Privacy policy
Server Log Files
You can visit our website without disclosing any personal information.
Each time you access our website, usage data is transmitted to us or our web hosting provider / IT service provider via your internet browser and stored in log data files (so-called server log files). This stored data includes, for example: the name of the page accessed, date and time of access, IP address, amount of data transferred, and the requesting provider.
The processing is carried out based on Art. 6 (1) lit. f GDPR due to our legitimate interest in ensuring the uninterrupted operation of our website and improving our services.
Your data may be transferred to third countries outside the EU, especially to Canada and the USA. For Canada, there is an adequacy decision by the EU Commission. For the USA, there is an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission’s standard contractual clauses.
Contact
Controller
You can contact us if you wish. The data controller is:
c/o IP-Management #35714, Ludwig-Erhard-Straße 18, 20459 Hamburg, Germany
Phone: +49 1521 9332777
Email: info@kratoein.com
VAT ID under § 27a UStG: DE452165256
Customer-Initiated Contact via Email
If you contact us by email on your own initiative, we collect your personal data (name, email address, message text) only to the extent provided by you. The processing serves to handle and respond to your inquiry.
If the contact is for pre-contractual purposes (e.g., product inquiries, quotation requests) or pertains to an existing contract, the processing is based on Art. 6 (1) lit. b GDPR.
For other types of inquiries, the processing is based on Art. 6 (1) lit. f GDPR due to our legitimate interest in responding to your request. You have the right to object to this processing at any time for reasons arising from your specific situation.
We only use your email address to process your request. Your data will then be deleted, subject to statutory retention obligations, unless you have consented to further processing.
Use of Endereco Address Validation
We use address validation from Endereco UG (haftungsbeschränkt), Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany.
The purpose is to check for typing and entry errors in real time and complete missing address data. If there are errors, alternative suggestions are shown.
The following data may be transmitted and processed: postal address (country, city, ZIP code, street, house number), email address, phone number.
The processing is based on Art. 6 (1) lit. f GDPR from our legitimate interest in data accuracy for fulfilling contractual obligations. You may object to this processing at any time.
The data is processed separately and not combined with other data. It is deleted within 30 days.
More info: https://www.endereco.de/datenschutzerklaerung/
Use of Google Maps API Address Validation
We use Google Maps API (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, Ireland).
It checks address form entries in real time and suggests corrections. Your entered data is transmitted, stored, and evaluated by Google.
This may include: address, email, phone number. Data may be transmitted to the USA under the TADPF. Google is certified under the TADPF.
Processing is based on Art. 6 (1) lit. f GDPR. You may object at any time. Data is processed separately and deleted within 30 days.
Privacy info: https://cloud.google.com/maps-platform/terms, https://www.google.de/policies/privacy/
Customer Account & Orders
Customer Account
When creating an account, we collect your personal data as specified. The data is processed to enhance your shopping experience and simplify order processing.
Processing is based on your consent under Art. 6 (1) lit. a GDPR. You may withdraw consent at any time. Your account will then be deleted.
Collection, Processing, and Disclosure of Personal Data During Orders
We only collect and process personal data necessary to fulfill and process your order or respond to your inquiries. Providing the data is required to conclude a contract.
Processing is based on Art. 6 (1) lit. b GDPR.
Data may be shared with shipping companies, dropshipping/fulfillment providers, payment processors, order processing services, and IT service providers — only as necessary and in compliance with legal requirements.
Your data may be transferred to third countries such as Canada and the USA. Shopify is not certified under TADPF; transfers rely on contract clauses comparable to EU standard contractual clauses.
Marketing
Use of Your Personal Data for Postal Advertising
We may use your personal data (name, address) obtained during a sale to send postal advertising, unless you object.
Providing this data is necessary for contract conclusion. Processing is based on Art. 6 (1) lit. f GDPR.
You can object at any time by contacting us using the information in our legal notice.
Use of Email Address for Newsletter
We use your email to send newsletters if you’ve explicitly consented. This is solely for marketing purposes.
