Privacy Policy
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy, which is listed below this text.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the section “Information on the responsible body” in this privacy policy.
How do we collect your data?
Your data is collected in two ways: firstly, when you provide it to us, for example, by entering information into a contact form.
Secondly, data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you access this website.
What do we use your data for?
Some data is collected to ensure the website functions correctly. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other inquiries.
What rights do you have regarding your data?
You have the right to obtain information free of charge at any time regarding the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
For this and other questions regarding data protection, please feel free to contact us at any time.
Analytics tools and third-party tools
When you visit this website, your browsing behavior may be statistically analyzed. This is done primarily using so-called analytics programs.
Detailed information about these analytics programs can be found in the following privacy policy.
2. Hosting
We host the content of our website with the following provider:
The provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereinafter referred to as Hetzner). For details, please see Hetzner’s privacy policy:
https://www.hetzner.com/legal/privacy-policy/.
The use of Hetzner is based on Article 6(1)(f) GDPR. We have a legitimate interest in ensuring the most reliable presentation of our website possible. If corresponding consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be withdrawn at any time.
Order processing
We have concluded a data processing agreement (DPA) for the use of the aforementioned service. This is a legally required agreement under data protection law, which ensures that the service provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
3. General information and mandatory disclosures
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
Please note that data transmission over the Internet (e.g., when communicating by email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.
Note regarding the responsible body
The data controller for this website is:
Tellus Nature gGmbH (non-profit limited liability company)
Jakobsweg 1
64560 Riedstadt
Phone: +49 (0) 6158 9298861
Email: info@tellus-nature.com
The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).
Storage period
Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you submit a legitimate request for erasure or withdraw your consent to data processing, your data will be deleted, provided we have no other legally permissible grounds for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the data will be deleted once these grounds cease to apply.
General information on the legal basis for data processing on this website
If you have consented to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR or Article 9(2)(a) GDPR if special categories of data pursuant to Article 9(1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing also takes place on the basis of Article 49(1)(a) GDPR. If you have consented to the storage of cookies or to access to information on your device (e.g., via device fingerprinting), data processing additionally takes place on the basis of Section 25(1) of the German Telemedia Act (TMG). You can withdraw your consent at any time. If your data is required for the performance of a contract or for taking steps prior to entering into a contract, we process your data on the basis of Article 6(1)(b) GDPR. Furthermore, we process your data if it is necessary for compliance with a legal obligation, on the basis of Article 6(1)(c) GDPR. Data processing may also be based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Information on the applicable legal bases in each individual case is provided in the following paragraphs of this privacy policy.
Recipients of personal data
As part of our business activities, we collaborate with various external parties. This sometimes requires the transfer of personal data to these external parties. We only disclose personal data to external parties if this is necessary for the performance of a contract, if we are legally obligated to do so (e.g., disclosure of data to tax authorities), if we have a legitimate interest in the disclosure pursuant to Article 6(1)(f) GDPR, or if another legal basis permits the data transfer. When using data processors, we only transfer our customers’ personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.
Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. The legality of data processing carried out before the revocation remains unaffected by the revocation.
Right to object to data processing in special cases and to direct marketing (Art. 21 GDPR)
If data processing is based on Article 6(1)(e) or (f) of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you; this also applies to profiling based on these provisions. The specific legal basis for each processing operation can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims (objection pursuant to Article 21(1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be processed for direct marketing purposes (objection pursuant to Article 21(2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged infringement. This right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to receive the data that we process automatically based on your consent or in fulfillment of a contract, either for yourself or for a third party, in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if technically feasible.
Information, correction and deletion
Under applicable law, you have the right to request information, free of charge, about your stored personal data, its origin and recipients, and the purpose of the data processing, as well as the right to rectification or erasure of this data. You can contact us at any time with regard to this and any other questions concerning personal data.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do so. The right to restrict processing exists in the following cases:
- If you contest the accuracy of your personal data stored with us, we generally need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure.
- If we no longer need your personal data, but you require it for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
- If you have objected to processing pursuant to Article 21(1) GDPR, a balancing of interests between your interests and ours must be carried out. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL or TLS encryption
This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential information, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser’s address bar changes from “http://” to “https://” and by the padlock icon in your browser’s address bar.
