Data Protection

a) SSL or TLS encryption

For security reasons and to protect the transmission of confidential data that you send to us as the site operator, our website uses an SSL or. TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the “https://” address and the padlock icon in the browser bar.

b) Server-Log-Data

In server log data, the website provider automatically collects and stores information that your browser automatically transmits to us. These are

• Browser type and Browser version

• Operating system used

• Referrer URL

• Host name of the computer accessing the site

• time of server inquiry

• IP Address

This data is not merged with other data sources. The data processing is based on Article 6 para. 1 b GDPR, which permits the processing of data for the execution of a contract or pre-contractual measures.

c) Contractual relationship

In the context of the establishment of the contractual relationship between GE Sport-Trade GmbH and the customer, only the personal data required for the execution of the contract are collected and processed as mandatory information. If the customer provides further information, this is done on a voluntary basis.

d) Administration, financial accounting, office organisation, contact management

We process data within the framework of administrative tasks, as well as the organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In this respect, we process the same data that we process as part of the provision of our contractual services. The processing principles are pursuant to Art. 6 para. 1 c. GDPR, Article 6 para. . 1 f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in processing lies in the administration, financial accounting, office organisation and archiving of data, in other words, tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data relating to contractual services and contractual disclosure corresponds to the information mentioned in these processing activities.

We disclose or transmit data to the tax authorities, consultants, such as tax consultants or auditors, as well as other billing offices and payment service providers.

Furthermore, we store information on suppliers, event organisers and other business partners on the basis of our business interests, for example for the purpose of subsequent contact. We generally store this mostly company-related data permanently.

e) Business analysis and market research

In order to operate our business efficiently, to identify market trends, customer and user wishes, we analyse the data available to us on business transactions, contracts, inquiries, etc. We process inventory data, communication data, contract data, payment data, usage data and metadata on the basis of article 6 para. 1 f. GDPR, whereby the data subjects include customers, interested parties, business partners, visitors and users of the online offer.

The analyses are carried out for the purpose of economic evaluations, marketing and market research. In doing so, we take into account the profiles of registered users with information such as their purchase transactions. The analyses serve to improve user-friendliness, the optimisation of our offer and the efficiency of our business. The analyses serve us alone and are not disclosed externally except where they are anonymised analyses with aggregated values.

If these analyses or profiles are personal, they will be deleted or anonymised when the user account is terminated, otherwise after two years following the conclusion of the contract. In addition, the overall economic analyses and general trend provisions are compiled anonymously where possible.

f) Contact form   

Data transmitted via the contact form will be stored including your contact details, to enable the processing of your request or to be available to be referred to in any follow-up questions. This data will not be passed on without your consent.

The data entered in the contact form is processed exclusively on the basis of your consent (Article 6 paragraph 1. a GDPR). You can revoke your consent at any time. A simple e-mail notification is sufficient for the withdrawal of your consent. The legality of any data processing operations carried out until revocation remains unaffected by the revocation.

Data transmitted via the contact form remain with us until you request us to delete them, revoke your consent to storage or there is no longer any need for data storage. Mandatory legal provisions – in particular retention periods – remain unaffected.

g) Storage period of posts and comments

Contributions and comments, as well as related data, such as IP addresses, are stored. The content remains on our website until it has been completely deleted or has had to be removed for legal reasons.

The storage of contributions and comments is based on your consent (Article 6 paragraph 1. a GDPR). You can withdraw your consent at any time. A simple e-mail notification is sufficient for the withdrawal of your consent. The legality of data processing operations already carried out remains unaffected by the revocation.

h) Newsletter

To send our newsletter, we need an e-mail address from you. A verification of the specified email address is required and the receipt of the newsletter should be accepted. Additional data is not collected or is voluntary. The data is used exclusively to send the newsletter.