Processing is based on your consent under Art. 6 (1) lit. a GDPR. You may withdraw consent at any time.
You can unsubscribe via the newsletter link or by contacting us. After unsubscribing, we may retain your email in a blacklist to prevent future emails, based on Art. 6 (1) lit. f GDPR. You can object at any time.
Use of Email Address for Direct Marketing
We use your email obtained during a sale to send direct advertising for similar products/services, unless you object. Providing your email is required to conclude the contract.
Processing is based on Art. 6 (1) lit. f GDPR.
You can object at any time using our contact details in the legal notice or via the opt-out link in marketing emails.
Shipping Service Providers
Disclosure of Email Address to Shipping Companies for Shipment Status Updates
We disclose your email address to the shipping company as part of contract fulfillment, provided you have given your explicit consent during the ordering process. The purpose of this disclosure is to inform you by email about the status of your shipment. The processing is carried out based on your consent pursuant to Art. 6 (1) lit. a GDPR. You may withdraw your consent at any time by notifying us or the shipping company without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
Payment Service Providers
Use of PayPal Check-Out
We use the PayPal Check-Out payment service from PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing is carried out to offer you payment via this service. When selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal, or "Pay Later" via PayPal, the necessary payment data will be transmitted to PayPal to fulfill the contract using your chosen payment method. This processing is based on Art. 6 (1) lit. b GDPR.
Cookies may be used to recognize your browser. This data processing is carried out on the basis of our legitimate interest in providing a customer-friendly offering of various payment options in accordance with Art. 6 (1) lit. f GDPR. You have the right to object to this processing at any time for reasons arising from your particular situation.
Credit Card via PayPal, Direct Debit via PayPal & “Pay Later” via PayPal
For certain payment options such as credit card via PayPal, direct debit via PayPal, or "Pay Later" via PayPal, PayPal reserves the right to conduct a credit check based on mathematical-statistical procedures using credit reference agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the received information about the statistical probability of default to make a balanced decision about the establishment, execution, or termination of the contractual relationship. The credit report may contain score values calculated using recognized scientific methods and may include address data. Your rights and interests will be considered in accordance with legal requirements. The purpose of the data processing is creditworthiness assessment for contract initiation. The processing is carried out on the basis of Art. 6 (1) lit. f GDPR from our legitimate interest in protecting against payment default when PayPal is in advance performance.
You may object to this processing at any time by notifying PayPal. Providing this data is necessary for concluding a contract using the payment method you have chosen. Failure to provide it means that the contract cannot be concluded using this payment method.
Third-Party Providers
When paying via a third-party provider’s payment method, the necessary data will be transmitted to PayPal. This processing is based on Art. 6 (1) lit. b GDPR. PayPal may then forward the data to the relevant provider to execute the payment. This processing is likewise based on Art. 6 (1) lit. b GDPR. Local third-party providers may include:
Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
Payment Processing via Card2Crypto
If you choose to pay via our external payment service provider Card2Crypto, the data required for payment processing (e.g., order amount, currency, email address, payment ID) will be transmitted in encrypted form to Card2Crypto.
This processing is carried out solely for the purpose of payment execution and fraud prevention.
Card2Crypto stores and processes your payment data in accordance with applicable data protection regulations. We do not receive any sensitive payment information such as credit card numbers or bank details, but only the confirmation whether the payment was successful.
For more information, please refer to the Card2Crypto Privacy Policy: https://card2crypto.org/privacy
Invoice Payment via PayPal
When paying by invoice via PayPal, the necessary payment data will first be transmitted to PayPal. PayPal then forwards the data to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") to fulfill the contract using the chosen payment method. This processing is based on Art. 6 (1) lit. b GDPR. Ratepay may conduct a credit check using mathematical-statistical procedures (probability or score values) and credit reference agencies as described above. This processing is based on Art. 6 (1) lit. f GDPR to prevent payment default when Ratepay is in advance performance.
