RIV finance / RIV real estate shop

Jahnstr. 19

D-67360 Lingenfeld

Telephone: +49 (0) 172 / 87 87 83 3
Email: roth@riv-immobilienshop.de

Web: www.riv-immobilienshop.de

Owner: Werner Roth

Data protection

General

We are pleased that you are visiting the website of RIV Finanz / RIV Immobilienshop Inh. Werner Roth. In this data protection declaration, we provide comprehensive information about our handling of personal data and inform you about your rights. Compliance with data protection regulations is a matter of course for us and an important basis of trust.

Data protection at a glance

Who is responsible for data collection on this website?

RIV Finanz / RIV Immobilienshop Inh. Werner Roth, Jahnstraße 19, 67360 Lingenfeld (hereinafter: "We") is the operator of the websitehttps://www.riv-immobilienshop.de/and thus responsible within the meaning of Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR). If you have any questions, you can contactroth@riv-immobilienshop.deturn around.

How do we collect your data?

Your data is collected on the one hand by the fact that you communicate it to us (e.g. via a contact form or in the case of an inquiry), on the other hand by the fact that your visit to our website is recorded by our IT systems. This data is collected automatically as soon as you enter our website.

What do we use your data for?

In principle, we only use the data for the purpose for which the data was collected from you. We reserve the right to further process the data for another purpose, unless this other purpose is incompatible with the original purpose (Article 5 (1) (c) GDPR).

The purposes are in particular the error-free provision of our website, contacting you and sending our newsletter. Further information on the purposes of data processing can be found below under the respective processing activity.

What rights do you have regarding your data?

You are entitled to the rights under the GDPR. This includes in particular a right to information and a right to request the correction, blocking or deletion of your data. In order to assert your rights as a data subject, we must also process your data.

Privacy in detail

Responsibility for data processing

RIV Finanz / RIV Immobilienshop (hereinafter: "We") is the operator of the websitehttps://www.riv-immobilienshop.de/and thus responsible within the meaning of Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR).

If you have any questions, you can contactroth@riv-immobilienshop.deturn around.

You can find more information in theimprintthe website.

Data Protection Officer

According to Art. 37 GDPR in conjunction with Section 38 BDSG, we are not obliged to appoint a data protection officer. If you have any questions about data protection and to assert your rights mentioned below, you can of course contact us at any time using the contact details given above.

data subject rights

As the data subject, you have the following rights with regard to your personal data. They have:

• A right to information, among other things, about the categories of data processed, the processing purposes, the storage period and any recipients, in accordance with Art. 15 DS-GVO and Section 34 BDSG.
• A right to correction or deletion of incorrect or incomplete data, according to Art. 16 and 17 DS-GVO and § 35 BDSG.
• Under the conditions of Art. 18 DS-GVO or § 35 Para. 1 S. 2 BDSG a right to restriction of processing.
• A right to revoke a given consent with effect for the future in accordance with Art. 7 Para. 3 DS-GVO.
• A right to data portability in a common format in accordance with Art. 20 GDPR.
• According to Art. 22 DS-GVO, you have the right not to be subject to a decision based solely on automated processing that has legal effect on you or significantly affects you in a similar way. This also includes profiling within the meaning of Art. 4 No. 4 DS-GVO.
• You also have the right, in accordance with Art. 77 DS-GVO, to complain to a data protection supervisory authority about the processing of your personal data by us, in particular in the member state of your usual place of residence, your place of work or the place of the alleged infringement.

We expressly point out that you have the right according to Art. 21 Para. 1 DS-GVO

contradiction

against processing to file an objection if the data processing was based on a legitimate interest and your particular situation gives rise to reasons against the data processing. We reserve the right to examine your particular situation and the relevant data processing.

If data is processed on the basis of our legitimate interest for the purpose of direct advertising, you can object to the processing at any time in accordance with Art. 21 Para. 2 DS-GVO without giving reasons.

Procedure for data subject rights

If you assert your rights against us under the DS-GVO and the BDSG, we will process the data you have transmitted to us in order to fulfill your claim. Under certain circumstances, we will ask questions in accordance with Art. 12 Para. 6 DS-GVO if we have reasonable doubts about your identity.

After the fulfillment of your claim, we store the data you have transmitted to us and the data we have transmitted to you in return for the purpose of documentation until the end of the statutory limitation period for administrative offenses (3 years).

The legal basis for the processing and storage of the data is Art. 6 Para. 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest results from our obligation to comply with your request and the need to be able to relieve us in possible fine proceedings by proving that we have properly complied with your request.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 DS-GVO. For this purpose, please use the contact details given in the imprint. However, we would like to point out that the processing of your data to prove compliance with the rights of the data subject is mandatory within the meaning of Art. 21 Para. 1 DS-GVO, since other means of proof do not exist or are not equally suitable.

General modalities of our data processing

In the following section we would like to give you a general overview of the principles according to which we process personal data. Detailed information can be found below.

