Privacy Policy / Data Security
1. Information on the survey of personal data and contact details of the person responsible for the website
Responsible person for data processing on this website in the sense of the General Data Protection Regulation (GDPR) is
Dipl.-Ing. Christiane Reiseder
Tuchlauben 7a, 1010 Wien | Hasnerstraße 14/28, 1160 Wien
office@reiseder.com
+43 660 537 3040
2. Data collection when visiting our website
If you are just using our website for information, we only collect data that your browser transmits to our server (so-called “server-logfiles”). If you go to our website, we collect the following data that is technically important for showing you the website:
- Used IP address (possibly in anonymous form)
- Date, time and method of calling
- Referring/accessed URL
- Version of the used HTTP protocol
- Result value of the call
- Amount of data sent in Kbyte
- Page that was called before calling this page (referrer)
- Used browser
- Operating system used
Server-Logfiles are used for statistical evaluation of accesses from users of the website with the tool “Webalizer”. The collected access data are converted into anonymous information. The anonymized data are stored at the provider all-inkl.com in Germany and are deleted annually.
Processing of data is performed pursuant to Art. 6 para. 1 lit. f GDPR based on our legitimate interest on improving stability and functionality of our website. Continuation or other use of the data does not take place.
3. Cookies
We use cookies on different pages to make our website more attractive to visitors and to enable the use of certain functions. These cookies are small text files that are saved on your computer. Most of the cookies we use are deleted from your hard drive at the end of your browser session (so-called session cookies). Other cookies remain on your computer and enable us or partner companies (third-party cookies) to recognize your computer during your next visit (so-called permanent or persistent cookies). If cookies are set, they collect and process individual user information such as browser and location data as well as IP address values on an individual basis. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.
In some cases, cookies serve to simplify the ordering process by soring settings (e.g. remember the contents of a virtual shopping cart for a later visit to the website). Insofar as personal data are also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR and § 93 TKG (Austrian Telecommunications Act 2003) either for the execution of the contract or in accordance with Art. 6 para. 1 lit. f GDPR for protecting our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
We may work with advertising partners to help us make our web site more interesting to you. For this purpose, in this case, when you visit our website, cookies from partner companies are stored on your hard disk (third-party cookies). If we cooperate with aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in the following paragraphs.
Please note that you can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or can exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the browser’s Help menu, which explains how to change your cookie settings. These can be found for the respective browser under the following links:
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Chrome: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
Safari: https://support.apple.com/safari
Opera: https://help.opera.com/en/latest/security-and-privacy/
Please note that if you do not accept cookies, the functionality of our website may be limited.
4. Contact
When contacting us (for example via contact form or e-mail), personal data are collected. Which data are collected in the case of a contact form can be seen from the respective contact form. These data are stored and used solely for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of the data is the processing acc. Art. 6 para. 1 lit. b GDPR and § 93 TKG (Austrian Telecommunications Act 2003). Your data will be deleted after final processing of your request.
Data processing when opening a customer account and for contract execution.
According to Art. 6 para. 1 lit. b GDPR, personal data are collected and processed if you inform us of these in order to execute a contract. Which data are collected, can be seen from the respective input forms. We save and use the data you have provided for the execution of the contract. After completion of the contract or deletion of your customer account, your data will be deleted with regard to tax and commercial retention periods after expiry of these deadlines (currently 7 years).
5. Data processing for order processing
For the processing of your order, we work with the following service providers who support us wholly or partly in the execution of closed contracts. Under the terms of the following information certain personal data will be transmitted to these service providers.
The personal data collected by us will be passed on to the transport company commissioned with the delivery within the scope of the contract, insofar as this is necessary for the delivery of the goods. We will pass on your payment details to the commissioned bank as part of the payment process if this is necessary for the payment process. The legal basis for the transfer of the data is Art. 6 para. 1 lit. b GDPR.
6. Sendinblue Privacy Policy
On our website you can subscribe to our newsletter for free. For this to work, we use the Sendinblue email service for our newsletter. This is a service of the German company Sendinblue GmbH, Köpenicker street 126, 10179 Berlin.