Further information on data protection and the credit agencies used by Ratepay can be found at:
https://www.ratepay.com/legal-payment-dataprivacy/ and
https://www.ratepay.com/legal-payment-creditagencies/
For more details on data processing by PayPal, see PayPal’s privacy policy:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Cookies
Our website uses cookies. Cookies are small text files that are stored in the web browser or by the web browser on a user’s computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a unique character string that allows the browser to be identified the next time the website is visited.
Cookies are stored on your computer, so you have full control over their use. By configuring your internet browser settings accordingly, you can be informed before cookies are set, allow cookies only in individual cases, disable cookies in certain cases or in general, and activate automatic deletion of cookies when closing the browser.
Already stored cookies can be deleted at any time. Please note that disabling cookies may limit the functionality of this website.
For instructions on how to manage cookies in the most common browsers, visit:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-löschen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Technically Necessary Cookies
Unless otherwise stated in this privacy policy, we only use these technically necessary cookies to make our services more user-friendly, effective, and secure. Cookies also enable our systems to recognize your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.
The use of cookies or similar technologies is based on § 25 (2) TDDDG. The processing of your personal data is carried out on the basis of Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our services.
You have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation.
Use of the Shopify Consent Tool (Shopify Privacy & Compliance)
We use the "Shopify Privacy & Compliance" consent tool on our website, provided by Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify"). Shopify is affiliated with Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
This tool allows you to provide consent for data processing via the website—especially the setting of cookies—and to exercise your right to withdraw any given consent. The data processing serves the purpose of obtaining and documenting legally required consents and thus complying with statutory obligations. Cookies may be used in this process. User information, including your IP address, is collected and transmitted to Shopify.
Your data may be transmitted to third countries outside the EU, especially Canada and the USA, and processed there. An adequacy decision by the EU Commission exists for Canada. For the USA, the Trans-Atlantic Data Privacy Framework (TADPF) provides such an adequacy decision. Shopify is not certified under TADPF. Data transfers are therefore based on contractual obligations comparable to the EU Commission's standard contractual clauses.
The data processing is carried out in accordance with Art. 6 (1) lit. c GDPR to fulfill a legal obligation.
For more information on Shopify's data protection, please visit: https://www.shopify.com/legal/privacy
Analytics & Advertising Tracking
Use of Google Analytics 4
We use the web analytics service Google Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, compile reports on website activity, and provide other services relating to website and internet usage to the website operator.
The following information may be collected: IP address, date and time of page access, click path, information about your browser and device, visited pages, referrer URL (the website from which you accessed our site), location data, and purchasing activity. Your data may be linked by Google with other data such as your search history, your personal accounts, usage data from other devices, and other data that Google holds about you.
Your IP address is shortened beforehand on our own servers. Thus, Google receives only pseudonymized data.
Google uses technologies such as cookies, browser storage, and tracking pixels to analyze your use of the website. The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR.
The processing of your personal data is based on your consent under Art. 6 (1) lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of processing based on the consent before its withdrawal.
We also use the Google Signals service. Google Signals enables cross-device tracking. Your data can therefore be analyzed across devices if you have enabled "personalized ads" in your account settings and your devices are linked to your Google account. This makes it possible to identify which device you used to search for products and which device you used later to complete a purchase.
The cross-device reports generated in this context contain only aggregated data. We receive only statistics created based on Google Signals. To prevent the collection and storage of your data by Google Signals across devices, you can disable the "personalized ads" feature in your Google account settings.
More information: https://support.google.com/ads/answer/2662922?hl=de
Further information on data processing and privacy regarding Google Signals can be found at: https://support.google.com/analytics/answer/7532985?hl=de
We also use the Advanced Consent Mode implementation. This means that even if consent is not granted, user data is transmitted to Google in the form of “pings.” These pings may include the following information: IP address (used to derive the country, not logged), date and time of page access, URL of the visited pages, user agent, referrer URL, or information about triggered website events such as a conversion. Google uses this information to model user data and enable comprehensive usage analysis even without granted consent.
