Data protection

(Last updated: 1 October 2018)

1. Part 1: Data protection information regarding our data processing pursuant to Articles (Art.) 13, 14 and 21 of the General Data Protection Regulation (GDPR)
2. Part 2: data protection statement for our website

Part 1: Data protection information regarding our data processing pursuant to Articles (Art.) 13, 14 and 21 of the General Data Protection Regulation (GDPR)

We take data protection seriously: the following aims to provide you with information on how we process your data, and what rights and claims you have in accordance with the data protection regulations. Valid as from 25 May 2018.
The data protection information set out below covers all activities relevant to data protection which are carried out by all members of the SANDFOX Group, as well as services provided for external companies, see companies listed under 1. Personal data is processed by the companies listed under 1 in line with the same principles and methods, meaning that a uniform data protection policy applies.

1. Contact information and controller responsible for data processing

Controller responsible with regard to data protection law
SANDFOX  GmbH & Co.  
SANDFOX …. 
….. 
Tel. +49 (0)…. 
Fax: +49 (0)…. 
[email protected]

Contact information of our Data Protection Officer:
SANDFOX GmbH & Co. 
Data Protection Officer 
SANDFOX …. 
….. 
Tel. +49 (0)…. 
Fax: +49 (0)…. 
[email protected]

2. Purposes and the legal basis on which we process your data

We process personal data in accordance with the provisions governing the General Data Protection Regulation (GDPR), the Federal Data Protection Act of Germany (BDSG) and other applicable data protection regulations (see below). The specific data that is actually processed, and how this is done, is mainly geared to the services which have been agreed to or applied for. Further details or additional information in relation to the processing of personal data can be obtained from the respective contracts, forms, declaration of consent and/or other information which has been made available (e.g. as part of using our website or our terms and conditions of business). Furthermore, this information on data protection may be updated from time to time and can be referred to by visiting our website https://www.sandfox-gear.de/data-protection.

2.1 Purposes of fulfilling a contract or steps prior to entering into a contract (Art. 6 Para. 1 b GDPR)

Processing personal data is done for the purpose of performing our contract(s) with you and carrying out your orders, as well as to undertake measures and activities which form part of pre-contractual relations, e.g. with prospective customers. In particular, processing information enables us to deliver our products and related services in accordance with your orders and wishes whilst at the same time providing appropriate services, measures and activities. This includes first and foremost the following: corresponding with you regarding details of the proof of transactions, orders and other agreements, as well as quality assurance by means of corresponding documentation, proceedings as a gesture of goodwill, measures for managing and optimizing business processes as well as fulfilling general duty to take care, managing and controlling affiliated companies (e.g. parent company); statistic evaluations concerning corporate management, recording costs and financial control, reporting, internal and external communication, crisis management, settlement of accounts and tax assessments of company services, risk management, assertion of legal claims and defense regarding legal proceedings; guaranteeing IT security (incl. system or plausibility tests) and general security, of which security for premises and plants, ensuring and awareness of householder’s rights (e.g. by means of entry checks); guaranteeing integrity, authenticity and availability of data, prevention and investigation of offences; checks by supervisory boards or monitoring bodies (e.g. audits).

2.2 Purposes of legitimate interests by ourselves or third parties (Art. 6 Para. 1 f GDPR)

In addition to fulfilling the actual contract (or pre-contract), we also process your data in cases where it is necessary in order to protect our legitimate interests, and those of third parties, particularly for the following purposes:

• For advertising, market research and opinion polls, insofar as you have not expressed objection to your data being used;
• For obtaining information and exchanging data with credit agencies, insofar as this exceeds our commercial risk;
• For checking and optimizing processes for needs analysis;
• For further developing services and products as well as existing systems and processes;
• For disclosure of personal data as part of due diligence in the context of company sales negotiations;
• For comparing with European and international antiterror lists, going beyond legal requirements;
• For enhancing our data, including for use or research of publicly available data;
• For statistical evaluations or market analysis;
• For benchmarking;
• For enforcing legal requirements and defense in legal disputes which cannot be attributed directly to the contractual relationship;
• For limited storage of data when deleting it is not possible due to the special nature of storing it, or is only possible with unreasonable effort;
• For development of scoring systems or automated decision-making processes;
• For preventing and investigating crimes, where this is not solely for the fulfilment of legal requirements;
• For fraud prevention;
• For security of buildings and facilities (e.g. via access control and video surveillance), where this exceeds general due diligence obligations;
• For internal and external investigations, security checks;
• For listening in on or recording telephone conversations for quality control or training purposes;
• For obtaining or maintaining certification of a private or official regulatory nature;
• For guaranteeing and recognizing domiciliary rights using appropriate measures and video surveillance to protect our customers and employees, as well as to secure proof in the case of crime, as well as preventing it.

2.3 Purposes where you have given your consent (Art. 6 Para. 1 a GDPR)

Processing your personal data for specific purposes (e.g. using your email address for marketing purposes) is possible once you have given your consent. You are normally able to revoke this at any time. This also applies to revoking declarations of consent which you confirmed to us prior to the GDPR coming into effect on 25 May 2018. We will let you know about the consequences of revoking consent or not giving consent in a separate text concerning consent.
Revoking consent generally applies to the future. Any processing that was conducted prior to revoking consent is not affected by the regulation and remains lawful.

2.4 Purposes regarding fulfilment of legal obligations (Art. 6 Para. 1 c GDPR) or which are carried out in the public interest (Art. 6 Abs. 1 e GDPR)

Like everyone involved in business, we, too, are subject to a whole host of legal obligations. These are, first and foremost, legal requirements (e.g. trade and tax laws), but also, where applicable, regulatory and official obligations (e.g. court verdicts). For purposes of processing, this involves, where applicable, checking identity and age, prevention of fraud and money laundering, preventing, fighting and investigating the finance of terrorism and offences where assets are in danger, comparisons with European and international anti-terror lists, complying with monitoring and reporting of fiscal obligations, as well as archiving data for data protection purposes and data security, plus checks by tax authorities and other authorities. Furthermore, the disclosure of personal data can be required during the course of official/judicial measures for purposes of taking of evidence, persecution or enforcement of claims according to civil law.

3. The data categories processed by us insofar as we did not receive them directly from you, and their origin

Where this is necessary for rendering our services, we process personal data received permissibly from other companies or other third parties (e.g. credit agencies, directory publishers). Further, we process personal data taken permissibly from publicly accessible sources (e.g. telephone directories, commercial registers and register of associations, register of residents, records of debtors, land registers, press, internet and other media) or otherwise received or purchased and which we have permission to process.

Relevant personal data categories may include, in particular:

• Personal data (name, date of birth, place of birth, gender, nationality, marital status, profession/industry and comparable data)
• Contact data (address, e-mail address, telephone number and comparable data)
• Address data (registration data and comparable data)
• Payment/cover confirmation for bank and credit cards
• Information on your financial situation (credit-rating data, including score, i.e. data regarding assessment of the financial risk)
• Customer history, order history, including clothes size
• Data on your use of tele media provided by ourselves (e.g. time when you opened our website, apps or newsletters, IP address, our pages/links that you clicked on or entries and comparable data)
• Image and video data

4. Recipients or categories of recipients of your data

Internal controllers or organizational units within the companies belonging to the SANDFOX Group (referred to in section 1) receive your data, which they require in order to fulfil our contractual and legal obligations, or as part of processing and implementing our justified interest. Your data is only passed on to external sites,

