Data protection

Who is responsible for data collection on this website?

Godelmann GmbH & Co. KG, Industriestrasse 1, 92269 Fensterbach (hereinafter: "We") is the operator of the website www.godelmann.de and thus the controller within the meaning of Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR). 
If you have any questions, please contact info@godelmann.de.

 

General information

Thank you for visiting the website of Godelmann GmbH & Co. KG. In this data protection declaration, we provide comprehensive information about our handling of personal data and inform you about your rights. Compliance with data protection regulations is a matter of course for us and an important basis for trust

 

DATA PROTECTION AT A GLANCE

 

Who is responsible for data collection on this website?

Godelmann GmbH & Co. KG, Industriestrasse 1, 92269 Fensterbach (hereinafter: "We") is the operator of the website www.godelmann.de and thus the controller within the meaning of Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR). 
If you have any questions, please contact info@godelmann.de.

 

How do we collect your data?

Your data is collected on the one hand when you provide it to us (e.g. via a contact form or when placing an order) and on the other hand when your visit to our website is recorded by our IT systems. This data is collected automatically as soon as you enter our website.

 

What do we use your data for?

We only use the data for the purpose for which it was collected from you. We may further process the data for another purpose, unless this other purpose is incompatible with the original purpose (Art. 5 para. 1 lit. c) GDPR).
The purposes are in particular the provision of a website, the processing of customer inquiries, the maintenance of customer contact and the processing of orders.

 

What rights do you have regarding your data?

You are entitled to the rights under the GDPR. In particular, this includes a right to information and a right to request the rectification, blocking or erasure of your data. In order to assert your rights as a data subject, we must also process your data.

DATA PROTECTION IN DETAIL

 

Responsibility for data processing

Godelmann GmbH & Co. KG, Industriestrasse 1, 92269 Fensterbach (hereinafter: "We") is the operator of the website www.godelmann.de and thus the controller within the meaning of Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR).

If you have any questions, please contact info@godelmann.de.
Further details and contact information can be found in the website's legal notice.

 

Data Protection Officer

You can contact our data protection officer as follows

Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

Phone: 0941 2986930
E-mail: anfrage@projekt29.de
Internet: www.projekt29.de

 

RIGHTS OF THOSE AFFECTED

 

Your rights as an affected person

As an affected person, you have the following rights with regard to your personal data. You have:

  • A right to information about, among other things, the categories of data processed, the purposes of processing, the storage period and any recipients, in accordance with Art. 15 GDPR and Section 34 BDSG.
  • A right to rectification or erasure of inaccurate or incomplete data, in accordance with Art. 16 and 17 GDPR and Section 35 BDSG.
  • Under the conditions of Art. 18 GDPR or Section 35 (1) sentence 2 BDSG, a right to restriction of processing.
  • A right to object to the processing in accordance with Art. 21 para. 1 GDPR, insofar as the data processing was carried out on the basis of a legitimate interest.
  • A right to withdraw consent given with effect for the future in accordance with Art. 7 para. 3 GDPR.
  • A right to data portability in a commonly used format pursuant to Art. 20 GDPR.
  • In accordance with Art. 22 GDPR, you have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or similarly significantly affects you. This also includes profiling within the meaning of Art. 4 No. 4 GDPR.
  • You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data by us in accordance with Art. 77 GDPR, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

 

Procedure for rights of those affected

If you assert your rights against us in accordance with the GDPR and the BDSG, we will process the data you provide to us in order to fulfill your claim.

We will then store the data you provide to us and the data we provide to you in return for the purpose of documentation until the expiry of the limitation period under regulatory offense law (3 years).

The legal basis for the processing and storage of the data is Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our obligation to comply with your request and the need to be able to exonerate ourselves in possible fine proceedings by proving that we have duly complied with your request.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice. However, we would like to point out that the processing of your data to prove compliance with the rights of the data subject is mandatory within the meaning of Art. 21 para. 1 GDPR, as other means of proof do not exist or are not equally suitable.

 

Data protection measures

We use technical and organizational measures to protect our website and other systems - and therefore also your data - against loss, destruction, access, modification or dissemination by unauthorized persons. In particular, your personal data is transmitted in encrypted form via the Internet. We use the common encryption protocol TLS (Transport Layer Security).

However, the transmission of information via the Internet is never completely secure, which is why we cannot guarantee 100% security of the data transmitted from our website. 

MODALITIES OF DATA PROCESSING

 

Sources and categories of personal data

We process your personal data insofar as it is necessary for the establishment, content or amendment of a contractual relationship between us and you (inventory data). Inventory data can be in particular Name, title, contact data (postal address, telephone, e-mail address), date of birth, etc.
We also process your usage data. Usage data is data that is generated by your behavior when using our website and our services, in particular your IP address, the start and end of your visit to our website and information about what content you have accessed on our website.

We collect the aforementioned data either directly from you (e.g. through your visit to the website) or, insofar as this is permitted under data protection laws, from third parties or publicly accessible sources (e.g. commercial and association registers, press, media, Internet). We may also receive data from third parties in the context of contract processing, e.g. from the payment service provider used.

 

Data transfer to third countries outside the EU


All information that we receive from you or about you is generally processed on servers within the European Union. Your data will only be transferred to or processed in third countries without your express consent if this is provided for or permitted by law and an appropriate level of data protection is ensured in the third country. 

 

Forwarding of data, order processing

We never pass on your personal data to third parties without authorization. However, we may disclose your data to third parties in particular if you have consented to the disclosure of data, if the disclosure is necessary to fulfill our legal obligations or if we are entitled or obliged to disclose data due to legal provisions or official or court orders. In particular, this may involve the provision of information for the purposes of criminal prosecution, to avert danger or to enforce intellectual property rights.