We are of course very pleased if you register for our newsletter. That way we can always tell you what is going on in our company first-handedly, so you can stay up to date. However, you should know that when you sign up for the newsletter, all data you enter (such as your email address or your first and last name) will be saved and managed on our server as well as at Sendinblue. This also applies to personal data. For example, in addition to the time and date of registration, your IP address is also saved. During registration, you also consent to us sending you our newsletter. Moreover, you will also find a reference to the privacy policy there.The newsletter service also offers us helpful options for analysis. This means that if we send a newsletter, we can for example find out whether and when you opened the newsletter. The software also detects and records which link you click in the newsletter. This information helps us enormously to adapt and optimise our service to your wishes and concerns. After all, we naturally want to offer you the best possible service. In addition to the data already mentioned above, data about your user behaviour is also stored.
You can revoke your consent to this data processing at any time. You can do so by for example clicking the unsubscribe link directly in the newsletter. After you have unsubscribed, your personal data will be deleted from our server and from Sendinblue’s servers located in Germany. You reserve the right to free information about your stored data and, if necessary, a right to deletion, blocking or rectification.
If you would like more information about data processing, we recommend the company’s privacy policy at https://www.sendinblue.com/legal/privacypolicy/.
7. YouTube
This website uses the Youtube embedding feature to display and play videos from “Youtube”, which is owned by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
Here, the extended privacy mode is used and according to the provider, storage of user information only takes place, when playing the video(s). When the playback of embedded Youtube videos starts, the provider “Youtube” uses cookies to collect information about user behavior. According to “Youtube” hints, these are used, among other things, to capture video statistics, improve user-friendliness and prevent abusive practices. If you’re logged in to Google, your data will be assigned directly to your account when you click a video. If you do not wish to associate with your profile on YouTube, you must log out before activating the button. Google stores your data (even for non-logged-in users) as usage profiles and evaluates them. According to Art. 6 para 1 lit. f of the GDPR, such an evaluation is based on the legitimate interests of Google in the display of personalized advertising, market research and / or tailor-made design of its website. You have a right to object to the creation of these User Profiles and to exercise this right, you must contact Youtube directly.
Regardless of any playback of the embedded video, every time you visit this website, it will connect to the Google Network “DoubleClick”, which may trigger further data processing without us having any influence. US-based Google LLC is certified under the US Privacy Shield, which ensures compliance with the level of data protection in the EU.
For more information on data protection at “YouTube”, please see the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy
What is YouTube?
We have incorporated YouTube videos on our website. This way we can present you interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you call up a page on our website that has a YouTube video embedded, your browser automatically connects to the YouTube or Google servers. In the process, various data are transferred (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in the European area.
In the following, we would like to explain in more detail which data is processed, why we have integrated YouTube videos and how you can manage or delete your data.
On YouTube, users can watch, rate, comment on and upload videos themselves free of charge. Over the last few years, YouTube has become one of the most important social media channels in the world. In order for us to display videos on our website, YouTube provides a code snippet that we have built into our site.
Why do we use YouTube videos on our website?
YouTube is the video platform with the most visitors and the best content. We are committed to providing you with the best possible user experience on our website. And of course, interesting videos can’t be missing from that. With the help of our embedded videos, we provide you with other helpful content in addition to our text and images. In addition, the embedded videos make our website easier to find on the Google search engine. Also, when we run ads through Google Ads, Google – thanks to the data it collects – can really only show these ads to people who are interested in what we have to offer.
What data is stored by YouTube?
As soon as you visit one of our pages that has a YouTube video embedded, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually assign your interactions on our website to your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet provider. Other data may include contact details, any ratings, sharing content via social media or adding to your favorites on YouTube.
If you are not logged into a Google account or a YouTube account, Google stores data with a unique identifier associated with your device, browser, or app. For example, your preferred language setting is retained. But a lot of interaction data can’t be stored because fewer cookies are set.
In the following list, we show cookies that were set in a test in the browser. On the one hand, we show cookies that are set without a logged-in YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete, because the user data always depends on the interactions on YouTube.
Name: YSC
Value: b9-CV6ojI5Y111914522-1
Purpose: This cookie registers a unique ID to store statistics of the video watched.
Expiration date: after session end
Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google gets statistics about how you use YouTube videos on our website through PREF.
Expiration date: after 8 months
Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track GPS location.
Expiration date: after 30 minutes
Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the user’s bandwidth on our web pages (with embedded YouTube video).