• in conjunction with handling the contract;
• to SANDFOX Store operators, in connection with promotions initiated by SANDFOX Stores;
• to SANDFOX store operators, in connection with your application for a customer account or a SANDFOX loyalty program as well as your purchase from a participating SANDFOX Store or the official SANDFOX Online Shop insofar as you have a customer account or are participating in a SANDFOX loyalty program;
• for the purpose of fulfilling legal obligations where we are required to provide information, notify or pass on data, or where passing on data is in the public interest (see 2.4);
• where external service providers process data on our behalf as a commissioned processing company or a company that undertakes functions (e.g. external data processing centers, support/maintenance of EDP/IT applications, archiving, document processing, call center services, compliance services, financial control, data screening for anti-money laundering purposes, checking data validation and plausibility, data destruction, purchasing / procurement, customer management, letter-shops, marketing, media engineering, research, risk control, billing, telephony, website management, auditing services, credit institutions, printers or companies for data disposal, courier services, logistics);
• as a result of our justified interest or that of a third party in the context of the purposes listed under 2.2 (e.g. authorities, credit agencies, debt-collecting agency, solicitors, courts, experts, affiliated companies and committees and regulatory boards);
• if you have given us consent to pass onto third parties.

We will not pass on your data to any third parties. Where we commission service providers as part of processing an order, your data is subject to the same security standards there as it is when stored with us. In all other cases, the recipients of data may only use this data for the purposes for which it has been transferred.

5. Length of time that your data may be stored

We will process and store your data for the duration of our business. This also includes the initiation of a contract (pre-contractual legal relationship) and the execution of a contract.

Furthermore, we are subject to various legal obligations in terms of retention and documenting, which stem from, e.g. the German Commercial Code (HGB) and the tax code (AO). The deadlines given in the respective tax code for storing and documenting data are up to ten years beyond the end of the business or legal relationship.

Further, special legal provisions require a longer retention term such as, e.g. retaining means of evidence as part of the legal provisions governing statute of limitations. In accordance with Sections 195 et seq. of the German Civil Code (BGB), the normal statute of limitations is three years; however, statutes of limitations of up to 30 years can also be applied.

If data is no longer required for fulfilling contractual or legal obligations and rights, this shall be deleted on a regular basis, unless the further processing of this data – limited in terms of time – is required in order to meet the purposes of a prominent justified interest listed under 2.2. Such a prevailing justified interest is the case if, for example, deleting is not possible or is only possible as a result of a disproportionate amount of effort due to the special nature of storing the data, and processing for other purposes by means of technical and organisational measures has been ruled out.

6. Processing your data in a third country or through an international organization

Transferring data to sites in states outside of the European Union (EU) or the European Economic Area (EEA) (so-called third countries) occurs if it should become necessary in order to execute an order/contract from or with you, if it is legally prescribed (e.g. duty to report according to tax law), if there is a justified interest by ourselves or on the part of a third party, or if you have given your consent.
Here, the processing of your data in a third country may also occur in conjunction with engaging with service providers in the context of processing orders. Insofar as the EU Commission has not agreed a resolution with the country in question regarding a reasonable level of data security, we guarantee that corresponding contracts exist in line with data protection requirements of the EU, meaning that your rights and liberties are protected and guaranteed to a reasonable extent. Detailed information is available upon request. Information on suitable or appropriate guarantees and regarding the possibility to get a copy from them, can be requested from the company data protection officer.

7. Your data protection rights

You can assert your data protection rights against us under certain circumstances

• Indeed, you are entitled to obtain information from us concerning data stored with us according to provisions governing Art. 15 GDPR (including restrictions, where applicable, in accordance with Section 34 of the Federal Data Protection Act).
• We will rectify data stored about you in line with Art. 16 GDPR if the data is irrelevant or inaccurate.
• If you so wish, we will erase your data in accordance with the principles governing Art. 17 GDPR in-sofar as other legal regulations (e.g. legal retention requirements or restrictions as per Section 35 of the Federal Data Protection Act) or a prevailing interest on our part (e.g. defending our rights and claims) do not stand in the way.
• Taking into consideration the prerequisites set out in Art. 18 GDPR, you may request that we restrict the processing of your data.
• Furthermore, you may lodge an objection to your data being processed in line with Art. 21 GDPR, resulting in us having to stop the processing of your data. Nevertheless, this right to object shall only apply on grounds relating to your particular personal situation, whereby the rights of our company may come into conflict with your right to objection.
• You also have the right to receive your data in a structured, commonly used and machine-readable format in line with the provisions governing Art. 20 GDPR, or to have the data transmitted to a third party.
• Furthermore, you have the right to revoke any consent already given concerning the processing of personal data with future effect (see 2.3).
• Further, you have the right to lodge a complaint with a data supervisory authority (Art. 77 GDPR). Nevertheless, we would recommend always sending a complaint to our data protection officer in the first instance.