We transmit personal data to third parties if and insofar as this is necessary in the context of contract processing, for example to the companies entrusted with the delivery of the goods or the credit institution commissioned with payment processing. Any further transmission of data will not take place or will only take place if you have expressly consented to the transmission. The basis for this data processing is Art. 6 para. 1 sentence 1 lit. b) GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Under certain circumstances, we may also transfer your data to external service providers who process data on our behalf and in accordance with our instructions (processors) in order to simplify or relieve our own data processing. Each processor is bound by a contract in accordance with Art. 28 GDPR. This means in particular that the processor must provide sufficient guarantees that suitable technical and organizational measures are implemented by the processor in such a way that the processing is carried out in accordance with the requirements of the GDPR and the protection of your rights as a data subject is guaranteed. Despite commissioning processors, we remain responsible for the processing of your personal data within the meaning of data protection laws.

 

Purpose of data processing

We only use the data for the purpose for which your data was collected. We may only process the data for another purpose if this other purpose is not incompatible with the original purpose (Art. 5 para. 1 lit. c) GDPR).

Our processing purposes are in particular the provision of a website, the processing of customer inquiries, the maintenance of customer contact and the processing of orders.

 


Storage period

Unless otherwise specified in detail, we will only store the data collected from you for as long as is necessary for the respective purpose, unless statutory retention obligations prevent deletion, e.g. under commercial law or tax law.

 

 

INDIVIDUAL PROCESSING ACTIVITIES

 

In the following, we would like to show you as transparently as possible which of your data we process, on what occasion, on what basis and for what purpose.

DATA PROCESSING IN THE COURSE OF BUSINESS

 

Data of interested parties

If you are interested in our offers, you can contact us at any time. By contacting us, you consent to the processing and storage of the data you provide (in particular your e-mail address) in order to process your request.

We will only process the data you send us until the purpose for which you contacted us has been achieved, unless statutory retention periods prevent this. If the purpose of your contact is the assertion of data subject rights, the information in the section "Your rights as a data subject" applies.

The legal basis for the use of the data you transmit to us by contacting us is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the contact details provided in the legal notice or our form above. Please note, however, that we will then no longer process your request.

 

Customer data

If you order goods from us, it is necessary for the conclusion of the contract and the processing of your order that we process certain data about you for the purpose of fulfilling the contract. As a rule, we receive this data directly from you through your order.

Furthermore, it may be necessary to pass on your data to third parties, e.g. banks/payment service providers, logistics companies, etc. You can find more information on this in our General Terms and Conditions and below under "Third-party services".

The legal basis for the use of your data is generally Art. 6 para. 1 sentence 1 lit. b) GDPR (data processing for the performance of a contract). The legal basis for the data voluntarily provided by you in the booking process is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the contact details provided in the imprint or our form above.

We may also process the data you provide in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.

We are obliged by commercial and tax law to store your address, payment and order data. However, we restrict processing after two years, i.e. your data will only be used to comply with legal obligations.

To prevent unauthorized access by third parties to your personal data, in particular financial data, the booking process via the website is encrypted using TLS technology.

 

Applicant data

If you are interested in working for our company, it is necessary to process your personal data during the application process.

We use the data you send us to process your application and to communicate with you, in particular to assess your suitability for current or future employment in our company.

If your application is successful, our HR department will add your data to your personnel file when you are hired. If your application is unsuccessful, we will store your data for a period of six months from the date you receive the decision. Your data will only be accessed during this period if you wish us to justify our decision, to defend ourselves against legal claims or to detect abusive applications.

After the deadline has expired, we will delete or destroy your data unless we are required by law to store your data for longer. If you have applied by letter post, we will return your application documents to you by letter post, provided you have given us a domestic postal address and wish them to be returned. Otherwise, your documents will be destroyed if the application process is unsuccessful.

The legal basis for the processing of the data provided by you in the course of the application is Art. 88 para. 1 GDPR in conjunction with Section 26 para. 1 BDSG (data processing in the employment context).

We reserve the right to anonymize applicant data so that it is no longer possible to draw conclusions about your person and to subsequently evaluate it for internal statistical purposes. We will not carry out any further evaluation without your consent.

DATA COLLECTION WHEN VISITING OUR WEBSITE

 

Server log files

When a website is accessed and data is retrieved from a server, general information is automatically transmitted to the server providing it. This data transmission takes place automatically and is a fundamental component of communication between devices on the Internet.

The data transmitted by default includes the following information, among others: Your IP address, product and version information about the browser and operating system used (so-called user agent), the website from which your access took place (so-called referer), date and time of the request (so-called timestamp). In addition, the http status and the amount of data transferred as part of this request are recorded.

This information is logged by the server, stored in a table and saved there for a short time (so-called server log files). By analyzing these log files, we can identify and subsequently rectify errors on the website, determine the utilization of the website at certain times and make adjustments or improvements based on this. We can also ensure the security of the server by being able to trace the IP address from which attacks on our server were carried out. We do not merge this data with other data sources.

Your IP address is only stored for the duration of your use of the website and is then immediately deleted or made partially unrecognizable by shortening it. The remaining data is stored for a limited period of time (usually 7 days).

The legal basis for the use of server log files is Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from the necessity for the operation and maintenance of our website, as we have explained above. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice. However, we would like to point out in advance that the processing of your data in server log files is mandatory within the meaning of Art. 21 para. 1 GDPR, as otherwise the website cannot be operated at all.

 

Usercentrics

This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, website:
https://usercentrics.com/de/ (hereinafter referred to as "Usercentrics").