The information generated about your use of this website is typically transmitted to a Google server in the USA and stored there. An adequacy decision by the EU Commission exists for the USA through the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under TADPF and is therefore obligated to comply with European data protection principles. Both Google and U.S. government authorities may access your data.
Further information on usage terms and data privacy can be found at:
https://policies.google.com/technologies/partner-sites and
https://policies.google.com/privacy?hl=de&gl=de
Use of Shopify Analytics
We use the analytics and statistics features provided by Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website, under a data processing agreement. Shopify is affiliated with Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. Data is stored and used for marketing and optimization purposes and is provided in the form of reports, analyses, and statistics. The following device information is collected and processed: information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate through the website, information is also collected about the pages or products viewed, the referrer URL, and your interaction with the site. Technologies such as cookies, web beacons, tags, and pixels (electronic files that track navigation behavior on the website) are used for this purpose.
Your data may be transferred to third countries outside the EU, especially Canada and the USA, and processed there. An adequacy decision by the EU Commission exists for Canada. For the USA, the Trans-Atlantic Data Privacy Framework (TADPF) also provides an adequacy decision. Shopify is not certified under TADPF. These data transfers are based on contractual obligations comparable to the EU Commission's standard contractual clauses.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent under Art. 6 (1) lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing based on your consent before the revocation.
You can find more information about Shopify's privacy practices at: https://www.shopify.com/legal/privacy
Data processing agreement: https://www.shopify.com/legal/dpa
Cookie usage: https://www.shopify.com/legal/cookies
Use of Google Ads Conversion Tracking
We use the online advertising program "Google Ads" and its conversion tracking feature (visitor action evaluation) on our website. Google Conversion Tracking is an analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
When you click on an ad placed by Google, a cookie for conversion tracking is placed on your device. These cookies are valid for a limited time, do not contain any personal data, and are not used for personal identification. If you visit certain pages on our website while the cookie is still active, Google and we can recognize that you clicked on the ad and were redirected to that page. Each Google Ads customer receives a different cookie, which means cookies cannot be tracked across the websites of different Ads customers.
The information collected using the conversion cookie is used to create conversion statistics. We learn the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive information that personally identifies users.
We use the Advanced Consent Mode. This means that even without explicit consent, user data is sent to Google in the form of “pings.” These pings may include: IP address (used solely to derive the country, not stored), date and time of page access, URLs of visited pages, user agent, referrer URL (website from which you accessed ours), and data about triggered events (e.g., conversions). Google uses this to model user behavior and generate insights despite the absence of consent.
Your data may be transmitted to Google LLC servers in the United States. An EU Commission adequacy decision exists for the USA via the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under the TADPF and thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is also based on your consent under Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing done before the withdrawal.
More information and Google's privacy policy can be found at:
https://www.google.de/policies/privacy/
Use of the Pinterest Tag
We use the Pinterest Tag from Pinterest Europe Limited (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland; "Pinterest") on our website.
This tool enables us to target visitors to our website with interest-based ads on Pinterest. The Pinterest Conversion Tag is implemented on the website. When you visit our website, a direct connection to Pinterest servers is established. This informs Pinterest which of our pages you have visited. If you are logged in to Pinterest, Pinterest assigns this information to your personal account. When you use Pinterest, you may be shown personalized, interest-based ads.
If you access our website through a Pinterest Pin, a cookie for conversion tracking is placed on your device. These cookies are valid for a limited time, do not contain personal data, and are not used for personal identification. If you visit certain pages while the cookie is still valid, Pinterest and we can recognize that you clicked on a Pin and were redirected to our page.
The information collected via the conversion cookie is used to generate conversion statistics and optimize our website. The following data may be processed: number of users who clicked on a Pin and were redirected to our website, visited subpages (e.g., categories or product pages), on-site search terms, cart contents, and completed transactions.
Your data may be transmitted to the USA. An EU Commission adequacy decision exists for the USA through the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under TADPF. The data transfer is based on Standard Contractual Clauses (SCCs) to ensure adequate protection of personal data. You can view these clauses here:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
The use of cookies or similar technologies is based on your consent pursuant to § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is also based on your consent under Art. 6 (1) lit. a GDPR. You may withdraw your consent at any time without affecting the lawfulness of prior processing.