Your application concerning the exertion of your rights should, wherever possible, be in writing and sent to the address above, or directly to our data protection officer.

8. Extent of your obligations to make your personal data available to us

You are only required to make data available which is needed in order to start and carry out a business relationship or regarding a pre-contractual relationship with us, or data which is necessary in line with legal provisions. We will not normally be in a position to conclude or carry out a contract without this information. This may refer to data subsequently required as part of the business relationship. Where we have requested data from you beyond the above, we will point out separately that these details are given on a voluntary basis.

9. Existence of an automated decision on a case-by-case basis (including profiling)

We do not use a purely automated individual decision-making process in line with the provisions governing Article 22 GDPR. Insofar as we introduce this type of process on a case-by-case basis in the future, we will let you know about it separately if this is legally prescribed.

Under certain circumstances, we sometimes process your personal data with the aim of evaluating specific personal aspects (profiling). In order to provide tailored information and advice about our products, we also apply evaluation tools where necessary. This results in a range of products, communication and advertising which is more tailored to your needs, including market research and opinion surveys.

These types of procedures can also be used to assess your credit rating and creditworthiness, and for the purposes of fighting against money laundering and fraud. So-called “score values” are used to assess your creditworthiness and credit rating. Scoring employs a mathematical process which calculates the probability of a customer being able to keep up with payment obligations as set out in the contract. Consequently, these scores help us to assess creditworthiness and take decisions on contracts, and are incorporated in our risk management. The calculation is based on a recognised, tried-and-tested mathematical and statistical process and weighs up your data, especially income, expenditure, and current liabilities, job, employer, term of employment, experiences resulting from previous business relations, repayment of previous loans in line with the contract terms as well as information obtained from credit agencies.

Details concerning nationality as well as special categories of personal data are not processed in this respect as per Art. 9 GDPR.

Information concerning your right to object Art. 21 GDDP

1. You have the right to object to the processing of your personal data occurring as a result of Art. 6 Para. 1 f GDPR (data processing based on evaluating interests) or Art. 6 Para. 1 e GDPR (data processing in the public interest) if there are reasons pertaining to your own special situation. This is also valid for profiling based on these terms in line with Art. 4 no. 4 GDPR.
   If you revoke your consent, we will no longer process your personal data unless we can prove compelling and legitimate reasons for doing so which outweigh your interests, rights and liberties, or if the processing serves to assert, exert or defend legal claims.
2. We will also process your personal data in order to, where applicable, conduct direct advertising. Where you do not wish to receive advertising, you have the right, at any stage, to revoke your consent; this also applies to profiling insofar as it is in conjunction with this direct advertising. This revocation of consent will be taken into account for any future advertising.
   You data will no longer be processed for direct marketing purposes if you object to your data being processed for these purposes.

Your objection is not subject to any formal requirements and should be sent to

SANDFOX Ausrüstung für Draussen GmbH & Co. KGaA
SANDFOX Kreisel 1
D-65510 Idstein/Ts

Our data protection statement, as well as information on how we process our data in accordance with Articles (Art.) 13, 14 and 21 GDPR may change from time to time. Any amendments will be published on this page. Older versions are available in our archive for you to consult.

Data protection information last updated: 15.05.2018

Part 2: data protection statement for our website

This website and all internet-based services and applications (hereafter “website”) are the responsibility of SANDFOX Retail GmbH, a limited company with registered offices at SANDFOX-….., and established according to German law and registered in the Commercial Register of the local court of Wiesbaden under HRB 24710. (Hereinafter “we”, “us”, or “SANDFOX”).