When you visit our website, the following personal data is transmitted to Usercentrics:

- Your consent(s) or the withdrawal of your consent(s)
- your IP address
- Information about your browser
- Information about your end device
- Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consents you have given or revoke them. The data collected in this way is stored until you ask us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Usercentrics is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

We have concluded an order processing contract (AV) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract prescribed by data protection law, which guarantees that the provider will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

 

Cookies and web storage

Due to the technical requirements of our website and to improve user-friendliness, we use so-called "cookies" or the "web storage" of your browser. In short, this means that when you visit our website, data can be stored on your end device and read out again by our server.

 

What cookies or web storage are

Put very simply, a cookie is a small text file that stores data about websites visited. Cookies can be used in many different ways. For example, they can store a kind of "user profile", i.e. things like your preferred language and other page settings that are required by our website in order to offer you certain services. The cookie file is stored on your end device and can also help to recognize you when you return to our website. 
We may also be able to use cookies to obtain information about your preferred activities on our website and thus tailor our website to your individual interests or even increase the speed of navigation on our website.

Web storage is also a technology for web applications that is used to store data on an end device. In simple terms, web storage can be seen as a further development of cookies, but differs from them in a number of ways. In contrast to cookies, web storage is completely controlled by the client. This means that data is not transferred to the server each time the website is accessed. Access takes place exclusively locally via scripts on the website. In concrete terms, this means that third parties cannot access the information stored on the website. Only you and we can access the locally stored data.

 

How you can avoid cookies

You can delete cookies manually at any time in the security settings of your browser.

You can also prevent the storage of cookies from the outset by selecting the appropriate settings in your browser. Please note, however, that you may then not be able to use all the functions of our website to their full extent or that errors may occur in the display and use of the website. 

Third-party providers

It is possible that third-party providers, with the help of which we design and operate our website, in particular through so-called plugins (see below in the section "Third-party services"), may independently store and read their own cookies or data in web storage on your end device. If you only want to accept our own cookies, but not cookies from these third parties, you can prevent the storage of these cookies by selecting the appropriate browser setting "Block third-party cookies". Even then, however, errors may occur when using the website.

 

Which cookies are used
In detail, our website uses the following cookies:

 

  • Name: _ga
    Explanation: Contains a randomly generated user ID. Google Analytics can use this ID to recognize returning users on this website and merge data from previous visits.
    Origin: www.godelmann.de
    Validity/storage period: 2 years
    Third party access: Yes, Google
     
  • Name: _gat
    Erläuterung: Bestimmte Daten werden nur maximal einmal pro Minute an Google Analytics gesendet. Das Cookie hat eine Lebensdauer von einer Minute. Solange es gesetzt ist, werden bestimmte Datenübertragungen unterbunden.
    Herrkunft: www.godelmann.de
    Gültigkeit/Speicherdauer: 1 Minute
    Zugriff Dritter: Ja, Google
     
  • Name: _gat_gtag_UA_77528942_1
    Explanation: Certain data is only sent to Google Analytics a maximum of once per minute. The cookie has a lifespan of one minute. As long as it is set, certain data transmissions are prevented.
    Origin: www.godelmann.de
    Validity/storage period: 1 minute
    Third party access: Yes, Google
     
  • Name: _gid
    Explanation: Contains a randomly generated user ID. Google Analytics can use this ID to recognize returning users on this website and merge data from previous visits.
    Origin: www.godelmann.de
    Validity/storage period: 24 hours
    Third party access: Yes, Google
     
  • Name: cookie-agreed
    Explanation: Saves the consent to the use of cookies.
    Origin: www.godelmann.de
    Validity/storage period: 1 week
    Third party access: No
     
  • Name: cookie-agreed_categories
    Explanation: Saves the types of cookies whose use has been consented to.
    Origin: www.godelmann.de
    Validity/storage period: 1 week
    Third party access: No
     
  • Name: has_is
    Explanation: Saves whether Javascript is activated.
    Origin: www.godelmann.de
    Validity/storage duration: End of session
    Third party access: No
     
  • Name: flags
    Explanation: Notepad for pictures
    Origin: www.godelmann.de
    Validity/storage period: 3 days
    Third party access: No
     
  • Name: SSESSead2d075335a16fe59a0d0554e75337e
    Explanation: Session cookie
    Origin: www.godelmann.de
    Validity/storage period: 23 days
    Third party access: No

Legal basis

The legal basis for the use of cookies and web storage, which is absolutely necessary for the function of the website (e.g. for the shopping cart function or session assignment), is Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our desire to be able to offer you a technically functioning website. Cookies and web storage are necessary for this because they are an integral part of current Internet technology and many functions of current websites would otherwise not be available. We therefore use these technologies in order to be able to provide you with the website at your request.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

However, we would like to point out that the processing of your data is mandatory in certain cases within the meaning of Art. 21 para. 1 GDPR, as otherwise the website cannot be operated at all and we do not have the technical possibility to prevent the storage of data on certain individual end devices. However, you may be able to do this yourself in your browser. For more information, please refer to the instructions for your browser.

The legal basis for the use of cookies and web storage, which is not absolutely necessary for the function of the website, is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). When you first access the website, we ask you for your consent to the use of cookies via an information text that is displayed. You can revoke your consent at any time with effect for the future by deleting all cookies in your browser. You can find out how to do this in your browser in the browser instructions.

How to contact us

Our website offers you the opportunity to contact us directly. By contacting us, you consent to the processing and storage of your transmitted data (in particular your e-mail address) for the purpose of processing your request.

We will only process the data you send us until the purpose for which you contacted us has been achieved, unless statutory retention periods prevent this. If the purpose of your contact is the assertion of data subject rights, the information in the section "Your rights as a data subject" applies.