More information on data collection and use by Pinterest, your rights, and privacy options can be found at:
https://policy.pinterest.com/de/privacy-policy
Use of TikTok Pixel
We use the TikTok Pixel provided by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”) on our website. Both companies are joint controllers for data processing (hereinafter "TikTok").
This processing aims to identify and analyze website visits, better target customers with specific advertisements, and measure the effectiveness of TikTok ad campaigns. TikTok uses technologies such as cookies and pixels, which allow your browser to be recognized. The following information may be collected and sent to TikTok: date and time of visit, browser and device type, screen resolution, and IP address. TikTok may associate this information with your personal TikTok account. Pseudonymized user profiles may be created based on the collected data, but they do not allow personal identification.
Your data may be transferred to third countries, such as the USA. An EU adequacy decision is in place for the USA through the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified under TADPF. Data transfers to the USA and other countries without adequacy decisions are based on Standard Contractual Clauses (SCCs).
You can view the SCCs here:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
The use of cookies or similar technologies is based on your consent pursuant to § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent under Art. 6 (1) lit. a GDPR. You may revoke your consent at any time without affecting the lawfulness of prior processing.
More information on data protection is available at:
https://www.tiktok.com/legal/page/eea/privacy-policy/de
and
https://ads.tiktok.com/i18n/official/policy/controller-to-controller
Plug-ins and Miscellaneous
Use of Google Tag Manager
We use Google Tag Manager on our website, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
This tool is used to manage JavaScript and HTML tags for the implementation of tracking and analytics tools, among others. The data processing serves the purpose of demand-oriented design and optimization of our website.
Google Tag Manager itself does not store cookies or process personal data. However, it may trigger other tags that collect and process personal data.
Further information on usage and data protection can be found here.
Use of Google reCAPTCHA
We use the reCAPTCHA service on our website provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
The query serves the purpose of distinguishing between input by a human and input by automated, machine processing. Your input will be transmitted to Google and used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service will be transmitted to Google. These data are processed within the European Union and may also be transferred to servers of Google LLC in the USA. An adequacy decision by the EU Commission exists for the USA under the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is also based on your consent pursuant to Art. 6 (1) lit. a GDPR. You may withdraw your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its withdrawal.
For more information on Google reCAPTCHA and the corresponding privacy policy, please visit:
https://www.google.com/recaptcha/intro/android.html
https://www.google.com/privacy
Use of Google Invisible reCAPTCHA
We also use the Invisible reCAPTCHA service on our website, also provided by Google Ireland Limited.
It is used to distinguish between human and automated machine input. In the background, Google collects and analyzes usage data, which Invisible reCAPTCHA uses to differentiate between real users and bots. Your input, IP address, and other required data may be transmitted to and used by Google.
The data are processed in the EU and may also be transferred to Google LLC servers in the USA. An adequacy decision under the TADPF exists. Google is certified accordingly.
The use of cookies or similar technologies is based on your consent under § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. Processing of personal data also occurs with your consent under Art. 6 (1) lit. a GDPR. Consent may be withdrawn at any time.
More information on reCAPTCHA and privacy at:
https://www.google.com/recaptcha/intro/android.html
https://www.google.com/privacy
Use of Cloudflare
We use the Content Delivery Network (CDN) service Cloudflare, provided by Cloudflare Inc. (101 Townsend St, San Francisco, CA 94107, USA). This is a network of globally distributed servers that connects to our web server and delivers parts of our website content.
The data processing serves the purpose of optimizing load times and improving the user-friendliness of our website.
The data collected may include IP address, system configuration details, and traffic information to and from customer websites (server log files).
Your data may be transferred to the USA. An adequacy decision under the TADPF exists. Cloudflare is certified under the TADPF and thus adheres to European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR, due to our legitimate interest in the customized and purposeful design of our website. You have the right to object to the processing of your personal data at any time for reasons relating to your particular situation.
