e-mail poststelle@lfdi.bwl.de.

You can find an overview of the respective state data protection officers and their contact details under the following link:https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

15. Status and topicality of this data protection information

Status: May 2024

‍Cookie information

‍We use cookies on our website. Cookies are text files that are sent to your browser by our web server when you visit our website and are stored on your computer for later retrieval. Cookies are then sent to the server of our website with every server request or page view. A cookie can therefore identify your Internet browser when you visit the website again. Some of the functions that we have integrated into our website also use web storage objects. These work in a similar way to cookies, but are temporarily stored in your browser and are generally not transmitted to the server. There are session cookies, which are deleted when the browser is closed, and there are persistent cookies, which are stored on the hard disk until their preset expiration date is reached or until they are actively removed by you. Web storage objects are divided into local storage objects, which never expire, and session storage objects, which are deleted when the browser is closed.A distinction is made between first party cookies (only visible from the domain you are currently visiting) and third party cookies (visible across domains and regularly set by third parties).Cookies and web storage objects are divided into the following categories:Technically necessary: These are absolutely necessary to move around the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes or store which web pages you have visited. The legal basis for the setting of technically necessary cookies and web storage objects is § 25 para. 2 TTDSG.Optional: These are used, for example, for analysis and marketing purposes and to display external content such as videos. Analysis cookies and web storage objects collect information about how you use a website, which pages you visit and, for example, whether errors occur when using the website. Marketing cookies and web storage objects are used to show you customized advertising on the website or offers from third parties and to measure the effectiveness of these offers. These are technologies that are not technically necessary. The legal basis for setting these cookies and web storage objects is therefore your consent in accordance with Section 25 (1) of the GDPR.Please note the following: You can ensure yourself that no cookies and similar technologies are stored on your computer at all, or that the storage of only certain cookies is permitted. You can select this in your Internet browser settings. You can also view and delete the stored cookies there. If you block all cookies, it is possible that not all functions of our website will be available to you.

Right of revocation and removal

As explained at the beginning of this section, you can enable or restrict the transmission of cookies and similar technologies by changing the settings in your Internet browser. You can delete cookies and web storage objects that have already been saved by your internet browser at any time. If cookies and web storage objects are restricted or deactivated for our website, it is possible that not all functionalities can be used.

Information about the cookies and web storage objects on our website:

We use the following technically necessary cookies and web storage objects on our website:NamePurposeStorage durationwf-csrf

wf-csrf.sig

wf-order-id

wf-order-id.sig

fs-cc

seenAnimation

We also use the following optional cookies and web storage objects on our website:NamePurposeStorage duration_ga_ZQ7RSDG0KN

_ga

__stripe_mid

__stripe_sid

m

__cf_bm

_cfuvid

vuid

Status and timeliness of this cookie information

May 2024