We require the following information from you:

  • Surname and first name: It is necessary for us to know your name because we would like to contact you personally. This information is also required for the initiation of contracts and to prevent misuse.
  • Address: The information is required to initiate contracts and to prevent abuse
  • E-mail address: It is necessary for us to know your e-mail address because otherwise we will not be able to answer your request quickly.
  • Message: The text of your inquiry provides the framework for the data processing we carry out.

 

The legal basis for the use of the data transmitted to us by you by contacting us is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the contact details provided in the legal notice or our form above. Please note, however, that we will then no longer process your request

The legal basis for the processing of mandatory data is Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). We have set out the legitimate interest in the list above.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

 

Newsletter

We offer to keep you regularly up to date with our newsletter and inform you about special offers. To subscribe to the newsletter, you can enter your e-mail address in our distribution list. You must then confirm your registration again (double opt-in procedure). We only use the data you send us for the purpose of sending the newsletter and do not pass it on to third parties for any other purpose.

Further information on data transfer and data processing when receiving our newsletter can be found below in the section "Third-party services - external newsletter service".

The legal basis for the processing of your email address is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the link in every newsletter email or contact us using the contact details provided in the legal notice.

Use of our webshop

If you wish to place an order in our webshop, it is essential that you provide certain data in order to conclude the contract and process your order. These details, which are essential for processing, are marked separately; all other details can be provided voluntarily. We only process the data you provide during the ordering process to process your order. If you do not provide the required data, this will mean that your order cannot be processed.

Furthermore, it may be necessary to pass on your data to third parties, e.g. banks/payment service providers, logistics companies, etc., in order to process your order. Further information can be found in our General Terms and Conditions, above under "Forwarding of data" and below in the section "Third-party services".

The legal basis for the use of your data to process the order is Art. 6 para. 1 sentence 1 lit. b) GDPR (data processing for the performance of a contract). The legal basis for the data voluntarily provided by you in the ordering process is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the contact details provided in the legal notice.

Please note that we may not be able to process your order if you do not provide certain data.

Due to commercial and tax regulations, we are obliged to store your address, payment and order data for a period of ten years. However, we restrict processing after two years, i.e. your data will only be used to comply with legal obligations.

To prevent unauthorized access by third parties to your personal data, in particular financial data, the order process is encrypted using TLS technology.

We may also process the data you provide in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.

The legal basis for the use of your contact data for this purpose is Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to send you interesting information about our offer and our company (direct advertising).

You can object to the processing of your data on the basis of our legitimate interest in direct advertising at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

We maintain a seller profile on the Amazon website. If you place an order with us via Amazon, Amazon will process your data in accordance with its privacy policy and transmit it to us for order processing. The provider itself is responsible for data processing on Amazon's websites in accordance with data protection laws. Further information on data protection at Amazon can be found at: https://www.amazon.de/gp/help/customer/display.html/ref=hp_left_v4_sib?ie=UTF8&nodeId=201909010(last accessed on 26.08.2020)

Registration on the website

Our website offers you the opportunity to register for additional, personalized functions of the site. During registration, personal data (e.g. email address and name) is collected and processed for the purpose of providing personalized services.

We require the following information from you:

  • Surname and first name: It is necessary for us to know your name because we would like to address you personally. This information is also required for the initiation of contracts and to prevent misuse.
  • Address: The information is required to initiate contracts and to prevent abuse.
  • E-mail address: It is necessary for us to know your e-mail address because otherwise we will not be able to answer your request quickly.
  • Message: The text of your inquiry provides the framework for the data processing we carry out.

The legal basis for the data provided by you during the registration process is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the contact details provided in the legal notice.

The legal basis for the processing of mandatory data is Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). We have set out our legitimate interest in the list above. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

You also have the option of changing or completely deleting the data provided during the registration process at any time.

THIRD PARTY SERVICES

 

We use third-party services/resources, such as plugins, external content, software or other external service providers (services), to simplify our data processing and to expand the functionality of our website. Personal data may also be transmitted to the service provider. If data processing is carried out on our behalf, we have contractually obliged the service providers in accordance with Art. 28 GDPR to process your data only in accordance with our instructions.

We expressly point out that we are regularly only responsible for the data collection and transmission by the service within the meaning of the GDPR, but not for any subsequent processing by the respective service provider.

We use the following services in particular:

 

WhatsApp  

WhatsApp is a service provided by WhatsApp Inc., which in turn is part of Facebook, Inc. Godelmann uses this external application exclusively as a service channel. Godelmann is in no way responsible for the content and data shared, uploaded and processed via WhatsApp outside of Godelmann's own network. WhatsApp's privacy policy applies here.

Please read WhatsApp's privacy policy (https://www.whatsapp.com/legal/) carefully before using WhatsApp. By using WhatsApp, you automatically agree to these guidelines.

When you send us a message via WhatsApp, you are sending us your telephone number. We will only use the number for WhatsApp communication with you and the chat content only to process your request.

However, please note the WhatsApp terms of use, over which we have no control: If you install and use WhatsApp on your cell phone, you agree to WhatsApp's terms of use. These include, among other things, that you grant WhatsApp Inc. access to your telephone number and the contacts stored on your phone. For questions of a personal or confidential nature (i.e. with content involving personal data), an e-mail address or telephone number should be provided for further correspondence, as we do not answer such questions via WhatsApp.

Godelmann will never ask you to share personal data with us via WhatsApp. In the event that we need your data, an employee will provide you with an option for data exchange.

Hotjar

This website uses Hotjar. The provider is Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool for analyzing your user behavior on this website. Hotjar allows us to record your mouse and scroll movements and clicks, among other things. Hotjar can also determine how long you remain with the mouse pointer in a certain place. Hotjar uses this information to create so-called heat maps, which can be used to determine which areas of the website visitors prefer to look at.