For more information on Cloudflare's data protection, visit:
https://www.cloudflare.com/de-de/privacypolicy/
Use of All In One WP Security & Firewall
We use the "All In One WP Security & Firewall" security plugin by Tips and Tricks HQ on our website.
This plugin is used to enhance the security and protection of our website and to detect potential vulnerabilities. Cookies may be used, which can collect user data such as your IP address. These data are stored solely on our servers and are not passed on to third parties.
The use of cookies or similar technologies is based on your consent under § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data also occurs with your consent under Art. 6 (1) lit. a GDPR. You may withdraw your consent at any time without affecting the legality of prior processing.
For more information on data processing when using this plugin, please visit:
https://de.wordpress.org/plugins/all-in-one-wp-security-and-firewall/
and
https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
Use of Wordfence
We use the security plugin Wordfence by Defiant Inc. (800 5th Ave Ste 4100, Seattle, WA 98104, USA; "Wordfence") on our website as part of a data processing agreement. The data processing is used in particular to protect against viruses and malware, and to detect and defend against brute force and DDoS attacks. For this purpose, Wordfence uses cookies to classify website visitors as harmless or suspicious. Among other things, the IP address of the website visitor is stored on Wordfence’s servers. IP addresses deemed harmless are placed on a whitelist, while suspicious IP addresses are placed on a blacklist. Our website establishes a permanent connection to Wordfence servers so Wordfence can compare accesses on our website with their databases and block them if necessary.
Your data is transferred to the USA. For the USA, the European Commission has issued an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Wordfence is not certified under the TADPF. The data transfer is based on Standard Contractual Clauses as appropriate safeguards for the protection of personal data, available at: https://www.wordfence.com/standard-contractual-clauses/.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out on the basis of your consent according to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out based on your consent before its withdrawal.
For more information about Wordfence’s data collection and use, your rights, and how to protect your privacy, see:
https://www.wordfence.com/help/general-data-protection-regulation/#standard-contractual-clauses
Use of Google Maps
We use the Google Maps embedding function provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
This function enables the visual display of geographic information and interactive maps. When users access the pages in which Google Maps is embedded, data about the site visitors is also collected, processed, and used by Google.
Your data may also be transferred to the USA. The European Commission has issued an adequacy decision for the USA under the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under this framework and committed to upholding European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing prior to your withdrawal.
Further information on Google’s data collection and use can be found in Google’s privacy policy at: https://www.google.com/privacypolicy.html. In the Privacy Center, you can also change your settings to manage and protect your data processed by Google.
Use of Google Fonts
We use Google Fonts provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing is for the purpose of displaying fonts uniformly on our website. To load the fonts, a connection to Google’s servers is established when the page is loaded. Cookies may be used in the process. Your IP address and browser information may be transmitted to Google. These data are not linked to your Google account.
Your data may be transferred to the USA. The European Commission has issued an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under this framework and committed to upholding European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent according to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing prior to the withdrawal.
More information on data processing and data protection can be found at:
Use of Adobe Fonts
We use Adobe Fonts from Adobe Systems Software Ireland Limited (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland; "Adobe") on our website.
The data processing serves the purpose of ensuring a uniform display of fonts on our website. When loading the fonts, a connection is established to Adobe’s servers. Cookies may be used in this process. Your IP address and information about the browser and operating system you are using will be processed and transmitted to Adobe.
Your data may be transferred to third countries such as the USA and India. There is no adequacy decision for India. For the USA, the European Commission has issued an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). Adobe is certified under this framework and committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent under Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out before the withdrawal.
Further information on data processing and privacy by Adobe can be found at:
Use of FontAwesome
We use Font Awesome on our website, provided by Fonticons Inc. (307 S Main St., Suite 202, Bentonville, AR, 72712-9214 USA; "Font Awesome").
The data processing serves the purpose of providing a uniform display of fonts and icons on our website. To load the fonts, a connection is established to Font Awesome’s servers when the page is accessed.