Expiration date: after 8 months
Other cookies set when you are logged in with your YouTube account:
Name: APISID
Wert: zILlvClZSkqGsSwI/AU1aZI6HY7111914522-
Purpose: This cookie is used to create a profile about your interests. Used for personalized advertisements.
Expiration date: after 2 years
Name: CONSENT
Value: YES+AT.en+20150628-20-0
Purpose: The cookie stores the status of a user’s consent to use various Google services. CONSENT is also used for security purposes to verify users and protect user data from unauthorized attacks.
Expiration date: after 19 years
Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile about your interests. This data helps to display personalized advertising.
Expiration date: after 2 years
Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information about your login details.
Expiration date: after 2 years
Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile about your interests.
Expiration date: after 2 years
Name: SID
Value: oQfNKjAsI111914522-.
Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.
Expiration date: after 2 years
Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information about how you use the website and what advertisements you may have seen before visiting our site.
Expiration date: after 3 months
How long and where is the data stored?
The data that YouTube receives from you and processes is stored on Google servers. Most of these servers are located in America. You can see exactly where Google data centers are located at https://www.google.com/about/datacenters/inside/locations/?hl=de. Your data is distributed across the servers. Thus, the data can be retrieved more quickly and is better protected against manipulation.
Google stores the collected data for different lengths of time. Some data you can delete at any time, others are automatically deleted after a limited time, and still others are stored by Google for a longer period of time. Some data (such as items from “My Activity”, photos or documents, products) stored in your Google Account will remain stored until you delete it. Even if you are not signed into a Google Account, you can delete some data associated with your device, browser, or app.
How can I delete my data or prevent data storage?
Basically, you can delete data in Google Account manually. With the automatic deletion feature of location and activity data introduced in 2019, information will be stored depending on your decision – either 3 or 18 months and then deleted.
Whether you have a Google account or not, you can configure your browser to delete or disable cookies from Google. Depending on which browser you use, this works in different ways. Under the section “Cookies” you will find the corresponding links to the respective instructions of the most popular browsers.
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether you allow it or not.
Legal basis
If you have consented that data from you can be processed and stored by embedded YouTube elements, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the embedded YouTube elements if you have given your consent. YouTube also sets cookies in your browser to store data. Therefore, we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
YouTube also processes data in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the legality and security of data processing.
As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, YouTube uses standard contractual clauses approved by the EU Commission (= Art. 46. para. 2 and 3 DSGVO). These clauses oblige YouTube to comply with the EU level of data protection when processing relevant data outside the EU as well. These clauses are based on an implementing decision of the EU Commission. You can find the decision as well as the clauses here, among other places: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de.
Since YouTube is a subsidiary of Google, there is a joint privacy policy. If you want to learn more about the handling of your data, we recommend the privacy policy at https://policies.google.com/privacy?hl=de .
8. Social media - Sharing content via buttons/icons
On this website you see the icons of some social networks, that link to the respective company page or a profile. Direct contact to those networks is only established when the user actively clicks on one of these buttons. Before clicking, no automatic transfer of user data to the operators of these platforms takes place.
However, if you click on one of those icons, you visit pages or profiles that display these elements and your data is transferred from your browser to the respective social media service and stored there. We have no access to this data.
The following links will take you to the pages of the respective social media services where it is explained how they handle your data:
Instagram privacy policy: https://help.instagram.com/519522125107875
Facebook privacy policy: https://www.facebook.com/about/privacy
Linkedin privacy policy: https://www.linkedin.com/legal/privacy-policy
Google privacy policy: https://policies.google.com/privacy?hl=de
9. Video conferencing and streaming
What are video conferencing & streaming?
We use software programs that allow us to hold video conferences, online meetings, webinars, display sharing and/or streaming. In a videoconference or streaming, information is transmitted simultaneously via sound and moving image. With the help of such video conferencing or streaming tools, we can communicate with customers, business partners, clients and also employees quickly and easily over the Internet. Of course, we pay attention to the specified legal framework when selecting the service provider.
Basically, third-party providers can process data as soon as you interact with the software program. Third-party providers of the video conferencing or streaming solutions use your data and metadata for different purposes. For example, the data helps to make the tool more secure and to improve the service. Most of the time, the data may also be used for the third-party provider’s own marketing purposes.