We can also determine how long you stayed on a page and when you left it. We can also determine at which point you abandoned your entries in a contact form (so-called conversion funnels).

Hotjar can also be used to obtain direct feedback from website visitors. This
function serves to improve the website operator's web offerings. 

Hotjar uses technologies that enable the recognition of the user for the purpose of analyzing user
user behavior (e.g. cookies or the use of device fingerprinting).

The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

If you wish to deactivate data collection by Hotjar, click on the following link and follow the instructions there:
https://www.hotjar.com/policies/do-not-track/

Please note that Hotjar must be deactivated separately for each browser or end device. For more information about Hotjar and the data collected, please refer to Hotjar's privacy policy at the following link:
https://www.hotjar.com/privacy

We have concluded a data processing agreement (DPA) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

USE OF GOOGLE SERVICES

 

We use the following technologies of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google technologies about your use of our website is usually transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. There is no adequacy decision by the European Commission for the USA. Our cooperation is based on standard data protection clauses of the European Commission. 
 

If your IP address is collected via Google technologies, it will be shortened by activating IP anonymization before it is stored on Google's servers. Only in exceptional cases will the full IP address be transmitted to a Google server and shortened there. Unless otherwise specified for the individual technologies, data processing is carried out on the basis of an agreement concluded for the respective technology between jointly responsible parties in accordance with Art. 26 GDPR. Further information about data processing by Google can be found in Google's privacy policy https://policies.google.com/privacy?hl=de.

Google Analytics

Our website uses the "Google Analytics" service from Google. Google Analytics GA4 uses cookies (see above under "Cookies") to enable us to analyze the use of the website by our website visitors. The information collected by the service about the use of the website by users is generally transferred to a Google server in the USA and stored and processed there. This involves the aforementioned risks of data transfer to the USA.

Among other things, the following may be transmitted Your IP address, product and version information about the browser and operating system used (so-called user agent), the website from which your access took place (so-called referrer), the date and time of the request and possibly your internet service provider. Google Analytics may also collect and transmit specific data: 

Session duration/dwell time, bounce rate, orders, account creation, viewing contact details and ratings, playing media, updating the page, adding to favorites/bookmarks, sharing content (social media), origin of the user (e.g. e-mail, Google search).

IP anonymization has been activated on our website, so that your IP address transmitted to Google is shortened before transmission outside the scope of the GDPR and thus made partially unrecognizable, i.e. anonymized. Only in exceptional cases is the full IP address first transmitted to a Google server and shortened there immediately. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

On our behalf, Google will use the information transmitted to evaluate your use of our website, compile reports on website activity and provide us with other services relating to website activity and internet usage. The service examines, among other things, the origin of visitors, the time they spend on individual pages and the use of search engines, thus allowing us to better monitor the success of advertising campaigns. 
You can find more information on the terms of use and data protection at Google Analytics at http://www.google.com/analytics/terms/de.html or at https://policies.google.com/technologies/partner-sites?hl=de

You can prevent the data generated by the cookie and related to the use of the website (incl. IP address) from being transmitted to Google or processed by Google by downloading and installing the browser plug-in available at the following link. The current link is: http://tools.google.com/dlpage/gaoptout?hl=de.

You can also prevent the setting of cookies altogether (see above "How to avoid cookies").

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website: [Deactivate Google Analytics]. Please note that the opt-out cookie is only effective until you delete your cookies.
The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). We ask for your consent to the use of the service when you first access the website via an information text that is displayed. We would like to point out that your consent also covers any transfer to the USA. We have explained the risks involved above. You can withdraw your consent at any time with effect for the future by deleting all cookies in your browser. You can find out how to do this in your browser in the browser instructions.

Google Web Fonts (local hosting)

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google fonts are installed locally. There is no connection to Google servers.

You can find more information about Google Web Fonts at
https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.

 

Google Maps

Our website uses the external map service "Google Maps" from Google. Google Maps is used to provide an interactive map on our website that shows you how to find and reach us. This service enables us to present our website in an appealing way by loading map material from an external server. The required data is usually requested from a Google server in the USA. This involves the aforementioned risks of data transfer to the USA. 
As a result of this request, the following information, among other things, is transmitted to the Google server and stored there Your IP address, product and version information about the browser and operating system used (so-called user agent), the website from which your access took place (so-called referrer), the date and time of the request and possibly your internet service provider. Google Maps may also collect and transmit the following data specifically The user's location (if you activate the corresponding function).

The legal basis for the use of Google Maps is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). When displaying the map, we ask you for your consent to the use of the service via a displayed information text. We would like to point out that your consent also covers any transmission to the USA. We have explained the risks involved above. You can withdraw your consent at any time with effect for the future by deleting all cookies in your browser. You can find out how to do this in your browser in the browser instructions.

 

Google signal

We use Google signals. When you visit our website, Google Analytics records your location, search history and YouTube history as well as demographic data (visitor data), among other things. This data can be used for personalized advertising with the help of Google Signal. If you have a Google account, the visitor data from Google Signal is linked to your Google account and used for personalized advertising messages. The data is also used to compile anonymous statistics on the user behavior of our users.

YouTube

Our website uses the video service "YouTube" from Google. YouTube is used to integrate videos into our website in various places. When videos are played, information is generally transmitted to a Google server in the USA and stored there for several months. Google uses this data to collect statistics and improve the service, among other things.

YouTube also establishes a connection to Google's own advertising network. We ourselves do not collect and process any personal data through the connection to Google's own advertising network. On the page about advertising (https://policies.google.com/technologies/ads?hl=de) you can find out more about advertising on Google, how exactly your data is used in connection with advertising and how long Google stores this data.