Your privacy is important to us at SANDFOX and we strictly comply with the regulations set by the German Data Protection Act, as well as relevant international data protection regulations. 

The following data protection statement gives you an overview of the ways in which we use your personal data and the ways we protect it when you use our website.

1. Collection, processing and use of personal data

In some cases, you will be asked to provide your data directly to us, for example when setting up a customer account, filling out a form, as part of the ordering process or for service requests.

In these cases, we will use and process your data in the following ways depending on the circumstances:

• your contact information (e.g. name, address, email address, phone number, birth date);
• information required to fulfil an order (e.g. information about the products ordered, invoicing details, delivery and payment details, e.g. bank and credit card details or other payment details);
• information about orders and services (e.g. order and contact details/ordering history, details about defective products, previous correspondence);
• other information you have expressly made available to us (e.g. your personal profile, product references, wish lists, ratings etc.). Any personal details provided as a result of using our website are processed in the manner described in our data protection statement.

2. Cookies and Re-targeting Technology

We use technology to optimize and improve the online experience of our website. For this reason, your data is sometimes recorded by us or by one of our partners through the interaction between your computer and our website. Such information could include (but is not limited to):

• The IP address of your device (e.g. IP address of your computer, tablet etc.)
• Information about your use of the website (e.g. time and date of your visit, referral URLs or page views);
• Information about your device (e.g. type and version of your internet browser and version of your operating system). When this data is used, anonymized user profiles may be generated. Cookies may also be used for this purpose. Cookies are small text files which are saved locally by your internet browser when you visit our website. These cookies allow your internet browser to be recognized by our website when you visit our website again and data is required e.g. as part of the order process (for detailed information see below). Where this has not been expressly authorized by you as the user, data collected by the aforementioned technologies cannot be used to personally identify the visitor to the website and will not be combined with personal information about the anonymized users.

2.1 Cookies

On our website, we use data packages (small text files) called cookies. These cookies allow us to collect data about, for example, the navigation paths, number of visitors to our website or hits per page. We also record this information with the aim of making our websites even more user-friendly, effective and secure. Cookies are also used where necessary for the navigation and functionality of our website (e.g. cookies which save the current shopping basket status beyond the log-out process).

The vast majority of cookies are so-called session cookies, which are automatically deleted when the website is closed.

If you do not wish cookies used on our website to be stored on your computer, then you may need to change your browser settings to either block cookies in general or to accept or reject them on a case-by-case basis. Please note that blocking cookies may affect the functionality of the website.

2.2 RE-TARGETING TECHNOLOGY

Retargeting in online marketing is the process by which a visitor to a website is tagged and subsequently targeted with adverts on other websites. Cookies which last 90 days are also used for this purpose.
As with website tracking, data is also collected in pseudonymous form here. If you have questions about retargeting, please contact SANDFOX via the following partners:

• pilot Hamburg GmbH & Co. KG
  If you would like to opt out of retargeting, please click the following link:
  https://www.pilot.de/cookie-opt-out-datenschutz-privatsphaere/
• Q division GmbH
  You can file an objection to data processing at any time on the following link:
  https://www.q-division.de/datenschutz/widerspruch

For more information, please click here.

• Ströer Digital Media GmbH
  You can file an objection to data processing at any time on the following link:
  https://privacy.mbr-targeting.com

3. Data storage

We will only store data received and collected in the Member States of the European Union. We will take all reasonable technical and organizational precautions to protect your data from unauthorized use or unlawful publishing, deletion, loss or unlawful changes.

4. Social Plug-Ins

Our website uses so-called social plug-ins (“plug-ins”) from the following social network providers (“Providers”).