The data provided during the newsletter registration will be processed exclusively on the basis of your consent (Article 6 paragraph 1. a GDPR). You can withdraw your consent at any time. To withdraw of consent, a simple email message or the use of the “unsubscribe” link in the newsletter will suffice. The legality of the data processing operations already carried out remains unaffected by the revocation.

The registration for our newsletter takes place in a so-called double opt-in procedure. This means that you will receive an e-mail after registration, in which you will be asked to confirm your registration. This confirmation is necessary so that no one can log in with an unregistered e-mail address. Registrations for the newsletter are logged in order to be able to prove the registration process conforms with legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Changes to your information stored by the shipping service provider are also recorded.

Newsletter delivery and related performance measurement is based on the consent of the recipient under Art. 6 para. 1. a, Article 7 GDPR in conjunction with section 7 para. 2 Nr. 3 UWG or on the basis of the legal permission under § 7 para. 3 UWG.

The logging of the registration procedure is based on our legitimate interests under Art. 6 para. 1. f GDPR Our interest is focused on the use of a user-friendly and secure newsletter system that serves our business interests, meets the expectations of users and also allows us to prove consent.

Data entered to set up your subscription will be deleted if you unsubscribe. If the information has been provided to us for other purposes and elsewhere, we will retain it.

i) Newsletter – service provider

The newsletter is sent via the e-mail newsletter service provider MailChimp, a newsletter delivery platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The privacy policy of the transmitting service provider can be viewed here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC trading as MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee, compliant with the European level of data protection ( https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The newsletter service provider is used based on our legitimate interests under Art. 6 para. 1. f GDPR and an order processing contract under Art. 28 para. 3 page 1 GDPR.

The transmitting service provider can use the data of the recipients in anonymised form, i.e., without assignment to a user, to optimise or improve its own services, for example for technical optimisation of the sending and presentation of the newsletter or for statistical purposes. However, the newsletter service provider will not use the data of our newsletter recipients in order to contact them directly or to pass on the data to third parties.

j) Newsletter – performance measurement

The e-mail newsletters contain a so-called “web-beacon”, which describes a pixel-sized data file that is stored on our server when the newsletter is opened, or on the server of an e-mail newsletter service provider if we should use one. As part of this data retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of retrieval, are collected.

This information is used for the technical improvement of the services based on technical data or target groups and their reading behaviour, based on their access locations (which can be determined through the IP address) or the access times. Data is collected also to determine whether the newsletters are opened, when they are opened and which links are clicked upon. Technical processes enable this information to be assigned to individual newsletter recipients However, it is neither our intention, nor, should one be used, that of the newsletter service provider, to observe individual users. The evaluations enable us to identify the reading habits of our users and adapt our content to them or to send different content according to the interests of our users.

k) Contact via WhatsApp – additional information for using WhatsApp

It should be noted that data will be stored on WhatsApp Inc.’s servers. (WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) which are not subject to European data protection law, meaning that personal data is processed in countries outside the scope of Directive 95/46/EC. Data privacy and security is not guaranteed by WhatsApp. GE Sport-Trade GmbH is not liable for any damage caused by the use of this platform. By installing and using WhatsApp on your mobile device, you agree to the General Terms and Conditions of WhatsApp, over which GE Sport-Trade GmbH has no influence. In particular, these declare that you give permission to WhatsApp Inc. to access your phone number and contacts stored on your mobile device.

l) YouTube

Our website uses plugins from YouTube to integrate and display video content. The provider of the video portal is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

A connection to YouTube servers is made when a page with an integrated YouTube plugin is accessed. YouTube learns which of our pages you have visited.

YouTube may attribute your browsing behavior directly to your personal profile if you are signed in to your YouTube account. You can avoid such a result by logging out before this occurs.

The use of YouTube is intended to enhance the presentation of our online offers. This constitutes legitimate interest within the meaning of Article 6 para. 1. f GDPR.

Details on the handling of user data can be found in the privacy policy of YouTube at: https://policies.google.com/privacy?hl=en

m) Vimeo

For the integration and display of video content, our website uses plugins from Vimeo. 555 West 18th Street, New York, New York 10011, USA.

A connection to the servers of Vimeo is established when a page with an integrated Vimeo plugin is accessed. Vimeo learns which of our pages you have visited. Vimeo learns your IP address, even if you are not logged in to the video portal nor have an account there. The information collected by Vimeo is transmitted to their servers which are based in the USA.

Vimeo can assign your surfing behaviour directly to your personal profile. You can avoid such a result by logging out before this occurs.

For more information about processing user data, see Vimeo’s Privacy Policy at: https://vimeo.com/privacy.

n) Cookies

This website collects and stores data for marketing and optimisation purposes. User profiles are created from this data under a pseudonym. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the website visitor’s Internet browser. Cookies are used to identify the Internet browser. The data collected in this way will not be used to identify the visitor to this website personally without the separate consent of the person concerned and will not be combined with personal data about the bearer of the pseudonym. The ongoing collection and storage of data may be rejected at any time by contacting GE Sport-Trade GmbH.

Some Cookies are “Session-Cookies.” Such Cookies are automatically deleted at the end of your browser session. However, other cookies remain on your device until you delete them yourself. These cookies help us to recognise you when you return to our website.

With a modern web browser you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured to automatically delete cookies when you close the program. Disabling cookies may negatively affect the functionality of our website.

The setting of cookies, which are necessary for the execution of electronic communication processes or the provision of certain functions desired by you (for example, shopping cart), takes place on the basis of Art. 6 para. 1. f GDPR As the operator of this website, we have a legitimate interest in the storage of cookies for the technically accurate and efficient delivery of our services. If other cookies (for example for analysis functions) are set, these are treated separately in this privacy policy.

o) Google Analytics

This website uses Google Analytics, a web analytics service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Google Analytics uses so-called. “Cookies” which are text files that are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google Analytics cookies are set on the basis of Article 6 para. 1. f GDPR As the operator of this website, we have  a legitimate interest in the analysis of user behaviour in order to optimise both our website and, if necessary, advertising.

However, as we have enabled IP anonymisation on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the European Economic Area Agreement. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there instead. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website use and internet use to us. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to fully use all of the functions of this website. You can also prevent the collection of the data generated by cookies and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google by downloading and installing the Browser Plug-in that is available through the following link.

https://tools.google.com/dlpage/gaoptout?hl=de

We use the remarketing function of Google Analytics to target advertising campaigns – including Google AdWords campaigns – to visitors of our pages. In such cases, you will be presented with relevant advertisements based on your previous visits to our pages when you visit other pages of the Google Display Network. The DoubleClick cookie allows Google to display targeted advertisements both on our site and those of third parties that match the interests determined by your previous visits to our website and/or other websites. Such advertising may be displayed on Google’s websites and/or those of other operators in Google’s advertising network. We also use Google Analytics advertising functions to analyse the effectiveness of our own advertising campaigns.

You can personalise your Google ad settings and opt out of interest-based ads from Google. In this case, the cookie ID of the DoubleClick cookie (individually assigned for each cookie) will be overwritten and can no longer be associated with a specific browser. After you delete all cookies from your device, a new DoubleClick cookie may be set. After that, you may need to update your settings to further deny cookies. You can permanently deactivate the DoubleClick cookie by clicking here: https://www.google.com/settings/ads/plugin  and downloading and installing the plug-in provided there. You may also deactivate the use of third-party cookies for online advertising on the US Site https://www.aboutads.info/choices/ or the EU site https://www.youronlinechoices.com/  using these links.

If you have agreed in your Google Account that your web and app browsing history may be linked by Google to your Google Account then information from your Google Account will be used to personalise ads, by combining Google data from your account with Google Analytics data to create target-group lists for cross-device remarketing. For this purpose, Google Analytics first collects Google-authenticated IDs for you as a user on our website that are linked to your Google account. Google Analytics then temporarily links these IDs to Google Analytics data in order to optimise our target groups.

Please click here: https://support.google.com/analytics/answer/6004245  to get an overview of Data Protection practices at Google.

Demographics in Google Analytics

Our site uses the “demographics” function in Google Analytics. This can be used to create reports that contain analyses of the age, gender and interests of site visitors. This data is based on Google’s interest-based advertising and third-party visitor data. Such data cannot be attributed to a specific person. You may opt out of, or revoke your consent at any time. This is possible via the ad settings in your Google account or by prohibiting the collection of your data by Google Analytics, as explained in the point “Objection to data collection”.

Order processing

In order to fully comply with statutory data protection requirements, we have entered into a contract with Google for the processing of orders.

p) Google AdWords and Google Conversion Tracking

Our website uses Google AdWords. provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.

AdWords is an online advertising program. As part of the online advertising program, we work with conversion tracking. Once you click on an ad placed by Google, a cookie is configured to track the conversion. Cookies are small text data files that your web browser stores on your device. Google AdWords cookies become invalid after 30 days and are not used for personal identification of users. The cookie allows Google and us to see that you have clicked on an ad and have been redirected to our website.

Each Google AdWords client receives a different cookie. The cookies are not traceable through AdWords customer websites. Conversion cookies are used to generate conversion statistics for AdWords customers who use conversion tracking. Conversion tracking tags enable Adwords clients to learn how many users clicked on their ads and which pages they were then directed to. However, AdWords clients do not receive any personally identifying information about users. If you do not want to participate in tracking, you can opt out of, or object to its use. In that case, the conversion cookie in the browser’s user settings needs to be disabled. As a result, browser activity is not included in conversion tracking statistics

Storing “conversion cookies” is based on Article 6 para. 1. f GDPR As a website operator, we have a legitimate interest in analysing user behaviour in order to optimise our website and advertising.

For details on Google AdWords and Google Conversion Tracking, see Google’s Privacy Policy: https://policies.google.com/privacy?hl=en

With a modern web browser you can monitor, restrict or prevent the setting of cookies. Disabling cookies may restrict the functionality of our website.

q) Google Tag Manager

This website uses Google Tag Manager. This service enables the management of site tags via an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no individualised data is collected. The Google Tool Manager triggers other tags, which in turn collect data if necessary. However, the Google Tag Manager has no access to this data. If a tag has been placed at the domain or cookie level, it will remain available for all tracking tags as long as they are implemented with the Google Tag Manager.

r) Google ReCaptcha

We have integrated a function for detecting bots, for example, when completing online forms on our site (“ReCaptcha”) – provided by: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy https://www.google.com/policies/privacy/, Opt Out: https://adssettings.google.com/authenticated.

s) Facebook Pixel, Custom Audiences and Facebook Conversion

To support our legitimate interests in analysis, optimisation and financial operation of our online offer, we use the so-called ” “Facebook pixel”, provided by the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or. if you are located in the EU, Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Facebook is certified under the Privacy Shield Agreement to ensure compliance with European data protection law. https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

With the help of the Facebook pixel, Facebook is able to analyse visitors to our online offer and place them in target groups for the presentation of ads (so-called “Facebook ads”). We therefore use the Facebook pixel to enable the display of Facebook ads placed by us only to Facebook users who have also shown an interest in our online offer or who exhibit certain characteristics (for example, have interests in certain topics or products determined by the websites visited), that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not appear to be inappropriate. With the help of the Facebook pixel, we can also track the effectiveness of Facebook advertisements for statistical and market research purposes, through which we see whether users have been redirected to our website after clicking on a Facebook advertisement (so-called “conversion”).

Facebook’s data processing is carried out in accordance with Facebook’s data use policy. General information on the presentation of Facebook ads in Facebook’s data use policy can be found here: https://www.facebook.com/policy.php. Specific information and details about the Facebook Pixel and how it works can be found in the Facebook Help section: https://www.facebook.com/business/help/651294705016616.

You can opt out of data collection by the Facebook pixel and the use of your data to enable display Facebook ads. In order to set which types of advertisements are displayed to you whilst on Facebook, you can access the following page set up by Facebook and follow the instructions for the settings of usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, meaning that they are applied to all devices, such as desktop computers or mobile devices.

You can also opt out of the use of cookies for measurement and advertising purposes via the opt-out page of the network advertising initiative (https://optout.networkadvertising.org/) also the US website (https://www.aboutads.info/choices) or similarly the European website (https://www.youronlinechoices.com/uk/your-ad-choices/).

t) Use of Facebook Social Plugins

We use the social plugins (“plugins”) of the social network facebook.com on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and financial operation of our online offer within the meaning of Article 6 paragraph 1. f GDPR, which is provided by Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is operated (“Facebook”). The plugins can display interaction elements or content (eg videos, graphics or text contributions) and are recognisable by one of the Facebook logos (white f” on a blue tile, the terms “Like”, “Like” or a thumb up” sign) are also tagged under the “Facebook Social Plugin”. The list and appearance of the Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement to ensure compliance with European data protection law. (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

If a user accesses a feature of this online offer which contains such a plugin, their device will establish a direct connection with Facebook’s servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offer. User profiles may be created using the processed data. We therefore have no influence on the extent of the data that Facebook gathers using this plugin and can only advise users of the facts according to the information available to us.

By integrating the plugins, Facebook receives the information that a user has accessed on the corresponding page of the online offer. If the user is simultaneously logged in to Facebook, Facebook can associate the visit with that Facebook account. When users interact with the plug-ins, for example by clicking on the Like button or making a comment, the corresponding information from their device is transmitted directly to Facebook and stored there. Even if a user does not have a Facebook account member, it is still possible for Facebook to acquire and store their IP address. According to Facebook, only anonymised IP addresses are stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options for the protection of the privacy of the users, these can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them via this online offer and link it to their member data stored on Facebook, they must log out of Facebook and delete any cookies before using our online offer. Further settings and opt-outs to the use of data for advertising purposes are possible under Facebook’s profile settings: https://www.facebook.com/settings?tab=ads  via the US site, https://www.aboutads.info/choices/  or the EU site https://www.youronlinechoices.com/. The settings are platform-independent, meaning that they are applied to all devices, such as desktop computers or mobile devices.

u) Use of X

Our pages incorporate functions of the X service, which are offered by X Inc. , 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using X and the “Repost” function, the websites you visit are linked to your X account and shared with other users. Data is also transferred to X. We would like to point out that as the provider of the pages, we do not receive any information about the content of the data transmitted or its use by X. For more information, please refer to the X privacy policy at < wpml_nbsp >https://x.com/privacy. https://x.com/privacy.

You can change your data protection settings at X in your account details at  https://x.com/account/settings 

v) Pinterest Plugin

Our website also uses functions of the social network Pinterest. 808 Brannan Street, San Francisco, CA 94103-490, USA.

When accessing a page with Pinterest functions, your browser will establish a direct connection to the Pinterest servers. Log data is transmitted to Pinterest’s servers. The servers are located in the USA. The log data may allow conclusions to be drawn about your IP address, websites visited, type and settings of the browser, date and time of the request, your use of Pinterest and cookies.

See the Pinterest Privacy Statement for more details:  https://about.pinterest.com/de/privacy-policy.

w) Social Plugins from Instagram

Our website also has plugins from the social network Instagram, operated by Instagram Inc. 1601 Willow Road, Menlo Park, California 94025, USA (hereinafter “Instagram”), integrated in it. If you visit a part of our website that contains such a plugin, your browser establishes a direct connection to the Instagram servers. If you click on the plugin while you are logged in to your Instagram account, you can link the content of our website to your Instagram profile. This allows Instagram to assign the visit to our website to your user account. We would like to inform you that we receive no information about the content of the transmitted data and their use by Instagram and that we are not responsible for the data collection and processing by Instagram.

For more information on the collection, processing and use of data by Instagram, please see Instagram’s Privacy Policy at:  https://help.instagram.com/155833707900388.

x) Iconosquare

We use Iconosquare, operated by ICONOSQUARE, 90 route du Palais, 87000 Limoges, France (hereinafter “Iconosquare”) to plan and evaluate our Instagram posts. When you access an Instagram post from us or connect to us on Instagram, this information is passed on to Iconosquare. We must advise you that we have no knowledge of the exact content of the transmitted data and their use by Iconosquare and that we are not responsible for the data collection and processing that Iconosquare undertake.

For more information about Iconosquare’s collection, processing and use of data, please see Iconosquare’s Privacy Policy at:  https://pro.iconosquare.com/terms-of-service und https://pro.iconosquare.com/privacy-policy.

y) Use of Google+1

Our pages use the features of Google+1. The provider of Google+1 is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043,  USA.

Information Collection and Sharing: With the help of the Google+1 button, you can publish information worldwide. through use of the Google+1 button, you and other users can receive personalised content from Google and our partners. Google stores both the information you submitted to +1 to access content as well as information about the page you viewed when you clicked on +1.. Your +1 may appear as a button along with your profile name and photo in Google services, such as search results or your Google profile, or elsewhere on websites and ads on the Internet. Google saves information about your +1 activities to enhance Google services for you and others. To use the Google +1 button, you must have a publicly available, globally visible Google profile that contains at least the name of the profile. This name will be used in all Google services. In some cases, this name may also override another name you used when sharing content via your Google account. The identity of your Google profile may be displayed to users who know your email address or have other identifying information about you.

Use of the information collected: In addition to the purposes explained above, the information you provide will be used in accordance with the applicable Google privacy policy. Google may publish aggregated statistics about users’ +1 activity, or. share them with users and partners, such as publishers, advertisers or affiliated websites.

z) Tidio Chat

We use Tidio, a customer service tool with built-in chatbot functionality. The provider of this service is the US-based company Tidio LLC, located at 160 Spear Street, #1000, San Francisco, CA 94105, USA.

Tidio also processes data in the USA. We would like to point out that the European Court of Justice currently considers that there is no adequate level of protection for data transfer in the USA. This may lead to various risks regarding the legality and security of data processing.

Tidio uses standard contractual clauses as the legal basis for transferring data to or transfer to so-called third countries (outside of the EU, Iceland, Liechtenstein, Norway and the USA). These standard contractual clauses, which are defined in Article 46 para. 2 and 3 of the GDPR are standards of the EU Commission, which should ensure that your data also in a transfer to countries like the USA subject to the same data protection requirements as within the EU. Tidio commits by these clauses to apply European data protection levels when processing is done in the USA, even if the data is stored and managed there. These clauses are based on a decision of the EU Commission. The full text of the decision and the standard contractual clauses can be found at: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

More detailed information on data processing and the standard contractual clauses at Tidio, can be found through the following link: https://www.tidio.com/wp-content/uploads/Standard-contractual-clauses.pdf.

For more information about the data processed by Tidio, please refer to Tidio’s privacy policy at: https://www.tidio.com/privacy-policy/.

a1) Adobe Fonts

We use the service Adobe Fonts on our website to host web fonts. The service is provided by the US company Adobe Inc. However, for customers in Europe, Adobe Systems Software Ireland, based in Dublin, Ireland, is responsible.

Adobe also processes data outside the EU, especially in the USA. The company uses the EU-US Data Privacy Framework to ensure the secure transfer of personal data from users in the EU to the USA. More information is available online.

Adobe uses standard contractual clauses, which are regulated in Article 46 paragraphs 2 and 3 GDPR. These clauses provided by the EU Commission ensure that data protection meets European standards, even if data is transferred to and stored in third countries such as the USA. Adobe is committed to complying with the EU privacy policies. You can also find more details about the standard contractual clauses online.

For more information about the data processed when using Adobe Fonts, please see Adobe’s privacy policy.

c1) Cloudflare

We use Cloudflare, a service of Cloudflare, Inc., (101 Townsend St., San Francisco, CA 94107, USA) , to increase the loading speed and improve security by using cookies and processing user data. It provides a content delivery network (CDN) and various security features that operate between our hosting provider and the visitors of the website. We explain in more detail below what this means.

A CDN like Cloudflare’s is made up of a range of servers distributed around the world that store copies of our website. These servers deliver content to your browser faster by selecting the server that is geographically closest. This makes data more efficient, especially when accessed from abroad. In addition to this speed optimization, Cloudflare also offers security features such as DDoS protection and a web application firewall to protect our site from attacks.

Why do we use Cloudflare?

Our goal is to provide you with the best experience on our website. Cloudflare helps us reduce loading times and increase security. Features include web optimisation, DDoS protection, a web firewall and reverse proxy, and the CDN. Additionally, Cloudflare blocks malicious bots and spam software that would unnecessarily strain our server resources. By using local servers and blocking spam requests, we can reduce our bandwidth usage by around 60%. Thanks to the distribution of content on nearby servers and other optimizations, the page load time is approximately halved. With the “I’m Under Attack Mode”, Cloudflare can also provide additional protection through a security query when attacks are suspected. Overall, this makes our site faster and more resistant to spam and other attacks.

What data does Cloudflare process?

Cloudflare only forwards the data specified by the website operators, namely us. The content is not controlled by Cloudflare itself, but by us. However, Cloudflare may collect information about the use of the website, such as your IP address, log information, security credentials and performance data. This information helps Cloudflare identify security threats and ensure the site is running smoothly. Data processing is always carried out within the framework of the applicable data protection regulations, such as the GDPR. Cloudflare also works with third party service providers who process personal data on behalf of and in accordance with Cloudflare’s privacy policy. Cloudflare does not share any personal data without our consent.

Where and for how long does Cloudflare store data?

The data is stored primarily in the USA and the European Economic Area. However, Cloudflare can access the information collected worldwide. In general, the data for domains in the free, pro and business versions is stored for less than 24 hours. For enterprise domains that use the Cloudflare log system, data can be retained for up to 7 days. However, if an IP address is considered suspicious by Cloudflare, there could be deviations from these storage periods.

How can I delete my data or prevent its storage?

Cloudflare does not store most logs for longer than necessary and usually deletes them within 24 hours. Personal data, such as your IP address, is not normally stored by Cloudflare for a long time. However, there are certain protocols that are stored permanently and anonymised to improve overall performance and identify security risks. For more information, please see Cloudflare’s Privacy Policy at: https://www.cloudflare.com/application/privacypolicy/.

Cloudflare is not responsible for the content it transmits. If you wish to make changes to the stored data, you must contact us as the website operator. If you want, you can prevent Cloudflare from collecting and processing your data by disabling script execution in your browser or using a script blocker.

Legal basis

The data processing by Cloudflare is based on your consent in accordance with Article 6 para. 1. a DSGVO. In addition, we have a legitimate interest in using Cloudflare to optimise and make our website more secure. The legal basis for this is Art. 6 para. 1. f DSGVO. However, we will only use Cloudflare if you have previously given us your consent.

As Cloudflare also processes data in the US, it is part of the EU-US Data Privacy Framework, which regulates the secure transfer of data from EU citizens to the US. For more information, see: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Moreover, Cloudflare uses standard contractual clauses (pursuant to Article 46 paragraphs 2 and 3 GDPR) provided by the EU Commission. These clauses are designed to ensure that personal data is transferred to third countries in accordance with the European data protection standards. For more information about these clauses and Cloudflare’s handling of your data, please see their privacy policy at: https://www.cloudflare.com/de-de/privacypolicy/.

d1) FiboSearch

This website uses the search technology service of Damian Góra Web Development, Dr Adama Bilika 2/28, 42-500 Bedzin, Poland.

For the provision of the search function for articles via the search field as well as for navigation and filtering, the provider collects and stores certain user information (such as the user or session ID) in an anonymised form.

If personal data is processed in this context, the processing takes place in accordance with Article 6 para. 1. f DSGVO based on our legitimate interest in providing a fault-tolerant search for articles and thus an optimal representation of our offer

e1) Google Fonts

Our homepage uses so-called web fonts, which are provided by Google: (http://www.google.com/webfonts/). When you visit our website, your browser loads the required web fonts from a Google server into your browser cache, whereby information from your browser flows back to Google. Google Webfonts allows your browser to display our texts in a visually improved way. If your browser does not support this feature, a default font will be loaded from your computer and used to display the text. This function is specified by the website provider and cannot be deactivated.

Further information about Google Webfonts can be found here: Google Fonts FAQ.

For general information on data protection at Google, please visit: Google Datenschutzrichtlinien.

a2) Use in the shipment of goods

As part of the shipping process, we transmit your data (name, address, if applicable email address and/or mobile phone number) for notification options and changes to delivery, as well as other shipment-related data, on the basis of the Postal Service Data Protection Ordinance (§5 PDSV) to our shipping partners DPD Dynamic Parcel Distribution GmbH & Co. KG, DHL Express Germany GmbH, DHL Vertriebs GmbH & Co.

b2) Online presence in social media

We maintain online profiles within social networks and platforms in order to be able to communicate with customers as well as other interested parties and users who are active there, thereby informing them of our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of those respective operators apply.

Unless otherwise stated in our privacy policy, we process user’s data if they communicate with us within social networks and platforms, for example, by writing contributions on our online profiles or sending us messages.

aa) PayPal

Our website permits payment via PayPal. The provider of the payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

If you pay with PayPal, the payment data you have entered will be transmitted to PayPal.

The transmission of your data to PayPal takes place subject to Article 6 para. 1. a GDPR (consent) and article 6 para. 1. b GDPR (processing for contract purposes). You can withdraw your consent at any time. The act of withdrawing consent does not affect any previous data processing operations

bb) Adyen

Our website allows payment via Adyen, the provider of the payment service is Adyen N.V.(German Branch, Jägerstraße 27, 10117 Berlin)

 If you pay by credit card (Mastercard or Visa), the payment data you entered is transmitted to Adyen.

 The transmission of your data to Adyen is based legally on Article 6 para. 1. a GDPR (consent) and article 6 para. 1. b GDPR (processing for contract purposes). You can withdraw your consent at any time. The act of withdrawing consent does not affect any previous data processing operations

cc) Klarna

Our website allows payment via Klarna. The payment service provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden.

When you pay with Klarna (Klarna payment solution), Klarna collects various personal details from you. For further details, see Klarna’s Privacy Policy at: https://www.klarna.com/uk/privacy/

Klarna uses cookies to optimise the Klarna checkout solution. This optimisation represents a legitimate interest in accordance with Article 6 para. 1. f GDPR. Cookies are small text data files that your web browser stores on your device. Klarna cookies remain on your device until you delete them. For details on the purposes of Klarna cookies, see: https://www.klarna.com/uk/cookie-policy/

The transmission of your data to Klarna is based on Article 6 para. 1. a GDPR (consent) and article 6 para. 1. b GDPR (processing for contract purposes). You can withdraw your consent at any time. The act of withdrawing consent does not affect any previous data processing operations