Sources and categories of personal data

We process your personal data insofar as they are necessary for the establishment, content design or change of a contractual relationship between us and you (inventory data). Inventory data can be in particular: name, title, contact details (postal address, telephone, e-mail address), date of birth, etc.

We also process your usage data. Usage data is data that is generated by your behavior when using our website and our services, in particular your IP address, the beginning and end of your visit to our website and information about what content you have accessed on our website.

We collect the data mentioned either directly from you (e.g. by visiting the website) or, insofar as this is permitted under data protection laws, from third parties or from publicly accessible sources (e.g. commercial and association registers, press, media, Internet).

WTransmission of data, order processing

We never pass on your personal data to third parties without authorization. We reserve the right to pass on your data to third parties, in particular if you have consented to the data being passed on, if the passing on is necessary to fulfill our legal obligations or if we are entitled or obliged to pass on data due to legal provisions or official or judicial orders. In particular, this may involve the provision of information for the purposes of criminal prosecution, to avert danger or to enforce intellectual property rights.

We may also transmit your data to external service providers who process data on our behalf and according to our instructions (processors) in order to simplify or relieve our own data processing. Each processor is bound by a contract in accordance with Art. 28 GDPR. In particular, this means that the processor must offer sufficient guarantees that suitable technical and organizational measures will be implemented by him in such a way that the processing is carried out in accordance with the requirements of the DS-GVO and the protection of your rights as the person concerned is guaranteed. Despite the commissioning of contract processors, we remain the responsible body for the processing of your personal data within the meaning of data protection laws and your contact person.

Purpose limitation of data processing

In principle, we only use the data for the purpose for which the data was collected from you. We reserve the right to further process the data for another purpose, unless this other purpose is incompatible with the original purpose (Article 5 (1) (c) GDPR). Further processing can e.g. B. to bill our services or to assert, exercise or defend legal claims.

We will inform you below about the individual processing purposes and the legal basis for the individual processing activities.

storage duration

Unless otherwise stated in detail in this declaration, we only store the data collected from you for as long as is necessary for the respective purpose. Once the purpose has been achieved, your data will be deleted or made completely anonymous, unless there are statutory retention requirements, e.g. from commercial law or tax law.

Data transfer to third countries outside the EEA

All information that we receive from you or about you is generally processed by us on servers within the European Union. Your data will only be transmitted to or processed in third countries without your express consent if this is required or permitted by law and an appropriate level of data protection is ensured in the third country.

Risk notice for data transmission to the USA

In our globalized society, it is difficult to link the data processing of personal information to a specific location on the Internet. Many of the big technology companies (Google, Facebook, Amazon etc.) have their headquarters in the USA. Without the technologies of these companies, the Internet as we know it would be inconceivable. That's why we also use technology from US companies. Even if you have your habitual residence in the European Economic Area, personal data can therefore be transmitted to the USA.

In order to ensure that the transmitted data is also processed there according to a level of data protection comparable to that of the European Union, the EU and the USA originally had an agreement on the so-called "EU-US Privacy Shield" (in German: EU-US data protection shield). closed. The Privacy Shield Agreement regulates the protection of personal data that is transferred from a member state of the European Union to the USA. Companies can certify themselves under the agreement if they comply with certain data protection standards. You can access the list of certified companies here: https://www.privacyshield.gov/list.

In its judgment of July 16, 2020 (Ref.: C-311/18), the European Court of Justice decided that the USA is generally not a third country in which an adequate level of protection for personal data would be ensured. Accordingly, US law and practice do not provide sufficient protection for personal data stored in that country from the surveillance activities of the authorities there, particularly for non-US citizens.

There is therefore a risk that your data transmitted to the USA will become known to the authorities there, in particular the intelligence services NSA, CIA and FBI, and will be processed by them for intelligence, public security and national defense purposes. The US authorities are not subject to the restrictions of the GDPR. The consequences of any processing of your data by US authorities are unknown. The decision of the ECJ does not affect the requirements for Privacy Shield-certified companies.

In order to always ensure an appropriate level of protection for your data, even if your data is transferred outside the scope of the GDPR, we strive to conclude contracts with all data recipients in the USA that also include the standard data protection clauses issued by the EU Commission include. In addition, we take further technical and organizational measures to protect personal data when it is transmitted outside the scope of the GDPR.

data protection measures

We secure our website and other systems - and thus also your data - by technical and organizational measures against loss, destruction, access, modification or distribution by unauthorized persons.

In particular, when you visit our website, your personal data is transmitted to us in encrypted form over the Internet. We use the TLS (Transport Layer Security) coding system. You can usually recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and a lock symbol is displayed.

However, the transmission of information over the Internet is never completely secure, so we cannot guarantee the security of data transmitted from our website 100%.

Our security measures are continuously reviewed and adjusted in line with technological developments.