• Facebook
  The social network is run by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (Facebook). The plug-ins (the “like” button) are identified by the Facebook logo or the reference “Facebook Social Plug-in”. You can find the Facebook privacy policy here: 
  https://www.facebook.com/about/privacy/
• Twitter
  Twitter, Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (Twitter). These plug-ins are identified by the Twitter logo. You can find the Twitter privacy policy here: 
  https://twitter.com/privacy
• Google+
  Google Inc., 1600 Amphitheatre Parkway, Mountain View CA 94043, USA (Google). These plug-ins are identified by the Google+ logo or the “+1” / “g+” button. You can find the Google privacy policy here: 
  https://google.com/policies/privacy 
• Pinterest
  Pinterest, Inc., 808 Brannan St. San Francisco, CA 94103-4904, USA (Pinterest). These plug-ins (the “pin-it” button) are identified by the Pinterest logo. You can find the Pinterest privacy policy here: 
  https://policy.pinterest.com/de/privacy-policy
• YouTube
  We use plug-ins from YouTube, which is run by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. These plug-ins are identified by the YouTube logo. You can find the YouTube privacy policy here: 
  https://www.youtube.com/static?&template=privacy_guidelines
• Flickr
  We use the plug-ins from Flickr, which is run by Yahoo! Inc., 01 First Avenue, Sunnyvale, CA 94089, USA (Flickr). These plug-ins are identified by the Flickr logo. You can find the Flickr privacy policy here: 
  https://info.yahoo.com/privacy/de/yahoo/eu/

When you are using a website with a plug-in from one of the aforementioned providers, your internet browser is automatically linked with the server of the respective provider. The content of the plug-in is directly transferred by the provider to your internet browser, which integrates the data onto the website.

By integrating plug-ins, the provider sees which websites you have visited. When you are logged into the website of the provider, the provider can follow your visit to our website and associate it with your account. When you interact with the plug-in, e.g. by clicking the “like” button or adding comments, your internet browser sends the relevant information directly to the provider, who then stores it.

If you do not wish the provider to capture your data during your visit to our website, you should log out of the providers’ websites before your visit.

For all further information regarding collection and use of data as well as your option rights regarding the protection of your data, please consult the privacy policies of the respective providers (see above).

5. Tag management and web-analytics

5.1 Dynamic 1001

The Dynamic Tracking System is used for measuring the performance of the SANDFOX Online Shop’s different advertising channels. It is provided by our technical and statistical service provider Dynamic 1001 GmbH.

Data from your browser is collected for statistical analysis when you visit the website https://www.sandfox-gear.de. Such data will be forwarded to Dynamic 1001 GmbH as technical and statistical service provider.

The collection of data is carried out via a pixel that is embedded in the web shop page. Common information such as the operating system, browser used, the related advertisements, referrer and the IP address are anonymously saved through contact with the dynamic servers. IP addresses are only used for internal reference but will not be forwarded to other third parties.

When you place an order, only data such as order number, customer number, shopping basket and the order value are transferred to Dynamic 1001 GmbH so that they can pass on the correct commission to the advertising partner. Cookies are used for data collection. Cookies are small text files which are saved on your computer. Cookies include an identifying mark generated by the Dynamic Tracking System. Cookies cannot damage your computer and do not contain any viruses.

You can activate or deactivate cookies yourself in your browser settings.

If you wish to object to the storage of your anonymized visitor data, so that you will not be tracked in the future, you can raise your objection here.

5.2 Google analytics

On our website we use ‘Google Analytics’, an analysis tool provided by Google Inc. (“Google”) for the analysis of websites. Google Analytics uses Cookies to analyze your website use. Cookies are small text files which are saved on your computer. The information about your visit to our website which is collected via cookies (including your IP address, which is anonymized before saving using the anonymizeIp() method so that it can no longer be associated with a connection) is transferred to a Google server in the USA and saved there.

If IP anonymization has been activated for the website, only a shortened version of IP addresses from Member States of the European Union or the European Economic Area is transmitted to Google in the USA. Only in specific cases will the complete IP address be transferred to the Google server in the USA and shortened there.