When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If, after concluding a paid contract, you are required to provide us with your payment details (e.g., bank account number for direct debit), this data is necessary for processing your payment.
Payments using common payment methods (Visa/MasterCard, direct debit, PayPal) are processed exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the browser’s address bar changes from “http://” to “https://” and by the padlock icon in your browser’s address bar.
With encrypted communication, your payment details that you transmit to us cannot be intercepted by third parties.
Objection to advertising emails
The use of contact details published as part of the legal notice for sending unsolicited advertising and informational materials is hereby prohibited. The operators of these pages expressly reserve the right to take legal action in the event of unsolicited advertising, such as spam emails.
4. Data collection on this website
Cookies
Our website uses so-called “cookies.” Cookies are small data packets that do not harm your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted after you close your browser. Persistent cookies remain on your device until you delete them yourself or until they are automatically deleted by your web browser.
Cookies can originate from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or the display of videos). Other cookies can be used to analyze user behavior or for advertising purposes.
Cookies that are necessary for carrying out electronic communication, providing certain functions you have requested (e.g., for the shopping cart function), or optimizing the website (e.g., cookies for measuring website traffic) (essential cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing essential cookies to ensure the technically flawless and optimized provision of its services. If consent to the storage of cookies and similar recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG); this consent can be revoked at any time.
You can configure your browser to notify you when cookies are set and to allow cookies only in individual cases, to block cookies in certain cases or entirely, and to automatically delete cookies when you close your browser. Disabling cookies may limit the functionality of this website.
If other cookies and services are used on this website, you can find information about them in this privacy policy.
Borlabs Cookie
Our website uses Borlabs Cookie’s cookie consent technology to obtain your consent to the storage of certain cookies in your browser and to document this consent in accordance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter referred to as Borlabs).
When you visit our website, a Borlabs cookie is stored in your browser, which saves the consents you have given or withdrawn. This data is not shared with the provider of Borlabs Cookie.
The collected data is stored until you request its deletion, delete the Borlabs cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected. Details regarding data processing by Borlabs Cookie can be found at
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
The Borlabs Cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Article 6(1)(c) GDPR.
If you wish to revoke this consent, simply delete the cookie in your browser. When you revisit/reload the website, you will be asked for your cookie consent again.
Contact form
When you submit inquiries to us via our contact form, the information you provide, including your contact details, will be stored by us for the purpose of processing your inquiry and for any follow-up questions. We will not share this data without your consent.
This data is processed on the basis of Article 6(1)(b) GDPR if your inquiry relates to the performance of a contract or is necessary for taking steps prior to entering into a contract. In all other cases, processing is based on our legitimate interest in the efficient handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if such consent has been requested; you may withdraw your consent at any time.
The data you enter in the contact form will remain with us until you request its deletion, withdraw your consent to its storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
Inquiries via email, telephone or fax
When you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We will not share this data without your consent.
The processing of this data is based on Article 6(1)(b) GDPR if your inquiry relates to the performance of a contract or is necessary for taking steps prior to entering into a contract. In all other cases, the processing is based on our legitimate interest in the efficient handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if such consent has been obtained; you may withdraw your consent at any time.
The data you send us via contact requests will remain with us until you request its deletion, withdraw your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.
Registration, login and user account
Users can create a user account. During registration, users are informed of the required mandatory information, which is processed for the purpose of providing the user account based on contractual obligations. The processed data includes, in particular, login information (name, password, and email address). The data entered during registration is used for the purposes of using the user account and its intended purpose.
Users may be informed by email about events relevant to their user account, such as technical changes. If users have terminated their user account, their data relating to the user account will be deleted, subject to any statutory retention obligations. It is the users’ responsibility to back up their data before the end of the contract if they have terminated their account. We are entitled to irretrievably delete all user data stored during the contract period.
When using our registration and login functions, as well as the user account, we store the IP address and the time of the respective user action. The data is stored based on our legitimate interests as well as those of the users in protection against misuse and other unauthorized use. This data is generally not shared with third parties unless it is necessary for pursuing our claims or there is a legal obligation to do so.