Why do we use video conferencing & streaming on our website?
We want to communicate with you, with our customers and business partners also digitally in a fast, uncomplicated and secure way. This works best with video conferencing solutions that are very easy to use. Most tools also work directly via your browser and after just a few clicks you are right in the middle of a video meeting. The tools also offer helpful additional features such as a chat and screensharing function or the ability to share content between meeting participants.
What data is processed?
When you participate in our video conference or in a streaming, data about you is also processed and stored on the servers of the respective service provider.
Exactly what data is stored depends on the solutions used. Each provider stores and processes different and varying amounts of data. But as a rule, most providers store your name, address, contact data such as your e-mail address or phone number, and your IP address. Furthermore, information about the device you are using, usage data such as which websites you visit, when you visit a website or which buttons you click on may also be stored. Data shared within the video conference (photos, videos, texts) may also be stored.
Duration of data processing
We will inform you about the duration of data processing below in connection with the service used, provided we have further information on this. In general, we process personal data only as long as it is strictly necessary for the provision of our services and products. It may be that the provider stores data from you according to its own specifications, over which we then have no influence.
Right of objection
You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact persons responsible for the video conferencing or streaming tool used at any time. Contact details can be found either in our specific privacy policy or on the website of the relevant provider.
You can delete, deactivate or manage cookies that providers use for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that all functions may then no longer work as usual.
Legal basis
If you have consented that data from you can be processed and stored by the video or streaming solution, this consent is considered the legal basis of the data processing (Art. 6 (1) lit. a DSGVO). In addition, we may also offer a video conference as part of our services if this has been contractually agreed with you in advance (Art. 6 (1) lit. b DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 (1) lit. f DSGVO) in fast and good communication with you or other customers and business partners, but only if you have at least consented. Most video or streaming solutions also set cookies in your browser to store data. Therefore, we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
What is Zoom?
We use the Zoom video conferencing tool from the American software company Zoom Video Communications for our website. The company is headquartered in San Jose, California, 55 Almaden Boulevard, 6th Floor, CA 95113. Thanks to “Zoom”, we can hold a video conference with customers, business partners, clients and also employees very easily and without installing any software. In this privacy statement, we go into more detail about the service and inform you about the most important privacy-related aspects.
Zoom is one of the world’s best-known video conferencing solutions. With the “Zoom Meetings” service, we can hold an online video conference with you, for example, but also with employees or other users via a digital conference room. This makes it very easy for us to get in touch digitally, exchange information on various topics, send text messages or even talk on the phone. Furthermore, Zoom also allows us to share the screen, exchange files and use a whiteboard.
Why do we use Zoom on our website?
It is important for us to be able to communicate with you quickly and easily. And this is exactly what Zoom offers us. The software program also works directly through a browser. This means that we can simply send you a link and start the video conference. Of course, additional functions such as screen sharing or file exchange are also very practical.
What data does Zoom store?
When you use Zoom, data is also collected from you so that Zoom can provide their services. On the one hand, this is data that you consciously provide to the company. This includes, for example, name, telephone number or your e-mail address. However, data is also automatically transmitted to Zoom and stored. This includes, for example, technical data of your browser or your IP address. In the following, we will go into more detail about the data that Zoom may collect from you and store:
If you provide data such as your name, user name, email address or phone number, this data will be stored by Zoom. Content that you upload while using Zoom is also stored. This includes files or chat logs, for example.
In addition to the IP address already mentioned above, the technical data that Zoom automatically stores includes the MAC address, other device IDs, device type, which operating system you are using, which client you are using, camera type, microphone type, and speaker type. Your approximate location is also determined and stored. Furthermore, Zoom also stores information about how you use the service. So, for example, whether you “zoom” via desktop or smartphone, whether you use a phone call or VoIP, whether you participate with or without video, or whether you request a password. Zoom also records so-called metadata such as duration of the meeting/call, start and end of meeting participation, meeting name and chat status.
Zoom mentions in its own privacy policy that it does not use advertising cookies or tracking technologies for its services. Only its own marketing websites, such as www.zoom.us, use these tracking methods. Zoom does not resell personal data or use it for advertising purposes.
How long and where is the data stored?