Individual processing activities

In the following, we would like to show you as transparently as possible which of your data we process on which occasion, for which purpose and on which basis.

Data processing in commercial transactions

contact

You can contact us through various channels. Since the processing and storage of your transmitted data (in particular your e-mail address) is logically necessary to receive and answer your request, we assume that you consent to the processing and storage of your transmitted data in order to process your request.

We process the data you transmit to us exclusively until the respective purpose of your contact has been achieved, unless deletion is opposed by statutory retention periods. The purpose of establishing contact is achieved when it can be inferred from the circumstances that your request has been finally clarified. If the purpose of your contact is to assert the rights of the data subject, the statements made in the section “Your rights as a data subject” apply.

The legal basis for the use of the data you transmit to us by contacting us is your consent expressed by sending the message in accordance with Art. 6 Para. 1 Sentence 1 Letter a) GDPR. You can revoke your consent at any time with effect for the future. For this purpose, please use the contact details given in the imprint.

We need the following information in ourcontact formmandatory from you:

• Salutation/Name: Personal contact with our customers is important to us. We therefore ask you to provide your title, first name and last name. If there are problems with an order, this information also makes it easier for us to allocate it and help with quick processing.
• E-mail address: We need to provide your e-mail address, otherwise we will not be able to answer your request.
• Telephone number: We absolutely need a telephone number, as there may be short-term changes/requests with regard to our service, where you may no longer be able to contact us by email in good time
• Your message: The text of your request provides the framework for the data processing that we do.

We would like to point out that you cannot use the contact form without providing the mandatory information mentioned. If you do not wish to provide this information, please use the other contact options listed in the imprint.

The legal basis for the processing of your details in the contact form is your consent expressed by sending the message in accordance with Art. 6 Para. 1 S. 1 Letter a) GDPR and with regard to the mandatory information Art. 6 Para. 1 S. 1 Letter f ) GDPR (legitimate interest in data processing). We have set out the respective legitimate interest in the above list.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 DS-GVO. For this purpose, please use the contact details given in the imprint.

If the purpose of your contact is to conclude a contract, the additional legal basis for processing is Article 6 (1) sentence 1 letter b) GDPR (data processing for contract initiation).

prospect data

If you are interested in our offers, you can contact us at any time. By contacting us, you agree to the processing and storage of your transmitted data (in particular your e-mail address) in order to process your request. You can object to this processing at any time with effect for the future. Please use our contact details in the imprint or our form above. Please note, however, that we will then no longer process your request.

We process the data you transmit to us exclusively until the respective purpose of your contact has been achieved, unless there are legal retention periods to the contrary. If the purpose of your contact is to assert the rights of the data subject, the statements made in the section “Your rights as a data subject” apply.

The legal basis for the use of the data you transmit to us by contacting us is Art. 6 Para. 1 S. 1 Letter a) GDPR (consent of the person concerned) and Art. 6 Para. 1 S. 1 Letter b) DS-GVO (data processing for contract initiation). You can revoke your consent at any time with effect for the future. Please use the contact details given in the imprint or our form above.

customer data

If you make use of our services, it is necessary for the conclusion of the contract and the processing of the contractual relationship that we process certain data about you for the aforementioned purposes.

We receive this data from you yourself.

Furthermore, it may be necessary to pass on your data to third parties, e.g. banks/payment service providers, logistics companies, etc. You can find more information under "Passing on data" above.

The legal basis for the use of your data is Article 6 Paragraph 1 Sentence 1 Letter b) GDPR (data processing to fulfill a contract). The legal basis for the data you provide voluntarily in the booking process is Art. 6 Para. 1 Sentence 1 Letter a) GDPR (consent of the person concerned). You can revoke your consent at any time with effect for the future. Please use the contact details given in the imprint or our form above.

We also reserve the right to process the data you provide in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.

Due to commercial and tax regulations, we are obliged to save your address, payment and order data. The legal basis for storing your data is Art. 6 Para. 1 S. 1 Letter c) GDPR (data processing to fulfill a legal obligation).

service provider data

If you are in an employment relationship with us or are interested in it, it is necessary for the initiation and conclusion of the contract, as well as for the processing and execution of the contract, that you provide certain data that we process for the aforementioned purposes.

Furthermore, it may be necessary to pass on your data to third parties, e.g. banks/payment service providers, accounting service providers, etc.

The legal basis for the use of your data is Article 6 Paragraph 1 Sentence 1 Letter b) GDPR (data processing to fulfill a contract).

Due to commercial and tax law requirements, we are obliged to store personal data related to our employment relationship. However, after two years we restrict the processing, i. H. Your data will only be used to comply with legal obligations.

Data collection on our website

Visiting the website and server log files

When a website is called up and any associated data retrieval from a server, general information is automatically transmitted to the respective providing server. This data transfer is automatic and is a fundamental part of communication between devices on the Internet.

The data transmitted by default includes the following information: your IP address, product and version information about the browser used and the operating system (so-called user agent), the website from which you accessed (so-called referer), date and time of the Request (so-called timestamp). In addition, the http status and the amount of data transferred are recorded as part of this request.

This information is logged by the server, stored in a table and stored there for a short time (so-called server log files). By analyzing these log files, we can identify and then eliminate errors on the website, determine the utilization of the website at certain times and make adjustments or improvements based on this. We can also guarantee the security of the server by being able to understand the IP address from which attacks on our server were carried out. We do not combine this data with other data sources.

Your IP address will only be saved for the time you are using the website and will then be immediately anonymised. The remaining data is stored for a limited period of time.

The legal basis for the use of the server log files is Article 6 Paragraph 1 Clause 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from the need for the operation and maintenance of our website, as we have explained above. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 DS-GVO. For this purpose, please use the contact details given in the imprint. However, we would like to point out in advance that the processing of your data in server log files is mandatory within the meaning of Art. 21 Para. 1 DS-GVO, since otherwise our website cannot be operated at all and because according to Art. 32 DS-GVO are obliged to guarantee the confidentiality, availability and integrity of our systems.

Cookies and web storage

We use so-called "cookies" or the "web storage" of your browser to improve user-friendliness on our website. In short, this means that when you visit our website, data can be stored on your device and read out again by our server.

What cookies or web storage are

Put very simply, a cookie is a small text file that stores data about websites visited. Cookies can be used in many ways. For example, they may store a kind of "user profile", which means things like your preferred language and other site settings that our website needs to provide you with certain services. The cookie file is stored on your end device and can also help to recognize you when you visit our website again.

Under certain circumstances, we can also use the cookies to obtain information about your preferred activities on our website and thus tailor our website to your individual interests or even increase the speed of navigation on our website.

Web storage is also a technology for web applications, with which data is stored on an end device. In simplified terms, web storage can be seen as a further development of cookies, but differs from them in a number of ways. Unlike cookies, web storage is fully controlled by the client. This means that data is not transmitted to the server every time the website is accessed. Access is exclusively local via scripts on the website. In concrete terms, this means that access by third parties to the stored information via the website is excluded. Only you and we can access the locally stored data.

How to avoid cookies

You can manually delete the cookies in the security settings of your browser at any time.

You can also prevent the storage of cookies from the outset by setting your browser accordingly. Please note, however, that you may then not be able to use all the functions of our website to their full extent or that errors may occur in the display and use of the website.

Third party providers

It is possible that third-party providers, with the help of which we design and operate our website, store and read out their own cookies or data in the web storage on your end device, in particular by means of so-called plugins (see below in the “Third-Party Services” section). If you only want to accept our own cookies and not cookies from third parties, you can prevent the storage of these cookies by setting the browser to “Block third-party cookies”. Even then, however, errors may occur when using the website.



Which cookies are used

new text

legal basis

The legal basis for the data processing associated with the use of cookies or web storage depends on the importance of the function for our website and on your use of the website.

The legal basis for the use of cookies that are essential for the website to function (e.g. session cookie) is Art. 6 Para. 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest results from our need to be able to offer you a functioning website. Cookies are necessary because they are an integral part of current Internet technology and many functions of current websites would not be available without cookies. We therefore need cookies in order to be able to make the website available to you at your request. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 DS-GVO. For this purpose, please use the contact details given in the imprint. However, we would like to point out that the processing of your data in certain cookies is mandatory within the meaning of Art. 21 Para. 1 DS-GVO, since otherwise the website cannot be operated at all and we do not have the technical possibility to set cookies on certain individual end devices. However, you may be able to do this yourself in your browser. For more information on this, please take a look at the instructions for your browser. Please note, however, that you may then not be able to use all the functions of our website to their full extent or that errors may occur in the display and use of the website.

The legal basis for the use of cookies, which are not absolutely necessary for the function of our website, is Art. 6 Para. 1 S. 1 Letter a) GDPR (consent of the person concerned). When you visit our website for the first time, we will ask you for your consent to the use of non-essential cookies via a displayed information text. You can revoke your consent at any time with effect for the future by deleting all cookies in your browser.

You can also revoke your consent at any time via our consent management, which you can find on our website and call up via the button on the bottom left.

We can also process the data you provide to inform you about other interesting products from our portfolio or to send you e-mails with technical information.

The legal basis for the use of your contact data for this is Art. 6 Para. 1 S. 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest results from our need to send you interesting information about our offer and our company (direct advertising).

You can object to the processing of your data on the basis of our legitimate interest in direct advertising at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

Third Party Services

To simplify our data processing and to expand the functionality of our website, we use services/resources from third parties, such as plugins, external content, software or other external service providers (services). Personal data may also be transmitted to the service provider. If data is processed on our behalf, we have contractually obliged the service providers to process your data only according to our instructions in accordance with Art. 28 DS-GVO.

We expressly point out that we are regularly only responsible for the data collection and transmission by the service within the meaning of the DS-GVO, but not for any subsequent processing by the respective service provider.

Specifically, we use the following services:

Website Builder, Hosting and Content Delivery Network

Our website is based on a so-called website construction kit. This is a service that allows us, without deep knowledge of website programming, to offer a website by simplifying the creation and maintenance of the website through a cloud-based user interface.

The term "cloud-based" means that the maintenance interface is provided for us by a third party on their servers. When using this application, the third-party provider collects personal data, which they can process on our behalf in accordance with our and their data protection regulations. At the same time, the provider usually provides the infrastructure required to operate the website.

Each time the application is called up, general information is automatically transmitted from your browser to the server (so-called server log files). See “Server log files” above for more information.

The legal basis for the use of cloud-based website construction kits including hosting services and the associated processing of your data is Art. 6 Para. 1 S. 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for a technically flawless presentation of our website, without us requiring in-depth knowledge of programming websites and maintaining IT systems. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

Our website also uses a so-called Content Delivery Network (CDN), which is also provided by the hosting provider. A CDN is a network of powerful servers that cache content in different locations around the world. A CDN essentially has two tasks: on the one hand, it should provide content in the shortest possible time and, on the other hand, it should relieve the web host by distributing the data traffic.

CDNs deliver two types of content: static and dynamic content. All website visitors receive static content in the same form, such as video content from streaming services or code frameworks (e.g. Javascript, jQuery). Dynamic content is first adapted to the user and only created at the moment of the request. This includes content that takes place via web applications, e-mail or online shops and is personalized. In order to be able to use the latter, information about the website visitor must first be transmitted to the CDN. Personal data can also be transmitted by you.

Each time the application is called up, general information is automatically transmitted from your browser to the server (so-called server log files). See “Server log files” above for more information.

The legal basis for the use of CDNs and the transmission of your data to them is Article 6 (1) sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest results from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

We use:

MyWebsiteCreator

We use the "MyWebsite Creator" service from 1&1 IONOS SE ("IONOS"), Elgendorfer Str. 57, 56410 Montabaur

You can find more information on handling user data in the IONOS data protection declaration:https://www.ionos.de/terms-gtc/terms-privacy/

We have concluded an order processing contract with IONOS.

Bootstrap/jsDelivr

We use the CDN service “BootstrapCDN” from Prospect One.io, Krolewska 65a, Krakow, Malopolskie 30-081, Poland.

More information on handling user data can be found in jsDelivr's data protection declaration:https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net.

IONOS Web Analytics

Our website uses the analysis services of IONOS WebAnalytics. The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D - 56410 Montabaur. This helps us analyze how our website is used. This is not a classic user tracking, no profiles are created. To protect personal data, WebAnalytics does not use cookies. The visitor's IP is transmitted when a page is called up, is anonymized immediately after transmission and is processed without personal reference. According to IONOS, no personal data of website visitors is stored, so that no conclusions can be drawn about individual visitors. The following data is collected:

• Referrer (previously visited website)
• Requested web page or file
• Browser type and browser version
• Operating system used
• Device type used
• time of access
• IP address in anonymous form (only used to determine the location of access)

The legal basis for the use of IONIOS WebAnalytics is Art. 6 Para. 1 S. 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest results from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

The legal basis for the use of IONOS WebAnalytics is Art. 6 Para. 1 S. 1 lit. a) GDPR (consent of the data subject). When you first call up the website, we ask you for your consent to use the service via a message text that is displayed.

You can also revoke your consent at any time via our consent management, which you can find on our website and call up using the button on the bottom left.

You can also prevent the setting of cookies altogether (see “How to avoid cookies” above).

Usercentrics

Our website uses Usercentrics consent management technology to obtain and document your consent to the storage of certain cookies on your device. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, website:https://usercentrics.com/de/(hereinafter "Usercentrics").

The consent management tool displays a dialog box when you first visit our website. The following personal data is transferred to Usercentrics:

• Your consent(s) or withdrawal of your consent(s)
• your IP address
• Information about your browser
• Information about your device
• time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to allocate the given consent or its revocation to you. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself, or the purpose for storing the data no longer applies. Mandatory statutory retention requirements remain unaffected.

The legal basis for the use of the CMP and the transmission of your data to the provider is Art. 6 Para. 1 S. 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to offer you a technically flawless and data protection-compliant consent solution and to relieve our own IT systems. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

Google Services

Our website uses the services of Google LLC ("Google US"), 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, listed below. If you have your habitual residence in the European Economic Area or Switzerland, the company is Google Ireland Limited ("Google EU"), Gordon House, Barrow Street, Dublin 4, Ireland, is the controller of your data.Google EU is the European subsidiary of Google US (both companies together "Google").

Even if you have your habitual residence in the European Economic Area or Switzerland, personal data can be transmitted from Google EU to Google US in the USA. There are the risks of data transmission to the USA mentioned above in the section "Data transmissions to third countries outside the EEA".

Google is certified according to the "EU-US Privacy Shield". In order to always ensure an appropriate level of protection for your data, even if your data is transmitted outside the scope of the GDPR, we have concluded contracts with Google that also include the standard data protection clauses issued by the EU Commission. In addition, we take further technical and organizational measures to protect personal data when it is transmitted outside the scope of the GDPR.

Data processing by Google in general

Google can process the transmitted data in order to create anonymous user profiles for statistical purposes. If you have also created a Google account in recognition of Google's terms of use and are logged into it, Google can assign the transmitted data to your account - also across devices. In principle, we have no influence on this data processing. Google is therefore responsible for this data processing.

More information on handling user data can be found in Google's data protection declaration:https://policies.google.com/privacy.

You can manage your Google advertising settings on the following website:https://adssettings.google.com/?hl=de(This setting will be deleted if you delete your cookies)

We use:

Google Advertising Features

We use various advertising services from Google. These enable us to advertise our offers with ads on the Google search engine, on Google Maps, on YouTube and on other external websites, to evaluate the effectiveness of these ads and to tailor our advertising measures to the needs of our customers.

The Purpose The use of Google advertising services and the associated data processing is to increase our sales and optimize advertising campaigns in terms of costs and benefits.

On our behalf, Google will collect pseudonymised information about our website visitors and process it into profiles, which Google will then use on our behalf to show you targeted advertising from us on other external pages of the Google partner network based on your interests. These ads are automatically delivered by Google via so-called "ad servers". Your browser therefore automatically establishes a direct connection to the Google server. By integrating ads, Google receives the information that you have accessed the relevant part of a website or clicked on an ad. If you are registered with a Google service, Google can assign your behavior to your account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will create and store a usage profile about you across devices.

Google also uses cookies and web storage (see the “Cookies and Web Storage” section for more information on cookies) to assign a unique identifier to your browser and to collect certain information about that identifier. Google can also use the cookies set by other Google services for this purpose. Among other things, the following can be recorded: your IP address, product and version information about the browser used and the operating system (so-called user agent), the website from which you accessed it (so-called referrer), date and time of the request and possibly Your internet service provider. In addition, the following can be recorded: Session duration/length of stay, bounce rate, orders, creating accounts, viewing contact data and ratings, playing media, updating the page, adding to favourites/bookmarks, sharing content (social media), origin of the user (e.g (e.g. email, google search).

As part of our order, Google also records so-called "conversions" (in German: conversions) so that we can optimize our advertising measures. A conversion can be recorded, for example, if you see one of our advertisements displayed by Google and later carry out actions on our website with the same browser. By recording conversions, we learn, for example, the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag.

Google also offers a remarketing or “similar audiences” feature. We use this function to place interest-based, personalized advertising on third-party websites that also participate in Google's advertising network. This function can mean that, after visiting our website, you will then see advertisements from us on the website of a third party if the third party also uses the Google advertising network.

We ourselves do not collect or process any personal data through the advertising measures mentioned. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify you based on this information.

On the Advertising page ( https://policies.google.com/technologies/ads?hl=de ) you can learn more about advertising on Google and how exactly your data is used in connection with advertising and how long Google stores this data.

The legal basis for the use of Google's advertising services is Art. 6 Para. 1 S. 1 lit. a) GDPR (consent of the person concerned). When you first call up the website, we ask you for your consent to use the service via a message text that is displayed. We would like to point out that your consent also includes any transmission to the USA. We have outlined the associated risks above. You can revoke your consent at any time with effect for the future by deleting all cookies in your browser. How this works in your browser can be found in the browser instructions.

You can also revoke your consent at any time via our consent management, which you can find on our website and call up using the button on the bottom left.

You can also prevent the collection of the above information in several ways:

• by setting your browser software accordingly not to accept cookies (see “How to avoid cookies” above),
• by deactivating data collection on the service-spanning websitehttps://www.youronlinechoices.com/de/praferenzmanagement/(This setting will be deleted if you delete your cookies),
• by disabling cookies for Google's conversion tracking on the following website:
  https://adssettings.google.com/?hl=de(This setting will be deleted if you delete your cookies) or
• by permanently deactivating data collection in your Firefox, Internet Explorer or Google Chrome browsers by clicking on the linkhttp://www.google.com/settings/ads/pluginInstall available browser plugin.

We would like to point out that you may not be able to use all the functions of our website to their full extent due to the corresponding settings.

Google Analytics

Our website uses the "Google Analytics" service from Google. By evaluating the http server requests and set cookies, Google Analytics collects information to enable us to analyze the use of the website by our website visitors, on the basis of which we can make improvements and thus optimize our website.

The Purpose The use of Google Analytics and the associated data processing is an optimization of the user experience on the website based on the use of the same.

On our behalf, Google will collect and process information about our website visitors and make it available to us so that we can evaluate your use of our website, compile reports on website activity and provide other services related to website activity and internet usage. We cannot draw any conclusions about your identity from the data made available to us.

Google also uses cookies and web storage (see the “Cookies and Web Storage” section for more information on cookies) to assign a unique identifier to your browser and to collect certain information about that identifier. Among other things, the following can be recorded: your IP address, product and version information about the browser used and the operating system (so-called user agent), the website from which you accessed it (so-called referrer), date and time of the request and possibly Your internet service provider. In addition, the following can be recorded: Session duration/length of stay, bounce rate, orders, creating accounts, viewing contact data and ratings, playing media, updating the page, adding to favourites/bookmarks, sharing content (social media), origin of the user (e.g (e.g. email, google search).

The information collected by the service about the use of the website by users is usually transmitted to a Google server in the USA and stored and processed there. There are the risks of data transmission to the USA mentioned above in the section "Data transmissions to third countries outside the EEA". In order to always ensure an appropriate level of protection for your data, even if your data is transmitted outside the scope of the GDPR, commercial transactions with Google data processing conditions ( https://privacy.google.com/businesses/processorterms/ ), which also include the standard data protection clauses issued by the EU Commission.

We have also activated the IP anonymization function, so that the IP address transmitted to Google is partially made unrecognizable before it is transmitted outside the scope of the GDPR. Only in exceptional cases will the full IP address first be sent to a Google server and shortened there immediately. In neither of these two cases is the full IP address ever stored on a hard drive at Google. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

For more information on the terms of use and data protection for Google Analytics, see http://www.google.com/analytics/terms/de.html or under https://policies.google.com/technologies/partner-sites?hl=de

The legal basis for the use of Google Analytics is Art. 6 Para. 1 S. 1 lit. a) GDPR (consent of the data subject). When you first call up the website, we ask you for your consent to use the service via a message text that is displayed. We would like to point out that your consent also includes any transmission to the USA. We have outlined the associated risks above. You can revoke your consent at any time with effect for the future by deleting all cookies in your browser. How this works in your browser can be found in the browser instructions.

You can also revoke your consent at any time via our consent management, which you can find on our website and call up using the button on the bottom left.

You can prevent the data generated by the cookies and related to the use of the website (incl. IP address) from being transmitted to Google or processed by Google by downloading the browser plug-in available under the following link and in your install browsers. The current link is: http://tools.google.com/dlpage/gaoptout?hl=de .

You can also prevent the setting of cookies altogether (see “How to avoid cookies” above).

Google Tag Manager

Our website uses the support service "Google Tag Manager" from Google. This service does not process any personal data itself. However, the Google Tag Manager triggers scripts that are required by other services to collect data. Google Tag Manager cannot access this data.

Google Ads

Our website uses the "Ads" service from Google. See the data protection information above under "Google advertising functions".

Google reCAPTCHA

Our website uses Google's "Google reCAPTCHA" protection against abuse. reCAPTCHA is used to prevent cyber attacks and harassment by so-called "bots" (artificial website users) by using an input field to check whether it is a real person who is visiting the website. This service enables us to operate our website stably and to protect it from misuse. For this purpose, the data entered is usually transferred to a Google server in the USA and processed there for verification. As a result of this request, the following information, among other things, is transmitted to the Google server and stored there: Your entry in the input field, your IP address, product and version information about the browser and operating system used (so-called user agent), the website, from which you accessed (so-called referrer), date and time of the request and possibly your Internet service provider.

This service uses the web storage of your browser. See the Web Storage section above for more information.

The legal basis for the processing of your data in relation to the "Google reCAPTCHA" service is Article 6 (1) sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest results from our need for effective protection of our online offer against cyber attacks and misuse. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

Google Translator

Our website uses the translation service “Google Translator” from Google. Google Translator is used to offer our website in different languages and thus make it accessible to non-German-speaking customers. This service enables us to display our website in different languages without having to translate the content individually ourselves. For this purpose, the content of our site is transmitted to an external Google server in the USA, translated there and then transmitted to the browser of the website visitor when the latter requests the function. As a result of this request, the following information, among other things, is transmitted to the Google server and stored there: Your IP address, product and version information about the browser used and the operating system (so-called user agent), the website from which you accessed ( so-called referrer), date and time of the request and possibly your Internet service provider.

The legal basis for the processing of your data in relation to the "Google Translator" service is Article 6 (1) sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to make our website accessible to a broader group of interested parties. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

YouTube

Our website uses the video service "YouTube" from Google. YouTube is used to integrate videos into our website at various points. When videos are played, information is usually transferred to a Google server in the USA and stored there for several months. Google uses this data, among other things, to collect statistics and to improve the service.