5. Plugins and Tools
YouTube with enhanced privacy
This website embeds videos from YouTube. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our websites that includes embedded YouTube videos, a connection to YouTube’s servers is established. This informs the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube in enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used to personalize your browsing experience on YouTube. Ads displayed in enhanced privacy mode are also not personalized. No cookies are set in enhanced privacy mode. Instead, so-called local storage elements are stored in the user’s browser. These elements, similar to cookies, contain personal data and can be used for recognition purposes. Details on enhanced privacy mode can be found here:
https://support.google.com/youtube/answer/171780.
Activating a YouTube video may trigger further data processing operations over which we have no control.
YouTube is used to enhance the presentation of our online content. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telemedia Act (TMG), insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDG. Consent can be withdrawn at any time.
Further information about data protection at YouTube can be found in their privacy policy at:
https://policies.google.com/privacy?hl=en.
The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. Further information can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.
Google Fonts (local hosting)
OpenStreetMap
We use the map service from OpenStreetMap (OSM).
We integrate the map data from OpenStreetMap on the server of the OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The United Kingdom is considered a safe third country with regard to data protection. This means that the United Kingdom has a level of data protection equivalent to that of the European Union. When using OpenStreetMap maps, a connection is established to the servers of the OpenStreetMap Foundation. Your IP address and other information about your behavior on this website may be transmitted to the OSMF. OpenStreetMap may store cookies in your browser or use similar recognition technologies for this purpose.
The use of OpenStreetMap is in the interest of presenting our online services in an appealing way and making it easy to find the locations we have indicated on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. If corresponding consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal equipment (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be withdrawn at any time.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA is used to verify whether data entered on this website (e.g., in a contact form) is entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This
analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various pieces of information (e.g., IP address, the website visitor’s time spent on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is taking place.
In this context, Google acts solely as a data processor within the meaning of Article 28 GDPR and will not use the data collected in this way for its own purposes. The tool is used based on a data processing agreement (DPA) with Google.
The storage and analysis of data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web services from abusive automated data scraping and spam. If corresponding consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telemedia Act (TMG), insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be withdrawn at any time.
The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is obligated to comply with these data protection standards. Further information can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.
Communication via Telegram
For communication with customers and other third parties, we use, among other things, the instant messaging service Telegram. The provider is Telegram Messenger LLP, 71-75 Shelton Street, Covent Garden, London, United Kingdom.
When you communicate via Telegram, this is done using encryption between your device and the server. This prevents Telegram or other third parties from accessing the content of the communication.
End-to-end encryption is also possible, but this is only used for secret chats. Therefore, end-to-end encryption is generally not used for regular chats.
When you use Telegram, Telegram receives access to metadata generated during use and in the course of the communication process (e.g., sender, recipient, time of messages, device used, operating system, IP address, username, etc.).
The use of Telegram is based on our legitimate interest in communicating with customers, prospective customers, and other third parties as quickly and effectively as possible (Art. 6 para. 1 lit. f GDPR).
Further details on data processing can be found in Telegram’s privacy policy at:
https://telegram.org/privacy/de?setln=en.
6. Analysis Tool
Web analytics with Rybbit (self-hosted)
We use the open-source web analytics tool Rybbit on our website. Rybbit is self-hosted by us on our own servers. The data collected by Rybbit is not transmitted to the Rybbit developers or any other third parties. The data remains entirely on our servers under our control. Rybbit is configured to function without cookies. No personal data as defined by the GDPR that would allow the identification of individual users is stored. Anonymous session and user IDs are used.
IP-addresses are only used temporarily to determine anonymized geographic data (country/region).
The analysis serves to optimize our website and analyze its usage (e.g., visitor numbers, popular pages) based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. The data is deleted by us in accordance with the configured retention policies.
7. Newsletter
Newsletter data
If you wish to subscribe to the newsletter offered on this website, we require your email address and information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not share it with third parties.