Zoom does not disclose a specific time frame in this regard, but emphasizes that the collected data is stored for as long as it is necessary to provide the services or for its own purposes. Data is only stored longer if this is required for legal reasons.
In principle, Zoom stores the collected data on American servers, but data can arrive at different data centers around the world.
How can I delete my data or prevent data storage?
If you do not want data to be stored during the Zoom meeting, you must opt out of the meeting. However, you always have the right and option to have all your personal data deleted. If you have a Zoom account, please visit https://support.zoom.us/hc/en-us/articles/201363243-How-Do-I-Delete-Terminate-My-Account for instructions on how to delete your account.
Please note that when using this tool, data about you may be stored and processed outside the EU. Most third countries (including the US) are not considered secure under current European data protection law. Data to insecure third countries may therefore not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.
Legal basis
If you have consented that data from you can be processed and stored by the video or streaming solution, this consent is considered the legal basis for the data processing (Art. 6 (1) lit. a DSGVO). In addition, we may also offer a video conference as part of our services if this has been contractually agreed with you in advance (Art. 6 (1) lit. b DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners, but only if you have at least consented to this.
Zoom also processes data from you in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the lawfulness and security of data processing.
As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, Zoom uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Zoom undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
We hope to have provided you with an overview of data processing by Zoom. Of course, it is always possible that the company’s privacy policy will change. Therefore, for more information about the data processed and the standard contractual clauses, we also recommend that you read Zoom’s privacy policy at https://zoom.us/de-de/privacy.html.
10. Facebook Pixel
We use the Facebook pixel from Facebook on our website. For this purpose, we have implemented a code on our website. The Facebook pixel is a snippet of JavaScript code that loads a collection of functions that allow Facebook to track your user actions if you came to our website via Facebook ads. For example, when you purchase a product on our website, the Facebook pixel is triggered and stores your actions on our website in one or more cookies. These cookies allow Facebook to match your user data (customer data such as IP address, user ID) with your Facebook account data. Then Facebook deletes this data again. The collected data is anonymous and not visible to us and can only be used in the context of ad placements. If you yourself are a Facebook user and are logged in, the visit to our website is automatically assigned to your Facebook user account.
We want to show our services or products only to those people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. Thus, Facebook users (if they have allowed personalized advertising) get to see suitable advertising. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.
In the following, we show you those cookies that were set by embedding Facebook Pixel on a test page. Please note that these are only sample cookies. Different cookies are set depending on the interaction on our website.
Name: _fbp
Wert: fb.1.1568287647279.257405483-6111914522-7
Purpose: This cookie is used by Facebook to display promotional products.
Expiration date: after 3 months
Name: fr
Value: 0aPf312HOS5Pboo2r..Bdeiuf…1.0.Bdeiuf.
Purpose: This cookie is used to make Facebook Pixel work properly.
Expiration date: after 3 months
Name: comment_author_50ae8267e2bdf1253ec1a5769f48e062111914522-3
Value: Name of the author
Purpose: This cookie stores the text and name of a user who leaves a comment, for example.
Expiration date: after 12 months
Name: comment_author_url_50ae8267e2bdf1253ec1a5769f48e062
Value: https%3A%2F%2Fwww.testseite…%2F (author’s URL)
Purpose: This cookie stores the URL of the website that the user enters in a text field on our website.
Expiration date: after 12 months
Name: comment_author_email_50ae8267e2bdf1253ec1a5769f48e062
Value: Author’s email address
Purpose: This cookie stores the user’s email address if he/she has provided it on the website.
Expiration date: after 12 months
Note: The above cookies refer to an individual user behavior. Especially when using cookies, Facebook changes can never be excluded.
Provided that you are logged in to Facebook, you can change your settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. If you are not a Facebook user, you can generally manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/. You can also change the settings for your ads on your own. There you have the option to deactivate or activate providers.
Facebook also processes data from you in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the legality and security of data processing.
As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
Facebook’s data processing terms and conditions, which correspond to the standard contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing .
If you would like to learn more about Facebook’s privacy practices, we recommend reading the company’s own data policies at https://www.facebook.com/policy.php .