Due to the programming of the YouTube videos, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge: By integrating ads, Google receives the information that you have accessed the corresponding part of our website or clicked on an ad. If you are registered with a Google service, Google can assign your behavior to your account. Even if you are not registered with Google or have not logged in, it is possible for Google to create and store a usage profile about you across devices (so-called tracking).

You can prevent participation in this tracking process in several ways: 

  • by setting your browser software not to accept cookies (see "How to avoid cookies" above)
  • by deactivating cookies for conversion tracking on the following website: https://adssettings.google.com/?hl=de (this setting will be deleted if you delete your cookies) or
  • by permanently deactivating cookies in your Firefox, Internet Explorer or Google Chrome browsers under the link http://www.google.com/settings/ads/plugin. 


We would like to point out that you may not be able to use all functions of our website to their full extent due to the corresponding settings. 

We have embedded our videos in extended data protection mode to ensure that a connection to Google's servers is only established during playback. 
The service stores and analyzes cookies (see above under "Cookies") on your end device. This service uses the web storage of your browser. Further information on this can be found above.

The legal basis for the use of Google Maps is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). When displaying a video, we ask for your consent to the use of the service via a displayed information text. We would like to point out that your consent also covers any transmission to the USA. We have explained the risks involved above. You can revoke your consent at any time with effect for the future by deleting all cookies in your browser. You can find out how to do this in your browser in the browser instructions.

EXTERNAL NEWSLETTER SERVICES

 

We use external service providers to provide you with a newsletter containing current information and offers. These are cloud-based services for sending newsletters. They can be used to create, send and manage newsletters. The software is provided via the internet so that we can use it via a web interface on an external server of the respective provider.

Data processing may therefore also take place outside the EU.

In order to use the software, it is necessary to transmit the data you provided when registering for the newsletter to the respective provider. We have concluded a so-called order processing contract with the respective provider to ensure that they only process your data in accordance with our instructions.

When sending our newsletter, we use so-called web beacons or tracking pixels to analyze your reading behavior. Tracking pixels are extremely small image files that are integrated into the newsletter email and thus allow log file recording and log file analysis. When you open the newsletter email, the tracking pixel can be loaded from the newsletter service server and at the same time some information about you is transmitted, such as whether the email has been opened, the time it was opened and the associated IP address.

In addition, links in the email can provide information about which products are more interesting - i.e. clicked on more frequently than others. Both the respective web beacon/counter pixel and the links in the email can be clearly assigned to the email address used for sending and thus allow conclusions to be drawn about the respective newsletter recipient.

We use:

 

Rapidmail

This website uses Rapidmail to send newsletters. The provider is rapidmail GmbH,
Augustinerplatz 2, 79098 Freiburg i.Br., Germany. Rapidmail is a service that can be used to organize and analyse the sending of newsletters, among other things. The data you enter for the purpose of subscribing to the newsletter is stored on Rapidmail's servers in Germany.

For the purpose of analysis, the emails sent with Rapidmail contain a so-called "tracking pixel", which connects to the Rapidmail servers when the email is opened. In this way, it can be determined whether a newsletter message has been opened.

We can also use Rapidmail to determine whether and which links in the newsletter message are clicked on. All links in the email are so-called tracking links, which can be used to count your clicks. If you do not wish to be analyzed by Rapidmail, you must unsubscribe from the newsletter. We provide a link for this purpose in every newsletter message. For more information on Rapidmail's analysis functions, please see the following link:
https://de.rapidmail.wiki/kategorien/statistiken/.

The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.

After you unsubscribe from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist.
newsletter service provider in a blacklist, if this is necessary to prevent future mailings.
mailings is necessary. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
For more information, please refer to Rapidmail's data security information at
https://www.rapidmail.de/datensicherheit.

We have concluded a data processing agreement (DPA) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract prescribed by data protection law, which guarantees that the provider will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Materialo

We offer you the use of the "Materialo" service from active online GmbH, Ullrichstr. 6, 46485 Wesel, Germany. This is a service for the visualization of furnishing planning. It allows you to virtually simulate various materials from our range to give you a first impression. The software is provided via the Internet so that it can be used via a web interface on an external server of the respective provider.

When using this application, personal data is collected by the third-party provider, which it can process on our behalf in accordance with our and its data protection provisions. We have concluded a so-called order processing contract with the provider to ensure that they only process your data in accordance with our instructions.

You can find more information on the handling of user data in Materialo's privacy policy: http://www.materialo.com/index.php/de/impressum-2. 

The legal basis for the use of the service including the hosting service and the associated processing of your data is Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). We have an interest in offering you the opportunity to virtually simulate our portfolio in advance and thus increase our customer friendliness. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

 

Wall planner

We offer you the use of the "Unity3D" service from Unity Technologies ("Unity"), 30 3rd Street, San Francisco, CA 94103, USA. Unity has a European subsidiary, Unity Technologies Finland OY, Kaivokatu 8 B, 00100 Helsinki, Finland.

Unity3D is a service for the visualization of three-dimensional objects. It can be used to virtually simulate various materials from our range, assemble them into a wall and then calculate the required components.

When using the service, personal data may be transferred to the USA. In its ruling of 16.07.2020 (Ref.: C-311/18), the European Court of Justice ruled that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is not known what consequences the processing of your data by US authorities may have for you.

Our cooperation is based on standard data protection clauses of the European Commission.

When you use the website, the following information is transmitted to the Unity server and stored there: Your IP address, product and version information about the browser and operating system used (so-called user agent), the website from which your access took place (so-called referrer), the date and time of the request and possibly your Internet service provider.

