1. General information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. You can find detailed information on the subject of data protection in our data protection declaration below this text.
Data collection on our website – general questions
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected when you communicate it to us. This can e.g. be data that you enter in a contact form.
Other data are automatically recorded by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of the page was viewed). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected in order to ensure that the website is error-free. Other data can be used to analyze your user behavior.
What are your rights with regard to your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions about data protection. You also have the right to lodge a complaint with the competent supervisory authority.
Information about the collection of personal data
(1) In the following we provide information about the collection of personal data when using our website. Personal data are all data that can be related to you personally, e.g. B. Name, address, e-mail addresses, user behavior.
(2) Responsible acc. Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is
Phone: +49 (0) 89 235 193 931
The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).
(3) When you contact us by e-mail or using a contact form, the data you provide (your e-mail address, possibly your name and your telephone number) will be saved by us in order to answer your questions. We delete the data that arises in this context after it is no longer required to store it, or we limit processing if there are statutory retention requirements.
(4) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes. We also state the specified criteria for the duration of the stay.
(1) You have the following rights with regard to your personal data:
• Right to information,
• Right to correction or deletion,
• Right to restriction of processing,
• Right to object to processing,
• Right to data portability.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
(3) Our data protection officer is available to answer questions about the processing of your personal data at:
Data protection officer of mailcommerce GmbH
2. Collection of personal data when you visit our website
(1) If you only use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data, which is technically necessary for us to display our website to you and to guarantee stability and security (the legal basis is Article 6 (1), sentence 1, letter f GDPR ):
• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status / HTTP status code
• Amount of data transferred in each case
• Website from which the request came
• Operating system and its interface
• Language and version of the browser software.
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and through which certain information flows to the place that sets the cookie (in this case by us). Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.
a) This website uses the following types of cookies, the scope and functionality of which are explained below:
• Transient cookies (see b)
• Persistent cookies (see c).
b) Transient cookies are automatically deleted when you close the browser. This includes in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This enables your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which can differ depending on the cookie. You can delete cookies at any time in the security settings of your browser.
d) You can configure your browser settings according to your wishes and e.g. B. reject the acceptance of third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.
Analysis tools and third-party tools
When you visit our website, your surfing behavior can be statistically evaluated. This is mainly done with cookies and so-called analysis programs. Your surfing behavior is usually analyzed anonymously; surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following data protection declaration.
You can object to this analysis. We will inform you about the possibilities of objection in this data protection declaration.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this site uses an SSL or. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.
If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Information, blocking, deletion
You have a right to get information about your user information we hold about you. You may add, update, block or delete information. If you wish to exercise your rights, you can contact us by email (see contact above or Imprint). Alternatively, you can write to the address mentioned above.
3. Data collection on our website
CMP from Quantcast
In order to make it easier for you to select permitted cookies or, if necessary, to obtain your consent to the use of the cookies used, we use Quantcast Choice, a GDPR-compliant Consent Management Platform (CMP) from the provider Quantcast International Limited, Beaux Lane House, Lower Mercer Street , 1st Floor, Dublin 2, Ireland (“Quantcast”). You can access detailed data protection settings via a pop-up window and save the settings you have made for future visits to our website. Further information on data protection and cookies from Quantcast. You can find it under https://www.quantcast.com/privacy/.
Server log files
The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- the operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data will not be merged with other data sources.
The basis for data processing is Art. 6 Para. 1 lit. f GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
For our website we use OneSignal, a push message service of OneSignal Inc., 2194 Esperanca Avenue, Santa Clara, CA 95054, United States, (hereinafter referred to as ‘ONESIGNAL’) to send push messages to users and to send push messages to organize, optimize and adapt to our users. The personal data collected by ONESIGNAL include your IP address and are transmitted to and processed in the USA.
The processing of your data via OneSignal is based on your consent (Art 6 Paragraph 1 lit a GDPR).
You can refuse to receive push notifications by making the appropriate settings on your device.
4. Social Media
Online presence in social media
We maintain an online presence within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services.
We would like to point out that user data can be processed outside of the European Union. This can result in risks for the user, because e.g. the enforcement of user rights could be made more difficult. With regard to US providers who are certified under the Privacy Shield, we would like to point out that they undertake to comply with the EU data protection standards.
Furthermore, user data is usually processed for market research and advertising purposes. E.g. User profiles are created from the usage behavior and the resulting interests of the users. The user profiles can be used to e.g. place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the usage behavior and the interests of the user are stored. Furthermore, data can be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of the personal data of the users is based on our legitimate interests in an effective information of the users and communication with the users acc. Art. 6 para. 1 lit. f. GDPR. If the users are asked for their consent to data processing by the respective providers (i.e. declare their consent, e.g. by ticking a check box or confirming a button), the legal basis for processing is Art. 6 Para. 1 lit. a., Art. 7 GDPR.
For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the following linked information of the providers.
Also in the case of requests for information and the assertion of user rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information. If you still need help, you can contact us.
– Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland), Data protection declaration: https://www.facebook.com/about/privacy/, Opt-Out: https: // www. facebook.com/settings?tab=ads and https://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
– Google / YouTube (Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA) – Data protection declaration: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – data protection declaration / opt-out: https://instagram.com/about/legal/privacy/.
– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data protection declaration: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
– Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – data protection declaration / opt-out: https://about.pinterest.com/de/privacy-policy.
Share content using Shariff sharing functions
We use the data protection-safe “Shariff” buttons. “Shariff” was developed to allow more privacy on the Internet and to replace the usual “Share” buttons on social networks. It is not the user’s browser, but the server on which this online offer is located that establishes a connection with the server of the respective social media platforms and asks e.g. the number of likes, etc. The user remains anonymous.
At the moment the plugin supports 32 services: AddThis, Bitcoin, Diaspora, Facebook, Flattr, Flipboard, GooglePlus, LinkedIn, mailto, Mastodon, Odnoklassniki, Patreon, PayPal, PayPal.me, Pinterest, Pocket, Printer, Qzone, Reddit, RSS, SMS, Stumbleupon, Telegram, TencentWeibo, Threema, Tumblr, Twitter, VK, Wallabag, Weibo, WhatsApp, Xing.
More information about the Shariff project can be found in the original Github project or on the information page of the c’t magazine. Information about the plugin itself can be found at https://de.wordpress.org/plugins/shariff/.
Use of Facebook social plugins
Plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our website. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/.
When you visit our website, a direct connection is established between your browser and the Facebook server via the plugin. As a result, Facebook receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This enables Facebook to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Facebook. You can find more information on this in Facebook’s data protection declaration at: https://de-de.facebook.com/policy.php.
If you do not want Facebook to be able to assign your visit to our website to your Facebook user account, please log out of your Facebook user account.
Functions and contents of the Twitter service, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, can be integrated into our online offer. For this purpose, e.g. Contents such as images, videos or texts and buttons belong with which users can share contents of this online offer within Twitter.
If the users are members of the Twitter platform, Twitter can call the o.g. Assign content and functions to the profiles of the users there. Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active).
Further information can be found in Twitter’s data protection declaration at: https://twitter.com/privacy. You can change your data protection settings on Twitter in the account settings at https://twitter.com/account/settings. You can find the option to opt out at: https://twitter.com/personalization.
Functions and contents of the Pinterest service, offered by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA, can be integrated into our online offer. For this purpose, e.g. Contents such as images, videos or texts and buttons belong with which users can share contents of this online offer within Pinterest. If the users are members of the Pinterest platform, Pinterest can call up the o.g. Assign content and functions to the profiles of the users there. Pinterest data protection declaration: https://about.pinterest.com/de/privacy-policy.
We use buttons from the “WhatsApp” service (WhatsApp Inc., 1601 Willow Road, Menlo Park, California 94025, USA – hereinafter “WhatsApp”) on our website to make the use of our website more personal for you. The underlying advertising purpose is a legitimate interest within the meaning of Art. 6 Para. 1 S. 1 lit. f) GDPR.
With the Shariff solution, we display buttons according to the respective social plug-ins, with the difference that when you visit our website with the buttons shown, your browser does not connect to WhatsApp. A script calls up how often e.g. a page has already been shared. It makes contact with WhatsApp via the programming interfaces (APIs) of the services and calls up the numbers. Therefore, only the server address is transmitted to WhatsApp (not your IP address). A direct connection between your browser and the WhatsApp server is only established when you actively press the WhatsApp button. WhatsApp receives the information that you have visited our site. This information (including your IP address) is sent directly from your browser to a WhatsApp server in the USA and stored there.
You can find more detailed data protection information on WhatsApp’s services and additional information here: https://www.whatsapp.com/legal/
5. Analysis tools and advertising
On our behalf, Google will use this information to evaluate your bbehaviour on our website, to compile reports on website activity and to provide us with other information about website activity and internet usage.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by using the browser plug-in. You can download and install the plug-in-in here: http://tools.google.com/dlpage/gaoptout?hl=de.
You can find more information on the use of data by Google, setting and objection options in Google’s data protection declaration (https://policies.google.com/privacy) and in the settings for displaying advertisements by Google (https://adssettings.google.com/authenticated).
If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or is only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. This does not affect data that we have stored for other purposes (e.g. email addresses for the members’ area).
Newsletter – External Service Provider
We use the service provider Episerver for the newsletter send out: Episerver Campaign, Wallstraße 16, 10179 Berlin.
Episerver is a service provider that enables us to send the newsletters you have subscribed to quickly and easily. In addition, sending via Episerver allows us to analyze your opening and clicking behavior in the newsletter. Episerver stores this data on a secure server in the EU.
If you are not interested in the storage or analysis of this data by Episerver, you must unsubscribe from the newsletter. A corresponding link is provided in the newsletter for this purpose.
The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data that we have saved about you remain on the server until you unsubscribe from the newsletter or request that it be deleted.
Further information can be found at https://www.episerver.com/de/trust-center/datenschutz.
7. Integration of services and content from third parties
We embed the videos from the “YouTube” platform provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google Web Fonts
This page uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.