Facebook Automatic Enhanced Matching Privacy Policy
We have also enabled Automatic Advanced Matching as part of the Facebook Pixel feature. This feature of the Pixel allows us to send hashed emails, name, gender, city, state, zip code, and date of birth or phone number as additional information to Facebook if you have provided us with this data. This activation allows us to tailor advertising campaigns on Facebook even more precisely to people who are interested in our services or products.
11. Google Fonts
On our website we use Google Fonts. These are the “Google Fonts” of the company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
For the use of Google Fonts you do not have to log in or provide a password. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account information, while using Google Fonts, will be transmitted to Google. Google records the usage of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a detailed look at exactly what the data storage looks like.
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to your users for free.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache license. Both are free software licenses.
Why do we use Google Fonts on our website?
Google Fonts allows us to use fonts on our own website, and not have to upload them to our own server. Google Fonts is an important component to keep the quality of our website high. All Google Fonts are automatically optimized for the web and this saves data volume and is a big advantage especially for mobile use. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes visually distort texts or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So, we use Google Fonts so that we can display our entire online service as beautifully and consistently as possible.
What data is stored by Google?
When you visit our website, the fonts are reloaded via a Google server. Through this external call, data is transmitted to the Google servers. In this way, Google also recognizes that you or your IP address is visiting our website. The Google Fonts API is designed to reduce the use, storage, and collection of end-user data to what is necessary for proper font delivery. API, by the way, stands for “Application Programming Interface” and is used, among other things, as a data transmitter in software.
Google Fonts stores CSS and font requests securely at Google and is thus protected. Through the collected usage figures, Google can determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. In addition, Google also uses data from its own web crawler to determine which websites are using Google fonts. This data is published to the Google Fonts BigQuery database. Entrepreneurs and developers use Google’s BigQuery web service to be able to examine and move large amounts of data.
However, it is still important to remember that each Google Font request also automatically transmits information such as language settings, IP address, browser version, browser screen resolution, and browser name to Google’s servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google.
How long and where is the data stored?
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This allows us to use fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to easily and quickly change the design or font of a website, for example.
The font files are stored by Google for one year. Google thus pursues the goal of fundamentally improving the loading time of web pages. If millions of web pages refer to the same fonts, they are cached after the first visit and immediately reappear on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.
How can I delete my data or prevent data storage?
Those data that Google stores for a day or a year cannot be easily deleted. The data is automatically transmitted to Google when the page is called up. In order to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=111946757. Data storage you prevent in this case only if you do not visit our site.
Unlike other web fonts, Google allows us unlimited access to all fonts. So we can have unlimited access to a sea of fonts and get the most out of our website. You can find out more about Google Fonts and other issues at https://developers.google.com/fonts/faq?tid=111946757. Google does address privacy-related issues there, but it doesn’t really include detailed information about data storage. It is relatively difficult to get really precise information from Google about stored data.
Legal basis
If you have consented to Google Fonts being used, the legal basis of the corresponding data processing is this consent. According to Art. 6 (1) lit. a DSGVO (consent), this consent constitutes the legal basis for the processing of personal data, as may occur in the case of collection by Google Fonts.
From our side, there is also a legitimate interest in using Google Font to optimize our online service. The corresponding legal basis for this is Art. 6 para. 1 lit. f DSGVO (Legitimate Interests). Nevertheless, we only use Google Font if you have given your consent.
Google also processes data from you in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the legality and security of data processing.
As a basis for data processing at recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which also correspond to the standard contractual clauses for Google Fonts, can be found at https://business.safety.google/adsprocessorterms/.
You can also read about which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
12. Gravatar
On our website, we have integrated the Gravatar plug-in of Automattic Inc. (60 29th Street #343, San Francisco, CA 94110, USA). Gravatar is automatically activated on all WordPress websites, among others. The function allows user images (avatars) to be displayed on published posts or comments, provided that the corresponding email address is registered with www.gravatar.com.
Through this function, data is sent to the company Gravatar or Automattic Inc, stored and processed there. In this privacy policy, we want to inform you about what data is involved, how the network uses this data and how you can manage or prevent the data storage.
Gravatar basically stands for “Globally Recognized Avatar” and this means a globally available avatar (a user image) associated with the email address. The Gravatar company is the world’s leading service provider for this service. As soon as a user enters on a website the email address that is also registered with the Gravatar company at www.gravatar.com, a previously deposited image is automatically displayed together with a published post or comment.