The processing of the data entered into the newsletter registration form is based solely on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of your data, your email address, and its use for sending the newsletter at any time, for example, via the “Unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide to us for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe or when the purpose for which it was collected no longer applies. Data stored by us for other purposes remains unaffected. We reserve the right to delete or block email addresses from our newsletter mailing list at our own discretion, based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
After you unsubscribe from the newsletter mailing list, your email address may be stored on a blacklist by us or the newsletter service provider to prevent future mailings. The data from the blacklist is used only for this purpose and is not combined with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage on the blacklist is not time-limited. You can object to this storage if your interests outweigh our legitimate interest.
Mailpoet
This website uses MailPoet for sending newsletters. The provider is AUTH O’MATTIC A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland (hereinafter referred to as MailPoet).
MailPoet is a service that, among other things, allows us to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter is stored on our servers but sent via MailPoet’s servers, meaning that MailPoet processes your newsletter-related data (MailPoet Sending Service). Details can be found here:
https://account.mailpoet.com/.
Data analysis by MailPoet
With the help of MailPoet, we can analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. This allows us to determine, among other things, which links were clicked most frequently.
We can also see whether certain predefined actions were performed after opening or clicking (conversion rate). For example, we can see if you made a donation after clicking on the newsletter.
MailPoet also allows us to segment (“cluster”) newsletter recipients based on various categories. For example, recipients can be segmented by age, gender, or location. This allows us to better tailor the newsletters to the respective target groups. If you do not want MailPoet to analyze your data, you must unsubscribe from the newsletter. We provide a corresponding link for this purpose in every newsletter message.
MailPoet also allows us to segment (“cluster”) newsletter recipients based on various categories. Detailed information about MailPoet’s features can be found at the following links:
https://account.mailpoet.com/ and
https://www.mailpoet.com/mailpoet-features/.
MailPoet’s privacy policy can be found at:
https://www.mailpoet.com/privacy-notice/.
Legal basis
Data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw this consent at any time for the future.
Storage period
The data you provide for the purpose of subscribing to our newsletter will be stored by us until you unsubscribe. After you unsubscribe, your data will be removed from the newsletter distribution list or deleted when the purpose for which it was collected no longer applies. We reserve the right to delete or block email addresses from our newsletter distribution list at our own discretion, based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Data stored for other purposes will remain unaffected.
After you unsubscribe from the newsletter distribution list, your email address may be stored on a blacklist to prevent future mailings. The data on the blacklist will only be used for this purpose and will not be combined with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage on the blacklist is not time-limited. You can object to the storage of your data if your interests outweigh our legitimate interest.
Data processing agreement
We have entered into a data processing agreement with MailPoet. This is a legally required agreement under data protection law, which ensures that MailPoet processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
8. Payment providers and processing of online donations
Processing of data (donor and contract data)
We collect, process, and use personal data only to the extent necessary for establishing, defining the content of, or modifying the contractual relationship (master data). This is done on the basis of Article 6(1)(b) GDPR, which permits the processing of data for the performance of a contract or for taking steps prior to entering into a contract. We collect, process, and use personal data relating to the use of our website (usage data) only to the extent necessary to enable the user to access the service or for billing purposes.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transfer upon conclusion of contracts for services and digital content
We only transfer personal data to third parties if this is necessary for processing your order, for example, to the bank responsible for payment processing.
Your data will not be transferred beyond this scope unless you have expressly consented to it. Your data will not be shared with third parties without your explicit consent, for example, for advertising purposes.
The legal basis for data processing is Article 6(1)(b) GDPR, which permits the processing of data for the performance of a contract or for taking steps prior to entering into a contract.
Payment services
We integrate payment services from third-party companies into our website. When you make a purchase with us, your payment data (e.g., name, payment amount, bank account details, credit card number) is processed by the payment service provider for the purpose of payment processing. The respective terms and conditions and privacy policies of the respective providers apply to these transactions. The use of these payment service providers is based on Article 6(1)(b) GDPR (contractual necessity) and in the interest of ensuring the smoothest, most convenient, and most secure payment process possible (Article 6(1)(f) GDPR). Where your consent is requested for specific actions, Article 6(1)(a) GDPR serves as the legal basis for data processing; consent can be withdrawn at any time for the future.
We use the following payment services/payment service providers on this website:
