The responsible body within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:

Whitewall GmbH

Revaler Str. 30
10245 Berlin
Deutschland

E-Mail: info@brain-effect.com

The data protection officer of the data controller is:

dsgvoschutzteam.com - Lukmann Consulting GmbH

Packerstraße 131a
A-8561 Söding

Telefon: +49 7223 95 666 77
E-Mail: service@dsgvoschutzteam.com

In accordance with Article 13 GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not specified in the privacy notice, the following applies: the legal basis for obtaining consent is Articel 6(1)(a) in conjunction with Article 7 GDPR. The legal basis for processing in order to provide our services and fulfil contractual measures, as well as answering inquiries, is Article 6(1)(b) GDPR. The legal basis for processing in order to fulfil our legal obligations is Article 6(1)(c) GDPR. If the processing of your data is necessary to safeguard the legitimate interests of our company or a third party and if your interests, fundamental rights and fundamental freedoms as the data subject do not outweigh the first interest, Article 6(1)(f) GDPR serves as the legal basis for the processing. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

We adhere to the principles of data minimisation in accordance with Article 5(1)(c) GDPR and storage limitation according to Article 5(1)(e) GDPR. We only store your personal data for as long as is necessary to achieve the purposes stated here, or as stipulated by the retention periods provided for by law. After the respective purpose no longer applies or after these retention periods have expired, the corresponding data will be deleted as quickly as possible.

We also use tools from companies based in third countries on our website. If these tools are active, your personal data may be transmitted to the servers of the respective companies. The level of data protection in third countries does not usually correspond to EU data protection legislation. This means that there is a risk that your data will be passed on to authorities in these countries. We have no influence on these processing activities.

This website may contain links to third-party websites or to other websites under our responsibility. If you follow a link to any of the websites outside our control, please note that these websites have their own privacy notices. We do not assume any responsibility or liability for these external websites and their privacy notices. Before using these websites, please check whether you agree with their privacy policies.

You can recognise external links either by the fact that they are displayed in a colour which is slightly different from the rest of the text or that they are underlined. Your cursor will show you external links when you move it over such a link. Only when you click on an external link will your personal data be transferred to the destination of the link. The operator of the other website will then receive your IP address, the time at which you clicked on the link, the website you were on when you clicked on the link, and other information that you can find in the respective provider’s privacy notice.

Please also note that individual links may result in data transfer outside the European Economic Area. This could give foreign authorities access to your data. You may not be entitled to any legal recourse against such data access. If you do not want your personal data to be transferred to the link destination or potentially even accessed by foreign authorities against your will, please do not click on any links.

As a data subject within the meaning of the GDPR, you have the opportunity to assert various rights. The rights of data subjects arising from the GDPR are the right of access (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority and the right to data portability (Article 20).

Withdrawal:

Some data processing can only be carried out with your explicit consent. You have the option of revoking your consent at any time. However, the lawfulness of the data processing until the revocation is not affected by this.

Right to object:

If the processing is based on Art. 6 (1) (e) or (f) GDPR, you as a data subject can object to the processing of personal data concerning you at any time for reasons arising from your particular situation. You are also entitled to this right in the case of profiling based on these provisions within the meaning of Art. 4 (4) GDPR. If we cannot prove a legitimate interest for the processing that outweighs your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims, we will refrain from processing your data after an objection has been made.

If the processing of personal data serves the purpose of direct marketing, you also have the right to object at any time. The same applies to profiling, which is related to direct advertising. Again, we will no longer process personal data as soon as you object.

Right to lodge a complaint with a supervisory authority:

If you believe that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy.

Right to data portability:

If your data is processed automatically on the basis of consent or performance of a contract, you have the right to receive this data in a structured, commonly used and machine-readable format. In addition, you have the right to request the transfer and provision of the data to another controller, insofar as this is technically feasible.

Right to information, correction and deletion:

You have the right to obtain information about your processed personal data regarding the purpose of the data processing, the categories, the recipients and the duration of storage. If you have any questions on this topic or on other topics regarding personal data, you can of course contact us via the contact options given in the imprint.

Right to restriction of processing:

You can assert the restriction of the processing of your personal data at any time. To do this, you must meet one of the following requirements:

• They contest the accuracy of the personal data. For the duration of the verification of accuracy, you have the right to request a restriction of processing.
• If processing is unlawful, you can request the restriction of the use of the data as an alternative to deletion.
• If we no longer need your personal data for the purposes of processing, but you need the data for the establishment, exercise or defence of legal claims, you can request the restriction of processing as an alternative to deletion.
• If you object to the processing in accordance with Art. 21 (1) GDPR, a balancing of your interests and ours will be carried out. Until this balancing has been carried out, you have the right to request the restriction of processing.

Restriction of processing means that, apart from storage, the personal data may only be processed with your consent or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or of a Member State.

Our website is hosted by:

maxcluster GmbH
Lise-Meitner-Str. 1b
D-33104 Paderborn

When you access our website, we automatically collect and store information in so-called server log files. Your browser automatically transmits this information to our server or our hosting company’s server. 

These are:

• IP address of the website visitor's end device
• device used
• host name of the accessing computer
• visitor's operating system
• browser type and version
• name of the retrieved file
• time of server request
• amount of data
• information on whether the retrieval of the data was successful

This data is not merged with other data sources.

Instead of operating this website on our own server, we may also commission an external service provider (hosting company) to operate it on their own server, which we have named above in this case. The personal data collected by this website will be stored on the hosting company’s servers. In addition to the data mentioned above, the web host also stores for us, for example, contact requests, contact details, names, website access data, meta and communication data, contract data and other data generated via a website. 

The legal basis for processing this data is Article 6(1)(f) GDPR . Our legitimate interest is the technically error-free presentation and optimisation of this website. If the website is called up in order to enter into contract negotiations with us or to conclude a contract, this serves as a further legal basis (Article 6(1)(b) GDPR). In the event that we have commissioned a hosting company, a order processing contract will have been agreed with this service provider.

Our website uses local storage items, session storage items and/or cookies. Local storage is a mechanism that enables data to be stored within the browser on your end device. This data usually includes user preferences, such as the "day" or "night" mode of a website, and is retained until you manually delete the data. Session storage is very similar to Local storage, whereas the storage duration only lasts during the current session, so until the current tab is closed. The session storage objects are then deleted from your end device. Cookies are information that a web server (server that provides web content) stores on your end device in order to be able to identify this end device. They are either temporarily deleted for the duration of a session (session cookies) and after your visit to a website or permanently (permanent cookies) on your end device until you delete them yourself or they are automatically deleted by your web browser.

These objects can also be stored on your end device by third-party companies when you visit our site (third-party requests). This allows us, as the operator, and you, as a visitor to this website, to make use of certain third-party services installed on this website. Examples are the processing payment services or displaying videos on a website.

These mechanisms have a variety of uses. They can improve the functionality of a website, control shopping cart functions, increase the security and comfort of website use and carry out analyses regarding visitor flows and behaviour. Depending on their individual functions, they must be classified in terms of data protection legislation. Are they necessary for the operation of the website and intended to provide certain features (shopping cart feature) or serve to optimize the website (e.g. cookies to measure visitor behaviour), then their use is based on Article 6(1)(f) GDPR. As a website operator, we have a legitimate interest in storing local storage items, session storage items and cookies in order to ensure the technically error-free and optimized provision of our services. In all other cases, local storage items, session storage items and cookies are only stored with your express consent (Article 6(1)(a) GDPR).

If local storage items, session storage items and cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in this privacy notice. When required, your consent will be requested and can be revoked at any time.

We use external services on our website. External services are services provided by third parties that are used on our website. This can be done for a variety of reasons, such as embedding videos or website security. When using these services, personal data is also passed on to the respective providers of these external services. If we have no legitimate interest in using these services, we will obtain your revocable consent as a visitor to our website before using them (Article 6(1)(a) GDPR).

We process website visitors’ personal data in order to analyse user behaviour. Evaluation of this data enables us to compile information on how visitors use individual components of our website. This allows us to increase the user-friendliness of our website. The analysis tools may be used, for example, to create user profiles for the display of targeted or interest-based advertising messages, to recognise our website visitors the next time they visit our website, to measure their click/scroll behaviour and downloads, to create heat maps, to recognise page views, to measure the length of visits to the website or bounce rates, as well as to trace the origin of website visitors (city, country, the website visitors have come from). The analysis tools help us to improve our market research and marketing activities.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website ABTasty. The provider of the service is the AB Tasty, Gertrudenstr. 30-36, 50667 Köln, Germany.

The use of the service may result in data transfer to a third country (USA).

Further information can be found in the provider's data protection information at the following URL: https://www.abtasty.com/de/datenschutzerklarung/.

We use the service on our website Google Analytics. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

We use the service on our website Microsoft Advertising Web Analytics. The provider of the service is the Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://privacy.microsoft.com/de-de/privacystatement.

We use the service on our website New Relic. The provider of the service is the New Relic Germany GmbH, Neuturmstraße 5, Suite 02-101, 80331 München, Germany.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://newrelic.com/termsandconditions/privacy.

We use the service on our website Rollbar. The provider of the service is the Rollbar Inc., 665 3rd St Ste 150, San Francisco, California, 94107, USA.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://docs.rollbar.com/docs/privacy-policy.

We use ratings platforms to display reviews on our website and thereby build trust with users. Reviews collected by the ratings platforms are published on our website. When the website is called up, a connection to the respective provider is established and data about the website visitor is transferred. Personal data that is processed includes the IP address.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Trusted Shops. The provider of the service is the Trusted Shops GmbH, Subbelrather Straße 15c, 50823 Köln, Germany.

Further information can be found in the provider's data protection information at the following URL: https://business.trustedshops.at/impressum#a0_content.

In order to comply with data protection requirements, we use a consent management tool on our website. This tool enables us to obtain the necessary consents for the setting of cookies or the use of external services. We then store these consents.

The data processing is necessary for compliance with a legal obligation to which the data controller (website operator) is subject. Article 6(1)(c) GDPR is therefore used as the legal basis for the processing.

We use the service on our website Amasty GDPR. The provider of the service is the Amasty, Metochiou 73, Egkomi, 2407, Nicosia, Cyprus.

Since this service is hosted locally on the web server, no data transfer to third parties takes place.

We use a content delivery network (CDN) to optimise the performance and availability of our website. For this purpose, the service provider who makes this network available will process your IP address and information about when you visited our website. All further information on data processing by this service provider can be found in the company’s privacy notice.

This processing is based on our legitimate interest (Article 6(1)(f) GDPR).

Our legitimate interest in using a content delivery network is to be able to display our website as quickly, securely and reliably as possible.

We use the service on our website Amazon CloudFront. The provider of the service is the Amazon Web Services EMEA S.à r.l., 38 Avenue John F. Kennedy L-1855, Luxembourg.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://aws.amazon.com/de/privacy/.

We use the service on our website CloudFlare. The provider of the service is the Cloudflare Germany GmbH, Rosental 7, 80331 München, Germany.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://www.cloudflare.com/privacypolicy/.

We use the service on our website RudderStack. The provider of the service is the RudderStack, 96 S. Park Street, San Francisco 94107, USA.

The use of the service may result in data transfer to a third country (USA).

Further information can be found in the provider's data protection information at the following URL: https://www.rudderstack.com/privacy-policy.

We use a customer relationship management system to better manage our customer relationships. This enables us to display customer relationship processes clearly and to keep them organised. This includes existing and potential customers. As a result, personal data such as the customer’s name and address is processed.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Zendesk Sell CRM. The provider of the service is the Zendesk GmbH, Neue Schönhauser Str. 3-5, 10178 Berlin, Germany.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://www.zendesk.de/company/agreements-and-terms/privacy-notice/.

In order to better comply with data protection requirements, we use appropriate software. This software supports us in complying with data protection regulations.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website ALFRIGHT Datenschutzhinweise. The provider of the service is the Lukmann Consulting GmbH, Packerstraße 131a, A-8561 Söding, Austria.

This processing is based on our legitimate interest (Article 6(1)(f) GDPR).

This service helps us to keep our privacy notice up to date and legally compliant at all times. We therefore rely on our legitimate interest as the relevant legal basis.

We use tools on our website that allow us to create surveys and forms and integrate them on our website. We use these tools to conduct surveys on various topics on our website. Through these forms, we can ask questions and provide information on any topic and integrate them into the website. As a visitor to the website, you can complete the forms or respond to the surveys. As a visitor to the website, your personal data is processed when you visit the website, complete a form or respond to a survey. In particular, this includes your IP address, as well as other data you enter into forms or in response to surveys while visiting the website. This personal data is processed by the website operator and by the provider of the survey or form tool (our processor) and stored on their servers.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Typeform. The provider of the service is the TYPEFORM SL, Carrer Bac de Roda, 163, local, 08018 Barcelona, Spain.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://admin.typeform.com/to/dwk6gt/.

In order to publish or refer to job vacancies, we have integrated elements of job portals on the website.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Greenhouse. The provider of the service is the Greenhouse Software, Inc., 228 Park Ave. S PMB 14744, New York, New York 10003-1502 US, USA.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://www.greenhouse.com/de/privacy-policy.

Our website uses tools that offer services related to campaigns, web analytics and personalisation. This enables a central and comprehensive collection of all data, which in turn is necessary for the optimisation and planning of digital campaigns. Our advertising partners may use these services on our website to profile your interests and show you relevant adverts on other websites.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Linkster INT. The provider of the service is the Linkster GmbH, Colonnaden 5, 20354 Hamburg, Germany.

Further information can be found in the provider's data protection information at the following URL: https://linkster.co/privacy-policy/.

We use the service on our website ReferralCandy. The provider of the service is the Anafore Pte. Ltd., 71 Ayer Rajah Crescent, #06-26, Singapur 139951, Singapore.

The use of the service may result in data transfer to a third country (Singapore).

Further information can be found in the provider's data protection information at the following URL: https://www.referralcandy.com/privacy.

As part of our marketing, we offer you the opportunity to subscribe to our newsletter via our website. To subscribe to the newsletter, you will go through a registration process during which we check that you are the owner of the email address provided and that you agree to receive our newsletter. The data will remain with us or with the newsletter service commissioned by us for the period from your voluntary registration until you unsubscribe from the newsletter. If you unsubscribe from the newsletter, you will be deleted from the distribution list. This list is not merged with other data. However, deletion from the newsletter subscription does not mean that data stored for other purposes (for example customer accounts) is also deleted.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Brevo. The provider of the service is the Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

Since this service is hosted locally on the web server, no data transfer to third parties takes place.

We use the service on our website Klaviyo. The provider of the service is the Klaviyo, Inc., 125 Summer St, Floor 6 Boston, MA 02111, USA.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://www.klaviyo.com/legal/privacy-policy.

We integrate online media into our website to facilitate the general delivery of content and integration of information. This allows us to include additional information from other service providers and partners on the website.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website MSN. The provider of the service is the Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://privacy.microsoft.com/de-de/privacystatement.

We use the service on our website Ted. The provider of the service is the TED, TED Conferences LLC , 330 Hudson Street, 12th floor , New York, NY 10013, USA.

The use of the service may result in data transfer to a third country (USA).

Further information can be found in the provider's data protection information at the following URL: https://www.ted.com/about/our-organization/our-policies-terms/privacy-policy.

We use tools on our website which aim to optimise the website’s performance. These are intended to improve the user experience when visiting the website.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Uptimia. The provider of the service is the JJ Online GmbH, Schönhauser Allee 163, 10435 Berlin, Germany.

The use of the service may result in data transfer to a third country (Canada). The European Commission has confirmed an adequate level of data protection for the country in an adequacy decision.

Further information can be found in the provider's data protection information at the following URL: https://www.iubenda.com/privacy-policy/69874470.

Business processes run faster, more cheaply and with fewer errors if they are automated using software via interfaces. This allows them to be efficiently integrated into the company's processes via its own website or social networks. We use interface software on our website to link different applications and to transfer personal data securely from one application to another.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Google Tag Manager. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

To make it easier to find content on our website, a search engine from a third-party provider has been installed. The installation of the search engine on the website results in the transmission of technical data such as the IP address to the third-party provider.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Google. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

Software frameworks facilitate interaction with a platform by creating a standardized interface to it. Frameworks are used to reduce development effort for recurring software requirements and to ensure code and feature reusability. Some software frameworks implement security features to prevent improper use of the website. Software frameworks can increase function, accessibility, security and performance with little effort. Other use cases can also be covered by software frameworks.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website PHP.net. The provider of the service is the The PHP Group, 1400 Parkmoor Ave, Ste 100, San Jose, California, 95126, USA.

Since this service is hosted locally on the web server, no data transfer to third parties takes place.

This processing is based on our legitimate interest (Article 6(1)(f) GDPR).

This application is required to ensure the unrestricted functionality of the website.

We use social media plugins to connect our website with our social media channels. The integration of the plugins is intended to make it easier for visitors to our website to follow our channels on social networks and to share, like or comment on content. Some social media plugins enable the user behaviour of website visitors to be analysed with regard to their behaviour on social networks. The use of plugins is intended to raise our profile and increase the number of followers on our channels.

The plugins also process personal data and transfer data to these social networks. This transmission occurs as soon as the website is accessed. Processed data includes, for example: Name, address, email address, telephone number, access time, device information, IP address.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Facebook. The provider of the service is the Meta Plattform Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Dublin, D02x525,, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://www.facebook.com/privacy/policy.

We use the service on our website Facebook Connect. The provider of the service is the Meta Plattform Ireland Limited (Marketplace), 4 Grand Canal Square Grand Canal Harbour Dublin 2, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://de-de.facebook.com/policy.php.

We use the service on our website TikTok. The provider of the service is the TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://www.tiktok.com/legal/privacy-policy-eea?lang=de.

We integrate audio files and videos into our website. These are retrieved from the server of our provider, the so-called audio or video platform. In order to be able to play an audio file or a video, your end device establishes a connection with the audio or video platform and transmits personal data to it. This includes in particular your IP address and any location data or information about your browser and end device.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Vimeo. The provider of the service is the Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York 10001, USA.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://vimeo.com/privacy.

We use the service on our website YouTube. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

This site uses so-called web fonts for the uniform display of fonts, which are provided by an external provider and loaded by the browser when the website is accessed. When web fonts are loaded, the web font provider becomes aware that our website has been accessed from your IP address, as your browser establishes a direct connection to the web font provider.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Adobe Typekit. The provider of the service is the Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://www.adobe.com/de/privacy/policy.html.

We use the service on our website Font Awesome. The provider of the service is the Fonticons Inc., 307 S Main St Bentonville, Arkansas 72712, USA.

The use of the service may result in data transfer to a third country (USA).

Further information can be found in the provider's data protection information at the following URL: https://fontawesome.com/privacy.

We use the service on our website Google Fonts. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

We use tools that protect against unauthorised access, spam or other attacks on our website. This increases the security of our website.

This processing is based on our legitimate interest (Article 6(1)(f) GDPR).

Our legitimate interest is to be able to guarantee the security of our website and to protect ourselves from unauthorised access, spam and other attacks.

We use the service on our website Google Content Security Policy. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

We use the service on our website Google Recaptcha. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

As there is no technical necessity for the use of the tool, the legal basis is consent.

We offer you our products and/or services via our online shop. In the context of product and/or service sales, we collect, process and use your personal data (for example, your name, your contact details, but also access times, device information or your IP address) for the handling of the purchase and payment process.

This processing is based on our legitimate interest (Article 6(1)(f) GDPR).

Our legitimate interest is in the error-free display and optimisation of our online shop.

We use the service on our website Adobe Commerce. The provider of the service is the Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland.

Since this service is hosted locally on the web server, no data transfer to third parties takes place.

Our website uses tools that facilitate or enable the placement of advertising, as well as evaluating its success. For this purpose, personal data is processed, in particular the IP address, access times and device information.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Google Ads. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

We use the service on our website Google AdSense. The provider of the service is the Google Ireland Limited (GV), Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

We use the service on our website Google Double Click. The provider of the service is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

We integrate the services of a specialist payment service provider on our website. If you make a purchase from us, your payment details (e.g. name, payment amount, account details, credit card number) will be transmitted to our payment service provider and processed by them for payment processing. The contractual and privacy provisions of the provider we have selected apply to these transactions.

Processing only occurs if you expressly give consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent Art. 6(1)(a) GDPR. Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the revocation remains unaffected.

We use the service on our website Stripe. The provider of the service is the Stripe Payments Europe Limited, The One Building, 1, Lower Grand Canal Street, Dublin 2, Ireland.

The use of the service may result in data transfer to a third country (USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://stripe.com/at/privacy.

You have the option to contact us via a form on the website. In order to contact to be established via this form, we need your contact details in particular.

The legal basis for data processing here is to fulfil a contract or pre-contractual measures in accordance with Article 6(1)(b) GDPR . There may also be a legitimate interest in maintaining business relationships or answering your request for other reasons.

In this case, the legal basis for the processing of your data would be Article 6(1)(f) GDPR.

The data will be deleted when we have resolved your request and no other retention obligations apply.

Social networks process personal data of their users on a large scale. Visiting our profiles on such networks leads to the processing of your IP address and other information about the used devices, among other things, which enables the IP addresses to be reassigned to individual users. We cannot influence this data processing. Therefore we have to point out that visiting our profiles on the social networks and using their functions is at your own risk. Details on data processing can be found in the operator's data protection declaration.

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Detailed information about the handling of personal data can be found in the following data protection declaration of Facebook: https://www.facebook.com/about/privacy/.

The purpose of our profiles on social media platforms is to increase our Internet presence and the associated greater notoriety. Therefore, legitimate interest in accordance with Article 6 (1)(f) GDPR is to be used as the legal basis. Furthermore, with regard to the processing activities by the social networks, we refer to their own legal bases (e.g. consent in accordance with Article 6 (1)(a) GDPR), which can be found in the respective data protection declaration.

Together with the social media platform, we are responsible for the data processing operations triggered when you visit our profile. You can therefore assert your rights as a data subject in accordance with the GDPR against the social media platform and against us. However, we would like to point out that we cannot influence the processing of data by the social media platform.

Social networks process personal data of their users on a large scale. Visiting our profiles on such networks leads to the processing of your IP address and other information about the used devices, among other things, which enables the IP addresses to be reassigned to individual users. We cannot influence this data processing. Therefore we have to point out that visiting our profiles on the social networks and using their functions is at your own risk. Details on data processing can be found in the operator's data protection declaration.

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Detailed information about the handling of personal data can be found in the following data protection declaration of Facebook: https://help.instagram.com/519522125107875.

The purpose of our profiles on social media platforms is to increase our Internet presence and the associated greater notoriety. Therefore, legitimate interest in accordance with Article 6 (1)(f) GDPR is to be used as the legal basis. Furthermore, with regard to the processing activities by the social networks, we refer to their own legal bases (e.g. consent in accordance with Article 6 (1)(a) GDPR), which can be found in the respective data protection declaration.

Together with the social media platform, we are responsible for the data processing operations triggered when you visit our profile. You can therefore assert your rights as a data subject in accordance with the GDPR against the social media platform and against us. However, we would like to point out that we cannot influence the processing of data by the social media platform.

Social networks process personal data of their users on a large scale. Visiting our profiles on such networks leads to the processing of your IP address and other information about the used devices, among other things, which enables the IP addresses to be reassigned to individual users. We cannot influence this data processing. Therefore we have to point out that visiting our profiles on the social networks and using their functions is at your own risk. Details on data processing can be found in the operator's data protection declaration.

We have a profile on LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

Detailed information about the handling of personal data can be found in the following data protection declaration of LinkedIn: https://www.linkedin.com/legal/privacy-policy.

The purpose of our profiles on social media platforms is to increase our Internet presence and the associated greater notoriety. Therefore, legitimate interest in accordance with Article 6 (1)(f) GDPR is to be used as the legal basis. Furthermore, with regard to the processing activities by the social networks, we refer to their own legal bases (e.g. consent in accordance with Article 6 (1)(a) GDPR), which can be found in the respective data protection declaration.

Together with the social media platform, we are responsible for the data processing operations triggered when you visit our profile. You can therefore assert your rights as a data subject in accordance with the GDPR against the social media platform and against us. However, we would like to point out that we cannot influence the processing of data by the social media platform.

If you use the login form on our website, we process your personal data for the purpose of authentication and to provide access to certain protected content or functions. If re-registration is possible, we process your data to create a user account and to provide the associated functions and services.’

Processing is generally based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. If access to certain content or functions is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, the processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. In addition, processing may be based on Art. 6 para. 1 lit. f GDPR if there is a legitimate interest in secure, reliable and user-specific access control.

If you use the order form on our website, we process your personal data for the purpose of processing and handling your order and to fulfil any resulting contractual obligations. Insofar as payment data is collected, it is processed to carry out and process the payment transaction.

The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR, insofar as it serves the fulfilment of a contract or pre-contractual measures. In certain cases, processing may also take place on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR, for example if you provide additional voluntary information or consent to further processing.

Social networks process personal data of their users on a large scale. Visiting our profiles on such networks leads to the processing of your IP address and other information about the used devices, among other things, which enables the IP addresses to be reassigned to individual users. We cannot influence this data processing. Therefore we have to point out that visiting our profiles on the social networks and using their functions is at your own risk. Details on data processing can be found in the operator's data protection declaration.

We have a profile on X. The provider of this service is X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Detailed information about the handling of personal data can be found in the following data protection declaration of X: https://twitter.com/de/privacy.

The purpose of our profiles on social media platforms is to increase our Internet presence and the associated greater notoriety. Therefore, legitimate interest in accordance with Article 6 (1)(f) GDPR is to be used as the legal basis. Furthermore, with regard to the processing activities by the social networks, we refer to their own legal bases (e.g. consent in accordance with Article 6 (1)(a) GDPR), which can be found in the respective data protection declaration.

Together with the social media platform, we are responsible for the data processing operations triggered when you visit our profile. You can therefore assert your rights as a data subject in accordance with the GDPR against the social media platform and against us. However, we would like to point out that we cannot influence the processing of data by the social media platform.

Social networks process personal data of their users on a large scale. Visiting our profiles on such networks leads to the processing of your IP address and other information about the used devices, among other things, which enables the IP addresses to be reassigned to individual users. We cannot influence this data processing. Therefore we have to point out that visiting our profiles on the social networks and using their functions is at your own risk. Details on data processing can be found in the operator's data protection declaration.

We have a profile on YouTube. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Detailed information about the handling of personal data can be found in the following data protection declaration of YouTube: https://policies.google.com/privacy?hl=de.

The purpose of our profiles on social media platforms is to increase our Internet presence and the associated greater notoriety. Therefore, legitimate interest in accordance with Article 6 (1)(f) GDPR is to be used as the legal basis. Furthermore, with regard to the processing activities by the social networks, we refer to their own legal bases (e.g. consent in accordance with Article 6 (1)(a) GDPR), which can be found in the respective data protection declaration.

Together with the social media platform, we are responsible for the data processing operations triggered when you visit our profile. You can therefore assert your rights as a data subject in accordance with the GDPR against the social media platform and against us. However, we would like to point out that we cannot influence the processing of data by the social media platform.

Google also transfers and processes data in the USA. There is currently no adequate level of protection for data transfers to the USA. For this reason, there are risks when processing the data. Whatsapp uses standard contractual clauses and is part of the Data Privacy Framework, whereby Google undertakes to ensure an adequate level of data protection.

Visitors have the option to register on our website. This requires the provision of personal data. Registration enables us to offer services or contents that require special information about you. This personal data is processed and stored exclusively for the use of the corresponding service or offer. The purpose of the processing is the fulfillment of pre-contractual services, the fulfillment of contracts and/or the provision of customer care.

This data is generally stored for the period during which you are registered on our website. Any storage beyond this may take place if this becomes necessary due to legal provisions.

The legal basis for processing as described above in this sub-item is consent (Article 6 (1)(a) GDPR). The data subject has consented to the processing of their personal data with their free, express and prior consent. We proceed in the same way if data subjects revoke their consent.

If registration on the website is necessary in order to process contract-related content, we rely on the legal basis for the fulfillment of a contract in accordance with Article 6 (1)(b) GDPR. 

Collection and processing of personal data

When you visit our webshop, we collect data that is required for the use of the webshop and the processing of your order.

Purpose and type of data processing:

- Order processing: When you place an order, we collect your name, address, e-mail address, telephone number (optional) and payment information.

- Customer account: If you create a customer account, we also store your access data.

- Legal basis: The processing is necessary for the performance of a contract pursuant to Art. 6 para. 1 lit. b GDPR.

Forwarding of personal data

a) Shipping service provider

In order to deliver your order, we pass on your address data to the shipping service provider commissioned to deliver the goods. This is done exclusively for the purpose of fulfilling the contract.

Legal basis: Art. 6 para. 1 lit. b GDPR

b) Payment service provider

For the processing of payments, we pass on payment data to the commissioned payment service providers. The data is processed in accordance with Art. 6 para. 1 lit. b GDPR for the fulfillment of the contract. 

Translated with DeepL.com (free version)