You can find more information on the handling of user data in Unity's privacy policy: https://unity3d.com/legal/privacy-policy.
 

The legal basis for the use of Unity3D is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). We will ask you for your consent to use the service via an information text displayed before you access the service. We would like to point out that your consent also covers any transfer to the USA. We have explained the risks involved above. You can revoke your consent at any time with effect for the future by deleting all cookies in your browser. You can find out how to do this in your browser in the browser instructions.

 

Media library

We use the digital asset management (DAM) software of CELUM GmbH, Passaustrasse 26-28, 4030 Linz, Austria, to display a media library/download area.

The software is installed locally on our server. No connections are established to the provider of the software and no data is transmitted to the provider.

SERVICE PROVIDERS FOR THE PROCESSING OF YOUR ORDER

 

We may pass on the personal data collected from you to third parties as part of the contract processing, for example to the transport company commissioned with the delivery or the service used for payment, insofar as this is necessary for the fulfillment of the contract.

The legal basis for the transfer of data required to process the order is Art. 6 para. 1 sentence 1 lit. b) GDPR (data processing for the performance of a contract). The provision and transmission of your data is necessary because otherwise your order cannot be processed.

The legal basis for the data transmission voluntarily selected by you during the ordering process (e.g. for shipping status by email) is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the contact details provided in the legal notice.
We use the following service providers:

 

DHL

If the goods are delivered by the transport service provider DHL Paket GmbH ("DHL"), Sträßchensweg 10, 53113 Bonn, Germany, we will pass on your name and address to DHL for the purpose of delivery.

Further information on data protection at DHL can be found at: https://www.dhl.de/de/toolbar/footer/datenschutz.html 

PayPal

We use the "PayPal Plus" service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. ("PayPal"), 22-24 Boulevard Royal, L-2449 Luxembourg, for payment processing. This service enables us to provide you with various payment methods in our webshop. When you use a PayPal service, PayPal collects information about the transaction and other information related to the transaction, such as the amount sent or requested, the amount paid for products or services, merchant information including details of payment sources used for the transaction, device information, technical usage data and location data.

If you have a PayPal account, PayPal can assign the transmitted data to your account - even across devices. In principle, we have no influence on this data processing. PayPal is therefore responsible for this data processing.

Details on the data collected and information on how PayPal processes the data collected can be found in PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE  

You will also find information on banking regulations for customers in the EEA and Switzerland.

With some PayPal services, PayPal makes an advance payment and assumes a credit risk. PayPal therefore reserves the right to carry out a credit check for the credit card and direct debit payment methods. For this purpose, PayPal transmits your information (name, address, date of birth, bank account data) to credit agencies. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). If score values are included in the result of the credit check, they are based on a scientifically recognized mathematical-statistical procedure.

Further data protection information, including information on the credit agencies used, can also be found in PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE  

We have a legitimate interest in the use of PayPal within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR, which consists in offering a variety of payment methods as simply as possible via a service provider and not having to commission a separate service provider for each payment method. This also reduces the recipients of your data. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

SOCIAL MEDIA FAN PAGES

 

In addition to our website, we maintain online presences on social platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services.

If you visit our presence on a social platform, your data will generally be processed by the respective platform provider for our market research and advertising purposes. The provider may also process the data for its own purposes. Usage profiles can be created from your usage behavior and your resulting interests. These usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. For these purposes, cookies (see above) are usually stored on your end device, in which your usage behavior and interests are stored. In particular, if you are a member of the respective platforms and are logged in to them, additional data may be stored independently in the usage profiles. For a detailed description of the respective data processing and objection options, we refer you to the following linked information from the providers, as only they know the exact processes of their data processing.

We would like to point out that your data may also be processed outside the European Union. This may result in risks, e.g. because it could make it more difficult to enforce your rights.

The legal basis for the use of the online presences and the associated data processing is generally Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to present ourselves to visitors and users of social networks and to introduce statements of all kinds to the media and opinion market. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

The use of statistical data of all visitors to our social media websites, which is collected, processed and made available to us by the respective site operators, is based on Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an anonymous evaluation of the visit and usage behavior on our websites in order to improve the design of our online offer and optimize our communication with interested parties. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

If you are asked by the respective providers for consent to data processing, the legal basis for the processing is Art. 6 para. 1 sentence 1 lit. a) GDPR (consent of the data subject). You can revoke this consent at any time with effect for the future. To do so, please contact the provider who asked you for your consent.

In the event that you wish to assert your above-mentioned data subject rights, we would like to point out that these can be asserted most effectively with the providers, despite possible joint responsibility. As a rule, only the providers have direct access to your data and can take appropriate measures and provide information directly. Should you nevertheless require assistance, you can contact us and we will support you at any time within the scope of our possibilities.

We are represented on:

Facebook

Facebook is a social network of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Facebook Ireland Ltd. is the European subsidiary of Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA.

In its judgment of 16.07.2020 (Ref.: C-311/18), the European Court of Justice nevertheless ruled that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is unknown what consequences the possible processing of your data by US authorities may have for you. The ECJ's decision does not affect the requirements for Privacy Shield-certified companies. Our cooperation is based on standard data protection clauses of the European Commission. 

You can find further information on data protection at Facebook at: https://www.facebook.com/about/privacy/. We inform you about our own data processing in this declaration.
 

We have concluded an additional agreement with Facebook as part of our user contract, which regulates the responsibility for data processing with regard to the Page Insights function in accordance with Art. 26 GDPR. The details of the agreement can be found here: https://www.facebook.com/legal/terms/page_controller_addendum.

Among other things, Facebook has undertaken to inform you about data processing in the context of the Page Insights function. You can find this information here: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Instagram

Instagram is a social network of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Facebook Ireland Ltd. is the European subsidiary of Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA.