Cookies may be used in the process. Among other things, your IP address and browser information are processed and transmitted to Font Awesome. Your data may be transferred to third countries, such as the USA. For the USA, the European Commission has issued an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). Font Awesome is not certified under the TADPF.
The use of cookies or similar technologies is based on your consent pursuant to § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out on the basis of your consent under Art. 6 para. 1 lit. a GDPR. You may withdraw your consent at any time without affecting the legality of the processing carried out before the withdrawal.
Further information on data processing and privacy can be found at:
Use of Algolia
We use the search function from Algolia, operated by Algolia SAS (55 Rue d’Amsterdam, 75008 Paris, France; "Algolia") on our website.
The data processing is used to improve the discoverability of content on our website and enhance user experience. Algolia uses technologies such as cookies. The following information may be collected: IP address, date and time of page visit, information about your browser and operating system. Data is stored on Algolia's servers for a period of 90 days.
Your data may be transferred to third countries such as the USA. For the USA, the European Commission has issued an adequacy decision under the TADPF. Algolia is not certified under the TADPF. Data transfers are based, among other things, on Standard Contractual Clauses as appropriate safeguards for the protection of personal data, available at:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
The use of cookies or similar technologies is based on your consent under § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent under Art. 6 para. 1 lit. a GDPR. You may withdraw your consent at any time.
Further information on data protection and cookie usage by Algolia is available at:
https://www.algolia.com/policies/privacy/
Use of Google Translate
We use the Google Translate service via API integration provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland).
The data processing is used to provide the content on our website in other languages. To display translations in your selected language, your browser establishes a connection to Google's servers. Cookies may be used in the process. Among other things, the following data may be collected: IP address, URL of the visited page, date and time.
Your data may be transferred to the USA. For the USA, the European Commission has issued an adequacy decision under the TADPF. Google is certified under the TADPF and committed to upholding European data protection standards.
The use of cookies or similar technologies is based on your consent in accordance with § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time.
More information on Google’s data usage is available at: https://www.google.com/policies/privacy/
Use of Pushly
We use the Pushly plugin on our website, provided by WebLab GmbH (Großbeerenstraße 169–171, 12277 Berlin, Germany; "Pushly").
The data processing serves the purpose of transforming our online shop into an Android or iOS app. The following data, which we obtain primarily during your order process, is transmitted to Pushly and temporarily stored on Pushly servers within the EU: name, email address, customer ID, order number, payment method, billing and shipping address. No data is shared with third parties.
The processing is based on Art. 6 para. 1 lit. f GDPR and our legitimate interest in providing a customer-friendly and convenient user experience. You have the right to object to such processing at any time on grounds relating to your particular situation.
Further information on data protection at Pushly can be found at:
https://www.pushly.de/datenschutz
Data Subject Rights and Storage Duration
Storage Duration
After the complete fulfillment of the contract, the data will be stored for the duration of the warranty period, and thereafter based on statutory retention periods, especially those under tax and commercial law. After the expiration of these periods, the data will be deleted unless you have consented to further processing and use.
Rights of the Data Subject
If the legal requirements are met, you have the following rights under Articles 15 to 20 GDPR:
-Right of access
-Right to rectification
-Right to erasure
-Right to restriction of processing
-Right to data portability
Under Article 21 (1) GDPR, you also have the right to object at any time to processing based on Art. 6 (1) f GDPR, as well as to processing for direct marketing purposes.
Right to Lodge a Complaint with the Supervisory Authority
Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that your personal data is being processed unlawfully.
You can contact our responsible supervisory authority at:
State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Phone: +49 211 384240
Fax: +49 211 38424999
Email: poststelle@ldi.nrw.de
Right to Object
If the processing of personal data presented here is based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR, you have the right to object to this processing at any time for reasons arising from your particular situation.
After your objection, the processing of the data concerned will be stopped unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.
If personal data is processed for the purpose of direct marketing, you may object to this processing at any time. Upon objection, we will stop processing the relevant data for direct marketing purposes.
Last updated: 06.06.2025