YouTube also establishes a connection to Google's own advertising network. We ourselves do not collect or process any personal data through a connection to Google's own advertising network. On the Advertising page ( https://policies.google.com/technologies/ads?hl=de ) you can find out more about advertising on Google, how exactly your data is used in connection with advertising and how long Google stores this data.

Due to the programming of the YouTube videos, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and are therefore informing you according to our current level of knowledge: By integrating advertisements, Google receives the information that you have accessed the relevant part of our website or clicked on an ad. If you are registered with a Google service, Google can assign your behavior to your account. Even if you are not registered with Google or have not logged in, it is possible for Google to create and store a usage profile about you across devices (so-called tracking).

You can prevent participation in this tracking process in several ways:

• by setting your browser software accordingly not to accept cookies (see “How to avoid cookies” above),
• by disabling cookies for conversion tracking on the following website:https://adssettings.google.com/?hl=de(This setting will be deleted if you delete your cookies) or
• by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the linkhttp://www.google.com/settings/ads/plugin.

We would like to point out that you may not be able to use all the functions of our website to their full extent due to the corresponding settings.

The information collected through the service is usually transferred to a Google server in the USA and stored and processed there. There are the risks of data transmission to the USA mentioned above in the section "Data transmissions to third countries outside the EEA".

We have embedded our videos in privacy-enhanced mode to ensure that a connection to Google's servers is only established upon playback.

The service stores and evaluates cookies (see “Cookies” above) on your end device. This service uses the web storage of your browser. See above for more information.

The legal basis for the use of Google Maps is Art. 6 Para. 1 S. 1 lit. a) GDPR (consent of the data subject). When you display a video, we ask you for your consent to use the service via a text that is displayed. We would like to point out that your consent also includes any transmission to the USA. We have outlined the associated risks above. You can revoke your consent at any time with effect for the future by deleting all cookies in your browser. How this works in your browser can be found in the browser instructions.

Social Media Fan Pages

In addition to our website, we maintain online presences on social platforms in order to be able to communicate with customers, interested parties and users who are active there and to inform them about our services.

If you visit our presence on a social platform, your data will usually be processed by the respective provider of the platform for our market research and advertising purposes. The provider can also process the data for its own purposes. Usage profiles can be created from your usage behavior and your resulting interests. These usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to your interests. For these purposes, cookies (see above) are usually stored on your end device, in which your usage behavior and your interests are stored. In particular, if you are a member of the respective platforms and are logged in to them, additional data can be stored independently in the usage profiles. For a detailed description of the respective data processing and the possibility of objection, we refer to the following linked information from the providers, as only they know the exact processes of their data processing.

We would like to point out that your data can also be processed outside the European Union. This can give rise to risks, for example because it could make it more difficult to enforce your rights.

The legal basis for the use of the online presence and the associated data processing is generally Article 6 Paragraph 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to present ourselves to visitors and users of social networks and to make statements of all kinds in the media and opinion market. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

The use of statistical data from all visitors to our social media websites, which is collected, processed and made available to us by the respective site operators, is based on Art. 6 Para. 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing ). The legitimate interest results from our need for an anonymous evaluation of the visit and usage behavior on our websites for the user-oriented improvement of the design of our online offer and the optimization of our communication with interested parties. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

If you are asked by the respective providers for your consent to data processing, the legal basis for the processing is Article 6 (1) sentence 1 letter a) GDPR (consent of the data subject). You can revoke this consent at any time with effect for the future. To do this, please contact the provider who asked for your consent.

In the event that you want to assert your above-mentioned rights, we would like to point out that these can be asserted most effectively with the providers, despite possible joint responsibility. As a rule, only the providers have direct access to your data and can take appropriate measures and provide information directly. If you still need help, you can contact us and we will support you at any time within the scope of our possibilities.

We are represented on:

Instagram

Instagram is a social network operated by Facebook Inc. (“Facebook US”), 1601 Willow Road, Menlo Park, California 94025, USA. If you have your habitual residence in the European Economic Area or Switzerland, the company Facebook Ireland Ltd. (Facebook EU"), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is the controller of your data. Facebook EU is the European subsidiary of Facebook US (both companies together “Facebook”).

When you use the platform, the information collected is usually transferred to a Facebook server in the USA and stored and processed there. There are the above risks of data transmission to the USA.

The company Facebook Inc. meets the requirements of the "EU-US Privacy Shield" (in German: EU-US data protection shield). Further information on data protection at Instagram can be found at:http://instagram.com/about/legal/privacy/.

Further information on data protection at Facebook can be found at:https://www.facebook.com/about/privacy/.

Modification of this privacy policy

We expressly reserve the right to change this data protection declaration at any time with effect for the future, in particular to adapt it to changed legal requirements and standards.

Status of the data protection declaration: 06/14/2023

If you have any comments or complaints about this data protection declaration, please contact:

Paluka Lawyers Loibl Specht PartmbB
Prinz-Ludwig-Strasse 11
93055 Regensburg