On behalf of those responsible for this website, Google uses the information to analyze your use of our website, create reports about the use of the website for the website owners and to carry out other services connected to the use of the internet and this website. The IP address generated by your internet browser, which is an integral element of Google Analytics, is not mixed with other data held by Google.
You can prevent cookies being saved by changing the relevant settings in your internet browser. Please note, however, that the full use of our website may be limited in this case. You can also prevent data generated by the use of website cookies (including your IP address) being collected and processed by Google by downloading and installing the browser plug-in below. You can find the link here: https://tools.google.com/dlpage/gaoptout?hl=de 

As an alternative to the browser add-on or within browsers on mobile devices, click this link to prevent the collection of data by Google Analytics on this website in future (the opt-out only works in the browser and for this domain). This saves an opt-out cookie to your device. If you delete the cookies in your browser you will need to click this link again:
Google Analytics Opt-Out

5.3 Adobe Analytics

On our website, we also have the possibility of using “Adobe Analytics“ technology – a statistical web analysis service from Adobe Systems GmbH, Georg-Bauchle-Ring 58, 80992 Munich, Germany. This technology collects statistical data about visits to our website for optimizing our website and improving our services. The data collected is passed on exclusively to Adobe Systems GmbH. The Adobe technology also uses cookies, i.e. text files, which are saved to your computer to analyze your website use. As your IP address is anonymized before it is passed onto Adobe Systems GmbH, it is not possible to identify an individual user. The Adobe technology works with session cookies. Session cookies are deleted at the end of your internet browsing session. Besides blocking the cookies on your internet browser, you can prevent Adobe cookies collecting data about your use of our website (including your IP address) by installing an opt-out cookie. You can find the link here. If you delete the cookies in your browser you will need to click this link again: 
Adobe Analytics Opt-Out

Further information on data protection from Adobe Systems GmbH can be found at:
https://www.adobe.com/de/privacy/policy.html

If you have any questions regarding data collected by Adobe Analytics, then please contact us at [email protected].

5.4 Web-Shop System

Anonymized data of your visit to our web shop is recorded in order to optimize and personalize your user experience (such as e.g. product suggestions). You can click here if you do not wish this to be done. 

5.5 Google ReCaptcha

We integrate this function in order to recognize bots, e.g. when entering information into our online forms (“ReCaptcha”) provided by Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
You can find the Google privacy policy here: 
https://www.google.com/policies/privacy/ 
You can opt out using the following link: 
https://adssettings.google.com/authenticated 

6. Newsletter

We use the so-called Double-Opt-In process with regard to your electronic newsletter registration. This means, that following your registration, you will receive an e-mail in which we ask for your registration confirmation. If you do not respond to this e-mail within 72 hours, we will delete your data automatically.

In addition to your e-mail address and any further data provided by you in connection with the registration, we store your IP address as well as the time of your registration and, in case of electronic registration, your registration confirmation. We store such data for documentation purposes and to be in the position to clarify any potential misuse of your personal data. We process your data for the purposes of sending the newsletter to you (in accordance with Art. 6 I S.1 lit. A GDPR).

If you wish to object to continuing receipt of our newsletter the easiest way to do so is to click the de-registration link included in every newsletter. Of course, you can also send us an email to [email protected] or a letter to the contact address included in the imprint. 

Our newsletter includes so called web-beacons and tracking pixels respectively. These are small picture files, which are stored on our website. If you open the newsletter and download the pictures, we combine your registration data with the individual identification number of the newsletter. This combination allows us to evaluate your user behavior including the use of our website. Such tracking is not possible if you deactivate the picture download in your e-mail software (and refrain from manually downloading the pictures), which may result in the newsletter not being displayed in full or not being fully functional. 

The data obtained from the tracking will be stored for a period of one year following your de-registration and will be deleted automatically afterwards. You may request a deletion of your tracking data at any time by email to [email protected] or letter to the contact address included in the imprint. 

Last updated: 01.10.2018