In its judgment of 16.07.2020 (Ref.: C-311/18), the European Court of Justice nevertheless ruled that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is unknown what consequences the possible processing of your data by US authorities may have for you. The ECJ's decision does not affect the requirements for Privacy Shield-certified companies. Our cooperation is based on standard data protection clauses of the European Commission. 

You can find further information on data protection at Instagram at: http://instagram.com/about/legal/privacy/. 
You can find more information on data protection on Facebook at: https://www.facebook.com/about/privacy/.

LinkedIn

LinkedIn is a professional network of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. In the EU, this company represents LinkedIn Corporation, 1000 W. Maude Ave, Sunnyvale, California 94085, USA.

In its judgment of 16.07.2020 (Ref.: C-311/18), the European Court of Justice nevertheless ruled that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is unknown what consequences the possible processing of your data by US authorities may have for you. The ECJ's decision does not affect the requirements for Privacy Shield-certified companies. Our cooperation is based on standard data protection clauses of the European Commission. 

Further information on data protection at LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy.
You can configure LinkedIn's data collection on the following page: https://www.linkedin.com/psettings/guest-controls/.

 

LinkedIn Insight Tag

This website uses the LinkedIn Insight Tag. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight Tag

With the help of the LinkedIn Insight Tag, we receive information about visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyze the key professional data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better tailor our site to the respective target groups. We can also use LinkedIn Insight Tags to measure whether visitors to our websites make a purchase or take another action (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function that we can use to display targeted advertising to visitors to our website outside the website, whereby, according to LinkedIn, no identification of the advertising addressee takes place.

LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data is then deleted within 180 days.

The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own advertising purposes. Details can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

Legal basis

If consent has been obtained, the above-mentioned service is used exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If consent has not been obtained, this service is used on the basis of Art. 6 para. 1 lit. f GDPR; the website operator has a legitimate interest in effective advertising measures including social media.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

 

Objection to the use of the LinkedIn Insight Tag

You can object to the analysis of usage behavior and targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To prevent LinkedIn from linking data collected on our website to your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

 

Order processing

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

 

Pinterest

Pinterest is a social network of Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. In the EU, this company represents Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA. 

In its ruling of 16.07.2020 (Ref.: C-311/18), the European Court of Justice nevertheless decided that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is unknown what consequences the possible processing of your data by US authorities may have for you. The ECJ's decision does not affect the requirements for Privacy Shield-certified companies. Our cooperation is based on standard data protection clauses of the European Commission. 

Further information on data protection at Pinterest can be found at: https://about.pinterest.com/de/privacy-policy.

Twitter

Twitter is a social network of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. Twitter International Company is the European subsidiary of Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

In its judgment of 16.07.2020 (Ref.: C-311/18), the European Court of Justice nevertheless ruled that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is unknown what consequences the possible processing of your data by US authorities may have for you. The ECJ's decision does not affect the requirements for Privacy Shield-certified companies. Our cooperation is based on standard data protection clauses of the European Commission. 

You can find more information about data protection on Twitter at: https://twitter.com/de/privacy. 
You can configure Twitter's data collection on the following page: https://twitter.com/personalization.

 

Xing

Xing is a professional network of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
Further information on data protection at Xing can be found at: https://privacy.xing.com/de/datenschutzerklaerung.

 

YouTube

YouTube is a social video platform of YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, represented by Google Ireland Ltd ("Google EU"), Gordon House, Barrow Street, Dublin 4, Ireland. In the EU, this company represents Google LLC ("Google US"), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

In its judgment of 16.07.2020 (Ref.: C-311/18), the European Court of Justice nevertheless ruled that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is unknown what consequences the possible processing of your data by US authorities may have for you. The ECJ's decision does not affect the requirements for Privacy Shield-certified companies. Our cooperation is based on standard data protection clauses of the European Commission. 

You can find further information on data protection at YouTube at: https://policies.google.com/privacy.

Houzz.de

Houzz is a social online platform for building, furnishing and renovation projects of Houzz Inc, 285 Hamilton Avenue, 4th Floor, Palo Alto, CA 94301, USA.

In its judgment of 16.07.2020 (Case C-311/18), the European Court of Justice nevertheless ruled that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not offer sufficient protection of personal data stored in this country against the surveillance activities of the authorities there, especially for non-US citizens. There is therefore a risk that your data transmitted to the USA may become known to the authorities there, in particular the NSA, CIA and FBI, and be processed by them for intelligence, public security and national defense purposes. The authorities in the USA are not subject to the restrictions of the GDPR. It is unknown what consequences the possible processing of your data by US authorities may have for you. The ECJ's decision does not affect the requirements for Privacy Shield-certified companies. Our cooperation is based on standard data protection clauses of the European Commission.

 
Further information on data protection at Houzz can be found at: https://www.houzz.de/privacyPolicy.

 

Privacy policy for the use of the CalendarApp (booking calendar) on our website

A plugin of the tool "CalendarApp", operated by Tool Loft UG, Bessemerstr. 24-26, 12103 Berlin, Germany, is integrated on our pages.
You can find the tool on our website under the following link: https://calendarapp.de/

When you visit our pages, a direct connection is established between your browser and the CalendarApp server via the plugin. ToolLoft UG thereby receives the information that you have visited our site with your IP address. Your personal data (e.g. name, address, e-mail address, etc.) will only be transmitted if you enter it voluntarily beforehand. This data is stored on the Tool Loft UG server. They will not be passed on to third parties or processed in any other way by Tool Loft UG. The data is only retrieved by us for the purpose of processing and managing your booking request.

 

 

Status of the privacy policy: 07.12.2023