Why do we use Gravatar on our website?
There is often talk about anonymity on the Internet. Through an avatar, users get a face to the people commenting. In addition, it is basically easier to be recognized on the net and can build up a certain level of recognition. Many users enjoy the advantages of such a user image and also want to appear personally and authentically on the net. Of course, we want to offer you the possibility to display your Gravatar on our website as well. In addition, we also like to see faces to our commenting users. With the Gravatar feature enabled, we are also expanding our service on our website. After all, we want you to feel comfortable on our website and get a comprehensive and interesting offer.
What data is stored by Gravatar?
For example, as soon as you post a comment on a blog post that requires an email address, WordPress checks to see if the email address is associated with an avatar on Gravatar. For this request, your email address is sent to Gravatar’s or Automattic’s servers in encrypted or hashed form along with the IP address and our URL. Thus, it is checked whether this e-mail address is registered with Gravatar.
If this is the case, the image (Gravatar) stored there will be displayed together with the published comment. If you have registered an e-mail address with Gravatar and comment on our website, further data will be transmitted to Gravatar, stored and processed. In addition to IP address and user behavior data, this includes, for example, browser type, unique device identifier, preferred language, dates and times of page entry, operating system and mobile network information. Gravatar uses this information to improve its own services and offers and to gain better insights into the use of its own service.
The following cookies are set by Automattic when a user uses an email address registered with Gravatar to make a comment:
Name: gravatar
Value: 16b3191024acc05a238209d51ffcb92bdd710bd19111946757-7
Purpose: we could not find out exact information about the cookie.
Expiration date: after 50 years
Name: is-logged-in
Value: 1111946757-1
Purpose: This cookie stores the information that the user is logged in via the registered e-mail address.
Expiration date: after 50 years
How long and where is the data stored?
Automattic deletes the collected data when it is no longer used for its own services and the company is not required by law to retain the data. Web server logs such as IP address, browser type and operating system are deleted after about 30 days. Until then, Automattic uses the data to analyze traffic on its own websites (for example, all WordPress sites) and to fix potential problems. The data is also stored on American servers of Automattic.
How can I delete my data or prevent the data storage?
You have the right to access and also delete your personal data at any time. If you have registered with Gravatar with an email address, you can delete your account or the email address there at any time.
Since only when using an email address registered with Gravatar a picture is displayed and thus data is transferred to Gravatar, you can also prevent the transfer of your data to Gravatar by commenting or posting on our website with an email address not registered with Gravatar.
You can manage, disable or delete possible cookies set during commenting in your browser. Please only note that any commenting functions will then no longer be available to the full extent. Depending on which browser you use, the management of cookies works a bit differently. Under the section “Cookies” you will find the corresponding links to the respective instructions of the most popular browsers.
Legal basis
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements insofar as you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
Gravatar also processes data in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be accompanied by various risks to the legality and security of data processing.
As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, thus in particular in the USA) or a data transfer there, Gravatar uses standard contractual clauses approved by the EU Commission (= Art. 46. para. 2 and 3 DSGVO). These clauses oblige Gravatar to comply with the EU level of data protection when processing relevant data also outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses, among others, here: https://germany.representation.ec.europa.eu/index_de.
More details about the privacy policy and which data is collected by Gravatar in which way can be found at https://automattic.com/privacy/, general information about Gravatar at http://de.gravatar.com/.
13. Tools and other
The storage of your personal data takes place in our order on servers of the company
ALL-INKL.COM – Neue Medien Münnich
Hauptstraße 68
02742 Friedersdorf
Germany
that provides us with storage capacities. The servers on which your personal data is stored are located in Germany, so that your data does not leave Germany at any time.
14. Rights of the person concerned
You have a right to free information about your stored data as well as a right to correction, restriction, data portability, revocation and opposition or deletion of this data. If you have further questions regarding the collection, processing or use of your personal data, please contact us. The contact address can be found in our imprint and at the beginning of the privacy policy.
If you believe that the processing of your data violates data protection law or if your data protection claims have otherwise been violated in a way, you can complain to the supervisory authority. In Austria, this is the data protection authority.
Source: Selected passages created with the Datenschutz Generator of AdSimple and translated into english.
This data protection information was last updated on 20.12.2021